From a66b5eec7047b6a0cc9420b2d987c64981f9912c Mon Sep 17 00:00:00 2001 From: Philipp Hoffmann Date: Thu, 16 Apr 2020 15:53:00 +0200 Subject: [PATCH 001/129] Added explicit encoding for key_data string. --- plugins/modules/ec2_win_password.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index 7ed14ed7204..83adb4fcbbc 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -181,7 +181,7 @@ def main(): module.fail_json(msg="unable to parse key file") elif key_data is not None and key_file is None: try: - key = load_pem_private_key(key_data, b_key_passphrase, default_backend()) + key = load_pem_private_key(key_data.encode('ascii'), b_key_passphrase, default_backend()) except (ValueError, TypeError) as e: module.fail_json(msg="unable to parse key data") From e1a18d4bbe1e63c09cbe7bfab4e23a37168628fa Mon Sep 17 00:00:00 2001 From: flowerysong Date: Tue, 5 May 2020 16:35:04 -0400 Subject: [PATCH 002/129] Remove tests/sanity/requirements.txt (#62) This file is not used by ansible-test. --- tests/sanity/requirements.txt | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 tests/sanity/requirements.txt diff --git a/tests/sanity/requirements.txt b/tests/sanity/requirements.txt deleted file mode 100644 index 3e3a96692bb..00000000000 --- a/tests/sanity/requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -packaging # needed for update-bundled and changelog -sphinx ; python_version >= '3.5' # docs build requires python 3+ -sphinx-notfound-page ; python_version >= '3.5' # docs build requires python 3+ -straight.plugin ; python_version >= '3.5' # needed for hacking/build-ansible.py which will host changelog generation and requires python 3+ From 3057c3cb292eb4eebfdd41d1b1793a6398aa80eb Mon Sep 17 00:00:00 2001 From: John Prause Date: Tue, 5 May 2020 17:22:51 -0400 Subject: [PATCH 003/129] Adding labels to the tags section (#60) * Adding labels to the tags section * Removed networking tag --- galaxy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/galaxy.yml b/galaxy.yml index 492af38a86d..b63fde71a91 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -6,7 +6,7 @@ authors: null description: null license: GPL-3.0-or-later license_file: COPYING -tags: null +tags: [community, aws, cloud, amazon] dependencies: amazon.aws: '>=0.1.0' repository: https://github.com/ansible-collections/community.aws.git From af3a27b05ea2c0241bba1d52c5e74c2726a6f93e Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 5 May 2020 17:24:55 -0700 Subject: [PATCH 004/129] s3_bucket_notification tests: Be less restrictive in assertion (#66) * s3_bucket_notification tests: Be less restrictive in assertion Assertion is failing on missing args assertion due to https://github.com/ansible/ansible/pull/67771 Be less restrictive in what we assert to prevent these types of failures. --- .../integration/targets/s3_bucket_notification/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/integration/targets/s3_bucket_notification/tasks/main.yml b/tests/integration/targets/s3_bucket_notification/tasks/main.yml index 7cc46153570..ced66e31d41 100644 --- a/tests/integration/targets/s3_bucket_notification/tasks/main.yml +++ b/tests/integration/targets/s3_bucket_notification/tasks/main.yml @@ -376,7 +376,7 @@ assert: that: - result.failed - - 'result.msg.startswith("missing required arguments: event_name, bucket_name")' + - '"missing required arguments" in result.msg' - name: test abesnt s3_bucket_notification: state=absent register: result @@ -385,4 +385,4 @@ assert: that: - result.failed - - 'result.msg.startswith("missing required arguments: event_name, bucket_name")' + - '"missing required arguments" in result.msg' From d542bbb88bc2e5e71279c2051dab76265c88b46a Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Wed, 6 May 2020 19:53:38 +0200 Subject: [PATCH 005/129] Fix CI details (#56) * Fix collection repo name. * Prepare coverage handling. ci_coverage * Enable coverage reporting. ci_coverage ci_complete * Make more similar to community.general's shippable.sh. ci_coverage ci_complete --- tests/utils/shippable/check_matrix.py | 2 +- tests/utils/shippable/shippable.sh | 61 ++++++++++++++++++++------- 2 files changed, 46 insertions(+), 17 deletions(-) diff --git a/tests/utils/shippable/check_matrix.py b/tests/utils/shippable/check_matrix.py index 1e555198499..2a9aa67410a 100755 --- a/tests/utils/shippable/check_matrix.py +++ b/tests/utils/shippable/check_matrix.py @@ -26,7 +26,7 @@ def main(): # type: () -> None """Main entry point.""" repo_full_name = os.environ['REPO_FULL_NAME'] - required_repo_full_name = 'ansible-collections/amazon-core' + required_repo_full_name = 'ansible-collections/community.aws' if repo_full_name != required_repo_full_name: sys.stderr.write('Skipping matrix check on repo "%s" which is not "%s".\n' % (repo_full_name, required_repo_full_name)) diff --git a/tests/utils/shippable/shippable.sh b/tests/utils/shippable/shippable.sh index 09bb7d639a1..130f386aeee 100755 --- a/tests/utils/shippable/shippable.sh +++ b/tests/utils/shippable/shippable.sh @@ -34,20 +34,20 @@ export PATH="${PWD}/bin:${PATH}" export PYTHONIOENCODING='utf-8' if [ "${JOB_TRIGGERED_BY_NAME:-}" == "nightly-trigger" ]; then -# COVERAGE=yes + COVERAGE=yes COMPLETE=yes fi -#if [ -n "${COVERAGE:-}" ]; then -# # on-demand coverage reporting triggered by setting the COVERAGE environment variable to a non-empty value -# export COVERAGE="--coverage" -#elif [[ "${COMMIT_MESSAGE}" =~ ci_coverage ]]; then -# # on-demand coverage reporting triggered by having 'ci_coverage' in the latest commit message -# export COVERAGE="--coverage" -#else -# # on-demand coverage reporting disabled (default behavior, always-on coverage reporting remains enabled) -# export COVERAGE="--coverage-check" -#fi +if [ -n "${COVERAGE:-}" ]; then + # on-demand coverage reporting triggered by setting the COVERAGE environment variable to a non-empty value + export COVERAGE="--coverage" +elif [[ "${COMMIT_MESSAGE}" =~ ci_coverage ]]; then + # on-demand coverage reporting triggered by having 'ci_coverage' in the latest commit message + export COVERAGE="--coverage" +else + # on-demand coverage reporting disabled (default behavior, always-on coverage reporting remains enabled) + export COVERAGE="--coverage-check" +fi if [ -n "${COMPLETE:-}" ]; then # disable change detection triggered by setting the COMPLETE environment variable to a non-empty value @@ -93,6 +93,7 @@ ansible-galaxy collection install community.crypto cd "${cwd}" export ANSIBLE_COLLECTIONS_PATHS="${HOME}/.ansible/" +SHIPPABLE_RESULT_DIR="$(pwd)/shippable" TEST_DIR="${HOME}/.ansible/collections/ansible_collections/community/aws/" mkdir -p "${TEST_DIR}" cp -aT "${SHIPPABLE_BUILD_DIR}" "${TEST_DIR}" @@ -110,21 +111,49 @@ function cleanup fi # shellcheck disable=SC2086 - ansible-test coverage xml --color -v --requirements --group-by command --group-by version ${stub:+"$stub"} - cp -a tests/output/reports/coverage=*.xml shippable/codecoverage/ + ansible-test coverage xml --color --requirements --group-by command --group-by version ${stub:+"$stub"} + cp -a tests/output/reports/coverage=*.xml "$SHIPPABLE_RESULT_DIR/codecoverage/" + + # analyze and capture code coverage aggregated by integration test target + ansible-test coverage analyze targets generate -v "$SHIPPABLE_RESULT_DIR/testresults/coverage-analyze-targets.json" + + # upload coverage report to codecov.io only when using complete on-demand coverage + if [ "${COVERAGE}" == "--coverage" ] && [ "${CHANGED}" == "" ]; then + for file in tests/output/reports/coverage=*.xml; do + flags="${file##*/coverage=}" + flags="${flags%-powershell.xml}" + flags="${flags%.xml}" + # remove numbered component from stub files when converting to tags + flags="${flags//stub-[0-9]*/stub}" + flags="${flags//=/,}" + flags="${flags//[^a-zA-Z0-9_,]/_}" + + bash <(curl -s https://codecov.io/bash) \ + -f "${file}" \ + -F "${flags}" \ + -n "${test}" \ + -t 8a86e979-f37b-4d5d-95a4-960c280d5eaa \ + -X coveragepy \ + -X gcov \ + -X fix \ + -X search \ + -X xcode \ + || echo "Failed to upload code coverage report to codecov.io: ${file}" + done + fi fi fi if [ -d tests/output/junit/ ]; then - cp -aT tests/output/junit/ shippable/testresults/ + cp -aT tests/output/junit/ "$SHIPPABLE_RESULT_DIR/testresults/" fi if [ -d tests/output/data/ ]; then - cp -a tests/output/data/ shippable/testresults/ + cp -a tests/output/data/ "$SHIPPABLE_RESULT_DIR/testresults/" fi if [ -d tests/output/bot/ ]; then - cp -aT tests/output/bot/ shippable/testresults/ + cp -aT tests/output/bot/ "$SHIPPABLE_RESULT_DIR/testresults/" fi } From 5e8e7bad85d666c1cabe83ea491db1db7227aadf Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Tue, 19 May 2020 03:00:53 +0200 Subject: [PATCH 006/129] elb_target_group only set stickiness options when we're using stickiness (#74) When using UDP AWS will throw an error at you even if stickiness is disabled: botocore.errorfactory.InvalidConfigurationRequestException: An error occurred (InvalidConfigurationRequest) when calling the ModifyTargetGroupAttributes operation: Stickiness type 'lb_cookie' is not supported for target groups with the UDP protocol --- plugins/modules/elb_target_group.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index 34cbd3828c5..82240052be2 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -107,8 +107,8 @@ type: int stickiness_type: description: - - The type of sticky sessions. The possible value is lb_cookie. - default: lb_cookie + - The type of sticky sessions. + - If not set AWS will default to C(lb_cookie) for Application Load Balancers or C(source_ip) for Network Load Balancers. type: str successful_response_codes: description: @@ -547,7 +547,7 @@ def create_or_update_target_group(connection, module): # Only need to check response code and path for http(s) health checks if tg['HealthCheckProtocol'] in ['HTTP', 'HTTPS']: # Health check path - if 'HealthCheckPath'in params and tg['HealthCheckPath'] != params['HealthCheckPath']: + if 'HealthCheckPath' in params and tg['HealthCheckPath'] != params['HealthCheckPath']: health_check_params['HealthCheckPath'] = params['HealthCheckPath'] # Matcher (successful response codes) @@ -744,8 +744,8 @@ def create_or_update_target_group(connection, module): if stickiness_lb_cookie_duration is not None: if str(stickiness_lb_cookie_duration) != current_tg_attributes['stickiness_lb_cookie_duration_seconds']: update_attributes.append({'Key': 'stickiness.lb_cookie.duration_seconds', 'Value': str(stickiness_lb_cookie_duration)}) - if stickiness_type is not None and "stickiness_type" in current_tg_attributes: - if stickiness_type != current_tg_attributes['stickiness_type']: + if stickiness_type is not None: + if stickiness_type != current_tg_attributes.get('stickiness_type'): update_attributes.append({'Key': 'stickiness.type', 'Value': stickiness_type}) if update_attributes: @@ -825,7 +825,7 @@ def main(): protocol=dict(choices=protocols_list), purge_tags=dict(default=True, type='bool'), stickiness_enabled=dict(type='bool'), - stickiness_type=dict(default='lb_cookie'), + stickiness_type=dict(), stickiness_lb_cookie_duration=dict(type='int'), state=dict(required=True, choices=['present', 'absent']), successful_response_codes=dict(), From 05672a64e2362cc2d865b5af6a57da6bc3cd08e3 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 19 May 2020 16:06:12 -0700 Subject: [PATCH 007/129] Remove METADATA and cleanup galaxy.yml (#70) * Remove ANSIBLE_METADATA entirely, see ansible/ansible/pull/69454. Remove `license` field from galaxy.yml, in favor of `license_file`. --- galaxy.yml | 1 - plugins/modules/aws_acm.py | 3 --- plugins/modules/aws_acm_info.py | 3 --- plugins/modules/aws_api_gateway.py | 4 ---- plugins/modules/aws_application_scaling_policy.py | 4 ---- plugins/modules/aws_batch_compute_environment.py | 3 --- plugins/modules/aws_batch_job_definition.py | 3 --- plugins/modules/aws_batch_job_queue.py | 3 --- plugins/modules/aws_codebuild.py | 4 ---- plugins/modules/aws_codecommit.py | 3 --- plugins/modules/aws_codepipeline.py | 4 ---- plugins/modules/aws_config_aggregation_authorization.py | 5 ----- plugins/modules/aws_config_aggregator.py | 5 ----- plugins/modules/aws_config_delivery_channel.py | 5 ----- plugins/modules/aws_config_recorder.py | 5 ----- plugins/modules/aws_config_rule.py | 5 ----- plugins/modules/aws_direct_connect_connection.py | 4 ---- plugins/modules/aws_direct_connect_gateway.py | 5 ----- .../modules/aws_direct_connect_link_aggregation_group.py | 4 ---- plugins/modules/aws_direct_connect_virtual_interface.py | 4 ---- plugins/modules/aws_eks_cluster.py | 5 ----- plugins/modules/aws_elasticbeanstalk_app.py | 4 ---- plugins/modules/aws_glue_connection.py | 3 --- plugins/modules/aws_glue_job.py | 3 --- plugins/modules/aws_inspector_target.py | 3 --- plugins/modules/aws_kms.py | 4 ---- plugins/modules/aws_kms_info.py | 4 ---- plugins/modules/aws_region_info.py | 5 ----- plugins/modules/aws_s3_bucket_info.py | 4 ---- plugins/modules/aws_s3_cors.py | 3 --- plugins/modules/aws_secret.py | 4 ---- plugins/modules/aws_ses_identity.py | 5 ----- plugins/modules/aws_ses_identity_policy.py | 5 ----- plugins/modules/aws_ses_rule_set.py | 4 ---- plugins/modules/aws_sgw_info.py | 3 --- plugins/modules/aws_ssm_parameter_store.py | 3 --- plugins/modules/aws_step_functions_state_machine.py | 5 ----- .../modules/aws_step_functions_state_machine_execution.py | 5 ----- plugins/modules/aws_waf_condition.py | 3 --- plugins/modules/aws_waf_info.py | 3 --- plugins/modules/aws_waf_rule.py | 3 --- plugins/modules/aws_waf_web_acl.py | 3 --- plugins/modules/cloudformation_exports_info.py | 3 --- plugins/modules/cloudformation_stack_set.py | 4 ---- plugins/modules/cloudfront_distribution.py | 4 ---- plugins/modules/cloudfront_info.py | 5 ----- plugins/modules/cloudfront_invalidation.py | 3 --- plugins/modules/cloudfront_origin_access_identity.py | 3 --- plugins/modules/cloudtrail.py | 5 ----- plugins/modules/cloudwatchevent_rule.py | 5 ----- plugins/modules/cloudwatchlogs_log_group.py | 4 ---- plugins/modules/cloudwatchlogs_log_group_info.py | 3 --- plugins/modules/cloudwatchlogs_log_group_metric_filter.py | 3 --- plugins/modules/data_pipeline.py | 4 ---- plugins/modules/dms_endpoint.py | 5 ----- plugins/modules/dms_replication_subnet_group.py | 5 ----- plugins/modules/dynamodb_table.py | 5 ----- plugins/modules/dynamodb_ttl.py | 4 ---- plugins/modules/ec2_ami_copy.py | 4 ---- plugins/modules/ec2_asg.py | 4 ---- plugins/modules/ec2_asg_info.py | 5 ----- plugins/modules/ec2_asg_lifecycle_hook.py | 3 --- plugins/modules/ec2_customer_gateway.py | 4 ---- plugins/modules/ec2_customer_gateway_info.py | 3 --- plugins/modules/ec2_eip.py | 5 ----- plugins/modules/ec2_eip_info.py | 4 ---- plugins/modules/ec2_elb.py | 5 ----- plugins/modules/ec2_elb_info.py | 4 ---- plugins/modules/ec2_instance.py | 4 ---- plugins/modules/ec2_instance_info.py | 4 ---- plugins/modules/ec2_launch_template.py | 5 ----- plugins/modules/ec2_lc.py | 4 ---- plugins/modules/ec2_lc_find.py | 5 ----- plugins/modules/ec2_lc_info.py | 5 ----- plugins/modules/ec2_metric_alarm.py | 5 ----- plugins/modules/ec2_placement_group.py | 4 ---- plugins/modules/ec2_placement_group_info.py | 4 ---- plugins/modules/ec2_scaling_policy.py | 5 ----- plugins/modules/ec2_snapshot_copy.py | 6 ------ plugins/modules/ec2_transit_gateway.py | 5 ----- plugins/modules/ec2_transit_gateway_info.py | 5 ----- plugins/modules/ec2_vpc_egress_igw.py | 4 ---- plugins/modules/ec2_vpc_endpoint.py | 5 ----- plugins/modules/ec2_vpc_endpoint_info.py | 4 ---- plugins/modules/ec2_vpc_igw.py | 5 ----- plugins/modules/ec2_vpc_igw_info.py | 5 ----- plugins/modules/ec2_vpc_nacl.py | 5 ----- plugins/modules/ec2_vpc_nacl_info.py | 5 ----- plugins/modules/ec2_vpc_nat_gateway.py | 5 ----- plugins/modules/ec2_vpc_nat_gateway_info.py | 5 ----- plugins/modules/ec2_vpc_peer.py | 5 ----- plugins/modules/ec2_vpc_peering_info.py | 4 ---- plugins/modules/ec2_vpc_route_table.py | 4 ---- plugins/modules/ec2_vpc_route_table_info.py | 5 ----- plugins/modules/ec2_vpc_vgw.py | 5 ----- plugins/modules/ec2_vpc_vgw_info.py | 5 ----- plugins/modules/ec2_vpc_vpn.py | 4 ---- plugins/modules/ec2_vpc_vpn_info.py | 5 ----- plugins/modules/ec2_win_password.py | 5 ----- plugins/modules/ecs_attribute.py | 4 ---- plugins/modules/ecs_cluster.py | 5 ----- plugins/modules/ecs_ecr.py | 3 --- plugins/modules/ecs_service.py | 5 ----- plugins/modules/ecs_service_info.py | 4 ---- plugins/modules/ecs_tag.py | 3 --- plugins/modules/ecs_task.py | 5 ----- plugins/modules/ecs_taskdefinition.py | 5 ----- plugins/modules/ecs_taskdefinition_info.py | 4 ---- plugins/modules/efs.py | 5 ----- plugins/modules/efs_info.py | 5 ----- plugins/modules/elasticache.py | 5 ----- plugins/modules/elasticache_info.py | 4 ---- plugins/modules/elasticache_parameter_group.py | 5 ----- plugins/modules/elasticache_snapshot.py | 5 ----- plugins/modules/elasticache_subnet_group.py | 5 ----- plugins/modules/elb_application_lb.py | 3 --- plugins/modules/elb_application_lb_info.py | 4 ---- plugins/modules/elb_classic_lb.py | 5 ----- plugins/modules/elb_classic_lb_info.py | 4 ---- plugins/modules/elb_instance.py | 5 ----- plugins/modules/elb_network_lb.py | 3 --- plugins/modules/elb_target.py | 3 --- plugins/modules/elb_target_group.py | 4 ---- plugins/modules/elb_target_group_info.py | 4 ---- plugins/modules/elb_target_info.py | 4 ---- plugins/modules/execute_lambda.py | 4 ---- plugins/modules/iam.py | 5 ----- plugins/modules/iam_cert.py | 4 ---- plugins/modules/iam_group.py | 3 --- plugins/modules/iam_managed_policy.py | 4 ---- plugins/modules/iam_mfa_device_info.py | 5 ----- plugins/modules/iam_password_policy.py | 5 ----- plugins/modules/iam_policy.py | 3 --- plugins/modules/iam_policy_info.py | 4 ---- plugins/modules/iam_role.py | 4 ---- plugins/modules/iam_role_info.py | 5 ----- plugins/modules/iam_saml_federation.py | 3 --- plugins/modules/iam_server_certificate_info.py | 5 ----- plugins/modules/iam_user.py | 3 --- plugins/modules/iam_user_info.py | 7 ------- plugins/modules/kinesis_stream.py | 5 ----- plugins/modules/lambda.py | 5 ----- plugins/modules/lambda_alias.py | 5 ----- plugins/modules/lambda_event.py | 5 ----- plugins/modules/lambda_facts.py | 4 ---- plugins/modules/lambda_info.py | 5 ----- plugins/modules/lambda_policy.py | 3 --- plugins/modules/lightsail.py | 4 ---- plugins/modules/rds.py | 5 ----- plugins/modules/rds_instance.py | 5 ----- plugins/modules/rds_instance_info.py | 4 ---- plugins/modules/rds_param_group.py | 5 ----- plugins/modules/rds_snapshot.py | 4 ---- plugins/modules/rds_snapshot_info.py | 4 ---- plugins/modules/rds_subnet_group.py | 5 ----- plugins/modules/redshift.py | 4 ---- plugins/modules/redshift_cross_region_snapshots.py | 4 ---- plugins/modules/redshift_info.py | 4 ---- plugins/modules/redshift_subnet_group.py | 5 ----- plugins/modules/route53.py | 5 ----- plugins/modules/route53_health_check.py | 5 ----- plugins/modules/route53_info.py | 5 ----- plugins/modules/route53_zone.py | 5 ----- plugins/modules/s3_bucket_notification.py | 4 ---- plugins/modules/s3_lifecycle.py | 5 ----- plugins/modules/s3_logging.py | 5 ----- plugins/modules/s3_sync.py | 4 ---- plugins/modules/s3_website.py | 5 ----- plugins/modules/sns.py | 5 ----- plugins/modules/sns_topic.py | 5 ----- plugins/modules/sqs_queue.py | 5 ----- plugins/modules/sts_assume_role.py | 5 ----- plugins/modules/sts_session_token.py | 5 ----- 173 files changed, 741 deletions(-) diff --git a/galaxy.yml b/galaxy.yml index b63fde71a91..d7ec90280c4 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -4,7 +4,6 @@ version: 0.1.0 readme: README.md authors: null description: null -license: GPL-3.0-or-later license_file: COPYING tags: [community, aws, cloud, amazon] dependencies: diff --git a/plugins/modules/aws_acm.py b/plugins/modules/aws_acm.py index 3e24adfd364..93034e7e71f 100644 --- a/plugins/modules/aws_acm.py +++ b/plugins/modules/aws_acm.py @@ -24,9 +24,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: aws_acm diff --git a/plugins/modules/aws_acm_info.py b/plugins/modules/aws_acm_info.py index 094d8a2ac6c..4cc072a7aef 100644 --- a/plugins/modules/aws_acm_info.py +++ b/plugins/modules/aws_acm_info.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: aws_acm_info diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index fe3cd969e6f..1a508299e06 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -8,10 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: aws_api_gateway diff --git a/plugins/modules/aws_application_scaling_policy.py b/plugins/modules/aws_application_scaling_policy.py index 6fefaee2c3d..51d98743da3 100644 --- a/plugins/modules/aws_application_scaling_policy.py +++ b/plugins/modules/aws_application_scaling_policy.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_batch_compute_environment.py b/plugins/modules/aws_batch_compute_environment.py index 6329bba214c..38a22ca69cd 100644 --- a/plugins/modules/aws_batch_compute_environment.py +++ b/plugins/modules/aws_batch_compute_environment.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_batch_job_definition.py b/plugins/modules/aws_batch_job_definition.py index 07bcf127295..6f385ef20fc 100644 --- a/plugins/modules/aws_batch_job_definition.py +++ b/plugins/modules/aws_batch_job_definition.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_batch_job_queue.py b/plugins/modules/aws_batch_job_queue.py index 77726175510..c888b560e0b 100644 --- a/plugins/modules/aws_batch_job_queue.py +++ b/plugins/modules/aws_batch_job_queue.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_codebuild.py b/plugins/modules/aws_codebuild.py index 219289ee2db..ca79d056bce 100644 --- a/plugins/modules/aws_codebuild.py +++ b/plugins/modules/aws_codebuild.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_codecommit.py b/plugins/modules/aws_codecommit.py index f8d7df05d2a..dc7bbaee160 100644 --- a/plugins/modules/aws_codecommit.py +++ b/plugins/modules/aws_codecommit.py @@ -6,9 +6,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_codepipeline.py b/plugins/modules/aws_codepipeline.py index 84afe1a4dc1..1784d7859c4 100644 --- a/plugins/modules/aws_codepipeline.py +++ b/plugins/modules/aws_codepipeline.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_config_aggregation_authorization.py b/plugins/modules/aws_config_aggregation_authorization.py index 78126794905..d2057a18591 100644 --- a/plugins/modules/aws_config_aggregation_authorization.py +++ b/plugins/modules/aws_config_aggregation_authorization.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: aws_config_aggregation_authorization diff --git a/plugins/modules/aws_config_aggregator.py b/plugins/modules/aws_config_aggregator.py index 3f39f57cbc9..7b97fded3c9 100644 --- a/plugins/modules/aws_config_aggregator.py +++ b/plugins/modules/aws_config_aggregator.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: aws_config_aggregator diff --git a/plugins/modules/aws_config_delivery_channel.py b/plugins/modules/aws_config_delivery_channel.py index 0005d68d462..f0fda8e61f4 100644 --- a/plugins/modules/aws_config_delivery_channel.py +++ b/plugins/modules/aws_config_delivery_channel.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: aws_config_delivery_channel diff --git a/plugins/modules/aws_config_recorder.py b/plugins/modules/aws_config_recorder.py index a614748e739..970e6f8c0bc 100644 --- a/plugins/modules/aws_config_recorder.py +++ b/plugins/modules/aws_config_recorder.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: aws_config_recorder diff --git a/plugins/modules/aws_config_rule.py b/plugins/modules/aws_config_rule.py index e2a328ce1d3..9ce254def76 100644 --- a/plugins/modules/aws_config_rule.py +++ b/plugins/modules/aws_config_rule.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: aws_config_rule diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index 601745de4ff..0b2f16ea083 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_direct_connect_gateway.py b/plugins/modules/aws_direct_connect_gateway.py index d2fc624d747..7fa8ca23740 100644 --- a/plugins/modules/aws_direct_connect_gateway.py +++ b/plugins/modules/aws_direct_connect_gateway.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: aws_direct_connect_gateway author: Gobin Sougrakpam (@gobins) diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index dd7d57dcded..92e8433f5ed 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index 4a5276631ba..3883d12331b 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_eks_cluster.py b/plugins/modules/aws_eks_cluster.py index 1b1693be225..6cb7d4fe0ce 100644 --- a/plugins/modules/aws_eks_cluster.py +++ b/plugins/modules/aws_eks_cluster.py @@ -5,11 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_elasticbeanstalk_app.py b/plugins/modules/aws_elasticbeanstalk_app.py index c7f45a34e86..88c6b58d4af 100644 --- a/plugins/modules/aws_elasticbeanstalk_app.py +++ b/plugins/modules/aws_elasticbeanstalk_app.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' - } DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_glue_connection.py b/plugins/modules/aws_glue_connection.py index ef1f753abf9..d2dec7b8db8 100644 --- a/plugins/modules/aws_glue_connection.py +++ b/plugins/modules/aws_glue_connection.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_glue_job.py b/plugins/modules/aws_glue_job.py index 6fbe23603d8..7a9d76d0890 100644 --- a/plugins/modules/aws_glue_job.py +++ b/plugins/modules/aws_glue_job.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_inspector_target.py b/plugins/modules/aws_inspector_target.py index 1d33ec00411..00d5ac35ba1 100644 --- a/plugins/modules/aws_inspector_target.py +++ b/plugins/modules/aws_inspector_target.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index 879676286d3..577ec365d5c 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index c615d3a293f..a51b30a85cc 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_region_info.py b/plugins/modules/aws_region_info.py index dee88d852ba..b20bf9f84ef 100644 --- a/plugins/modules/aws_region_info.py +++ b/plugins/modules/aws_region_info.py @@ -5,11 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'supported_by': 'community', - 'status': ['preview'] -} DOCUMENTATION = ''' module: aws_region_info diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index a69ae8a8b99..4646e40e3d5 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: aws_s3_bucket_info diff --git a/plugins/modules/aws_s3_cors.py b/plugins/modules/aws_s3_cors.py index 272b177e6cf..7a63596e6ab 100644 --- a/plugins/modules/aws_s3_cors.py +++ b/plugins/modules/aws_s3_cors.py @@ -6,9 +6,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_secret.py b/plugins/modules/aws_secret.py index afcb2976c3b..0f4a8e78c9f 100644 --- a/plugins/modules/aws_secret.py +++ b/plugins/modules/aws_secret.py @@ -6,10 +6,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = r''' --- diff --git a/plugins/modules/aws_ses_identity.py b/plugins/modules/aws_ses_identity.py index ccc40344fe4..81a80630f97 100644 --- a/plugins/modules/aws_ses_identity.py +++ b/plugins/modules/aws_ses_identity.py @@ -5,11 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_ses_identity_policy.py b/plugins/modules/aws_ses_identity_policy.py index 5bbf91343b8..a657a1a4175 100644 --- a/plugins/modules/aws_ses_identity_policy.py +++ b/plugins/modules/aws_ses_identity_policy.py @@ -5,11 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_ses_rule_set.py b/plugins/modules/aws_ses_rule_set.py index b5e78d1b419..d351f2b8d26 100644 --- a/plugins/modules/aws_ses_rule_set.py +++ b/plugins/modules/aws_ses_rule_set.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_sgw_info.py b/plugins/modules/aws_sgw_info.py index b1ac00ef70c..f18084d06e7 100644 --- a/plugins/modules/aws_sgw_info.py +++ b/plugins/modules/aws_sgw_info.py @@ -7,9 +7,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_ssm_parameter_store.py b/plugins/modules/aws_ssm_parameter_store.py index 9e0683d1c85..7e9cb76e897 100644 --- a/plugins/modules/aws_ssm_parameter_store.py +++ b/plugins/modules/aws_ssm_parameter_store.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_step_functions_state_machine.py b/plugins/modules/aws_step_functions_state_machine.py index 9a9bdf365a4..a5261e593da 100644 --- a/plugins/modules/aws_step_functions_state_machine.py +++ b/plugins/modules/aws_step_functions_state_machine.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_step_functions_state_machine_execution.py b/plugins/modules/aws_step_functions_state_machine_execution.py index d4c2b7324d4..b64efacbaf7 100644 --- a/plugins/modules/aws_step_functions_state_machine_execution.py +++ b/plugins/modules/aws_step_functions_state_machine_execution.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/aws_waf_condition.py b/plugins/modules/aws_waf_condition.py index c9184103cb7..bab1f97772e 100644 --- a/plugins/modules/aws_waf_condition.py +++ b/plugins/modules/aws_waf_condition.py @@ -6,9 +6,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: aws_waf_condition diff --git a/plugins/modules/aws_waf_info.py b/plugins/modules/aws_waf_info.py index 8b3b6e87da7..a3169453f1d 100644 --- a/plugins/modules/aws_waf_info.py +++ b/plugins/modules/aws_waf_info.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: aws_waf_info diff --git a/plugins/modules/aws_waf_rule.py b/plugins/modules/aws_waf_rule.py index 95dc831acbf..5d1c8d3667b 100644 --- a/plugins/modules/aws_waf_rule.py +++ b/plugins/modules/aws_waf_rule.py @@ -6,9 +6,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: aws_waf_rule diff --git a/plugins/modules/aws_waf_web_acl.py b/plugins/modules/aws_waf_web_acl.py index a942a4cb77a..22da20a7692 100644 --- a/plugins/modules/aws_waf_web_acl.py +++ b/plugins/modules/aws_waf_web_acl.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: aws_waf_web_acl diff --git a/plugins/modules/cloudformation_exports_info.py b/plugins/modules/cloudformation_exports_info.py index e254d1deafa..50f4f847af5 100644 --- a/plugins/modules/cloudformation_exports_info.py +++ b/plugins/modules/cloudformation_exports_info.py @@ -5,9 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' module: cloudformation_exports_info diff --git a/plugins/modules/cloudformation_stack_set.py b/plugins/modules/cloudformation_stack_set.py index 6d20469c764..69f53669f51 100644 --- a/plugins/modules/cloudformation_stack_set.py +++ b/plugins/modules/cloudformation_stack_set.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 1b7a8f07eab..6597d37bbef 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index 71f584b852a..eb89ff35fad 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: cloudfront_info diff --git a/plugins/modules/cloudfront_invalidation.py b/plugins/modules/cloudfront_invalidation.py index 1cf6f3dfa7e..fe84099931d 100644 --- a/plugins/modules/cloudfront_invalidation.py +++ b/plugins/modules/cloudfront_invalidation.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/cloudfront_origin_access_identity.py b/plugins/modules/cloudfront_origin_access_identity.py index 9e788fdc21f..fd66d587ab2 100644 --- a/plugins/modules/cloudfront_origin_access_identity.py +++ b/plugins/modules/cloudfront_origin_access_identity.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/cloudtrail.py b/plugins/modules/cloudtrail.py index 5fb0858d9ab..c4a5f2e6e74 100644 --- a/plugins/modules/cloudtrail.py +++ b/plugins/modules/cloudtrail.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: cloudtrail diff --git a/plugins/modules/cloudwatchevent_rule.py b/plugins/modules/cloudwatchevent_rule.py index 8167ac6a3de..23f3efa7aec 100644 --- a/plugins/modules/cloudwatchevent_rule.py +++ b/plugins/modules/cloudwatchevent_rule.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = r''' --- module: cloudwatchevent_rule diff --git a/plugins/modules/cloudwatchlogs_log_group.py b/plugins/modules/cloudwatchlogs_log_group.py index af883b32d15..54687816f03 100644 --- a/plugins/modules/cloudwatchlogs_log_group.py +++ b/plugins/modules/cloudwatchlogs_log_group.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index 4bbc25534d2..61b9ad235e2 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -6,9 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py index 52f7f3c9306..83c71176600 100644 --- a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py +++ b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py @@ -4,9 +4,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index 5637c590ed4..ac06922a7b3 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -7,10 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: data_pipeline diff --git a/plugins/modules/dms_endpoint.py b/plugins/modules/dms_endpoint.py index aac3f2aeab4..1fea45a4a04 100644 --- a/plugins/modules/dms_endpoint.py +++ b/plugins/modules/dms_endpoint.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: dms_endpoint diff --git a/plugins/modules/dms_replication_subnet_group.py b/plugins/modules/dms_replication_subnet_group.py index 3dfc121d3af..9cb0caf060f 100644 --- a/plugins/modules/dms_replication_subnet_group.py +++ b/plugins/modules/dms_replication_subnet_group.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: dms_replication_subnet_group diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py index 47a65123a84..1edf139dbfa 100644 --- a/plugins/modules/dynamodb_table.py +++ b/plugins/modules/dynamodb_table.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: dynamodb_table diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index d4ed856c215..654b311c72a 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: dynamodb_ttl diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index 832d3155a91..974993a42ed 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -6,10 +6,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index 3a852e1a0e3..3f43193f102 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_asg_info.py b/plugins/modules/ec2_asg_info.py index 0f30eaa47bc..b2c971ae81b 100644 --- a/plugins/modules/ec2_asg_info.py +++ b/plugins/modules/ec2_asg_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_asg_info diff --git a/plugins/modules/ec2_asg_lifecycle_hook.py b/plugins/modules/ec2_asg_lifecycle_hook.py index 25f143f1ce5..50e483d0ed1 100644 --- a/plugins/modules/ec2_asg_lifecycle_hook.py +++ b/plugins/modules/ec2_asg_lifecycle_hook.py @@ -6,9 +6,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index d14ffcfbce4..675e69a430f 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_customer_gateway_info.py b/plugins/modules/ec2_customer_gateway_info.py index 65ed984f486..001c88ae8cf 100644 --- a/plugins/modules/ec2_customer_gateway_info.py +++ b/plugins/modules/ec2_customer_gateway_info.py @@ -5,9 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index b7441826a9b..a43fe9a0a50 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -8,11 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_eip diff --git a/plugins/modules/ec2_eip_info.py b/plugins/modules/ec2_eip_info.py index 047041ff755..6001110b71b 100644 --- a/plugins/modules/ec2_eip_info.py +++ b/plugins/modules/ec2_eip_info.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_elb.py b/plugins/modules/ec2_elb.py index bf77dbca503..f820453a2d8 100644 --- a/plugins/modules/ec2_elb.py +++ b/plugins/modules/ec2_elb.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_elb diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index d83b4fe119d..0c4c2dc1b76 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -16,10 +16,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index 0b268a6f05a..4238a7c15e7 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: ec2_instance diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index 9bb1ff56e7d..79d056d4ea6 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: ec2_instance_info diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index 2de514ad247..d80a226f155 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -4,11 +4,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index 5211391d1cf..b9f4740a73f 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -6,10 +6,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_lc_find.py b/plugins/modules/ec2_lc_find.py index 8ff3ddb0c39..043df722367 100644 --- a/plugins/modules/ec2_lc_find.py +++ b/plugins/modules/ec2_lc_find.py @@ -8,11 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_lc_find diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 9a16f2fd0ab..e7cdd9b24f1 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_lc_info diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index 6d87ea9595b..804474294e3 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -18,11 +18,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_metric_alarm short_description: "Create/update or delete AWS Cloudwatch 'metric alarms'" diff --git a/plugins/modules/ec2_placement_group.py b/plugins/modules/ec2_placement_group.py index f4b3a7e2fbf..4298c6522ec 100644 --- a/plugins/modules/ec2_placement_group.py +++ b/plugins/modules/ec2_placement_group.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index 47df4dd7ed4..5a4bc09a842 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_scaling_policy.py b/plugins/modules/ec2_scaling_policy.py index 01b3210afde..7beb95c0a0c 100644 --- a/plugins/modules/ec2_scaling_policy.py +++ b/plugins/modules/ec2_scaling_policy.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_scaling_policy short_description: Create or delete AWS scaling policies for Autoscaling groups diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 98ac9c8b4df..38b22315a2f 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -6,12 +6,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_transit_gateway.py b/plugins/modules/ec2_transit_gateway.py index 9ab13d83042..4f2f4dbd0c0 100644 --- a/plugins/modules/ec2_transit_gateway.py +++ b/plugins/modules/ec2_transit_gateway.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_transit_gateway short_description: Create and delete AWS Transit Gateways diff --git a/plugins/modules/ec2_transit_gateway_info.py b/plugins/modules/ec2_transit_gateway_info.py index e4fbb14821e..d0f1409a2b5 100644 --- a/plugins/modules/ec2_transit_gateway_info.py +++ b/plugins/modules/ec2_transit_gateway_info.py @@ -6,11 +6,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'supported_by': 'community', - 'status': ['preview'] -} DOCUMENTATION = ''' module: ec2_transit_gateway_info diff --git a/plugins/modules/ec2_vpc_egress_igw.py b/plugins/modules/ec2_vpc_egress_igw.py index 6f0c1ab36b1..9b4040484c3 100644 --- a/plugins/modules/ec2_vpc_egress_igw.py +++ b/plugins/modules/ec2_vpc_egress_igw.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 760af35c62e..1b89387bf36 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_vpc_endpoint short_description: Create and delete AWS VPC Endpoints. diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index a43ef54ac13..fa4f8c59713 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -5,10 +5,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' module: ec2_vpc_endpoint_info short_description: Retrieves AWS VPC endpoints details using AWS methods. diff --git a/plugins/modules/ec2_vpc_igw.py b/plugins/modules/ec2_vpc_igw.py index 43b74c163d5..0c85169c7d7 100644 --- a/plugins/modules/ec2_vpc_igw.py +++ b/plugins/modules/ec2_vpc_igw.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_vpc_igw diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index 1c407a36b89..7bdff093461 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_vpc_igw_info diff --git a/plugins/modules/ec2_vpc_nacl.py b/plugins/modules/ec2_vpc_nacl.py index 213cf167cd4..23130310720 100644 --- a/plugins/modules/ec2_vpc_nacl.py +++ b/plugins/modules/ec2_vpc_nacl.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_vpc_nacl short_description: create and delete Network ACLs. diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index b5a8d3bc251..658816545b4 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -5,11 +5,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_vpc_nacl_info diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 09fc70de335..d8ee5167b67 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_vpc_nat_gateway diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index a4891391854..a4e7ac6db99 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_vpc_nat_gateway_info short_description: Retrieves AWS VPC Managed Nat Gateway details using AWS methods. diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 28de7788ef0..c029eb5afa0 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_vpc_peer short_description: create, delete, accept, and reject VPC peering connections between two VPCs. diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index 2561a209283..008f75fbd10 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' module: ec2_vpc_peering_info short_description: Retrieves AWS VPC Peering details using AWS methods. diff --git a/plugins/modules/ec2_vpc_route_table.py b/plugins/modules/ec2_vpc_route_table.py index a90242148b2..442efca01d7 100644 --- a/plugins/modules/ec2_vpc_route_table.py +++ b/plugins/modules/ec2_vpc_route_table.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_vpc_route_table_info.py b/plugins/modules/ec2_vpc_route_table_info.py index a86e9542570..b0b5b189de1 100644 --- a/plugins/modules/ec2_vpc_route_table_info.py +++ b/plugins/modules/ec2_vpc_route_table_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_vpc_route_table_info diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index 8fce681bbe8..004a64c394c 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: ec2_vpc_vgw short_description: Create and delete AWS VPN Virtual Gateways. diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index 64f522d80db..177f4a7ea21 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_vpc_vgw_info diff --git a/plugins/modules/ec2_vpc_vpn.py b/plugins/modules/ec2_vpc_vpn.py index 5f8707bf909..c344cc8e73e 100644 --- a/plugins/modules/ec2_vpc_vpn.py +++ b/plugins/modules/ec2_vpc_vpn.py @@ -5,10 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ec2_vpc_vpn_info.py b/plugins/modules/ec2_vpc_vpn_info.py index 991977346d0..3041a747d69 100644 --- a/plugins/modules/ec2_vpc_vpn_info.py +++ b/plugins/modules/ec2_vpc_vpn_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} - - DOCUMENTATION = ''' --- module: ec2_vpc_vpn_info diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index 7ed14ed7204..782ff16829c 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ec2_win_password diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index 9e812275e9e..67b1664305e 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: ecs_attribute diff --git a/plugins/modules/ecs_cluster.py b/plugins/modules/ecs_cluster.py index 6e6cc54b255..bf41601b011 100644 --- a/plugins/modules/ecs_cluster.py +++ b/plugins/modules/ecs_cluster.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ecs_cluster diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index 4d2bf1bab09..d2eb786370b 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -8,9 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index 1446704a598..96d08b02633 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ecs_service diff --git a/plugins/modules/ecs_service_info.py b/plugins/modules/ecs_service_info.py index f82f5c5e6a8..4e479bbb443 100644 --- a/plugins/modules/ecs_service_info.py +++ b/plugins/modules/ecs_service_info.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/ecs_tag.py b/plugins/modules/ecs_tag.py index a9def34ac41..fd49461fb07 100644 --- a/plugins/modules/ecs_tag.py +++ b/plugins/modules/ecs_tag.py @@ -3,9 +3,6 @@ # Copyright: (c) 2019, Michael Pechner # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = r''' diff --git a/plugins/modules/ecs_task.py b/plugins/modules/ecs_task.py index 41c381c269a..1f831a413ea 100644 --- a/plugins/modules/ecs_task.py +++ b/plugins/modules/ecs_task.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ecs_task diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index 895a52d29d1..def891bb527 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: ecs_taskdefinition diff --git a/plugins/modules/ecs_taskdefinition_info.py b/plugins/modules/ecs_taskdefinition_info.py index 2c6fe847cea..3711c47767a 100644 --- a/plugins/modules/ecs_taskdefinition_info.py +++ b/plugins/modules/ecs_taskdefinition_info.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/efs.py b/plugins/modules/efs.py index 5d72daa2c02..5d6ce13e707 100644 --- a/plugins/modules/efs.py +++ b/plugins/modules/efs.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: efs diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index 69a584215fe..9835be169e4 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: efs_info diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index a59eadc11e9..e1c255ebbde 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: elasticache diff --git a/plugins/modules/elasticache_info.py b/plugins/modules/elasticache_info.py index 9126ee57f4e..86763b39a0d 100644 --- a/plugins/modules/elasticache_info.py +++ b/plugins/modules/elasticache_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' module: elasticache_info short_description: Retrieve information for AWS ElastiCache clusters diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index 9e64320def2..c701d6a763d 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: elasticache_parameter_group diff --git a/plugins/modules/elasticache_snapshot.py b/plugins/modules/elasticache_snapshot.py index 7bea35dee8c..f932544b505 100644 --- a/plugins/modules/elasticache_snapshot.py +++ b/plugins/modules/elasticache_snapshot.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: elasticache_snapshot diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py index ed56153c4f9..72b41f08ea6 100644 --- a/plugins/modules/elasticache_subnet_group.py +++ b/plugins/modules/elasticache_subnet_group.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: elasticache_subnet_group diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index 9c49e648409..28915d551fa 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -17,9 +17,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index b347941ee79..ca5290e3892 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: elb_application_lb_info diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index 5959ebaf3f0..bd309465abe 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: elb_classic_lb diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index 8708aa95b32..a38aee6b253 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -16,10 +16,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/elb_instance.py b/plugins/modules/elb_instance.py index 9bd2560a93a..0c41ef3a6e4 100644 --- a/plugins/modules/elb_instance.py +++ b/plugins/modules/elb_instance.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: elb_instance diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index 8e4e40c60c8..858cfaaffd9 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -6,9 +6,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index 438c51e7392..553e5f7f860 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -5,9 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index 82240052be2..3818d5da7df 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: elb_target_group diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 6c3e335d485..f285221eb33 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: elb_target_group_info diff --git a/plugins/modules/elb_target_info.py b/plugins/modules/elb_target_info.py index 15ca68338ff..1101965a318 100644 --- a/plugins/modules/elb_target_info.py +++ b/plugins/modules/elb_target_info.py @@ -3,10 +3,6 @@ # GNU General Public License v3.0+ # (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function -ANSIBLE_METADATA = {"metadata_version": "1.1", - "status": ["preview"], - "supported_by": "community"} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/execute_lambda.py b/plugins/modules/execute_lambda.py index 901b83bafc5..45d0eef8e2b 100644 --- a/plugins/modules/execute_lambda.py +++ b/plugins/modules/execute_lambda.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam.py b/plugins/modules/iam.py index e195a4a9adb..9b5bae141c2 100644 --- a/plugins/modules/iam.py +++ b/plugins/modules/iam.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: iam diff --git a/plugins/modules/iam_cert.py b/plugins/modules/iam_cert.py index c48b122dbd9..24e317b71c6 100644 --- a/plugins/modules/iam_cert.py +++ b/plugins/modules/iam_cert.py @@ -17,10 +17,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam_group.py b/plugins/modules/iam_group.py index cfac6062c46..672de888fba 100644 --- a/plugins/modules/iam_group.py +++ b/plugins/modules/iam_group.py @@ -17,9 +17,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 435d2dcf800..0631a243dd0 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: iam_managed_policy diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 12dae087a70..2431a57c063 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: iam_mfa_device_info diff --git a/plugins/modules/iam_password_policy.py b/plugins/modules/iam_password_policy.py index ead34bf8868..53c1d5bc479 100644 --- a/plugins/modules/iam_password_policy.py +++ b/plugins/modules/iam_password_policy.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: iam_password_policy diff --git a/plugins/modules/iam_policy.py b/plugins/modules/iam_policy.py index 87c7895bfb8..105d985df5b 100644 --- a/plugins/modules/iam_policy.py +++ b/plugins/modules/iam_policy.py @@ -5,9 +5,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam_policy_info.py b/plugins/modules/iam_policy_info.py index b80428938f1..73eded00824 100644 --- a/plugins/modules/iam_policy_info.py +++ b/plugins/modules/iam_policy_info.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: iam_policy_info diff --git a/plugins/modules/iam_role.py b/plugins/modules/iam_role.py index fafa00541dc..432fcab64ad 100644 --- a/plugins/modules/iam_role.py +++ b/plugins/modules/iam_role.py @@ -4,10 +4,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam_role_info.py b/plugins/modules/iam_role_info.py index 9912cfdaa20..bf32d32adbf 100644 --- a/plugins/modules/iam_role_info.py +++ b/plugins/modules/iam_role_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: iam_role_info diff --git a/plugins/modules/iam_saml_federation.py b/plugins/modules/iam_saml_federation.py index 0d6f3e3f474..7f8077bbb8a 100644 --- a/plugins/modules/iam_saml_federation.py +++ b/plugins/modules/iam_saml_federation.py @@ -18,9 +18,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam_server_certificate_info.py b/plugins/modules/iam_server_certificate_info.py index 771d374a9fe..49daffe72c8 100644 --- a/plugins/modules/iam_server_certificate_info.py +++ b/plugins/modules/iam_server_certificate_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: iam_server_certificate_info diff --git a/plugins/modules/iam_user.py b/plugins/modules/iam_user.py index 8bf60f97ca9..5b2ee4503b1 100644 --- a/plugins/modules/iam_user.py +++ b/plugins/modules/iam_user.py @@ -5,9 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/iam_user_info.py b/plugins/modules/iam_user_info.py index b87a0763823..7a8b07eb602 100644 --- a/plugins/modules/iam_user_info.py +++ b/plugins/modules/iam_user_info.py @@ -8,13 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} - - DOCUMENTATION = ''' --- module: iam_user_info diff --git a/plugins/modules/kinesis_stream.py b/plugins/modules/kinesis_stream.py index 2ed339c5bd0..50c7e12adaa 100644 --- a/plugins/modules/kinesis_stream.py +++ b/plugins/modules/kinesis_stream.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: kinesis_stream diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py index cad268c72ae..31ab9319cfc 100644 --- a/plugins/modules/lambda.py +++ b/plugins/modules/lambda.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: lambda diff --git a/plugins/modules/lambda_alias.py b/plugins/modules/lambda_alias.py index 649fe95bf10..2be5e56eae2 100644 --- a/plugins/modules/lambda_alias.py +++ b/plugins/modules/lambda_alias.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: lambda_alias diff --git a/plugins/modules/lambda_event.py b/plugins/modules/lambda_event.py index ca81d13ae95..2122bcaa21f 100644 --- a/plugins/modules/lambda_event.py +++ b/plugins/modules/lambda_event.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: lambda_event diff --git a/plugins/modules/lambda_facts.py b/plugins/modules/lambda_facts.py index 3a95ee43b2c..f9399769954 100644 --- a/plugins/modules/lambda_facts.py +++ b/plugins/modules/lambda_facts.py @@ -5,10 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['deprecated'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/lambda_info.py b/plugins/modules/lambda_info.py index 11e5e97186e..06a356204f7 100644 --- a/plugins/modules/lambda_info.py +++ b/plugins/modules/lambda_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: lambda_info diff --git a/plugins/modules/lambda_policy.py b/plugins/modules/lambda_policy.py index 5cf1ff22760..014dc3b27f6 100644 --- a/plugins/modules/lambda_policy.py +++ b/plugins/modules/lambda_policy.py @@ -6,9 +6,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} DOCUMENTATION = ''' --- diff --git a/plugins/modules/lightsail.py b/plugins/modules/lightsail.py index 09cd7ac8458..c110b5e2aa7 100644 --- a/plugins/modules/lightsail.py +++ b/plugins/modules/lightsail.py @@ -7,10 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: lightsail diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index 1ac4a1b15ad..cc123f9c22f 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: rds diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index c0deddd89e3..efbffd8aa8b 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -5,11 +5,6 @@ from __future__ import absolute_import, division, print_function __metaclass__ = type -ANSIBLE_METADATA = { - 'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community' -} DOCUMENTATION = ''' --- diff --git a/plugins/modules/rds_instance_info.py b/plugins/modules/rds_instance_info.py index cc8535d5628..ab6bcbcc0b4 100644 --- a/plugins/modules/rds_instance_info.py +++ b/plugins/modules/rds_instance_info.py @@ -8,10 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} - DOCUMENTATION = ''' --- module: rds_instance_info diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index bdaf7fe4e7d..a30df260a25 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: rds_param_group diff --git a/plugins/modules/rds_snapshot.py b/plugins/modules/rds_snapshot.py index c00d21064f8..872af39c8e6 100644 --- a/plugins/modules/rds_snapshot.py +++ b/plugins/modules/rds_snapshot.py @@ -8,10 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} - DOCUMENTATION = ''' --- module: rds_snapshot diff --git a/plugins/modules/rds_snapshot_info.py b/plugins/modules/rds_snapshot_info.py index e887c3dd933..5d330b47e66 100644 --- a/plugins/modules/rds_snapshot_info.py +++ b/plugins/modules/rds_snapshot_info.py @@ -8,10 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} - DOCUMENTATION = ''' --- module: rds_snapshot_info diff --git a/plugins/modules/rds_subnet_group.py b/plugins/modules/rds_subnet_group.py index b0fb417a28f..99bfb002752 100644 --- a/plugins/modules/rds_subnet_group.py +++ b/plugins/modules/rds_subnet_group.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: rds_subnet_group diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 997240aaf68..86343d4ef79 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -7,10 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/redshift_cross_region_snapshots.py b/plugins/modules/redshift_cross_region_snapshots.py index cd7a7c0d744..d7931a812b6 100644 --- a/plugins/modules/redshift_cross_region_snapshots.py +++ b/plugins/modules/redshift_cross_region_snapshots.py @@ -7,10 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'status': ['preview'], - 'supported_by': 'community', - 'metadata_version': '1.1'} - DOCUMENTATION = ''' --- module: redshift_cross_region_snapshots diff --git a/plugins/modules/redshift_info.py b/plugins/modules/redshift_info.py index 98dd0090c94..6763aee9428 100644 --- a/plugins/modules/redshift_info.py +++ b/plugins/modules/redshift_info.py @@ -7,10 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- module: redshift_info diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py index f09c028988f..cb9d085e8c8 100644 --- a/plugins/modules/redshift_subnet_group.py +++ b/plugins/modules/redshift_subnet_group.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- author: diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py index 3347f51aaca..c93d941f39f 100644 --- a/plugins/modules/route53.py +++ b/plugins/modules/route53.py @@ -8,11 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: route53 diff --git a/plugins/modules/route53_health_check.py b/plugins/modules/route53_health_check.py index c974c72a5f1..414f27a3eee 100644 --- a/plugins/modules/route53_health_check.py +++ b/plugins/modules/route53_health_check.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: route53_health_check diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index d3d2f3abae9..454875bb47f 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: route53_info short_description: Retrieves route53 details using AWS methods diff --git a/plugins/modules/route53_zone.py b/plugins/modules/route53_zone.py index 698ef524996..3eee17506f4 100644 --- a/plugins/modules/route53_zone.py +++ b/plugins/modules/route53_zone.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: route53_zone short_description: add or delete Route53 zones diff --git a/plugins/modules/s3_bucket_notification.py b/plugins/modules/s3_bucket_notification.py index d61ca14e143..41eaf3cfe72 100644 --- a/plugins/modules/s3_bucket_notification.py +++ b/plugins/modules/s3_bucket_notification.py @@ -6,10 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index e8fb62c0814..32ac0dfd246 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: s3_lifecycle diff --git a/plugins/modules/s3_logging.py b/plugins/modules/s3_logging.py index b13e5eea086..9d074f4876a 100644 --- a/plugins/modules/s3_logging.py +++ b/plugins/modules/s3_logging.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: s3_logging diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 1123aea9a06..05f1ffa92df 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -17,10 +17,6 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - DOCUMENTATION = ''' --- diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index 1c87ed73ba8..5f0822af6fe 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: s3_website diff --git a/plugins/modules/sns.py b/plugins/modules/sns.py index 97f202fdc19..41c346ac317 100644 --- a/plugins/modules/sns.py +++ b/plugins/modules/sns.py @@ -8,11 +8,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: sns short_description: Send Amazon Simple Notification Service messages diff --git a/plugins/modules/sns_topic.py b/plugins/modules/sns_topic.py index 141906edb18..52c21a41f0f 100644 --- a/plugins/modules/sns_topic.py +++ b/plugins/modules/sns_topic.py @@ -7,11 +7,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' module: sns_topic short_description: Manages AWS SNS topics and subscriptions diff --git a/plugins/modules/sqs_queue.py b/plugins/modules/sqs_queue.py index ca8041f11f8..763db04c774 100644 --- a/plugins/modules/sqs_queue.py +++ b/plugins/modules/sqs_queue.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: sqs_queue diff --git a/plugins/modules/sts_assume_role.py b/plugins/modules/sts_assume_role.py index 7f86c34a475..f836e478e23 100644 --- a/plugins/modules/sts_assume_role.py +++ b/plugins/modules/sts_assume_role.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: sts_assume_role diff --git a/plugins/modules/sts_session_token.py b/plugins/modules/sts_session_token.py index e83d71ffd69..d39519e8e0f 100644 --- a/plugins/modules/sts_session_token.py +++ b/plugins/modules/sts_session_token.py @@ -6,11 +6,6 @@ __metaclass__ = type -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['stableinterface'], - 'supported_by': 'community'} - - DOCUMENTATION = ''' --- module: sts_session_token From f26ad499fc61e3e1d80109bc686d8cc4887f4be8 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 21 May 2020 12:39:57 -0700 Subject: [PATCH 008/129] Fix module documentation schema errors (#80) * Fix module documentation schema errors ecs_service is missing suboptions data for placement_constraints Return docs for cloudwatchlogs_log_group_metric_filter are missing suboption descriptions and are just plain wrong. Correct type and values. Fixes #79 * Also update arg_spec for ecs_service --- .../cloudwatchlogs_log_group_metric_filter.py | 15 +++++++++------ plugins/modules/ecs_service.py | 17 +++++++++++++++-- tests/sanity/ignore-2.9.txt | 4 +--- 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py index 83c71176600..fd2c9221eff 100644 --- a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py +++ b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py @@ -89,12 +89,15 @@ description: Return the origin response value returned: success type: list - contains: - creation_time: - filter_name: - filter_pattern: - log_group_name: - metric_filter_count: + sample: [ + { + "default_value": 3.1415, + "metric_name": "box_free_space", + "metric_namespace": "made_with_ansible", + "metric_value": "$.value" + } + ] + """ from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index 96d08b02633..7761d3d3a26 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -103,10 +103,17 @@ placement_constraints: description: - The placement constraints for the tasks in the service. + - See U(https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PlacementConstraint.html) for more details. required: false type: list elements: dict suboptions: + type: + description: The type of constraint. + type: str + expression: + description: A cluster query language expression to apply to the constraint. + type: str placement_strategy: description: - The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service. @@ -648,8 +655,14 @@ def main(): repeat=dict(required=False, type='int', default=10), force_new_deployment=dict(required=False, default=False, type='bool'), deployment_configuration=dict(required=False, default={}, type='dict'), - placement_constraints=dict(required=False, default=[], type='list'), - placement_strategy=dict(required=False, default=[], type='list'), + placement_constraints=dict(required=False, default=[], type='list', options=dict( + type=dict(type='str'), + expression=dict(type='str') + )), + placement_strategy=dict(required=False, default=[], type='list', options=dict( + type=dict(type='str'), + field=dict(type='str'), + )), health_check_grace_period_seconds=dict(required=False, type='int'), network_configuration=dict(required=False, type='dict', options=dict( subnets=dict(type='list'), diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index 402f24dbedb..fcbbf316b77 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -84,8 +84,6 @@ plugins/modules/ec2_vpc_vpn_info.py validate-modules:doc-elements-mismatch plugins/modules/ec2_vpc_vpn_info.py validate-modules:parameter-list-no-elements plugins/modules/ecs_attribute.py validate-modules:doc-elements-mismatch plugins/modules/ecs_attribute.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_service.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_service.py validate-modules:parameter-list-no-elements plugins/modules/ecs_service_info.py validate-modules:doc-elements-mismatch plugins/modules/ecs_service_info.py validate-modules:parameter-list-no-elements plugins/modules/ecs_task.py validate-modules:doc-elements-mismatch @@ -149,4 +147,4 @@ tests/unit/mock/yaml_helper.py metaclass-boilerplate tests/unit/modules/conftest.py future-import-boilerplate tests/unit/modules/conftest.py metaclass-boilerplate tests/unit/modules/utils.py future-import-boilerplate -tests/unit/modules/utils.py metaclass-boilerplate \ No newline at end of file +tests/unit/modules/utils.py metaclass-boilerplate From ae6b497da1c229b76f80bb9cf09e7c9de448fcb4 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Mon, 1 Jun 2020 15:26:42 -0700 Subject: [PATCH 009/129] Add docs (#81) * Fix module documentation schema errors ecs_service is missing suboptions data for placement_constraints Return docs for cloudwatchlogs_log_group_metric_filter are missing suboption descriptions and are just plain wrong. Correct type and values. Fixes #79 * Fix trailing comma in return docs * Draft README * Add requirements.yml example without a version specified * Add module docs rst files * Rerun latest rev of add_docs, with PR 8 fixes for rst template --- README.md | 268 +- docs/community.aws.aws_acm.rst | 533 ++ docs/community.aws.aws_acm_info.rst | 989 ++++ docs/community.aws.aws_api_gateway.rst | 622 +++ ...ity.aws.aws_application_scaling_policy.rst | 1069 ++++ ...nity.aws.aws_batch_compute_environment.rst | 637 +++ ...community.aws.aws_batch_job_definition.rst | 801 +++ docs/community.aws.aws_batch_job_queue.rst | 433 ++ docs/community.aws.aws_codebuild.rst | 1219 ++++ docs/community.aws.aws_codecommit.rst | 594 ++ docs/community.aws.aws_codepipeline.rst | 669 +++ ...s.aws_config_aggregation_authorization.rst | 311 ++ docs/community.aws.aws_config_aggregator.rst | 449 ++ ...munity.aws.aws_config_delivery_channel.rst | 369 ++ docs/community.aws.aws_config_recorder.rst | 392 ++ docs/community.aws.aws_config_rule.rst | 523 ++ ...nity.aws.aws_direct_connect_connection.rst | 608 ++ ...mmunity.aws.aws_direct_connect_gateway.rst | 487 ++ ..._direct_connect_link_aggregation_group.rst | 687 +++ ...s.aws_direct_connect_virtual_interface.rst | 954 ++++ docs/community.aws.aws_eks_cluster.rst | 649 +++ ...community.aws.aws_elasticbeanstalk_app.rst | 385 ++ docs/community.aws.aws_glue_connection.rst | 575 ++ docs/community.aws.aws_glue_job.rst | 761 +++ docs/community.aws.aws_inspector_target.rst | 439 ++ docs/community.aws.aws_kms.rst | 1146 ++++ docs/community.aws.aws_kms_info.rst | 749 +++ docs/community.aws.aws_region_info.rst | 309 + docs/community.aws.aws_s3_bucket_info.rst | 292 + docs/community.aws.aws_s3_cors.rst | 391 ++ docs/community.aws.aws_secret.rst | 582 ++ docs/community.aws.aws_ses_identity.rst | 783 +++ .../community.aws.aws_ses_identity_policy.rst | 383 ++ docs/community.aws.aws_ses_rule_set.rst | 412 ++ docs/community.aws.aws_sgw_info.rst | 760 +++ docs/community.aws.aws_ssm.rst | 276 + .../community.aws.aws_ssm_parameter_store.rst | 489 ++ ...y.aws.aws_step_functions_state_machine.rst | 413 ++ ...step_functions_state_machine_execution.rst | 451 ++ docs/community.aws.aws_waf_condition.rst | 1494 +++++ docs/community.aws.aws_waf_info.rst | 477 ++ docs/community.aws.aws_waf_rule.rst | 609 ++ docs/community.aws.aws_waf_web_acl.rst | 675 +++ ...munity.aws.cloudformation_exports_info.rst | 285 + ...community.aws.cloudformation_stack_set.rst | 777 +++ .../community.aws.cloudfront_distribution.rst | 4946 +++++++++++++++++ docs/community.aws.cloudfront_info.rst | 830 +++ .../community.aws.cloudfront_invalidation.rst | 534 ++ ....aws.cloudfront_origin_access_identity.rst | 484 ++ docs/community.aws.cloudtrail.rst | 897 +++ docs/community.aws.cloudwatchevent_rule.rst | 594 ++ ...community.aws.cloudwatchlogs_log_group.rst | 549 ++ ...nity.aws.cloudwatchlogs_log_group_info.rst | 413 ++ ...cloudwatchlogs_log_group_metric_filter.rst | 460 ++ docs/community.aws.data_pipeline.rst | 737 +++ docs/community.aws.dms_endpoint.rst | 721 +++ ...unity.aws.dms_replication_subnet_group.rst | 324 ++ docs/community.aws.dynamodb_table.rst | 696 +++ docs/community.aws.dynamodb_ttl.rst | 349 ++ docs/community.aws.ec2_ami_copy.rst | 513 ++ docs/community.aws.ec2_asg.rst | 1498 +++++ docs/community.aws.ec2_asg_info.rst | 692 +++ docs/community.aws.ec2_asg_lifecycle_hook.rst | 437 ++ docs/community.aws.ec2_customer_gateway.rst | 497 ++ ...ommunity.aws.ec2_customer_gateway_info.rst | 335 ++ docs/community.aws.ec2_eip.rst | 634 +++ docs/community.aws.ec2_eip_info.rst | 339 ++ docs/community.aws.ec2_elb.rst | 383 ++ docs/community.aws.ec2_elb_info.rst | 302 + docs/community.aws.ec2_instance.rst | 2830 ++++++++++ docs/community.aws.ec2_instance_info.rst | 1859 +++++++ docs/community.aws.ec2_launch_template.rst | 1485 +++++ docs/community.aws.ec2_lc.rst | 1554 ++++++ docs/community.aws.ec2_lc_find.rst | 573 ++ docs/community.aws.ec2_lc_info.rst | 609 ++ docs/community.aws.ec2_metric_alarm.rst | 615 ++ docs/community.aws.ec2_placement_group.rst | 410 ++ ...community.aws.ec2_placement_group_info.rst | 367 ++ docs/community.aws.ec2_scaling_policy.rst | 385 ++ docs/community.aws.ec2_snapshot_copy.rst | 462 ++ docs/community.aws.ec2_transit_gateway.rst | 866 +++ ...community.aws.ec2_transit_gateway_info.rst | 631 +++ docs/community.aws.ec2_vpc_egress_igw.rst | 343 ++ docs/community.aws.ec2_vpc_endpoint.rst | 508 ++ docs/community.aws.ec2_vpc_endpoint_info.rst | 386 ++ docs/community.aws.ec2_vpc_igw.rst | 397 ++ docs/community.aws.ec2_vpc_igw_info.rst | 354 ++ docs/community.aws.ec2_vpc_nacl.rst | 499 ++ docs/community.aws.ec2_vpc_nacl_info.rst | 451 ++ docs/community.aws.ec2_vpc_nat_gateway.rst | 628 +++ ...community.aws.ec2_vpc_nat_gateway_info.rst | 345 ++ docs/community.aws.ec2_vpc_peer.rst | 553 ++ docs/community.aws.ec2_vpc_peering_info.rst | 337 ++ docs/community.aws.ec2_vpc_route_table.rst | 860 +++ ...community.aws.ec2_vpc_route_table_info.rst | 285 + docs/community.aws.ec2_vpc_vgw.rst | 465 ++ docs/community.aws.ec2_vpc_vgw_info.rst | 354 ++ docs/community.aws.ec2_vpc_vpn.rst | 1012 ++++ docs/community.aws.ec2_vpc_vpn_info.rst | 673 +++ docs/community.aws.ec2_win_password.rst | 393 ++ docs/community.aws.ecs_attribute.rst | 493 ++ docs/community.aws.ecs_cluster.rst | 471 ++ docs/community.aws.ecs_ecr.rst | 561 ++ docs/community.aws.ecs_service.rst | 1725 ++++++ docs/community.aws.ecs_service_info.rst | 600 ++ docs/community.aws.ecs_tag.rst | 464 ++ docs/community.aws.ecs_task.rst | 794 +++ docs/community.aws.ecs_taskdefinition.rst | 638 +++ .../community.aws.ecs_taskdefinition_info.rst | 1265 +++++ docs/community.aws.efs.rst | 813 +++ docs/community.aws.efs_info.rst | 609 ++ docs/community.aws.elasticache.rst | 535 ++ docs/community.aws.elasticache_info.rst | 940 ++++ ...munity.aws.elasticache_parameter_group.rst | 425 ++ docs/community.aws.elasticache_snapshot.rst | 435 ++ ...community.aws.elasticache_subnet_group.rst | 332 ++ docs/community.aws.elb_application_lb.rst | 1467 +++++ .../community.aws.elb_application_lb_info.rst | 661 +++ docs/community.aws.elb_classic_lb.rst | 874 +++ docs/community.aws.elb_classic_lb_info.rst | 330 ++ docs/community.aws.elb_instance.rst | 383 ++ docs/community.aws.elb_network_lb.rst | 1145 ++++ docs/community.aws.elb_target.rst | 447 ++ docs/community.aws.elb_target_group.rst | 1153 ++++ docs/community.aws.elb_target_group_info.rst | 839 +++ docs/community.aws.elb_target_info.rst | 600 ++ docs/community.aws.execute_lambda.rst | 479 ++ docs/community.aws.iam.rst | 616 ++ docs/community.aws.iam_cert.rst | 444 ++ docs/community.aws.iam_group.rst | 666 +++ docs/community.aws.iam_managed_policy.rst | 453 ++ docs/community.aws.iam_mfa_device_info.rst | 311 ++ docs/community.aws.iam_password_policy.rst | 467 ++ docs/community.aws.iam_policy.rst | 428 ++ docs/community.aws.iam_policy_info.rst | 407 ++ docs/community.aws.iam_role.rst | 709 +++ docs/community.aws.iam_role_info.rst | 652 +++ docs/community.aws.iam_saml_federation.rst | 426 ++ ...munity.aws.iam_server_certificate_info.rst | 411 ++ docs/community.aws.iam_user.rst | 477 ++ docs/community.aws.iam_user_info.rst | 457 ++ docs/community.aws.kinesis_stream.rst | 610 ++ docs/community.aws.lambda.rst | 674 +++ docs/community.aws.lambda_alias.rst | 482 ++ docs/community.aws.lambda_event.rst | 499 ++ docs/community.aws.lambda_facts.rst | 400 ++ docs/community.aws.lambda_info.rst | 376 ++ docs/community.aws.lambda_policy.rst | 483 ++ docs/community.aws.lightsail.rst | 490 ++ docs/community.aws.rds.rst | 1770 ++++++ docs/community.aws.rds_instance.rst | 2597 +++++++++ docs/community.aws.rds_instance_info.rst | 1342 +++++ docs/community.aws.rds_param_group.rst | 523 ++ docs/community.aws.rds_snapshot.rst | 790 +++ docs/community.aws.rds_snapshot_info.rst | 1128 ++++ docs/community.aws.rds_subnet_group.rst | 445 ++ docs/community.aws.redshift.rst | 1022 ++++ ...ty.aws.redshift_cross_region_snapshots.rst | 367 ++ docs/community.aws.redshift_info.rst | 869 +++ docs/community.aws.redshift_subnet_group.rst | 403 ++ docs/community.aws.route53.rst | 1041 ++++ docs/community.aws.route53_health_check.rst | 459 ++ docs/community.aws.route53_info.rst | 580 ++ docs/community.aws.route53_zone.rst | 530 ++ docs/community.aws.s3_bucket_notification.rst | 469 ++ docs/community.aws.s3_lifecycle.rst | 631 +++ docs/community.aws.s3_logging.rst | 334 ++ docs/community.aws.s3_sync.rst | 622 +++ docs/community.aws.s3_website.rst | 672 +++ docs/community.aws.sns.rst | 555 ++ docs/community.aws.sns_topic.rst | 812 +++ docs/community.aws.sqs_queue.rst | 807 +++ docs/community.aws.sts_assume_role.rst | 454 ++ docs/community.aws.sts_session_token.rst | 365 ++ 174 files changed, 116830 insertions(+), 2 deletions(-) create mode 100644 docs/community.aws.aws_acm.rst create mode 100644 docs/community.aws.aws_acm_info.rst create mode 100644 docs/community.aws.aws_api_gateway.rst create mode 100644 docs/community.aws.aws_application_scaling_policy.rst create mode 100644 docs/community.aws.aws_batch_compute_environment.rst create mode 100644 docs/community.aws.aws_batch_job_definition.rst create mode 100644 docs/community.aws.aws_batch_job_queue.rst create mode 100644 docs/community.aws.aws_codebuild.rst create mode 100644 docs/community.aws.aws_codecommit.rst create mode 100644 docs/community.aws.aws_codepipeline.rst create mode 100644 docs/community.aws.aws_config_aggregation_authorization.rst create mode 100644 docs/community.aws.aws_config_aggregator.rst create mode 100644 docs/community.aws.aws_config_delivery_channel.rst create mode 100644 docs/community.aws.aws_config_recorder.rst create mode 100644 docs/community.aws.aws_config_rule.rst create mode 100644 docs/community.aws.aws_direct_connect_connection.rst create mode 100644 docs/community.aws.aws_direct_connect_gateway.rst create mode 100644 docs/community.aws.aws_direct_connect_link_aggregation_group.rst create mode 100644 docs/community.aws.aws_direct_connect_virtual_interface.rst create mode 100644 docs/community.aws.aws_eks_cluster.rst create mode 100644 docs/community.aws.aws_elasticbeanstalk_app.rst create mode 100644 docs/community.aws.aws_glue_connection.rst create mode 100644 docs/community.aws.aws_glue_job.rst create mode 100644 docs/community.aws.aws_inspector_target.rst create mode 100644 docs/community.aws.aws_kms.rst create mode 100644 docs/community.aws.aws_kms_info.rst create mode 100644 docs/community.aws.aws_region_info.rst create mode 100644 docs/community.aws.aws_s3_bucket_info.rst create mode 100644 docs/community.aws.aws_s3_cors.rst create mode 100644 docs/community.aws.aws_secret.rst create mode 100644 docs/community.aws.aws_ses_identity.rst create mode 100644 docs/community.aws.aws_ses_identity_policy.rst create mode 100644 docs/community.aws.aws_ses_rule_set.rst create mode 100644 docs/community.aws.aws_sgw_info.rst create mode 100644 docs/community.aws.aws_ssm.rst create mode 100644 docs/community.aws.aws_ssm_parameter_store.rst create mode 100644 docs/community.aws.aws_step_functions_state_machine.rst create mode 100644 docs/community.aws.aws_step_functions_state_machine_execution.rst create mode 100644 docs/community.aws.aws_waf_condition.rst create mode 100644 docs/community.aws.aws_waf_info.rst create mode 100644 docs/community.aws.aws_waf_rule.rst create mode 100644 docs/community.aws.aws_waf_web_acl.rst create mode 100644 docs/community.aws.cloudformation_exports_info.rst create mode 100644 docs/community.aws.cloudformation_stack_set.rst create mode 100644 docs/community.aws.cloudfront_distribution.rst create mode 100644 docs/community.aws.cloudfront_info.rst create mode 100644 docs/community.aws.cloudfront_invalidation.rst create mode 100644 docs/community.aws.cloudfront_origin_access_identity.rst create mode 100644 docs/community.aws.cloudtrail.rst create mode 100644 docs/community.aws.cloudwatchevent_rule.rst create mode 100644 docs/community.aws.cloudwatchlogs_log_group.rst create mode 100644 docs/community.aws.cloudwatchlogs_log_group_info.rst create mode 100644 docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst create mode 100644 docs/community.aws.data_pipeline.rst create mode 100644 docs/community.aws.dms_endpoint.rst create mode 100644 docs/community.aws.dms_replication_subnet_group.rst create mode 100644 docs/community.aws.dynamodb_table.rst create mode 100644 docs/community.aws.dynamodb_ttl.rst create mode 100644 docs/community.aws.ec2_ami_copy.rst create mode 100644 docs/community.aws.ec2_asg.rst create mode 100644 docs/community.aws.ec2_asg_info.rst create mode 100644 docs/community.aws.ec2_asg_lifecycle_hook.rst create mode 100644 docs/community.aws.ec2_customer_gateway.rst create mode 100644 docs/community.aws.ec2_customer_gateway_info.rst create mode 100644 docs/community.aws.ec2_eip.rst create mode 100644 docs/community.aws.ec2_eip_info.rst create mode 100644 docs/community.aws.ec2_elb.rst create mode 100644 docs/community.aws.ec2_elb_info.rst create mode 100644 docs/community.aws.ec2_instance.rst create mode 100644 docs/community.aws.ec2_instance_info.rst create mode 100644 docs/community.aws.ec2_launch_template.rst create mode 100644 docs/community.aws.ec2_lc.rst create mode 100644 docs/community.aws.ec2_lc_find.rst create mode 100644 docs/community.aws.ec2_lc_info.rst create mode 100644 docs/community.aws.ec2_metric_alarm.rst create mode 100644 docs/community.aws.ec2_placement_group.rst create mode 100644 docs/community.aws.ec2_placement_group_info.rst create mode 100644 docs/community.aws.ec2_scaling_policy.rst create mode 100644 docs/community.aws.ec2_snapshot_copy.rst create mode 100644 docs/community.aws.ec2_transit_gateway.rst create mode 100644 docs/community.aws.ec2_transit_gateway_info.rst create mode 100644 docs/community.aws.ec2_vpc_egress_igw.rst create mode 100644 docs/community.aws.ec2_vpc_endpoint.rst create mode 100644 docs/community.aws.ec2_vpc_endpoint_info.rst create mode 100644 docs/community.aws.ec2_vpc_igw.rst create mode 100644 docs/community.aws.ec2_vpc_igw_info.rst create mode 100644 docs/community.aws.ec2_vpc_nacl.rst create mode 100644 docs/community.aws.ec2_vpc_nacl_info.rst create mode 100644 docs/community.aws.ec2_vpc_nat_gateway.rst create mode 100644 docs/community.aws.ec2_vpc_nat_gateway_info.rst create mode 100644 docs/community.aws.ec2_vpc_peer.rst create mode 100644 docs/community.aws.ec2_vpc_peering_info.rst create mode 100644 docs/community.aws.ec2_vpc_route_table.rst create mode 100644 docs/community.aws.ec2_vpc_route_table_info.rst create mode 100644 docs/community.aws.ec2_vpc_vgw.rst create mode 100644 docs/community.aws.ec2_vpc_vgw_info.rst create mode 100644 docs/community.aws.ec2_vpc_vpn.rst create mode 100644 docs/community.aws.ec2_vpc_vpn_info.rst create mode 100644 docs/community.aws.ec2_win_password.rst create mode 100644 docs/community.aws.ecs_attribute.rst create mode 100644 docs/community.aws.ecs_cluster.rst create mode 100644 docs/community.aws.ecs_ecr.rst create mode 100644 docs/community.aws.ecs_service.rst create mode 100644 docs/community.aws.ecs_service_info.rst create mode 100644 docs/community.aws.ecs_tag.rst create mode 100644 docs/community.aws.ecs_task.rst create mode 100644 docs/community.aws.ecs_taskdefinition.rst create mode 100644 docs/community.aws.ecs_taskdefinition_info.rst create mode 100644 docs/community.aws.efs.rst create mode 100644 docs/community.aws.efs_info.rst create mode 100644 docs/community.aws.elasticache.rst create mode 100644 docs/community.aws.elasticache_info.rst create mode 100644 docs/community.aws.elasticache_parameter_group.rst create mode 100644 docs/community.aws.elasticache_snapshot.rst create mode 100644 docs/community.aws.elasticache_subnet_group.rst create mode 100644 docs/community.aws.elb_application_lb.rst create mode 100644 docs/community.aws.elb_application_lb_info.rst create mode 100644 docs/community.aws.elb_classic_lb.rst create mode 100644 docs/community.aws.elb_classic_lb_info.rst create mode 100644 docs/community.aws.elb_instance.rst create mode 100644 docs/community.aws.elb_network_lb.rst create mode 100644 docs/community.aws.elb_target.rst create mode 100644 docs/community.aws.elb_target_group.rst create mode 100644 docs/community.aws.elb_target_group_info.rst create mode 100644 docs/community.aws.elb_target_info.rst create mode 100644 docs/community.aws.execute_lambda.rst create mode 100644 docs/community.aws.iam.rst create mode 100644 docs/community.aws.iam_cert.rst create mode 100644 docs/community.aws.iam_group.rst create mode 100644 docs/community.aws.iam_managed_policy.rst create mode 100644 docs/community.aws.iam_mfa_device_info.rst create mode 100644 docs/community.aws.iam_password_policy.rst create mode 100644 docs/community.aws.iam_policy.rst create mode 100644 docs/community.aws.iam_policy_info.rst create mode 100644 docs/community.aws.iam_role.rst create mode 100644 docs/community.aws.iam_role_info.rst create mode 100644 docs/community.aws.iam_saml_federation.rst create mode 100644 docs/community.aws.iam_server_certificate_info.rst create mode 100644 docs/community.aws.iam_user.rst create mode 100644 docs/community.aws.iam_user_info.rst create mode 100644 docs/community.aws.kinesis_stream.rst create mode 100644 docs/community.aws.lambda.rst create mode 100644 docs/community.aws.lambda_alias.rst create mode 100644 docs/community.aws.lambda_event.rst create mode 100644 docs/community.aws.lambda_facts.rst create mode 100644 docs/community.aws.lambda_info.rst create mode 100644 docs/community.aws.lambda_policy.rst create mode 100644 docs/community.aws.lightsail.rst create mode 100644 docs/community.aws.rds.rst create mode 100644 docs/community.aws.rds_instance.rst create mode 100644 docs/community.aws.rds_instance_info.rst create mode 100644 docs/community.aws.rds_param_group.rst create mode 100644 docs/community.aws.rds_snapshot.rst create mode 100644 docs/community.aws.rds_snapshot_info.rst create mode 100644 docs/community.aws.rds_subnet_group.rst create mode 100644 docs/community.aws.redshift.rst create mode 100644 docs/community.aws.redshift_cross_region_snapshots.rst create mode 100644 docs/community.aws.redshift_info.rst create mode 100644 docs/community.aws.redshift_subnet_group.rst create mode 100644 docs/community.aws.route53.rst create mode 100644 docs/community.aws.route53_health_check.rst create mode 100644 docs/community.aws.route53_info.rst create mode 100644 docs/community.aws.route53_zone.rst create mode 100644 docs/community.aws.s3_bucket_notification.rst create mode 100644 docs/community.aws.s3_lifecycle.rst create mode 100644 docs/community.aws.s3_logging.rst create mode 100644 docs/community.aws.s3_sync.rst create mode 100644 docs/community.aws.s3_website.rst create mode 100644 docs/community.aws.sns.rst create mode 100644 docs/community.aws.sns_topic.rst create mode 100644 docs/community.aws.sqs_queue.rst create mode 100644 docs/community.aws.sts_assume_role.rst create mode 100644 docs/community.aws.sts_session_token.rst diff --git a/README.md b/README.md index db2fb407000..392996356f9 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,266 @@ -Ansible Collection: community.aws -================================================= +# Community AWS Collection +[![Shippable build status](https://api.shippable.com/projects//5e5ed2ae0fcc0d0006d2c037badge?branch=master)](https://api.shippable.com/projects/i5e5ed2ae0fcc0d0006d2c037/badge?branch=master) + + +The Ansible Community AWS collection includes a variety of Ansible content to help automate the management of AWS instances. This collection is maintained by the Ansible community. + +## Included content + + +## Connection plugins +Name | Description +--- | --- +[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ssm.rst)|execute via AWS Systems Manager +## Modules +Name | Description +--- | --- +[community.aws.aws_acm](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_acm.rst)|Upload and delete certificates in the AWS Certificate Manager service +[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_acm_info.rst)|Retrieve certificate information from AWS Certificate Manager service +[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_api_gateway.rst)|Manage AWS API Gateway APIs +[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_application_scaling_policy.rst)|Manage Application Auto Scaling Scaling Policies +[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_batch_compute_environment.rst)|Manage AWS Batch Compute Environments +[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_batch_job_definition.rst)|Manage AWS Batch Job Definitions +[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_batch_job_queue.rst)|Manage AWS Batch Job Queues +[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_codebuild.rst)|Create or delete an AWS CodeBuild project +[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_codecommit.rst)|Manage repositories in AWS CodeCommit +[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_codepipeline.rst)|Create or delete AWS CodePipelines +[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_aggregation_authorization.rst)|Manage cross-account AWS Config authorizations +[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_aggregator.rst)|Manage AWS Config aggregations across multiple accounts +[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_delivery_channel.rst)|Manage AWS Config delivery channels +[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_recorder.rst)|Manage AWS Config Recorders +[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_rule.rst)|Manage AWS Config resources +[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_connection.rst)|Creates, deletes, modifies a DirectConnect connection +[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_gateway.rst)|Manage AWS Direct Connect gateway +[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_link_aggregation_group.rst)|Manage Direct Connect LAG bundles +[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_virtual_interface.rst)|Manage Direct Connect virtual interfaces +[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_eks_cluster.rst)|Manage Elastic Kubernetes Service Clusters +[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_elasticbeanstalk_app.rst)|Create, update, and delete an elastic beanstalk application +[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_glue_connection.rst)|Manage an AWS Glue connection +[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_glue_job.rst)|Manage an AWS Glue job +[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_inspector_target.rst)|Create, Update and Delete Amazon Inspector Assessment Targets +[community.aws.aws_kms](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_kms.rst)|Perform various KMS management tasks. +[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_kms_info.rst)|Gather information about AWS KMS keys +[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_region_info.rst)|Gather information about AWS regions. +[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_s3_bucket_info.rst)|Lists S3 buckets in AWS +[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_s3_cors.rst)|Manage CORS for S3 buckets in AWS +[community.aws.aws_secret](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_secret.rst)|Manage secrets stored in AWS Secrets Manager. +[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ses_identity.rst)|Manages SES email and domain identity +[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ses_identity_policy.rst)|Manages SES sending authorization policies +[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ses_rule_set.rst)|Manages SES inbound receipt rule sets +[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_sgw_info.rst)|Fetch AWS Storage Gateway information +[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ssm_parameter_store.rst)|Manage key-value pairs in aws parameter store. +[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_step_functions_state_machine.rst)|Manage AWS Step Functions state machines +[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_step_functions_state_machine_execution.rst)|Start or stop execution of an AWS Step Functions state machine. +[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_condition.rst)|Create and delete WAF Conditions +[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_info.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. +[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_rule.rst)|Create and delete WAF Rules +[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_web_acl.rst)|Create and delete WAF Web ACLs. +[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudformation_exports_info.rst)|Read a value from CloudFormation Exports +[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudformation_stack_set.rst)|Manage groups of CloudFormation stacks +[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_distribution.rst)|Create, update and delete AWS CloudFront distributions. +[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_info.rst)|Obtain facts about an AWS CloudFront distribution +[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_invalidation.rst)|create invalidations for AWS CloudFront distributions +[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_origin_access_identity.rst)|Create, update and delete origin access identities for a CloudFront distribution +[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudtrail.rst)|manage CloudTrail create, delete, update +[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchevent_rule.rst)|Manage CloudWatch Event rules and targets +[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchlogs_log_group.rst)|create or delete log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchlogs_log_group_info.rst)|Get information about log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst)|Manage CloudWatch log group metric filter +[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.data_pipeline.rst)|Create and manage AWS Datapipelines +[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dms_endpoint.rst)|Creates or destroys a data migration services endpoint +[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dms_replication_subnet_group.rst)|creates or destroys a data migration services subnet group +[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dynamodb_table.rst)|Create, update or delete AWS Dynamo DB tables +[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dynamodb_ttl.rst)|Set TTL for a given DynamoDB table +[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_ami_copy.rst)|copies AMI between AWS regions, return new image id +[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_asg.rst)|Create or delete AWS AutoScaling Groups (ASGs) +[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_asg_info.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_asg_lifecycle_hook.rst)|Create, delete or update AWS ASG Lifecycle Hooks. +[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_customer_gateway.rst)|Manage an AWS customer gateway +[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_customer_gateway_info.rst)|Gather information about customer gateways in AWS +[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_eip.rst)|manages EC2 elastic IP (EIP) addresses. +[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_eip_info.rst)|List EC2 EIP details +[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_elb.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_elb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_instance.rst)|Create & manage EC2 instances +[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_instance_info.rst)|Gather information about ec2 instances in AWS +[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_launch_template.rst)|Manage EC2 launch templates +[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_lc.rst)|Create or delete AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_lc_find.rst)|Find AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_lc_info.rst)|Gather information about AWS Autoscaling Launch Configurations. +[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_metric_alarm.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' +[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_placement_group.rst)|Create or delete an EC2 Placement Group +[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_placement_group_info.rst)|List EC2 Placement Group(s) details +[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_scaling_policy.rst)|Create or delete AWS scaling policies for Autoscaling groups +[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_snapshot_copy.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. +[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_transit_gateway.rst)|Create and delete AWS Transit Gateways +[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_transit_gateway_info.rst)|Gather information about ec2 transit gateways in AWS +[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_egress_igw.rst)|Manage an AWS VPC Egress Only Internet gateway +[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_endpoint.rst)|Create and delete AWS VPC Endpoints. +[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_endpoint_info.rst)|Retrieves AWS VPC endpoints details using AWS methods. +[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_igw.rst)|Manage an AWS VPC Internet gateway +[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_igw_info.rst)|Gather information about internet gateways in AWS +[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nacl.rst)|create and delete Network ACLs. +[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nacl_info.rst)|Gather information about Network ACLs in an AWS VPC +[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nat_gateway.rst)|Manage AWS VPC NAT Gateways. +[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nat_gateway_info.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. +[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_peer.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. +[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_peering_info.rst)|Retrieves AWS VPC Peering details using AWS methods. +[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_route_table.rst)|Manage route tables for AWS virtual private clouds +[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_route_table_info.rst)|Gather information about ec2 VPC route tables in AWS +[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vgw.rst)|Create and delete AWS VPN Virtual Gateways. +[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vgw_info.rst)|Gather information about virtual gateways in AWS +[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vpn.rst)|Create, modify, and delete EC2 VPN connections. +[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vpn_info.rst)|Gather information about VPN Connections in AWS. +[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_win_password.rst)|Gets the default administrator password for ec2 windows instances +[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_attribute.rst)|manage ecs attributes +[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_cluster.rst)|Create or terminate ECS clusters. +[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_ecr.rst)|Manage Elastic Container Registry repositories +[community.aws.ecs_service](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_service.rst)|Create, terminate, start or stop a service in ECS +[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_service_info.rst)|List or describe services in ECS +[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_tag.rst)|create and remove tags on Amazon ECS resources +[community.aws.ecs_task](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_task.rst)|Run, start or stop a task in ecs +[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_taskdefinition.rst)|register a task definition in ecs +[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_taskdefinition_info.rst)|Describe a task definition in ECS +[community.aws.efs](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.efs.rst)|create and maintain EFS file systems +[community.aws.efs_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.efs_info.rst)|Get information about Amazon EFS file systems +[community.aws.elasticache](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache.rst)|Manage cache clusters in Amazon ElastiCache +[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_info.rst)|Retrieve information for AWS ElastiCache clusters +[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_parameter_group.rst)|Manage cache parameter groups in Amazon ElastiCache. +[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_snapshot.rst)|Manage cache snapshots in Amazon ElastiCache +[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_subnet_group.rst)|manage ElastiCache subnet groups +[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_application_lb.rst)|Manage an Application load balancer +[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_application_lb_info.rst)|Gather information about application ELBs in AWS +[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_classic_lb.rst)|Creates or destroys Amazon ELB. +[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_classic_lb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.elb_instance](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_instance.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_network_lb.rst)|Manage a Network Load Balancer +[community.aws.elb_target](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target.rst)|Manage a target in a target group +[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target_group.rst)|Manage a target group for an Application or Network load balancer +[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target_group_info.rst)|Gather information about ELB target groups in AWS +[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target_info.rst)|Gathers which target groups a target is associated with. +[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.execute_lambda.rst)|Execute an AWS Lambda function +[community.aws.iam](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam.rst)|Manage IAM users, groups, roles and keys +[community.aws.iam_cert](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_cert.rst)|Manage server certificates for use on ELBs and CloudFront +[community.aws.iam_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_group.rst)|Manage AWS IAM groups +[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_managed_policy.rst)|Manage User Managed IAM policies +[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_mfa_device_info.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user +[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_password_policy.rst)|Update an IAM Password Policy +[community.aws.iam_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_policy.rst)|Manage inline IAM policies for users, groups, and roles +[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_policy_info.rst)|Retrieve inline IAM policies for users, groups, and roles +[community.aws.iam_role](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_role.rst)|Manage AWS IAM roles +[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_role_info.rst)|Gather information on IAM roles +[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_saml_federation.rst)|Maintain IAM SAML federation configuration. +[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_server_certificate_info.rst)|Retrieve the information of a server certificate +[community.aws.iam_user](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_user.rst)|Manage AWS IAM users +[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_user_info.rst)|Gather IAM user(s) facts in AWS +[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.kinesis_stream.rst)|Manage a Kinesis Stream. +[community.aws.lambda](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda.rst)|Manage AWS Lambda functions +[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_alias.rst)|Creates, updates or deletes AWS Lambda function aliases +[community.aws.lambda_event](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_event.rst)|Creates, updates or deletes AWS Lambda function event mappings +[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_facts.rst)|Gathers AWS Lambda function details as Ansible facts +[community.aws.lambda_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_info.rst)|Gathers AWS Lambda function details +[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_policy.rst)|Creates, updates or deletes AWS Lambda policy statements. +[community.aws.lightsail](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lightsail.rst)|Manage instances in AWS Lightsail +[community.aws.rds](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts +[community.aws.rds_instance](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_instance.rst)|Manage RDS instances +[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_instance_info.rst)|obtain information about one or more RDS instances +[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_param_group.rst)|manage RDS parameter groups +[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_snapshot.rst)|manage Amazon RDS snapshots. +[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_snapshot_info.rst)|obtain information about one or more RDS snapshots +[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_subnet_group.rst)|manage RDS database subnet groups +[community.aws.redshift](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift.rst)|create, delete, or modify an Amazon Redshift instance +[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift_cross_region_snapshots.rst)|Manage Redshift Cross Region Snapshots +[community.aws.redshift_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift_info.rst)|Gather information about Redshift cluster(s) +[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift_subnet_group.rst)|manage Redshift cluster subnet groups +[community.aws.route53](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53.rst)|add or delete entries in Amazons Route53 DNS service +[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53_health_check.rst)|Add or delete health-checks in Amazons Route53 DNS service +[community.aws.route53_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53_info.rst)|Retrieves route53 details using AWS methods +[community.aws.route53_zone](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53_zone.rst)|add or delete Route53 zones +[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_bucket_notification.rst)|Creates, updates or deletes S3 Bucket notification for lambda +[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_lifecycle.rst)|Manage s3 bucket lifecycle rules in AWS +[community.aws.s3_logging](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_logging.rst)|Manage logging facility of an s3 bucket in AWS +[community.aws.s3_sync](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_sync.rst)|Efficiently upload multiple files to S3 +[community.aws.s3_website](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_website.rst)|Configure an s3 bucket as a website +[community.aws.sns](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sns.rst)|Send Amazon Simple Notification Service messages +[community.aws.sns_topic](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sns_topic.rst)|Manages AWS SNS topics and subscriptions +[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sqs_queue.rst)|Creates or deletes AWS SQS queues. +[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sts_assume_role.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials +[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sts_session_token.rst)|Obtain a session token from the AWS Security Token Service + + +## Installing this collection + +You can install the AWS collection with the Ansible Galaxy CLI: + + ansible-galaxy collection install community.aws + +You can also include it in a `requirements.yml` file and install it with `ansible-galaxy collection install -r requirements.yml`, using the format: + +```yaml +--- +collections: + - name: community.aws +``` + +A specific version of the collection can be installed by using the `version` keyword in the `requirements.yml` file: + +```yaml +--- +collections: + - name: community.aws + version: 0.1.1 +``` + +You can either call modules by their Fully Qualified Collection Namespace (FQCN), such as `community.aws.ec2_instance`, or you can call modules by their short name if you list the `community.aws` collection in the playbook's `collections` keyword: + +```yaml +--- + - name: Create a DB instance using the default AWS KMS encryption key + community.aws.rds_instance: + id: test-encrypted-db + state: present + engine: mariadb + storage_encrypted: True + db_instance_class: db.t2.medium + username: "{{ username }}" + password: "{{ password }}" + allocated_storage: "{{ allocated_storage }}" + +``` + + +### See Also: + +* [Amazon Web Services Guide](https://docs.ansible.com/ansible/latest/scenario_guides/guide_aws.html) +* [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details. + +## Contributing to this collection + +We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against the [Community AWS collection repository](https://github.com/ansible-collections/community.aws). + +You can also join us on: + +- Freenode IRC - ``#ansible-aws`` Freenode channel + +See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) for details on contributing to Ansible. + + +## Release notes + + +## Roadmap + + + +## More information + +- [Ansible Collection overview](https://github.com/ansible-collections/overview) +- [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html) +- [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html) +- [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) + +## Licensing + +GNU General Public License v3.0 or later. + +See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. \ No newline at end of file diff --git a/docs/community.aws.aws_acm.rst b/docs/community.aws.aws_acm.rst new file mode 100644 index 00000000000..8d0793fc7d4 --- /dev/null +++ b/docs/community.aws.aws_acm.rst @@ -0,0 +1,533 @@ + +.. _community.aws.aws_acm_: + + +********************* +community.aws.aws_acm +********************* + +**Upload and delete certificates in the AWS Certificate Manager service** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Import and delete certificates in Amazon Web Service's Certificate Manager (AWS ACM). +- This module does not currently interact with AWS-provided certificates. It currently only manages certificates provided to AWS by the user. + +- The ACM API allows users to upload multiple certificates for the same domain name, and even multiple identical certificates. This module attempts to restrict such freedoms, to be idempotent, as per the Ansible philosophy. It does this through applying AWS resource "Name" tags to ACM certificates. +- When *state=present*, if there is one certificate in ACM with a ``Name`` tag equal to the ``name_tag`` parameter, and an identical body and chain, this task will succeed without effect. + +- When *state=present*, if there is one certificate in ACM a *Name* tag equal to the *name_tag* parameter, and a different body, this task will overwrite that certificate. + +- When *state=present*, if there are multiple certificates in ACM with a *Name* tag equal to the *name_tag* parameter, this task will fail. + +- When *state=absent* and *certificate_arn* is defined, this module will delete the ACM resource with that ARN if it exists in this region, and succeed without effect if it doesn't exist. + +- When *state=absent* and *domain_name* is defined, this module will delete all ACM resources in this AWS region with a corresponding domain name. If there are none, it will succeed without effect. + +- When *state=absent* and *certificate_arn* is not defined, and *domain_name* is not defined, this module will delete all ACM resources in this AWS region with a corresponding *Name* tag. If there are none, it will succeed without effect. + +- Note that this may not work properly with keys of size 4096 bits, due to a limitation of the ACM API. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ certificate + +
+ string +
+ 		+ + +
The body of the PEM encoded public certificate.
+
Required when state is not absent.
+
If your certificate is in a file, use lookup('file', 'path/to/cert.pem').
+
+
+ certificate_arn + +
+ string +
+ 		+ + +
The ARN of a certificate in ACM to delete
+
Ignored when state=present.
+
If state=absent, you must provide one of certificate_arn, domain_name or name_tag.
+
If state=absent and no resource exists with this ARN in this region, the task will succeed with no effect.
+
If state=absent and the corresponding resource exists in a different region, this task may report success without deleting that resource.
+

aliases: arn
+
+
+ certificate_chain + +
+ string +
+ 		+ + +
The body of the PEM encoded chain for your certificate.
+
If your certificate chain is in a file, use lookup('file', 'path/to/chain.pem').
+
Ignored when state=absent
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ domain_name + +
+ string +
+ 		+ + +
The domain name of the certificate.
+
If state=absent and domain_name is specified, this task will delete all ACM certificates with this domain.
+
Exactly one of domain_name, name_tag and certificate_arn must be provided.
+
If state=present this must not be specified. (Since the domain name is encoded within the public certificate's body.)
+

aliases: domain
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name_tag + +
+ string +
+ 		+ + +
The unique identifier for tagging resources using AWS tags, with key Name.
+
This can be any set of characters accepted by AWS for tag values.
+
This is to ensure Ansible can treat certificates idempotently, even though the ACM API allows duplicate certificates.
+
If state=preset, this must be specified.
+
If state=absent, you must provide exactly one of certificate_arn, domain_name or name_tag.
+

aliases: name
+
+
+ private_key + +
+ string +
+ 		+ + +
The body of the PEM encoded private key.
+
Required when state=present.
+
Ignored when state=absent.
+
If your private key is in a file, use lookup('file', 'path/to/key.pem').
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
If state=present, the specified public certificate and private key will be uploaded, with Name tag equal to name_tag.
+
If state=absent, any certificates in this region with a corresponding domain_name, name_tag or certificate_arn will be deleted.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: upload a self-signed certificate + aws_acm: + certificate: "{{ lookup('file', 'cert.pem' ) }}" + privateKey: "{{ lookup('file', 'key.pem' ) }}" + name_tag: my_cert # to be applied through an AWS tag as "Name":"my_cert" + region: ap-southeast-2 # AWS region + + - name: create/update a certificate with a chain + aws_acm: + certificate: "{{ lookup('file', 'cert.pem' ) }}" + privateKey: "{{ lookup('file', 'key.pem' ) }}" + name_tag: my_cert + certificate_chain: "{{ lookup('file', 'chain.pem' ) }}" + state: present + region: ap-southeast-2 + register: cert_create + + - name: print ARN of cert we just created + debug: + var: cert_create.certificate.arn + + - name: delete the cert we just created + aws_acm: + name_tag: my_cert + state: absent + region: ap-southeast-2 + + - name: delete a certificate with a particular ARN + aws_acm: + certificate_arn: "arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901" + state: absent + region: ap-southeast-2 + + - name: delete all certificates with a particular domain name + aws_acm: + domain_name: acm.ansible.com + state: absent + region: ap-southeast-2 + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ arns + +
+ list + / elements=string
+ 		when state=absent +
A list of the ARNs of the certificates in ACM which were deleted
+
+
Sample:
+
['arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901']
+
+
+ certificate + +
+ complex +
+ 		when state=present +
Information about the certificate which was uploaded
+
+
  +
+ arn + +
+ string +
+ 		when state=present +
The ARN of the certificate in ACM
+
+
Sample:
+
arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901
+
  +
+ domain_name + +
+ string +
+ 		when state=present +
The domain name encoded within the public certificate
+
+
Sample:
+
acm.ansible.com
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Matthew Davis (@matt-telstra) on behalf of Telstra Corporation Limited + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_acm_info.rst b/docs/community.aws.aws_acm_info.rst new file mode 100644 index 00000000000..5b9704051e2 --- /dev/null +++ b/docs/community.aws.aws_acm_info.rst @@ -0,0 +1,989 @@ + +.. _community.aws.aws_acm_info_: + + +************************** +community.aws.aws_acm_info +************************** + +**Retrieve certificate information from AWS Certificate Manager service** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve information for ACM certificates +- This module was called ``aws_acm_facts`` before Ansible 2.9. The usage did not change. +- Note that this will not return information about uploaded keys of size 4096 bits, due to a limitation of the ACM API. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ certificate_arn + +
+ string +
+ 		+ + +
If provided, the results will be filtered to show only the certificate with this ARN.
+
If no certificate with this ARN exists, this task will fail.
+
If a certificate with this ARN exists in a different region, this task will fail
+

aliases: arn
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ domain_name + +
+ string +
+ 		+ + +
The domain name of an ACM certificate to limit the search to
+

aliases: name
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ statuses + +
+ list + / elements=string
+ 		+
    Choices: +
  • PENDING_VALIDATION
    • +
  • ISSUED
    • +
  • INACTIVE
    • +
  • EXPIRED
    • +
  • VALIDATION_TIMED_OUT
    • +
  • REVOKED
    • +
  • FAILED
    • +
+ 		+ +
Status to filter the certificate results
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Filter results to show only certificates with tags that match all the tags specified here.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: obtain all ACM certificates + aws_acm_info: + + - name: obtain all information for a single ACM certificate + aws_acm_info: + domain_name: "*.example_com" + + - name: obtain all certificates pending validation + aws_acm_info: + statuses: + - PENDING_VALIDATION + + - name: obtain all certificates with tag Name=foo and myTag=bar + aws_acm_info: + tags: + Name: foo + myTag: bar + + + # The output is still a list of certificates, just one item long. + - name: obtain information about a certificate with a particular ARN + aws_acm_info: + certificate_arn: "arn:aws:acm:ap-southeast-2:123456789876:certificate/abcdeabc-abcd-1234-4321-abcdeabcde12" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ certificates + +
+ complex +
+ 		always +
A list of certificates
+
+
  +
+ certificate + +
+ string +
+ 		when certificate creation is complete +
The ACM Certificate body
+
+
Sample:
+
-----BEGIN CERTIFICATE-----\nMII.....-----END CERTIFICATE-----\n
+
  +
+ certificate_arn + +
+ string +
+ 		always +
Certificate ARN
+
+
Sample:
+
arn:aws:acm:ap-southeast-2:123456789012:certificate/abcd1234-abcd-1234-abcd-123456789abc
+
  +
+ certificate_chain + +
+ string +
+ 		when certificate creation is complete +
Full certificate chain for the certificate
+
+
Sample:
+
-----BEGIN CERTIFICATE-----\nMII...\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n...
+
  +
+ created_at + +
+ string +
+ 		always +
Date certificate was created
+
+
Sample:
+
2017-08-15T10:31:19+10:00
+
  +
+ domain_name + +
+ string +
+ 		always +
Domain name for the certificate
+
+
Sample:
+
*.example.com
+
  +
+ domain_validation_options + +
+ complex +
+ 		when certificate type is AMAZON_ISSUED +
Options used by ACM to validate the certificate
+
+
   +
+ domain_name + +
+ string +
+ 		always +
Fully qualified domain name of the certificate
+
+
Sample:
+
example.com
+
   +
+ validation_domain + +
+ string +
+ 		always +
The domain name ACM used to send validation emails
+
+
Sample:
+
example.com
+
   +
+ validation_emails + +
+ list + / elements=string
+ 		always +
A list of email addresses that ACM used to send domain validation emails
+
+
Sample:
+
['admin@example.com', 'postmaster@example.com']
+
   +
+ validation_status + +
+ string +
+ 		always +
Validation status of the domain
+
+
Sample:
+
SUCCESS
+
  +
+ failure_reason + +
+ string +
+ 		only when certificate issuing failed +
Reason certificate request failed
+
+
Sample:
+
NO_AVAILABLE_CONTACTS
+
  +
+ in_use_by + +
+ list + / elements=string
+ 		always +
A list of ARNs for the AWS resources that are using the certificate.
+
+
  +
+ issued_at + +
+ string +
+ 		always +
Date certificate was issued
+
+
Sample:
+
2017-01-01T00:00:00+10:00
+
  +
+ issuer + +
+ string +
+ 		always +
Issuer of the certificate
+
+
Sample:
+
Amazon
+
  +
+ key_algorithm + +
+ string +
+ 		always +
Algorithm used to generate the certificate
+
+
Sample:
+
RSA-2048
+
  +
+ not_after + +
+ string +
+ 		always +
Date after which the certificate is not valid
+
+
Sample:
+
2019-01-01T00:00:00+10:00
+
  +
+ not_before + +
+ string +
+ 		always +
Date before which the certificate is not valid
+
+
Sample:
+
2017-01-01T00:00:00+10:00
+
  +
+ renewal_summary + +
+ complex +
+ 		when certificate is issued by Amazon and a renewal has been started +
Information about managed renewal process
+
+
   +
+ domain_validation_options + +
+ complex +
+ 		when certificate type is AMAZON_ISSUED +
Options used by ACM to validate the certificate
+
+
    +
+ domain_name + +
+ string +
+ 		always +
Fully qualified domain name of the certificate
+
+
Sample:
+
example.com
+
    +
+ validation_domain + +
+ string +
+ 		always +
The domain name ACM used to send validation emails
+
+
Sample:
+
example.com
+
    +
+ validation_emails + +
+ list + / elements=string
+ 		always +
A list of email addresses that ACM used to send domain validation emails
+
+
Sample:
+
['admin@example.com', 'postmaster@example.com']
+
    +
+ validation_status + +
+ string +
+ 		always +
Validation status of the domain
+
+
Sample:
+
SUCCESS
+
   +
+ renewal_status + +
+ string +
+ 		always +
Status of the domain renewal
+
+
Sample:
+
PENDING_AUTO_RENEWAL
+
  +
+ revocation_reason + +
+ string +
+ 		when the certificate has been revoked +
Reason for certificate revocation
+
+
Sample:
+
SUPERCEDED
+
  +
+ revoked_at + +
+ string +
+ 		when the certificate has been revoked +
Date certificate was revoked
+
+
Sample:
+
2017-09-01T10:00:00+10:00
+
  +
+ serial + +
+ string +
+ 		always +
The serial number of the certificate
+
+
Sample:
+
00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f
+
  +
+ signature_algorithm + +
+ string +
+ 		always +
Algorithm used to sign the certificate
+
+
Sample:
+
SHA256WITHRSA
+
  +
+ status + +
+ string +
+ 		always +
Status of the certificate in ACM
+
+
Sample:
+
ISSUED
+
  +
+ subject + +
+ string +
+ 		always +
The name of the entity that is associated with the public key contained in the certificate
+
+
Sample:
+
CN=*.example.com
+
  +
+ subject_alternative_names + +
+ list + / elements=string
+ 		always +
Subject Alternative Names for the certificate
+
+
Sample:
+
['*.example.com']
+
  +
+ tags + +
+ dictionary +
+ 		always +
Tags associated with the certificate
+
+
Sample:
+
{'Application': 'helloworld', 'Environment': 'test'}
+
  +
+ type + +
+ string +
+ 		always +
The source of the certificate
+
+
Sample:
+
AMAZON_ISSUED
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_api_gateway.rst b/docs/community.aws.aws_api_gateway.rst new file mode 100644 index 00000000000..91b4a960ad1 --- /dev/null +++ b/docs/community.aws.aws_api_gateway.rst @@ -0,0 +1,622 @@ + +.. _community.aws.aws_api_gateway_: + + +***************************** +community.aws.aws_api_gateway +***************************** + +**Manage AWS API Gateway APIs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of API Gateway APIs +- Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do not give api_id then a new API will be create each time this is run. +- Beware that there are very hard limits on the rate that you can call API Gateway's REST API. You may need to patch your boto. See https://github.com/boto/boto3/issues/876 and discuss with your AWS rep. +- swagger_file and swagger_text are passed directly on to AWS transparently whilst swagger_dict is an ansible dict which is converted to JSON before the API definitions are uploaded. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ api_id + +
+ string +
+ 		+ + +
The ID of the API you want to manage.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cache_enabled + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Enable API GW caching of backend responses. Defaults to false.
+
+
+ cache_size + +
+ string +
+ 		+
    Choices: +
  • 0.5 ←
    • +
  • 1.6
    • +
  • 6.1
    • +
  • 13.5
    • +
  • 28.4
    • +
  • 58.2
    • +
  • 118
    • +
  • 237
    • +
+ 		+ +
Size in GB of the API GW cache, becomes effective when cache_enabled is true.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ deploy_desc + +
+ string +
+ 		+ Default:
"Automatic deployment by Ansible."
+ 		+ +
Description of the deployment - recorded and visible in the AWS console.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ endpoint_type + +
+ string +
+ 		+
    Choices: +
  • EDGE ←
    • +
  • REGIONAL
    • +
  • PRIVATE
    • +
+ 		+ +
Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
+
REGIONAL for just a regional deploy or PRIVATE for a private API.
+
This will flag will only be used when creating a new API Gateway setup, not for updates.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ stage + +
+ string +
+ 		+ + +
The name of the stage the API should be deployed to.
+
+
+ stage_canary_settings + +
+ dictionary +
+ 		+ + +
Canary settings for the deployment of the stage.
+
Dict with following settings:
+
percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
+
deploymentId: The ID of the canary deployment.
+
stageVariableOverrides: Stage variables overridden for a canary release deployment.
+
useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
+ +
+
+ stage_variables + +
+ dictionary +
+ 		+ + +
ENV variables for the stage. Define a dict of key values pairs for variables.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete API Gateway.
+
+
+ swagger_dict + +
+ json +
+ 		+ + +
Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
+
+
+ swagger_file + +
+ path +
+ 		+ + +
JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
+

aliases: src, api_file
+
+
+ swagger_text + +
+ string +
+ 		+ + +
Swagger definitions for API in JSON or YAML as a string direct from playbook.
+
+
+ tracing_enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Specifies whether active tracing with X-ray is enabled for the API GW stage.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - A future version of this module will probably use tags or another ID so that an API can be create only once. + - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Setup AWS API Gateway setup on AWS and deploy API definition + aws_api_gateway: + swagger_file: my_api.yml + stage: production + cache_enabled: true + cache_size: '1.6' + tracing_enabled: true + endpoint_type: EDGE + state: present + + - name: Update API definition to deploy new version + aws_api_gateway: + api_id: 'abc123321cba' + swagger_file: my_api.yml + deploy_desc: Make auth fix available. + cache_enabled: true + cache_size: '1.6' + endpoint_type: EDGE + state: present + + - name: Update API definitions and settings and deploy as canary + aws_api_gateway: + api_id: 'abc123321cba' + swagger_file: my_api.yml + cache_enabled: true + cache_size: '6.1' + canary_settings: { percentTraffic: 50.0, deploymentId: '123', useStageCache: True } + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ api_id + +
+ string +
+ 		success +
API id of the API endpoint created
+
+
Sample:
+
0ln4zq7p86
+
+
+ configure_response + +
+ dictionary +
+ 		success +
AWS response from the API configure call
+
+
Sample:
+
{'api_key_source': 'HEADER', 'created_at': '2020-01-01T11:37:59+00:00', 'id': '0ln4zq7p86'}
+
+
+ deploy_response + +
+ dictionary +
+ 		success +
AWS response from the API deploy call
+
+
Sample:
+
{'created_date': '2020-01-01T11:36:59+00:00', 'id': 'rptv4b', 'description': 'Automatic deployment by Ansible.'}
+
+
+ resource_actions + +
+ list +
+ 		always +
Actions performed against AWS API
+
+
Sample:
+
['apigateway:CreateRestApi', 'apigateway:CreateDeployment', 'apigateway:PutRestApi']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael De La Rue (@mikedlr) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_application_scaling_policy.rst b/docs/community.aws.aws_application_scaling_policy.rst new file mode 100644 index 00000000000..39f96644674 --- /dev/null +++ b/docs/community.aws.aws_application_scaling_policy.rst @@ -0,0 +1,1069 @@ + +.. _community.aws.aws_application_scaling_policy_: + + +******************************************** +community.aws.aws_application_scaling_policy +******************************************** + +**Manage Application Auto Scaling Scaling Policies** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, updates or removes a Scaling Policy + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ maximum_tasks + +
+ integer +
+ 		+ + +
The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service.
+
+
+ minimum_tasks + +
+ integer +
+ 		+ + +
The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service.
+
+
+ override_task_capacity + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to override values of minimum and/or maximum tasks if it's already set.
+
+
+ policy_name + +
+ string + / required
+ 		+ + +
The name of the scaling policy.
+
+
+ policy_type + +
+ string + / required
+ 		+
    Choices: +
  • StepScaling
    • +
  • TargetTrackingScaling
    • +
+ 		+ +
The policy type.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ resource_id + +
+ string + / required
+ 		+ + +
The identifier of the resource associated with the scalable target.
+
+
+ scalable_dimension + +
+ string + / required
+ 		+
    Choices: +
  • ecs:service:DesiredCount
    • +
  • ec2:spot-fleet-request:TargetCapacity
    • +
  • elasticmapreduce:instancegroup:InstanceCount
    • +
  • appstream:fleet:DesiredCapacity
    • +
  • dynamodb:table:ReadCapacityUnits
    • +
  • dynamodb:table:WriteCapacityUnits
    • +
  • dynamodb:index:ReadCapacityUnits
    • +
  • dynamodb:index:WriteCapacityUnits
    • +
+ 		+ +
The scalable dimension associated with the scalable target.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ service_namespace + +
+ string + / required
+ 		+
    Choices: +
  • ecs
    • +
  • elasticmapreduce
    • +
  • ec2
    • +
  • appstream
    • +
  • dynamodb
    • +
+ 		+ +
The namespace of the AWS service.
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • absent
    • +
  • present
    • +
+ 		+ +
Whether a policy should be present or absent
+
+
+ step_scaling_policy_configuration + +
+ dictionary +
+ 		+ + +
A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
+
+
+ target_tracking_scaling_policy_configuration + +
+ dictionary +
+ 		+ + +
A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
+
Full documentation of the suboptions can be found in the API documentation:
+ +
+
+ CustomizedMetricSpecification + +
+ dictionary +
+ 		+ + +
The metric to use if using a customized metric.
+
+
+ DisableScaleIn + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether scaling-in should be disabled.
+
+
+ PredefinedMetricSpecification + +
+ dictionary +
+ 		+ + +
The metric to use if using a predefined metric.
+
+
+ ScaleInCooldown + +
+ integer +
+ 		+ + +
The time (in seconds) to wait after scaling-in before another scaling action can occur.
+
+
+ ScaleOutCooldown + +
+ integer +
+ 		+ + +
The time (in seconds) to wait after scaling-out before another scaling action can occur.
+
+
+ TargetValue + +
+ float +
+ 		+ + +
The target value for the metric
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/application-autoscaling.html#ApplicationAutoScaling.Client.put_scaling_policy + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create step scaling policy for ECS Service + - name: scaling_policy + aws_application_scaling_policy: + state: present + policy_name: test_policy + service_namespace: ecs + resource_id: service/poc-pricing/test-as + scalable_dimension: ecs:service:DesiredCount + policy_type: StepScaling + minimum_tasks: 1 + maximum_tasks: 6 + step_scaling_policy_configuration: + AdjustmentType: ChangeInCapacity + StepAdjustments: + - MetricIntervalUpperBound: 123 + ScalingAdjustment: 2 + - MetricIntervalLowerBound: 123 + ScalingAdjustment: -2 + Cooldown: 123 + MetricAggregationType: Average + + # Create target tracking scaling policy for ECS Service + - name: scaling_policy + aws_application_scaling_policy: + state: present + policy_name: test_policy + service_namespace: ecs + resource_id: service/poc-pricing/test-as + scalable_dimension: ecs:service:DesiredCount + policy_type: TargetTrackingScaling + minimum_tasks: 1 + maximum_tasks: 6 + target_tracking_scaling_policy_configuration: + TargetValue: 60 + PredefinedMetricSpecification: + PredefinedMetricType: ECSServiceAverageCPUUtilization + ScaleOutCooldown: 60 + ScaleInCooldown: 60 + + # Remove scalable target for ECS Service + - name: scaling_policy + aws_application_scaling_policy: + state: absent + policy_name: test_policy + policy_type: StepScaling + service_namespace: ecs + resource_id: service/cluster-name/service-name + scalable_dimension: ecs:service:DesiredCount + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ alarms + +
+ complex +
+ 		when state present +
List of the CloudWatch alarms associated with the scaling policy
+
+
  +
+ alarm_arn + +
+ string +
+ 		when state present +
The Amazon Resource Name (ARN) of the alarm
+
+
  +
+ alarm_name + +
+ string +
+ 		when state present +
The name of the alarm
+
+
+
+ creation_time + +
+ string +
+ 		when state present +
The Unix timestamp for when the scalable target was created.
+
+
Sample:
+
2017-09-28T08:22:51.881000-03:00
+
+
+ max_capacity + +
+ integer +
+ 		when state present +
The maximum value to scale to in response to a scale out event. Required if state is present.
+
+
Sample:
+
2
+
+
+ min_capacity + +
+ integer +
+ 		when state present +
The minimum value to scale to in response to a scale in event. Required if state is present.
+
+
Sample:
+
1
+
+
+ policy_arn + +
+ string +
+ 		when state present +
The Amazon Resource Name (ARN) of the scaling policy..
+
+
+
+ policy_name + +
+ string +
+ 		when state present +
The name of the scaling policy.
+
+
+
+ policy_type + +
+ string +
+ 		when state present +
The policy type.
+
+
+
+ resource_id + +
+ string +
+ 		when state present +
The identifier of the resource associated with the scalable target.
+
+
Sample:
+
service/cluster-name/service-name
+
+
+ role_arn + +
+ string +
+ 		when state present +
The ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf. Required if state is present.
+
+
Sample:
+
arn:aws:iam::123456789123:role/roleName
+
+
+ scalable_dimension + +
+ string +
+ 		when state present +
The scalable dimension associated with the scalable target.
+
+
Sample:
+
ecs:service:DesiredCount
+
+
+ service_namespace + +
+ string +
+ 		when state present +
The namespace of the AWS service.
+
+
Sample:
+
ecs
+
+
+ step_scaling_policy_configuration + +
+ complex +
+ 		when state present and the policy type is StepScaling +
The step scaling policy.
+
+
  +
+ adjustment_type + +
+ string +
+ 		when state present and the policy type is StepScaling +
The adjustment type
+
+
Sample:
+
ChangeInCapacity, PercentChangeInCapacity, ExactCapacity
+
  +
+ cooldown + +
+ integer +
+ 		when state present and the policy type is StepScaling +
The amount of time, in seconds, after a scaling activity completes where previous trigger-related scaling activities can influence future scaling events
+
+
Sample:
+
60
+
  +
+ metric_aggregation_type + +
+ string +
+ 		when state present and the policy type is StepScaling +
The aggregation type for the CloudWatch metrics
+
+
Sample:
+
Average, Minimum, Maximum
+
  +
+ step_adjustments + +
+ list + / elements=dictionary
+ 		when state present and the policy type is StepScaling +
A set of adjustments that enable you to scale based on the size of the alarm breach
+
+
+
+ target_tracking_scaling_policy_configuration + +
+ complex +
+ 		when state present and the policy type is TargetTrackingScaling +
The target tracking policy.
+
+
  +
+ predefined_metric_specification + +
+ complex +
+ 		when state present and the policy type is TargetTrackingScaling +
A predefined metric
+
+
   +
+ predefined_metric_type + +
+ string +
+ 		when state present and the policy type is TargetTrackingScaling +
The metric type
+
+
Sample:
+
ECSServiceAverageCPUUtilization, ECSServiceAverageMemoryUtilization
+
   +
+ resource_label + +
+ string +
+ 		when metric type is ALBRequestCountPerTarget +
Identifies the resource associated with the metric type
+
+
  +
+ scale_in_cooldown + +
+ integer +
+ 		when state present and the policy type is TargetTrackingScaling +
The amount of time, in seconds, after a scale in activity completes before another scale in activity can start
+
+
Sample:
+
60
+
  +
+ scale_out_cooldown + +
+ integer +
+ 		when state present and the policy type is TargetTrackingScaling +
The amount of time, in seconds, after a scale out activity completes before another scale out activity can start
+
+
Sample:
+
60
+
  +
+ target_value + +
+ integer +
+ 		when state present and the policy type is TargetTrackingScaling +
The target value for the metric
+
+
Sample:
+
70
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gustavo Maia (@gurumaia) +- Chen Leibovich (@chenl87) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_batch_compute_environment.rst b/docs/community.aws.aws_batch_compute_environment.rst new file mode 100644 index 00000000000..4acb618b32e --- /dev/null +++ b/docs/community.aws.aws_batch_compute_environment.rst @@ -0,0 +1,637 @@ + +.. _community.aws.aws_batch_compute_environment_: + + +******************************************* +community.aws.aws_batch_compute_environment +******************************************* + +**Manage AWS Batch Compute Environments** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Batch Compute Environments. It is idempotent and supports "Check" mode. Use module :ref:`aws_batch_compute_environment ` to manage the compute environment, :ref:`aws_batch_job_queue ` to manage job queues, :ref:`aws_batch_job_definition ` to manage job definitions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bid_percentage + +
+ integer +
+ 		+ + +
The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
+
+
+ compute_environment_name + +
+ string + / required
+ 		+ + +
The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
+
+
+ compute_environment_state + +
+ string +
+ 		+
    Choices: +
  • ENABLED ←
    • +
  • DISABLED
    • +
+ 		+ +
The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
+
+
+ compute_resource_type + +
+ string + / required
+ 		+
    Choices: +
  • EC2
    • +
  • SPOT
    • +
+ 		+ +
The type of compute resource.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ desiredv_cpus + +
+ integer +
+ 		+ + +
The desired number of EC2 vCPUS in the compute environment.
+
+
+ ec2_key_pair + +
+ string +
+ 		+ + +
The EC2 key pair that is used for instances launched in the compute environment.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ image_id + +
+ string +
+ 		+ + +
The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
+
+
+ instance_role + +
+ string + / required
+ 		+ + +
The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
+
+
+ instance_types + +
+ list + / elements=string / required
+ 		+ + +
The instance types that may be launched.
+
+
+ maxv_cpus + +
+ integer + / required
+ 		+ + +
The maximum number of EC2 vCPUs that an environment can reach.
+
+
+ minv_cpus + +
+ integer + / required
+ 		+ + +
The minimum number of EC2 vCPUs that an environment should maintain.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_group_ids + +
+ list + / elements=string / required
+ 		+ + +
The EC2 security groups that are associated with instances launched in the compute environment.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ service_role + +
+ string + / required
+ 		+ + +
The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
+
+
+ spot_iam_fleet_role + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ subnets + +
+ list + / elements=string / required
+ 		+ + +
The VPC subnets into which the compute resources are launched.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Key-value pair tags to be applied to resources that are launched in the compute environment.
+
+
+ type + +
+ string + / required
+ 		+
    Choices: +
  • MANAGED
    • +
  • UNMANAGED
    • +
+ 		+ +
The type of the compute environment.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: My Batch Compute Environment + aws_batch_compute_environment: + compute_environment_name: computeEnvironmentName + state: present + region: us-east-1 + compute_environment_state: ENABLED + type: MANAGED + compute_resource_type: EC2 + minv_cpus: 0 + maxv_cpus: 2 + desiredv_cpus: 1 + instance_types: + - optimal + subnets: + - my-subnet1 + - my-subnet2 + security_group_ids: + - my-sg1 + - my-sg2 + instance_role: arn:aws:iam:::instance-profile/ + tags: + tag1: value1 + tag2: value2 + service_role: arn:aws:iam:::role/service-role/ + register: aws_batch_compute_environment_action + + - name: show results + debug: + var: aws_batch_compute_environment_action + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ output + +
+ dictionary +
+ 		always +
returns what action was taken, whether something was changed, invocation and response
+
+
Sample:
+
{'batch_compute_environment_action': 'none', 'changed': False, 'invocation': {'module_args': {'aws_access_key': None, 'aws_secret_key': None, 'bid_percentage': None, 'compute_environment_name': '<name>', 'compute_environment_state': 'ENABLED', 'compute_resource_type': 'EC2', 'desiredv_cpus': 0, 'ec2_key_pair': None, 'ec2_url': None, 'image_id': None, 'instance_role': 'arn:aws:iam::...', 'instance_types': ['optimal'], 'maxv_cpus': 8, 'minv_cpus': 0, 'profile': None, 'region': 'us-east-1', 'security_group_ids': ['*******'], 'security_token': None, 'service_role': 'arn:aws:iam::....', 'spot_iam_fleet_role': None, 'state': 'present', 'subnets': ['******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'MANAGED', 'validate_certs': True}}, 'response': {'computeEnvironmentArn': 'arn:aws:batch:....', 'computeEnvironmentName': '<name>', 'computeResources': {'desiredvCpus': 0, 'instanceRole': 'arn:aws:iam::...', 'instanceTypes': ['optimal'], 'maxvCpus': 8, 'minvCpus': 0, 'securityGroupIds': ['******'], 'subnets': ['*******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'EC2'}, 'ecsClusterArn': 'arn:aws:ecs:.....', 'serviceRole': 'arn:aws:iam::...', 'state': 'ENABLED', 'status': 'VALID', 'statusReason': 'ComputeEnvironment Healthy', 'type': 'MANAGED'}}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jon Meran (@jonmer85) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_batch_job_definition.rst b/docs/community.aws.aws_batch_job_definition.rst new file mode 100644 index 00000000000..835346efa4d --- /dev/null +++ b/docs/community.aws.aws_batch_job_definition.rst @@ -0,0 +1,801 @@ + +.. _community.aws.aws_batch_job_definition_: + + +************************************** +community.aws.aws_batch_job_definition +************************************** + +**Manage AWS Batch Job Definitions** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Batch Job Definitions. It is idempotent and supports "Check" mode. Use module :ref:`aws_batch_compute_environment ` to manage the compute environment, :ref:`aws_batch_job_queue ` to manage job queues, :ref:`aws_batch_job_definition ` to manage job definitions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ attempts + +
+ integer +
+ 		+ + +
Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ command + +
+ list + / elements=string
+ 		+ + +
The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ environment + +
+ list + / elements=dictionary
+ 		+ + +
The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run.
+
+
+ name + +
+ - +
+ 		+ + +
The name of the key value pair. For environment variables, this is the name of the environment variable.
+
+
+ value + +
+ - +
+ 		+ + +
The value of the key value pair. For environment variables, this is the value of the environment variable.
+
+
+ image + +
+ string + / required
+ 		+ + +
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
+
+
+ job_definition_arn + +
+ string +
+ 		+ + +
The ARN for the job definition.
+
+
+ job_definition_name + +
+ string + / required
+ 		+ + +
The name for the job definition.
+
+
+ job_role_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
+
+
+ memory + +
+ integer + / required
+ 		+ + +
The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
+
+
+ mount_points + +
+ list + / elements=dictionary
+ 		+ + +
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
+
+
+ containerPath + +
+ - +
+ 		+ + +
The path on the container at which to mount the host volume.
+
+
+ readOnly + +
+ - +
+ 		+ + +
If this value is true , the container has read-only access to the volume; otherwise, the container can write to the volume. The default value is false.
+
+
+ sourceVolume + +
+ - +
+ 		+ + +
The name of the volume to mount.
+
+
+ parameters + +
+ dictionary +
+ 		+ + +
Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
+
+
+ privileged + +
+ string +
+ 		+ + +
When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ readonly_root_filesystem + +
+ string +
+ 		+ + +
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ type + +
+ string + / required
+ 		+ + +
The type of job definition.
+
+
+ ulimits + +
+ list + / elements=dictionary
+ 		+ + +
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run.
+
+
+ hardLimit + +
+ - +
+ 		+ + +
The hard limit for the ulimit type.
+
+
+ name + +
+ - +
+ 		+ + +
The type of the ulimit.
+
+
+ softLimit + +
+ - +
+ 		+ + +
The soft limit for the ulimit type.
+
+
+ user + +
+ string +
+ 		+ + +
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vcpus + +
+ integer + / required
+ 		+ + +
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
+
+
+ volumes + +
+ list + / elements=dictionary
+ 		+ + +
A list of data volumes used in a job.
+
+
+ host + +
+ - +
+ 		+ + +
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume, but the data is not guaranteed to persist after the containers associated with it stop running. This is a dictionary with one property, sourcePath - The path on the host container instance that is presented to the container. If this parameter is empty,then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value does not exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
+
+
+ name + +
+ - +
+ 		+ + +
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: My Batch Job Definition + aws_batch_job_definition: + job_definition_name: My Batch Job Definition + state: present + type: container + parameters: + Param1: Val1 + Param2: Val2 + image: + vcpus: 1 + memory: 512 + command: + - python + - run_my_script.py + - arg1 + job_role_arn: + attempts: 3 + register: job_definition_create_result + + - name: show results + debug: var=job_definition_create_result + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ output + +
+ dictionary +
+ 		always +
returns what action was taken, whether something was changed, invocation and response
+
+
Sample:
+
{'aws_batch_job_definition_action': 'none', 'changed': False, 'response': {'job_definition_arn': 'arn:aws:batch:....', 'job_definition_name': '<name>', 'status': 'INACTIVE', 'type': 'container'}}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jon Meran (@jonmer85) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_batch_job_queue.rst b/docs/community.aws.aws_batch_job_queue.rst new file mode 100644 index 00000000000..6426b2993c3 --- /dev/null +++ b/docs/community.aws.aws_batch_job_queue.rst @@ -0,0 +1,433 @@ + +.. _community.aws.aws_batch_job_queue_: + + +********************************* +community.aws.aws_batch_job_queue +********************************* + +**Manage AWS Batch Job Queues** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Batch Job Queues. It is idempotent and supports "Check" mode. Use module :ref:`aws_batch_compute_environment ` to manage the compute environment, :ref:`aws_batch_job_queue ` to manage job queues, :ref:`aws_batch_job_definition ` to manage job definitions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ compute_environment_order + +
+ list + / elements=dictionary / required
+ 		+ + +
The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
+
+
+ compute_environment + +
+ string +
+ 		+ + +
The name of the compute environment.
+
+
+ order + +
+ integer +
+ 		+ + +
The relative priority of the environment.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ job_queue_name + +
+ string + / required
+ 		+ + +
The name for the job queue
+
+
+ job_queue_state + +
+ string +
+ 		+
    Choices: +
  • ENABLED ←
    • +
  • DISABLED
    • +
+ 		+ +
The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
+
+
+ priority + +
+ integer + / required
+ 		+ + +
The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: My Batch Job Queue + aws_batch_job_queue: + job_queue_name: jobQueueName + state: present + region: us-east-1 + job_queue_state: ENABLED + priority: 1 + compute_environment_order: + - order: 1 + compute_environment: my_compute_env1 + - order: 2 + compute_environment: my_compute_env2 + register: batch_job_queue_action + + - name: show results + debug: + var: batch_job_queue_action + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ output + +
+ dictionary +
+ 		always +
returns what action was taken, whether something was changed, invocation and response
+
+
Sample:
+
{'batch_job_queue_action': 'updated', 'changed': False, 'response': {'job_queue_arn': 'arn:aws:batch:....', 'job_queue_name': '<name>', 'priority': 1, 'state': 'DISABLED', 'status': 'UPDATING', 'status_reason': 'JobQueue Healthy'}}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jon Meran (@jonmer85) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_codebuild.rst b/docs/community.aws.aws_codebuild.rst new file mode 100644 index 00000000000..83e3d069378 --- /dev/null +++ b/docs/community.aws.aws_codebuild.rst @@ -0,0 +1,1219 @@ + +.. _community.aws.aws_codebuild_: + + +*************************** +community.aws.aws_codebuild +*************************** + +**Create or delete an AWS CodeBuild project** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete a CodeBuild projects on AWS, used for building code artifacts from source code. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ artifacts + +
+ dictionary + / required
+ 		+ + +
Information about the build output artifacts for the build project.
+
+
+ location + +
+ - +
+ 		+ + +
Information about the build output artifact location. When choosing type S3, set the bucket name here.
+
+
+ name + +
+ - +
+ 		+ + +
Along with path and namespace_type, the pattern that AWS CodeBuild will use to name and store the output artifact.
+
+
+ namespace_type + +
+ - +
+ 		+ + +
Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts.
+
Accepts BUILD_ID and NONE.
+ +
+
+ packaging + +
+ - +
+ 		+ + +
The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file.
+
+
+ path + +
+ - +
+ 		+ + +
Along with namespace_type and name, the pattern that AWS CodeBuild will use to name and store the output artifacts.
+
Used for path in S3 bucket when type is S3.
+
+
+ type + +
+ - + / required
+ 		+ + +
The type of build output for artifacts. Can be one of the following: CODEPIPELINE, NO_ARTIFACTS, S3.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cache + +
+ dictionary +
+ 		+ + +
Caching params to speed up following builds.
+
+
+ location + +
+ - + / required
+ 		+ + +
Caching location on S3.
+
+
+ type + +
+ - + / required
+ 		+ + +
Cache type. Can be NO_CACHE or S3.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
Descriptive text of the CodeBuild project.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ encryption_key + +
+ string +
+ 		+ + +
The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
+
+
+ environment + +
+ dictionary +
+ 		+ + +
Information about the build environment for the build project.
+
+
+ compute_type + +
+ - + / required
+ 		+ + +
Information about the compute resources the build project will use.
+
Available values include: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE.
+
+
+ environment_variables + +
+ - +
+ 		+ + +
A set of environment variables to make available to builds for the build project. List of dictionaries with name and value fields.
+
Example: { name: 'MY_ENV_VARIABLE', value: 'test' }
+
+
+ image + +
+ - + / required
+ 		+ + +
The ID of the Docker image to use for this build project.
+
+
+ privileged_mode + +
+ - +
+ 		+ + +
Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
+
+
+ type + +
+ - + / required
+ 		+ + +
The type of build environment to use for the project. Usually LINUX_CONTAINER.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the CodeBuild project.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ service_role + +
+ string +
+ 		+ + +
The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
+
+
+ source + +
+ dictionary + / required
+ 		+ + +
Configure service and location for the build input source.
+
+
+ buildspec + +
+ string +
+ 		+ + +
The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
+
+
+ git_clone_depth + +
+ integer +
+ 		+ + +
When using git you can specify the clone depth as an integer here.
+
+
+ insecure_ssl + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Enable this flag to ignore SSL warnings while connecting to the project source code.
+
+
+ location + +
+ string +
+ 		+ + +
Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
+
+
+ type + +
+ string + / required
+ 		+ + +
The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or remove code build project.
+
+
+ tags + +
+ list + / elements=dictionary
+ 		+ + +
A set of tags for the build project.
+
+
+ key + +
+ string +
+ 		+ + +
The name of the Tag.
+
+
+ value + +
+ string +
+ 		+ + +
The value of the Tag.
+
+
+ timeout_in_minutes + +
+ integer +
+ 		+ Default:
60
+ 		+ +
How long CodeBuild should wait until timing out any build that has not been marked as completed.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_config + +
+ dictionary +
+ 		+ + +
The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
+
+
+ + +Notes +----- + +.. note:: + - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - aws_codebuild: + name: my_project + description: My nice little project + service_role: "arn:aws:iam::123123:role/service-role/code-build-service-role" + source: + # Possible values: BITBUCKET, CODECOMMIT, CODEPIPELINE, GITHUB, S3 + type: CODEPIPELINE + buildspec: '' + artifacts: + namespaceType: NONE + packaging: NONE + type: CODEPIPELINE + name: my_project + environment: + computeType: BUILD_GENERAL1_SMALL + privilegedMode: "true" + image: "aws/codebuild/docker:17.09.0" + type: LINUX_CONTAINER + environmentVariables: + - { name: 'PROFILE', value: 'staging' } + encryption_key: "arn:aws:kms:us-east-1:123123:alias/aws/s3" + region: us-east-1 + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ project + +
+ complex +
+ 		success +
Returns the dictionary describing the code project configuration.
+
+
  +
+ arn + +
+ string +
+ 		always +
ARN of the CodeBuild project
+
+
Sample:
+
arn:aws:codebuild:us-east-1:123123123:project/vod-api-app-builder
+
  +
+ artifacts + +
+ complex +
+ 		always +
Information about the output of build artifacts
+
+
   +
+ location + +
+ string +
+ 		when configured +
Output location for build artifacts
+
+
   +
+ type + +
+ string +
+ 		always +
The type of build artifact.
+
+
Sample:
+
CODEPIPELINE
+
  +
+ cache + +
+ dictionary +
+ 		when configured +
Cache settings for the build project.
+
+
  +
+ created + +
+ string +
+ 		always +
Timestamp of the create time of the project
+
+
Sample:
+
2018-04-17T16:56:03.245000+02:00
+
  +
+ description + +
+ string +
+ 		always +
A description of the build project
+
+
Sample:
+
My nice little project
+
  +
+ environment + +
+ dictionary +
+ 		always +
Environment settings for the build
+
+
  +
+ name + +
+ string +
+ 		always +
Name of the CodeBuild project
+
+
Sample:
+
my_project
+
  +
+ service_role + +
+ string +
+ 		always +
IAM role to be used during build to access other AWS services.
+
+
Sample:
+
arn:aws:iam::123123123:role/codebuild-service-role
+
  +
+ source + +
+ complex +
+ 		always +
Information about the build input source code.
+
+
   +
+ auth + +
+ complex +
+ 		when configured +
Information about the authorization settings for AWS CodeBuild to access the source code to be built.
+
+
   +
+ build_spec + +
+ string +
+ 		always +
The build spec declaration to use for the builds in this build project.
+
+
   +
+ git_clone_depth + +
+ integer +
+ 		when configured +
The git clone depth
+
+
   +
+ insecure_ssl + +
+ boolean +
+ 		when configured +
True if set to ignore SSL warnings.
+
+
   +
+ location + +
+ string +
+ 		when configured +
Location identifier, depending on the source type.
+
+
   +
+ type + +
+ string +
+ 		always +
The type of the repository
+
+
Sample:
+
CODEPIPELINE
+
  +
+ tags + +
+ list +
+ 		when configured +
Tags added to the project
+
+
  +
+ timeout_in_minutes + +
+ integer +
+ 		always +
The timeout of a build in minutes
+
+
Sample:
+
60
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Stefan Horning (@stefanhorning) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_codecommit.rst b/docs/community.aws.aws_codecommit.rst new file mode 100644 index 00000000000..862865ec31f --- /dev/null +++ b/docs/community.aws.aws_codecommit.rst @@ -0,0 +1,594 @@ + +.. _community.aws.aws_codecommit_: + + +**************************** +community.aws.aws_codecommit +**************************** + +**Manage repositories in AWS CodeCommit** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Supports creation and deletion of CodeCommit repositories. +- See https://aws.amazon.com/codecommit/ for more information about CodeCommit. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
description or comment of repository.
+

aliases: comment
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
name of repository.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Specifies the state of repository.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a new repository + - aws_codecommit: + name: repo + state: present + + # Delete a repository + - aws_codecommit: + name: repo + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ repository_metadata + +
+ complex +
+ 		always +
Information about the repository.
+
+
  +
+ account_id + +
+ string +
+ 		when state is present +
The ID of the AWS account associated with the repository.
+
+
Sample:
+
268342293637
+
  +
+ arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the repository.
+
+
Sample:
+
arn:aws:codecommit:ap-northeast-1:268342293637:username
+
  +
+ clone_url_http + +
+ string +
+ 		when state is present +
The URL to use for cloning the repository over HTTPS.
+
+
Sample:
+
https://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
+
  +
+ clone_url_ssh + +
+ string +
+ 		when state is present +
The URL to use for cloning the repository over SSH.
+
+
Sample:
+
ssh://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
+
  +
+ creation_date + +
+ string +
+ 		when state is present +
The date and time the repository was created, in timestamp format.
+
+
Sample:
+
2018-10-16T13:21:41.261000+09:00
+
  +
+ last_modified_date + +
+ string +
+ 		when state is present +
The date and time the repository was last modified, in timestamp format.
+
+
Sample:
+
2018-10-16T13:21:41.261000+09:00
+
  +
+ repository_description + +
+ string +
+ 		when state is present +
A comment or description about the repository.
+
+
Sample:
+
test from ptux
+
  +
+ repository_id + +
+ string +
+ 		always +
The ID of the repository that was created or deleted
+
+
Sample:
+
e62a5c54-i879-497b-b62f-9f99e4ebfk8e
+
  +
+ repository_name + +
+ string +
+ 		when state is present +
The repository's name.
+
+
Sample:
+
reponame
+
+
+ response_metadata + +
+ complex +
+ 		always +
Information about the response.
+
+
  +
+ http_headers + +
+ dictionary +
+ 		always +
http headers of http response
+
+
  +
+ http_status_code + +
+ string +
+ 		always +
http status code of http response
+
+
Sample:
+
200
+
  +
+ request_id + +
+ string +
+ 		always +
http request id
+
+
Sample:
+
fb49cfca-d0fa-11e8-85cb-b3cc4b5045ef
+
  +
+ retry_attempts + +
+ string +
+ 		always +
numbers of retry attempts
+
+
Sample:
+
0
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Shuang Wang (@ptux) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_codepipeline.rst b/docs/community.aws.aws_codepipeline.rst new file mode 100644 index 00000000000..48f4ba6541e --- /dev/null +++ b/docs/community.aws.aws_codepipeline.rst @@ -0,0 +1,669 @@ + +.. _community.aws.aws_codepipeline_: + + +****************************** +community.aws.aws_codepipeline +****************************** + +**Create or delete AWS CodePipelines** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete a CodePipeline on AWS. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ artifact_store + +
+ dictionary + / required
+ 		+ + +
Location information where artifacts are stored (on S3). Dictionary with fields type and location.
+
+
+ location + +
+ string +
+ 		+ + +
Bucket name for artifacts.
+
+
+ type + +
+ string +
+ 		+ + +
Type of the artifacts storage (only 'S3' is currently supported).
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the pipeline
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string + / required
+ 		+ + +
ARN of the IAM role to use when executing the pipeline
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ stages + +
+ list + / elements=dictionary / required
+ 		+ + +
List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
+
+
+ actions + +
+ list + / elements=dictionary
+ 		+ + +
List of action configurations for that stage.
+
See the boto3 documentation for full documentation of suboptions:
+ +
+
+ name + +
+ string +
+ 		+ + +
Name of the stage (step) in the codepipeline
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or remove code pipeline
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ version + +
+ integer +
+ 		+ + +
Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
+
+
+ + +Notes +----- + +.. note:: + - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codepipeline.html + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) + - aws_codepipeline: + name: my_deploy_pipeline + role_arn: arn:aws:iam::123456:role/AWS-CodePipeline-Service + artifact_store: + type: S3 + location: my_s3_codepipline_bucket + stages: + - name: Get_source + actions: + - + name: Git_pull + actionTypeId: + category: Source + owner: ThirdParty + provider: GitHub + version: '1' + outputArtifacts: + - { name: my-app-source } + configuration: + Owner: mediapeers + Repo: my_gh_repo + PollForSourceChanges: 'true' + Branch: master + # Generate token like this: + # https://docs.aws.amazon.com/codepipeline/latest/userguide/GitHub-rotate-personal-token-CLI.html + # GH Link: https://github.com/settings/tokens + OAuthToken: 'abc123def456' + runOrder: 1 + - name: Build + actions: + - + name: CodeBuild + actionTypeId: + category: Build + owner: AWS + provider: CodeBuild + version: '1' + inputArtifacts: + - { name: my-app-source } + outputArtifacts: + - { name: my-app-build } + configuration: + # A project with that name needs to be setup on AWS CodeBuild already (use code_build module). + ProjectName: codebuild-project-name + runOrder: 1 + - name: ECS_deploy + actions: + - + name: ECS_deploy + actionTypeId: + category: Deploy + owner: AWS + provider: ECS + version: '1' + inputArtifacts: + - { name: vod-api-app-build } + configuration: + # an ECS cluster with that name needs to be setup on AWS ECS already (use ecs_cluster and ecs_service module) + ClusterName: ecs-cluster-name + ServiceName: ecs-cluster-service-name + FileName: imagedefinitions.json + region: us-east-1 + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ pipeline + +
+ complex +
+ 		success +
Returns the dictionary describing the code pipeline configuration.
+
+
  +
+ artifact_store + +
+ complex +
+ 		always +
Information about where the build artifacts are stored
+
+
   +
+ encryption_key + +
+ string +
+ 		when configured +
The encryption key used to encrypt the artifacts store, such as an AWS KMS key.
+
+
   +
+ location + +
+ string +
+ 		always +
The location of the artifacts storage (s3 bucket name)
+
+
Sample:
+
my_s3_codepipline_bucket
+
   +
+ type + +
+ string +
+ 		always +
The type of the artifacts store, such as S3
+
+
Sample:
+
S3
+
  +
+ name + +
+ string +
+ 		always +
Name of the CodePipeline
+
+
Sample:
+
my_deploy_pipeline
+
  +
+ role_arn + +
+ string +
+ 		always +
ARN of the IAM role attached to the code pipeline
+
+
Sample:
+
arn:aws:iam::123123123:role/codepipeline-service-role
+
  +
+ stages + +
+ list +
+ 		always +
List of stages configured for this pipeline
+
+
  +
+ version + +
+ integer +
+ 		always +
The version number of the pipeline. This number is auto incremented when pipeline params are changed.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Stefan Horning (@stefanhorning) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_aggregation_authorization.rst b/docs/community.aws.aws_config_aggregation_authorization.rst new file mode 100644 index 00000000000..d07d4326b4e --- /dev/null +++ b/docs/community.aws.aws_config_aggregation_authorization.rst @@ -0,0 +1,311 @@ + +.. _community.aws.aws_config_aggregation_authorization_: + + +************************************************** +community.aws.aws_config_aggregation_authorization +************************************************** + +**Manage cross-account AWS Config authorizations** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config resources. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ authorized_account_id + +
+ string + / required
+ 		+ + +
The 12-digit account ID of the account authorized to aggregate data.
+
+
+ authorized_aws_region + +
+ string + / required
+ 		+ + +
The region authorized to collect aggregated data.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the Config rule should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Get current account ID + aws_caller_info: + register: whoami + - aws_config_aggregation_authorization: + state: present + authorized_account_id: '{{ whoami.account }}' + authorzed_aws_region: us-east-1 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_aggregator.rst b/docs/community.aws.aws_config_aggregator.rst new file mode 100644 index 00000000000..29bd8fae530 --- /dev/null +++ b/docs/community.aws.aws_config_aggregator.rst @@ -0,0 +1,449 @@ + +.. _community.aws.aws_config_aggregator_: + + +*********************************** +community.aws.aws_config_aggregator +*********************************** + +**Manage AWS Config aggregations across multiple accounts** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config resources + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ account_sources + +
+ list + / elements=dictionary / required
+ 		+ + +
Provides a list of source accounts and regions to be aggregated.
+
+
+ account_ids + +
+ list + / elements=string
+ 		+ + +
A list of 12-digit account IDs of accounts being aggregated.
+
+
+ all_aws_regions + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
If true, aggregate existing AWS Config regions and future regions.
+
+
+ aws_regions + +
+ list + / elements=string
+ 		+ + +
A list of source regions being aggregated.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the AWS Config resource.
+
+
+ organization_source + +
+ dictionary + / required
+ 		+ + +
The region authorized to collect aggregated data.
+
+
+ all_aws_regions + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
If true, aggregate existing AWS Config regions and future regions.
+
+
+ aws_regions + +
+ list + / elements=string
+ 		+ + +
The source regions being aggregated.
+
+
+ role_arn + +
+ string +
+ 		+ + +
ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the Config rule should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create cross-account aggregator + aws_config_aggregator: + name: test_config_rule + state: present + account_sources: + account_ids: + - 1234567890 + - 0123456789 + - 9012345678 + all_aws_regions: yes + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_delivery_channel.rst b/docs/community.aws.aws_config_delivery_channel.rst new file mode 100644 index 00000000000..dc9baf7697e --- /dev/null +++ b/docs/community.aws.aws_config_delivery_channel.rst @@ -0,0 +1,369 @@ + +.. _community.aws.aws_config_delivery_channel_: + + +***************************************** +community.aws.aws_config_delivery_channel +***************************************** + +**Manage AWS Config delivery channels** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages AWS Config delivery locations for rule checks and configuration info. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delivery_frequency + +
+ string +
+ 		+
    Choices: +
  • One_Hour
    • +
  • Three_Hours
    • +
  • Six_Hours
    • +
  • Twelve_Hours
    • +
  • TwentyFour_Hours
    • +
+ 		+ +
The frequency with which AWS Config delivers configuration snapshots.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the AWS Config resource.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ s3_bucket + +
+ string + / required
+ 		+ + +
The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
+
+
+ s3_prefix + +
+ string +
+ 		+ + +
The prefix for the specified Amazon S3 bucket.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ sns_topic_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the Config rule should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Delivery Channel for AWS Config + aws_config_delivery_channel: + name: test_delivery_channel + state: present + s3_bucket: 'test_aws_config_bucket' + sns_topic_arn: 'arn:aws:sns:us-east-1:123456789012:aws_config_topic:1234ab56-cdef-7g89-01hi-2jk34l5m67no' + delivery_frequency: 'Twelve_Hours' + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_recorder.rst b/docs/community.aws.aws_config_recorder.rst new file mode 100644 index 00000000000..175de2cf8a8 --- /dev/null +++ b/docs/community.aws.aws_config_recorder.rst @@ -0,0 +1,392 @@ + +.. _community.aws.aws_config_recorder_: + + +********************************* +community.aws.aws_config_recorder +********************************* + +**Manage AWS Config Recorders** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config configuration recorder settings. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the AWS Config resource.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ recording_group + +
+ dictionary +
+ 		+ + +
Specifies the types of AWS resources for which AWS Config records configuration changes.
+
Required when state=present
+
+
+ all_supported + +
+ - +
+ 		+ + +
Specifies whether AWS Config records configuration changes for every supported type of regional resource.
+
If all_supported=true, when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
+
If all_supported=true, you cannot enumerate a list of resource_types.
+
+
+ include_global_types + +
+ - +
+ 		+ + +
Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
+
The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
+
If you set include_global_types=true, you must also set all_supported=true.
+
If you set include_global_types=true, when AWS Config adds support for a new type of global resource, it starts recording resources of that type automatically.
+
+
+ resource_types + +
+ - +
+ 		+ + +
A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
+
Before you can set this option, you must set all_supported=false.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string +
+ 		+ + +
Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
+
Required when state=present.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the Config rule should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Configuration Recorder for AWS Config + aws_config_recorder: + name: test_configuration_recorder + state: present + role_arn: 'arn:aws:iam::123456789012:role/AwsConfigRecorder' + recording_group: + all_supported: true + include_global_types: true + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_rule.rst b/docs/community.aws.aws_config_rule.rst new file mode 100644 index 00000000000..33ae6e9d4fa --- /dev/null +++ b/docs/community.aws.aws_config_rule.rst @@ -0,0 +1,523 @@ + +.. _community.aws.aws_config_rule_: + + +***************************** +community.aws.aws_config_rule +***************************** + +**Manage AWS Config resources** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config rules + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
The description that you provide for the AWS Config rule.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ execution_frequency + +
+ string +
+ 		+
    Choices: +
  • One_Hour
    • +
  • Three_Hours
    • +
  • Six_Hours
    • +
  • Twelve_Hours
    • +
  • TwentyFour_Hours
    • +
+ 		+ +
The maximum frequency with which AWS Config runs evaluations for a rule.
+
+
+ input_parameters + +
+ string +
+ 		+ + +
A string, in JSON format, that is passed to the AWS Config rule Lambda function.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the AWS Config resource.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ scope + +
+ dictionary +
+ 		+ + +
Defines which resources can trigger an evaluation for the rule.
+
+
+ compliance_id + +
+ - +
+ 		+ + +
The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
+
+
+ compliance_types + +
+ - +
+ 		+ + +
The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
+
+
+ tag_key + +
+ - +
+ 		+ + +
The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
+
+
+ tag_value + +
+ - +
+ 		+ + +
The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for tag_value, you must also specify a value for tag_key.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ source + +
+ dictionary + / required
+ 		+ + +
Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
+
+
+ details + +
+ - +
+ 		+ + +
Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
+
This parameter expects a list of dictionaries. Each dictionary expects the following key/value pairs.
+
Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
+
Key `MessageType` The type of notification that triggers AWS Config to run an evaluation for a rule.
+
Key `MaximumExecutionFrequency` The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
+
+
+ identifier + +
+ - +
+ 		+ + +
The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
+
+
+ owner + +
+ - +
+ 		+ + +
The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the Config rule should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Config Rule for AWS Config + aws_config_rule: + name: test_config_rule + state: present + description: 'This AWS Config rule checks for public write access on S3 buckets' + scope: + compliance_types: + - 'AWS::S3::Bucket' + source: + owner: AWS + identifier: 'S3_BUCKET_PUBLIC_WRITE_PROHIBITED' + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_connection.rst b/docs/community.aws.aws_direct_connect_connection.rst new file mode 100644 index 00000000000..2c7fa679acd --- /dev/null +++ b/docs/community.aws.aws_direct_connect_connection.rst @@ -0,0 +1,608 @@ + +.. _community.aws.aws_direct_connect_connection_: + + +******************************************* +community.aws.aws_direct_connect_connection +******************************************* + +**Creates, deletes, modifies a DirectConnect connection** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update, or delete a Direct Connect connection between a network and a specific AWS Direct Connect location. Upon creation the connection may be added to a link aggregation group or established as a standalone connection. The connection may later be associated or disassociated with a link aggregation group. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bandwidth + +
+ string +
+ 		+
    Choices: +
  • 1Gbps
    • +
  • 10Gbps
    • +
+ 		+ +
The bandwidth of the Direct Connect connection.
+
Required when state=present.
+
+
+ connection_id + +
+ string +
+ 		+ + +
The ID of the Direct Connect connection.
+
Modifying attributes of a connection with forced_update will result in a new Direct Connect connection ID.
+
One of connection_id or name must be specified.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ forced_update + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
+
+
+ link_aggregation_group + +
+ string +
+ 		+ + +
The ID of the link aggregation group you want to associate with the connection.
+
This is optional when a stand-alone connection is desired.
+
+
+ location + +
+ string +
+ 		+ + +
Where the Direct Connect connection is located.
+
Required when state=present.
+
+
+ name + +
+ string +
+ 		+ + +
The name of the Direct Connect connection. This is required to create a new connection.
+
One of connection_id or name must be specified.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
The state of the Direct Connect connection.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a Direct Connect connection + - aws_direct_connect_connection: + name: ansible-test-connection + state: present + location: EqDC2 + link_aggregation_group: dxlag-xxxxxxxx + bandwidth: 1Gbps + register: dc + + # disassociate the LAG from the connection + - aws_direct_connect_connection: + state: present + connection_id: dc.connection.connection_id + location: EqDC2 + bandwidth: 1Gbps + + # replace the connection with one with more bandwidth + - aws_direct_connect_connection: + state: present + name: ansible-test-connection + location: EqDC2 + bandwidth: 10Gbps + forced_update: True + + # delete the connection + - aws_direct_connect_connection: + state: absent + name: ansible-test-connection + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ connection + +
+ complex +
+ 		state=present +
The attributes of the direct connect connection.
+
+
  +
+ aws_device + +
+ string +
+ 		when the requested state is no longer 'requested' +
The endpoint which the physical connection terminates on.
+
+
Sample:
+
EqDC2-12pmo7hemtz1z
+
  +
+ bandwidth + +
+ string +
+ 		always +
The bandwidth of the connection.
+
+
Sample:
+
1Gbps
+
  +
+ connection_id + +
+ string +
+ 		always +
The ID of the connection.
+
+
Sample:
+
dxcon-ffy9ywed
+
  +
+ connection_name + +
+ string +
+ 		always +
The name of the connection.
+
+
Sample:
+
ansible-test-connection
+
  +
+ connection_state + +
+ string +
+ 		always +
The state of the connection.
+
+
Sample:
+
pending
+
  +
+ loa_issue_time + +
+ string +
+ 		when the LOA-CFA has been issued (the connection state will no longer be 'requested') +
The issue time of the connection's Letter of Authorization - Connecting Facility Assignment.
+
+
Sample:
+
2018-03-20T17:36:26-04:00
+
  +
+ location + +
+ string +
+ 		always +
The location of the connection.
+
+
Sample:
+
EqDC2
+
  +
+ owner_account + +
+ string +
+ 		always +
The account that owns the direct connect connection.
+
+
Sample:
+
123456789012
+
  +
+ region + +
+ string +
+ 		always +
The region in which the connection exists.
+
+
Sample:
+
us-east-1
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_gateway.rst b/docs/community.aws.aws_direct_connect_gateway.rst new file mode 100644 index 00000000000..8230f5014cc --- /dev/null +++ b/docs/community.aws.aws_direct_connect_gateway.rst @@ -0,0 +1,487 @@ + +.. _community.aws.aws_direct_connect_gateway_: + + +**************************************** +community.aws.aws_direct_connect_gateway +**************************************** + +**Manage AWS Direct Connect gateway** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS Direct Connect Gateway. +- Deletes AWS Direct Connect Gateway. +- Attaches Virtual Gateways to Direct Connect Gateway. +- Detaches Virtual Gateways to Direct Connect Gateway. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ amazon_asn + +
+ string +
+ 		+ + +
The Amazon side ASN.
+
Required when state=present.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ direct_connect_gateway_id + +
+ string +
+ 		+ + +
The ID of an existing Direct Connect Gateway.
+
Required when state=absent.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
Name of the Direct Connect Gateway to be created or deleted.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Set state=present to ensure a resource is created.
+
Set state=absent to remove a resource.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ virtual_gateway_id + +
+ string +
+ 		+ + +
The VPN gateway ID of an existing virtual gateway.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
320
+ 		+ +
How long to wait for the association to be deleted.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new direct connect gateway attached to virtual private gateway + dxgw: + state: present + name: my-dx-gateway + amazon_asn: 7224 + virtual_gateway_id: vpg-12345 + register: created_dxgw + + - name: Create a new unattached dxgw + dxgw: + state: present + name: my-dx-gateway + amazon_asn: 7224 + register: created_dxgw + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ result + +
+ complex +
+ 		state=present +
The attributes of the Direct Connect Gateway
+
+
  +
+ amazon_side_asn + +
+ string +
+ 		+
ASN on the amazon side.
+
+
  +
+ direct_connect_gateway_id + +
+ string +
+ 		+
The ID of the direct connect gateway.
+
+
  +
+ direct_connect_gateway_name + +
+ string +
+ 		+
The name of the direct connect gateway.
+
+
  +
+ direct_connect_gateway_state + +
+ string +
+ 		+
The state of the direct connect gateway.
+
+
  +
+ owner_account + +
+ string +
+ 		+
The AWS account ID of the owner of the direct connect gateway.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gobin Sougrakpam (@gobins) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group.rst new file mode 100644 index 00000000000..16daf73b8ef --- /dev/null +++ b/docs/community.aws.aws_direct_connect_link_aggregation_group.rst @@ -0,0 +1,687 @@ + +.. _community.aws.aws_direct_connect_link_aggregation_group_: + + +******************************************************* +community.aws.aws_direct_connect_link_aggregation_group +******************************************************* + +**Manage Direct Connect LAG bundles** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, delete, or modify a Direct Connect link aggregation group. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bandwidth + +
+ string +
+ 		+ + +
The bandwidth of the link aggregation group.
+
+
+ connection_id + +
+ string +
+ 		+ + +
A connection ID to link with the link aggregation group upon creation.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delete_with_disassociation + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
To be used with state=absent to delete connections after disassociating them with the LAG.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ force_delete + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
+
+
+ link_aggregation_group_id + +
+ string +
+ 		+ + +
The ID of the Direct Connect link aggregation group.
+
+
+ location + +
+ string +
+ 		+ + +
The location of the link aggregation group.
+
+
+ min_links + +
+ integer +
+ 		+ + +
The minimum number of physical connections that must be operational for the LAG itself to be operational.
+
+
+ name + +
+ string +
+ 		+ + +
The name of the Direct Connect link aggregation group.
+
+
+ num_connections + +
+ integer +
+ 		+ + +
The number of connections with which to initialize the link aggregation group.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
The state of the Direct Connect link aggregation group.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not to wait for the operation to complete.
+
May be useful when waiting for virtual interfaces to be deleted.
+
The time to wait can be controlled by setting wait_timeout.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
120
+ 		+ +
The duration in seconds to wait if wait=true.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a Direct Connect connection + - aws_direct_connect_link_aggregation_group: + state: present + location: EqDC2 + lag_id: dxlag-xxxxxxxx + bandwidth: 1Gbps + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ aws_device + +
+ string +
+ 		when state=present +
The AWS Direct Connection endpoint that hosts the LAG.
+
+
Sample:
+
EqSe2-1bwfvazist2k0
+
+
+ changed + +
+ string +
+ 		always +
Whether or not the LAG has changed.
+
+
+
+ connections + +
+ list +
+ 		when state=present +
A list of connections bundled by this LAG.
+
+
Sample:
+
{'connections': [{'aws_device': 'EqSe2-1bwfvazist2k0', 'bandwidth': '1Gbps', 'connection_id': 'dxcon-fgzjah5a', 'connection_name': 'Requested Connection 1 for Lag dxlag-fgtoh97h', 'connection_state': 'down', 'lag_id': 'dxlag-fgnsp4rq', 'location': 'EqSe2', 'owner_account': '448830907657', 'region': 'us-west-2'}]}
+
+
+ connections_bandwidth + +
+ string +
+ 		when state=present +
The individual bandwidth of the physical connections bundled by the LAG.
+
+
Sample:
+
1Gbps
+
+
+ lag_id + +
+ string +
+ 		when state=present +
Unique identifier for the link aggregation group.
+
+
Sample:
+
dxlag-fgnsp4rq
+
+
+ lag_name + +
+ string +
+ 		when state=present +
User-provided name for the link aggregation group.
+
+
+
+ lag_state + +
+ string +
+ 		when state=present +
State of the LAG.
+
+
Sample:
+
pending
+
+
+ location + +
+ string +
+ 		when state=present +
Where the connection is located.
+
+
Sample:
+
EqSe2
+
+
+ minimum_links + +
+ integer +
+ 		when state=present +
The minimum number of physical connections that must be operational for the LAG itself to be operational.
+
+
+
+ number_of_connections + +
+ integer +
+ 		when state=present +
The number of physical connections bundled by the LAG.
+
+
+
+ owner_account + +
+ string +
+ 		when state=present +
Owner account ID of the LAG.
+
+
+
+ region + +
+ string +
+ 		when state=present +
The region in which the LAG exists.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_virtual_interface.rst b/docs/community.aws.aws_direct_connect_virtual_interface.rst new file mode 100644 index 00000000000..dae3652864d --- /dev/null +++ b/docs/community.aws.aws_direct_connect_virtual_interface.rst @@ -0,0 +1,954 @@ + +.. _community.aws.aws_direct_connect_virtual_interface_: + + +************************************************** +community.aws.aws_direct_connect_virtual_interface +************************************************** + +**Manage Direct Connect virtual interfaces** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, delete, or modify a Direct Connect public or private virtual interface. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ address_type + +
+ string +
+ 		+ + +
The type of IP address for the BGP peer.
+
+
+ amazon_address + +
+ string +
+ 		+ + +
The amazon address CIDR with which to create the virtual interface.
+
+
+ authentication_key + +
+ string +
+ 		+ + +
The authentication key for BGP configuration.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bgp_asn + +
+ integer +
+ 		+ Default:
65000
+ 		+ +
The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
+
+
+ cidr + +
+ list + / elements=string
+ 		+ + +
A list of route filter prefix CIDRs with which to create the public virtual interface.
+
+
+ customer_address + +
+ string +
+ 		+ + +
The customer address CIDR with which to create the virtual interface.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ id_to_associate + +
+ string + / required
+ 		+ + +
The ID of the link aggregation group or connection to associate with the virtual interface.
+

aliases: link_aggregation_group_id, connection_id
+
+
+ name + +
+ string +
+ 		+ + +
The name of the virtual interface.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ public + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
The type of virtual interface.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
The desired state of the Direct Connect virtual interface.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ virtual_gateway_id + +
+ string +
+ 		+ + +
The virtual gateway ID required for creating a private virtual interface.
+
+
+ virtual_interface_id + +
+ string +
+ 		+ + +
The virtual interface ID.
+
+
+ vlan + +
+ integer +
+ 		+ Default:
100
+ 		+ +
The VLAN ID.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - name: create an association between a LAG and connection + aws_direct_connect_virtual_interface: + state: present + name: "{{ name }}" + link_aggregation_group_id: LAG-XXXXXXXX + connection_id: dxcon-XXXXXXXX + + - name: remove an association between a connection and virtual interface + aws_direct_connect_virtual_interface: + state: absent + connection_id: dxcon-XXXXXXXX + virtual_interface_id: dxv-XXXXXXXX + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ address_family + +
+ string +
+ 		always +
The address family for the BGP peer.
+
+
Sample:
+
ipv4
+
+
+ amazon_address + +
+ string +
+ 		always +
IP address assigned to the Amazon interface.
+
+
Sample:
+
169.254.255.1/30
+
+
+ asn + +
+ integer +
+ 		always +
The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
+
+
Sample:
+
65000
+
+
+ auth_key + +
+ string +
+ 		always +
The authentication key for BGP configuration.
+
+
Sample:
+
0xZ59Y1JZ2oDOSh6YriIlyRE
+
+
+ bgp_peers + +
+ complex +
+ 		always +
A list of the BGP peers configured on this virtual interface.
+
+
  +
+ address_family + +
+ string +
+ 		always +
The address family for the BGP peer.
+
+
Sample:
+
ipv4
+
  +
+ amazon_address + +
+ string +
+ 		always +
IP address assigned to the Amazon interface.
+
+
Sample:
+
169.254.255.1/30
+
  +
+ asn + +
+ integer +
+ 		always +
The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
+
+
Sample:
+
65000
+
  +
+ auth_key + +
+ string +
+ 		always +
The authentication key for BGP configuration.
+
+
Sample:
+
0xZ59Y1JZ2oDOSh6YriIlyRE
+
  +
+ bgp_peer_state + +
+ string +
+ 		always +
The state of the BGP peer (verifying, pending, available)
+
+
Sample:
+
available
+
  +
+ bgp_status + +
+ string +
+ 		always +
The up/down state of the BGP peer.
+
+
Sample:
+
up
+
  +
+ customer_address + +
+ string +
+ 		always +
IP address assigned to the customer interface.
+
+
Sample:
+
169.254.255.2/30
+
+
+ changed + +
+ boolean +
+ 		always +
Indicated if the virtual interface has been created/modified/deleted
+
+
+
+ connection_id + +
+ string +
+ 		always +
The ID of the connection. This field is also used as the ID type for operations that use multiple connection types (LAG, interconnect, and/or connection).
+
+
Sample:
+
dxcon-fgb175av
+
+
+ customer_address + +
+ string +
+ 		always +
IP address assigned to the customer interface.
+
+
Sample:
+
169.254.255.2/30
+
+
+ customer_router_config + +
+ string +
+ 		always +
Information for generating the customer router configuration.
+
+
+
+ location + +
+ string +
+ 		always +
Where the connection is located.
+
+
Sample:
+
EqDC2
+
+
+ owner_account + +
+ string +
+ 		always +
The AWS account that will own the new virtual interface.
+
+
Sample:
+
123456789012
+
+
+ route_filter_prefixes + +
+ complex +
+ 		always +
A list of routes to be advertised to the AWS network in this region (public virtual interface).
+
+
  +
+ cidr + +
+ string +
+ 		always +
A routes to be advertised to the AWS network in this region.
+
+
Sample:
+
54.227.92.216/30
+
+
+ virtual_gateway_id + +
+ string +
+ 		when public=False +
The ID of the virtual private gateway to a VPC. This only applies to private virtual interfaces.
+
+
Sample:
+
vgw-f3ce259a
+
+
+ virtual_interface_id + +
+ string +
+ 		always +
The ID of the virtual interface.
+
+
Sample:
+
dxvif-fh0w7cex
+
+
+ virtual_interface_name + +
+ string +
+ 		always +
The name of the virtual interface assigned by the customer.
+
+
Sample:
+
test_virtual_interface
+
+
+ virtual_interface_state + +
+ string +
+ 		always +
State of the virtual interface (confirming, verifying, pending, available, down, rejected).
+
+
Sample:
+
available
+
+
+ virtual_interface_type + +
+ string +
+ 		always +
The type of virtual interface (private, public).
+
+
Sample:
+
private
+
+
+ vlan + +
+ integer +
+ 		always +
The VLAN ID.
+
+
Sample:
+
100
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_eks_cluster.rst b/docs/community.aws.aws_eks_cluster.rst new file mode 100644 index 00000000000..5b7b9cd6e6a --- /dev/null +++ b/docs/community.aws.aws_eks_cluster.rst @@ -0,0 +1,649 @@ + +.. _community.aws.aws_eks_cluster_: + + +***************************** +community.aws.aws_eks_cluster +***************************** + +**Manage Elastic Kubernetes Service Clusters** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage Elastic Kubernetes Service Clusters + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of EKS cluster
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string +
+ 		+ + +
ARN of IAM role used by the EKS cluster
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
list of security group names or IDs
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • absent
    • +
  • present ←
    • +
+ 		+ +
desired state of the EKS cluster
+
+
+ subnets + +
+ list + / elements=string
+ 		+ + +
list of subnet IDs for the Kubernetes cluster
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ version + +
+ string +
+ 		+ + +
Kubernetes version - defaults to latest
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specifies whether the module waits until the cluster is active or deleted before moving on. It takes "usually less than 10 minutes" per AWS documentation.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
1200
+ 		+ +
The duration in seconds to wait for the cluster to become active. Defaults to 1200 seconds (20 minutes).
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create an EKS cluster + aws_eks_cluster: + name: my_cluster + version: 1.14 + role_arn: my_eks_role + subnets: + - subnet-aaaa1111 + security_groups: + - my_eks_sg + - sg-abcd1234 + register: caller_facts + + - name: Remove an EKS cluster + aws_eks_cluster: + name: my_cluster + wait: yes + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ arn + +
+ string +
+ 		when state is present +
ARN of the EKS cluster
+
+
Sample:
+
arn:aws:eks:us-west-2:111111111111:cluster/my-eks-cluster
+
+
+ certificate_authority + +
+ complex +
+ 		after creation +
Dictionary containing Certificate Authority Data for cluster
+
+
  +
+ data + +
+ string +
+ 		when the cluster has been created and is active +
Base-64 encoded Certificate Authority Data for cluster
+
+
+
+ created_at + +
+ string +
+ 		when state is present +
Cluster creation date and time
+
+
Sample:
+
2018-06-06T11:56:56.242000+00:00
+
+
+ endpoint + +
+ string +
+ 		when the cluster has been created and is active +
Kubernetes API server endpoint
+
+
Sample:
+
https://API_SERVER_ENDPOINT.yl4.us-west-2.eks.amazonaws.com
+
+
+ name + +
+ string +
+ 		when state is present +
EKS cluster name
+
+
Sample:
+
my-eks-cluster
+
+
+ resources_vpc_config + +
+ complex +
+ 		when state is present +
VPC configuration of the cluster
+
+
  +
+ security_group_ids + +
+ list +
+ 		always +
List of security group IDs
+
+
Sample:
+
['sg-abcd1234', 'sg-aaaa1111']
+
  +
+ subnet_ids + +
+ list +
+ 		always +
List of subnet IDs
+
+
Sample:
+
['subnet-abcdef12', 'subnet-345678ab', 'subnet-cdef1234']
+
  +
+ vpc_id + +
+ string +
+ 		always +
VPC id
+
+
Sample:
+
vpc-a1b2c3d4
+
+
+ role_arn + +
+ string +
+ 		when state is present +
ARN of the IAM role used by the cluster
+
+
Sample:
+
arn:aws:iam::111111111111:role/aws_eks_cluster_role
+
+
+ status + +
+ string +
+ 		when state is present +
status of the EKS cluster
+
+
Sample:
+
['CREATING', 'ACTIVE']
+
+
+ version + +
+ string +
+ 		when state is present +
Kubernetes version of the cluster
+
+
Sample:
+
1.10
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_elasticbeanstalk_app.rst b/docs/community.aws.aws_elasticbeanstalk_app.rst new file mode 100644 index 00000000000..c77b8a21216 --- /dev/null +++ b/docs/community.aws.aws_elasticbeanstalk_app.rst @@ -0,0 +1,385 @@ + +.. _community.aws.aws_elasticbeanstalk_app_: + + +************************************** +community.aws.aws_elasticbeanstalk_app +************************************** + +**Create, update, and delete an elastic beanstalk application** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, updates, deletes beanstalk applications if app_name is provided. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ app_name + +
+ string +
+ 		+ + +
Name of the beanstalk application you wish to manage.
+

aliases: name
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
The description of the application.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • absent
    • +
  • present ←
    • +
+ 		+ +
Whether to ensure the application is present or absent.
+
+
+ terminate_by_force + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When terminate_by_force=true, running environments will be terminated before deleting the application.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create or update an application + - aws_elasticbeanstalk_app: + app_name: Sample_App + description: "Hello World App" + state: present + + # Delete application + - aws_elasticbeanstalk_app: + app_name: Sample_App + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ app + +
+ dictionary +
+ 		always +
Beanstalk application.
+
+
Sample:
+
{'ApplicationName': 'app-name', 'ConfigurationTemplates': [], 'DateCreated': '2016-12-28T14:50:03.185000+00:00', 'DateUpdated': '2016-12-28T14:50:03.185000+00:00', 'Description': 'description', 'Versions': ['1.0.0', '1.0.1']}
+
+
+ output + +
+ string +
+ 		in check mode +
Message indicating what change will occur.
+
+
Sample:
+
App is up-to-date
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Harpreet Singh (@hsingh) +- Stephen Granger (@viper233) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_glue_connection.rst b/docs/community.aws.aws_glue_connection.rst new file mode 100644 index 00000000000..e5628b6e335 --- /dev/null +++ b/docs/community.aws.aws_glue_connection.rst @@ -0,0 +1,575 @@ + +.. _community.aws.aws_glue_connection_: + + +********************************* +community.aws.aws_glue_connection +********************************* + +**Manage an AWS Glue connection** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Glue connection. See https://aws.amazon.com/glue/ for details. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ catalog_id + +
+ string +
+ 		+ + +
The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.
+
+
+ connection_properties + +
+ dictionary +
+ 		+ + +
A dict of key-value pairs used as parameters for this connection.
+
Required when state=present.
+
+
+ connection_type + +
+ string +
+ 		+
    Choices: +
  • JDBC ←
    • +
  • SFTP
    • +
+ 		+ +
The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
The description of the connection.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ match_criteria + +
+ list + / elements=string
+ 		+ + +
A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the connection.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
A list of security groups to be used by the connection. Use either security group name or ID.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or delete the AWS Glue connection.
+
+
+ subnet_id + +
+ string +
+ 		+ + +
The subnet ID used by the connection.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an AWS Glue connection + - aws_glue_connection: + name: my-glue-connection + connection_properties: + JDBC_CONNECTION_URL: jdbc:mysql://mydb:3306/databasename + USERNAME: my-username + PASSWORD: my-password + state: present + + # Delete an AWS Glue connection + - aws_glue_connection: + name: my-glue-connection + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ connection_properties + +
+ dictionary +
+ 		when state is present +
A dict of key-value pairs used as parameters for this connection.
+
+
Sample:
+
{'JDBC_CONNECTION_URL': 'jdbc:mysql://mydb:3306/databasename', 'USERNAME': 'x', 'PASSWORD': 'y'}
+
+
+ connection_type + +
+ string +
+ 		when state is present +
The type of the connection.
+
+
Sample:
+
JDBC
+
+
+ creation_time + +
+ string +
+ 		when state is present +
The time this connection definition was created.
+
+
Sample:
+
2018-04-21T05:19:58.326000+00:00
+
+
+ description + +
+ string +
+ 		when state is present +
Description of the job being defined.
+
+
Sample:
+
My first Glue job
+
+
+ last_updated_time + +
+ string +
+ 		when state is present +
The last time this connection definition was updated.
+
+
Sample:
+
2018-04-21T05:19:58.326000+00:00
+
+
+ match_criteria + +
+ list +
+ 		when state is present +
A list of criteria that can be used in selecting this connection.
+
+
+
+ name + +
+ string +
+ 		when state is present +
The name of the connection definition.
+
+
Sample:
+
my-glue-connection
+
+
+ physical_connection_requirements + +
+ dictionary +
+ 		when state is present +
A dict of physical connection requirements, such as VPC and SecurityGroup, needed for making this connection successfully.
+
+
Sample:
+
{'subnet-id': 'subnet-aabbccddee'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_glue_job.rst b/docs/community.aws.aws_glue_job.rst new file mode 100644 index 00000000000..ae06385d933 --- /dev/null +++ b/docs/community.aws.aws_glue_job.rst @@ -0,0 +1,761 @@ + +.. _community.aws.aws_glue_job_: + + +************************** +community.aws.aws_glue_job +************************** + +**Manage an AWS Glue job** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Glue job. See https://aws.amazon.com/glue/ for details. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ allocated_capacity + +
+ integer +
+ 		+ + +
The number of AWS Glue data processing units (DPUs) to allocate to this Job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ command_name + +
+ string +
+ 		+ Default:
"glueetl"
+ 		+ +
The name of the job command. This must be 'glueetl'.
+
+
+ command_script_location + +
+ string +
+ 		+ + +
The S3 path to a script that executes a job.
+
Required when state=present.
+
+
+ connections + +
+ list + / elements=string
+ 		+ + +
A list of Glue connections used for this job.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ default_arguments + +
+ dictionary +
+ 		+ + +
A dict of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.
+
+
+ description + +
+ string +
+ 		+ + +
Description of the job being defined.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ max_concurrent_runs + +
+ integer +
+ 		+ + +
The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
+
+
+ max_retries + +
+ integer +
+ 		+ + +
The maximum number of times to retry this job if it fails.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name you assign to this job definition. It must be unique in your account.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role + +
+ string +
+ 		+ + +
The name or ARN of the IAM role associated with this job.
+
Required when state=present.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or delete the AWS Glue job.
+
+
+ timeout + +
+ integer +
+ 		+ + +
The job timeout in minutes.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an AWS Glue job + - aws_glue_job: + command_script_location: s3bucket/script.py + name: my-glue-job + role: my-iam-role + state: present + + # Delete an AWS Glue job + - aws_glue_job: + name: my-glue-job + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ allocated_capacity + +
+ integer +
+ 		when state is present +
The number of AWS Glue data processing units (DPUs) allocated to runs of this job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
+
+
Sample:
+
10
+
+
+ command + +
+ complex +
+ 		when state is present +
The JobCommand that executes this job.
+
+
  +
+ name + +
+ string +
+ 		when state is present +
The name of the job command.
+
+
Sample:
+
glueetl
+
  +
+ script_location + +
+ string +
+ 		when state is present +
Specifies the S3 path to a script that executes a job.
+
+
Sample:
+
mybucket/myscript.py
+
+
+ connections + +
+ dictionary +
+ 		when state is present +
The connections used for this job.
+
+
Sample:
+
{ Connections: [ 'list', 'of', 'connections' ] }
+
+
+ created_on + +
+ string +
+ 		when state is present +
The time and date that this job definition was created.
+
+
Sample:
+
2018-04-21T05:19:58.326000+00:00
+
+
+ default_arguments + +
+ dictionary +
+ 		when state is present +
The default arguments for this job, specified as name-value pairs.
+
+
Sample:
+
{ 'mykey1': 'myvalue1' }
+
+
+ description + +
+ string +
+ 		when state is present +
Description of the job being defined.
+
+
Sample:
+
My first Glue job
+
+
+ execution_property + +
+ complex +
+ 		always +
An ExecutionProperty specifying the maximum number of concurrent runs allowed for this job.
+
+
  +
+ max_concurrent_runs + +
+ integer +
+ 		when state is present +
The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
+
+
Sample:
+
1
+
+
+ job_name + +
+ string +
+ 		always +
The name of the AWS Glue job.
+
+
Sample:
+
my-glue-job
+
+
+ last_modified_on + +
+ string +
+ 		when state is present +
The last point in time when this job definition was modified.
+
+
Sample:
+
2018-04-21T05:19:58.326000+00:00
+
+
+ max_retries + +
+ integer +
+ 		when state is present +
The maximum number of times to retry this job after a JobRun fails.
+
+
Sample:
+
5
+
+
+ name + +
+ string +
+ 		when state is present +
The name assigned to this job definition.
+
+
Sample:
+
my-glue-job
+
+
+ role + +
+ string +
+ 		when state is present +
The name or ARN of the IAM role associated with this job.
+
+
Sample:
+
my-iam-role
+
+
+ timeout + +
+ integer +
+ 		when state is present +
The job timeout in minutes.
+
+
Sample:
+
300
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_inspector_target.rst b/docs/community.aws.aws_inspector_target.rst new file mode 100644 index 00000000000..18e99501c48 --- /dev/null +++ b/docs/community.aws.aws_inspector_target.rst @@ -0,0 +1,439 @@ + +.. _community.aws.aws_inspector_target_: + + +********************************** +community.aws.aws_inspector_target +********************************** + +**Create, Update and Delete Amazon Inspector Assessment Targets** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, updates, or deletes Amazon Inspector Assessment Targets and manages the required Resource Groups. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The user-defined name that identifies the assessment target. The name must be unique within the AWS account.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • absent
    • +
  • present ←
    • +
+ 		+ +
The state of the assessment target.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Tags of the EC2 instances to be added to the assessment target.
+
Required if state=present.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create my_target Assessment Target + aws_inspector_target: + name: my_target + tags: + role: scan_target + + - name: Update Existing my_target Assessment Target with Additional Tags + aws_inspector_target: + name: my_target + tags: + env: dev + role: scan_target + + - name: Delete my_target Assessment Target + aws_inspector_target: + name: my_target + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ arn + +
+ string +
+ 		success +
The ARN that specifies the Amazon Inspector assessment target.
+
+
Sample:
+
arn:aws:inspector:eu-west-1:123456789012:target/0-O4LnL7n1
+
+
+ created_at + +
+ string +
+ 		success +
The time at which the assessment target was created.
+
+
Sample:
+
2018-01-29T13:48:51.958000+00:00
+
+
+ name + +
+ string +
+ 		success +
The name of the Amazon Inspector assessment target.
+
+
Sample:
+
my_target
+
+
+ resource_group_arn + +
+ string +
+ 		success +
The ARN that specifies the resource group that is associated with the assessment target.
+
+
Sample:
+
arn:aws:inspector:eu-west-1:123456789012:resourcegroup/0-qY4gDel8
+
+
+ tags + +
+ list +
+ 		success +
The tags of the resource group that is associated with the assessment target.
+
+
Sample:
+
{'role': 'scan_target', 'env': 'dev'}
+
+
+ updated_at + +
+ string +
+ 		success +
The time at which the assessment target was last updated.
+
+
Sample:
+
2018-01-29T13:48:51.958000+00:00
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Dennis Conrad (@dennisconrad) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_kms.rst b/docs/community.aws.aws_kms.rst new file mode 100644 index 00000000000..b175063ab26 --- /dev/null +++ b/docs/community.aws.aws_kms.rst @@ -0,0 +1,1146 @@ + +.. _community.aws.aws_kms_: + + +********************* +community.aws.aws_kms +********************* + +**Perform various KMS management tasks.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage role/user access to a KMS key. Not designed for encrypting/decrypting. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ alias + +
+ string +
+ 		+ + +
An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.
+

aliases: key_alias
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ enable_key_rotation + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether the key should be automatically rotated every year.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether or not a key is enabled
+
+
+ grants + +
+ list + / elements=dictionary
+ 		+ + +
A list of grants to apply to the key. Each item must contain grantee_principal. Each item can optionally contain retiring_principal, operations, constraints, name.
+
grantee_principal and retiring_principal must be ARNs
+
For full documentation of suboptions see the boto3 documentation:
+ +
+
+ constraints + +
+ dictionary +
+ 		+ + +
Constraints is a dict containing encryption_context_subset or encryption_context_equals, either or both being a dict specifying an encryption context match. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html or https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant
+
+
+ grantee_principal + +
+ string + / required
+ 		+ + +
The full ARN of the principal being granted permissions.
+
+
+ operations + +
+ list + / elements=string
+ 		+
    Choices: +
  • Decrypt
    • +
  • Encrypt
    • +
  • GenerateDataKey
    • +
  • GenerateDataKeyWithoutPlaintext
    • +
  • ReEncryptFrom
    • +
  • ReEncryptTo
    • +
  • CreateGrant
    • +
  • RetireGrant
    • +
  • DescribeKey
    • +
  • Verify
    • +
  • Sign
    • +
+ 		+ +
A list of operations that the grantee may perform using the CMK.
+
+
+ retiring_principal + +
+ string +
+ 		+ + +
The full ARN of the principal permitted to revoke/retire the grant.
+
+
+ key_id + +
+ string +
+ 		+ + +
Key ID or ARN of the key.
+
One of alias or key_id are required.
+

aliases: key_arn
+
+
+ policy + +
+ json +
+ 		+ + +
policy to apply to the KMS key.
+ +
+
+ policy_clean_invalid_entries + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
(deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
+
Only cleans if changes are being made.
+
Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
+
This option has been deprecated, and will be removed in 2.13. Use policy instead.
+

aliases: clean_invalid_entries
+
+
+ policy_grant_types + +
+ list + / elements=string
+ 		+ + +
(deprecated) List of grants to give to user/role. Likely "role,role grant" or "role,role grant,admin".
+
Required when policy_mode=grant.
+
Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
+
This option has been deprecated, and will be removed in 2.13. Use policy instead.
+

aliases: grant_types
+
+
+ policy_mode + +
+ string +
+ 		+
    Choices: +
  • grant ←
    • +
  • deny
    • +
+ 		+ +
(deprecated) Grant or deny access.
+
Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
+
This option has been deprecated, and will be removed in 2.13. Use policy instead.
+

aliases: mode
+
+
+ policy_role_arn + +
+ string +
+ 		+ + +
(deprecated) ARN of role to allow/deny access.
+
One of policy_role_name or policy_role_arn are required.
+
Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
+
This option has been deprecated, and will be removed in 2.13. Use policy instead.
+

aliases: role_arn
+
+
+ policy_role_name + +
+ string +
+ 		+ + +
(deprecated) Role to allow/deny access.
+
One of policy_role_name or policy_role_arn are required.
+
Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
+
This option has been deprecated, and will be removed in 2.13. Use policy instead.
+

aliases: role_name
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_grants + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether the grants argument should cause grants not in the list to be removed
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether the tags argument should cause tags not in the list to be removed
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether a key should be present or absent. Note that making an existing key absent only schedules a key for deletion. Passing a key that is scheduled for deletion with state present will cancel key deletion.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of tags to apply to a key.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile + # and has been deprecated in favour of the policy option. + - name: grant user-style access to production secrets + aws_kms: + args: + alias: "alias/my_production_secrets" + policy_mode: grant + policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" + policy_grant_types: "role,role grant" + - name: remove access to production secrets from role + aws_kms: + args: + alias: "alias/my_production_secrets" + policy_mode: deny + policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" + + # Create a new KMS key + - aws_kms: + alias: mykey + tags: + Name: myKey + Purpose: protect_stuff + + # Update previous key with more tags + - aws_kms: + alias: mykey + tags: + Name: myKey + Purpose: protect_stuff + Owner: security_team + + # Update a known key with grants allowing an instance with the billing-prod IAM profile + # to decrypt data encrypted with the environment: production, application: billing + # encryption context + - aws_kms: + key_id: abcd1234-abcd-1234-5678-ef1234567890 + grants: + - name: billing_prod + grantee_principal: arn:aws:iam::1234567890123:role/billing_prod + constraints: + encryption_context_equals: + environment: production + application: billing + operations: + - Decrypt + - RetireGrant + + - name: Update IAM policy on an existing KMS key + aws_kms: + alias: my-kms-key + policy: '{"Version": "2012-10-17", "Id": "my-kms-key-permissions", "Statement": [ { } ]}' + state: present + + - name: Example using lookup for policy json + aws_kms: + alias: my-kms-key + policy: "{{ lookup('template', 'kms_iam_policy_template.json.j2') }}" + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ aliases + +
+ list +
+ 		always +
list of aliases associated with the key
+
+
Sample:
+
['aws/acm', 'aws/ebs']
+
+
+ aws_account_id + +
+ string +
+ 		always +
The AWS Account ID that the key belongs to
+
+
Sample:
+
1234567890123
+
+
+ changes_needed + +
+ dictionary +
+ 		always +
grant types that would be changed/were changed.
+
+
Sample:
+
{'role': 'add', 'role grant': 'add'}
+
+
+ creation_date + +
+ string +
+ 		always +
Date of creation of the key
+
+
Sample:
+
2017-04-18T15:12:08.551000+10:00
+
+
+ description + +
+ string +
+ 		always +
Description of the key
+
+
Sample:
+
My Key for Protecting important stuff
+
+
+ enabled + +
+ string +
+ 		always +
Whether the key is enabled. True if KeyState is true.
+
+
+
+ grants + +
+ complex +
+ 		always +
list of grants associated with a key
+
+
  +
+ constraints + +
+ dictionary +
+ 		always +
Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
+
+
Sample:
+
{'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
+
  +
+ creation_date + +
+ string +
+ 		always +
Date of creation of the grant
+
+
Sample:
+
2017-04-18T15:12:08+10:00
+
  +
+ grant_id + +
+ string +
+ 		always +
The unique ID for the grant
+
+
Sample:
+
abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
+
  +
+ grantee_principal + +
+ string +
+ 		always +
The principal that receives the grant's permissions
+
+
Sample:
+
arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
+
  +
+ issuing_account + +
+ string +
+ 		always +
The AWS account under which the grant was issued
+
+
Sample:
+
arn:aws:iam::01234567890:root
+
  +
+ key_id + +
+ string +
+ 		always +
The key ARN to which the grant applies.
+
+
Sample:
+
arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
+
  +
+ name + +
+ string +
+ 		always +
The friendly name that identifies the grant
+
+
Sample:
+
xyz
+
  +
+ operations + +
+ list +
+ 		always +
The list of operations permitted by the grant
+
+
Sample:
+
['Decrypt', 'RetireGrant']
+
  +
+ retiring_principal + +
+ string +
+ 		always +
The principal that can retire the grant
+
+
Sample:
+
arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
+
+
+ had_invalid_entries + +
+ boolean +
+ 		always +
there are invalid (non-ARN) entries in the KMS entry. These don't count as a change, but will be removed if any changes are being made.
+
+
+
+ key_arn + +
+ string +
+ 		always +
ARN of key
+
+
Sample:
+
arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
+
+
+ key_id + +
+ string +
+ 		always +
ID of key
+
+
Sample:
+
abcd1234-abcd-1234-5678-ef1234567890
+
+
+ key_state + +
+ string +
+ 		always +
The state of the key
+
+
Sample:
+
PendingDeletion
+
+
+ key_usage + +
+ string +
+ 		always +
The cryptographic operations for which you can use the key.
+
+
Sample:
+
ENCRYPT_DECRYPT
+
+
+ origin + +
+ string +
+ 		always +
The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
+
+
Sample:
+
AWS_KMS
+
+
+ policies + +
+ list +
+ 		always +
list of policy documents for the keys. Empty when access is denied even if there are policies.
+
+
Sample:
+
{'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
+
+
+ tags + +
+ dictionary +
+ 		always +
dictionary of tags applied to the key
+
+
Sample:
+
{'Name': 'myKey', 'Purpose': 'protecting_stuff'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ted Timmons (@tedder) +- Will Thames (@willthames) +- Mark Chappell (@tremble) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_kms_info.rst b/docs/community.aws.aws_kms_info.rst new file mode 100644 index 00000000000..2d22c58e18b --- /dev/null +++ b/docs/community.aws.aws_kms_info.rst @@ -0,0 +1,749 @@ + +.. _community.aws.aws_kms_info_: + + +************************** +community.aws.aws_kms_info +************************** + +**Gather information about AWS KMS keys** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about AWS KMS keys including tags and grants +- This module was called ``aws_kms_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (tag-key, tag-value and tag:tagName) are available, as are key-id and alias
+
+
+ pending_deletion + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to get full details (tags, grants etc.) of keys pending deletion
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all KMS keys + - aws_kms_info: + + # Gather information about all keys with a Name tag + - aws_kms_info: + filters: + tag-key: Name + + # Gather information about all keys with a specific name + - aws_kms_info: + filters: + "tag:Name": Example + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ keys + +
+ complex +
+ 		always +
list of keys
+
+
  +
+ aliases + +
+ list +
+ 		always +
list of aliases associated with the key
+
+
Sample:
+
['aws/acm', 'aws/ebs']
+
  +
+ aws_account_id + +
+ string +
+ 		always +
The AWS Account ID that the key belongs to
+
+
Sample:
+
1234567890123
+
  +
+ creation_date + +
+ string +
+ 		always +
Date of creation of the key
+
+
Sample:
+
2017-04-18T15:12:08.551000+10:00
+
  +
+ description + +
+ string +
+ 		always +
Description of the key
+
+
Sample:
+
My Key for Protecting important stuff
+
  +
+ enable_key_rotation + +
+ boolean +
+ 		always +
Whether the automatically key rotation every year is enabled.
+
+
  +
+ enabled + +
+ string +
+ 		always +
Whether the key is enabled. True if KeyState is true.
+
+
  +
+ grants + +
+ complex +
+ 		always +
list of grants associated with a key
+
+
   +
+ constraints + +
+ dictionary +
+ 		always +
Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
+
+
Sample:
+
{'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
+
   +
+ creation_date + +
+ string +
+ 		always +
Date of creation of the grant
+
+
Sample:
+
2017-04-18T15:12:08+10:00
+
   +
+ grant_id + +
+ string +
+ 		always +
The unique ID for the grant
+
+
Sample:
+
abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
+
   +
+ grantee_principal + +
+ string +
+ 		always +
The principal that receives the grant's permissions
+
+
Sample:
+
arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
+
   +
+ issuing_account + +
+ string +
+ 		always +
The AWS account under which the grant was issued
+
+
Sample:
+
arn:aws:iam::01234567890:root
+
   +
+ key_id + +
+ string +
+ 		always +
The key ARN to which the grant applies.
+
+
Sample:
+
arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
+
   +
+ name + +
+ string +
+ 		always +
The friendly name that identifies the grant
+
+
Sample:
+
xyz
+
   +
+ operations + +
+ list +
+ 		always +
The list of operations permitted by the grant
+
+
Sample:
+
['Decrypt', 'RetireGrant']
+
   +
+ retiring_principal + +
+ string +
+ 		always +
The principal that can retire the grant
+
+
Sample:
+
arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
+
  +
+ key_arn + +
+ string +
+ 		always +
ARN of key
+
+
Sample:
+
arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
+
  +
+ key_id + +
+ string +
+ 		always +
ID of key
+
+
Sample:
+
abcd1234-abcd-1234-5678-ef1234567890
+
  +
+ key_state + +
+ string +
+ 		always +
The state of the key
+
+
Sample:
+
PendingDeletion
+
  +
+ key_usage + +
+ string +
+ 		always +
The cryptographic operations for which you can use the key.
+
+
Sample:
+
ENCRYPT_DECRYPT
+
  +
+ origin + +
+ string +
+ 		always +
The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
+
+
Sample:
+
AWS_KMS
+
  +
+ policies + +
+ list +
+ 		always +
list of policy documents for the keys. Empty when access is denied even if there are policies.
+
+
Sample:
+
{'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
+
  +
+ tags + +
+ dictionary +
+ 		always +
dictionary of tags applied to the key. Empty when access is denied even if there are tags.
+
+
Sample:
+
{'Name': 'myKey', 'Purpose': 'protecting_stuff'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_region_info.rst b/docs/community.aws.aws_region_info.rst new file mode 100644 index 00000000000..d3146fced5a --- /dev/null +++ b/docs/community.aws.aws_region_info.rst @@ -0,0 +1,309 @@ + +.. _community.aws.aws_region_info_: + + +***************************** +community.aws.aws_region_info +***************************** + +**Gather information about AWS regions.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about AWS regions. +- This module was called ``aws_region_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all regions + - aws_region_info: + + # Gather information about a single region + - aws_region_info: + filters: + region-name: eu-west-1 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ regions + +
+ list +
+ 		on success +
Regions that match the provided filters. Each element consists of a dict with all the information related to that region.
+
+
Sample:
+
[{ 'endpoint': 'ec2.us-west-1.amazonaws.com', 'region_name': 'us-west-1' }]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Henrique Rodrigues (@Sodki) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_s3_bucket_info.rst b/docs/community.aws.aws_s3_bucket_info.rst new file mode 100644 index 00000000000..0e3dcddf04e --- /dev/null +++ b/docs/community.aws.aws_s3_bucket_info.rst @@ -0,0 +1,292 @@ + +.. _community.aws.aws_s3_bucket_info_: + + +******************************** +community.aws.aws_s3_bucket_info +******************************** + +**Lists S3 buckets in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Lists S3 buckets in AWS +- This module was called ``aws_s3_bucket_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`aws_s3_bucket_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.4.4 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Note: Only AWS S3 is currently supported + + # Lists all s3 buckets + - aws_s3_bucket_info: + register: result + + - name: List buckets + debug: + msg: "{{ result['buckets'] }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ buckets + +
+ list +
+ 		always +
List of buckets
+
+
Sample:
+
[{'creation_date': '2017-07-06 15:05:12 +00:00', 'name': 'my_bucket'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gerben Geijteman (@hyperized) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_s3_cors.rst b/docs/community.aws.aws_s3_cors.rst new file mode 100644 index 00000000000..040dadd8aa0 --- /dev/null +++ b/docs/community.aws.aws_s3_cors.rst @@ -0,0 +1,391 @@ + +.. _community.aws.aws_s3_cors_: + + +************************* +community.aws.aws_s3_cors +************************* + +**Manage CORS for S3 buckets in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage CORS for S3 buckets in AWS + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the s3 bucket
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ rules + +
+ list +
+ 		+ + +
Cors rules to put on the s3 bucket
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or remove cors on the s3 bucket
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create a simple cors for s3 bucket + - aws_s3_cors: + name: mys3bucket + state: present + rules: + - allowed_origins: + - http://www.example.com/ + allowed_methods: + - GET + - POST + allowed_headers: + - Authorization + expose_headers: + - x-amz-server-side-encryption + - x-amz-request-id + max_age_seconds: 30000 + + # Remove cors for s3 bucket + - aws_s3_cors: + name: mys3bucket + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
check to see if a change was made to the rules
+
+
Sample:
+
True
+
+
+ name + +
+ string +
+ 		always +
name of bucket
+
+
Sample:
+
bucket-name
+
+
+ rules + +
+ list +
+ 		always +
list of current rules
+
+
Sample:
+
[{'allowed_headers': ['Authorization'], 'allowed_methods': ['GET'], 'allowed_origins': ['*'], 'max_age_seconds': 30000}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Oyvind Saltvik (@fivethreeo) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_secret.rst b/docs/community.aws.aws_secret.rst new file mode 100644 index 00000000000..8bdc31cb759 --- /dev/null +++ b/docs/community.aws.aws_secret.rst @@ -0,0 +1,582 @@ + +.. _community.aws.aws_secret_: + + +************************ +community.aws.aws_secret +************************ + +**Manage secrets stored in AWS Secrets Manager.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update, and delete secrets stored in AWS Secrets Manager. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore>=1.10.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
Specifies a user-provided description of the secret.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
+
+
+ name + +
+ string + / required
+ 		+ + +
Friendly name for the secret you are creating.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ recovery_window + +
+ integer +
+ 		+ Default:
30
+ 		+ +
Only used if state is absent.
+
Specifies the number of days that Secrets Manager waits before it can delete the secret.
+
If set to 0, the deletion is forced without recovery.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ rotation_interval + +
+ integer +
+ 		+ Default:
30
+ 		+ +
Specifies the number of days between automatic scheduled rotations of the secret.
+
+
+ rotation_lambda + +
+ string +
+ 		+ + +
Specifies the ARN of the Lambda function that can rotate the secret.
+
+
+ secret + +
+ string +
+ 		+ Default:
""
+ 		+ +
Specifies string or binary data that you want to encrypt and store in the new version of the secret.
+
+
+ secret_type + +
+ string +
+ 		+
    Choices: +
  • binary
    • +
  • string ←
    • +
+ 		+ +
Specifies the type of data that you want to encrypt.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the secret should be exist or not.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Specifies a list of user-defined tags that are attached to the secret.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Add string to AWS Secrets Manager + aws_secret: + name: 'test_secret_string' + state: present + secret_type: 'string' + secret: "{{ super_secret_string }}" + + - name: remove string from AWS Secrets Manager + aws_secret: + name: 'test_secret_string' + state: absent + secret_type: 'string' + secret: "{{ super_secret_string }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ secret + +
+ complex +
+ 		always +
The secret information
+
+
  +
+ arn + +
+ string +
+ 		always +
The ARN of the secret
+
+
Sample:
+
arn:aws:secretsmanager:eu-west-1:xxxxxxxxxx:secret:xxxxxxxxxxx
+
  +
+ last_accessed_date + +
+ string +
+ 		always +
The date the secret was last accessed
+
+
Sample:
+
2018-11-20T01:00:00+01:00
+
  +
+ last_changed_date + +
+ string +
+ 		always +
The date the secret was last modified.
+
+
Sample:
+
2018-11-20T12:16:38.433000+01:00
+
  +
+ name + +
+ string +
+ 		always +
The secret name.
+
+
Sample:
+
my_secret
+
  +
+ rotation_enabled + +
+ boolean +
+ 		always +
The secret rotation status.
+
+
  +
+ version_ids_to_stages + +
+ dictionary +
+ 		always +
Provide the secret version ids and the associated secret stage.
+
+
Sample:
+
{'dc1ed59b-6d8e-4450-8b41-536dfe4600a9': ['AWSCURRENT']}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- REY Remi (@rrey) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ses_identity.rst b/docs/community.aws.aws_ses_identity.rst new file mode 100644 index 00000000000..d1791624d96 --- /dev/null +++ b/docs/community.aws.aws_ses_identity.rst @@ -0,0 +1,783 @@ + +.. _community.aws.aws_ses_identity_: + + +****************************** +community.aws.aws_ses_identity +****************************** + +**Manages SES email and domain identity** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the user to manage verified email and domain identity for SES. +- This covers verifying and removing identities as well as setting up complaint, bounce and delivery notification settings. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bounce_notifications + +
+ dictionary +
+ 		+ + +
Setup the SNS topic used to report bounce notifications.
+
If omitted, bounce notifications will not be delivered to a SNS topic.
+
If bounce notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
+
+
+ include_headers + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to include headers when delivering to the SNS topic.
+
If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
+
+
+ topic + +
+ - +
+ 		+ + +
The ARN of the topic to send notifications to.
+
If omitted, notifications will not be delivered to a SNS topic.
+
+
+ complaint_notifications + +
+ dictionary +
+ 		+ + +
Setup the SNS topic used to report complaint notifications.
+
If omitted, complaint notifications will not be delivered to a SNS topic.
+
If complaint notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
+
+
+ include_headers + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to include headers when delivering to the SNS topic.
+
If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
+
+
+ topic + +
+ - +
+ 		+ + +
The ARN of the topic to send notifications to.
+
If omitted, notifications will not be delivered to a SNS topic.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delivery_notifications + +
+ dictionary +
+ 		+ + +
Setup the SNS topic used to report delivery notifications.
+
If omitted, delivery notifications will not be delivered to a SNS topic.
+
+
+ include_headers + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to include headers when delivering to the SNS topic.
+
If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
+
+
+ topic + +
+ - +
+ 		+ + +
The ARN of the topic to send notifications to.
+
If omitted, notifications will not be delivered to a SNS topic.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ feedback_forwarding + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether or not to enable feedback forwarding.
+
This can only be false if both bounce_notifications and complaint_notifications specify SNS topics.
+
+
+ identity + +
+ string + / required
+ 		+ + +
This is the email address or domain to verify / delete.
+
If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether to create(or update) or delete the identity.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Ensure example@example.com email identity exists + aws_ses_identity: + identity: example@example.com + state: present + + - name: Delete example@example.com email identity + aws_ses_identity: + email: example@example.com + state: absent + + - name: Ensure example.com domain identity exists + aws_ses_identity: + identity: example.com + state: present + + # Create an SNS topic and send bounce and complaint notifications to it + # instead of emailing the identity owner + - name: Ensure complaints-topic exists + sns_topic: + name: "complaints-topic" + state: present + purge_subscriptions: False + register: topic_info + + - name: Deliver feedback to topic instead of owner email + aws_ses_identity: + identity: example@example.com + state: present + complaint_notifications: + topic: "{{ topic_info.sns_arn }}" + include_headers: True + bounce_notifications: + topic: "{{ topic_info.sns_arn }}" + include_headers: False + feedback_forwarding: False + + # Create an SNS topic for delivery notifications and leave complaints + # Being forwarded to the identity owner email + - name: Ensure delivery-notifications-topic exists + sns_topic: + name: "delivery-notifications-topic" + state: present + purge_subscriptions: False + register: topic_info + + - name: Delivery notifications to topic + aws_ses_identity: + identity: example@example.com + state: present + delivery_notifications: + topic: "{{ topic_info.sns_arn }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ identity + +
+ string +
+ 		success +
The identity being modified.
+
+
Sample:
+
example@example.com
+
+
+ identity_arn + +
+ string +
+ 		success +
The arn of the identity being modified.
+
+
Sample:
+
arn:aws:ses:us-east-1:12345678:identity/example@example.com
+
+
+ notification_attributes + +
+ complex +
+ 		success +
The notification setup for the identity.
+
+
Sample:
+
{'bounce_topic': 'arn:aws:sns:....', 'complaint_topic': 'arn:aws:sns:....', 'delivery_topic': 'arn:aws:sns:....', 'forwarding_enabled': False, 'headers_in_bounce_notifications_enabled': True, 'headers_in_complaint_notifications_enabled': True, 'headers_in_delivery_notifications_enabled': True}
+
  +
+ bounce_topic + +
+ string +
+ 		+
The ARN of the topic bounce notifications are delivered to.
+
Omitted if bounce notifications are not delivered to a topic.
+
+
  +
+ complaint_topic + +
+ string +
+ 		+
The ARN of the topic complaint notifications are delivered to.
+
Omitted if complaint notifications are not delivered to a topic.
+
+
  +
+ delivery_topic + +
+ string +
+ 		+
The ARN of the topic delivery notifications are delivered to.
+
Omitted if delivery notifications are not delivered to a topic.
+
+
  +
+ forwarding_enabled + +
+ boolean +
+ 		+
Whether or not feedback forwarding is enabled.
+
+
  +
+ headers_in_bounce_notifications_enabled + +
+ boolean +
+ 		+
Whether or not headers are included in messages delivered to the bounce topic.
+
+
  +
+ headers_in_complaint_notifications_enabled + +
+ boolean +
+ 		+
Whether or not headers are included in messages delivered to the complaint topic.
+
+
  +
+ headers_in_delivery_notifications_enabled + +
+ boolean +
+ 		+
Whether or not headers are included in messages delivered to the delivery topic.
+
+
+
+ verification_attributes + +
+ complex +
+ 		success +
The verification information for the identity.
+
+
Sample:
+
{'verification_status': 'Pending', 'verification_token': '....'}
+
  +
+ verification_status + +
+ string +
+ 		+
The verification status of the identity.
+
+
Sample:
+
Pending
+
  +
+ verification_token + +
+ string +
+ 		+
The verification token for a domain identity.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ed Costello (@orthanc) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ses_identity_policy.rst b/docs/community.aws.aws_ses_identity_policy.rst new file mode 100644 index 00000000000..04766d3f3ff --- /dev/null +++ b/docs/community.aws.aws_ses_identity_policy.rst @@ -0,0 +1,383 @@ + +.. _community.aws.aws_ses_identity_policy_: + + +************************************* +community.aws.aws_ses_identity_policy +************************************* + +**Manages SES sending authorization policies** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the user to manage sending authorization policies associated with an SES identity (email or domain). +- SES authorization sending policies can be used to control what actors are able to send email on behalf of the validated identity and what conditions must be met by the sent emails. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ identity + +
+ string + / required
+ 		+ + +
The SES identity to attach or remove a policy from. This can be either the full ARN or just + the verified email or domain.
+
+
+ policy + +
+ json +
+ 		+ + +
A properly formatted JSON sending authorization policy. Required when state=present.
+
+
+ policy_name + +
+ string + / required
+ 		+ + +
The name used to identify the policy within the scope of the identity it's attached to.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether to create(or update) or delete the authorization policy on the identity.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: add sending authorization policy to domain identity + aws_ses_identity_policy: + identity: example.com + policy_name: ExamplePolicy + policy: "{{ lookup('template', 'policy.json.j2') }}" + state: present + + - name: add sending authorization policy to email identity + aws_ses_identity_policy: + identity: example@example.com + policy_name: ExamplePolicy + policy: "{{ lookup('template', 'policy.json.j2') }}" + state: present + + - name: add sending authorization policy to identity using ARN + aws_ses_identity_policy: + identity: "arn:aws:ses:us-east-1:12345678:identity/example.com" + policy_name: ExamplePolicy + policy: "{{ lookup('template', 'policy.json.j2') }}" + state: present + + - name: remove sending authorization policy + aws_ses_identity_policy: + identity: example.com + policy_name: ExamplePolicy + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ policies + +
+ list +
+ 		success +
A list of all policies present on the identity after the operation.
+
+
Sample:
+
['ExamplePolicy']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ed Costello (@orthanc) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ses_rule_set.rst b/docs/community.aws.aws_ses_rule_set.rst new file mode 100644 index 00000000000..59be41a56b4 --- /dev/null +++ b/docs/community.aws.aws_ses_rule_set.rst @@ -0,0 +1,412 @@ + +.. _community.aws.aws_ses_rule_set_: + + +****************************** +community.aws.aws_ses_rule_set +****************************** + +**Manages SES inbound receipt rule sets** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The :ref:`aws_ses_rule_set ` module allows you to create, delete, and manage SES receipt rule sets + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ active + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not this rule set should be the active rule set. Only has an impact if state is present.
+
If omitted, the active rule set will not be changed.
+
If True then this rule set will be made active and all others inactive.
+
if False then this rule set will be deactivated. Be careful with this as you can end up with no active rule set.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ force + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When deleting a rule set, deactivate it first (AWS prevents deletion of the active rule set).
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the receipt rule set.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • absent
    • +
  • present ←
    • +
+ 		+ +
Whether to create (or update) or destroy the receipt rule set.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + --- + - name: Create default rule set and activate it if not already + aws_ses_rule_set: + name: default-rule-set + state: present + active: yes + + - name: Create some arbitrary rule set but do not activate it + aws_ses_rule_set: + name: arbitrary-rule-set + state: present + + - name: Explicitly deactivate the default rule set leaving no active rule set + aws_ses_rule_set: + name: default-rule-set + state: present + active: no + + - name: Remove an arbitrary inactive rule set + aws_ses_rule_set: + name: arbitrary-rule-set + state: absent + + - name: Remove an ruleset even if we have to first deactivate it to remove it + aws_ses_rule_set: + name: default-rule-set + state: absent + force: yes + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ active + +
+ boolean +
+ 		success if state is present +
if the SES rule set is active
+
+
Sample:
+
True
+
+
+ rule_sets + +
+ list +
+ 		success +
The list of SES receipt rule sets that exist after any changes.
+
+
Sample:
+
[{'created_timestamp': '2018-02-25T01:20:32.690000+00:00', 'name': 'default-rule-set'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ben Tomasik (@tomislacker) +- Ed Costello (@orthanc) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_sgw_info.rst b/docs/community.aws.aws_sgw_info.rst new file mode 100644 index 00000000000..7544471e139 --- /dev/null +++ b/docs/community.aws.aws_sgw_info.rst @@ -0,0 +1,760 @@ + +.. _community.aws.aws_sgw_info_: + + +************************** +community.aws.aws_sgw_info +************************** + +**Fetch AWS Storage Gateway information** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Fetch AWS Storage Gateway information +- This module was called ``aws_sgw_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ gather_file_shares + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Gather file share information for storage gateways in s3 mode.
+
+
+ gather_local_disks + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Gather local disks attached to the storage gateway.
+
+
+ gather_tapes + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Gather tape information for storage gateways in tape mode.
+
+
+ gather_volumes + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Gather volume information for storage gateways in iSCSI (cached & stored) modes.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: "Get AWS storage gateway information" + aws_sgw_info: + + - name: "Get AWS storage gateway information for region eu-west-3" + aws_sgw_info: + region: eu-west-3 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ gateways + +
+ complex +
+ 		always +
list of gateway objects
+
+
  +
+ file_shares + +
+ complex +
+ 		when gateway_type == "FILE_S3" +
Storage gateway file shares
+
+
   +
+ file_share_arn + +
+ string +
+ 		always +
File share ARN
+
+
Sample:
+
arn:aws:storagegateway:eu-west-1:399805793479:share/share-AF999C88
+
   +
+ file_share_id + +
+ string +
+ 		always +
File share ID
+
+
Sample:
+
share-AF999C88
+
   +
+ file_share_status + +
+ string +
+ 		always +
File share status
+
+
Sample:
+
AVAILABLE
+
  +
+ gateway_arn + +
+ string +
+ 		always +
Storage Gateway ARN
+
+
Sample:
+
arn:aws:storagegateway:eu-west-1:367709993819:gateway/sgw-9999F888
+
  +
+ gateway_id + +
+ string +
+ 		always +
Storage Gateway ID
+
+
Sample:
+
sgw-9999F888
+
  +
+ gateway_name + +
+ string +
+ 		always +
Storage Gateway friendly name
+
+
Sample:
+
my-sgw-01
+
  +
+ gateway_operational_state + +
+ string +
+ 		always +
Storage Gateway operational state
+
+
Sample:
+
ACTIVE
+
  +
+ gateway_type + +
+ string +
+ 		always +
Storage Gateway type
+
+
Sample:
+
FILE_S3
+
  +
+ local_disks + +
+ complex +
+ 		always +
Storage gateway local disks
+
+
   +
+ disk_allocation_type + +
+ string +
+ 		always +
Disk allocation type
+
+
Sample:
+
CACHE STORAGE
+
   +
+ disk_id + +
+ string +
+ 		always +
Disk ID on the system
+
+
Sample:
+
pci-0000:00:1f.0
+
   +
+ disk_node + +
+ string +
+ 		always +
Disk parent block device
+
+
Sample:
+
/dev/sdb
+
   +
+ disk_path + +
+ string +
+ 		always +
Disk path used for the cache
+
+
Sample:
+
/dev/nvme1n1
+
   +
+ disk_size_in_bytes + +
+ integer +
+ 		always +
Disk size in bytes
+
+
Sample:
+
107374182400
+
   +
+ disk_status + +
+ string +
+ 		always +
Disk status
+
+
Sample:
+
present
+
  +
+ tapes + +
+ complex +
+ 		when gateway_type == "VTL" +
Storage Gateway tapes
+
+
   +
+ tape_arn + +
+ string +
+ 		always +
Tape ARN
+
+
Sample:
+
arn:aws:storagegateway:eu-west-1:399805793479:tape/tape-AF999C88
+
   +
+ tape_barcode + +
+ string +
+ 		always +
Tape ARN
+
+
Sample:
+
tape-AF999C88
+
   +
+ tape_size_in_bytes + +
+ integer +
+ 		always +
Tape ARN
+
+
Sample:
+
555887569
+
   +
+ tape_status + +
+ string +
+ 		always +
Tape ARN
+
+
Sample:
+
AVAILABLE
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Loic Blot (@nerzhul) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ssm.rst b/docs/community.aws.aws_ssm.rst new file mode 100644 index 00000000000..3c3b3b9ba91 --- /dev/null +++ b/docs/community.aws.aws_ssm.rst @@ -0,0 +1,276 @@ + +.. _community.aws.aws_ssm_: + + +********************* +community.aws.aws_ssm +********************* + +**execute via AWS Systems Manager** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This connection plugin allows ansible to execute tasks on an EC2 instance via the aws ssm CLI. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- The remote EC2 instance must be running the AWS Systems Manager Agent (SSM Agent). +- The control machine must have the aws session manager plugin installed. +- The remote EC2 linux instance must have the curl installed. + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ bucket_name + +
+ - +
+ 		+ +
var: ansible_aws_ssm_bucket_name
+ 		+
The name of the S3 bucket used for file transfers.
+
+
+ instance_id + +
+ - +
+ 		+ +
var: ansible_aws_ssm_instance_id
+ 		+
The EC2 instance ID.
+
+
+ plugin + +
+ - +
+ 		+ Default:
"/usr/local/bin/session-manager-plugin"
+ 		+
var: ansible_aws_ssm_plugin
+ 		+
This defines the location of the session-manager-plugin binary.
+
+
+ region + +
+ - +
+ 		+ Default:
"us-east-1"
+ 		+
var: ansible_aws_ssm_region
+ 		+
The region the EC2 instance is located.
+
+
+ retries + +
+ integer +
+ 		+ Default:
3
+ 		+
var: ansible_aws_ssm_retries
+ 		+
Number of attempts to connect.
+
+
+ timeout + +
+ integer +
+ 		+ Default:
60
+ 		+
var: ansible_aws_ssm_timeout
+ 		+
Connection timeout seconds.
+
+
+ + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # Stop Spooler Process on Windows Instances + - name: Stop Spooler Service on Windows Instances + vars: + ansible_connection: aws_ssm + ansible_shell_type: powershell + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: Stop spooler service + win_service: + name: spooler + state: stopped + + # Install a Nginx Package on Linux Instance + - name: Install a Nginx Package + vars: + ansible_connection: aws_ssm + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-west-2 + tasks: + - name: Install a Nginx Package + yum: + name: nginx + state: present + + # Create a directory in Windows Instances + - name: Create a directory in Windows Instance + vars: + ansible_connection: aws_ssm + ansible_shell_type: powershell + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: Create a Directory + win_file: + path: C:\Windows\temp + state: directory + + # Making use of Dynamic Inventory Plugin + # ======================================= + # aws_ec2.yml (Dynamic Inventory - Linux) + # This will return the Instance IDs matching the filter + #plugin: aws_ec2 + #regions: + # - us-east-1 + #hostnames: + # - instance-id + #filters: + # tag:SSMTag: ssmlinux + # ----------------------- + - name: install aws-cli + hosts: all + gather_facts: false + vars: + ansible_connection: aws_ssm + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: aws-cli + raw: yum install -y awscli + tags: aws-cli + # Execution: ansible-playbook linux.yaml -i aws_ec2.yml + # The playbook tasks will get executed on the instance ids returned from the dynamic inventory plugin using ssm connection. + # ===================================================== + # aws_ec2.yml (Dynamic Inventory - Windows) + #plugin: aws_ec2 + #regions: + # - us-east-1 + #hostnames: + # - instance-id + #filters: + # tag:SSMTag: ssmwindows + # ----------------------- + - name: Create a dir. + hosts: all + gather_facts: false + vars: + ansible_connection: aws_ssm + ansible_shell_type: powershell + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: Create the directory + win_file: + path: C:\Temp\SSM_Testing5 + state: directory + # Execution: ansible-playbook win_file.yaml -i aws_ec2.yml + # The playbook tasks will get executed on the instance ids returned from the dynamic inventory plugin using ssm connection. + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Pat Sharkey (@psharkey) +- HanumanthaRao MVL (@hanumantharaomvl) +- Gaurav Ashtikar (@gau1991 ) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ssm_parameter_store.rst b/docs/community.aws.aws_ssm_parameter_store.rst new file mode 100644 index 00000000000..99c5c69ccb6 --- /dev/null +++ b/docs/community.aws.aws_ssm_parameter_store.rst @@ -0,0 +1,489 @@ + +.. _community.aws.aws_ssm_parameter_store_: + + +************************************* +community.aws.aws_ssm_parameter_store +************************************* + +**Manage key-value pairs in aws parameter store.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage key-value pairs in aws parameter store. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ decryption + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Work with SecureString type to get plain text secrets
+
+
+ description + +
+ string +
+ 		+ + +
Parameter key description.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ key_id + +
+ string +
+ 		+ Default:
"alias/aws/ssm"
+ 		+ +
AWS KMS key to decrypt the secrets.
+
The default key (alias/aws/ssm) is automatically generated the first time it's requested.
+
+
+ name + +
+ string + / required
+ 		+ + +
Parameter key name.
+
+
+ overwrite_value + +
+ string +
+ 		+
    Choices: +
  • never
    • +
  • changed ←
    • +
  • always
    • +
+ 		+ +
Option to overwrite an existing value if it already exists.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Creates or modifies an existing parameter.
+
Deletes a parameter.
+
+
+ string_type + +
+ string +
+ 		+
    Choices: +
  • String ←
    • +
  • StringList
    • +
  • SecureString
    • +
+ 		+ +
Parameter String type.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ value + +
+ string +
+ 		+ + +
Parameter value.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create or update key/value pair in aws parameter store + aws_ssm_parameter_store: + name: "Hello" + description: "This is your first key" + value: "World" + + - name: Delete the key + aws_ssm_parameter_store: + name: "Hello" + state: absent + + - name: Create or update secure key/value pair with default kms key (aws/ssm) + aws_ssm_parameter_store: + name: "Hello" + description: "This is your first key" + string_type: "SecureString" + value: "World" + + - name: Create or update secure key/value pair with nominated kms key + aws_ssm_parameter_store: + name: "Hello" + description: "This is your first key" + string_type: "SecureString" + key_id: "alias/demo" + value: "World" + + - name: Always update a parameter store value and create a new version + aws_ssm_parameter_store: + name: "overwrite_example" + description: "This example will always overwrite the value" + string_type: "String" + value: "Test1234" + overwrite_value: "always" + + - name: recommend to use with aws_ssm lookup plugin + debug: msg="{{ lookup('aws_ssm', 'hello') }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ delete_parameter + +
+ dictionary +
+ 		success +
Delete a parameter from the system.
+
+
+
+ put_parameter + +
+ dictionary +
+ 		success +
Add one or more parameters to the system.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Nathan Webster (@nathanwebsterdotme) +- Bill Wang (@ozbillwang) +- Michael De La Rue (@mikedlr) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_step_functions_state_machine.rst b/docs/community.aws.aws_step_functions_state_machine.rst new file mode 100644 index 00000000000..974ac88e222 --- /dev/null +++ b/docs/community.aws.aws_step_functions_state_machine.rst @@ -0,0 +1,413 @@ + +.. _community.aws.aws_step_functions_state_machine_: + + +********************************************** +community.aws.aws_step_functions_state_machine +********************************************** + +**Manage AWS Step Functions state machines** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update and delete state machines in AWS Step Functions. +- Calling the module in ``state=present`` for an existing AWS Step Functions state machine will attempt to update the state machine definition, IAM Role, or tags with the provided data. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ definition + +
+ json +
+ 		+ + +
The Amazon States Language definition of the state machine. See https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information on the Amazon States Language.
+
This parameter is required when state=present.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the state machine
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string +
+ 		+ + +
The ARN of the IAM Role that will be used by the state machine for its executions.
+
This parameter is required when state=present.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Desired state for the state machine
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A hash/dictionary of tags to add to the new state machine or to add/remove from an existing one.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a new AWS Step Functions state machine + - name: Setup HelloWorld state machine + aws_step_functions_state_machine: + name: "HelloWorldStateMachine" + definition: "{{ lookup('file','state_machine.json') }}" + role_arn: arn:aws:iam::987654321012:role/service-role/invokeLambdaStepFunctionsRole + tags: + project: helloWorld + + # Update an existing state machine + - name: Change IAM Role and tags of HelloWorld state machine + aws_step_functions_state_machine: + name: HelloWorldStateMachine + definition: "{{ lookup('file','state_machine.json') }}" + role_arn: arn:aws:iam::987654321012:role/service-role/anotherStepFunctionsRole + tags: + otherTag: aDifferentTag + + # Remove the AWS Step Functions state machine + - name: Delete HelloWorld state machine + aws_step_functions_state_machine: + name: HelloWorldStateMachine + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ state_machine_arn + +
+ string +
+ 		always +
ARN of the AWS Step Functions state machine
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Tom De Keyser (@tdekeyser) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_step_functions_state_machine_execution.rst b/docs/community.aws.aws_step_functions_state_machine_execution.rst new file mode 100644 index 00000000000..ef5e1112649 --- /dev/null +++ b/docs/community.aws.aws_step_functions_state_machine_execution.rst @@ -0,0 +1,451 @@ + +.. _community.aws.aws_step_functions_state_machine_execution_: + + +******************************************************** +community.aws.aws_step_functions_state_machine_execution +******************************************************** + +**Start or stop execution of an AWS Step Functions state machine.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Start or stop execution of a state machine in AWS Step Functions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ action + +
+ string +
+ 		+
    Choices: +
  • start ←
    • +
  • stop
    • +
+ 		+ +
Desired action (start or stop) for a state machine execution.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cause + +
+ string +
+ 		+ Default:
""
+ 		+ +
A detailed explanation of the cause for stopping the execution.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ error + +
+ string +
+ 		+ Default:
""
+ 		+ +
The error code of the failure to pass in when stopping the execution.
+
+
+ execution_arn + +
+ string +
+ 		+ + +
The ARN of the execution you wish to stop.
+
+
+ execution_input + +
+ json +
+ 		+ Default:
{}
+ 		+ +
The JSON input data for the execution.
+
+
+ name + +
+ string +
+ 		+ + +
Name of the execution.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state_machine_arn + +
+ string +
+ 		+ + +
The ARN of the state machine that will be executed.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Start an execution of a state machine + aws_step_functions_state_machine_execution: + name: an_execution_name + execution_input: '{ "IsHelloWorldExample": true }' + state_machine_arn: "arn:aws:states:us-west-2:682285639423:stateMachine:HelloWorldStateMachine" + + - name: Stop an execution of a state machine + aws_step_functions_state_machine_execution: + action: stop + execution_arn: "arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8" + cause: "cause of task failure" + error: "error code of the failure" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ execution_arn + +
+ string +
+ 		if action == start and changed == True +
ARN of the AWS Step Functions state machine execution.
+
+
Sample:
+
arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8
+
+
+ start_date + +
+ string +
+ 		if action == start and changed == True +
The date the execution is started.
+
+
Sample:
+
2019-11-02T22:39:49.071000-07:00
+
+
+ stop_date + +
+ string +
+ 		if action == stop +
The date the execution is stopped.
+
+
Sample:
+
2019-11-02T22:39:49.071000-07:00
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Prasad Katti (@prasadkatti) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_condition.rst b/docs/community.aws.aws_waf_condition.rst new file mode 100644 index 00000000000..d9f014a2efd --- /dev/null +++ b/docs/community.aws.aws_waf_condition.rst @@ -0,0 +1,1494 @@ + +.. _community.aws.aws_waf_condition_: + + +******************************* +community.aws.aws_waf_condition +******************************* + +**Create and delete WAF Conditions** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/ + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ list + / elements=dictionary
+ 		+ + +
A list of the filters against which to match.
+
For type=byte, valid keys are field_to_match, position, header, transformation and target_string.
+
For type=geo, the only valid key is country.
+
For type=ip, the only valid key is ip_address.
+
For type=regex, valid keys are field_to_match, transformation and regex_pattern.
+
For type=size, valid keys are field_to_match, transformation, comparison and size.
+
For type=sql, valid keys are field_to_match and transformation.
+
For type=xss, valid keys are field_to_match and transformation.
+
Required when state=present.
+
+
+ comparison + +
+ string +
+ 		+
    Choices: +
  • EQ
    • +
  • NE
    • +
  • LE
    • +
  • LT
    • +
  • GE
    • +
  • GT
    • +
+ 		+ +
What type of comparison to perform.
+
Only valid key when type=size.
+
+
+ country + +
+ string +
+ 		+ + +
Value of geo constraint (typically a two letter country code).
+
The only valid key when type=geo.
+
+
+ field_to_match + +
+ string +
+ 		+
    Choices: +
  • uri
    • +
  • query_string
    • +
  • header
    • +
  • method
    • +
  • body
    • +
+ 		+ +
The field upon which to perform the match.
+
Valid when type=byte, type=regex, type=sql or type=xss.
+
+
+ header + +
+ string +
+ 		+ + +
Which specific header should be matched.
+
Required when field_to_match=header.
+
Valid when type=byte.
+
+
+ ip_address + +
+ string +
+ 		+ + +
An IP Address or CIDR to match.
+
The only valid key when type=ip.
+
+
+ position + +
+ string +
+ 		+
    Choices: +
  • exactly
    • +
  • starts_with
    • +
  • ends_with
    • +
  • contains
    • +
  • contains_word
    • +
+ 		+ +
Where in the field the match needs to occur.
+
Only valid when type=byte.
+
+
+ regex_pattern + +
+ dictionary +
+ 		+ + +
A dict describing the regular expressions used to perform the match.
+
Only valid when type=regex.
+
+
+ name + +
+ string +
+ 		+ + +
A name to describe the set of patterns.
+
+
+ regex_strings + +
+ list + / elements=string
+ 		+ + +
A list of regular expressions to match.
+
+
+ size + +
+ integer +
+ 		+ + +
The size of the field (in bytes).
+
Only valid key when type=size.
+
+
+ target_string + +
+ string +
+ 		+ + +
The string to search for.
+
May be up to 50 bytes.
+
Valid when type=byte.
+
+
+ transformation + +
+ string +
+ 		+
    Choices: +
  • none
    • +
  • compress_white_space
    • +
  • html_entity_decode
    • +
  • lowercase
    • +
  • cmd_line
    • +
  • url_decode
    • +
+ 		+ +
A transform to apply on the field prior to performing the match.
+
Valid when type=byte, type=regex, type=sql or type=xss.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the Web Application Firewall condition to manage.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_filters + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to remove existing filters from a condition if not passed in filters.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the condition should be present or absent.
+
+
+ type + +
+ string + / required
+ 		+
    Choices: +
  • byte
    • +
  • geo
    • +
  • ip
    • +
  • regex
    • +
  • size
    • +
  • sql
    • +
  • xss
    • +
+ 		+ +
The type of matching to perform.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ waf_regional + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to use waf-regional module.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create WAF byte condition + aws_waf_condition: + name: my_byte_condition + filters: + - field_to_match: header + position: STARTS_WITH + target_string: Hello + header: Content-type + type: byte + + - name: create WAF geo condition + aws_waf_condition: + name: my_geo_condition + filters: + - country: US + - country: AU + - country: AT + type: geo + + - name: create IP address condition + aws_waf_condition: + name: "{{ resource_prefix }}_ip_condition" + filters: + - ip_address: "10.0.0.0/8" + - ip_address: "192.168.0.0/24" + type: ip + + - name: create WAF regex condition + aws_waf_condition: + name: my_regex_condition + filters: + - field_to_match: query_string + regex_pattern: + name: greetings + regex_strings: + - '[hH]ello' + - '^Hi there' + - '.*Good Day to You' + type: regex + + - name: create WAF size condition + aws_waf_condition: + name: my_size_condition + filters: + - field_to_match: query_string + size: 300 + comparison: GT + type: size + + - name: create WAF sql injection condition + aws_waf_condition: + name: my_sql_condition + filters: + - field_to_match: query_string + transformation: url_decode + type: sql + + - name: create WAF xss condition + aws_waf_condition: + name: my_xss_condition + filters: + - field_to_match: query_string + transformation: url_decode + type: xss + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ condition + +
+ complex +
+ 		always +
Condition returned by operation.
+
+
  +
+ byte_match_set_id + +
+ string +
+ 		always +
ID for byte match set.
+
+
Sample:
+
c4882c96-837b-44a2-a762-4ea87dbf812b
+
  +
+ byte_match_tuples + +
+ complex +
+ 		always +
List of byte match tuples.
+
+
   +
+ field_to_match + +
+ complex +
+ 		always +
Field to match.
+
+
    +
+ data + +
+ string +
+ 		+
Which specific header (if type is header).
+
+
Sample:
+
content-type
+
    +
+ type + +
+ string +
+ 		+
Type of field
+
+
Sample:
+
HEADER
+
   +
+ positional_constraint + +
+ string +
+ 		+
Position in the field to match.
+
+
Sample:
+
STARTS_WITH
+
   +
+ target_string + +
+ string +
+ 		+
String to look for.
+
+
Sample:
+
Hello
+
   +
+ text_transformation + +
+ string +
+ 		+
Transformation to apply to the field before matching.
+
+
Sample:
+
NONE
+
  +
+ condition_id + +
+ string +
+ 		when state is present +
Type-agnostic ID for the condition.
+
+
Sample:
+
dd74b1ff-8c06-4a4f-897a-6b23605de413
+
  +
+ geo_match_constraints + +
+ complex +
+ 		when type is geo and state is present +
List of geographical constraints.
+
+
   +
+ type + +
+ string +
+ 		+
Type of geo constraint.
+
+
Sample:
+
Country
+
   +
+ value + +
+ string +
+ 		+
Value of geo constraint (typically a country code).
+
+
Sample:
+
AT
+
  +
+ geo_match_set_id + +
+ string +
+ 		when type is geo and state is present +
ID of the geo match set.
+
+
Sample:
+
dd74b1ff-8c06-4a4f-897a-6b23605de413
+
  +
+ ip_set_descriptors + +
+ complex +
+ 		when type is ip and state is present +
list of IP address filters
+
+
   +
+ type + +
+ string +
+ 		always +
Type of IP address (IPV4 or IPV6).
+
+
Sample:
+
IPV4
+
   +
+ value + +
+ string +
+ 		always +
IP address.
+
+
Sample:
+
10.0.0.0/8
+
  +
+ ip_set_id + +
+ string +
+ 		when type is ip and state is present +
ID of condition.
+
+
Sample:
+
78ad334a-3535-4036-85e6-8e11e745217b
+
  +
+ name + +
+ string +
+ 		when state is present +
Name of condition.
+
+
Sample:
+
my_waf_condition
+
  +
+ regex_match_set_id + +
+ string +
+ 		when type is regex and state is present +
ID of the regex match set.
+
+
Sample:
+
5ea3f6a8-3cd3-488b-b637-17b79ce7089c
+
  +
+ regex_match_tuples + +
+ complex +
+ 		when type is regex and state is present +
List of regex matches.
+
+
   +
+ field_to_match + +
+ complex +
+ 		+
Field on which the regex match is applied.
+
+
    +
+ type + +
+ string +
+ 		when type is regex and state is present +
The field name.
+
+
Sample:
+
QUERY_STRING
+
   +
+ regex_pattern_set_id + +
+ string +
+ 		+
ID of the regex pattern.
+
+
Sample:
+
6fdf7f2d-9091-445c-aef2-98f3c051ac9e
+
   +
+ text_transformation + +
+ string +
+ 		+
transformation applied to the text before matching
+
+
Sample:
+
NONE
+
  +
+ size_constraint_set_id + +
+ string +
+ 		when type is size and state is present +
ID of the size constraint set.
+
+
Sample:
+
de84b4b3-578b-447e-a9a0-0db35c995656
+
  +
+ size_constraints + +
+ complex +
+ 		when type is size and state is present +
List of size constraints to apply.
+
+
   +
+ comparison_operator + +
+ string +
+ 		+
Comparison operator to apply.
+
+
Sample:
+
GT
+
   +
+ field_to_match + +
+ complex +
+ 		+
Field on which the size constraint is applied.
+
+
    +
+ type + +
+ string +
+ 		+
Field name.
+
+
Sample:
+
QUERY_STRING
+
   +
+ size + +
+ integer +
+ 		+
Size to compare against the field.
+
+
Sample:
+
300
+
   +
+ text_transformation + +
+ string +
+ 		+
Transformation applied to the text before matching.
+
+
Sample:
+
NONE
+
  +
+ sql_injection_match_set_id + +
+ string +
+ 		when type is sql and state is present +
ID of the SQL injection match set.
+
+
Sample:
+
de84b4b3-578b-447e-a9a0-0db35c995656
+
  +
+ sql_injection_match_tuples + +
+ complex +
+ 		when type is sql and state is present +
List of SQL injection match sets.
+
+
   +
+ field_to_match + +
+ complex +
+ 		+
Field on which the SQL injection match is applied.
+
+
    +
+ type + +
+ string +
+ 		+
Field name.
+
+
Sample:
+
QUERY_STRING
+
   +
+ text_transformation + +
+ string +
+ 		+
Transformation applied to the text before matching.
+
+
Sample:
+
URL_DECODE
+
  +
+ xss_match_set_id + +
+ string +
+ 		when type is xss and state is present +
ID of the XSS match set.
+
+
Sample:
+
de84b4b3-578b-447e-a9a0-0db35c995656
+
  +
+ xss_match_tuples + +
+ complex +
+ 		when type is xss and state is present +
List of XSS match sets.
+
+
   +
+ field_to_match + +
+ complex +
+ 		+
Field on which the XSS match is applied.
+
+
    +
+ type + +
+ string +
+ 		+
Field name
+
+
Sample:
+
QUERY_STRING
+
   +
+ text_transformation + +
+ string +
+ 		+
transformation applied to the text before matching.
+
+
Sample:
+
URL_DECODE
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) +- Mike Mochan (@mmochan) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_info.rst b/docs/community.aws.aws_waf_info.rst new file mode 100644 index 00000000000..d5b3999eb0e --- /dev/null +++ b/docs/community.aws.aws_waf_info.rst @@ -0,0 +1,477 @@ + +.. _community.aws.aws_waf_info_: + + +************************** +community.aws.aws_waf_info +************************** + +**Retrieve information for WAF ACLs, Rule , Conditions and Filters.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve information for WAF ACLs, Rule , Conditions and Filters. +- This module was called ``aws_waf_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
The name of a Web Application Firewall.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ waf_regional + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to use the waf-regional module.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: obtain all WAF information + aws_waf_info: + + - name: obtain all information for a single WAF + aws_waf_info: + name: test_waf + + - name: obtain all information for a single WAF Regional + aws_waf_info: + name: test_waf + waf_regional: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ wafs + +
+ complex +
+ 		success +
The WAFs that match the passed arguments.
+
+
  +
+ default_action + +
+ integer +
+ 		always +
The action to perform if none of the Rules contained in the WebACL match.
+
+
Sample:
+
BLOCK
+
  +
+ metric_name + +
+ string +
+ 		always +
A friendly name or description for the metrics for this WebACL.
+
+
Sample:
+
test_waf_metric
+
  +
+ name + +
+ string +
+ 		always +
A friendly name or description of the WebACL.
+
+
Sample:
+
test_waf
+
  +
+ rules + +
+ complex +
+ 		always +
An array that contains the action for each Rule in a WebACL , the priority of the Rule.
+
+
   +
+ action + +
+ string +
+ 		always +
The action to perform if the Rule matches.
+
+
Sample:
+
BLOCK
+
   +
+ metric_name + +
+ string +
+ 		always +
A friendly name or description for the metrics for this Rule.
+
+
Sample:
+
ipblockrule
+
   +
+ name + +
+ string +
+ 		always +
A friendly name or description of the Rule.
+
+
Sample:
+
ip_block_rule
+
   +
+ predicates + +
+ list +
+ 		always +
The Predicates list contains a Predicate for each ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet or XssMatchSet object in a Rule.
+
+
Sample:
+
[{'byte_match_set_id': '47b822b5-abcd-1234-faaf-1234567890', 'byte_match_tuples': [{'field_to_match': {'type': 'QUERY_STRING'}, 'positional_constraint': 'STARTS_WITH', 'target_string': 'bobbins', 'text_transformation': 'NONE'}], 'name': 'bobbins', 'negated': False, 'type': 'ByteMatch'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_rule.rst b/docs/community.aws.aws_waf_rule.rst new file mode 100644 index 00000000000..8f1188d2197 --- /dev/null +++ b/docs/community.aws.aws_waf_rule.rst @@ -0,0 +1,609 @@ + +.. _community.aws.aws_waf_rule_: + + +************************** +community.aws.aws_waf_rule +************************** + +**Create and delete WAF Rules** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ conditions + +
+ list + / elements=dictionary
+ 		+ + +
List of conditions used in the rule. aws_waf_condition can be used to create new conditions.
+
+
+ condition + +
+ string + / required
+ 		+ + +
The name of the condition. The condition must already exist.
+
+
+ negated + +
+ boolean + / required
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether the condition should be negated.
+
+
+ type + +
+ string + / required
+ 		+
    Choices: +
  • byte
    • +
  • geo
    • +
  • ip
    • +
  • size
    • +
  • sql
    • +
  • xss
    • +
+ 		+ +
The type of rule to match.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ metric_name + +
+ string +
+ 		+ + +
A friendly name or description for the metrics for the rule.
+
The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
+
You can't change metric_name after you create the rule.
+
Defaults to the same as name with disallowed characters removed.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the Web Application Firewall rule.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_conditions + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to remove conditions that are not passed when updating `conditions`.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the rule should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ waf_regional + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to use waf-regional module.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: create WAF rule + aws_waf_rule: + name: my_waf_rule + conditions: + - name: my_regex_condition + type: regex + negated: no + - name: my_geo_condition + type: geo + negated: no + - name: my_byte_condition + type: byte + negated: yes + + - name: remove WAF rule + aws_waf_rule: + name: "my_waf_rule" + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ rule + +
+ complex +
+ 		always +
WAF rule contents
+
+
  +
+ metric_name + +
+ string +
+ 		always +
Metric name for the rule.
+
+
Sample:
+
ansibletest1234rule
+
  +
+ name + +
+ string +
+ 		always +
Friendly name for the rule.
+
+
Sample:
+
ansible-test-1234_rule
+
  +
+ predicates + +
+ complex +
+ 		always +
List of conditions used in the rule.
+
+
   +
+ data_id + +
+ string +
+ 		always +
ID of the condition.
+
+
Sample:
+
8251acdb-526c-42a8-92bc-d3d13e584166
+
   +
+ negated + +
+ boolean +
+ 		always +
Whether the sense of the condition is negated.
+
+
   +
+ type + +
+ string +
+ 		always +
type of the condition.
+
+
Sample:
+
ByteMatch
+
  +
+ rule_id + +
+ string +
+ 		always +
ID of the WAF rule.
+
+
Sample:
+
15de0cbc-9204-4e1f-90e6-69b2f415c261
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_web_acl.rst b/docs/community.aws.aws_waf_web_acl.rst new file mode 100644 index 00000000000..3e590749f95 --- /dev/null +++ b/docs/community.aws.aws_waf_web_acl.rst @@ -0,0 +1,675 @@ + +.. _community.aws.aws_waf_web_acl_: + + +***************************** +community.aws.aws_waf_web_acl +***************************** + +**Create and delete WAF Web ACLs.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ default_action + +
+ string +
+ 		+
    Choices: +
  • block
    • +
  • allow
    • +
  • count
    • +
+ 		+ +
The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ metric_name + +
+ string +
+ 		+ + +
A friendly name or description for the metrics for this WebACL.
+
The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
+
You can't change metric_name after you create the WebACL.
+
Metric name will default to name with disallowed characters stripped out.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the Web Application Firewall ACL to manage.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_rules + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to remove rules that aren't passed with rules.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ rules + +
+ list + / elements=dictionary
+ 		+ + +
A list of rules that the Web ACL will enforce.
+
+
+ action + +
+ string + / required
+ 		+ + +
The action to perform.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the rule.
+
+
+ priority + +
+ integer + / required
+ 		+ + +
The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • rate_based
    • +
  • regular
    • +
+ 		+ +
The type of rule.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the Web ACL should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ waf_regional + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to use waf-regional module.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create web ACL + aws_waf_web_acl: + name: my_web_acl + rules: + - name: my_rule + priority: 1 + action: block + default_action: block + purge_rules: yes + state: present + + - name: delete the web acl + aws_waf_web_acl: + name: my_web_acl + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ web_acl + +
+ complex +
+ 		always +
contents of the Web ACL.
+
+
  +
+ default_action + +
+ dictionary +
+ 		always +
Default action taken by the Web ACL if no rules match.
+
+
Sample:
+
{'type': 'BLOCK'}
+
  +
+ metric_name + +
+ string +
+ 		always +
Metric name used as an identifier.
+
+
Sample:
+
mywebacl
+
  +
+ name + +
+ string +
+ 		always +
Friendly name of the Web ACL.
+
+
Sample:
+
my web acl
+
  +
+ rules + +
+ complex +
+ 		always +
List of rules.
+
+
   +
+ action + +
+ complex +
+ 		always +
Action taken by the WAF when the rule matches.
+
+
Sample:
+
{'type': 'ALLOW'}
+
   +
+ priority + +
+ integer +
+ 		always +
priority number of the rule (lower numbers are run first).
+
+
Sample:
+
2
+
   +
+ rule_id + +
+ string +
+ 		always +
Rule ID.
+
+
Sample:
+
a6fc7ab5-287b-479f-8004-7fd0399daf75
+
   +
+ type + +
+ string +
+ 		always +
Type of rule (either REGULAR or RATE_BASED).
+
+
Sample:
+
REGULAR
+
  +
+ web_acl_id + +
+ string +
+ 		always +
Unique identifier of Web ACL.
+
+
Sample:
+
10fff965-4b6b-46e2-9d78-24f6d2e2d21c
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudformation_exports_info.rst b/docs/community.aws.cloudformation_exports_info.rst new file mode 100644 index 00000000000..9e1a071ddab --- /dev/null +++ b/docs/community.aws.cloudformation_exports_info.rst @@ -0,0 +1,285 @@ + +.. _community.aws.cloudformation_exports_info_: + + +***************************************** +community.aws.cloudformation_exports_info +***************************************** + +**Read a value from CloudFormation Exports** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module retrieves a value from CloudFormation Exports + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.11.15 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Get Exports + cloudformation_exports_info: + profile: 'my_aws_profile' + region: 'my_region' + register: cf_exports + - debug: + msg: "{{ cf_exports }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ export_items + +
+ dictionary +
+ 		Always +
A dictionary of Exports items names and values.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael Moyle (@mmoyle) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudformation_stack_set.rst b/docs/community.aws.cloudformation_stack_set.rst new file mode 100644 index 00000000000..330690bf119 --- /dev/null +++ b/docs/community.aws.cloudformation_stack_set.rst @@ -0,0 +1,777 @@ + +.. _community.aws.cloudformation_stack_set_: + + +************************************** +community.aws.cloudformation_stack_set +************************************** + +**Manage groups of CloudFormation stacks** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Launches/updates/deletes AWS CloudFormation Stack Sets. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3>=1.6 +- botocore>=1.10.26 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ accounts + +
+ list + / elements=string
+ 		+ + +
A list of AWS accounts in which to create instance of CloudFormation stacks.
+
At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
+
+
+ administration_role_arn + +
+ string +
+ 		+ + +
ARN of the administration role, meaning the role that CloudFormation Stack Sets use to assume the roles in your child accounts.
+
This defaults to arn:aws:iam::{{ account ID }}:role/AWSCloudFormationStackSetAdministrationRole where {{ account ID }} is replaced with the account number of the current IAM role/user/STS credentials.
+

aliases: admin_role_arn, admin_role, administration_role
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ capabilities + +
+ list + / elements=string
+ 		+
    Choices: +
  • CAPABILITY_IAM
    • +
  • CAPABILITY_NAMED_IAM
    • +
+ 		+ +
Capabilities allow stacks to create and modify IAM resources, which may include adding users or roles.
+
Currently the only available values are 'CAPABILITY_IAM' and 'CAPABILITY_NAMED_IAM'. Either or both may be provided.
+
The following resources require that one or both of these parameters is specified: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::IAM::UserToGroupAddition
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A description of what this stack set creates.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ execution_role_name + +
+ string +
+ 		+ + +
ARN of the execution role, meaning the role that CloudFormation Stack Sets assumes in your child accounts.
+
This MUST NOT be an ARN, and the roles must exist in each child account specified.
+
The default name for the execution role is AWSCloudFormationStackSetExecutionRole
+

aliases: exec_role_name, exec_role, execution_role
+
+
+ failure_tolerance + +
+ dictionary +
+ 		+ + +
Settings to change what is considered "failed" when running stack instance updates, and how many to do at a time.
+
+
+ fail_count + +
+ integer +
+ 		+ + +
The number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region.
+
You must specify one of fail_count and fail_percentage.
+
+
+ fail_percentage + +
+ integer +
+ 		+ + +
The percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region.
+
You must specify one of fail_count and fail_percentage.
+
+
+ parallel_count + +
+ integer +
+ 		+ + +
The maximum number of accounts in which to perform this operation at one time.
+
parallel_count may be at most one more than the fail_count.
+
You must specify one of parallel_count and parallel_percentage.
+
Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual count may be lower.
+
+
+ parallel_percentage + +
+ integer +
+ 		+ + +
The maximum percentage of accounts in which to perform this operation at one time.
+
You must specify one of parallel_count and parallel_percentage.
+
Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual percentage may be lower.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the CloudFormation stack set.
+
+
+ parameters + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A list of hashes of all the template variables for the stack. The value can be a string or a dict.
+
Dict can be used to set additional template parameter attributes like UsePreviousValue (see example).
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_stacks + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Only applicable when state=absent. Sets whether, when deleting a stack set, the stack instances should also be deleted.
+
By default, instances will be deleted. To keep stacks when stack set is deleted set purge_stacks=false.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ regions + +
+ list + / elements=string
+ 		+ + +
A list of AWS regions to create instances of a stack in. The region parameter chooses where the Stack Set is created, and regions specifies the region for stack instances.
+
At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
If state=present, stack will be created. If state=present and if stack exists and template has changed, it will be updated. If state=absent, stack will be removed.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Dictionary of tags to associate with stack and its resources during stack creation.
+
Can be updated later, updating tags removes previous entries.
+
+
+ template + +
+ path +
+ 		+ + +
The local path of the CloudFormation template.
+
This must be the full path to the file, relative to the working directory. If using roles this may look like roles/cloudformation/files/cloudformation-example.json.
+
If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
+
If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
+
+
+ template_body + +
+ string +
+ 		+ + +
Template body. Use this to pass in the actual body of the CloudFormation template.
+
If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
+
If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
+
+
+ template_url + +
+ string +
+ 		+ + +
Location of file containing the template body.
+
The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.
+
If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
+
If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to wait for stack operation to complete. This includes waiting for stack instances to reach UPDATE_COMPLETE status.
+
If you choose not to wait, this module will not notify when stack operations fail because it will not wait for them to finish.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
900
+ 		+ +
How long to wait (in seconds) for stacks to complete create/update/delete operations.
+
+
+ + +Notes +----- + +.. note:: + - To make an individual stack, you want the :ref:`cloudformation ` module. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a stack set with instances in two accounts + cloudformation_stack_set: + name: my-stack + description: Test stack in two accounts + state: present + template_url: https://s3.amazonaws.com/my-bucket/cloudformation.template + accounts: [1234567890, 2345678901] + regions: + - us-east-1 + + - name: on subsequent calls, templates are optional but parameters and tags can be altered + cloudformation_stack_set: + name: my-stack + state: present + parameters: + InstanceName: my_stacked_instance + tags: + foo: bar + test: stack + accounts: [1234567890, 2345678901] + regions: + - us-east-1 + + - name: The same type of update, but wait for the update to complete in all stacks + cloudformation_stack_set: + name: my-stack + state: present + wait: true + parameters: + InstanceName: my_restacked_instance + tags: + foo: bar + test: stack + accounts: [1234567890, 2345678901] + regions: + - us-east-1 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ operations + +
+ list +
+ 		always +
All operations initiated by this run of the cloudformation_stack_set module
+
+
Sample:
+
[{'action': 'CREATE', 'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'operation_preferences': {'region_order': ['us-east-1', 'us-east-2']}, 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'FAILED'}]
+
+
+ operations_log + +
+ list +
+ 		always +
Most recent events in CloudFormation's event log. This may be from a previous run in some cases.
+
+
Sample:
+
[{'action': 'CREATE', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'status': 'FAILED', 'stack_instances': [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service."}]}]
+
+
+ stack_instances + +
+ list +
+ 		state == present +
CloudFormation stack instances that are members of this stack set. This will also include their region and account ID.
+
+
Sample:
+
[{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service.\n"}, {'account': '1234567890', 'region': 'us-east-2', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': 'Cancelled since failure tolerance has exceeded'}]
+
+
+ stack_set + +
+ dictionary +
+ 		state == present +
Facts about the currently deployed stack set, its parameters, and its tags
+
+
Sample:
+
{'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'capabilities': [], 'description': 'test stack PRIME', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'parameters': [], 'stack_set_arn': 'arn:aws:cloudformation:us-east-1:1234567890:stackset/TestStackPrime:19f3f684-aae9-467-ba36-e09f92cf5929', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'stack_set_name': 'TestStackPrime', 'status': 'ACTIVE', 'tags': {'Some': 'Thing', 'an': 'other'}, 'template_body': 'AWSTemplateFormatVersion: "2010-09-09"\nParameters: {}\nResources:\n Bukkit:\n Type: "AWS::S3::Bucket"\n Properties: {}\n other:\n Type: "AWS::SNS::Topic"\n Properties: {}\n'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_distribution.rst b/docs/community.aws.cloudfront_distribution.rst new file mode 100644 index 00000000000..c0721aa5635 --- /dev/null +++ b/docs/community.aws.cloudfront_distribution.rst @@ -0,0 +1,4946 @@ + +.. _community.aws.cloudfront_distribution_: + + +************************************* +community.aws.cloudfront_distribution +************************************* + +**Create, update and delete AWS CloudFront distributions.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for easy creation, updating and deletion of CloudFront distributions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ alias + +
+ string +
+ 		+ + +
The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the distribution_id as well as the e_tag, or caller_reference of an existing distribution.
+
+
+ aliases + +
+ list + / elements=string
+ 		+ + +
A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
+
Each alias must be unique across all distribution for the AWS account.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cache_behaviors + +
+ list + / elements=dictionary
+ 		+ + +
A list of dictionaries describing the cache behaviors for the distribution.
+
The order of the list is preserved across runs unless purge_cache_behaviors is enabled.
+
+
+ forwarded_values + +
+ dictionary +
+ 		+ + +
A dict that specifies how CloudFront handles query strings and cookies.
+
+
+ allowed_methods + +
+ dictionary +
+ 		+ + +
A dict that controls which HTTP methods CloudFront processes and forwards.
+
+
+ cached_methods + +
+ list + / elements=string
+ 		+ + +
A list of HTTP methods that you want CloudFront to apply caching to.
+
This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
+
+
+ items + +
+ list + / elements=string
+ 		+ + +
A list of HTTP methods that you want CloudFront to process and forward.
+
+
+ compress + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether you want CloudFront to automatically compress files.
+
+
+ cookies + +
+ dictionary +
+ 		+ + +
A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
+
+
+ forward + +
+ string +
+ 		+ + +
Specifies which cookies to forward to the origin for this cache behavior.
+
Valid values are all, none, or whitelist.
+
+
+ whitelisted_names + +
+ list + / elements=string
+ 		+ + +
A list of coockies to forward to the origin for this cache behavior.
+
+
+ default_ttl + +
+ integer +
+ 		+ + +
The default amount of time that you want objects to stay in CloudFront caches.
+
+
+ field_level_encryption_id + +
+ string +
+ 		+ + +
The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
+
+
+ headers + +
+ list + / elements=string
+ 		+ + +
A list of headers to forward to the origin for this cache behavior.
+
To forward all headers use a list containing a single element '*' (['*'])
+
+
+ lambda_function_associations + +
+ list + / elements=dictionary
+ 		+ + +
A list of Lambda function associations to use for this cache behavior.
+
+
+ event_type + +
+ string +
+ 		+ + +
Specifies the event type that triggers a Lambda function invocation.
+
This can be viewer-request, origin-request, origin-response or viewer-response.
+
+
+ lambda_function_arn + +
+ string +
+ 		+ + +
The ARN of the Lambda function.
+
+
+ max_ttl + +
+ integer +
+ 		+ + +
The maximum amount of time that you want objects to stay in CloudFront caches.
+
+
+ min_ttl + +
+ integer +
+ 		+ + +
The minimum amount of time that you want objects to stay in CloudFront caches.
+
+
+ query_string + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
+
+
+ query_string_cache_keys + +
+ list + / elements=string
+ 		+ + +
A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
+
+
+ smooth_streaming + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether you want to distribute media files in the Microsoft Smooth Streaming format.
+
+
+ trusted_signers + +
+ dictionary +
+ 		+ + +
A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether you want to require viewers to use signed URLs to access the files specified by path_pattern and target_origin_id
+
+
+ items + +
+ list + / elements=string
+ 		+ + +
A list of trusted signers for this cache behavior.
+
+
+ viewer_protocol_policy + +
+ string +
+ 		+ + +
The protocol that viewers can use to access the files in the origin specified by target_origin_id when a request matches path_pattern.
+
Valid values are allow-all, redirect-to-https and https-only.
+
+
+ path_pattern + +
+ string +
+ 		+ + +
The pattern that specifies which requests to apply the behavior to.
+
+
+ target_origin_id + +
+ string +
+ 		+ + +
The ID of the origin that you want CloudFront to route requests to by default.
+
+
+ caller_reference + +
+ string +
+ 		+ + +
A unique identifier for creating and updating CloudFront distributions.
+
Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of distribution_id to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format YYYY-MM-DDTHH:MM:SS.ffffff.
+
+
+ comment + +
+ string +
+ 		+ + +
A comment that describes the CloudFront distribution.
+
If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
+
+
+ custom_error_responses + +
+ list + / elements=dictionary
+ 		+ + +
A config element that is a list[] of complex custom error responses to be specified for the distribution.
+
This attribute configures custom http error messages returned to the user.
+
+
+ error_caching_min_ttl + +
+ integer +
+ 		+ + +
The length of time (in seconds) that CloudFront will cache status codes for.
+
+
+ error_code + +
+ integer +
+ 		+ + +
The error code the custom error page is for.
+
+
+ response_code + +
+ integer +
+ 		+ + +
The HTTP status code that CloudFront should return to a user when the origin returns the HTTP status code specified by error_code.
+
+
+ response_page_path + +
+ string +
+ 		+ + +
The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by error_code.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ default_cache_behavior + +
+ dictionary +
+ 		+ + +
A dict specifying the default cache behavior of the distribution.
+
If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
+
+
+ forwarded_values + +
+ dictionary +
+ 		+ + +
A dict that specifies how CloudFront handles query strings and cookies.
+
+
+ allowed_methods + +
+ dictionary +
+ 		+ + +
A dict that controls which HTTP methods CloudFront processes and forwards.
+
+
+ cached_methods + +
+ list + / elements=string
+ 		+ + +
A list of HTTP methods that you want CloudFront to apply caching to.
+
This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
+
+
+ items + +
+ list + / elements=string
+ 		+ + +
A list of HTTP methods that you want CloudFront to process and forward.
+
+
+ compress + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether you want CloudFront to automatically compress files.
+
+
+ cookies + +
+ dictionary +
+ 		+ + +
A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
+
+
+ forward + +
+ string +
+ 		+ + +
Specifies which cookies to forward to the origin for this cache behavior.
+
Valid values are all, none, or whitelist.
+
+
+ whitelisted_names + +
+ list + / elements=string
+ 		+ + +
A list of coockies to forward to the origin for this cache behavior.
+
+
+ default_ttl + +
+ integer +
+ 		+ + +
The default amount of time that you want objects to stay in CloudFront caches.
+
+
+ field_level_encryption_id + +
+ string +
+ 		+ + +
The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
+
+
+ headers + +
+ list + / elements=string
+ 		+ + +
A list of headers to forward to the origin for this cache behavior.
+
To forward all headers use a list containing a single element '*' (['*'])
+
+
+ lambda_function_associations + +
+ list + / elements=dictionary
+ 		+ + +
A list of Lambda function associations to use for this cache behavior.
+
+
+ event_type + +
+ string +
+ 		+ + +
Specifies the event type that triggers a Lambda function invocation.
+
This can be viewer-request, origin-request, origin-response or viewer-response.
+
+
+ lambda_function_arn + +
+ string +
+ 		+ + +
The ARN of the Lambda function.
+
+
+ max_ttl + +
+ integer +
+ 		+ + +
The maximum amount of time that you want objects to stay in CloudFront caches.
+
+
+ min_ttl + +
+ integer +
+ 		+ + +
The minimum amount of time that you want objects to stay in CloudFront caches.
+
+
+ query_string + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
+
+
+ query_string_cache_keys + +
+ list + / elements=string
+ 		+ + +
A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
+
+
+ smooth_streaming + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether you want to distribute media files in the Microsoft Smooth Streaming format.
+
+
+ trusted_signers + +
+ dictionary +
+ 		+ + +
A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether you want to require viewers to use signed URLs to access the files specified by target_origin_id
+
+
+ items + +
+ list + / elements=string
+ 		+ + +
A list of trusted signers for this cache behavior.
+
+
+ viewer_protocol_policy + +
+ string +
+ 		+ + +
The protocol that viewers can use to access the files in the origin specified by target_origin_id.
+
Valid values are allow-all, redirect-to-https and https-only.
+
+
+ target_origin_id + +
+ string +
+ 		+ + +
The ID of the origin that you want CloudFront to route requests to by default.
+
+
+ default_origin_domain_name + +
+ string +
+ 		+ + +
The domain name to use for an origin if no origins have been specified.
+
Should only be used on a first run of generating a distribution and not on subsequent runs.
+
Should not be used in conjunction with distribution_id, caller_reference or alias.
+
+
+ default_origin_path + +
+ string +
+ 		+ + +
The default origin path to specify for an origin if no origins have been specified. Defaults to empty if not specified.
+
+
+ default_root_object + +
+ string +
+ 		+ + +
A config element that specifies the path to request when the user requests the origin.
+
e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user.
+
This prevents the entire distribution origin from being exposed at the root.
+
+
+ distribution_id + +
+ string +
+ 		+ + +
The ID of the CloudFront distribution.
+
This parameter can be exchanged with alias or caller_reference and is used in conjunction with e_tag.
+
+
+ e_tag + +
+ string +
+ 		+ + +
A unique identifier of a modified or existing distribution. Used in conjunction with distribution_id.
+
Is determined automatically if not specified.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
A boolean value that specifies whether the distribution is enabled or disabled.
+
+
+ http_version + +
+ string +
+ 		+ + +
The version of the http protocol to use for the distribution.
+
AWS defaults this to http2.
+
Valid values are http1.1 and http2
+
+
+ ipv6_enabled + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Determines whether IPv6 support is enabled or not.
+
+
+ logging + +
+ dictionary +
+ 		+ + +
A config element that is a complex object that defines logging for the distribution.
+
+
+ bucket + +
+ string +
+ 		+ + +
The S3 bucket to store the log in.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
When enabled=true CloudFront will log access to an S3 bucket.
+
+
+ include_cookies + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
When include_cookies=true CloudFront will include cookies in the logs.
+
+
+ prefix + +
+ string +
+ 		+ + +
A prefix to include in the S3 object names.
+
+
+ origins + +
+ list + / elements=dictionary
+ 		+ + +
A config element that is a list of complex origin objects to be specified for the distribution. Used for creating and updating distributions.
+
+
+ custom_headers + +
+ list + / elements=dictionary
+ 		+ + +
Custom headers you wish to add to the request before passing it to the origin.
+ +
+
+ header_name + +
+ string +
+ 		+ + +
The name of a header that you want CloudFront to forward to your origin.
+
+
+ header_value + +
+ string +
+ 		+ + +
The value for the header that you specified in the header_name field.
+
+
+ custom_origin_config + +
+ dictionary +
+ 		+ + +
Connection information about the origin.
+
+
+ http_port + +
+ integer +
+ 		+ + +
The HTTP port the custom origin listens on.
+
+
+ https_port + +
+ integer +
+ 		+ + +
The HTTPS port the custom origin listens on.
+
+
+ origin_keepalive_timeout + +
+ integer +
+ 		+ + +
A keep-alive timeout (in seconds).
+
+
+ origin_protocol_policy + +
+ string +
+ 		+ + +
The origin protocol policy to apply to your origin.
+
+
+ origin_read_timeout + +
+ integer +
+ 		+ + +
A timeout (in seconds) when reading from your origin.
+
+
+ origin_ssl_protocols + +
+ list + / elements=string
+ 		+ + +
A list of SSL/TLS protocols that you want CloudFront to use when communicating to the origin over HTTPS.
+
+
+ domain_name + +
+ string +
+ 		+ + +
The domain name which CloudFront will query as the origin.
+ +
+
+ id + +
+ string +
+ 		+ + +
A unique identifier for the origin or origin group. id must be unique within the distribution.
+
+
+ origin_path + +
+ string +
+ 		+ + +
Tells CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
+
+
+ s3_origin_access_identity_enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Use an origin access identity to configure the origin so that viewers can only access objects in an Amazon S3 bucket through CloudFront.
+
Will automatically create an Identity for you.
+ +
+
+ price_class + +
+ string +
+ 		+ + +
A string that specifies the pricing class of the distribution. As per https://aws.amazon.com/cloudfront/pricing/
+
price_class=PriceClass_100 consists of the areas United States, Canada and Europe.
+
price_class=PriceClass_200 consists of the areas United States, Canada, Europe, Japan, India, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
+
price_class=PriceClass_All consists of the areas United States, Canada, Europe, Japan, India, South America, Australia, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
+
AWS defaults this to PriceClass_All.
+
Valid values are PriceClass_100, PriceClass_200 and PriceClass_All
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_aliases + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specifies whether existing aliases will be removed before adding new aliases.
+
When purge_aliases=yes, existing aliases are removed and aliases are added.
+
+
+ purge_cache_behaviors + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to remove any cache behaviors that aren't listed in cache_behaviors.
+
This switch also allows the reordering of cache_behaviors.
+
+
+ purge_custom_error_responses + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to remove any custom error responses that aren't listed in custom_error_responses.
+
+
+ purge_origins + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to remove any origins that aren't listed in origins.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specifies whether existing tags will be removed before adding new tags.
+
When purge_tags=yes, existing tags are removed and tags are added, if specified. If no tags are specified, it removes all existing tags for the distribution.
+
When purge_tags=no, existing tags are kept and tags are added, if specified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ restrictions + +
+ dictionary +
+ 		+ + +
A config element that is a complex object that describes how a distribution should restrict it's content.
+
+
+ geo_restriction + +
+ dictionary +
+ 		+ + +
Apply a restriciton based on the location of the requester.
+
+
+ items + +
+ list +
+ 		+ + +
A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
+
See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
+
+
+ restriction_type + +
+ string +
+ 		+ + +
The method that you want to use to restrict distribution of your content by country.
+
Valid values are none, whitelist, blacklist
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
The desired state of the distribution.
+
state=present creates a new distribution or updates an existing distribution.
+
state=absent deletes an existing distribution.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Should be input as a dict of key-value pairs.
+
Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ viewer_certificate + +
+ dictionary +
+ 		+ + +
A dict that specifies the encryption details of the distribution.
+
+
+ acm_certificate_arn + +
+ string +
+ 		+ + +
The ID of a certificate stored in ACM to use for HTTPS connections.
+
If acm_certificate_id is set then you must also specify ssl_support_method
+
+
+ cloudfront_default_certificate + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
+
If cloudfront_default_certificate=true do not set ssl_support_method.
+
+
+ iam_certificate_id + +
+ string +
+ 		+ + +
The ID of a certificate stored in IAM to use for HTTPS connections.
+
If iam_certificate_id is set then you must also specify ssl_support_method
+
+
+ minimum_protocol_version + +
+ string +
+ 		+ + +
The security policy that you want CloudFront to use for HTTPS connections.
+ +
+
+ ssl_support_method + +
+ string +
+ 		+ + +
How CloudFront should serve SSL certificates.
+
Valid values are sni-only for SNI, and vip if CloudFront is configured to use a dedicated IP for your content.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specifies whether the module waits until the distribution has completed processing the creation or update.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
1800
+ 		+ +
Specifies the duration in seconds to wait for a timeout of a cloudfront create or update.
+
+
+ web_acl_id + +
+ string +
+ 		+ + +
The ID of a Web Application Firewall (WAF) Access Control List (ACL).
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a basic distribution with defaults and tags + + - cloudfront_distribution: + state: present + default_origin_domain_name: www.my-cloudfront-origin.com + tags: + Name: example distribution + Project: example project + Priority: '1' + + # update a distribution comment by distribution_id + + - cloudfront_distribution: + state: present + distribution_id: E1RP5A2MJ8073O + comment: modified by ansible cloudfront.py + + # update a distribution comment by caller_reference + + - cloudfront_distribution: + state: present + caller_reference: my cloudfront distribution 001 + comment: modified by ansible cloudfront.py + + # update a distribution's aliases and comment using the distribution_id as a reference + + - cloudfront_distribution: + state: present + distribution_id: E1RP5A2MJ8073O + comment: modified by cloudfront.py again + aliases: [ 'www.my-distribution-source.com', 'zzz.aaa.io' ] + + # update a distribution's aliases and comment using an alias as a reference + + - cloudfront_distribution: + state: present + caller_reference: my test distribution + comment: modified by cloudfront.py again + aliases: + - www.my-distribution-source.com + - zzz.aaa.io + + # update a distribution's comment and aliases and tags and remove existing tags + + - cloudfront_distribution: + state: present + distribution_id: E15BU8SDCGSG57 + comment: modified by cloudfront.py again + aliases: + - tested.com + tags: + Project: distribution 1.2 + purge_tags: yes + + # create a distribution with an origin, logging and default cache behavior + + - cloudfront_distribution: + state: present + caller_reference: unique test distribution ID + origins: + - id: 'my test origin-000111' + domain_name: www.example.com + origin_path: /production + custom_headers: + - header_name: MyCustomHeaderName + header_value: MyCustomHeaderValue + default_cache_behavior: + target_origin_id: 'my test origin-000111' + forwarded_values: + query_string: true + cookies: + forward: all + headers: + - '*' + viewer_protocol_policy: allow-all + smooth_streaming: true + compress: true + allowed_methods: + items: + - GET + - HEAD + cached_methods: + - GET + - HEAD + logging: + enabled: true + include_cookies: false + bucket: mylogbucket.s3.amazonaws.com + prefix: myprefix/ + enabled: false + comment: this is a CloudFront distribution with logging + + # delete a distribution + + - cloudfront_distribution: + state: absent + caller_reference: replaceable distribution + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ active_trusted_signers + +
+ complex +
+ 		always +
Key pair IDs that CloudFront is aware of for each trusted signer.
+
+
  +
+ enabled + +
+ boolean +
+ 		always +
Whether trusted signers are in use.
+
+
  +
+ items + +
+ list +
+ 		when there are trusted signers +
Number of trusted signers.
+
+
Sample:
+
['key_pair_id']
+
  +
+ quantity + +
+ integer +
+ 		always +
Number of trusted signers.
+
+
Sample:
+
1
+
+
+ aliases + +
+ complex +
+ 		always +
Aliases that refer to the distribution.
+
+
  +
+ items + +
+ list +
+ 		always +
List of aliases.
+
+
Sample:
+
['test.example.com']
+
  +
+ quantity + +
+ integer +
+ 		always +
Number of aliases.
+
+
Sample:
+
1
+
+
+ arn + +
+ string +
+ 		always +
Amazon Resource Name of the distribution.
+
+
Sample:
+
arn:aws:cloudfront::123456789012:distribution/E1234ABCDEFGHI
+
+
+ cache_behaviors + +
+ complex +
+ 		always +
CloudFront cache behaviors.
+
+
  +
+ items + +
+ complex +
+ 		always +
List of cache behaviors.
+
+
   +
+ allowed_methods + +
+ complex +
+ 		always +
Methods allowed by the cache behavior.
+
+
    +
+ cached_methods + +
+ complex +
+ 		always +
Methods cached by the cache behavior.
+
+
     +
+ items + +
+ list +
+ 		always +
List of cached methods.
+
+
Sample:
+
['HEAD', 'GET']
+
     +
+ quantity + +
+ integer +
+ 		always +
Count of cached methods.
+
+
Sample:
+
2
+
    +
+ items + +
+ list +
+ 		always +
List of methods allowed by the cache behavior.
+
+
Sample:
+
['HEAD', 'GET']
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of methods allowed by the cache behavior.
+
+
Sample:
+
2
+
   +
+ compress + +
+ boolean +
+ 		always +
Whether compression is turned on for the cache behavior.
+
+
   +
+ default_ttl + +
+ integer +
+ 		always +
Default Time to Live of the cache behavior.
+
+
Sample:
+
86400
+
   +
+ forwarded_values + +
+ complex +
+ 		always +
Values forwarded to the origin for this cache behavior.
+
+
    +
+ cookies + +
+ complex +
+ 		always +
Cookies to forward to the origin.
+
+
     +
+ forward + +
+ string +
+ 		always +
Which cookies to forward to the origin for this cache behavior.
+
+
Sample:
+
none
+
     +
+ whitelisted_names + +
+ complex +
+ 		when forward=whitelist +
The names of the cookies to forward to the origin for this cache behavior.
+
+
      +
+ items + +
+ list +
+ 		when list is not empty +
List of cookies to forward.
+
+
Sample:
+
my_cookie
+
      +
+ quantity + +
+ integer +
+ 		always +
Count of cookies to forward.
+
+
Sample:
+
1
+
    +
+ headers + +
+ complex +
+ 		always +
Which headers are used to vary on cache retrievals.
+
+
     +
+ items + +
+ list +
+ 		when list is not empty +
List of headers to vary on.
+
+
Sample:
+
['Host']
+
     +
+ quantity + +
+ integer +
+ 		always +
Count of headers to vary on.
+
+
Sample:
+
1
+
    +
+ query_string + +
+ boolean +
+ 		always +
Whether the query string is used in cache lookups.
+
+
    +
+ query_string_cache_keys + +
+ complex +
+ 		always +
Which query string keys to use in cache lookups.
+
+
     +
+ items + +
+ list +
+ 		when list is not empty +
List of query string cache keys to use in cache lookups.
+
+
     +
+ quantity + +
+ integer +
+ 		always +
Count of query string cache keys to use in cache lookups.
+
+
Sample:
+
1
+
   +
+ lambda_function_associations + +
+ complex +
+ 		always +
Lambda function associations for a cache behavior.
+
+
    +
+ items + +
+ list +
+ 		when list is not empty +
List of lambda function associations.
+
+
Sample:
+
[{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of lambda function associations.
+
+
Sample:
+
1
+
   +
+ max_ttl + +
+ integer +
+ 		always +
Maximum Time to Live.
+
+
Sample:
+
31536000
+
   +
+ min_ttl + +
+ integer +
+ 		always +
Minimum Time to Live.
+
+
   +
+ path_pattern + +
+ string +
+ 		always +
Path pattern that determines this cache behavior.
+
+
Sample:
+
/path/to/files/*
+
   +
+ smooth_streaming + +
+ boolean +
+ 		always +
Whether smooth streaming is enabled.
+
+
   +
+ target_origin_id + +
+ string +
+ 		always +
ID of origin reference by this cache behavior.
+
+
Sample:
+
origin_abcd
+
   +
+ trusted_signers + +
+ complex +
+ 		always +
Trusted signers.
+
+
    +
+ enabled + +
+ boolean +
+ 		always +
Whether trusted signers are enabled for this cache behavior.
+
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of trusted signers.
+
+
Sample:
+
1
+
   +
+ viewer_protocol_policy + +
+ string +
+ 		always +
Policy of how to handle http/https.
+
+
Sample:
+
redirect-to-https
+
  +
+ quantity + +
+ integer +
+ 		always +
Count of cache behaviors.
+
+
Sample:
+
1
+
+
+ caller_reference + +
+ string +
+ 		always +
Idempotency reference given when creating CloudFront distribution.
+
+
Sample:
+
1484796016700
+
+
+ comment + +
+ string +
+ 		always +
Any comments you want to include about the distribution.
+
+
Sample:
+
my first CloudFront distribution
+
+
+ custom_error_responses + +
+ complex +
+ 		always +
Custom error responses to use for error handling.
+
+
  +
+ items + +
+ complex +
+ 		always +
List of custom error responses.
+
+
   +
+ error_caching_min_ttl + +
+ integer +
+ 		always +
Minimum time to cache this error response.
+
+
Sample:
+
300
+
   +
+ error_code + +
+ integer +
+ 		always +
Origin response code that triggers this error response.
+
+
Sample:
+
500
+
   +
+ response_code + +
+ string +
+ 		always +
Response code to return to the requester.
+
+
Sample:
+
500
+
   +
+ response_page_path + +
+ string +
+ 		always +
Path that contains the error page to display.
+
+
Sample:
+
/errors/5xx.html
+
  +
+ quantity + +
+ integer +
+ 		always +
Count of custom error response items
+
+
Sample:
+
1
+
+
+ default_cache_behavior + +
+ complex +
+ 		always +
Default cache behavior.
+
+
  +
+ allowed_methods + +
+ complex +
+ 		always +
Methods allowed by the cache behavior.
+
+
   +
+ cached_methods + +
+ complex +
+ 		always +
Methods cached by the cache behavior.
+
+
    +
+ items + +
+ list +
+ 		always +
List of cached methods.
+
+
Sample:
+
['HEAD', 'GET']
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of cached methods.
+
+
Sample:
+
2
+
   +
+ items + +
+ list +
+ 		always +
List of methods allowed by the cache behavior.
+
+
Sample:
+
['HEAD', 'GET']
+
   +
+ quantity + +
+ integer +
+ 		always +
Count of methods allowed by the cache behavior.
+
+
Sample:
+
2
+
  +
+ compress + +
+ boolean +
+ 		always +
Whether compression is turned on for the cache behavior.
+
+
  +
+ default_ttl + +
+ integer +
+ 		always +
Default Time to Live of the cache behavior.
+
+
Sample:
+
86400
+
  +
+ forwarded_values + +
+ complex +
+ 		always +
Values forwarded to the origin for this cache behavior.
+
+
   +
+ cookies + +
+ complex +
+ 		always +
Cookies to forward to the origin.
+
+
    +
+ forward + +
+ string +
+ 		always +
Which cookies to forward to the origin for this cache behavior.
+
+
Sample:
+
none
+
    +
+ whitelisted_names + +
+ complex +
+ 		when forward=whitelist +
The names of the cookies to forward to the origin for this cache behavior.
+
+
     +
+ items + +
+ list +
+ 		when list is not empty +
List of cookies to forward.
+
+
Sample:
+
my_cookie
+
     +
+ quantity + +
+ integer +
+ 		always +
Count of cookies to forward.
+
+
Sample:
+
1
+
   +
+ headers + +
+ complex +
+ 		always +
Which headers are used to vary on cache retrievals.
+
+
    +
+ items + +
+ list +
+ 		when list is not empty +
List of headers to vary on.
+
+
Sample:
+
['Host']
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of headers to vary on.
+
+
Sample:
+
1
+
   +
+ query_string + +
+ boolean +
+ 		always +
Whether the query string is used in cache lookups.
+
+
   +
+ query_string_cache_keys + +
+ complex +
+ 		always +
Which query string keys to use in cache lookups.
+
+
    +
+ items + +
+ list +
+ 		when list is not empty +
List of query string cache keys to use in cache lookups.
+
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of query string cache keys to use in cache lookups.
+
+
Sample:
+
1
+
  +
+ lambda_function_associations + +
+ complex +
+ 		always +
Lambda function associations for a cache behavior.
+
+
   +
+ items + +
+ list +
+ 		when list is not empty +
List of lambda function associations.
+
+
Sample:
+
[{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
+
   +
+ quantity + +
+ integer +
+ 		always +
Count of lambda function associations.
+
+
Sample:
+
1
+
  +
+ max_ttl + +
+ integer +
+ 		always +
Maximum Time to Live.
+
+
Sample:
+
31536000
+
  +
+ min_ttl + +
+ integer +
+ 		always +
Minimum Time to Live.
+
+
  +
+ path_pattern + +
+ string +
+ 		always +
Path pattern that determines this cache behavior.
+
+
Sample:
+
/path/to/files/*
+
  +
+ smooth_streaming + +
+ boolean +
+ 		always +
Whether smooth streaming is enabled.
+
+
  +
+ target_origin_id + +
+ string +
+ 		always +
ID of origin reference by this cache behavior.
+
+
Sample:
+
origin_abcd
+
  +
+ trusted_signers + +
+ complex +
+ 		always +
Trusted signers.
+
+
   +
+ enabled + +
+ boolean +
+ 		always +
Whether trusted signers are enabled for this cache behavior.
+
+
   +
+ quantity + +
+ integer +
+ 		always +
Count of trusted signers.
+
+
Sample:
+
1
+
  +
+ viewer_protocol_policy + +
+ string +
+ 		always +
Policy of how to handle http/https.
+
+
Sample:
+
redirect-to-https
+
+
+ default_root_object + +
+ string +
+ 		always +
The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution.
+
+
+
+ diff + +
+ dictionary +
+ 		always +
Difference between previous configuration and new configuration.
+
+
+
+ domain_name + +
+ string +
+ 		always +
Domain name of CloudFront distribution.
+
+
Sample:
+
d1vz8pzgurxosf.cloudfront.net
+
+
+ enabled + +
+ boolean +
+ 		always +
Whether the CloudFront distribution is enabled or not.
+
+
Sample:
+
True
+
+
+ http_version + +
+ string +
+ 		always +
Version of HTTP supported by the distribution.
+
+
Sample:
+
http2
+
+
+ id + +
+ string +
+ 		always +
CloudFront distribution ID.
+
+
Sample:
+
E123456ABCDEFG
+
+
+ in_progress_invalidation_batches + +
+ integer +
+ 		always +
The number of invalidation batches currently in progress.
+
+
+
+ is_ipv6_enabled + +
+ boolean +
+ 		always +
Whether IPv6 is enabled.
+
+
Sample:
+
True
+
+
+ last_modified_time + +
+ string +
+ 		always +
Date and time distribution was last modified.
+
+
Sample:
+
2017-10-13T01:51:12.656000+00:00
+
+
+ logging + +
+ complex +
+ 		always +
Logging information.
+
+
  +
+ bucket + +
+ string +
+ 		always +
S3 bucket logging destination.
+
+
Sample:
+
logs-example-com.s3.amazonaws.com
+
  +
+ enabled + +
+ boolean +
+ 		always +
Whether logging is enabled.
+
+
Sample:
+
True
+
  +
+ include_cookies + +
+ boolean +
+ 		always +
Whether to log cookies.
+
+
  +
+ prefix + +
+ string +
+ 		always +
Prefix added to logging object names.
+
+
Sample:
+
cloudfront/test
+
+
+ origins + +
+ complex +
+ 		always +
Origins in the CloudFront distribution.
+
+
  +
+ items + +
+ complex +
+ 		always +
List of origins.
+
+
   +
+ custom_headers + +
+ complex +
+ 		always +
Custom headers passed to the origin.
+
+
    +
+ quantity + +
+ integer +
+ 		always +
Count of headers.
+
+
Sample:
+
1
+
   +
+ custom_origin_config + +
+ complex +
+ 		always +
Configuration of the origin.
+
+
    +
+ http_port + +
+ integer +
+ 		always +
Port on which HTTP is listening.
+
+
Sample:
+
80
+
    +
+ https_port + +
+ integer +
+ 		always +
Port on which HTTPS is listening.
+
+
Sample:
+
443
+
    +
+ origin_keepalive_timeout + +
+ integer +
+ 		always +
Keep-alive timeout.
+
+
Sample:
+
5
+
    +
+ origin_protocol_policy + +
+ string +
+ 		always +
Policy of which protocols are supported.
+
+
Sample:
+
https-only
+
    +
+ origin_read_timeout + +
+ integer +
+ 		always +
Timeout for reads to the origin.
+
+
Sample:
+
30
+
    +
+ origin_ssl_protocols + +
+ complex +
+ 		always +
SSL protocols allowed by the origin.
+
+
     +
+ items + +
+ list +
+ 		always +
List of SSL protocols.
+
+
Sample:
+
['TLSv1', 'TLSv1.1', 'TLSv1.2']
+
     +
+ quantity + +
+ integer +
+ 		always +
Count of SSL protocols.
+
+
Sample:
+
3
+
   +
+ domain_name + +
+ string +
+ 		always +
Domain name of the origin.
+
+
Sample:
+
test-origin.example.com
+
   +
+ id + +
+ string +
+ 		always +
ID of the origin.
+
+
Sample:
+
test-origin.example.com
+
   +
+ origin_path + +
+ string +
+ 		always +
Subdirectory to prefix the request from the S3 or HTTP origin.
+
+
  +
+ quantity + +
+ integer +
+ 		always +
Count of origins.
+
+
Sample:
+
1
+
+
+ price_class + +
+ string +
+ 		always +
Price class of CloudFront distribution.
+
+
Sample:
+
PriceClass_All
+
+
+ restrictions + +
+ complex +
+ 		always +
Restrictions in use by CloudFront.
+
+
  +
+ geo_restriction + +
+ complex +
+ 		always +
Controls the countries in which your content is distributed.
+
+
   +
+ items + +
+ list +
+ 		always +
List of country codes allowed or disallowed.
+
+
Sample:
+
xy
+
   +
+ quantity + +
+ integer +
+ 		always +
Count of restrictions.
+
+
Sample:
+
1
+
   +
+ restriction_type + +
+ string +
+ 		always +
Type of restriction.
+
+
Sample:
+
blacklist
+
+
+ status + +
+ string +
+ 		always +
Status of the CloudFront distribution.
+
+
Sample:
+
InProgress
+
+
+ tags + +
+ dictionary +
+ 		always +
Distribution tags.
+
+
Sample:
+
{'Hello': 'World'}
+
+
+ viewer_certificate + +
+ complex +
+ 		always +
Certificate used by CloudFront distribution.
+
+
  +
+ acm_certificate_arn + +
+ string +
+ 		when certificate comes from ACM +
ARN of ACM certificate.
+
+
Sample:
+
arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
+
  +
+ certificate + +
+ string +
+ 		always +
Reference to certificate.
+
+
Sample:
+
arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
+
  +
+ certificate_source + +
+ string +
+ 		always +
Where certificate comes from.
+
+
Sample:
+
acm
+
  +
+ minimum_protocol_version + +
+ string +
+ 		always +
Minimum SSL/TLS protocol supported by this distribution.
+
+
Sample:
+
TLSv1
+
  +
+ ssl_support_method + +
+ string +
+ 		always +
Support for pre-SNI browsers or not.
+
+
Sample:
+
sni-only
+
+
+ web_acl_id + +
+ string +
+ 		always +
ID of Web Access Control List (from WAF service).
+
+
Sample:
+
abcd1234-1234-abcd-abcd-abcd12345678
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_info.rst b/docs/community.aws.cloudfront_info.rst new file mode 100644 index 00000000000..c0eebe28220 --- /dev/null +++ b/docs/community.aws.cloudfront_info.rst @@ -0,0 +1,830 @@ + +.. _community.aws.cloudfront_info_: + + +***************************** +community.aws.cloudfront_info +***************************** + +**Obtain facts about an AWS CloudFront distribution** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets information about an AWS CloudFront distribution. +- This module was called ``cloudfront_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`cloudfront_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ all_lists + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get all CloudFront lists that do not require parameters.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ distribution + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get information about a distribution.
+
Requires distribution_id or domain_name_alias to be specified.
+
+
+ distribution_config + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get the configuration information about a distribution.
+
Requires distribution_id or domain_name_alias to be specified.
+
+
+ distribution_id + +
+ string +
+ 		+ + +
The id of the CloudFront distribution. Used with distribution, distribution_config, invalidation, streaming_distribution, streaming_distribution_config, list_invalidations.
+
+
+ domain_name_alias + +
+ string +
+ 		+ + +
Can be used instead of distribution_id - uses the aliased CNAME for the CloudFront distribution to get the distribution id where required.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ invalidation + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get information about an invalidation.
+
Requires invalidation_id to be specified.
+
+
+ invalidation_id + +
+ string +
+ 		+ + +
The id of the invalidation to get information about.
+
Used with invalidation.
+
+
+ list_distributions + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get a list of CloudFront distributions.
+
+
+ list_distributions_by_web_acl_id + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get a list of distributions using web acl id as a filter.
+
Requires web_acl_id to be set.
+
+
+ list_invalidations + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get a list of invalidations.
+
Requires distribution_id or domain_name_alias to be specified.
+
+
+ list_origin_access_identities + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get a list of CloudFront origin access identities.
+
Requires origin_access_identity_id to be set.
+
+
+ list_streaming_distributions + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get a list of streaming distributions.
+
+
+ origin_access_identity + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get information about an origin access identity.
+
Requires origin_access_identity_id to be specified.
+
+
+ origin_access_identity_config + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get the configuration information about an origin access identity.
+
Requires origin_access_identity_id to be specified.
+
+
+ origin_access_identity_id + +
+ string +
+ 		+ + +
The id of the CloudFront origin access identity to get information about.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ streaming_distribution + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get information about a specified RTMP distribution.
+
Requires distribution_id or domain_name_alias to be specified.
+
+
+ streaming_distribution_config + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Get the configuration information about a specified RTMP distribution.
+
Requires distribution_id or domain_name_alias to be specified.
+
+
+ summary + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Returns a summary of all distributions, streaming distributions and origin_access_identities.
+
This is the default behaviour if no option is selected.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Get a summary of distributions + - cloudfront_info: + summary: true + register: result + + # Get information about a distribution + - cloudfront_info: + distribution: true + distribution_id: my-cloudfront-distribution-id + register: result_did + - debug: + msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" + + # Get information about a distribution using the CNAME of the cloudfront distribution. + - cloudfront_info: + distribution: true + domain_name_alias: www.my-website.com + register: result_website + - debug: + msg: "{{ result_website['cloudfront']['www.my-website.com'] }}" + + # When the module is called as cloudfront_facts, return values are published + # in ansible_facts['cloudfront'][] and can be used as follows. + # Note that this is deprecated and will stop working in Ansible 2.13. + - cloudfront_facts: + distribution: true + distribution_id: my-cloudfront-distribution-id + - debug: + msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" + + - cloudfront_facts: + distribution: true + domain_name_alias: www.my-website.com + - debug: + msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" + + # Get all information about an invalidation for a distribution. + - cloudfront_facts: + invalidation: true + distribution_id: my-cloudfront-distribution-id + invalidation_id: my-cloudfront-invalidation-id + + # Get all information about a CloudFront origin access identity. + - cloudfront_facts: + origin_access_identity: true + origin_access_identity_id: my-cloudfront-origin-access-identity-id + + # Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + - cloudfront_facts: + origin_access_identity: true + origin_access_identity_id: my-cloudfront-origin-access-identity-id + + # Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + - cloudfront_facts: + all_lists: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ distribution + +
+ dictionary +
+ 		only if distribution is true +
Facts about a CloudFront distribution. Requires distribution_id or domain_name_alias to be specified. Requires origin_access_identity_id to be set.
+
+
+
+ distribution_config + +
+ dictionary +
+ 		only if distribution_config is true +
Facts about a CloudFront distribution's config. Requires distribution_id or domain_name_alias to be specified.
+
+
+
+ invalidation + +
+ dictionary +
+ 		only if invalidation is true +
Describes the invalidation information for the distribution. Requires invalidation_id to be specified and either distribution_id or domain_name_alias.
+
+
+
+ origin_access_identity + +
+ dictionary +
+ 		only if origin_access_identity is true +
Describes the origin access identity information. Requires origin_access_identity_id to be set.
+
+
+
+ origin_access_identity_configuration + +
+ dictionary +
+ 		only if origin_access_identity_configuration is true +
Describes the origin access identity information configuration information. Requires origin_access_identity_id to be set.
+
+
+
+ result + +
+ dictionary +
+ 		always +
Result dict not nested under the CloudFront ID to access results of module without the knowledge of that id as figuring out the DistributionId is usually the reason one uses this module in the first place.
+
+
+
+ streaming_distribution + +
+ dictionary +
+ 		only if streaming_distribution is true +
Describes the streaming information for the distribution. Requires distribution_id or domain_name_alias to be specified.
+
+
+
+ streaming_distribution_config + +
+ dictionary +
+ 		only if streaming_distribution_config is true +
Describes the streaming configuration information for the distribution. Requires distribution_id or domain_name_alias to be specified.
+
+
+
+ summary + +
+ dictionary +
+ 		as default or if summary is true +
Gives a summary of distributions, streaming distributions and origin access identities.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_invalidation.rst b/docs/community.aws.cloudfront_invalidation.rst new file mode 100644 index 00000000000..03323cac566 --- /dev/null +++ b/docs/community.aws.cloudfront_invalidation.rst @@ -0,0 +1,534 @@ + +.. _community.aws.cloudfront_invalidation_: + + +************************************* +community.aws.cloudfront_invalidation +************************************* + +**create invalidations for AWS CloudFront distributions** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for invalidation of a batch of paths for a CloudFront distribution. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ alias + +
+ string +
+ 		+ + +
The alias of the CloudFront distribution to invalidate paths for. Can be specified instead of distribution_id.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ caller_reference + +
+ string +
+ 		+ Default:
null
+ 		+ +
A unique reference identifier for the invalidation paths.
+
Defaults to current datetime stamp.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ distribution_id + +
+ string +
+ 		+ + +
The ID of the CloudFront distribution to invalidate paths for. Can be specified instead of the alias.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ target_paths + +
+ list + / elements=string / required
+ 		+ + +
A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*'
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - does not support check mode + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: create a batch of invalidations using a distribution_id for a reference + cloudfront_invalidation: + distribution_id: E15BU8SDCGSG57 + caller_reference: testing 123 + target_paths: + - /testpathone/test1.css + - /testpathtwo/test2.js + - /testpaththree/test3.ss + + - name: create a batch of invalidations using an alias as a reference and one path using a wildcard match + cloudfront_invalidation: + alias: alias.test.com + caller_reference: testing 123 + target_paths: + - /testpathone/test4.css + - /testpathtwo/test5.js + - /testpaththree/* + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ invalidation + +
+ complex +
+ 		always +
The invalidation's information.
+
+
  +
+ create_time + +
+ string +
+ 		always +
The date and time the invalidation request was first made.
+
+
Sample:
+
2018-02-01T15:50:41.159000+00:00
+
  +
+ id + +
+ string +
+ 		always +
The identifier for the invalidation request.
+
+
Sample:
+
I2G9MOWJZFV612
+
  +
+ invalidation_batch + +
+ complex +
+ 		always +
The current invalidation information for the batch request.
+
+
   +
+ caller_reference + +
+ string +
+ 		always +
The value used to uniquely identify an invalidation request.
+
+
Sample:
+
testing 123
+
   +
+ paths + +
+ complex +
+ 		always +
A dict that contains information about the objects that you want to invalidate.
+
+
    +
+ items + +
+ list +
+ 		always +
A list of the paths that you want to invalidate.
+
+
Sample:
+
['/testpathtwo/test2.js', '/testpathone/test1.css', '/testpaththree/test3.ss']
+
    +
+ quantity + +
+ integer +
+ 		always +
The number of objects that you want to invalidate.
+
+
Sample:
+
3
+
  +
+ status + +
+ string +
+ 		always +
The status of the invalidation request.
+
+
Sample:
+
Completed
+
+
+ location + +
+ string +
+ 		always +
The fully qualified URI of the distribution and invalidation batch request.
+
+
Sample:
+
https://cloudfront.amazonaws.com/2017-03-25/distribution/E1ZID6KZJECZY7/invalidation/I2G9MOWJZFV622
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_origin_access_identity.rst b/docs/community.aws.cloudfront_origin_access_identity.rst new file mode 100644 index 00000000000..103b35992d1 --- /dev/null +++ b/docs/community.aws.cloudfront_origin_access_identity.rst @@ -0,0 +1,484 @@ + +.. _community.aws.cloudfront_origin_access_identity_: + + +*********************************************** +community.aws.cloudfront_origin_access_identity +*********************************************** + +**Create, update and delete origin access identities for a CloudFront distribution** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for easy creation, updating and deletion of origin access identities. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ caller_reference + +
+ string +
+ 		+ + +
A unique identifier to reference the origin access identity by.
+
+
+ comment + +
+ string +
+ 		+ + +
A comment to describe the CloudFront origin access identity.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ origin_access_identity_id + +
+ string +
+ 		+ + +
The origin_access_identity_id of the CloudFront distribution.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
If the named resource should exist.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - Does not support check mode. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: create an origin access identity + cloudfront_origin_access_identity: + state: present + caller_reference: this is an example reference + comment: this is an example comment + + - name: update an existing origin access identity using caller_reference as an identifier + cloudfront_origin_access_identity: + origin_access_identity_id: E17DRN9XUOAHZX + caller_reference: this is an example reference + comment: this is a new comment + + - name: delete an existing origin access identity using caller_reference as an identifier + cloudfront_origin_access_identity: + state: absent + caller_reference: this is an example reference + comment: this is a new comment + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ cloud_front_origin_access_identity + +
+ complex +
+ 		always +
The origin access identity's information.
+
+
  +
+ cloud_front_origin_access_identity_config + +
+ complex +
+ 		always +
describes a url specifying the origin access identity.
+
+
   +
+ caller_reference + +
+ string +
+ 		always +
a caller reference for the oai
+
+
   +
+ comment + +
+ string +
+ 		always +
a comment describing the oai
+
+
  +
+ id + +
+ string +
+ 		always +
a unique identifier of the oai
+
+
  +
+ s3_canonical_user_id + +
+ string +
+ 		always +
the canonical user ID of the user who created the oai
+
+
+
+ e_tag + +
+ string +
+ 		always +
The current version of the origin access identity created.
+
+
+
+ location + +
+ string +
+ 		when initially created +
The fully qualified URI of the new origin access identity just created.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudtrail.rst b/docs/community.aws.cloudtrail.rst new file mode 100644 index 00000000000..6810f74c84d --- /dev/null +++ b/docs/community.aws.cloudtrail.rst @@ -0,0 +1,897 @@ + +.. _community.aws.cloudtrail_: + + +************************ +community.aws.cloudtrail +************************ + +**manage CloudTrail create, delete, update** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, deletes, or updates CloudTrail configuration. Ensures logging is also enabled. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cloudwatch_logs_log_group_arn + +
+ string +
+ 		+ + +
A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.
+ +
Required when cloudwatch_logs_role_arn.
+
+
+ cloudwatch_logs_role_arn + +
+ string +
+ 		+ + +
Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.
+ +
Required when cloudwatch_logs_log_group_arn.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ enable_log_file_validation + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Specifies whether log file integrity validation is enabled.
+
CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.
+

aliases: log_file_validation_enabled
+
+
+ enable_logging + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
+
+
+ include_global_events + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Record API calls from global services such as IAM and STS.
+

aliases: include_global_service_events
+
+
+ is_multi_region_trail + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specify whether the trail belongs only to one region or exists in all regions.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.
+
The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
+ +
+
+ name + +
+ string +
+ 		+ Default:
"default"
+ 		+ +
Name for the CloudTrail.
+
Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ s3_bucket_name + +
+ string +
+ 		+ + +
An existing S3 bucket where CloudTrail will deliver log files.
+
This bucket should exist and have the proper policy.
+ +
Required when state=present.
+
+
+ s3_key_prefix + +
+ string +
+ 		+ + +
S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ sns_topic_name + +
+ string +
+ 		+ + +
SNS Topic name to send notifications to when a log file is delivered.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
  • enabled
    • +
  • disabled
    • +
+ 		+ +
Add or remove CloudTrail configuration.
+
The following states have been preserved for backwards compatibility: state=enabled and state=disabled.
+
state=enabled is equivalet to state=present.
+
state=disabled is equivalet to state=absent.
+
+
+ tags + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A hash/dictionary of tags to be applied to the CloudTrail resource.
+
Remove completely or specify an empty dictionary to remove all tags.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create single region cloudtrail + cloudtrail: + state: present + name: default + s3_bucket_name: mylogbucket + s3_key_prefix: cloudtrail + region: us-east-1 + + - name: create multi-region trail with validation and tags + cloudtrail: + state: present + name: default + s3_bucket_name: mylogbucket + region: us-east-1 + is_multi_region_trail: true + enable_log_file_validation: true + cloudwatch_logs_role_arn: "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role" + cloudwatch_logs_log_group_arn: "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*" + kms_key_id: "alias/MyAliasName" + tags: + environment: dev + Name: default + + - name: show another valid kms_key_id + cloudtrail: + state: present + name: default + s3_bucket_name: mylogbucket + kms_key_id: "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012" + # simply "12345678-1234-1234-1234-123456789012" would be valid too. + + - name: pause logging the trail we just created + cloudtrail: + state: present + name: default + enable_logging: false + s3_bucket_name: mylogbucket + region: us-east-1 + is_multi_region_trail: true + enable_log_file_validation: true + tags: + environment: dev + Name: default + + - name: delete a trail + cloudtrail: + state: absent + name: default + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ exists + +
+ boolean +
+ 		always +
whether the resource exists
+
+
Sample:
+
True
+
+
+ trail + +
+ complex +
+ 		always +
CloudTrail resource details
+
+
Sample:
+
hash/dictionary of values
+
  +
+ cloud_watch_logs_log_group_arn + +
+ string +
+ 		success when present +
Full ARN of the CloudWatch Logs log group where events are delivered.
+
+
Sample:
+
arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*
+
  +
+ cloud_watch_logs_role_arn + +
+ string +
+ 		success when present +
Full ARN of the IAM role that CloudTrail assumes to deliver events.
+
+
Sample:
+
arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role
+
  +
+ has_custom_event_selectors + +
+ boolean +
+ 		success +
Whether any custom event selectors are used for this trail.
+
+
  +
+ home_region + +
+ string +
+ 		success +
The home region where the trail was originally created and must be edited.
+
+
Sample:
+
us-east-1
+
  +
+ include_global_service_events + +
+ boolean +
+ 		success +
Whether global services (IAM, STS) are logged with this trail
+
+
Sample:
+
True
+
  +
+ is_logging + +
+ boolean +
+ 		success +
Whether logging is turned on or paused for the Trail
+
+
Sample:
+
True
+
  +
+ is_multi_region_trail + +
+ boolean +
+ 		success +
Whether the trail applies to all regions or just one
+
+
Sample:
+
True
+
  +
+ kms_key_id + +
+ string +
+ 		success when present +
Full ARN of the KMS Key used to encrypt log files.
+
+
Sample:
+
arn:aws:kms::123456789012:key/12345678-1234-1234-1234-123456789012
+
  +
+ log_file_validation_enabled + +
+ boolean +
+ 		success +
Whether log file validation is enabled on the trail
+
+
Sample:
+
True
+
  +
+ name + +
+ string +
+ 		success +
Name of the CloudTrail resource
+
+
Sample:
+
default
+
  +
+ s3_bucket_name + +
+ string +
+ 		success +
S3 bucket name where log files are delivered
+
+
Sample:
+
myBucket
+
  +
+ s3_key_prefix + +
+ string +
+ 		success when present +
Key prefix in bucket where log files are delivered (if any)
+
+
Sample:
+
myKeyPrefix
+
  +
+ sns_topic_arn + +
+ string +
+ 		success when present +
Full ARN of the SNS topic where log delivery notifications are sent.
+
+
Sample:
+
arn:aws:sns:us-east-1:123456789012:topic/myTopic
+
  +
+ sns_topic_name + +
+ string +
+ 		success when present +
The SNS topic name where log delivery notifications are sent.
+
+
Sample:
+
myTopic
+
  +
+ tags + +
+ dictionary +
+ 		success +
hash/dictionary of tags applied to this resource
+
+
Sample:
+
{'environment': 'dev', 'Name': 'default'}
+
  +
+ trail_arn + +
+ string +
+ 		success +
Full ARN of the CloudTrail resource
+
+
Sample:
+
arn:aws:cloudtrail:us-east-1:123456789012:trail/default
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ansible Core Team +- Ted Timmons (@tedder) +- Daniel Shepherd (@shepdelacreme) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchevent_rule.rst b/docs/community.aws.cloudwatchevent_rule.rst new file mode 100644 index 00000000000..4759769d22a --- /dev/null +++ b/docs/community.aws.cloudwatchevent_rule.rst @@ -0,0 +1,594 @@ + +.. _community.aws.cloudwatchevent_rule_: + + +********************************** +community.aws.cloudwatchevent_rule +********************************** + +**Manage CloudWatch Event rules and targets** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module creates and manages CloudWatch event rules and targets. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A description of the rule.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ event_pattern + +
+ string +
+ 		+ + +
A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match [\.\-_A-Za-z0-9]+).
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the IAM role associated with the rule.
+
+
+ schedule_expression + +
+ string +
+ 		+ + +
A cron or rate expression that defines the schedule the rule will trigger on. For example, cron(0 20 * * ? *), rate(5 minutes).
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • disabled
    • +
  • absent
    • +
+ 		+ +
Whether the rule is present (and enabled), disabled, or absent.
+
+
+ targets + +
+ list + / elements=dictionary
+ 		+ + +
A list of targets to add to or update for the rule.
+
+
+ arn + +
+ string + / required
+ 		+ + +
The ARN associated with the target.
+
+
+ ecs_parameters + +
+ dictionary +
+ 		+ + +
Contains the ECS task definition and task count to be used, if the event target is an ECS task.
+
+
+ task_count + +
+ integer +
+ 		+ + +
The number of tasks to create based on task_definition.
+
+
+ task_definition_arn + +
+ string +
+ 		+ + +
The full ARN of the task definition.
+
+
+ id + +
+ string + / required
+ 		+ + +
The unique target assignment ID.
+
+
+ input + +
+ string +
+ 		+ + +
A JSON object that will override the event data when passed to the target.
+
If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
+
+
+ input_path + +
+ string +
+ 		+ + +
A JSONPath string (e.g. $.detail) that specifies the part of the event data to be passed to the target.
+
If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
+
+
+ role_arn + +
+ string +
+ 		+ + +
The ARN of the IAM role to be used for this target when the rule is triggered.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - A rule must contain at least an *event_pattern* or *schedule_expression*. A rule can have both an *event_pattern* and a *schedule_expression*, in which case the rule will trigger on matching events as well as on a schedule. + - When specifying targets, *input* and *input_path* are mutually-exclusive and optional parameters. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - cloudwatchevent_rule: + name: MyCronTask + schedule_expression: "cron(0 20 * * ? *)" + description: Run my scheduled task + targets: + - id: MyTargetId + arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction + + - cloudwatchevent_rule: + name: MyDisabledCronTask + schedule_expression: "rate(5 minutes)" + description: Run my disabled scheduled task + state: disabled + targets: + - id: MyOtherTargetId + arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction + input: '{"foo": "bar"}' + + - cloudwatchevent_rule: + name: MyCronTask + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ rule + +
+ dictionary +
+ 		success +
CloudWatch Event rule data.
+
+
Sample:
+
{'arn': 'arn:aws:events:us-east-1:123456789012:rule/MyCronTask', 'description': 'Run my scheduled task', 'name': 'MyCronTask', 'schedule_expression': 'cron(0 20 * * ? *)', 'state': 'ENABLED'}
+
+
+ targets + +
+ list +
+ 		success +
CloudWatch Event target(s) assigned to the rule.
+
+
Sample:
+
[{ 'arn': 'arn:aws:lambda:us-east-1:123456789012:function:MyFunction', 'id': 'MyTargetId' }]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jim Dalton (@jsdalton) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchlogs_log_group.rst b/docs/community.aws.cloudwatchlogs_log_group.rst new file mode 100644 index 00000000000..b253c8bd054 --- /dev/null +++ b/docs/community.aws.cloudwatchlogs_log_group.rst @@ -0,0 +1,549 @@ + +.. _community.aws.cloudwatchlogs_log_group_: + + +************************************** +community.aws.cloudwatchlogs_log_group +************************************** + +**create or delete log_group in CloudWatchLogs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete log_group in CloudWatchLogs. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
+
+
+ log_group_name + +
+ string + / required
+ 		+ + +
The name of the log group.
+
+
+ overwrite + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether an existing log group should be overwritten on create.
+
Mutually exclusive with purge_retention_policy.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_retention_policy + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to purge the retention policy or not.
+
Mutually exclusive with retention and overwrite.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ retention + +
+ integer +
+ 		+ + +
The number of days to retain the log events in the specified log group.
+
Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
+
Mutually exclusive with purge_retention_policy.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the rule is present or absent.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
The key-value pairs to use for the tags.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/logs.html. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - cloudwatchlogs_log_group: + log_group_name: test-log-group + + - cloudwatchlogs_log_group: + state: present + log_group_name: test-log-group + tags: { "Name": "test-log-group", "Env" : "QA" } + + - cloudwatchlogs_log_group: + state: present + log_group_name: test-log-group + tags: { "Name": "test-log-group", "Env" : "QA" } + kms_key_id: arn:aws:kms:region:account-id:key/key-id + + - cloudwatchlogs_log_group: + state: absent + log_group_name: test-log-group + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ log_groups + +
+ complex +
+ 		success +
Return the list of complex objects representing log groups
+
+
  +
+ arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the log group.
+
+
  +
+ creation_time + +
+ integer +
+ 		always +
The creation time of the log group.
+
+
  +
+ kms_key_id + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
+
+
  +
+ log_group_name + +
+ string +
+ 		always +
The name of the log group.
+
+
  +
+ metric_filter_count + +
+ integer +
+ 		always +
The number of metric filters.
+
+
  +
+ retention_in_days + +
+ integer +
+ 		always +
The number of days to retain the log events in the specified log group.
+
+
  +
+ stored_bytes + +
+ string +
+ 		always +
The number of bytes stored.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Willian Ricardo (@willricardo) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchlogs_log_group_info.rst b/docs/community.aws.cloudwatchlogs_log_group_info.rst new file mode 100644 index 00000000000..dcfdac3bf3c --- /dev/null +++ b/docs/community.aws.cloudwatchlogs_log_group_info.rst @@ -0,0 +1,413 @@ + +.. _community.aws.cloudwatchlogs_log_group_info_: + + +******************************************* +community.aws.cloudwatchlogs_log_group_info +******************************************* + +**Get information about log_group in CloudWatchLogs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Lists the specified log groups. You can list all your log groups or filter the results by prefix. +- This module was called ``cloudwatchlogs_log_group_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ log_group_name + +
+ string +
+ 		+ + +
The name or prefix of the log group to filter by.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + - cloudwatchlogs_log_group_info: + log_group_name: test-log-group + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ log_groups + +
+ complex +
+ 		success +
Return the list of complex objects representing log groups
+
+
  +
+ arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the log group.
+
+
  +
+ creation_time + +
+ integer +
+ 		always +
The creation time of the log group.
+
+
  +
+ kms_key_id + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
+
+
  +
+ log_group_name + +
+ string +
+ 		always +
The name of the log group.
+
+
  +
+ metric_filter_count + +
+ integer +
+ 		always +
The number of metric filters.
+
+
  +
+ retention_in_days + +
+ integer +
+ 		always +
The number of days to retain the log events in the specified log group.
+
+
  +
+ stored_bytes + +
+ string +
+ 		always +
The number of bytes stored.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Willian Ricardo (@willricardo) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst new file mode 100644 index 00000000000..496024dcecb --- /dev/null +++ b/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst @@ -0,0 +1,460 @@ + +.. _community.aws.cloudwatchlogs_log_group_metric_filter_: + + +**************************************************** +community.aws.cloudwatchlogs_log_group_metric_filter +**************************************************** + +**Manage CloudWatch log group metric filter** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modify and delete CloudWatch log group metric filter. +- CloudWatch log group metric filter can be use with :ref:`ec2_metric_alarm `. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filter_name + +
+ string + / required
+ 		+ + +
A name for the metric filter you create.
+
+
+ filter_pattern + +
+ string +
+ 		+ + +
A filter pattern for extracting metric data out of ingested log events. Required when state=present.
+
+
+ log_group_name + +
+ string + / required
+ 		+ + +
The name of the log group where the metric filter is applied on.
+
+
+ metric_transformation + +
+ dictionary +
+ 		+ + +
A collection of information that defines how metric data gets emitted. Required when state=present.
+
+
+ default_value + +
+ float +
+ 		+ + +
The value to emit when a filter pattern does not match a log event.
+
+
+ metric_name + +
+ string +
+ 		+ + +
The name of the cloudWatch metric.
+
+
+ metric_namespace + +
+ string +
+ 		+ + +
The namespace of the cloudWatch metric.
+
+
+ metric_value + +
+ string +
+ 		+ + +
The value to publish to the cloudWatch metric when a filter pattern matches a log event.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Whether the rule is present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: set metric filter on log group /fluentd/testcase + cloudwatchlogs_log_group_metric_filter: + log_group_name: /fluentd/testcase + filter_name: BoxFreeStorage + filter_pattern: '{($.value = *) && ($.hostname = "box")}' + state: present + metric_transformation: + metric_name: box_free_space + metric_namespace: fluentd_metrics + metric_value: "$.value" + + - name: delete metric filter on log group /fluentd/testcase + cloudwatchlogs_log_group_metric_filter: + log_group_name: /fluentd/testcase + filter_name: BoxFreeStorage + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ metric_filters + +
+ list +
+ 		success +
Return the origin response value
+
+
Sample:
+
[{'default_value': 3.1415, 'metric_name': 'box_free_space', 'metric_namespace': 'made_with_ansible', 'metric_value': '$.value'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Markus Bergholz (@markuman) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.data_pipeline.rst b/docs/community.aws.data_pipeline.rst new file mode 100644 index 00000000000..883e007bfeb --- /dev/null +++ b/docs/community.aws.data_pipeline.rst @@ -0,0 +1,737 @@ + +.. _community.aws.data_pipeline_: + + +*************************** +community.aws.data_pipeline +*************************** + +**Create and manage AWS Datapipelines** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create and manage AWS Datapipelines. Creation is not idempotent in AWS, so the ``uniqueId`` is created by hashing the options (minus objects) given to the datapipeline. +- The pipeline definition must be in the format given here https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutPipelineDefinition.html#API_PutPipelineDefinition_RequestSyntax. +- Operations will wait for a configurable amount of time to ensure the pipeline is in the requested state. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ Default:
""
+ 		+ +
An optional description for the pipeline being created.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the Datapipeline to create/modify/delete.
+
+
+ objects + +
+ list + / elements=dictionary
+ 		+ + +
A list of pipeline object definitions, each of which is a dict that takes the keys id, name and fields.
+
+
+ fields + +
+ list + / elements=dictionary
+ 		+ + +
Key-value pairs that define the properties of the object.
+
The value is specified as a reference to another object refValue or as a string value stringValue but not as both.
+
+
+ key + +
+ string +
+ 		+ + +
The field identifier.
+
+
+ refValue + +
+ string +
+ 		+ + +
The field value, expressed as the identifier of another object.
+
Exactly one of stringValue and refValue may be specified.
+
+
+ stringValue + +
+ string +
+ 		+ + +
The field value.
+
Exactly one of stringValue and refValue may be specified.
+
+
+ id + +
+ string +
+ 		+ + +
The ID of the object.
+
+
+ name + +
+ string +
+ 		+ + +
The name of the object.
+
+
+ parameters + +
+ list + / elements=dictionary
+ 		+ + +
A list of parameter objects (dicts) in the pipeline definition.
+
+
+ attributes + +
+ list + / elements=dictionary
+ 		+ + +
A list of attributes (dicts) of the parameter object.
+
+
+ key + +
+ string +
+ 		+ + +
The field identifier.
+
+
+ stringValue + +
+ string +
+ 		+ + +
The field value.
+
+
+ id + +
+ - +
+ 		+ + +
The ID of the parameter object.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
  • active
    • +
  • inactive
    • +
+ 		+ +
The requested state of the pipeline.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dict of key:value pair(s) to add to the pipeline.
+
+
+ timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ values + +
+ list + / elements=dictionary
+ 		+ + +
A list of parameter values (dicts) in the pipeline definition.
+
+
+ id + +
+ string +
+ 		+ + +
The ID of the parameter value
+
+
+ stringValue + +
+ string +
+ 		+ + +
The field value
+
+
+ version + +
+ string +
+ 		+ + +
The version option has never had any effect and will be removed in Ansible 2.14
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create pipeline + - data_pipeline: + name: test-dp + region: us-west-2 + objects: "{{pipelineObjects}}" + parameters: "{{pipelineParameters}}" + values: "{{pipelineValues}}" + tags: + key1: val1 + key2: val2 + state: present + + # Example populating and activating a pipeline that demonstrates two ways of providing pipeline objects + - data_pipeline: + name: test-dp + objects: + - "id": "DefaultSchedule" + "name": "Every 1 day" + "fields": + - "key": "period" + "stringValue": "1 days" + - "key": "type" + "stringValue": "Schedule" + - "key": "startAt" + "stringValue": "FIRST_ACTIVATION_DATE_TIME" + - "id": "Default" + "name": "Default" + "fields": [ { "key": "resourceRole", "stringValue": "my_resource_role" }, + { "key": "role", "stringValue": "DataPipelineDefaultRole" }, + { "key": "pipelineLogUri", "stringValue": "s3://my_s3_log.txt" }, + { "key": "scheduleType", "stringValue": "cron" }, + { "key": "schedule", "refValue": "DefaultSchedule" }, + { "key": "failureAndRerunMode", "stringValue": "CASCADE" } ] + state: active + + # Activate pipeline + - data_pipeline: + name: test-dp + region: us-west-2 + state: active + + # Delete pipeline + - data_pipeline: + name: test-dp + region: us-west-2 + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
whether the data pipeline has been modified
+
+
Sample:
+
{'changed': True}
+
+
+ result + +
+ dictionary +
+ 		always +
Contains the data pipeline data (data_pipeline) and a return message (msg). If the data pipeline exists data_pipeline will contain the keys description, name, pipeline_id, state, tags, and unique_id. If the data pipeline does not exist then data_pipeline will be an empty dict. The msg describes the status of the operation.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Raghu Udiyar (@raags) +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dms_endpoint.rst b/docs/community.aws.dms_endpoint.rst new file mode 100644 index 00000000000..c3095fe4a85 --- /dev/null +++ b/docs/community.aws.dms_endpoint.rst @@ -0,0 +1,721 @@ + +.. _community.aws.dms_endpoint_: + + +************************** +community.aws.dms_endpoint +************************** + +**Creates or destroys a data migration services endpoint** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or destroys a data migration services endpoint, that can be used to replicate data. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ certificatearn + +
+ string +
+ 		+ + +
Amazon Resource Name (ARN) for the certificate.
+
+
+ databasename + +
+ string +
+ 		+ + +
Name for the database on the origin or target side.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ dmstransfersettings + +
+ dictionary +
+ 		+ + +
The settings in JSON format for the DMS transfer type of source endpoint.
+
+
+ dynamodbsettings + +
+ dictionary +
+ 		+ + +
Settings in JSON format for the target Amazon DynamoDB endpoint if source or target is dynamodb.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ elasticsearchsettings + +
+ dictionary +
+ 		+ + +
Settings in JSON format for the target Elasticsearch endpoint.
+
+
+ endpointidentifier + +
+ string + / required
+ 		+ + +
An identifier name for the endpoint.
+
+
+ endpointtype + +
+ string + / required
+ 		+
    Choices: +
  • source
    • +
  • target
    • +
+ 		+ +
Type of endpoint we want to manage.
+
+
+ enginename + +
+ string + / required
+ 		+
    Choices: +
  • mysql
    • +
  • oracle
    • +
  • postgres
    • +
  • mariadb
    • +
  • aurora
    • +
  • redshift
    • +
  • s3
    • +
  • db2
    • +
  • azuredb
    • +
  • sybase
    • +
  • dynamodb
    • +
  • mongodb
    • +
  • sqlserver
    • +
+ 		+ +
Database engine that we want to use, please refer to the AWS DMS for more information on the supported engines and their limitations.
+
+
+ externaltabledefinition + +
+ string +
+ 		+ + +
The external table definition.
+
+
+ extraconnectionattributes + +
+ string +
+ 		+ + +
Extra attributes for the database connection, the AWS documentation states " For more information about extra connection attributes, see the documentation section for your data store."
+
+
+ kinesissettings + +
+ dictionary +
+ 		+ + +
Settings in JSON format for the target Amazon Kinesis Data Streams endpoint.
+
+
+ kmskeyid + +
+ string +
+ 		+ + +
Encryption key to use to encrypt replication storage and connection information.
+
+
+ mongodbsettings + +
+ dictionary +
+ 		+ + +
Settings in JSON format for the source MongoDB endpoint.
+
+
+ password + +
+ string +
+ 		+ + +
Password used to connect to the database this attribute can only be written the AWS API does not return this parameter.
+
+
+ port + +
+ integer +
+ 		+ + +
TCP port for access to the database.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ retries + +
+ integer +
+ 		+ + +
number of times we should retry when deleting a resource
+
Required when wait=true.
+
+
+ s3settings + +
+ dictionary +
+ 		+ + +
S3 buckets settings for the target Amazon S3 endpoint.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ servername + +
+ string +
+ 		+ + +
Servername that the endpoint will connect to.
+
+
+ serviceaccessrolearn + +
+ string +
+ 		+ + +
Amazon Resource Name (ARN) for the service access role that you want to use to create the endpoint.
+
+
+ sslmode + +
+ string +
+ 		+
    Choices: +
  • none ←
    • +
  • require
    • +
  • verify-ca
    • +
  • verify-full
    • +
+ 		+ +
Mode used for the SSL connection.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
State of the endpoint.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A list of tags to add to the endpoint.
+
+
+ timeout + +
+ integer +
+ 		+ + +
Time in seconds we should wait for when deleting a resource.
+
Required when wait=true.
+
+
+ username + +
+ string +
+ 		+ + +
Username our endpoint will use to connect to the database.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether Ansible should wait for the object to be deleted when state=absent.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details + # Endpoint Creation + - dms_endpoint: + state: absent + endpointidentifier: 'testsource' + endpointtype: source + enginename: aurora + username: testing1 + password: testint1234 + servername: testing.domain.com + port: 3306 + databasename: 'testdb' + sslmode: none + wait: false + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rui Moreira (@ruimoreira) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dms_replication_subnet_group.rst b/docs/community.aws.dms_replication_subnet_group.rst new file mode 100644 index 00000000000..3dd33626847 --- /dev/null +++ b/docs/community.aws.dms_replication_subnet_group.rst @@ -0,0 +1,324 @@ + +.. _community.aws.dms_replication_subnet_group_: + + +****************************************** +community.aws.dms_replication_subnet_group +****************************************** + +**creates or destroys a data migration services subnet group** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or destroys a data migration services subnet group. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string + / required
+ 		+ + +
The description for the subnet group.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ identifier + +
+ string + / required
+ 		+ + +
The name for the replication subnet group. This value is stored as a lowercase string. Must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens. Must not be "default".
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
State of the subnet group.
+
+
+ subnet_ids + +
+ list + / elements=string / required
+ 		+ + +
A list containing the subnet ids for the replication subnet group, needs to be at least 2 items in the list.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - dms_replication_subnet_group: + state: present + identifier: "dev-sngroup" + description: "Development Subnet Group asdasdas" + subnet_ids: ['subnet-id1','subnet-id2'] + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rui Moreira (@ruimoreira) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dynamodb_table.rst b/docs/community.aws.dynamodb_table.rst new file mode 100644 index 00000000000..4ca9d625e86 --- /dev/null +++ b/docs/community.aws.dynamodb_table.rst @@ -0,0 +1,696 @@ + +.. _community.aws.dynamodb_table_: + + +**************************** +community.aws.dynamodb_table +**************************** + +**Create, update or delete AWS Dynamo DB tables** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete AWS Dynamo DB tables. +- Can update the provisioned throughput on existing tables. +- Returns the status of the specified table. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto >= 2.37.0 +- boto3 >= 1.4.4 (for tagging) +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ hash_key_name + +
+ string +
+ 		+ + +
Name of the hash key.
+
Required when state=present.
+
+
+ hash_key_type + +
+ string +
+ 		+
    Choices: +
  • STRING ←
    • +
  • NUMBER
    • +
  • BINARY
    • +
+ 		+ +
Type of the hash key.
+
+
+ indexes + +
+ list + / elements=dictionary
+ 		+ Default:
[]
+ 		+ +
list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.
+
required options: ['name', 'type', 'hash_key_name']
+
other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
+
+
+ hash_key_name + +
+ string + / required
+ 		+ + +
The name of the hash-based key.
+
+
+ hash_key_type + +
+ string +
+ 		+ + +
The type of the hash-based key.
+
+
+ includes + +
+ list +
+ 		+ + +
A list of fields to include when using global_include or include indexes.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the index.
+
+
+ range_key_name + +
+ string +
+ 		+ + +
The name of the range-based key.
+
+
+ range_key_type + +
+ string +
+ 		+ + +
The type of the range-based key.
+
+
+ read_capacity + +
+ integer +
+ 		+ + +
Read throughput capacity (units) to provision for the index.
+
+
+ type + +
+ string + / required
+ 		+ + +
The type of index.
+
Valid types: all, global_all, global_include, global_keys_only, include, keys_only
+
+
+ write_capacity + +
+ integer +
+ 		+ + +
Write throughput capacity (units) to provision for the index.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the table.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ range_key_name + +
+ string +
+ 		+ + +
Name of the range key.
+
+
+ range_key_type + +
+ string +
+ 		+
    Choices: +
  • STRING ←
    • +
  • NUMBER
    • +
  • BINARY
    • +
+ 		+ +
Type of the range key.
+
+
+ read_capacity + +
+ integer +
+ 		+ Default:
1
+ 		+ +
Read throughput capacity (units) to provision.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete the table.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag.
+
For example: {"key":"value"} and {"key":"value","key2":"value2"}
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait_for_active_timeout + +
+ integer +
+ 		+ Default:
60
+ 		+ +
how long before wait gives up, in seconds. only used when tags is set
+
+
+ write_capacity + +
+ integer +
+ 		+ Default:
1
+ 		+ +
Write throughput capacity (units) to provision.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create dynamo table with hash and range primary key + - dynamodb_table: + name: my-table + region: us-east-1 + hash_key_name: id + hash_key_type: STRING + range_key_name: create_time + range_key_type: NUMBER + read_capacity: 2 + write_capacity: 2 + tags: + tag_name: tag_value + + # Update capacity on existing dynamo table + - dynamodb_table: + name: my-table + region: us-east-1 + read_capacity: 10 + write_capacity: 10 + + # set index on existing dynamo table + - dynamodb_table: + name: my-table + region: us-east-1 + indexes: + - name: NamedIndex + type: global_include + hash_key_name: id + range_key_name: create_time + includes: + - other_field + - other_field2 + read_capacity: 10 + write_capacity: 10 + + # Delete dynamo table + - dynamodb_table: + name: my-table + region: us-east-1 + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ table_status + +
+ string +
+ 		success +
The current status of the table.
+
+
Sample:
+
ACTIVE
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Alan Loi (@loia) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dynamodb_ttl.rst b/docs/community.aws.dynamodb_ttl.rst new file mode 100644 index 00000000000..2ca10b01a37 --- /dev/null +++ b/docs/community.aws.dynamodb_ttl.rst @@ -0,0 +1,349 @@ + +.. _community.aws.dynamodb_ttl_: + + +************************** +community.aws.dynamodb_ttl +************************** + +**Set TTL for a given DynamoDB table** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Uses boto3 to set TTL. +- Requires botocore version 1.5.24 or higher. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore>=1.5.24 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ attribute_name + +
+ string + / required
+ 		+ + +
The name of the Time To Live attribute used to store the expiration time for items in the table.
+
This appears to be required by the API even when disabling TTL.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • enable
    • +
  • disable
    • +
+ 		+ +
State to set DynamoDB table to.
+
+
+ table_name + +
+ string + / required
+ 		+ + +
Name of the DynamoDB table to work on.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: enable TTL on my cowfacts table + dynamodb_ttl: + state: enable + table_name: cowfacts + attribute_name: cow_deleted_date + + - name: disable TTL on my cowfacts table + dynamodb_ttl: + state: disable + table_name: cowfacts + attribute_name: cow_deleted_date + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ current_status + +
+ dictionary +
+ 		always +
current or new TTL specification.
+
+
Sample:
+
[{'AttributeName': 'deploy_timestamp', 'TimeToLiveStatus': 'ENABLED'}, {'AttributeName': 'deploy_timestamp', 'Enabled': True}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ted Timmons (@tedder) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_ami_copy.rst b/docs/community.aws.ec2_ami_copy.rst new file mode 100644 index 00000000000..31960fe23e8 --- /dev/null +++ b/docs/community.aws.ec2_ami_copy.rst @@ -0,0 +1,513 @@ + +.. _community.aws.ec2_ami_copy_: + + +************************** +community.aws.ec2_ami_copy +************************** + +**copies AMI between AWS regions, return new image id** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Copies AMI from a source region to a destination region. **Since version 2.3 this module depends on boto3.** + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
An optional human-readable string describing the contents and purpose of the new AMI.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ encrypted + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not the destination snapshots of the copied AMI should be encrypted.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
+
+
+ name + +
+ string +
+ 		+ Default:
"default"
+ 		+ +
The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ source_image_id + +
+ string + / required
+ 		+ + +
The ID of the AMI in source region that should be copied.
+
+
+ source_region + +
+ string + / required
+ 		+ + +
The source region the AMI should be copied from.
+
+
+ tag_equality + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to use tags if the source AMI already exists in the target region. If this is set, and all tags match in an existing AMI, the AMI will not be copied again.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A hash/dictionary of tags to add to the new copied AMI: {"key":"value"} and {"key":"value","key":"value"}
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Wait for the copied AMI to be in state 'available' before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
600
+ 		+ +
How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
+
From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic AMI Copy + - ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + + # AMI copy wait until available + - ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + wait: yes + wait_timeout: 1200 # Default timeout is 600 + register: image_id + + # Named AMI copy + - ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + name: My-Awesome-AMI + description: latest patch + + # Tagged AMI copy (will not copy the same AMI twice) + - ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + tags: + Name: My-Super-AMI + Patch: 1.2.3 + tag_equality: yes + + # Encrypted AMI copy + - ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + encrypted: yes + + # Encrypted AMI copy with specified key + - ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + encrypted: yes + kms_key_id: arn:aws:kms:us-east-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ image_id + +
+ string +
+ 		always +
AMI ID of the copied AMI
+
+
Sample:
+
ami-e689729e
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Amir Moulavi (@amir343) +- Tim C (@defunctio) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_asg.rst b/docs/community.aws.ec2_asg.rst new file mode 100644 index 00000000000..9ede5cba7f5 --- /dev/null +++ b/docs/community.aws.ec2_asg.rst @@ -0,0 +1,1498 @@ + +.. _community.aws.ec2_asg_: + + +********************* +community.aws.ec2_asg +********************* + +**Create or delete AWS AutoScaling Groups (ASGs)** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete AWS AutoScaling Groups. +- Can be used with the :ref:`ec2_lc ` module to manage Launch Configurations. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ availability_zones + +
+ list + / elements=string
+ 		+ + +
List of availability zone names in which to create the group.
+
Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ default_cooldown + +
+ integer +
+ 		+ Default:
300
+ 		+ +
The number of seconds after a scaling activity completes before another can begin.
+
+
+ desired_capacity + +
+ integer +
+ 		+ + +
Desired number of instances in group, if unspecified then the current group value will be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ health_check_period + +
+ integer +
+ 		+ Default:
300
+ 		+ +
Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
+
+
+ health_check_type + +
+ string +
+ 		+
    Choices: +
  • EC2 ←
    • +
  • ELB
    • +
+ 		+ +
The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
+
+
+ launch_config_name + +
+ string +
+ 		+ + +
Name of the Launch configuration to use for the group. See the ec2_lc module for managing these.
+
If unspecified then the current group value will be used. One of launch_config_name or launch_template must be provided.
+
+
+ launch_template + +
+ dictionary +
+ 		+ + +
Dictionary describing the Launch Template to use
+
+
+ launch_template_id + +
+ string +
+ 		+ + +
The id of the launch template. Only one of launch_template_name or launch_template_id is required.
+
+
+ launch_template_name + +
+ string +
+ 		+ + +
The name of the launch template. Only one of launch_template_name or launch_template_id is required.
+
+
+ version + +
+ string +
+ 		+ + +
The version number of the launch template to use.
+
Defaults to latest version if not provided.
+
+
+ lc_check + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
+
+
+ load_balancers + +
+ list + / elements=string
+ 		+ + +
List of ELB names to use for the group. Use for classic load balancers.
+
+
+ lt_check + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Check to make sure instances that are being replaced with replace_instances do not already have the current launch_template or I(launch_template version.
+
+
+ max_instance_lifetime + +
+ integer +
+ 		+ + +
The maximum amount of time, in seconds, that an instance can be in service.
+
Maximum instance lifetime must be equal to 0, between 604800 and 31536000 seconds (inclusive), or not specified.
+
Value of 0 removes lifetime restriction.
+
+
+ max_size + +
+ integer +
+ 		+ + +
Maximum number of instances in group, if unspecified then the current group value will be used.
+
+
+ metrics_collection + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Enable ASG metrics collection.
+
+
+ metrics_granularity + +
+ string +
+ 		+ Default:
"1Minute"
+ 		+ +
When metrics_collection=true this will determine the granularity of metrics collected by CloudWatch.
+
+
+ metrics_list + +
+ list + / elements=string
+ 		+ Default:
["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
+ 		+ +
List of autoscaling metrics to collect when metrics_collection=true.
+
+
+ min_size + +
+ integer +
+ 		+ + +
Minimum number of instances in group, if unspecified then the current group value will be used.
+
+
+ mixed_instances_policy + +
+ dictionary +
+ 		+ + +
A mixed instance policy to use for the ASG.
+
Only used when the ASG is configured to use a Launch Template (launch_template).
+ +
+
+ instance_types + +
+ list + / elements=string
+ 		+ + +
A list of instance_types.
+
+
+ name + +
+ string + / required
+ 		+ + +
Unique name for group to be created or deleted.
+
+
+ notification_topic + +
+ string +
+ 		+ + +
A SNS topic ARN to send auto scaling notifications to.
+
+
+ notification_types + +
+ list + / elements=string
+ 		+ Default:
["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
+ 		+ +
A list of auto scaling events to trigger notifications on.
+
+
+ placement_group + +
+ string +
+ 		+ + +
Physical location of your cluster placement group created in Amazon EC2.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ replace_all_instances + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
In a rolling fashion, replace all instances that used the old launch configuration with one from the new launch configuration. It increases the ASG size by replace_batch_size, waits for the new instances to be up and running. After that, it terminates a batch of old instances, waits for the replacements, and repeats, until all old instances are replaced. Once that's done the ASG size is reduced back to the expected size.
+
+
+ replace_batch_size + +
+ integer +
+ 		+ Default:
1
+ 		+ +
Number of instances you'd like to replace at a time. Used with replace_all_instances.
+
+
+ replace_instances + +
+ list + / elements=string
+ 		+ + +
List of instance_ids belonging to the named AutoScalingGroup that you would like to terminate and be replaced with instances matching the current launch configuration.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Register or deregister the instance.
+
+
+ suspend_processes + +
+ list + / elements=string
+ 		+ Default:
[]
+ 		+ +
A list of scaling processes to suspend.
+
Valid values include:
+
Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer
+
Full documentation of valid values can be found in the AWS documentation:
+ +
+
+ tags + +
+ list + / elements=dictionary
+ 		+ + +
A list of tags to add to the Auto Scale Group.
+
Optional key is propagate_at_launch, which defaults to true.
+
When propagate_at_launch is true the tags will be propagated to the Instances created.
+
+
+ target_group_arns + +
+ list + / elements=string
+ 		+ + +
List of target group ARNs to use for the group. Use for application load balancers.
+
+
+ termination_policies + +
+ list + / elements=string
+ 		+ Default:
"Default"
+ 		+ +
An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.
+
Using termination_policies=Default when modifying an existing AutoScalingGroup will result in the existing policy being retained instead of changed to Default.
+
Valid values include: Default, OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour
+
Full documentation of valid values can be found in the AWS documentation:
+ +
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_zone_identifier + +
+ list + / elements=string
+ 		+ + +
List of VPC subnets to use
+
+
+ wait_for_instances + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of "InService" and a health_status of "Healthy".
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
How long to wait for instances to become viable when replaced. If you experience the error "Waited too long for ELB instances to be healthy", try increasing this value.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic configuration with Launch Configuration + + - ec2_asg: + name: special + load_balancers: [ 'lb1', 'lb2' ] + availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] + launch_config_name: 'lc-1' + min_size: 1 + max_size: 10 + desired_capacity: 5 + vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] + tags: + - environment: production + propagate_at_launch: no + + # Rolling ASG Updates + + # Below is an example of how to assign a new launch config to an ASG and terminate old instances. + # + # All instances in "myasg" that do not have the launch configuration named "my_new_lc" will be terminated in + # a rolling fashion with instances using the current launch configuration, "my_new_lc". + # + # This could also be considered a rolling deploy of a pre-baked AMI. + # + # If this is a newly created group, the instances will not be replaced since all instances + # will have the current launch configuration. + + - name: create launch config + ec2_lc: + name: my_new_lc + image_id: ami-lkajsf + key_name: mykey + region: us-east-1 + security_groups: sg-23423 + instance_type: m1.small + assign_public_ip: yes + + - ec2_asg: + name: myasg + launch_config_name: my_new_lc + health_check_period: 60 + health_check_type: ELB + replace_all_instances: yes + min_size: 5 + max_size: 5 + desired_capacity: 5 + region: us-east-1 + + # To only replace a couple of instances instead of all of them, supply a list + # to "replace_instances": + + - ec2_asg: + name: myasg + launch_config_name: my_new_lc + health_check_period: 60 + health_check_type: ELB + replace_instances: + - i-b345231 + - i-24c2931 + min_size: 5 + max_size: 5 + desired_capacity: 5 + region: us-east-1 + + # Basic Configuration with Launch Template + + - ec2_asg: + name: special + load_balancers: [ 'lb1', 'lb2' ] + availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] + launch_template: + version: '1' + launch_template_name: 'lt-example' + launch_template_id: 'lt-123456' + min_size: 1 + max_size: 10 + desired_capacity: 5 + vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] + tags: + - environment: production + propagate_at_launch: no + + # Basic Configuration with Launch Template using mixed instance policy + + - ec2_asg: + name: special + load_balancers: [ 'lb1', 'lb2' ] + availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] + launch_template: + version: '1' + launch_template_name: 'lt-example' + launch_template_id: 'lt-123456' + mixed_instances_policy: + instance_types: + - t3a.large + - t3.large + - t2.large + min_size: 1 + max_size: 10 + desired_capacity: 5 + vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] + tags: + - environment: production + propagate_at_launch: no + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ auto_scaling_group_arn + +
+ string +
+ 		success +
The unique ARN of the autoscaling group
+
+
Sample:
+
arn:aws:autoscaling:us-east-1:123456789012:autoScalingGroup:6a09ad6d-eeee-1234-b987-ee123ced01ad:autoScalingGroupName/myasg
+
+
+ auto_scaling_group_name + +
+ string +
+ 		success +
The unique name of the auto scaling group
+
+
Sample:
+
myasg
+
+
+ availability_zones + +
+ list +
+ 		success +
The availability zones for the auto scaling group
+
+
Sample:
+
['us-east-1d']
+
+
+ created_time + +
+ string +
+ 		success +
Timestamp of create time of the auto scaling group
+
+
Sample:
+
2017-11-08T14:41:48.272000+00:00
+
+
+ default_cooldown + +
+ integer +
+ 		success +
The default cooldown time in seconds.
+
+
Sample:
+
300
+
+
+ desired_capacity + +
+ integer +
+ 		success +
The number of EC2 instances that should be running in this group.
+
+
Sample:
+
3
+
+
+ healthcheck_period + +
+ integer +
+ 		success +
Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
+
+
Sample:
+
30
+
+
+ healthcheck_type + +
+ string +
+ 		success +
The service you want the health status from, one of "EC2" or "ELB".
+
+
Sample:
+
ELB
+
+
+ healthy_instances + +
+ integer +
+ 		success +
Number of instances in a healthy state
+
+
Sample:
+
5
+
+
+ in_service_instances + +
+ integer +
+ 		success +
Number of instances in service
+
+
Sample:
+
3
+
+
+ instance_facts + +
+ dictionary +
+ 		success +
Dictionary of EC2 instances and their status as it relates to the ASG.
+
+
Sample:
+
{'i-0123456789012': {'health_status': 'Healthy', 'launch_config_name': 'public-webapp-production-1', 'lifecycle_state': 'InService'}}
+
+
+ instances + +
+ list +
+ 		success +
list of instance IDs in the ASG
+
+
Sample:
+
['i-0123456789012']
+
+
+ launch_config_name + +
+ string +
+ 		success +
Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
+
+
Sample:
+
public-webapp-production-1
+
+
+ load_balancers + +
+ list +
+ 		success +
List of load balancers names attached to the ASG.
+
+
Sample:
+
['elb-webapp-prod']
+
+
+ max_instance_lifetime + +
+ integer +
+ 		success +
The maximum amount of time, in seconds, that an instance can be in service.
+
+
Sample:
+
604800
+
+
+ max_size + +
+ integer +
+ 		success +
Maximum size of group
+
+
Sample:
+
3
+
+
+ metrics_collection + +
+ list +
+ 		success +
List of enabled AutosSalingGroup metrics
+
+
Sample:
+
[{'Granularity': '1Minute', 'Metric': 'GroupInServiceInstances'}]
+
+
+ min_size + +
+ integer +
+ 		success +
Minimum size of group
+
+
Sample:
+
1
+
+
+ mixed_instance_policy + +
+ list +
+ 		success +
Returns the list of instance types if a mixed instance policy is set.
+
+
Sample:
+
['t3.micro', 't3a.micro']
+
+
+ pending_instances + +
+ integer +
+ 		success +
Number of instances in pending state
+
+
Sample:
+
1
+
+
+ tags + +
+ list +
+ 		success +
List of tags for the ASG, and whether or not each tag propagates to instances at launch.
+
+
Sample:
+
[{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
+
+
+ target_group_arns + +
+ list +
+ 		success +
List of ARNs of the target groups that the ASG populates
+
+
Sample:
+
['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
+
+
+ target_group_names + +
+ list +
+ 		success +
List of names of the target groups that the ASG populates
+
+
Sample:
+
['target-group-host-hello', 'target-group-path-world']
+
+
+ termination_policies + +
+ list +
+ 		success +
A list of termination policies for the group.
+
+
Sample:
+
['Default']
+
+
+ unhealthy_instances + +
+ integer +
+ 		success +
Number of instances in an unhealthy state
+
+
+
+ viable_instances + +
+ integer +
+ 		success +
Number of instances in a viable state
+
+
Sample:
+
1
+
+
+ vpc_zone_identifier + +
+ string +
+ 		success +
VPC zone ID / subnet id for the auto scaling group
+
+
Sample:
+
subnet-a31ef45f
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gareth Rushgrove (@garethr) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_asg_info.rst b/docs/community.aws.ec2_asg_info.rst new file mode 100644 index 00000000000..f22f0a0e3a4 --- /dev/null +++ b/docs/community.aws.ec2_asg_info.rst @@ -0,0 +1,692 @@ + +.. _community.aws.ec2_asg_info_: + + +************************** +community.aws.ec2_asg_info +************************** + +**Gather information about ec2 Auto Scaling Groups (ASGs) in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +- This module was called ``ec2_asg_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
The prefix or name of the auto scaling group(s) you are searching for.
+
Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Find all groups + - ec2_asg_info: + register: asgs + + # Find a group with matching name/prefix + - ec2_asg_info: + name: public-webserver-asg + register: asgs + + # Find a group with matching tags + - ec2_asg_info: + tags: + project: webapp + env: production + register: asgs + + # Find a group with matching name/prefix and tags + - ec2_asg_info: + name: myproject + tags: + env: production + register: asgs + + # Fail if no groups are found + - ec2_asg_info: + name: public-webserver-asg + register: asgs + failed_when: "{{ asgs.results | length == 0 }}" + + # Fail if more than 1 group is found + - ec2_asg_info: + name: public-webserver-asg + register: asgs + failed_when: "{{ asgs.results | length > 1 }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ auto_scaling_group_arn + +
+ string +
+ 		success +
The Amazon Resource Name of the ASG
+
+
Sample:
+
arn:aws:autoscaling:us-west-2:1234567890:autoScalingGroup:10787c52-0bcb-427d-82ba-c8e4b008ed2e:autoScalingGroupName/public-webapp-production-1
+
+
+ auto_scaling_group_name + +
+ string +
+ 		success +
Name of autoscaling group
+
+
Sample:
+
public-webapp-production-1
+
+
+ availability_zones + +
+ list +
+ 		success +
List of Availability Zones that are enabled for this ASG.
+
+
Sample:
+
['us-west-2a', 'us-west-2b', 'us-west-2a']
+
+
+ created_time + +
+ string +
+ 		success +
The date and time this ASG was created, in ISO 8601 format.
+
+
Sample:
+
2015-11-25T00:05:36.309Z
+
+
+ default_cooldown + +
+ integer +
+ 		success +
The default cooldown time in seconds.
+
+
Sample:
+
300
+
+
+ desired_capacity + +
+ integer +
+ 		success +
The number of EC2 instances that should be running in this group.
+
+
Sample:
+
3
+
+
+ health_check_period + +
+ integer +
+ 		success +
Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
+
+
Sample:
+
30
+
+
+ health_check_type + +
+ string +
+ 		success +
The service you want the health status from, one of "EC2" or "ELB".
+
+
Sample:
+
ELB
+
+
+ instances + +
+ list +
+ 		success +
List of EC2 instances and their status as it relates to the ASG.
+
+
Sample:
+
[{'availability_zone': 'us-west-2a', 'health_status': 'Healthy', 'instance_id': 'i-es22ad25', 'launch_configuration_name': 'public-webapp-production-1', 'lifecycle_state': 'InService', 'protected_from_scale_in': 'false'}]
+
+
+ launch_config_name + +
+ string +
+ 		success +
Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
+
+
Sample:
+
public-webapp-production-1
+
+
+ launch_configuration_name + +
+ string +
+ 		success +
Name of launch configuration associated with the ASG.
+
+
Sample:
+
public-webapp-production-1
+
+
+ load_balancer_names + +
+ list +
+ 		success +
List of load balancers names attached to the ASG.
+
+
Sample:
+
['elb-webapp-prod']
+
+
+ max_size + +
+ integer +
+ 		success +
Maximum size of group
+
+
Sample:
+
3
+
+
+ min_size + +
+ integer +
+ 		success +
Minimum size of group
+
+
Sample:
+
1
+
+
+ new_instances_protected_from_scale_in + +
+ boolean +
+ 		success +
Whether or not new instances a protected from automatic scaling in.
+
+
Sample:
+
false
+
+
+ placement_group + +
+ string +
+ 		success +
Placement group into which instances are launched, if any.
+
+
Sample:
+
None
+
+
+ status + +
+ string +
+ 		success +
The current state of the group when DeleteAutoScalingGroup is in progress.
+
+
Sample:
+
None
+
+
+ tags + +
+ list +
+ 		success +
List of tags for the ASG, and whether or not each tag propagates to instances at launch.
+
+
Sample:
+
[{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
+
+
+ target_group_arns + +
+ list +
+ 		success +
List of ARNs of the target groups that the ASG populates
+
+
Sample:
+
['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
+
+
+ target_group_names + +
+ list +
+ 		success +
List of names of the target groups that the ASG populates
+
+
Sample:
+
['target-group-host-hello', 'target-group-path-world']
+
+
+ termination_policies + +
+ string +
+ 		success +
A list of termination policies for the group.
+
+
Sample:
+
['Default']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_asg_lifecycle_hook.rst b/docs/community.aws.ec2_asg_lifecycle_hook.rst new file mode 100644 index 00000000000..c903dabb80e --- /dev/null +++ b/docs/community.aws.ec2_asg_lifecycle_hook.rst @@ -0,0 +1,437 @@ + +.. _community.aws.ec2_asg_lifecycle_hook_: + + +************************************ +community.aws.ec2_asg_lifecycle_hook +************************************ + +**Create, delete or update AWS ASG Lifecycle Hooks.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Will create a new hook when *state=present* and no given Hook is found. +- Will update an existing hook when *state=present* and a Hook is found, but current and provided parameters differ. +- Will delete the hook when *state=absent* and a Hook is found. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3>=1.4.4 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ autoscaling_group_name + +
+ string + / required
+ 		+ + +
The name of the Auto Scaling group to which you want to assign the lifecycle hook.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ default_result + +
+ string +
+ 		+
    Choices: +
  • ABANDON ←
    • +
  • CONTINUE
    • +
+ 		+ +
Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ heartbeat_timeout + +
+ integer +
+ 		+ + +
The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
+
By default Amazon AWS will use 3600 (1 hour)
+
+
+ lifecycle_hook_name + +
+ string + / required
+ 		+ + +
The name of the lifecycle hook.
+
+
+ notification_meta_data + +
+ string +
+ 		+ + +
Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
+
+
+ notification_target_arn + +
+ string +
+ 		+ + +
The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook.
+
This target can be either an SQS queue or an SNS topic.
+
If you specify an empty string, this overrides the current ARN.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string +
+ 		+ + +
The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete Lifecycle Hook.
+
When state=present updates existing hook or creates a new hook if not found.
+
+
+ transition + +
+ string +
+ 		+
    Choices: +
  • autoscaling:EC2_INSTANCE_TERMINATING
    • +
  • autoscaling:EC2_INSTANCE_LAUNCHING
    • +
+ 		+ +
The instance state to which you want to attach the lifecycle hook.
+
Required when state=present.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create / Update lifecycle hook + - ec2_asg_lifecycle_hook: + region: eu-central-1 + state: present + autoscaling_group_name: example + lifecycle_hook_name: example + transition: autoscaling:EC2_INSTANCE_LAUNCHING + heartbeat_timeout: 7000 + default_result: ABANDON + + # Delete lifecycle hook + - ec2_asg_lifecycle_hook: + region: eu-central-1 + state: absent + autoscaling_group_name: example + lifecycle_hook_name: example + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Igor 'Tsigankov' Eyrich (@tsiganenok) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_customer_gateway.rst b/docs/community.aws.ec2_customer_gateway.rst new file mode 100644 index 00000000000..d59d1e5f522 --- /dev/null +++ b/docs/community.aws.ec2_customer_gateway.rst @@ -0,0 +1,497 @@ + +.. _community.aws.ec2_customer_gateway_: + + +********************************** +community.aws.ec2_customer_gateway +********************************** + +**Manage an AWS customer gateway** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS customer gateway. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bgp_asn + +
+ integer +
+ 		+ + +
Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ ip_address + +
+ string + / required
+ 		+ + +
Internet-routable IP address for customers gateway, must be a static address.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the customer gateway.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ routing + +
+ string +
+ 		+
    Choices: +
  • static
    • +
  • dynamic ←
    • +
+ 		+ +
The type of routing.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or terminate the Customer Gateway.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - You cannot create more than one customer gateway with the same IP address. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources. + - Return values contain customer_gateway and customer_gateways keys which are identical dicts. You should use customer_gateway. See https://github.com/ansible/ansible-modules-extras/issues/2773 for details. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # Create Customer Gateway + - ec2_customer_gateway: + bgp_asn: 12345 + ip_address: 1.2.3.4 + name: IndianapolisOffice + region: us-east-1 + register: cgw + + # Delete Customer Gateway + - ec2_customer_gateway: + ip_address: 1.2.3.4 + name: IndianapolisOffice + state: absent + region: us-east-1 + register: cgw + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ gateway.customer_gateways + +
+ complex +
+ 		success +
details about the gateway that was created.
+
+
  +
+ bgp_asn + +
+ string +
+ 		when exists and gateway is available. +
The Border Gateway Autonomous System Number.
+
+
Sample:
+
65123
+
  +
+ customer_gateway_id + +
+ string +
+ 		when exists and gateway is available. +
gateway id assigned by amazon.
+
+
Sample:
+
cgw-cb6386a2
+
  +
+ ip_address + +
+ string +
+ 		when exists and gateway is available. +
ip address of your gateway device.
+
+
Sample:
+
1.2.3.4
+
  +
+ state + +
+ string +
+ 		when gateway exists and is available. +
state of gateway.
+
+
Sample:
+
available
+
  +
+ tags + +
+ list +
+ 		when gateway exists and is available, and when tags exist. +
Any tags on the gateway.
+
+
  +
+ type + +
+ string +
+ 		when gateway exists and is available. +
encryption type.
+
+
Sample:
+
ipsec.1
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael Baydoun (@MichaelBaydoun) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_customer_gateway_info.rst b/docs/community.aws.ec2_customer_gateway_info.rst new file mode 100644 index 00000000000..b594e1edc07 --- /dev/null +++ b/docs/community.aws.ec2_customer_gateway_info.rst @@ -0,0 +1,335 @@ + +.. _community.aws.ec2_customer_gateway_info_: + + +*************************************** +community.aws.ec2_customer_gateway_info +*************************************** + +**Gather information about customer gateways in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about customer gateways in AWS. +- This module was called ``ec2_customer_gateway_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ customer_gateway_ids + +
+ list + / elements=string
+ 		+ + +
Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html for possible filters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all customer gateways + ec2_customer_gateway_info: + + - name: Gather information about a filtered list of customer gateways, based on tags + ec2_customer_gateway_info: + region: ap-southeast-2 + filters: + "tag:Name": test-customer-gateway + "tag:AltName": test-customer-gateway-alt + register: cust_gw_info + + - name: Gather information about a specific customer gateway by specifying customer gateway ID + ec2_customer_gateway_info: + region: ap-southeast-2 + customer_gateway_ids: + - 'cgw-48841a09' + - 'cgw-fec021ce' + register: cust_gw_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ customer_gateways + +
+ list +
+ 		always +
List of one or more customer gateways.
+
+
Sample:
+
[{'bgp_asn': '65000', 'customer_gateway_id': 'cgw-fec844ce', 'customer_gateway_name': 'test-customer-gw', 'ip_address': '110.112.113.120', 'state': 'available', 'tags': [{'key': 'Name', 'value': 'test-customer-gw'}], 'type': 'ipsec.1'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Madhura Naniwadekar (@Madhura-CSI) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_eip.rst b/docs/community.aws.ec2_eip.rst new file mode 100644 index 00000000000..85ade86aca4 --- /dev/null +++ b/docs/community.aws.ec2_eip.rst @@ -0,0 +1,634 @@ + +.. _community.aws.ec2_eip_: + + +********************* +community.aws.ec2_eip +********************* + +**manages EC2 elastic IP (EIP) addresses.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module can allocate or release an EIP. +- This module can associate/disassociate an EIP with instances or network interfaces. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ allow_reassociation + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ device_id + +
+ string +
+ 		+ + +
The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.
+

aliases: instance_id
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ in_vpc + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Allocate an EIP inside a VPC or not.
+
Required if specifying an ENI with device_id.
+
+
+ private_ip_address + +
+ string +
+ 		+ + +
The primary or secondary private IP address to associate with the Elastic IP address.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ public_ip + +
+ string +
+ 		+ + +
The IP address of a previously allocated EIP.
+
When public_ip=present and device is specified, the EIP is associated with the device.
+
When public_ip=absent and device is specified, the EIP is disassociated from the device.
+

aliases: ip
+
+
+ public_ipv4_pool + +
+ string +
+ 		+ + +
Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when reuse_existing_ip_allowed=true.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ release_on_disassociation + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to automatically release the EIP when it is disassociated.
+
+
+ reuse_existing_ip_allowed + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
When state=present, allocate an EIP or associate an existing EIP with a device.
+
When state=absent, disassociate the EIP from the device and optionally release it.
+
+
+ tag_name + +
+ string +
+ 		+ + +
When reuse_existing_ip_allowed=true, supplement with this option to only reuse an Elastic IP if it is tagged with tag_name.
+
+
+ tag_value + +
+ string +
+ 		+ + +
Supplements tag_name but also checks that the value of the tag provided in tag_name matches tag_value.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait_timeout + +
+ integer +
+ 		+ + +
The wait_timeout option does nothing and will be removed in Ansible 2.14.
+
+
+ + +Notes +----- + +.. note:: + - There may be a delay between the time the EIP is assigned and when the cloud instance is reachable via the new address. Use wait_for and pause to delay further playbook execution until the instance is reachable, if necessary. + - This module returns multiple changed statuses on disassociation or release. It returns an overall status based on any changes occurring. It also returns individual changed statuses for disassociation and release. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: associate an elastic IP with an instance + ec2_eip: + device_id: i-1212f003 + ip: 93.184.216.119 + + - name: associate an elastic IP with a device + ec2_eip: + device_id: eni-c8ad70f3 + ip: 93.184.216.119 + + - name: associate an elastic IP with a device and allow reassociation + ec2_eip: + device_id: eni-c8ad70f3 + public_ip: 93.184.216.119 + allow_reassociation: true + + - name: disassociate an elastic IP from an instance + ec2_eip: + device_id: i-1212f003 + ip: 93.184.216.119 + state: absent + + - name: disassociate an elastic IP with a device + ec2_eip: + device_id: eni-c8ad70f3 + ip: 93.184.216.119 + state: absent + + - name: allocate a new elastic IP and associate it with an instance + ec2_eip: + device_id: i-1212f003 + + - name: allocate a new elastic IP without associating it to anything + ec2_eip: + state: present + register: eip + + - name: output the IP + debug: + msg: "Allocated IP is {{ eip.public_ip }}" + + - name: provision new instances with ec2 + ec2: + keypair: mykey + instance_type: c1.medium + image: ami-40603AD1 + wait: true + group: webserver + count: 3 + register: ec2 + + - name: associate new elastic IPs with each of the instances + ec2_eip: + device_id: "{{ item }}" + loop: "{{ ec2.instance_ids }}" + + - name: allocate a new elastic IP inside a VPC in us-west-2 + ec2_eip: + region: us-west-2 + in_vpc: true + register: eip + + - name: output the IP + debug: + msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" + + - name: allocate eip - reuse unallocated ips (if found) with FREE tag + ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: FREE + + - name: allocate eip - reuse unallocted ips if tag reserved is nope + ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: reserved + tag_value: nope + + - name: allocate new eip - from servers given ipv4 pool + ec2_eip: + region: us-east-1 + in_vpc: true + public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 + + - name: allocate eip - from a given pool (if no free addresses where dev-servers tag is dynamic) + ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: dev-servers + public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 + + - name: allocate eip from pool - check if tag reserved_for exists and value is our hostname + ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: reserved_for + tag_value: "{{ inventory_hostname }}" + public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ allocation_id + +
+ string +
+ 		on success +
allocation_id of the elastic ip
+
+
Sample:
+
eipalloc-51aa3a6c
+
+
+ public_ip + +
+ string +
+ 		on success +
an elastic ip address
+
+
Sample:
+
52.88.159.209
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rick Mendes (@rickmendes) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_eip_info.rst b/docs/community.aws.ec2_eip_info.rst new file mode 100644 index 00000000000..898cb122e86 --- /dev/null +++ b/docs/community.aws.ec2_eip_info.rst @@ -0,0 +1,339 @@ + +.. _community.aws.ec2_eip_info_: + + +************************** +community.aws.ec2_eip_info +************************** + +**List EC2 EIP details** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- List details of EC2 Elastic IP addresses. +- This module was called ``ec2_eip_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A dict of filters to apply. Each dict item consists of a filter key and filter value. See https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-addresses.html#options for possible filters. Filter names and values are case sensitive.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details or the AWS region, + # see the AWS Guide for details. + + # List all EIP addresses in the current region. + - ec2_eip_info: + register: regional_eip_addresses + + # List all EIP addresses for a VM. + - ec2_eip_info: + filters: + instance-id: i-123456789 + register: my_vm_eips + + - debug: msg="{{ my_vm_eips.addresses | json_query("[?private_ip_address=='10.0.0.5']") }}" + + # List all EIP addresses for several VMs. + - ec2_eip_info: + filters: + instance-id: + - i-123456789 + - i-987654321 + register: my_vms_eips + + # List all EIP addresses using the 'Name' tag as a filter. + - ec2_eip_info: + filters: + tag:Name: www.example.com + register: my_vms_eips + + # List all EIP addresses using the Allocation-id as a filter + - ec2_eip_info: + filters: + allocation-id: eipalloc-64de1b01 + register: my_vms_eips + + # Set the variable eip_alloc to the value of the first allocation_id + # and set the variable my_pub_ip to the value of the first public_ip + - set_fact: + eip_alloc: my_vms_eips.addresses[0].allocation_id + my_pub_ip: my_vms_eips.addresses[0].public_ip + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ addresses + +
+ list +
+ 		on success +
Properties of all Elastic IP addresses matching the provided filters. Each element is a dict with all the information related to an EIP.
+
+
Sample:
+
[{'allocation_id': 'eipalloc-64de1b01', 'association_id': 'eipassoc-0fe9ce90d6e983e97', 'domain': 'vpc', 'instance_id': 'i-01020cfeb25b0c84f', 'network_interface_id': 'eni-02fdeadfd4beef9323b', 'network_interface_owner_id': '0123456789', 'private_ip_address': '10.0.0.1', 'public_ip': '54.81.104.1', 'tags': {'Name': 'test-vm-54.81.104.1'}}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Brad Macpherson (@iiibrad) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_elb.rst b/docs/community.aws.ec2_elb.rst new file mode 100644 index 00000000000..e84487f9581 --- /dev/null +++ b/docs/community.aws.ec2_elb.rst @@ -0,0 +1,383 @@ + +.. _community.aws.ec2_elb_: + + +********************* +community.aws.ec2_elb +********************* + +**De-registers or registers instances from EC2 ELBs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module de-registers or registers an AWS EC2 instance from the ELBs that it belongs to. +- Returns fact "ec2_elbs" which is a list of elbs attached to the instance if state=absent is passed as an argument. +- Will be marked changed when called only if there are ELBs found to operate on. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_elbs + +
+ list +
+ 		+ + +
List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ enable_availability_zone + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
+
+
+ instance_id + +
+ string + / required
+ 		+ + +
EC2 Instance ID
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
register or deregister the instance
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Wait for instance registration or deregistration to complete successfully before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
0
+ 		+ +
Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # basic pre_task and post_task example + pre_tasks: + - name: Gathering ec2 facts + action: ec2_facts + - name: Instance De-register + local_action: + module: ec2_elb + instance_id: "{{ ansible_ec2_instance_id }}" + state: absent + roles: + - myrole + post_tasks: + - name: Instance Register + local_action: + module: ec2_elb + instance_id: "{{ ansible_ec2_instance_id }}" + ec2_elbs: "{{ item }}" + state: present + loop: "{{ ec2_elbs }}" + + + + + +Status +------ + + +Authors +~~~~~~~ + +- John Jarvis (@jarv) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_elb_info.rst b/docs/community.aws.ec2_elb_info.rst new file mode 100644 index 00000000000..7b5d7a5031a --- /dev/null +++ b/docs/community.aws.ec2_elb_info.rst @@ -0,0 +1,302 @@ + +.. _community.aws.ec2_elb_info_: + + +************************** +community.aws.ec2_elb_info +************************** + +**Gather information about EC2 Elastic Load Balancers in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about EC2 Elastic Load Balancers in AWS +- This module was called ``ec2_elb_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ names + +
+ list +
+ 		+ + +
List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Output format tries to match ec2_elb_lb module input parameters + + # Gather information about all ELBs + - action: + module: ec2_elb_info + register: elb_info + + - action: + module: debug + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + # Gather information about a particular ELB + - action: + module: ec2_elb_info + names: frontend-prod-elb + register: elb_info + + - action: + module: debug + msg: "{{ elb_info.elbs.0.dns_name }}" + + # Gather information about a set of ELBs + - action: + module: ec2_elb_info + names: + - frontend-prod-elb + - backend-prod-elb + register: elb_info + + - action: + module: debug + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Schultz (@mjschultz) +- Fernando Jose Pando (@nand0p) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_instance.rst b/docs/community.aws.ec2_instance.rst new file mode 100644 index 00000000000..60a3aed4565 --- /dev/null +++ b/docs/community.aws.ec2_instance.rst @@ -0,0 +1,2830 @@ + +.. _community.aws.ec2_instance_: + + +************************** +community.aws.ec2_instance +************************** + +**Create & manage EC2 instances** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create and manage AWS EC2 instances. +- Note: This module does not support creating `EC2 Spot instances `_. The :ref:`ec2 ` module can create and manage spot instances. + + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ availability_zone + +
+ string +
+ 		+ + +
Specify an availability zone to use the default subnet it. Useful if not specifying the vpc_subnet_id parameter.
+
If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cpu_credit_specification + +
+ string +
+ 		+
    Choices: +
  • unlimited
    • +
  • standard
    • +
+ 		+ +
For T series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.
+
Choose unlimited to enable buying additional CPU credits.
+
+
+ cpu_options + +
+ dictionary +
+ 		+ + +
Reduce the number of vCPU exposed to the instance.
+
Those parameters can only be set at instance launch. The two suboptions threads_per_core and core_count are mandatory.
+ +
Requires botocore >= 1.10.16
+
+
+ core_count + +
+ integer + / required
+ 		+ + +
Set the number of core to enable.
+
+
+ threads_per_core + +
+ integer + / required
+ 		+
    Choices: +
  • 1
    • +
  • 2
    • +
+ 		+ +
Select the number of threads per core to enable. Disable or Enable Intel HT.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ detailed_monitoring + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
+
+
+ ebs_optimized + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether instance is should use optimized EBS volumes, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html. for possible filters. Filter names and values are case sensitive.
+
By default, instances are filtered for counting by their "Name" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
+
+
+ image + +
+ dictionary +
+ 		+ + +
An image to use for the instance. The ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
+
+
+ id + +
+ string +
+ 		+ + +
The AMI ID.
+
+
+ kernel + +
+ - +
+ 		+ + +
a string AKI to override the AMI kernel.
+
+
+ ramdisk + +
+ string +
+ 		+ + +
Overrides the AMI's default ramdisk ID.
+
+
+ image_id + +
+ string +
+ 		+ + +
ami ID to use for the instance. One of image or image_id are required when instance is not already present.
+
This is an alias for image.id.
+
+
+ instance_ids + +
+ list +
+ 		+ + +
If you specify one or more instance IDs, only instances that have the specified IDs are returned.
+
+
+ instance_initiated_shutdown_behavior + +
+ string +
+ 		+
    Choices: +
  • stop
    • +
  • terminate
    • +
+ 		+ +
Whether to stop or terminate an instance upon shutdown.
+
+
+ instance_role + +
+ string +
+ 		+ + +
The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html If no full ARN is provided, the role with a matching name will be used from the active AWS account.
+
+
+ instance_type + +
+ string +
+ 		+ Default:
"t2.micro"
+ 		+ +
Instance type to use for the instance, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html Only required when instance is not already present.
+
+
+ key_name + +
+ string +
+ 		+ + +
Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
+
+
+ launch_template + +
+ dictionary +
+ 		+ + +
The EC2 launch template to base instance configuration on.
+
+
+ id + +
+ string +
+ 		+ + +
the ID of the launch template (optional if name is specified).
+
+
+ name + +
+ string +
+ 		+ + +
the pretty name of the launch template (optional if id is specified).
+
+
+ version + +
+ - +
+ 		+ + +
the specific version of the launch template to use. If unspecified, the template default is chosen.
+
+
+ name + +
+ string +
+ 		+ + +
The Name tag for the instance.
+
+
+ network + +
+ dictionary +
+ 		+ + +
Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.
+
Use the ec2_eni module to create ENIs with special settings.
+
+
+ assign_public_ip + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
when true assigns a public IP address to the interface
+
+
+ delete_on_termination + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Delete the interface when the instance it is attached to is terminated.
+
+
+ description + +
+ string +
+ 		+ + +
a description for the network interface
+
+
+ device_index + +
+ integer +
+ 		+ + +
The index of the interface to modify
+
+
+ groups + +
+ list +
+ 		+ + +
a list of security group IDs to attach to the interface
+
+
+ interfaces + +
+ list +
+ 		+ + +
a list of ENI IDs (strings) or a list of objects containing the key id.
+
+
+ ipv6_addresses + +
+ list +
+ 		+ + +
a list of IPv6 addresses to assign to the network interface
+
+
+ private_ip_address + +
+ string +
+ 		+ + +
an IPv4 address to assign to the interface
+
+
+ private_ip_addresses + +
+ list +
+ 		+ + +
a list of IPv4 addresses to assign to the network interface
+
+
+ source_dest_check + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
controls whether source/destination checking is enabled on the interface
+
+
+ subnet_id + +
+ string +
+ 		+ + +
the subnet to connect the network interface to
+
+
+ placement_group + +
+ string +
+ 		+ + +
The placement group that needs to be assigned to the instance
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_group + +
+ string +
+ 		+ + +
A security group ID or name. Mutually exclusive with security_groups.
+
+
+ security_groups + +
+ list +
+ 		+ + +
A list of security group IDs or names (strings). Mutually exclusive with security_group.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • terminated
    • +
  • running
    • +
  • started
    • +
  • stopped
    • +
  • restarted
    • +
  • rebooted
    • +
  • absent
    • +
+ 		+ +
Goal state for the instances.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
+
+
+ tenancy + +
+ string +
+ 		+
    Choices: +
  • dedicated
    • +
  • default
    • +
+ 		+ +
What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
+
+
+ termination_protection + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
+
+
+ tower_callback + +
+ dictionary +
+ 		+ + +
Preconfigured user-data to enable an instance to perform a Tower callback (Linux only).
+
Mutually exclusive with user_data.
+
For Windows instances, to enable remote access via Ansible set tower_callback.windows to true, and optionally set an admin password.
+
If using 'windows' and 'set_password', callback to Tower will not be performed but the instance will be ready to receive winrm connections from Ansible.
+
+
+ host_config_key + +
+ string +
+ 		+ + +
Host configuration secret key generated by the Tower job template.
+
+
+ job_template_id + +
+ string +
+ 		+ + +
Either the integer ID of the Tower Job Template, or the name (name supported only for Tower 3.2+).
+
+
+ tower_address + +
+ string +
+ 		+ + +
IP address or DNS name of Tower server. Must be accessible via this address from the VPC that this instance will be launched in.
+
+
+ user_data + +
+ string +
+ 		+ + +
Opaque blob of data which is made available to the ec2 instance
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ volumes + +
+ list +
+ 		+ + +
A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.
+
A mapping contains the (optional) keys device_name, virtual_name, ebs.volume_type, ebs.volume_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.
+ +
+
+ vpc_subnet_id + +
+ string +
+ 		+ + +
The subnet ID in which to launch the instance (VPC) If none is provided, ec2_instance will chose the default zone of the default VPC.
+

aliases: subnet_id
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether or not to wait for the desired state (use wait_timeout to customize this).
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
600
+ 		+ +
How long to wait (in seconds) for the instance to finish booting/terminating.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Terminate every running instance in a region. Use with EXTREME caution. + - ec2_instance: + state: absent + filters: + instance-state-name: running + + # restart a particular instance by its ID + - ec2_instance: + state: restarted + instance_ids: + - i-12345678 + + # start an instance with a public IP address + - ec2_instance: + name: "public-compute-instance" + key_name: "prod-ssh-key" + vpc_subnet_id: subnet-5ca1ab1e + instance_type: c5.large + security_group: default + network: + assign_public_ip: true + image_id: ami-123456 + tags: + Environment: Testing + + # start an instance and Add EBS + - ec2_instance: + name: "public-withebs-instance" + vpc_subnet_id: subnet-5ca1ab1e + instance_type: t2.micro + key_name: "prod-ssh-key" + security_group: default + volumes: + - device_name: /dev/sda1 + ebs: + volume_size: 16 + delete_on_termination: true + + # start an instance with a cpu_options + - ec2_instance: + name: "public-cpuoption-instance" + vpc_subnet_id: subnet-5ca1ab1e + tags: + Environment: Testing + instance_type: c4.large + volumes: + - device_name: /dev/sda1 + ebs: + delete_on_termination: true + cpu_options: + core_count: 1 + threads_per_core: 1 + + # start an instance and have it begin a Tower callback on boot + - ec2_instance: + name: "tower-callback-test" + key_name: "prod-ssh-key" + vpc_subnet_id: subnet-5ca1ab1e + security_group: default + tower_callback: + # IP or hostname of tower server + tower_address: 1.2.3.4 + job_template_id: 876 + host_config_key: '[secret config key goes here]' + network: + assign_public_ip: true + image_id: ami-123456 + cpu_credit_specification: unlimited + tags: + SomeThing: "A value" + + # start an instance with ENI (An existing ENI ID is required) + - ec2_instance: + name: "public-eni-instance" + key_name: "prod-ssh-key" + vpc_subnet_id: subnet-5ca1ab1e + network: + interfaces: + - id: "eni-12345" + tags: + Env: "eni_on" + volumes: + - device_name: /dev/sda1 + ebs: + delete_on_termination: true + instance_type: t2.micro + image_id: ami-123456 + + # add second ENI interface + - ec2_instance: + name: "public-eni-instance" + network: + interfaces: + - id: "eni-12345" + - id: "eni-67890" + image_id: ami-123456 + tags: + Env: "eni_on" + instance_type: t2.micro + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ instances + +
+ complex +
+ 		when wait == true +
a list of ec2 instances
+
+
  +
+ ami_launch_index + +
+ integer +
+ 		always +
The AMI launch index, which can be used to find this instance in the launch group.
+
+
  +
+ architecture + +
+ string +
+ 		always +
The architecture of the image
+
+
Sample:
+
x86_64
+
  +
+ block_device_mappings + +
+ complex +
+ 		always +
Any block device mapping entries for the instance.
+
+
   +
+ device_name + +
+ string +
+ 		always +
The device name exposed to the instance (for example, /dev/sdh or xvdh).
+
+
Sample:
+
/dev/sdh
+
   +
+ ebs + +
+ complex +
+ 		always +
Parameters used to automatically set up EBS volumes when the instance is launched.
+
+
    +
+ attach_time + +
+ string +
+ 		always +
The time stamp when the attachment initiated.
+
+
Sample:
+
2017-03-23T22:51:24+00:00
+
    +
+ delete_on_termination + +
+ boolean +
+ 		always +
Indicates whether the volume is deleted on instance termination.
+
+
Sample:
+
True
+
    +
+ status + +
+ string +
+ 		always +
The attachment state.
+
+
Sample:
+
attached
+
    +
+ volume_id + +
+ string +
+ 		always +
The ID of the EBS volume
+
+
Sample:
+
vol-12345678
+
  +
+ client_token + +
+ string +
+ 		always +
The idempotency token you provided when you launched the instance, if applicable.
+
+
Sample:
+
mytoken
+
  +
+ ebs_optimized + +
+ boolean +
+ 		always +
Indicates whether the instance is optimized for EBS I/O.
+
+
  +
+ hypervisor + +
+ string +
+ 		always +
The hypervisor type of the instance.
+
+
Sample:
+
xen
+
  +
+ iam_instance_profile + +
+ complex +
+ 		always +
The IAM instance profile associated with the instance, if applicable.
+
+
   +
+ arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the instance profile.
+
+
Sample:
+
arn:aws:iam::000012345678:instance-profile/myprofile
+
   +
+ id + +
+ string +
+ 		always +
The ID of the instance profile
+
+
Sample:
+
JFJ397FDG400FG9FD1N
+
  +
+ image_id + +
+ string +
+ 		always +
The ID of the AMI used to launch the instance.
+
+
Sample:
+
ami-0011223344
+
  +
+ instance_id + +
+ string +
+ 		always +
The ID of the instance.
+
+
Sample:
+
i-012345678
+
  +
+ instance_type + +
+ string +
+ 		always +
The instance type size of the running instance.
+
+
Sample:
+
t2.micro
+
  +
+ key_name + +
+ string +
+ 		always +
The name of the key pair, if this instance was launched with an associated key pair.
+
+
Sample:
+
my-key
+
  +
+ launch_time + +
+ string +
+ 		always +
The time the instance was launched.
+
+
Sample:
+
2017-03-23T22:51:24+00:00
+
  +
+ monitoring + +
+ complex +
+ 		always +
The monitoring for the instance.
+
+
   +
+ state + +
+ string +
+ 		always +
Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
+
+
Sample:
+
disabled
+
  +
+ network.source_dest_check + +
+ boolean +
+ 		always +
Indicates whether source/destination checking is enabled.
+
+
Sample:
+
True
+
  +
+ network_interfaces + +
+ complex +
+ 		always +
One or more network interfaces for the instance.
+
+
   +
+ association + +
+ complex +
+ 		always +
The association information for an Elastic IPv4 associated with the network interface.
+
+
    +
+ ip_owner_id + +
+ string +
+ 		always +
The ID of the owner of the Elastic IP address.
+
+
Sample:
+
amazon
+
    +
+ public_dns_name + +
+ string +
+ 		always +
The public DNS name.
+
+
    +
+ public_ip + +
+ string +
+ 		always +
The public IP address or Elastic IP address bound to the network interface.
+
+
Sample:
+
1.2.3.4
+
   +
+ attachment + +
+ complex +
+ 		always +
The network interface attachment.
+
+
    +
+ attach_time + +
+ string +
+ 		always +
The time stamp when the attachment initiated.
+
+
Sample:
+
2017-03-23T22:51:24+00:00
+
    +
+ attachment_id + +
+ string +
+ 		always +
The ID of the network interface attachment.
+
+
Sample:
+
eni-attach-3aff3f
+
    +
+ delete_on_termination + +
+ boolean +
+ 		always +
Indicates whether the network interface is deleted when the instance is terminated.
+
+
Sample:
+
True
+
    +
+ device_index + +
+ integer +
+ 		always +
The index of the device on the instance for the network interface attachment.
+
+
    +
+ status + +
+ string +
+ 		always +
The attachment state.
+
+
Sample:
+
attached
+
   +
+ description + +
+ string +
+ 		always +
The description.
+
+
Sample:
+
My interface
+
   +
+ groups + +
+ list + / elements=dictionary
+ 		always +
One or more security groups.
+
+
    +
+ group_id + +
+ string +
+ 		always +
The ID of the security group.
+
+
Sample:
+
sg-abcdef12
+
    +
+ group_name + +
+ string +
+ 		always +
The name of the security group.
+
+
Sample:
+
mygroup
+
   +
+ ipv6_addresses + +
+ list + / elements=dictionary
+ 		always +
One or more IPv6 addresses associated with the network interface.
+
+
    +
+ ipv6_address + +
+ string +
+ 		always +
The IPv6 address.
+
+
Sample:
+
2001:0db8:85a3:0000:0000:8a2e:0370:7334
+
   +
+ mac_address + +
+ string +
+ 		always +
The MAC address.
+
+
Sample:
+
00:11:22:33:44:55
+
   +
+ network_interface_id + +
+ string +
+ 		always +
The ID of the network interface.
+
+
Sample:
+
eni-01234567
+
   +
+ owner_id + +
+ string +
+ 		always +
The AWS account ID of the owner of the network interface.
+
+
Sample:
+
01234567890
+
   +
+ private_ip_address + +
+ string +
+ 		always +
The IPv4 address of the network interface within the subnet.
+
+
Sample:
+
10.0.0.1
+
   +
+ private_ip_addresses + +
+ list + / elements=dictionary
+ 		always +
The private IPv4 addresses associated with the network interface.
+
+
    +
+ association + +
+ complex +
+ 		always +
The association information for an Elastic IP address (IPv4) associated with the network interface.
+
+
     +
+ ip_owner_id + +
+ string +
+ 		always +
The ID of the owner of the Elastic IP address.
+
+
Sample:
+
amazon
+
     +
+ public_dns_name + +
+ string +
+ 		always +
The public DNS name.
+
+
     +
+ public_ip + +
+ string +
+ 		always +
The public IP address or Elastic IP address bound to the network interface.
+
+
Sample:
+
1.2.3.4
+
    +
+ primary + +
+ boolean +
+ 		always +
Indicates whether this IPv4 address is the primary private IP address of the network interface.
+
+
Sample:
+
True
+
    +
+ private_ip_address + +
+ string +
+ 		always +
The private IPv4 address of the network interface.
+
+
Sample:
+
10.0.0.1
+
   +
+ source_dest_check + +
+ boolean +
+ 		always +
Indicates whether source/destination checking is enabled.
+
+
Sample:
+
True
+
   +
+ status + +
+ string +
+ 		always +
The status of the network interface.
+
+
Sample:
+
in-use
+
   +
+ subnet_id + +
+ string +
+ 		always +
The ID of the subnet for the network interface.
+
+
Sample:
+
subnet-0123456
+
   +
+ vpc_id + +
+ string +
+ 		always +
The ID of the VPC for the network interface.
+
+
Sample:
+
vpc-0123456
+
  +
+ placement + +
+ complex +
+ 		always +
The location where the instance launched, if applicable.
+
+
   +
+ availability_zone + +
+ string +
+ 		always +
The Availability Zone of the instance.
+
+
Sample:
+
ap-southeast-2a
+
   +
+ group_name + +
+ string +
+ 		always +
The name of the placement group the instance is in (for cluster compute instances).
+
+
   +
+ tenancy + +
+ string +
+ 		always +
The tenancy of the instance (if the instance is running in a VPC).
+
+
Sample:
+
default
+
  +
+ private_dns_name + +
+ string +
+ 		always +
The private DNS name.
+
+
Sample:
+
ip-10-0-0-1.ap-southeast-2.compute.internal
+
  +
+ private_ip_address + +
+ string +
+ 		always +
The IPv4 address of the network interface within the subnet.
+
+
Sample:
+
10.0.0.1
+
  +
+ product_codes + +
+ list + / elements=dictionary
+ 		always +
One or more product codes.
+
+
   +
+ product_code_id + +
+ string +
+ 		always +
The product code.
+
+
Sample:
+
aw0evgkw8ef3n2498gndfgasdfsd5cce
+
   +
+ product_code_type + +
+ string +
+ 		always +
The type of product code.
+
+
Sample:
+
marketplace
+
  +
+ public_dns_name + +
+ string +
+ 		always +
The public DNS name assigned to the instance.
+
+
  +
+ public_ip_address + +
+ string +
+ 		always +
The public IPv4 address assigned to the instance
+
+
Sample:
+
52.0.0.1
+
  +
+ root_device_name + +
+ string +
+ 		always +
The device name of the root device
+
+
Sample:
+
/dev/sda1
+
  +
+ root_device_type + +
+ string +
+ 		always +
The type of root device used by the AMI.
+
+
Sample:
+
ebs
+
  +
+ security_groups + +
+ list + / elements=dictionary
+ 		always +
One or more security groups for the instance.
+
+
   +
+ group_id + +
+ string +
+ 		always +
The ID of the security group.
+
+
Sample:
+
sg-0123456
+
   +
+ group_name + +
+ string +
+ 		always +
The name of the security group.
+
+
Sample:
+
my-security-group
+
  +
+ state + +
+ complex +
+ 		always +
The current state of the instance.
+
+
   +
+ code + +
+ integer +
+ 		always +
The low byte represents the state.
+
+
Sample:
+
16
+
   +
+ name + +
+ string +
+ 		always +
The name of the state.
+
+
Sample:
+
running
+
  +
+ state_transition_reason + +
+ string +
+ 		always +
The reason for the most recent state transition.
+
+
  +
+ subnet_id + +
+ string +
+ 		always +
The ID of the subnet in which the instance is running.
+
+
Sample:
+
subnet-00abcdef
+
  +
+ tags + +
+ dictionary +
+ 		always +
Any tags assigned to the instance.
+
+
  +
+ virtualization_type + +
+ string +
+ 		always +
The type of virtualization of the AMI.
+
+
Sample:
+
hvm
+
  +
+ vpc_id + +
+ dictionary +
+ 		always +
The ID of the VPC the instance is in.
+
+
Sample:
+
vpc-0011223344
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_instance_info.rst b/docs/community.aws.ec2_instance_info.rst new file mode 100644 index 00000000000..f4d1e69c859 --- /dev/null +++ b/docs/community.aws.ec2_instance_info.rst @@ -0,0 +1,1859 @@ + +.. _community.aws.ec2_instance_info_: + + +******************************* +community.aws.ec2_instance_info +******************************* + +**Gather information about ec2 instances in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 instances in AWS +- This module was called ``ec2_instance_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for possible filters. Filter names and values are case sensitive.
+
+
+ instance_ids + +
+ list +
+ 		+ + +
If you specify one or more instance IDs, only instances that have the specified IDs are returned.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all instances + - ec2_instance_info: + + # Gather information about all instances in AZ ap-southeast-2a + - ec2_instance_info: + filters: + availability-zone: ap-southeast-2a + + # Gather information about a particular instance using ID + - ec2_instance_info: + instance_ids: + - i-12345678 + + # Gather information about any instance with a tag key Name and value Example + - ec2_instance_info: + filters: + "tag:Name": Example + + # Gather information about any instance in states "shutting-down", "stopping", "stopped" + - ec2_instance_info: + filters: + instance-state-name: [ "shutting-down", "stopping", "stopped" ] + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ instances + +
+ complex +
+ 		always +
a list of ec2 instances
+
+
  +
+ ami_launch_index + +
+ integer +
+ 		always +
The AMI launch index, which can be used to find this instance in the launch group.
+
+
  +
+ architecture + +
+ string +
+ 		always +
The architecture of the image
+
+
Sample:
+
x86_64
+
  +
+ block_device_mappings + +
+ complex +
+ 		always +
Any block device mapping entries for the instance.
+
+
   +
+ device_name + +
+ string +
+ 		always +
The device name exposed to the instance (for example, /dev/sdh or xvdh).
+
+
Sample:
+
/dev/sdh
+
   +
+ ebs + +
+ complex +
+ 		always +
Parameters used to automatically set up EBS volumes when the instance is launched.
+
+
    +
+ attach_time + +
+ string +
+ 		always +
The time stamp when the attachment initiated.
+
+
Sample:
+
2017-03-23T22:51:24+00:00
+
    +
+ delete_on_termination + +
+ boolean +
+ 		always +
Indicates whether the volume is deleted on instance termination.
+
+
Sample:
+
True
+
    +
+ status + +
+ string +
+ 		always +
The attachment state.
+
+
Sample:
+
attached
+
    +
+ volume_id + +
+ string +
+ 		always +
The ID of the EBS volume
+
+
Sample:
+
vol-12345678
+
  +
+ client_token + +
+ string +
+ 		always +
The idempotency token you provided when you launched the instance, if applicable.
+
+
Sample:
+
mytoken
+
  +
+ cpu_options + +
+ complex +
+ 		always if botocore version >= 1.10.16 +
The CPU options set for the instance.
+
+
   +
+ core_count + +
+ integer +
+ 		always +
The number of CPU cores for the instance.
+
+
Sample:
+
1
+
   +
+ threads_per_core + +
+ integer +
+ 		always +
The number of threads per CPU core. On supported instance, a value of 1 means Intel Hyper-Threading Technology is disabled.
+
+
Sample:
+
1
+
  +
+ ebs_optimized + +
+ boolean +
+ 		always +
Indicates whether the instance is optimized for EBS I/O.
+
+
  +
+ hypervisor + +
+ string +
+ 		always +
The hypervisor type of the instance.
+
+
Sample:
+
xen
+
  +
+ iam_instance_profile + +
+ complex +
+ 		always +
The IAM instance profile associated with the instance, if applicable.
+
+
   +
+ arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the instance profile.
+
+
Sample:
+
arn:aws:iam::000012345678:instance-profile/myprofile
+
   +
+ id + +
+ string +
+ 		always +
The ID of the instance profile
+
+
Sample:
+
JFJ397FDG400FG9FD1N
+
  +
+ image_id + +
+ string +
+ 		always +
The ID of the AMI used to launch the instance.
+
+
Sample:
+
ami-0011223344
+
  +
+ instance_id + +
+ string +
+ 		always +
The ID of the instance.
+
+
Sample:
+
i-012345678
+
  +
+ instance_type + +
+ string +
+ 		always +
The instance type size of the running instance.
+
+
Sample:
+
t2.micro
+
  +
+ key_name + +
+ string +
+ 		always +
The name of the key pair, if this instance was launched with an associated key pair.
+
+
Sample:
+
my-key
+
  +
+ launch_time + +
+ string +
+ 		always +
The time the instance was launched.
+
+
Sample:
+
2017-03-23T22:51:24+00:00
+
  +
+ monitoring + +
+ complex +
+ 		always +
The monitoring for the instance.
+
+
   +
+ state + +
+ string +
+ 		always +
Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
+
+
Sample:
+
disabled
+
  +
+ network_interfaces + +
+ complex +
+ 		always +
One or more network interfaces for the instance.
+
+
   +
+ association + +
+ complex +
+ 		always +
The association information for an Elastic IPv4 associated with the network interface.
+
+
    +
+ ip_owner_id + +
+ string +
+ 		always +
The ID of the owner of the Elastic IP address.
+
+
Sample:
+
amazon
+
    +
+ public_dns_name + +
+ string +
+ 		always +
The public DNS name.
+
+
    +
+ public_ip + +
+ string +
+ 		always +
The public IP address or Elastic IP address bound to the network interface.
+
+
Sample:
+
1.2.3.4
+
   +
+ attachment + +
+ complex +
+ 		always +
The network interface attachment.
+
+
    +
+ attach_time + +
+ string +
+ 		always +
The time stamp when the attachment initiated.
+
+
Sample:
+
2017-03-23T22:51:24+00:00
+
    +
+ attachment_id + +
+ string +
+ 		always +
The ID of the network interface attachment.
+
+
Sample:
+
eni-attach-3aff3f
+
    +
+ delete_on_termination + +
+ boolean +
+ 		always +
Indicates whether the network interface is deleted when the instance is terminated.
+
+
Sample:
+
True
+
    +
+ device_index + +
+ integer +
+ 		always +
The index of the device on the instance for the network interface attachment.
+
+
    +
+ status + +
+ string +
+ 		always +
The attachment state.
+
+
Sample:
+
attached
+
   +
+ description + +
+ string +
+ 		always +
The description.
+
+
Sample:
+
My interface
+
   +
+ groups + +
+ list + / elements=dictionary
+ 		always +
One or more security groups.
+
+
    +
+ group_id + +
+ string +
+ 		always +
The ID of the security group.
+
+
Sample:
+
sg-abcdef12
+
    +
+ group_name + +
+ string +
+ 		always +
The name of the security group.
+
+
Sample:
+
mygroup
+
   +
+ ipv6_addresses + +
+ list + / elements=dictionary
+ 		always +
One or more IPv6 addresses associated with the network interface.
+
+
    +
+ ipv6_address + +
+ string +
+ 		always +
The IPv6 address.
+
+
Sample:
+
2001:0db8:85a3:0000:0000:8a2e:0370:7334
+
   +
+ mac_address + +
+ string +
+ 		always +
The MAC address.
+
+
Sample:
+
00:11:22:33:44:55
+
   +
+ network_interface_id + +
+ string +
+ 		always +
The ID of the network interface.
+
+
Sample:
+
eni-01234567
+
   +
+ owner_id + +
+ string +
+ 		always +
The AWS account ID of the owner of the network interface.
+
+
Sample:
+
01234567890
+
   +
+ private_ip_address + +
+ string +
+ 		always +
The IPv4 address of the network interface within the subnet.
+
+
Sample:
+
10.0.0.1
+
   +
+ private_ip_addresses + +
+ list + / elements=dictionary
+ 		always +
The private IPv4 addresses associated with the network interface.
+
+
    +
+ association + +
+ complex +
+ 		always +
The association information for an Elastic IP address (IPv4) associated with the network interface.
+
+
     +
+ ip_owner_id + +
+ string +
+ 		always +
The ID of the owner of the Elastic IP address.
+
+
Sample:
+
amazon
+
     +
+ public_dns_name + +
+ string +
+ 		always +
The public DNS name.
+
+
     +
+ public_ip + +
+ string +
+ 		always +
The public IP address or Elastic IP address bound to the network interface.
+
+
Sample:
+
1.2.3.4
+
    +
+ primary + +
+ boolean +
+ 		always +
Indicates whether this IPv4 address is the primary private IP address of the network interface.
+
+
Sample:
+
True
+
    +
+ private_ip_address + +
+ string +
+ 		always +
The private IPv4 address of the network interface.
+
+
Sample:
+
10.0.0.1
+
   +
+ source_dest_check + +
+ boolean +
+ 		always +
Indicates whether source/destination checking is enabled.
+
+
Sample:
+
True
+
   +
+ status + +
+ string +
+ 		always +
The status of the network interface.
+
+
Sample:
+
in-use
+
   +
+ subnet_id + +
+ string +
+ 		always +
The ID of the subnet for the network interface.
+
+
Sample:
+
subnet-0123456
+
   +
+ vpc_id + +
+ string +
+ 		always +
The ID of the VPC for the network interface.
+
+
Sample:
+
vpc-0123456
+
  +
+ placement + +
+ complex +
+ 		always +
The location where the instance launched, if applicable.
+
+
   +
+ availability_zone + +
+ string +
+ 		always +
The Availability Zone of the instance.
+
+
Sample:
+
ap-southeast-2a
+
   +
+ group_name + +
+ string +
+ 		always +
The name of the placement group the instance is in (for cluster compute instances).
+
+
   +
+ tenancy + +
+ string +
+ 		always +
The tenancy of the instance (if the instance is running in a VPC).
+
+
Sample:
+
default
+
  +
+ private_dns_name + +
+ string +
+ 		always +
The private DNS name.
+
+
Sample:
+
ip-10-0-0-1.ap-southeast-2.compute.internal
+
  +
+ private_ip_address + +
+ string +
+ 		always +
The IPv4 address of the network interface within the subnet.
+
+
Sample:
+
10.0.0.1
+
  +
+ product_codes + +
+ list + / elements=dictionary
+ 		always +
One or more product codes.
+
+
   +
+ product_code_id + +
+ string +
+ 		always +
The product code.
+
+
Sample:
+
aw0evgkw8ef3n2498gndfgasdfsd5cce
+
   +
+ product_code_type + +
+ string +
+ 		always +
The type of product code.
+
+
Sample:
+
marketplace
+
  +
+ public_dns_name + +
+ string +
+ 		always +
The public DNS name assigned to the instance.
+
+
  +
+ public_ip_address + +
+ string +
+ 		always +
The public IPv4 address assigned to the instance
+
+
Sample:
+
52.0.0.1
+
  +
+ root_device_name + +
+ string +
+ 		always +
The device name of the root device
+
+
Sample:
+
/dev/sda1
+
  +
+ root_device_type + +
+ string +
+ 		always +
The type of root device used by the AMI.
+
+
Sample:
+
ebs
+
  +
+ security_groups + +
+ list + / elements=dictionary
+ 		always +
One or more security groups for the instance.
+
+
   +
+ group_id + +
+ string +
+ 		always +
The ID of the security group.
+
+
Sample:
+
sg-0123456
+
   +
+ group_name + +
+ string +
+ 		always +
The name of the security group.
+
+
Sample:
+
my-security-group
+
  +
+ source_dest_check + +
+ boolean +
+ 		always +
Indicates whether source/destination checking is enabled.
+
+
Sample:
+
True
+
  +
+ state + +
+ complex +
+ 		always +
The current state of the instance.
+
+
   +
+ code + +
+ integer +
+ 		always +
The low byte represents the state.
+
+
Sample:
+
16
+
   +
+ name + +
+ string +
+ 		always +
The name of the state.
+
+
Sample:
+
running
+
  +
+ state_transition_reason + +
+ string +
+ 		always +
The reason for the most recent state transition.
+
+
  +
+ subnet_id + +
+ string +
+ 		always +
The ID of the subnet in which the instance is running.
+
+
Sample:
+
subnet-00abcdef
+
  +
+ tags + +
+ dictionary +
+ 		always +
Any tags assigned to the instance.
+
+
  +
+ virtualization_type + +
+ string +
+ 		always +
The type of virtualization of the AMI.
+
+
Sample:
+
hvm
+
  +
+ vpc_id + +
+ dictionary +
+ 		always +
The ID of the VPC the instance is in.
+
+
Sample:
+
vpc-0011223344
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael Schuett (@michaeljs1990) +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_launch_template.rst b/docs/community.aws.ec2_launch_template.rst new file mode 100644 index 00000000000..68446d3d812 --- /dev/null +++ b/docs/community.aws.ec2_launch_template.rst @@ -0,0 +1,1485 @@ + +.. _community.aws.ec2_launch_template_: + + +********************************* +community.aws.ec2_launch_template +********************************* + +**Manage EC2 launch templates** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modify, and delete EC2 Launch Templates, which can be used to create individual instances or with Autoscaling Groups. +- The *ec2_instance* and *ec2_asg* modules can, instead of specifying all parameters on those tasks, be passed a Launch Template which contains settings like instance size, disk type, subnet, and more. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.6.0 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ block_device_mappings + +
+ list + / elements=dictionary
+ 		+ + +
The block device mapping. Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.
+
+
+ device_name + +
+ string +
+ 		+ + +
The device name (for example, /dev/sdh or xvdh).
+
+
+ ebs + +
+ dictionary +
+ 		+ + +
Parameters used to automatically set up EBS volumes when the instance is launched.
+
+
+ delete_on_termination + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether the EBS volume is deleted on instance termination.
+
+
+ encrypted + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
+
+
+ iops + +
+ integer +
+ 		+ + +
The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide.
+
Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
+
+
+ snapshot_id + +
+ string +
+ 		+ + +
The ID of the snapshot to create the volume from.
+
+
+ volume_size + +
+ integer +
+ 		+ + +
The size of the volume, in GiB.
+
Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.
+
+
+ volume_type + +
+ string +
+ 		+ + +
The volume type
+
+
+ no_device + +
+ string +
+ 		+ + +
Suppresses the specified device included in the block device mapping of the AMI.
+
+
+ virtual_name + +
+ string +
+ 		+ + +
The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
+
+
+ cpu_options + +
+ dictionary +
+ 		+ + +
Choose CPU settings for the EC2 instances that will be created with this template.
+ +
+
+ core_count + +
+ integer +
+ 		+ + +
The number of CPU cores for the instance.
+
+
+ threads_per_core + +
+ integer +
+ 		+ + +
The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.
+
+
+ credit_specification + +
+ dictionary +
+ 		+ + +
The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.
+
+
+ cpu_credits + +
+ string +
+ 		+ + +
The credit option for CPU usage of a T2 or T3 instance. Valid values are standard and unlimited.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ default_version + +
+ string +
+ 		+ Default:
"latest"
+ 		+ +
Which version should be the default when users spin up new instances based on this template? By default, the latest version will be made the default.
+
+
+ disable_api_termination + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
This helps protect instances from accidental termination. If set to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute.
+
+
+ ebs_optimized + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ elastic_gpu_specifications + +
+ list + / elements=dictionary
+ 		+ + +
Settings for Elastic GPU attachments. See https://aws.amazon.com/ec2/elastic-gpus/ for details.
+
+
+ type + +
+ string +
+ 		+ + +
The type of Elastic GPU to attach
+
+
+ iam_instance_profile + +
+ string +
+ 		+ + +
The name or ARN of an IAM instance profile. Requires permissions to describe existing instance roles to confirm ARN is properly formed.
+
+
+ image_id + +
+ string +
+ 		+ + +
The AMI ID to use for new instances launched with this template. This value is region-dependent since AMIs are not global resources.
+
+
+ instance_initiated_shutdown_behavior + +
+ string +
+ 		+
    Choices: +
  • stop
    • +
  • terminate
    • +
+ 		+ +
Indicates whether an instance stops or terminates when you initiate shutdown from the instance using the operating system shutdown command.
+
+
+ instance_market_options + +
+ dictionary +
+ 		+ + +
Options for alternative instance markets, currently only the spot market is supported.
+
+
+ market_type + +
+ string +
+ 		+ + +
The market type. This should always be 'spot'.
+
+
+ spot_options + +
+ dictionary +
+ 		+ + +
Spot-market specific settings.
+
+
+ block_duration_minutes + +
+ integer +
+ 		+ + +
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
+
+
+ instance_interruption_behavior + +
+ string +
+ 		+
    Choices: +
  • hibernate
    • +
  • stop
    • +
  • terminate
    • +
+ 		+ +
The behavior when a Spot Instance is interrupted. The default is terminate.
+
+
+ max_price + +
+ string +
+ 		+ + +
The highest hourly price you're willing to pay for this Spot Instance.
+
+
+ spot_instance_type + +
+ string +
+ 		+
    Choices: +
  • one-time
    • +
  • persistent
    • +
+ 		+ +
The request type to send.
+
+
+ instance_type + +
+ string +
+ 		+ + +
The instance type, such as c5.2xlarge. For a full list of instance types, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html.
+
+
+ kernel_id + +
+ string +
+ 		+ + +
The ID of the kernel. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
+
+
+ key_name + +
+ string +
+ 		+ + +
The name of the key pair. You can create a key pair using ec2_key.
+
If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
+
+
+ monitoring + +
+ dictionary +
+ 		+ + +
Settings for instance monitoring.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to turn on detailed monitoring for new instances. This will incur extra charges.
+
+
+ network_interfaces + +
+ list + / elements=dictionary
+ 		+ + +
One or more network interfaces.
+
+
+ associate_public_ip_address + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Associates a public IPv4 address with eth0 for a new network interface.
+
+
+ delete_on_termination + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether the network interface is deleted when the instance is terminated.
+
+
+ description + +
+ string +
+ 		+ + +
A description for the network interface.
+
+
+ device_index + +
+ integer +
+ 		+ + +
The device index for the network interface attachment.
+
+
+ groups + +
+ list + / elements=string
+ 		+ + +
List of security group IDs to include on this instance.
+
+
+ ipv6_address_count + +
+ integer +
+ 		+ + +
The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying the ipv6_addresses option.
+
+
+ ipv6_addresses + +
+ list + / elements=string
+ 		+ + +
A list of one or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying the ipv6_address_count option.
+
+
+ network_interface_id + +
+ string +
+ 		+ + +
The eni ID of a network interface to attach.
+
+
+ private_ip_address + +
+ string +
+ 		+ + +
The primary private IPv4 address of the network interface.
+
+
+ subnet_id + +
+ string +
+ 		+ + +
The ID of the subnet for the network interface.
+
+
+ placement + +
+ dictionary +
+ 		+ + +
The placement group settings for the instance.
+
+
+ affinity + +
+ string +
+ 		+ + +
The affinity setting for an instance on a Dedicated Host.
+
+
+ availability_zone + +
+ string +
+ 		+ + +
The Availability Zone for the instance.
+
+
+ group_name + +
+ string +
+ 		+ + +
The name of the placement group for the instance.
+
+
+ host_id + +
+ string +
+ 		+ + +
The ID of the Dedicated Host for the instance.
+
+
+ tenancy + +
+ string +
+ 		+ + +
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ ram_disk_id + +
+ string +
+ 		+ + +
The ID of the RAM disk to launch the instance with. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_group_ids + +
+ list + / elements=string
+ 		+ + +
A list of security group IDs (VPC or EC2-Classic) that the new instances will be added to.
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the launch template should exist or not.
+
Deleting specific versions of a launch template is not supported at this time.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A set of key-value pairs to be applied to resources when this Launch Template is used.
+
Tag key constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:
+
Tag value constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
+
+
+ template_id + +
+ string +
+ 		+ + +
The ID for the launch template, can be used for all cases except creating a new Launch Template.
+

aliases: id
+
+
+ template_name + +
+ string +
+ 		+ + +
The template name. This must be unique in the region-account combination you are using.
+

aliases: name
+
+
+ user_data + +
+ string +
+ 		+ + +
The Base64-encoded user data to make available to the instance. For more information, see the Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html and Windows http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data documentation on user-data.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create an ec2 launch template + ec2_launch_template: + name: "my_template" + image_id: "ami-04b762b4289fba92b" + key_name: my_ssh_key + instance_type: t2.micro + iam_instance_profile: myTestProfile + disable_api_termination: true + + - name: > + Create a new version of an existing ec2 launch template with a different instance type, + while leaving an older version as the default version + ec2_launch_template: + name: "my_template" + default_version: 1 + instance_type: c5.4xlarge + + - name: Delete an ec2 launch template + ec2_launch_template: + name: "my_template" + state: absent + + # This module does not yet allow deletion of specific versions of launch templates + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ default_version + +
+ integer +
+ 		when state=present +
The version that will be used if only the template name is specified. Often this is the same as the latest version, but not always.
+
+
+
+ latest_version + +
+ integer +
+ 		when state=present +
Latest available version of the launch template
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_lc.rst b/docs/community.aws.ec2_lc.rst new file mode 100644 index 00000000000..b926daede4d --- /dev/null +++ b/docs/community.aws.ec2_lc.rst @@ -0,0 +1,1554 @@ + +.. _community.aws.ec2_lc_: + + +******************** +community.aws.ec2_lc +******************** + +**Create or delete AWS Autoscaling Launch Configurations** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete AWS Autoscaling Configurations. +- Works with the ec2_asg module to manage Autoscaling Groups. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.4.4 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ assign_public_ip + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
+
+
+ associate_public_ip_address + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
The associate_public_ip_address option does nothing and will be removed in Ansible 2.14.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ classic_link_vpc_id + +
+ string +
+ 		+ + +
Id of ClassicLink enabled VPC
+
+
+ classic_link_vpc_security_groups + +
+ list + / elements=string
+ 		+ + +
A list of security group IDs with which to associate the ClassicLink VPC instances.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ebs_optimized + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specifies whether the instance is optimized for EBS I/O (true) or not (false).
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ image_id + +
+ string +
+ 		+ + +
The AMI unique identifier to be used for the group.
+
+
+ instance_id + +
+ string +
+ 		+ + +
The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
+
+
+ instance_monitoring + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Specifies whether instances are launched with detailed monitoring.
+
+
+ instance_profile_name + +
+ string +
+ 		+ + +
The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
+
+
+ instance_type + +
+ string +
+ 		+ + +
Instance type to use for the instance.
+
Required when creating a new Launch Configuration.
+
+
+ kernel_id + +
+ string +
+ 		+ + +
Kernel id for the EC2 instance.
+
+
+ key_name + +
+ string +
+ 		+ + +
The SSH key name to be used for access to managed instances.
+
+
+ name + +
+ string + / required
+ 		+ + +
Unique name for configuration.
+
+
+ placement_tenancy + +
+ string +
+ 		+
    Choices: +
  • default
    • +
  • dedicated
    • +
+ 		+ +
Determines whether the instance runs on single-tenant hardware or not.
+
When not set AWS will default to default.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ ramdisk_id + +
+ string +
+ 		+ + +
A RAM disk id for the instances.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ spot_price + +
+ float +
+ 		+ + +
The spot price you are bidding. Only applies for an autoscaling group with spot instances.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Register or deregister the instance.
+
+
+ user_data + +
+ string +
+ 		+ + +
Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with user_data_path.
+
+
+ user_data_path + +
+ path +
+ 		+ + +
Path to the file that contains userdata for the ec2 instances. Mutually exclusive with user_data.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ volumes + +
+ list + / elements=dictionary
+ 		+ + +
A list dictionaries defining the volumes to create.
+
For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
+
+
+ delete_on_termination + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether the volume should be automatically deleted when the instance is terminated.
+
+
+ device_name + +
+ string + / required
+ 		+ + +
The name for the volume (For example /dev/sda).
+
+
+ encrypted + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether the volume should be encrypted using the 'aws/ebs' KMS CMK.
+
+
+ ephemeral + +
+ string +
+ 		+ + +
Whether the volume should be ephemeral.
+
Data on ephemeral volumes is lost when the instance is stopped.
+
Mutually exclusive with the snapshot parameter.
+
+
+ iops + +
+ integer +
+ 		+ + +
The number of IOPS per second to provision for the volume.
+
Required when volume_type=io1.
+
+
+ no_device + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
When no_device=true the device will not be created.
+
+
+ snapshot + +
+ string +
+ 		+ + +
The ID of an EBS snapshot to copy when creating the volume.
+
Mutually exclusive with the ephemeral parameter.
+
+
+ volume_size + +
+ integer +
+ 		+ + +
The size of the volume (in GiB).
+
Required unless one of ephemeral, snapshot or no_device is set.
+
+
+ volume_type + +
+ string +
+ 		+ + +
The type of volume to create.
+
See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html for more information on the available volume types.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
VPC ID, used when resolving security group names to IDs.
+
+
+ + +Notes +----- + +.. note:: + - Amazon ASG Autoscaling Launch Configurations are immutable once created, so modifying the configuration after it is changed will not modify the launch configuration on AWS. You must create a new config and assign it to the ASG instead. + - encrypted volumes are supported on versions >= 2.4 + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a launch configuration using an AMI image and instance type as a basis + + - name: note that encrypted volumes are only supported in >= Ansible 2.4 + ec2_lc: + name: special + image_id: ami-XXX + key_name: default + security_groups: ['group', 'group2' ] + instance_type: t1.micro + volumes: + - device_name: /dev/sda1 + volume_size: 100 + volume_type: io1 + iops: 3000 + delete_on_termination: true + encrypted: true + - device_name: /dev/sdb + ephemeral: ephemeral0 + + # create a launch configuration using a running instance id as a basis + + - ec2_lc: + name: special + instance_id: i-00a48b207ec59e948 + key_name: default + security_groups: ['launch-wizard-2' ] + volumes: + - device_name: /dev/sda1 + volume_size: 120 + volume_type: io1 + iops: 3000 + delete_on_termination: true + + # create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image + + - ec2_lc: + name: special + image_id: ami-XXX + key_name: default + security_groups: ['group', 'group2' ] + instance_type: t1.micro + volumes: + - device_name: /dev/sdf + no_device: true + + - name: Use EBS snapshot ID for volume + block: + - name: Set Volume Facts + set_fact: + volumes: + - device_name: /dev/sda1 + volume_size: 20 + ebs: + snapshot: snap-XXXX + volume_type: gp2 + delete_on_termination: true + encrypted: no + + - name: Create launch configuration + ec2_lc: + name: lc1 + image_id: ami-xxxx + assign_public_ip: yes + instance_type: t2.medium + key_name: my-key + security_groups: "['sg-xxxx']" + volumes: "{{ volumes }}" + register: lc_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ arn + +
+ string +
+ 		when state=present +
The Amazon Resource Name of the launch configuration.
+
+
Sample:
+
arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
+
+
+ changed + +
+ boolean +
+ 		always +
Whether the state of the launch configuration has changed.
+
+
+
+ created_time + +
+ string +
+ 		when state=present +
The creation date and time for the launch configuration.
+
+
Sample:
+
2017-11-03 23:46:44.841000
+
+
+ image_id + +
+ string +
+ 		when state=present +
The ID of the Amazon Machine Image used by the launch configuration.
+
+
Sample:
+
ami-9be6f38c
+
+
+ instance_type + +
+ string +
+ 		when state=present +
The instance type for the instances.
+
+
Sample:
+
t1.micro
+
+
+ name + +
+ string +
+ 		when state=present +
The name of the launch configuration.
+
+
Sample:
+
launch_config_name
+
+
+ result + +
+ complex +
+ 		when state=present +
The specification details for the launch configuration.
+
+
  +
+ associate_public_ip_address + +
+ boolean +
+ 		when state=present +
(EC2-VPC) Indicates whether to assign a public IP address to each instance.
+
+
  +
+ block_device_mappings + +
+ complex +
+ 		when state=present +
A block device mapping, which specifies the block devices.
+
+
   +
+ device_name + +
+ string +
+ 		when state=present +
The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).
+
+
Sample:
+
/dev/sda1
+
   +
+ ebs + +
+ complex +
+ 		when state=present +
The information about the Amazon EBS volume.
+
+
    +
+ snapshot_id + +
+ string +
+ 		when state=present +
The ID of the snapshot.
+
+
    +
+ volume_size + +
+ string +
+ 		when state=present +
The volume size, in GiB.
+
+
Sample:
+
100
+
   +
+ virtual_name + +
+ string +
+ 		when state=present +
The name of the virtual device (for example, ephemeral0).
+
+
Sample:
+
ephemeral0
+
  +
+ classic_link_vpc_id + +
+ string +
+ 		when state=present +
The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
+
+
  +
+ classic_link_vpc_security_groups + +
+ list +
+ 		when state=present +
The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId.
+
+
  +
+ created_time + +
+ string +
+ 		when state=present +
The creation date and time for the launch configuration.
+
+
Sample:
+
2017-11-03 23:46:44.841000
+
  +
+ delete_on_termination + +
+ boolean +
+ 		when state=present +
Indicates whether the volume is deleted on instance termination.
+
+
Sample:
+
True
+
  +
+ ebs_optimized + +
+ boolean +
+ 		when state=present +
Indicates whether the instance is optimized for EBS I/O (true) or not (false).
+
+
  +
+ image_id + +
+ string +
+ 		when state=present +
The ID of the Amazon Machine Image used by the launch configuration.
+
+
Sample:
+
ami-9be6f38c
+
  +
+ instance_monitoring + +
+ boolean +
+ 		when state=present +
Indicates whether instances in this group are launched with detailed (true) or basic (false) monitoring.
+
+
Sample:
+
True
+
  +
+ instance_profile_name + +
+ string +
+ 		when state=present +
The name or Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance.
+
+
  +
+ instance_type + +
+ string +
+ 		when state=present +
The instance type for the instances.
+
+
Sample:
+
t1.micro
+
  +
+ iops + +
+ integer +
+ 		when state=present +
The number of I/O operations per second (IOPS) to provision for the volume.
+
+
  +
+ kernel_id + +
+ string +
+ 		when state=present +
The ID of the kernel associated with the AMI.
+
+
  +
+ key_name + +
+ string +
+ 		when state=present +
The name of the key pair.
+
+
Sample:
+
testkey
+
  +
+ launch_configuration_arn + +
+ string +
+ 		when state=present +
The Amazon Resource Name (ARN) of the launch configuration.
+
+
Sample:
+
arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
+
  +
+ member + +
+ string +
+ 		when state=present +
+
+
Sample:
+
+
  +
+ name + +
+ string +
+ 		when state=present +
The name of the launch configuration.
+
+
Sample:
+
launch_config_name
+
  +
+ PlacementTenancy + +
+ string +
+ 		when state=present +
The tenancy of the instances, either default or dedicated.
+
+
Sample:
+
default
+
  +
+ ramdisk_id + +
+ string +
+ 		when state=present +
The ID of the RAM disk associated with the AMI.
+
+
  +
+ security_groups + +
+ list +
+ 		when state=present +
The security groups to associate with the instances.
+
+
Sample:
+
['sg-5e27db2f']
+
  +
+ spot_price + +
+ float +
+ 		when state=present +
The price to bid when launching Spot Instances.
+
+
  +
+ use_block_device_types + +
+ boolean +
+ 		when state=present +
Indicates whether to suppress a device mapping.
+
+
  +
+ user_data + +
+ string +
+ 		when state=present +
The user data available to the instances.
+
+
  +
+ volume_type + +
+ string +
+ 		when state=present +
The volume type (one of standard, io1, gp2).
+
+
Sample:
+
io1
+
+
+ security_groups + +
+ list +
+ 		when state=present +
The security groups to associate with the instances.
+
+
Sample:
+
['sg-5e27db2f']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gareth Rushgrove (@garethr) +- Willem van Ketwich (@wilvk) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_lc_find.rst b/docs/community.aws.ec2_lc_find.rst new file mode 100644 index 00000000000..4f082732c88 --- /dev/null +++ b/docs/community.aws.ec2_lc_find.rst @@ -0,0 +1,573 @@ + +.. _community.aws.ec2_lc_find_: + + +************************* +community.aws.ec2_lc_find +************************* + +**Find AWS Autoscaling Launch Configurations** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Returns list of matching Launch Configurations for a given name, along with other useful information. +- Results can be sorted and sliced. +- It depends on boto. +- Based on the work by Tom Bamford https://github.com/tombamford + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ limit + +
+ integer +
+ 		+ + +
How many results to show.
+
Corresponds to Python slice notation like list[:limit].
+
+
+ name_regex + +
+ string + / required
+ 		+ + +
A Launch Configuration to match.
+
It'll be compiled as regex.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ sort_order + +
+ string +
+ 		+
    Choices: +
  • ascending ←
    • +
  • descending
    • +
+ 		+ +
Order in which to sort results.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Search for the Launch Configurations that start with "app" + - ec2_lc_find: + name_regex: app.* + sort_order: descending + limit: 2 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ arn + +
+ string +
+ 		when Launch Configuration was found +
Name of the AMI
+
+
Sample:
+
arn:aws:autoscaling:eu-west-1:12345:launchConfiguration:d82f050e-e315:launchConfigurationName/yourproject
+
+
+ associate_public_address + +
+ boolean +
+ 		when Launch Configuration was found +
Assign public address or not
+
+
Sample:
+
True
+
+
+ block_device_mappings + +
+ list +
+ 		when Launch Configuration was found +
Launch Configuration block device mappings property
+
+
+
+ classic_link_vpc_security_groups + +
+ list +
+ 		when Launch Configuration was found +
Launch Configuration classic link vpc security groups property
+
+
+
+ created_time + +
+ string +
+ 		when Launch Configuration was found +
When it was created
+
+
Sample:
+
2016-06-29T14:59:22.222000+00:00
+
+
+ ebs_optimized + +
+ boolean +
+ 		when Launch Configuration was found +
Launch Configuration EBS optimized property
+
+
+
+ image_id + +
+ string +
+ 		when Launch Configuration was found +
AMI id
+
+
Sample:
+
ami-0d75df7e
+
+
+ instance_monitoring + +
+ string +
+ 		when Launch Configuration was found +
Launch Configuration instance monitoring property
+
+
Sample:
+
{'Enabled': False}
+
+
+ instance_type + +
+ string +
+ 		when Launch Configuration was found +
Type of ec2 instance
+
+
Sample:
+
t2.small
+
+
+ kernel_id + +
+ string +
+ 		when Launch Configuration was found +
Launch Configuration kernel to use
+
+
+
+ keyname + +
+ string +
+ 		when Launch Configuration was found +
Launch Configuration ssh key
+
+
Sample:
+
mykey
+
+
+ name + +
+ string +
+ 		when Launch Configuration was found +
Name of the Launch Configuration
+
+
Sample:
+
myapp-v123
+
+
+ ram_disk_id + +
+ string +
+ 		when Launch Configuration was found +
Launch Configuration ram disk property
+
+
+
+ security_groups + +
+ list +
+ 		when Launch Configuration was found +
Launch Configuration security groups
+
+
+
+ user_data + +
+ string +
+ 		when Launch Configuration was found +
User data used to start instance
+
+
Sample:
+
ZXhwb3J0IENMT1VE
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jose Armesto (@fiunchinho) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_lc_info.rst b/docs/community.aws.ec2_lc_info.rst new file mode 100644 index 00000000000..77b89a20c57 --- /dev/null +++ b/docs/community.aws.ec2_lc_info.rst @@ -0,0 +1,609 @@ + +.. _community.aws.ec2_lc_info_: + + +************************* +community.aws.ec2_lc_info +************************* + +**Gather information about AWS Autoscaling Launch Configurations.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about AWS Autoscaling Launch Configurations. +- This module was called ``ec2_lc_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ list + / elements=string
+ 		+ Default:
[]
+ 		+ +
A name or a list of name to match.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ sort + +
+ string +
+ 		+
    Choices: +
  • launch_configuration_name
    • +
  • image_id
    • +
  • created_time
    • +
  • instance_type
    • +
  • kernel_id
    • +
  • ramdisk_id
    • +
  • key_name
    • +
+ 		+ +
Optional attribute which with to sort the results.
+
+
+ sort_end + +
+ integer +
+ 		+ + +
Which result to end with (when sorting).
+
Corresponds to Python slice notation.
+
+
+ sort_order + +
+ string +
+ 		+
    Choices: +
  • ascending ←
    • +
  • descending
    • +
+ 		+ +
Order in which to sort results.
+
Only used when the 'sort' parameter is specified.
+
+
+ sort_start + +
+ integer +
+ 		+ + +
Which result to start with (when sorting).
+
Corresponds to Python slice notation.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all launch configurations + - ec2_lc_info: + + # Gather information about launch configuration with name "example" + - ec2_lc_info: + name: example + + # Gather information sorted by created_time from most recent to least recent + - ec2_lc_info: + sort: created_time + sort_order: descending + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ block_device_mapping + +
+ list +
+ 		always +
Block device mapping for the instances of launch configuration
+
+
Sample:
+
[{ 'device_name': '/dev/xvda':, 'ebs': { 'delete_on_termination': true, 'volume_size': 8, 'volume_type': 'gp2' }]
+
+
+ classic_link_vpc_security_groups + +
+ string +
+ 		always +
IDs of one or more security groups for the VPC specified in classic_link_vpc_id
+
+
+
+ created_time + +
+ string +
+ 		always +
The creation date and time for the launch configuration
+
+
Sample:
+
2016-05-27T13:47:44.216000+00:00
+
+
+ ebs_optimized + +
+ boolean +
+ 		always +
EBS I/O optimized (true ) or not (false )
+
+
Sample:
+
true,
+
+
+ image_id + +
+ string +
+ 		always +
ID of the Amazon Machine Image (AMI)
+
+
Sample:
+
ami-12345678
+
+
+ instance_monitoring + +
+ dictionary +
+ 		always +
Launched with detailed monitoring or not
+
+
Sample:
+
{ 'enabled': true }
+
+
+ instance_type + +
+ string +
+ 		always +
Instance type
+
+
Sample:
+
t2.micro
+
+
+ kernel_id + +
+ string +
+ 		always +
ID of the kernel associated with the AMI
+
+
+
+ key_name + +
+ string +
+ 		always +
Name of the key pair
+
+
Sample:
+
user_app
+
+
+ launch_configuration_arn + +
+ string +
+ 		always +
Amazon Resource Name (ARN) of the launch configuration
+
+
Sample:
+
arn:aws:autoscaling:us-east-1:666612345678:launchConfiguration:ba785e3a-dd42-6f02-4585-ea1a2b458b3d:launchConfigurationName/lc-app
+
+
+ launch_configuration_name + +
+ string +
+ 		always +
Name of the launch configuration
+
+
Sample:
+
lc-app
+
+
+ ramdisk_id + +
+ string +
+ 		always +
ID of the RAM disk associated with the AMI
+
+
+
+ security_groups + +
+ list +
+ 		always +
Security groups to associated
+
+
Sample:
+
[ 'web' ]
+
+
+ user_data + +
+ string +
+ 		always +
User data available
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Loïc Latreille (@psykotox) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_metric_alarm.rst b/docs/community.aws.ec2_metric_alarm.rst new file mode 100644 index 00000000000..2de2f91fe53 --- /dev/null +++ b/docs/community.aws.ec2_metric_alarm.rst @@ -0,0 +1,615 @@ + +.. _community.aws.ec2_metric_alarm_: + + +****************************** +community.aws.ec2_metric_alarm +****************************** + +**Create/update or delete AWS Cloudwatch 'metric alarms'** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete AWS metric alarms. +- Metrics you wish to alarm on must already exist. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ alarm_actions + +
+ list + / elements=string
+ 		+ + +
A list of the names action(s) taken when the alarm is in the alarm status, denoted as Amazon Resource Name(s).
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ comparison + +
+ string +
+ 		+
    Choices: +
  • GreaterThanOrEqualToThreshold
    • +
  • GreaterThanThreshold
    • +
  • LessThanThreshold
    • +
  • LessThanOrEqualToThreshold
    • +
  • <=
    • +
  • <
    • +
  • >=
    • +
  • >
    • +
+ 		+ +
Determines how the threshold value is compared
+
Symbolic comparison operators have been deprecated, and will be removed in 2.14
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A longer description of the alarm.
+
+
+ dimensions + +
+ dictionary +
+ 		+ + +
A dictionary describing which metric the alarm is applied to.
+
For more information see the AWS documentation:
+ +
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ evaluation_periods + +
+ integer +
+ 		+ + +
The number of times in which the metric is evaluated before final calculation.
+
+
+ insufficient_data_actions + +
+ list + / elements=string
+ 		+ + +
A list of the names of action(s) to take when the alarm is in the insufficient_data status.
+
+
+ metric + +
+ string +
+ 		+ + +
Name of the monitored metric (e.g. CPUUtilization).
+
Metric must already exist.
+
+
+ name + +
+ string + / required
+ 		+ + +
Unique name for the alarm.
+
+
+ namespace + +
+ string +
+ 		+ + +
Name of the appropriate namespace (AWS/EC2, System/Linux, etc.), which determines the category it will appear under in cloudwatch.
+
+
+ ok_actions + +
+ list + / elements=string
+ 		+ + +
A list of the names of action(s) to take when the alarm is in the ok status, denoted as Amazon Resource Name(s).
+
+
+ period + +
+ integer +
+ 		+ + +
The time (in seconds) between metric evaluations.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Register or deregister the alarm.
+
+
+ statistic + +
+ string +
+ 		+
    Choices: +
  • SampleCount
    • +
  • Average
    • +
  • Sum
    • +
  • Minimum
    • +
  • Maximum
    • +
+ 		+ +
Operation applied to the metric.
+
Works in conjunction with period and evaluation_periods to determine the comparison value.
+
+
+ threshold + +
+ float +
+ 		+ + +
Sets the min/max bound for triggering the alarm.
+
+
+ treat_missing_data + +
+ string +
+ 		+
    Choices: +
  • breaching
    • +
  • notBreaching
    • +
  • ignore
    • +
  • missing ←
    • +
+ 		+ +
Sets how the alarm handles missing data points.
+
+
+ unit + +
+ string +
+ 		+
    Choices: +
  • Seconds
    • +
  • Microseconds
    • +
  • Milliseconds
    • +
  • Bytes
    • +
  • Kilobytes
    • +
  • Megabytes
    • +
  • Gigabytes
    • +
  • Terabytes
    • +
  • Bits
    • +
  • Kilobits
    • +
  • Megabits
    • +
  • Gigabits
    • +
  • Terabits
    • +
  • Percent
    • +
  • Count
    • +
  • Bytes/Second
    • +
  • Kilobytes/Second
    • +
  • Megabytes/Second
    • +
  • Gigabytes/Second
    • +
  • Terabytes/Second
    • +
  • Bits/Second
    • +
  • Kilobits/Second
    • +
  • Megabits/Second
    • +
  • Gigabits/Second
    • +
  • Terabits/Second
    • +
  • Count/Second
    • +
  • None
    • +
+ 		+ +
The threshold's unit of measurement.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create alarm + ec2_metric_alarm: + state: present + region: ap-southeast-2 + name: "cpu-low" + metric: "CPUUtilization" + namespace: "AWS/EC2" + statistic: Average + comparison: "LessThanOrEqualToThreshold" + threshold: 5.0 + period: 300 + evaluation_periods: 3 + unit: "Percent" + description: "This will alarm when a bamboo slave's cpu usage average is lower than 5% for 15 minutes " + dimensions: {'InstanceId':'i-XXX'} + alarm_actions: ["action1","action2"] + + - name: Create an alarm to recover a failed instance + ec2_metric_alarm: + state: present + region: us-west-1 + name: "recover-instance" + metric: "StatusCheckFailed_System" + namespace: "AWS/EC2" + statistic: "Minimum" + comparison: ">=" + threshold: 1.0 + period: 60 + evaluation_periods: 2 + unit: "Count" + description: "This will recover an instance when it fails" + dimensions: {"InstanceId":'i-XXX'} + alarm_actions: ["arn:aws:automate:us-west-1:ec2:recover"] + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Zacharie Eakin (@Zeekin) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_placement_group.rst b/docs/community.aws.ec2_placement_group.rst new file mode 100644 index 00000000000..b78a3fcb1a5 --- /dev/null +++ b/docs/community.aws.ec2_placement_group.rst @@ -0,0 +1,410 @@ + +.. _community.aws.ec2_placement_group_: + + +********************************* +community.aws.ec2_placement_group +********************************* + +**Create or delete an EC2 Placement Group** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create an EC2 Placement Group; if the placement group already exists, nothing is done. Or, delete an existing placement group. If the placement group is absent, do nothing. See also https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name for the placement group.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete placement group.
+
+
+ strategy + +
+ string +
+ 		+
    Choices: +
  • cluster ←
    • +
  • spread
    • +
+ 		+ +
Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide + # for details. + + # Create a placement group. + - ec2_placement_group: + name: my-cluster + state: present + + # Create a Spread placement group. + - ec2_placement_group: + name: my-cluster + state: present + strategy: spread + + # Delete a placement group. + - ec2_placement_group: + name: my-cluster + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ placement_group + +
+ complex +
+ 		when state != absent +
Placement group attributes
+
+
  +
+ name + +
+ string +
+ 		+
PG name
+
+
Sample:
+
my-cluster
+
  +
+ state + +
+ string +
+ 		+
PG state
+
+
Sample:
+
available
+
  +
+ strategy + +
+ string +
+ 		+
PG strategy
+
+
Sample:
+
cluster
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Brad Macpherson (@iiibrad) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_placement_group_info.rst b/docs/community.aws.ec2_placement_group_info.rst new file mode 100644 index 00000000000..26360862da3 --- /dev/null +++ b/docs/community.aws.ec2_placement_group_info.rst @@ -0,0 +1,367 @@ + +.. _community.aws.ec2_placement_group_info_: + + +************************************** +community.aws.ec2_placement_group_info +************************************** + +**List EC2 Placement Group(s) details** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- List details of EC2 Placement Group(s). +- This module was called ``ec2_placement_group_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ names + +
+ list + / elements=string
+ 		+ Default:
[]
+ 		+ +
A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details or the AWS region, + # see the AWS Guide for details. + + # List all placement groups. + - ec2_placement_group_info: + register: all_ec2_placement_groups + + # List two placement groups. + - ec2_placement_group_info: + names: + - my-cluster + - my-other-cluster + register: specific_ec2_placement_groups + + - debug: msg="{{ specific_ec2_placement_groups | json_query("[?name=='my-cluster']") }}" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ placement_groups + +
+ complex +
+ 		always +
Placement group attributes
+
+
  +
+ name + +
+ string +
+ 		+
PG name
+
+
Sample:
+
my-cluster
+
  +
+ state + +
+ string +
+ 		+
PG state
+
+
Sample:
+
available
+
  +
+ strategy + +
+ string +
+ 		+
PG strategy
+
+
Sample:
+
cluster
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Brad Macpherson (@iiibrad) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_scaling_policy.rst b/docs/community.aws.ec2_scaling_policy.rst new file mode 100644 index 00000000000..524ac755d29 --- /dev/null +++ b/docs/community.aws.ec2_scaling_policy.rst @@ -0,0 +1,385 @@ + +.. _community.aws.ec2_scaling_policy_: + + +******************************** +community.aws.ec2_scaling_policy +******************************** + +**Create or delete AWS scaling policies for Autoscaling groups** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete scaling policies for autoscaling groups. +- Referenced autoscaling groups must already exist. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ adjustment_type + +
+ string +
+ 		+
    Choices: +
  • ChangeInCapacity
    • +
  • ExactCapacity
    • +
  • PercentChangeInCapacity
    • +
+ 		+ +
The type of change in capacity of the autoscaling group.
+
+
+ asg_name + +
+ string + / required
+ 		+ + +
Name of the associated autoscaling group.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cooldown + +
+ integer +
+ 		+ + +
The minimum period of time (in seconds) between which autoscaling actions can take place.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ min_adjustment_step + +
+ integer +
+ 		+ + +
Minimum amount of adjustment when policy is triggered.
+
+
+ name + +
+ string + / required
+ 		+ + +
Unique name for the scaling policy.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ scaling_adjustment + +
+ integer +
+ 		+ + +
The amount by which the autoscaling group is adjusted by the policy.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Register or deregister the policy.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - ec2_scaling_policy: + state: present + region: US-XXX + name: "scaledown-policy" + adjustment_type: "ChangeInCapacity" + asg_name: "slave-pool" + scaling_adjustment: -1 + min_adjustment_step: 1 + cooldown: 300 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Zacharie Eakin (@Zeekin) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_snapshot_copy.rst b/docs/community.aws.ec2_snapshot_copy.rst new file mode 100644 index 00000000000..c24ccff0567 --- /dev/null +++ b/docs/community.aws.ec2_snapshot_copy.rst @@ -0,0 +1,462 @@ + +.. _community.aws.ec2_snapshot_copy_: + + +******************************* +community.aws.ec2_snapshot_copy +******************************* + +**Copies an EC2 snapshot and returns the new Snapshot ID.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Copies an EC2 Snapshot from a source region to a destination region. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
An optional human-readable string describing purpose of the new Snapshot.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ encrypted + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not the destination Snapshot should be encrypted.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
KMS key id used to encrypt snapshot. If not specified, AWS defaults to alias/aws/ebs.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ source_region + +
+ string + / required
+ 		+ + +
The source region the Snapshot should be copied from.
+
+
+ source_snapshot_id + +
+ string + / required
+ 		+ + +
The ID of the Snapshot in source region that should be copied.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A hash/dictionary of tags to add to the new Snapshot; '{"key":"value"}' and '{"key":"value","key":"value"}'
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Wait for the copied Snapshot to be in 'Available' state before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
600
+ 		+ +
How long before wait gives up, in seconds.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic Snapshot Copy + - ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + + # Copy Snapshot and wait until available + - ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + wait: yes + wait_timeout: 1200 # Default timeout is 600 + register: snapshot_id + + # Tagged Snapshot copy + - ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + tags: + Name: Snapshot-Name + + # Encrypted Snapshot copy + - ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + encrypted: yes + + # Encrypted Snapshot copy with specified key + - ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + encrypted: yes + kms_key_id: arn:aws:kms:eu-central-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ snapshot_id + +
+ string +
+ 		when snapshot copy is successful +
snapshot id of the newly created snapshot
+
+
Sample:
+
snap-e9095e8c
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Deepak Kothandan (@Deepakkothandan) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_transit_gateway.rst b/docs/community.aws.ec2_transit_gateway.rst new file mode 100644 index 00000000000..3fbd6071386 --- /dev/null +++ b/docs/community.aws.ec2_transit_gateway.rst @@ -0,0 +1,866 @@ + +.. _community.aws.ec2_transit_gateway_: + + +********************************* +community.aws.ec2_transit_gateway +********************************* + +**Create and delete AWS Transit Gateways** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS Transit Gateways. +- Deletes AWS Transit Gateways. +- Updates tags on existing transit gateways. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ asn + +
+ integer +
+ 		+ + +
A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
+
The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
+
+
+ auto_associate + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Enable or disable automatic association with the default association route table.
+
+
+ auto_attach + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Enable or disable automatic acceptance of attachment requests.
+
+
+ auto_propagate + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Enable or disable automatic propagation of routes to the default propagation route table.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
The description of the transit gateway.
+
+
+ dns_support + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to enable AWS DNS support.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to purge existing tags not included with tags argument.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
present to ensure resource is created.
+
absent to remove resource.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of resource tags
+
+
+ transit_gateway_id + +
+ string +
+ 		+ + +
The ID of the transit gateway.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpn_ecmp_support + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Enable or disable Equal Cost Multipath Protocol support.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to wait for status
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
number of seconds to wait for status
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new transit gateway using defaults + ec2_transit_gateway: + state: present + region: us-east-1 + description: personal-testing + register: created_tgw + + - name: Create a new transit gateway with options + ec2_transit_gateway: + asn: 64514 + auto_associate: no + auto_propagate: no + dns_support: True + description: "nonprod transit gateway" + purge_tags: False + state: present + region: us-east-1 + tags: + Name: nonprod transit gateway + status: testing + + - name: Remove a transit gateway by description + ec2_transit_gateway: + state: absent + region: us-east-1 + description: personal-testing + + - name: Remove a transit gateway by id + ec2_transit_gateway: + state: absent + region: ap-southeast-2 + transit_gateway_id: tgw-3a9aa123 + register: deleted_tgw + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ transit_gateway + +
+ complex +
+ 		state=present +
The attributes of the transit gateway.
+
+
  +
+ creation_time + +
+ string +
+ 		always +
The creation time of the transit gateway.
+
+
Sample:
+
2019-03-06T17:13:51+00:00
+
  +
+ description + +
+ string +
+ 		always +
The description of the transit gateway.
+
+
Sample:
+
my test tgw
+
  +
+ options + +
+ complex +
+ 		always +
The options attributes of the transit gateway
+
+
   +
+ amazon_side_asn + +
+ string +
+ 		always +
A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
+
+
Sample:
+
64512
+
   +
+ association_default_route_table_id + +
+ string +
+ 		Iwhen exists +
The ID of the default association route table.
+
+
Sample:
+
tgw-rtb-abc123444
+
   +
+ auto_accept_shared_attachements + +
+ string +
+ 		always +
Indicates whether attachment requests are automatically accepted.
+
+
Sample:
+
disable
+
   +
+ default_route_table_association + +
+ string +
+ 		always +
Indicates whether resource attachments are automatically associated with the default association route table.
+
+
Sample:
+
enable
+
   +
+ default_route_table_propagation + +
+ string +
+ 		always +
Indicates whether resource attachments automatically propagate routes to the default propagation route table.
+
+
Sample:
+
disable
+
   +
+ dns_support + +
+ string +
+ 		always +
Indicates whether DNS support is enabled.
+
+
Sample:
+
enable
+
   +
+ propagation_default_route_table_id + +
+ string +
+ 		when exists +
The ID of the default propagation route table.
+
+
Sample:
+
tgw-rtb-def456777
+
   +
+ vpn_ecmp_support + +
+ string +
+ 		always +
Indicates whether Equal Cost Multipath Protocol support is enabled.
+
+
Sample:
+
enable
+
  +
+ owner_id + +
+ string +
+ 		always +
The account that owns the transit gateway.
+
+
Sample:
+
123456789012
+
  +
+ state + +
+ string +
+ 		always +
The state of the transit gateway.
+
+
Sample:
+
pending
+
  +
+ tags + +
+ dictionary +
+ 		always +
A dictionary of resource tags
+
+
Sample:
+
{'tags': {'Name': 'nonprod_tgw'}}
+
  +
+ transit_gateway_arn + +
+ string +
+ 		always +
The ID of the transit_gateway.
+
+
Sample:
+
tgw-3a9aa123
+
  +
+ transit_gateway_id + +
+ string +
+ 		always +
The ID of the transit_gateway.
+
+
Sample:
+
tgw-3a9aa123
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Bob Boldin (@BobBoldin) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_transit_gateway_info.rst b/docs/community.aws.ec2_transit_gateway_info.rst new file mode 100644 index 00000000000..027c1120619 --- /dev/null +++ b/docs/community.aws.ec2_transit_gateway_info.rst @@ -0,0 +1,631 @@ + +.. _community.aws.ec2_transit_gateway_info_: + + +************************************** +community.aws.ec2_transit_gateway_info +************************************** + +**Gather information about ec2 transit gateways in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 transit gateways in AWS + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html for filters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ transit_gateway_ids + +
+ list +
+ 		+ + +
A list of transit gateway IDs to gather information for.
+

aliases: transit_gateway_id
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather info about all transit gateways + - ec2_transit_gateway_info: + + # Gather info about a particular transit gateway using filter transit gateway ID + - ec2_transit_gateway_info: + filters: + transit-gateway-id: tgw-02c42332e6b7da829 + + # Gather info about a particular transit gateway using multiple option filters + - ec2_transit_gateway_info: + filters: + options.dns-support: enable + options.vpn-ecmp-support: enable + + # Gather info about multiple transit gateways using module param + - ec2_transit_gateway_info: + transit_gateway_ids: + - tgw-02c42332e6b7da829 + - tgw-03c53443d5a8cb716 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ transit_gateways + +
+ complex +
+ 		on success +
Transit gateways that match the provided filters. Each element consists of a dict with all the information related to that transit gateway.
+
+
  +
+ creation_time + +
+ string +
+ 		always +
The creation time.
+
+
Sample:
+
2019-02-05T16:19:58+00:00
+
  +
+ description + +
+ string +
+ 		always +
The description of the transit gateway.
+
+
Sample:
+
A transit gateway
+
  +
+ options + +
+ complex +
+ 		always +
A dictionary of the transit gateway options.
+
+
   +
+ amazon_side_asn + +
+ integer +
+ 		always +
A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
+
+
Sample:
+
64512
+
   +
+ association_default_route_table_id + +
+ string +
+ 		when present +
The ID of the default association route table.
+
+
Sample:
+
rtb-11223344
+
   +
+ auto_accept_shared_attachments + +
+ string +
+ 		always +
Indicates whether attachment requests are automatically accepted.
+
+
Sample:
+
enable
+
   +
+ default_route_table_association + +
+ string +
+ 		always +
Indicates whether resource attachments are automatically associated with the default association route table.
+
+
Sample:
+
disable
+
   +
+ default_route_table_propagation + +
+ string +
+ 		always +
Indicates whether resource attachments automatically propagate routes to the default propagation route table.
+
+
Sample:
+
disable
+
   +
+ dns_support + +
+ string +
+ 		always +
Indicates whether DNS support is enabled.
+
+
Sample:
+
enable
+
   +
+ propagation_default_route_table_id + +
+ string +
+ 		when present +
The ID of the default propagation route table.
+
+
Sample:
+
rtb-11223344
+
   +
+ vpn_ecmp_support + +
+ string +
+ 		always +
Indicates whether Equal Cost Multipath Protocol support is enabled.
+
+
Sample:
+
enable
+
  +
+ owner_id + +
+ string +
+ 		always +
The AWS account number ID which owns the transit gateway.
+
+
Sample:
+
1234567654323
+
  +
+ state + +
+ string +
+ 		always +
The state of the transit gateway.
+
+
Sample:
+
available
+
  +
+ tags + +
+ dictionary +
+ 		always +
A dict of tags associated with the transit gateway.
+
+
Sample:
+
{ "Name": "A sample TGW" }
+
  +
+ transit_gateway_arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the transit gateway.
+
+
Sample:
+
arn:aws:ec2:us-west-2:1234567654323:transit-gateway/tgw-02c42332e6b7da829
+
  +
+ transit_gateway_id + +
+ string +
+ 		always +
The ID of the transit gateway.
+
+
Sample:
+
tgw-02c42332e6b7da829
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Bob Boldin (@BobBoldin) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_egress_igw.rst b/docs/community.aws.ec2_vpc_egress_igw.rst new file mode 100644 index 00000000000..24cddae895f --- /dev/null +++ b/docs/community.aws.ec2_vpc_egress_igw.rst @@ -0,0 +1,343 @@ + +.. _community.aws.ec2_vpc_egress_igw_: + + +******************************** +community.aws.ec2_vpc_egress_igw +******************************** + +**Manage an AWS VPC Egress Only Internet gateway** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS VPC Egress Only Internet gateway + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete the EIGW.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string + / required
+ 		+ + +
The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Ensure that the VPC has an Internet Gateway. + # The Internet Gateway ID is can be accessed via {{eigw.gateway_id}} for use in setting up NATs etc. + ec2_vpc_egress_igw: + vpc_id: vpc-abcdefgh + state: present + register: eigw + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ gateway_id + +
+ string +
+ 		always +
The ID of the Egress Only Internet Gateway or Null.
+
+
Sample:
+
eigw-0e00cf111ba5bc11e
+
+
+ vpc_id + +
+ string +
+ 		always +
The ID of the VPC to attach or detach gateway from.
+
+
Sample:
+
vpc-012345678
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Daniel Shepherd (@shepdelacreme) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_endpoint.rst b/docs/community.aws.ec2_vpc_endpoint.rst new file mode 100644 index 00000000000..088a49fdcf6 --- /dev/null +++ b/docs/community.aws.ec2_vpc_endpoint.rst @@ -0,0 +1,508 @@ + +.. _community.aws.ec2_vpc_endpoint_: + + +****************************** +community.aws.ec2_vpc_endpoint +****************************** + +**Create and delete AWS VPC Endpoints.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS VPC endpoints. +- Deletes AWS VPC endpoints. +- This module supports check mode. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ client_token + +
+ string +
+ 		+ + +
Optional client token to ensure idempotency
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ policy + +
+ json +
+ 		+ + +
A properly formatted json policy as string, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813. Cannot be used with policy_file.
+
Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
+
+
+ policy_file + +
+ path +
+ 		+ + +
The path to the properly json formatted policy file, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly. Cannot be used with policy.
+
Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
+

aliases: policy_path
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ route_table_ids + +
+ list + / elements=string
+ 		+ + +
List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ service + +
+ string +
+ 		+ + +
An AWS supported vpc endpoint service. Use the ec2_vpc_endpoint_info module to describe the supported endpoint services.
+
Required when creating an endpoint.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
present to ensure resource is created.
+
absent to remove resource
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_endpoint_id + +
+ string +
+ 		+ + +
One or more vpc endpoint ids to remove from the AWS account
+
+
+ vpc_id + +
+ string +
+ 		+ + +
Required when creating a VPC endpoint.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
320
+ 		+ +
Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create new vpc endpoint with a json template for policy + ec2_vpc_endpoint: + state: present + region: ap-southeast-2 + vpc_id: vpc-12345678 + service: com.amazonaws.ap-southeast-2.s3 + policy: " {{ lookup( 'template', 'endpoint_policy.json.j2') }} " + route_table_ids: + - rtb-12345678 + - rtb-87654321 + register: new_vpc_endpoint + + - name: Create new vpc endpoint with the default policy + ec2_vpc_endpoint: + state: present + region: ap-southeast-2 + vpc_id: vpc-12345678 + service: com.amazonaws.ap-southeast-2.s3 + route_table_ids: + - rtb-12345678 + - rtb-87654321 + register: new_vpc_endpoint + + - name: Create new vpc endpoint with json file + ec2_vpc_endpoint: + state: present + region: ap-southeast-2 + vpc_id: vpc-12345678 + service: com.amazonaws.ap-southeast-2.s3 + policy_file: "{{ role_path }}/files/endpoint_policy.json" + route_table_ids: + - rtb-12345678 + - rtb-87654321 + register: new_vpc_endpoint + + - name: Delete newly created vpc endpoint + ec2_vpc_endpoint: + state: absent + vpc_endpoint_id: "{{ new_vpc_endpoint.result['VpcEndpointId'] }}" + region: ap-southeast-2 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ endpoints + +
+ list +
+ 		success +
The resulting endpoints from the module call
+
+
Sample:
+
[{'creation_timestamp': '2017-02-20T05:04:15+00:00', 'policy_document': {'Id': 'Policy1450910922815', 'Statement': [{'Action': 's3:*', 'Effect': 'Allow', 'Principal': '*', 'Resource': ['arn:aws:s3:::*/*', 'arn:aws:s3:::*'], 'Sid': 'Stmt1450910920641'}], 'Version': '2012-10-17'}, 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'vpc_endpoint_id': 'vpce-a1b2c3d4', 'vpc_id': 'vpc-abbad0d0'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_endpoint_info.rst b/docs/community.aws.ec2_vpc_endpoint_info.rst new file mode 100644 index 00000000000..8f6ecb0a03a --- /dev/null +++ b/docs/community.aws.ec2_vpc_endpoint_info.rst @@ -0,0 +1,386 @@ + +.. _community.aws.ec2_vpc_endpoint_info_: + + +*********************************** +community.aws.ec2_vpc_endpoint_info +*********************************** + +**Retrieves AWS VPC endpoints details using AWS methods.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to AWS VPC Endpoints. +- This module was called ``ec2_vpc_endpoint_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html for possible filters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ query + +
+ string + / required
+ 		+
    Choices: +
  • services
    • +
  • endpoints
    • +
+ 		+ +
Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_endpoint_ids + +
+ list + / elements=string
+ 		+ + +
Get details of specific endpoint IDs
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all support AWS services for VPC endpoints + - name: List supported AWS endpoint services + ec2_vpc_endpoint_info: + query: services + region: ap-southeast-2 + register: supported_endpoint_services + + - name: Get all endpoints in ap-southeast-2 region + ec2_vpc_endpoint_info: + query: endpoints + region: ap-southeast-2 + register: existing_endpoints + + - name: Get all endpoints with specific filters + ec2_vpc_endpoint_info: + query: endpoints + region: ap-southeast-2 + filters: + vpc-id: + - vpc-12345678 + - vpc-87654321 + vpc-endpoint-state: + - available + - pending + register: existing_endpoints + + - name: Get details on specific endpoint + ec2_vpc_endpoint_info: + query: endpoints + region: ap-southeast-2 + vpc_endpoint_ids: + - vpce-12345678 + register: endpoint_details + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ service_names + +
+ list +
+ 		query is services +
AWS VPC endpoint service names
+
+
Sample:
+
{'service_names': ['com.amazonaws.ap-southeast-2.s3']}
+
+
+ vpc_endpoints + +
+ list +
+ 		query is endpoints +
A list of endpoints that match the query. Each endpoint has the keys creation_timestamp, policy_document, route_table_ids, service_name, state, vpc_endpoint_id, vpc_id.
+
+
Sample:
+
{'vpc_endpoints': [{'creation_timestamp': '2017-02-16T11:06:48+00:00', 'policy_document': '"{"Version":"2012-10-17","Id":"Policy1450910922815", "Statement":[{"Sid":"Stmt1450910920641","Effect":"Allow", "Principal":"*","Action":"s3:*","Resource":["arn:aws:s3:::*/*","arn:aws:s3:::*"]}]}"\n', 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'state': 'available', 'vpc_endpoint_id': 'vpce-abbad0d0', 'vpc_id': 'vpc-1111ffff'}]}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_igw.rst b/docs/community.aws.ec2_vpc_igw.rst new file mode 100644 index 00000000000..64ad52a3a23 --- /dev/null +++ b/docs/community.aws.ec2_vpc_igw.rst @@ -0,0 +1,397 @@ + +.. _community.aws.ec2_vpc_igw_: + + +************************* +community.aws.ec2_vpc_igw +************************* + +**Manage an AWS VPC Internet gateway** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS VPC Internet gateway + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or terminate the IGW
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
+

aliases: resource_tags
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string + / required
+ 		+ + +
The VPC ID for the VPC in which to manage the Internet Gateway.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Ensure that the VPC has an Internet Gateway. + # The Internet Gateway ID is can be accessed via {{igw.gateway_id}} for use in setting up NATs etc. + ec2_vpc_igw: + vpc_id: vpc-abcdefgh + state: present + register: igw + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
If any changes have been made to the Internet Gateway.
+
+
Sample:
+
{'changed': False}
+
+
+ gateway_id + +
+ string +
+ 		state=present +
The unique identifier for the Internet Gateway.
+
+
Sample:
+
{'gateway_id': 'igw-XXXXXXXX'}
+
+
+ tags + +
+ dictionary +
+ 		state=present +
The tags associated the Internet Gateway.
+
+
Sample:
+
{'tags': {'Ansible': 'Test'}}
+
+
+ vpc_id + +
+ string +
+ 		state=present +
The VPC ID associated with the Internet Gateway.
+
+
Sample:
+
{'vpc_id': 'vpc-XXXXXXXX'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Robert Estelle (@erydo) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_igw_info.rst b/docs/community.aws.ec2_vpc_igw_info.rst new file mode 100644 index 00000000000..a5cda19dfd4 --- /dev/null +++ b/docs/community.aws.ec2_vpc_igw_info.rst @@ -0,0 +1,354 @@ + +.. _community.aws.ec2_vpc_igw_info_: + + +****************************** +community.aws.ec2_vpc_igw_info +****************************** + +**Gather information about internet gateways in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about internet gateways in AWS. +- This module was called ``ec2_vpc_igw_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html for possible filters.
+
+
+ internet_gateway_ids + +
+ list + / elements=string
+ 		+ + +
Get details of specific Internet Gateway ID. Provide this value as a list.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all Internet Gateways for an account or profile + ec2_vpc_igw_info: + region: ap-southeast-2 + profile: production + register: igw_info + + - name: Gather information about a filtered list of Internet Gateways + ec2_vpc_igw_info: + region: ap-southeast-2 + profile: production + filters: + "tag:Name": "igw-123" + register: igw_info + + - name: Gather information about a specific internet gateway by InternetGatewayId + ec2_vpc_igw_info: + region: ap-southeast-2 + profile: production + internet_gateway_ids: igw-c1231234 + register: igw_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
True if listing the internet gateways succeeds.
+
+
Sample:
+
false
+
+
+ internet_gateways + +
+ list +
+ 		always +
The internet gateways for the account.
+
+
Sample:
+
[{'attachments': [{'state': 'available', 'vpc_id': 'vpc-02123b67'}], 'internet_gateway_id': 'igw-2123634d', 'tags': [{'key': 'Name', 'value': 'test-vpc-20-igw'}]}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nacl.rst b/docs/community.aws.ec2_vpc_nacl.rst new file mode 100644 index 00000000000..f8d5b459a5b --- /dev/null +++ b/docs/community.aws.ec2_vpc_nacl.rst @@ -0,0 +1,499 @@ + +.. _community.aws.ec2_vpc_nacl_: + + +************************** +community.aws.ec2_vpc_nacl +************************** + +**create and delete Network ACLs.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for Network ACLS https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ egress + +
+ list +
+ 		+ Default:
[]
+ 		+ +
A list of rules for outgoing traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
+
+
+ ingress + +
+ list +
+ 		+ Default:
[]
+ 		+ +
List of rules for incoming traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
+
+
+ nacl_id + +
+ string +
+ 		+ + +
NACL id identifying a network ACL.
+
One and only one of the name or nacl_id is required.
+
+
+ name + +
+ string +
+ 		+ + +
Tagged name identifying a network ACL.
+
One and only one of the name or nacl_id is required.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Creates or modifies an existing NACL
+
Deletes a NACL and reassociates subnets to the default NACL
+
+
+ subnets + +
+ list +
+ 		+ + +
The list of subnets that should be associated with the network ACL.
+
Must be specified as a list
+
Each subnet can be specified as subnet ID, or its tagged name.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Dictionary of tags to look for and apply when creating a network ACL.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
VPC id of the requesting VPC.
+
Required when state present.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # Complete example to create and delete a network ACL + # that allows SSH, HTTP and ICMP in, and all traffic out. + - name: "Create and associate production DMZ network ACL with DMZ subnets" + ec2_vpc_nacl: + vpc_id: vpc-12345678 + name: prod-dmz-nacl + region: ap-southeast-2 + subnets: ['prod-dmz-1', 'prod-dmz-2'] + tags: + CostCode: CC1234 + Project: phoenix + Description: production DMZ + ingress: + # rule no, protocol, allow/deny, cidr, icmp_type, icmp_code, + # port from, port to + - [100, 'tcp', 'allow', '0.0.0.0/0', null, null, 22, 22] + - [200, 'tcp', 'allow', '0.0.0.0/0', null, null, 80, 80] + - [300, 'icmp', 'allow', '0.0.0.0/0', 0, 8] + egress: + - [100, 'all', 'allow', '0.0.0.0/0', null, null, null, null] + state: 'present' + + - name: "Remove the ingress and egress rules - defaults to deny all" + ec2_vpc_nacl: + vpc_id: vpc-12345678 + name: prod-dmz-nacl + region: ap-southeast-2 + subnets: + - prod-dmz-1 + - prod-dmz-2 + tags: + CostCode: CC1234 + Project: phoenix + Description: production DMZ + state: present + + - name: "Remove the NACL subnet associations and tags" + ec2_vpc_nacl: + vpc_id: 'vpc-12345678' + name: prod-dmz-nacl + region: ap-southeast-2 + state: present + + - name: "Delete nacl and subnet associations" + ec2_vpc_nacl: + vpc_id: vpc-12345678 + name: prod-dmz-nacl + state: absent + + - name: "Delete nacl by its id" + ec2_vpc_nacl: + nacl_id: acl-33b4ee5b + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ nacl_id + +
+ string +
+ 		success +
The id of the NACL (when creating or updating an ACL)
+
+
Sample:
+
acl-123456789abcdef01
+
+
+ task + +
+ dictionary +
+ 		success +
The result of the create, or delete action.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nacl_info.rst b/docs/community.aws.ec2_vpc_nacl_info.rst new file mode 100644 index 00000000000..7a2602c070d --- /dev/null +++ b/docs/community.aws.ec2_vpc_nacl_info.rst @@ -0,0 +1,451 @@ + +.. _community.aws.ec2_vpc_nacl_info_: + + +******************************* +community.aws.ec2_vpc_nacl_info +******************************* + +**Gather information about Network ACLs in an AWS VPC** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about Network ACLs in an AWS VPC +- This module was called ``ec2_vpc_nacl_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html for possible filters. Filter names and values are case sensitive.
+
+
+ nacl_ids + +
+ list +
+ 		+ Default:
[]
+ 		+ +
A list of Network ACL IDs to retrieve information about.
+

aliases: nacl_id
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - By default, the module will return all Network ACLs. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all Network ACLs: + - name: Get All NACLs + register: all_nacls + ec2_vpc_nacl_info: + region: us-west-2 + + # Retrieve default Network ACLs: + - name: Get Default NACLs + register: default_nacls + ec2_vpc_nacl_info: + region: us-west-2 + filters: + 'default': 'true' + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ nacls + +
+ complex +
+ 		success +
Returns an array of complex objects as described below.
+
+
  +
+ egress + +
+ list + / elements=list
+ 		always +
A list of NACL egress rules with the following format.
+
[rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
+
+
Sample:
+
[[100, 'all', 'allow', '0.0.0.0/0', None, None, None, None]]
+
  +
+ ingress + +
+ list + / elements=list
+ 		always +
A list of NACL ingress rules with the following format.
+
[rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
+
+
Sample:
+
[[100, 'tcp', 'allow', '0.0.0.0/0', None, None, 22, 22]]
+
  +
+ is_default + +
+ boolean +
+ 		always +
True if the NACL is the default for its VPC.
+
+
  +
+ nacl_id + +
+ string +
+ 		always +
The ID of the Network Access Control List.
+
+
  +
+ subnets + +
+ list + / elements=string
+ 		always +
A list of subnet IDs that are associated with the NACL.
+
+
  +
+ tags + +
+ dictionary +
+ 		always +
A dict of tags associated with the NACL.
+
+
  +
+ vpc_id + +
+ string +
+ 		always +
The ID of the VPC that the NACL is attached to.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Brad Davidson (@brandond) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nat_gateway.rst b/docs/community.aws.ec2_vpc_nat_gateway.rst new file mode 100644 index 00000000000..9130496173d --- /dev/null +++ b/docs/community.aws.ec2_vpc_nat_gateway.rst @@ -0,0 +1,628 @@ + +.. _community.aws.ec2_vpc_nat_gateway_: + + +********************************* +community.aws.ec2_vpc_nat_gateway +********************************* + +**Manage AWS VPC NAT Gateways.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Ensure the state of AWS VPC NAT Gateways based on their id, allocation and subnet ids. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ allocation_id + +
+ string +
+ 		+ + +
The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ client_token + +
+ string +
+ 		+ + +
Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ eip_address + +
+ string +
+ 		+ + +
The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
+
+
+ if_exist_do_not_create + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
if a NAT Gateway exists already in the subnet_id, then do not create a new one.
+
+
+ nat_gateway_id + +
+ string +
+ 		+ + +
The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ release_eip + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Deallocate the EIP from the VPC.
+
Option is only valid with the absent state.
+
You should use this with the wait option. Since you can not release an address while a delete operation is happening.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Ensure NAT Gateway is present or absent.
+
+
+ subnet_id + +
+ string +
+ 		+ + +
The id of the subnet to create the NAT Gateway in. This is required with the present option.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Wait for operation to complete before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
320
+ 		+ +
How many seconds to wait for an operation to complete before timing out.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create new nat gateway with client token. + ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + eip_address: 52.1.1.1 + region: ap-southeast-2 + client_token: abcd-12345678 + register: new_nat_gateway + + - name: Create new nat gateway using an allocation-id. + ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + allocation_id: eipalloc-12345678 + region: ap-southeast-2 + register: new_nat_gateway + + - name: Create new nat gateway, using an EIP address and wait for available status. + ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + eip_address: 52.1.1.1 + wait: true + region: ap-southeast-2 + register: new_nat_gateway + + - name: Create new nat gateway and allocate new EIP. + ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + wait: true + region: ap-southeast-2 + register: new_nat_gateway + + - name: Create new nat gateway and allocate new EIP if a nat gateway does not yet exist in the subnet. + ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + wait: true + region: ap-southeast-2 + if_exist_do_not_create: true + register: new_nat_gateway + + - name: Delete nat gateway using discovered nat gateways from facts module. + ec2_vpc_nat_gateway: + state: absent + region: ap-southeast-2 + wait: true + nat_gateway_id: "{{ item.NatGatewayId }}" + release_eip: true + register: delete_nat_gateway_result + loop: "{{ gateways_to_remove.result }}" + + - name: Delete nat gateway and wait for deleted status. + ec2_vpc_nat_gateway: + state: absent + nat_gateway_id: nat-12345678 + wait: true + wait_timeout: 500 + region: ap-southeast-2 + + - name: Delete nat gateway and release EIP. + ec2_vpc_nat_gateway: + state: absent + nat_gateway_id: nat-12345678 + release_eip: true + wait: yes + wait_timeout: 300 + region: ap-southeast-2 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ create_time + +
+ string +
+ 		In all cases. +
The ISO 8601 date time format in UTC.
+
+
Sample:
+
2016-03-05T05:19:20.282000+00:00'
+
+
+ nat_gateway_addresses + +
+ string +
+ 		In all cases. +
List of dictionaries containing the public_ip, network_interface_id, private_ip, and allocation_id.
+
+
Sample:
+
[{'public_ip': '52.52.52.52', 'network_interface_id': 'eni-12345', 'private_ip': '10.0.0.100', 'allocation_id': 'eipalloc-12345'}]
+
+
+ nat_gateway_id + +
+ string +
+ 		In all cases. +
id of the VPC NAT Gateway
+
+
Sample:
+
nat-0d1e3a878585988f8
+
+
+ state + +
+ string +
+ 		In all cases. +
The current state of the NAT Gateway.
+
+
Sample:
+
available
+
+
+ subnet_id + +
+ string +
+ 		In all cases. +
id of the Subnet
+
+
Sample:
+
subnet-12345
+
+
+ vpc_id + +
+ string +
+ 		In all cases. +
id of the VPC.
+
+
Sample:
+
vpc-12345
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Allen Sanabria (@linuxdynasty) +- Jon Hadfield (@jonhadfield) +- Karen Cheng (@Etherdaemon) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info.rst b/docs/community.aws.ec2_vpc_nat_gateway_info.rst new file mode 100644 index 00000000000..46de42a2a8a --- /dev/null +++ b/docs/community.aws.ec2_vpc_nat_gateway_info.rst @@ -0,0 +1,345 @@ + +.. _community.aws.ec2_vpc_nat_gateway_info_: + + +************************************** +community.aws.ec2_vpc_nat_gateway_info +************************************** + +**Retrieves AWS VPC Managed Nat Gateway details using AWS methods.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to AWS VPC Managed Nat Gateways +- This module was called ``ec2_vpc_nat_gateway_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html for possible filters.
+
+
+ nat_gateway_ids + +
+ list + / elements=string
+ 		+ + +
List of specific nat gateway IDs to fetch details for.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all nat gateways + - name: List all managed nat gateways in ap-southeast-2 + ec2_vpc_nat_gateway_info: + region: ap-southeast-2 + register: all_ngws + + - name: Debugging the result + debug: + msg: "{{ all_ngws.result }}" + + - name: Get details on specific nat gateways + ec2_vpc_nat_gateway_info: + nat_gateway_ids: + - nat-1234567891234567 + - nat-7654321987654321 + region: ap-southeast-2 + register: specific_ngws + + - name: Get all nat gateways with specific filters + ec2_vpc_nat_gateway_info: + region: ap-southeast-2 + filters: + state: ['pending'] + register: pending_ngws + + - name: Get nat gateways with specific filter + ec2_vpc_nat_gateway_info: + region: ap-southeast-2 + filters: + subnet-id: subnet-12345678 + state: ['available'] + register: existing_nat_gateways + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ result + +
+ list +
+ 		success +
The result of the describe, converted to ansible snake case style. See http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_nat_gateways for the response.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_peer.rst b/docs/community.aws.ec2_vpc_peer.rst new file mode 100644 index 00000000000..748265d4c0a --- /dev/null +++ b/docs/community.aws.ec2_vpc_peer.rst @@ -0,0 +1,553 @@ + +.. _community.aws.ec2_vpc_peer_: + + +************************** +community.aws.ec2_vpc_peer +************************** + +**create, delete, accept, and reject VPC peering connections between two VPCs.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for VPC Peering Connections https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-peering.html. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ peer_owner_id + +
+ string +
+ 		+ + +
The AWS account number for cross account peering.
+
+
+ peer_region + +
+ string +
+ 		+ + +
Region of the accepting VPC.
+
+
+ peer_vpc_id + +
+ string +
+ 		+ + +
VPC id of the accepting VPC.
+
+
+ peering_id + +
+ string +
+ 		+ + +
Peering connection id.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
  • accept
    • +
  • reject
    • +
+ 		+ +
Create, delete, accept, reject a peering connection.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Dictionary of tags to look for and apply when creating a Peering Connection.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
VPC id of the requesting VPC.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Complete example to create and accept a local peering connection. + - name: Create local account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept local VPC peering request + ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: accept + register: action_peer + + # Complete example to delete a local peering connection. + - name: Create local account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: delete a local VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: absent + register: vpc_peer + + # Complete example to create and accept a cross account peering connection. + - name: Create cross account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-12345678 + peer_owner_id: 123456789102 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept peering connection from remote account + ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + profile: bot03_profile_for_cross_account + state: accept + register: vpc_peer + + # Complete example to create and accept an intra-region peering connection. + - name: Create intra-region VPC peering Connection + ec2_vpc_peer: + region: us-east-1 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + peer_region: us-west-2 + state: present + tags: + Name: Peering connection for us-east-1 VPC to us-west-2 VPC + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept peering connection from peer region + ec2_vpc_peer: + region: us-west-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: accept + register: vpc_peer + + # Complete example to create and reject a local peering connection. + - name: Create local account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Reject a local VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: reject + + # Complete example to create and accept a cross account peering connection. + - name: Create cross account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-12345678 + peer_owner_id: 123456789102 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept a cross account VPC peering connection request + ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + profile: bot03_profile_for_cross_account + state: accept + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + + # Complete example to create and reject a cross account peering connection. + - name: Create cross account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-12345678 + peer_owner_id: 123456789102 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Reject a cross account VPC peering Connection + ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + profile: bot03_profile_for_cross_account + state: reject + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ task + +
+ dictionary +
+ 		success +
The result of the create, accept, reject or delete action.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_peering_info.rst b/docs/community.aws.ec2_vpc_peering_info.rst new file mode 100644 index 00000000000..58b9c7ad460 --- /dev/null +++ b/docs/community.aws.ec2_vpc_peering_info.rst @@ -0,0 +1,337 @@ + +.. _community.aws.ec2_vpc_peering_info_: + + +********************************** +community.aws.ec2_vpc_peering_info +********************************** + +**Retrieves AWS VPC Peering details using AWS methods.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to AWS VPC Peers +- This module was called ``ec2_vpc_peering_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html for possible filters.
+
+
+ peer_connection_ids + +
+ list + / elements=string
+ 		+ + +
List of specific VPC peer IDs to get details for.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all VPC Peers + - name: List all vpc peers + ec2_vpc_peering_info: + region: ap-southeast-2 + register: all_vpc_peers + + - name: Debugging the result + debug: + msg: "{{ all_vpc_peers.result }}" + + - name: Get details on specific VPC peer + ec2_vpc_peering_info: + peer_connection_ids: + - pcx-12345678 + - pcx-87654321 + region: ap-southeast-2 + register: all_vpc_peers + + - name: Get all vpc peers with specific filters + ec2_vpc_peering_info: + region: ap-southeast-2 + filters: + status-code: ['pending-acceptance'] + register: pending_vpc_peers + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ result + +
+ list +
+ 		success +
The result of the describe.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_route_table.rst b/docs/community.aws.ec2_vpc_route_table.rst new file mode 100644 index 00000000000..cefb56f1459 --- /dev/null +++ b/docs/community.aws.ec2_vpc_route_table.rst @@ -0,0 +1,860 @@ + +.. _community.aws.ec2_vpc_route_table_: + + +********************************* +community.aws.ec2_vpc_route_table +********************************* + +**Manage route tables for AWS virtual private clouds** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage route tables for AWS virtual private clouds + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ lookup + +
+ string +
+ 		+
    Choices: +
  • tag ←
    • +
  • id
    • +
+ 		+ +
Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ propagating_vgw_ids + +
+ list + / elements=string
+ 		+ + +
Enable route propagation from virtual gateways specified by ID.
+
+
+ purge_routes + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Purge existing routes that are not found in routes.
+
+
+ purge_subnets + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ Default:
"true"
+ 		+ +
Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Purge existing tags that are not found in route table.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ route_table_id + +
+ string +
+ 		+ + +
The ID of the route table to update or delete.
+
Required when lookup=id.
+
+
+ routes + +
+ list + / elements=dictionary
+ 		+ + +
List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or destroy the VPC route table.
+
+
+ subnets + +
+ list + / elements=string
+ 		+ + +
An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.
+

aliases: resource_tags
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
VPC ID of the VPC in which to create the route table.
+
Required when state=present or lookup=tag.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic creation example: + - name: Set up public subnet route table + ec2_vpc_route_table: + vpc_id: vpc-1245678 + region: us-west-1 + tags: + Name: Public + subnets: + - "{{ jumpbox_subnet.subnet.id }}" + - "{{ frontend_subnet.subnet.id }}" + - "{{ vpn_subnet.subnet_id }}" + routes: + - dest: 0.0.0.0/0 + gateway_id: "{{ igw.gateway_id }}" + register: public_route_table + + - name: Set up NAT-protected route table + ec2_vpc_route_table: + vpc_id: vpc-1245678 + region: us-west-1 + tags: + Name: Internal + subnets: + - "{{ application_subnet.subnet.id }}" + - 'Database Subnet' + - '10.0.0.0/8' + routes: + - dest: 0.0.0.0/0 + instance_id: "{{ nat.instance_id }}" + register: nat_route_table + + - name: delete route table + ec2_vpc_route_table: + vpc_id: vpc-1245678 + region: us-west-1 + route_table_id: "{{ route_table.id }}" + lookup: id + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ route_table + +
+ complex +
+ 		always +
Route Table result
+
+
  +
+ associations + +
+ complex +
+ 		always +
List of subnets associated with the route table
+
+
   +
+ main + +
+ boolean +
+ 		always +
Whether this is the main route table
+
+
   +
+ route_table_association_id + +
+ string +
+ 		always +
ID of association between route table and subnet
+
+
Sample:
+
rtbassoc-ab47cfc3
+
   +
+ route_table_id + +
+ string +
+ 		always +
ID of the route table
+
+
Sample:
+
rtb-bf779ed7
+
   +
+ subnet_id + +
+ string +
+ 		always +
ID of the subnet
+
+
Sample:
+
subnet-82055af9
+
  +
+ id + +
+ string +
+ 		always +
ID of the route table (same as route_table_id for backwards compatibility)
+
+
Sample:
+
rtb-bf779ed7
+
  +
+ propagating_vgws + +
+ list +
+ 		always +
List of Virtual Private Gateways propagating routes
+
+
  +
+ route_table_id + +
+ string +
+ 		always +
ID of the route table
+
+
Sample:
+
rtb-bf779ed7
+
  +
+ routes + +
+ complex +
+ 		always +
List of routes in the route table
+
+
   +
+ destination_cidr_block + +
+ string +
+ 		always +
CIDR block of destination
+
+
Sample:
+
10.228.228.0/22
+
   +
+ gateway_id + +
+ string +
+ 		when gateway is local or internet gateway +
ID of the gateway
+
+
Sample:
+
local
+
   +
+ instance_id + +
+ string +
+ 		when the route is via an EC2 instance +
ID of a NAT instance
+
+
Sample:
+
i-abcd123456789
+
   +
+ instance_owner_id + +
+ string +
+ 		when the route is via an EC2 instance +
AWS account owning the NAT instance
+
+
Sample:
+
123456789012
+
   +
+ nat_gateway_id + +
+ string +
+ 		when the route is via a NAT gateway +
ID of the NAT gateway
+
+
Sample:
+
local
+
   +
+ origin + +
+ string +
+ 		always +
mechanism through which the route is in the table
+
+
Sample:
+
CreateRouteTable
+
   +
+ state + +
+ string +
+ 		always +
state of the route
+
+
Sample:
+
active
+
  +
+ tags + +
+ dictionary +
+ 		always +
Tags applied to the route table
+
+
Sample:
+
{'Name': 'Public route table', 'Public': 'true'}
+
  +
+ vpc_id + +
+ string +
+ 		always +
ID for the VPC in which the route lives
+
+
Sample:
+
vpc-6e2d2407
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Robert Estelle (@erydo) +- Rob White (@wimnat) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_route_table_info.rst b/docs/community.aws.ec2_vpc_route_table_info.rst new file mode 100644 index 00000000000..79b4da3df18 --- /dev/null +++ b/docs/community.aws.ec2_vpc_route_table_info.rst @@ -0,0 +1,285 @@ + +.. _community.aws.ec2_vpc_route_table_info_: + + +************************************** +community.aws.ec2_vpc_route_table_info +************************************** + +**Gather information about ec2 VPC route tables in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 VPC route tables in AWS +- This module was called ``ec2_vpc_route_table_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html for possible filters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all VPC route tables + - ec2_vpc_route_table_info: + + # Gather information about a particular VPC route table using route table ID + - ec2_vpc_route_table_info: + filters: + route-table-id: rtb-00112233 + + # Gather information about any VPC route table with a tag key Name and value Example + - ec2_vpc_route_table_info: + filters: + "tag:Name": Example + + # Gather information about any VPC route table within VPC with ID vpc-abcdef00 + - ec2_vpc_route_table_info: + filters: + vpc-id: vpc-abcdef00 + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vgw.rst b/docs/community.aws.ec2_vpc_vgw.rst new file mode 100644 index 00000000000..d68176c2c7c --- /dev/null +++ b/docs/community.aws.ec2_vpc_vgw.rst @@ -0,0 +1,465 @@ + +.. _community.aws.ec2_vpc_vgw_: + + +************************* +community.aws.ec2_vpc_vgw +************************* + +**Create and delete AWS VPN Virtual Gateways.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS VPN Virtual Gateways +- Deletes AWS VPN Virtual Gateways +- Attaches Virtual Gateways to VPCs +- Detaches Virtual Gateways from VPCs + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ asn + +
+ integer +
+ 		+ + +
the BGP ASN of the amazon side
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
name of the vgw to be created or deleted
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
present to ensure resource is created.
+
absent to remove resource
+
+
+ tags + +
+ dictionary +
+ 		+ + +
dictionary of resource tags
+

aliases: resource_tags
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • ipsec.1 ←
    • +
+ 		+ +
type of the virtual gateway to be created
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
the vpc-id of a vpc to attach or detach
+
+
+ vpn_gateway_id + +
+ string +
+ 		+ + +
vpn gateway id of an existing virtual gateway
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
320
+ 		+ +
number of seconds to wait for status during vpc attach and detach
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new vgw attached to a specific VPC + ec2_vpc_vgw: + state: present + region: ap-southeast-2 + profile: personal + vpc_id: vpc-12345678 + name: personal-testing + type: ipsec.1 + register: created_vgw + + - name: Create a new unattached vgw + ec2_vpc_vgw: + state: present + region: ap-southeast-2 + profile: personal + name: personal-testing + type: ipsec.1 + tags: + environment: production + owner: ABC + register: created_vgw + + - name: Remove a new vgw using the name + ec2_vpc_vgw: + state: absent + region: ap-southeast-2 + profile: personal + name: personal-testing + type: ipsec.1 + register: deleted_vgw + + - name: Remove a new vgw using the vpn_gateway_id + ec2_vpc_vgw: + state: absent + region: ap-southeast-2 + profile: personal + vpn_gateway_id: vgw-3a9aa123 + register: deleted_vgw + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ result + +
+ dictionary +
+ 		success +
The result of the create, or delete action.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vgw_info.rst b/docs/community.aws.ec2_vpc_vgw_info.rst new file mode 100644 index 00000000000..bb46dd0cd17 --- /dev/null +++ b/docs/community.aws.ec2_vpc_vgw_info.rst @@ -0,0 +1,354 @@ + +.. _community.aws.ec2_vpc_vgw_info_: + + +****************************** +community.aws.ec2_vpc_vgw_info +****************************** + +**Gather information about virtual gateways in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about virtual gateways in AWS. +- This module was called ``ec2_vpc_vgw_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html for possible filters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpn_gateway_ids + +
+ list + / elements=string
+ 		+ + +
Get details of a specific Virtual Gateway ID. This value should be provided as a list.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all virtual gateways for an account or profile + ec2_vpc_vgw_info: + region: ap-southeast-2 + profile: production + register: vgw_info + + - name: Gather information about a filtered list of Virtual Gateways + ec2_vpc_vgw_info: + region: ap-southeast-2 + profile: production + filters: + "tag:Name": "main-virt-gateway" + register: vgw_info + + - name: Gather information about a specific virtual gateway by VpnGatewayIds + ec2_vpc_vgw_info: + region: ap-southeast-2 + profile: production + vpn_gateway_ids: vgw-c432f6a7 + register: vgw_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
True if listing the virtual gateways succeeds.
+
+
Sample:
+
false
+
+
+ virtual_gateways + +
+ list +
+ 		always +
The virtual gateways for the account.
+
+
Sample:
+
[{'state': 'available', 'tags': [{'key': 'Name', 'value': 'TEST-VGW'}], 'type': 'ipsec.1', 'vpc_attachments': [{'state': 'attached', 'vpc_id': 'vpc-22a93c74'}], 'vpn_gateway_id': 'vgw-23e3d64e'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vpn.rst b/docs/community.aws.ec2_vpc_vpn.rst new file mode 100644 index 00000000000..c87758b5f59 --- /dev/null +++ b/docs/community.aws.ec2_vpc_vpn.rst @@ -0,0 +1,1012 @@ + +.. _community.aws.ec2_vpc_vpn_: + + +************************* +community.aws.ec2_vpc_vpn +************************* + +**Create, modify, and delete EC2 VPN connections.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module creates, modifies, and deletes VPN connections. Idempotence is achieved by using the filters option or specifying the VPN connection identifier. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ connection_type + +
+ string +
+ 		+ Default:
"ipsec.1"
+ 		+ +
The type of VPN connection.
+
At this time only 'ipsec.1' is supported.
+
+
+ customer_gateway_id + +
+ string +
+ 		+ + +
The ID of the customer gateway.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delay + +
+ integer +
+ 		+ Default:
15
+ 		+ +
The time to wait before checking operation again. in seconds.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
+
+
+ bgp + +
+ - +
+ 		+ + +
The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
+
+
+ cgw + +
+ - +
+ 		+ + +
The customer gateway id as a string or a list of those strings.
+
+
+ cgw-config + +
+ - +
+ 		+ + +
The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
+
+
+ cidr + +
+ - +
+ 		+ + +
The destination cidr of the VPN's route as a string or a list of those strings.
+
+
+ static-routes-only + +
+ - +
+ 		+ + +
The type of routing; true or false.
+
+
+ tag-keys + +
+ - +
+ 		+ + +
The key of a tag as a string or a list of those strings.
+
+
+ tag-values + +
+ - +
+ 		+ + +
The value of a tag as a string or a list of those strings.
+
+
+ tags + +
+ - +
+ 		+ + +
A dict of key value pairs.
+
+
+ vgw + +
+ - +
+ 		+ + +
The virtual private gateway as a string or a list of those strings.
+
+
+ vpn + +
+ - +
+ 		+ + +
The VPN connection id as a string or a list of those strings.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_routes + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not to delete VPN connections routes that are not specified in the task.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ routes + +
+ list + / elements=string
+ 		+ + +
Routes to add to the connection.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
The desired state of the VPN connection.
+
+
+ static_only + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Tags to attach to the VPN connection.
+
+
+ tunnel_options + +
+ list + / elements=dictionary
+ 		+ + +
An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
+
+
+ PreSharedKey + +
+ string +
+ 		+ + +
The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
+
+
+ TunnelInsideCidr + +
+ string +
+ 		+ + +
The range of inside IP addresses for the tunnel.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpn_connection_id + +
+ string +
+ 		+ + +
The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
+
+
+ vpn_gateway_id + +
+ string +
+ 		+ + +
The ID of the virtual private gateway.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
600
+ 		+ +
How long before wait gives up, in seconds.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + - name: create a VPN connection + ec2_vpc_vpn: + state: present + vpn_gateway_id: vgw-XXXXXXXX + customer_gateway_id: cgw-XXXXXXXX + + - name: modify VPN connection tags + ec2_vpc_vpn: + state: present + vpn_connection_id: vpn-XXXXXXXX + tags: + Name: ansible-tag-1 + Other: ansible-tag-2 + + - name: delete a connection + ec2_vpc_vpn: + vpn_connection_id: vpn-XXXXXXXX + state: absent + + - name: modify VPN tags (identifying VPN by filters) + ec2_vpc_vpn: + state: present + filters: + cidr: 194.168.1.0/24 + tag-keys: + - Ansible + - Other + tags: + New: Tag + purge_tags: true + static_only: true + + - name: set up VPN with tunnel options utilizing 'TunnelInsideCidr' only + ec2_vpc_vpn: + state: present + filters: + vpn: vpn-XXXXXXXX + static_only: true + tunnel_options: + - + TunnelInsideCidr: '169.254.100.1/30' + - + TunnelInsideCidr: '169.254.100.5/30' + + - name: add routes and remove any preexisting ones + ec2_vpc_vpn: + state: present + filters: + vpn: vpn-XXXXXXXX + routes: + - 195.168.2.0/24 + - 196.168.2.0/24 + purge_routes: true + + - name: remove all routes + ec2_vpc_vpn: + state: present + vpn_connection_id: vpn-XXXXXXXX + routes: [] + purge_routes: true + + - name: delete a VPN identified by filters + ec2_vpc_vpn: + state: absent + filters: + tags: + Ansible: Tag + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
If the VPN connection has changed.
+
+
Sample:
+
{'changed': True}
+
+
+ customer_gateway_configuration + +
+ string +
+ 		state=present +
The configuration of the VPN connection.
+
+
+
+ customer_gateway_id + +
+ string +
+ 		state=present +
The customer gateway connected via the connection.
+
+
Sample:
+
{'customer_gateway_id': 'cgw-1220c87b'}
+
+
+ options + +
+ complex +
+ 		state=present +
The VPN connection options (currently only containing static_routes_only).
+
+
  +
+ static_routes_only + +
+ string +
+ 		state=present +
If the VPN connection only allows static routes.
+
+
Sample:
+
{'static_routes_only': True}
+
+
+ routes + +
+ list +
+ 		state=present +
The routes of the VPN connection.
+
+
Sample:
+
{'routes': [{'destination_cidr_block': '192.168.1.0/24', 'state': 'available'}]}
+
+
+ state + +
+ string +
+ 		state=present +
The status of the VPN connection.
+
+
Sample:
+
{'state': 'available'}
+
+
+ tags + +
+ dictionary +
+ 		state=present +
The tags associated with the connection.
+
+
Sample:
+
{'tags': {'name': 'ansible-test', 'other': 'tag'}}
+
+
+ type + +
+ string +
+ 		state=present +
The type of VPN connection (currently only ipsec.1 is available).
+
+
Sample:
+
{'type': 'ipsec.1'}
+
+
+ vgw_telemetry + +
+ list +
+ 		state=present +
The telemetry for the VPN tunnel.
+
+
Sample:
+
{'vgw_telemetry': [{'outside_ip_address': 'string', 'status': 'up', 'last_status_change': 'datetime(2015, 1, 1)', 'status_message': 'string', 'accepted_route_count': 123}]}
+
+
+ vpn_connection_id + +
+ string +
+ 		state=present +
The identifier for the VPN connection.
+
+
Sample:
+
{'vpn_connection_id': 'vpn-781e0e19'}
+
+
+ vpn_gateway_id + +
+ string +
+ 		state=present +
The virtual private gateway connected via the connection.
+
+
Sample:
+
{'vpn_gateway_id': 'vgw-cb0ae2a2'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vpn_info.rst b/docs/community.aws.ec2_vpc_vpn_info.rst new file mode 100644 index 00000000000..348794fdb6d --- /dev/null +++ b/docs/community.aws.ec2_vpc_vpn_info.rst @@ -0,0 +1,673 @@ + +.. _community.aws.ec2_vpc_vpn_info_: + + +****************************** +community.aws.ec2_vpc_vpn_info +****************************** + +**Gather information about VPN Connections in AWS.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about VPN Connections in AWS. +- This module was called ``ec2_vpc_vpn_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html for possible filters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpn_connection_ids + +
+ list + / elements=string
+ 		+ + +
Get details of a specific VPN connections using vpn connection ID/IDs. This value should be provided as a list.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + - name: Gather information about all vpn connections + ec2_vpc_vpn_info: + + - name: Gather information about a filtered list of vpn connections, based on tags + ec2_vpc_vpn_info: + filters: + "tag:Name": test-connection + register: vpn_conn_info + + - name: Gather information about vpn connections by specifying connection IDs. + ec2_vpc_vpn_info: + filters: + vpn-gateway-id: vgw-cbe66beb + register: vpn_conn_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ vpn_connections + +
+ complex +
+ 		always +
List of one or more VPN Connections.
+
+
  +
+ category + +
+ string +
+ 		always +
The category of the VPN connection.
+
+
Sample:
+
VPN
+
  +
+ customer_gateway_id + +
+ string +
+ 		always +
The ID of the customer gateway at your end of the VPN connection.
+
+
Sample:
+
cgw-17a53c37
+
  +
+ customer_gatway_configuration + +
+ string +
+ 		always +
The configuration information for the VPN connection's customer gateway (in the native XML format).
+
+
  +
+ options + +
+ dictionary +
+ 		always +
The VPN connection options.
+
+
Sample:
+
{'static_routes_only': False}
+
  +
+ routes + +
+ complex +
+ 		always +
List of static routes associated with the VPN connection.
+
+
   +
+ destination_cidr_block + +
+ string +
+ 		always +
The CIDR block associated with the local subnet of the customer data center.
+
+
Sample:
+
10.0.0.0/16
+
   +
+ state + +
+ string +
+ 		always +
The current state of the static route.
+
+
Sample:
+
available
+
  +
+ state + +
+ string +
+ 		always +
The current state of the VPN connection.
+
+
Sample:
+
available
+
  +
+ tags + +
+ dictionary +
+ 		always +
Any tags assigned to the VPN connection.
+
+
Sample:
+
{'Name': 'test-conn'}
+
  +
+ type + +
+ string +
+ 		always +
The type of VPN connection.
+
+
Sample:
+
ipsec.1
+
  +
+ vgw_telemetry + +
+ complex +
+ 		always +
Information about the VPN tunnel.
+
+
   +
+ accepted_route_count + +
+ integer +
+ 		always +
The number of accepted routes.
+
+
   +
+ certificate_arn + +
+ string +
+ 		when a private certificate is used for authentication +
The Amazon Resource Name of the virtual private gateway tunnel endpoint certificate.
+
+
Sample:
+
arn:aws:acm:us-east-1:123456789101:certificate/c544d8ce-20b8-4fff-98b0-example
+
   +
+ last_status_change + +
+ string +
+ 		always +
The date and time of the last change in status.
+
+
Sample:
+
2018-02-09T14:35:27+00:00
+
   +
+ outside_ip_address + +
+ string +
+ 		always +
The Internet-routable IP address of the virtual private gateway's outside interface.
+
+
Sample:
+
13.127.79.191
+
   +
+ status + +
+ string +
+ 		always +
The status of the VPN tunnel.
+
+
Sample:
+
DOWN
+
   +
+ status_message + +
+ string +
+ 		always +
If an error occurs, a description of the error.
+
+
Sample:
+
IPSEC IS DOWN
+
  +
+ vpn_connection_id + +
+ string +
+ 		always +
The ID of the VPN connection.
+
+
Sample:
+
vpn-f700d5c0
+
  +
+ vpn_gateway_id + +
+ string +
+ 		always +
The ID of the virtual private gateway at the AWS side of the VPN connection.
+
+
Sample:
+
vgw-cbe56bfb
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Madhura Naniwadekar (@Madhura-CSI) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_win_password.rst b/docs/community.aws.ec2_win_password.rst new file mode 100644 index 00000000000..5e1ab3e103c --- /dev/null +++ b/docs/community.aws.ec2_win_password.rst @@ -0,0 +1,393 @@ + +.. _community.aws.ec2_win_password_: + + +****************************** +community.aws.ec2_win_password +****************************** + +**Gets the default administrator password for ec2 windows instances** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets the default administrator password from any EC2 Windows instance. The instance is referenced by its id (e.g. ``i-XXXXXXX``). +- This module has a dependency on python-boto. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- cryptography +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ instance_id + +
+ string + / required
+ 		+ + +
The instance id to get the password data from.
+
+
+ key_data + +
+ string +
+ 		+ + +
The private key (usually stored in vault).
+
Conflicts with key_file,
+
+
+ key_file + +
+ path +
+ 		+ + +
Path to the file containing the key pair used on the instance.
+
Conflicts with key_data.
+
+
+ key_passphrase + +
+ string +
+ 		+ + +
The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) openssl rsa -in current_key -out new_key -des3.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to wait for the password to be available before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
120
+ 		+ +
Number of seconds to wait before giving up.
+
+
+ + +Notes +----- + +.. note:: + - As of Ansible 2.4, this module requires the python cryptography module rather than the older pycrypto module. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Example of getting a password + - name: get the Administrator password + ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_file: "~/aws-creds/my_test_key.pem" + + # Example of getting a password using a variable + - name: get the Administrator password + ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_data: "{{ ec2_private_key }}" + + # Example of getting a password with a password protected key + - name: get the Administrator password + ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_file: "~/aws-creds/my_protected_test_key.pem" + key_passphrase: "secret" + + # Example of waiting for a password + - name: get the Administrator password + ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_file: "~/aws-creds/my_test_key.pem" + wait: yes + wait_timeout: 45 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rick Mendes (@rickmendes) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_attribute.rst b/docs/community.aws.ecs_attribute.rst new file mode 100644 index 00000000000..4ce16e5bff8 --- /dev/null +++ b/docs/community.aws.ecs_attribute.rst @@ -0,0 +1,493 @@ + +.. _community.aws.ecs_attribute_: + + +*************************** +community.aws.ecs_attribute +*************************** + +**manage ecs attributes** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update or delete ECS container instance attributes. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ attributes + +
+ list + / elements=dictionary / required
+ 		+ + +
List of attributes.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, and periods are allowed.
+
+
+ value + +
+ string +
+ 		+ + +
The value of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, periods, at signs (@), forward slashes, colons, and spaces are allowed.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster + +
+ string + / required
+ 		+ + +
The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_instance_id + +
+ string + / required
+ 		+ + +
EC2 instance ID of ECS cluster container instance.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
The desired state of the attributes.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Set attributes + - ecs_attribute: + state: present + cluster: test-cluster + ec2_instance_id: "{{ ec2_id }}" + attributes: + - flavor: test + - migrated + delegate_to: localhost + + # Delete attributes + - ecs_attribute: + state: absent + cluster: test-cluster + ec2_instance_id: "{{ ec2_id }}" + attributes: + - flavor: test + - migrated + delegate_to: localhost + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ attributes + +
+ complex +
+ 		always +
attributes
+
+
  +
+ attributes + +
+ list + / elements=dictionary
+ 		+
list of attributes
+
+
   +
+ name + +
+ string +
+ 		+
name of the attribute
+
+
   +
+ value + +
+ string +
+ 		if present +
value of the attribute
+
+
  +
+ cluster + +
+ string +
+ 		+
cluster name
+
+
  +
+ ec2_instance_id + +
+ string +
+ 		+
ec2 instance id of ecs container instance
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Andrej Svenke (@anryko) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_cluster.rst b/docs/community.aws.ecs_cluster.rst new file mode 100644 index 00000000000..4be505ddd10 --- /dev/null +++ b/docs/community.aws.ecs_cluster.rst @@ -0,0 +1,471 @@ + +.. _community.aws.ecs_cluster_: + + +************************* +community.aws.ecs_cluster +************************* + +**Create or terminate ECS clusters.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or terminates ecs clusters. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delay + +
+ integer +
+ 		+ Default:
10
+ 		+ +
Number of seconds to wait.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The cluster name.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ repeat + +
+ integer +
+ 		+ Default:
10
+ 		+ +
The number of times to wait for the cluster to have an instance.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • has_instances
    • +
+ 		+ +
The desired state of the cluster.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - When deleting a cluster, the information returned is the state of the cluster prior to deletion. + - It will also wait for a cluster to have instances registered to it. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Cluster creation + - ecs_cluster: + name: default + state: present + + # Cluster deletion + - ecs_cluster: + name: default + state: absent + + - name: Wait for register + ecs_cluster: + name: "{{ new_cluster }}" + state: has_instances + delay: 10 + repeat: 10 + register: task_output + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ activeServicesCount + +
+ integer +
+ 		0 if a new cluster +
how many services are active in this cluster
+
+
+
+ clusterArn + +
+ string +
+ 		0 if a new cluster +
the ARN of the cluster just created
+
+
Sample:
+
arn:aws:ecs:us-west-2:172139249013:cluster/test-cluster-mfshcdok
+
+
+ clusterName + +
+ string +
+ 		always +
name of the cluster just created (should match the input argument)
+
+
Sample:
+
test-cluster-mfshcdok
+
+
+ pendingTasksCount + +
+ integer +
+ 		0 if a new cluster +
how many tasks are waiting to run in this cluster
+
+
+
+ registeredContainerInstancesCount + +
+ integer +
+ 		0 if a new cluster +
how many container instances are available in this cluster
+
+
+
+ runningTasksCount + +
+ integer +
+ 		0 if a new cluster +
how many tasks are running in this cluster
+
+
+
+ status + +
+ string +
+ 		always +
the status of the new cluster
+
+
Sample:
+
ACTIVE
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_ecr.rst b/docs/community.aws.ecs_ecr.rst new file mode 100644 index 00000000000..7f62c640470 --- /dev/null +++ b/docs/community.aws.ecs_ecr.rst @@ -0,0 +1,561 @@ + +.. _community.aws.ecs_ecr_: + + +********************* +community.aws.ecs_ecr +********************* + +**Manage Elastic Container Registry repositories** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage Elastic Container Registry repositories. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ force_set_policy + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If force_set_policy=false, it prevents setting a policy that would prevent you from setting another policy in the future.
+
+
+ image_tag_mutability + +
+ string +
+ 		+
    Choices: +
  • mutable ←
    • +
  • immutable
    • +
+ 		+ +
Configure whether repository should be mutable (ie. an already existing tag can be overwritten) or not.
+
+
+ lifecycle_policy + +
+ json +
+ 		+ + +
JSON or dict that represents the new lifecycle policy
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the repository.
+
+
+ policy + +
+ json +
+ 		+ + +
JSON or dict that represents the new policy.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_lifecycle_policy + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
if yes, remove the lifecycle policy from the repository
+
+
+ purge_policy + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If yes, remove the policy from the repository.
+
Alias delete_policy has been deprecated and will be removed in Ansible 2.14
+

aliases: delete_policy
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ registry_id + +
+ string +
+ 		+ + +
AWS account id associated with the registry.
+
If not specified, the default registry is assumed.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or destroy the repository.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # If the repository does not exist, it is created. If it does exist, would not + # affect any policies already on it. + - name: ecr-repo + ecs_ecr: name=super/cool + + - name: destroy-ecr-repo + ecs_ecr: name=old/busted state=absent + + - name: Cross account ecr-repo + ecs_ecr: registry_id=999999999999 name=cross/account + + - name: set-policy as object + ecs_ecr: + name: needs-policy-object + policy: + Version: '2008-10-17' + Statement: + - Sid: read-only + Effect: Allow + Principal: + AWS: '{{ read_only_arn }}' + Action: + - ecr:GetDownloadUrlForLayer + - ecr:BatchGetImage + - ecr:BatchCheckLayerAvailability + + - name: set-policy as string + ecs_ecr: + name: needs-policy-string + policy: "{{ lookup('template', 'policy.json.j2') }}" + + - name: delete-policy + ecs_ecr: + name: needs-no-policy + purge_policy: yes + + - name: create immutable ecr-repo + ecs_ecr: + name: super/cool + image_tag_mutability: immutable + + - name: set-lifecycle-policy + ecs_ecr: + name: needs-lifecycle-policy + lifecycle_policy: + rules: + - rulePriority: 1 + description: new policy + selection: + tagStatus: untagged + countType: sinceImagePushed + countUnit: days + countNumber: 365 + action: + type: expire + + - name: purge-lifecycle-policy + ecs_ecr: + name: needs-no-lifecycle-policy + purge_lifecycle_policy: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ created + +
+ boolean +
+ 		always +
If true, the repository was created
+
+
+
+ name + +
+ string +
+ 		when state == 'absent' +
The name of the repository
+
+
+
+ repository + +
+ dictionary +
+ 		when state == 'present' +
The created or updated repository
+
+
Sample:
+
{'createdAt': '2017-01-17T08:41:32-06:00', 'registryId': '999999999999', 'repositoryArn': 'arn:aws:ecr:us-east-1:999999999999:repository/ecr-test-1484664090', 'repositoryName': 'ecr-test-1484664090', 'repositoryUri': '999999999999.dkr.ecr.us-east-1.amazonaws.com/ecr-test-1484664090'}
+
+
+ state + +
+ string +
+ 		always +
The asserted state of the repository (present, absent)
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- David M. Lee (@leedm777) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_service.rst b/docs/community.aws.ecs_service.rst new file mode 100644 index 00000000000..4b9f8b9fa77 --- /dev/null +++ b/docs/community.aws.ecs_service.rst @@ -0,0 +1,1725 @@ + +.. _community.aws.ecs_service_: + + +************************* +community.aws.ecs_service +************************* + +**Create, terminate, start or stop a service in ECS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or terminates ECS. services. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ client_token + +
+ string +
+ 		+ + +
Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
+
+
+ cluster + +
+ string +
+ 		+ + +
The name of the cluster in which the service exists.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delay + +
+ integer +
+ 		+ Default:
10
+ 		+ +
The time to wait before checking that the service is available.
+
+
+ deployment_configuration + +
+ dictionary +
+ 		+ + +
Optional parameters that control the deployment_configuration.
+
Format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
+
+
+ maximum_percent + +
+ integer +
+ 		+ + +
Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment.
+
+
+ minimum_healthy_percent + +
+ integer +
+ 		+ + +
A lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment.
+
+
+ desired_count + +
+ integer +
+ 		+ + +
The count of how many instances of the service.
+
This parameter is required when state=present.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ force_new_deployment + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Force deployment of service even if there are no changes.
+
+
+ health_check_grace_period_seconds + +
+ integer +
+ 		+ + +
Seconds to wait before health checking the freshly added/updated services.
+
This option requires botocore >= 1.8.20.
+
+
+ launch_type + +
+ string +
+ 		+
    Choices: +
  • EC2
    • +
  • FARGATE
    • +
+ 		+ +
The launch type on which to run your service.
+
+
+ load_balancers + +
+ list + / elements=string
+ 		+ + +
The list of ELBs defined for this service.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the service.
+
+
+ network_configuration + +
+ dictionary +
+ 		+ + +
Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
+
assign_public_ip requires botocore >= 1.8.4
+
+
+ assign_public_ip + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether the task's elastic network interface receives a public IP address.
+
This option requires botocore >= 1.8.4.
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
A list of security group names or group IDs to associate with the task
+
+
+ subnets + +
+ list + / elements=string
+ 		+ + +
A list of subnet IDs to associate with the task
+
+
+ placement_constraints + +
+ list + / elements=dictionary
+ 		+ + +
The placement constraints for the tasks in the service.
+ +
+
+ expression + +
+ string +
+ 		+ + +
A cluster query language expression to apply to the constraint.
+
+
+ type + +
+ string +
+ 		+ + +
The type of constraint.
+
+
+ placement_strategy + +
+ list + / elements=dictionary
+ 		+ + +
The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service.
+
+
+ field + +
+ string +
+ 		+ + +
The field to apply the placement strategy against.
+
+
+ type + +
+ string +
+ 		+ + +
The type of placement strategy.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ repeat + +
+ integer +
+ 		+ Default:
10
+ 		+ +
The number of times to check that the service is available.
+
+
+ role + +
+ string +
+ 		+ + +
The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf.
+
This parameter is only required if you are using a load balancer with your service in a network mode other than awsvpc.
+
+
+ scheduling_strategy + +
+ string +
+ 		+
    Choices: +
  • DAEMON
    • +
  • REPLICA
    • +
+ 		+ +
The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ service_registries + +
+ list + / elements=dictionary
+ 		+ + +
Describes service discovery registries this service will register with.
+
+
+ arn + +
+ string +
+ 		+ + +
Service discovery registry ARN
+
+
+ container_name + +
+ string +
+ 		+ + +
container name for service discovery registration
+
+
+ container_port + +
+ integer +
+ 		+ + +
container port for service discovery registration
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • deleting
    • +
+ 		+ +
The desired state of the service.
+
+
+ task_definition + +
+ string +
+ 		+ + +
The task definition the service will run.
+
This parameter is required when state=present.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - The service role specified must be assumable. (i.e. have a trust relationship for the ecs service, ecs.amazonaws.com) + - For details of the parameters and returns see https://boto3.readthedocs.io/en/latest/reference/services/ecs.html. + - An IAM role must have been previously created. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic provisioning example + - ecs_service: + state: present + name: console-test-service + cluster: new_cluster + task_definition: 'new_cluster-task:1' + desired_count: 0 + + - name: create ECS service on VPC network + ecs_service: + state: present + name: console-test-service + cluster: new_cluster + task_definition: 'new_cluster-task:1' + desired_count: 0 + network_configuration: + subnets: + - subnet-abcd1234 + security_groups: + - sg-aaaa1111 + - my_security_group + + # Simple example to delete + - ecs_service: + name: default + state: absent + cluster: new_cluster + + # With custom deployment configuration (added in version 2.3), placement constraints and strategy (added in version 2.4) + - ecs_service: + state: present + name: test-service + cluster: test-cluster + task_definition: test-task-definition + desired_count: 3 + deployment_configuration: + minimum_healthy_percent: 75 + maximum_percent: 150 + placement_constraints: + - type: memberOf + expression: 'attribute:flavor==test' + placement_strategy: + - type: binpack + field: memory + + + +Returned Facts +-------------- +Facts returned by this module are added/updated in the ``hostvars`` host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them. + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FactReturnedDescription
+
+ service + +
+ complex +
+ 		when service existed and was deleted +
Details of deleted service. +
+
+
+
+ clusterArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the of the cluster that hosts the service. +
+
+
+
+ deploymentConfiguration + +
+ complex +
+ 		always +
dictionary of deploymentConfiguration +
+
+
+
+ maximumPercent + +
+ integer +
+ 		always +
maximumPercent param +
+
+
+
+ minimumHealthyPercent + +
+ integer +
+ 		always +
minimumHealthyPercent param +
+
+
+
+ deployments + +
+ list + / elements=dictionary
+ 		always +
list of service deployments +
+
+
+
+ desiredCount + +
+ integer +
+ 		always +
The desired number of instantiations of the task definition to keep running on the service. +
+
+
+
+ events + +
+ list + / elements=dictionary
+ 		always +
list of service events +
+
+
+
+ loadBalancers + +
+ complex +
+ 		always +
A list of load balancer objects +
+
+
+
+ containerName + +
+ string +
+ 		always +
The name of the container to associate with the load balancer. +
+
+
+
+ containerPort + +
+ integer +
+ 		always +
The port on the container to associate with the load balancer. +
+
+
+
+ loadBalancerName + +
+ string +
+ 		always +
the name +
+
+
+
+ pendingCount + +
+ integer +
+ 		always +
The number of tasks in the cluster that are in the PENDING state. +
+
+
+
+ placementConstraints + +
+ list + / elements=dictionary
+ 		always +
List of placement constraints objects +
+
+
+
+ expression + +
+ string +
+ 		always +
A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance. +
+
+
+
+ type + +
+ string +
+ 		always +
The type of constraint. Valid values are distinctInstance and memberOf. +
+
+
+
+ placementStrategy + +
+ list + / elements=dictionary
+ 		always +
List of placement strategy objects +
+
+
+
+ field + +
+ string +
+ 		always +
The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY. +
+
+
+
+ type + +
+ string +
+ 		always +
The type of placement strategy. Valid values are random, spread and binpack. +
+
+
+
+ runningCount + +
+ integer +
+ 		always +
The number of tasks in the cluster that are in the RUNNING state. +
+
+
+
+ serviceArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service . +
+
+
+
+ serviceName + +
+ string +
+ 		always +
A user-generated string used to identify the service +
+
+
+
+ status + +
+ string +
+ 		always +
The valid values are ACTIVE, DRAINING, or INACTIVE. +
+
+
+
+ taskDefinition + +
+ string +
+ 		always +
The ARN of a task definition to use for tasks in the service. +
+
+
+

+ + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ service + +
+ complex +
+ 		when creating a service +
Details of created service.
+
+
  +
+ clusterArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
+
+
  +
+ deploymentConfiguration + +
+ complex +
+ 		always +
dictionary of deploymentConfiguration
+
+
   +
+ maximumPercent + +
+ integer +
+ 		always +
maximumPercent param
+
+
   +
+ minimumHealthyPercent + +
+ integer +
+ 		always +
minimumHealthyPercent param
+
+
  +
+ deployments + +
+ list + / elements=dictionary
+ 		always +
list of service deployments
+
+
  +
+ desiredCount + +
+ integer +
+ 		always +
The desired number of instantiations of the task definition to keep running on the service.
+
+
  +
+ events + +
+ list + / elements=dictionary
+ 		always +
list of service events
+
+
  +
+ loadBalancers + +
+ complex +
+ 		always +
A list of load balancer objects
+
+
   +
+ containerName + +
+ string +
+ 		always +
The name of the container to associate with the load balancer.
+
+
   +
+ containerPort + +
+ integer +
+ 		always +
The port on the container to associate with the load balancer.
+
+
   +
+ loadBalancerName + +
+ string +
+ 		always +
the name
+
+
  +
+ pendingCount + +
+ integer +
+ 		always +
The number of tasks in the cluster that are in the PENDING state.
+
+
  +
+ placementConstraints + +
+ list + / elements=dictionary
+ 		always +
List of placement constraints objects
+
+
   +
+ expression + +
+ string +
+ 		always +
A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.
+
+
   +
+ type + +
+ string +
+ 		always +
The type of constraint. Valid values are distinctInstance and memberOf.
+
+
  +
+ placementStrategy + +
+ list + / elements=dictionary
+ 		always +
List of placement strategy objects
+
+
   +
+ field + +
+ string +
+ 		always +
The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.
+
+
   +
+ type + +
+ string +
+ 		always +
The type of placement strategy. Valid values are random, spread and binpack.
+
+
  +
+ runningCount + +
+ integer +
+ 		always +
The number of tasks in the cluster that are in the RUNNING state.
+
+
  +
+ serviceArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
+
+
  +
+ serviceName + +
+ string +
+ 		always +
A user-generated string used to identify the service
+
+
  +
+ status + +
+ string +
+ 		always +
The valid values are ACTIVE, DRAINING, or INACTIVE.
+
+
  +
+ taskDefinition + +
+ string +
+ 		always +
The ARN of a task definition to use for tasks in the service.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) +- Darek Kaczynski (@kaczynskid) +- Stephane Maarek (@simplesteph) +- Zac Blazic (@zacblazic) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_service_info.rst b/docs/community.aws.ecs_service_info.rst new file mode 100644 index 00000000000..7d2bdc31177 --- /dev/null +++ b/docs/community.aws.ecs_service_info.rst @@ -0,0 +1,600 @@ + +.. _community.aws.ecs_service_info_: + + +****************************** +community.aws.ecs_service_info +****************************** + +**List or describe services in ECS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Lists or describes services in ECS. +- This module was called ``ecs_service_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`ecs_service_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster + +
+ string +
+ 		+ + +
The cluster ARNS in which to list the services.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ details + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Set this to true if you want detailed information about the services.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ events + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to return ECS service events. Only has an effect if details=true.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ service + +
+ list + / elements=string
+ 		+ + +
One or more services to get details for
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic listing example + - ecs_service_info: + cluster: test-cluster + service: console-test-service + details: true + register: output + + # Basic listing example + - ecs_service_info: + cluster: test-cluster + register: output + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ services + +
+ complex +
+ 		success +
When details is false, returns an array of service ARNs, otherwise an array of complex objects as described below.
+
+
  +
+ clusterArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
+
+
  +
+ deployments + +
+ list + / elements=dictionary
+ 		always +
list of service deployments
+
+
  +
+ desiredCount + +
+ integer +
+ 		always +
The desired number of instantiations of the task definition to keep running on the service.
+
+
  +
+ events + +
+ list + / elements=dictionary
+ 		when events is true +
list of service events
+
+
  +
+ loadBalancers + +
+ complex +
+ 		always +
A list of load balancer objects
+
+
   +
+ containerName + +
+ string +
+ 		always +
The name of the container to associate with the load balancer.
+
+
   +
+ containerPort + +
+ integer +
+ 		always +
The port on the container to associate with the load balancer.
+
+
   +
+ loadBalancerName + +
+ string +
+ 		always +
the name
+
+
  +
+ pendingCount + +
+ integer +
+ 		always +
The number of tasks in the cluster that are in the PENDING state.
+
+
  +
+ runningCount + +
+ integer +
+ 		always +
The number of tasks in the cluster that are in the RUNNING state.
+
+
  +
+ serviceArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
+
+
  +
+ serviceName + +
+ string +
+ 		always +
A user-generated string used to identify the service
+
+
  +
+ status + +
+ string +
+ 		always +
The valid values are ACTIVE, DRAINING, or INACTIVE.
+
+
  +
+ taskDefinition + +
+ string +
+ 		always +
The ARN of a task definition to use for tasks in the service.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) +- Darek Kaczynski (@kaczynskid) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_tag.rst b/docs/community.aws.ecs_tag.rst new file mode 100644 index 00000000000..1ee18808698 --- /dev/null +++ b/docs/community.aws.ecs_tag.rst @@ -0,0 +1,464 @@ + +.. _community.aws.ecs_tag_: + + +********************* +community.aws.ecs_tag +********************* + +**create and remove tags on Amazon ECS resources** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and removes tags for Amazon ECS resources. +- Resources are referenced by their cluster name. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster_name + +
+ string + / required
+ 		+ + +
The name of the cluster whose resources we are tagging.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether unspecified tags should be removed from the resource.
+
Note that when combined with state=absent, specified tags with non-matching values are not purged.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ resource + +
+ string +
+ 		+ + +
The ECS resource name.
+
Required unless resource_type=cluster.
+
+
+ resource_type + +
+ string +
+ 		+
    Choices: +
  • cluster ←
    • +
  • task
    • +
  • service
    • +
  • task_definition
    • +
  • container
    • +
+ 		+ +
The type of resource.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether the tags should be present or absent on the resource.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of tags to add or remove from the resource.
+
If the value provided for a tag is null and state=absent, the tag will be removed regardless of its current value.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - none + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Ensure tags are present on a resource + ecs_tag: + cluster_name: mycluster + resource_type: cluster + state: present + tags: + Name: ubervol + env: prod + + - name: Remove the Env tag + ecs_tag: + cluster_name: mycluster + resource_type: cluster + tags: + Env: + state: absent + + - name: Remove the Env tag if it's currently 'development' + ecs_tag: + cluster_name: mycluster + resource_type: cluster + tags: + Env: development + state: absent + + - name: Remove all tags except for Name from a cluster + ecs_tag: + cluster_name: mycluster + resource_type: cluster + tags: + Name: foo + state: absent + purge_tags: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ added_tags + +
+ dictionary +
+ 		If tags were added +
A dict of tags that were added to the resource
+
+
+
+ removed_tags + +
+ dictionary +
+ 		If tags were removed +
A dict of tags that were removed from the resource
+
+
+
+ tags + +
+ dictionary +
+ 		always +
A dict containing the tags on the resource
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael Pechner (@mpechner) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_task.rst b/docs/community.aws.ecs_task.rst new file mode 100644 index 00000000000..aef79a72482 --- /dev/null +++ b/docs/community.aws.ecs_task.rst @@ -0,0 +1,794 @@ + +.. _community.aws.ecs_task_: + + +********************** +community.aws.ecs_task +********************** + +**Run, start or stop a task in ecs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or deletes instances of task definitions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster + +
+ string +
+ 		+ + +
The name of the cluster to run the task on.
+
+
+ container_instances + +
+ list + / elements=string
+ 		+ + +
The list of container instances on which to deploy the task.
+
+
+ count + +
+ integer +
+ 		+ + +
How many new instances to start.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ launch_type + +
+ string +
+ 		+
    Choices: +
  • EC2
    • +
  • FARGATE
    • +
+ 		+ +
The launch type on which to run your service.
+
+
+ network_configuration + +
+ dictionary +
+ 		+ + +
Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
A list of group names or group IDs for the task.
+
+
+ subnets + +
+ list + / elements=string
+ 		+ + +
A list of subnet IDs to which the task is attached.
+
+
+ operation + +
+ string + / required
+ 		+
    Choices: +
  • run
    • +
  • start
    • +
  • stop
    • +
+ 		+ +
Which task operation to execute.
+
+
+ overrides + +
+ dictionary +
+ 		+ + +
A dictionary of values to pass to the new instances.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ started_by + +
+ string +
+ 		+ + +
A value showing who or what started the task (for informational purposes).
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Tags that will be added to ecs tasks on start and run
+
+
+ task + +
+ string +
+ 		+ + +
The task to stop.
+
+
+ task_definition + +
+ string +
+ 		+ + +
The task definition to start or run.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of run task + - name: Run task + ecs_task: + operation: run + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + count: 1 + started_by: ansible_user + register: task_output + + # Simple example of start task + + - name: Start a task + ecs_task: + operation: start + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" + tags: + resourceName: a_task_for_ansible_to_run + type: long_running_task + network: internal + version: 1.4 + container_instances: + - arn:aws:ecs:us-west-2:172139249013:container-instance/79c23f22-876c-438a-bddf-55c98a3538a8 + started_by: ansible_user + network_configuration: + subnets: + - subnet-abcd1234 + security_groups: + - sg-aaaa1111 + - my_security_group + register: task_output + + - name: RUN a task on Fargate + ecs_task: + operation: run + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" + started_by: ansible_user + launch_type: FARGATE + network_configuration: + subnets: + - subnet-abcd1234 + security_groups: + - sg-aaaa1111 + - my_security_group + register: task_output + + - name: Stop a task + ecs_task: + operation: stop + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ task + +
+ complex +
+ 		success +
details about the task that was started
+
+
  +
+ clusterArn + +
+ string +
+ 		only when details is true +
The Amazon Resource Name (ARN) of the of the cluster that hosts the task.
+
+
  +
+ containerInstanceArn + +
+ string +
+ 		only when details is true +
The Amazon Resource Name (ARN) of the container running the task.
+
+
  +
+ containers + +
+ list + / elements=dictionary
+ 		only when details is true +
The container details.
+
+
  +
+ createdAt + +
+ string +
+ 		only when details is true +
The timestamp of when the task was created.
+
+
  +
+ desiredStatus + +
+ string +
+ 		only when details is true +
The desired status of the task.
+
+
  +
+ lastStatus + +
+ string +
+ 		only when details is true +
The last recorded status of the task.
+
+
  +
+ launchType + +
+ string +
+ 		always +
The launch type on which to run your task.
+
+
  +
+ overrides + +
+ list + / elements=dictionary
+ 		only when details is true +
The container overrides set for this task.
+
+
  +
+ startedAt + +
+ string +
+ 		only when details is true +
The timestamp of when the task was started.
+
+
  +
+ startedBy + +
+ string +
+ 		only when details is true +
The used who started the task.
+
+
  +
+ stoppedAt + +
+ string +
+ 		only when details is true +
The timestamp of when the task was stopped.
+
+
  +
+ stoppedReason + +
+ string +
+ 		only when details is true +
The reason why the task was stopped.
+
+
  +
+ taskArn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) that identifies the task.
+
+
  +
+ taskDefinitionArn + +
+ string +
+ 		only when details is true +
The Amazon Resource Name (ARN) of the task definition.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_taskdefinition.rst b/docs/community.aws.ecs_taskdefinition.rst new file mode 100644 index 00000000000..9794ec712bc --- /dev/null +++ b/docs/community.aws.ecs_taskdefinition.rst @@ -0,0 +1,638 @@ + +.. _community.aws.ecs_taskdefinition_: + + +******************************** +community.aws.ecs_taskdefinition +******************************** + +**register a task definition in ecs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Registers or deregisters task definitions in the Amazon Web Services (AWS) EC2 Container Service (ECS). + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ arn + +
+ string +
+ 		+ + +
The ARN of the task description to delete.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ containers + +
+ list + / elements=string
+ 		+ + +
A list of containers definitions.
+
+
+ cpu + +
+ string +
+ 		+ + +
The number of cpu units used by the task. If using the EC2 launch type, this field is optional and any value can be used.
+
If using the Fargate launch type, this field is required and you must use one of 256, 512, 1024, 2048, 4096.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ execution_role_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.
+
+
+ family + +
+ string +
+ 		+ + +
A Name that would be given to the task definition.
+
+
+ force_create + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Always create new task definition.
+
+
+ launch_type + +
+ string +
+ 		+
    Choices: +
  • EC2
    • +
  • FARGATE
    • +
+ 		+ +
The launch type on which to run your task.
+
+
+ memory + +
+ string +
+ 		+ + +
The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
+
If using the Fargate launch type, this field is required and is limited by the cpu.
+
+
+ network_mode + +
+ string +
+ 		+
    Choices: +
  • default
    • +
  • bridge ←
    • +
  • host
    • +
  • none
    • +
  • awsvpc
    • +
+ 		+ +
The Docker networking mode to use for the containers in the task.
+
awsvpc mode was added in Ansible 2.5
+
Windows containers must use network_mode=default, which will utilize docker NAT networking.
+
Setting network_mode=default for a Linux container will use bridge mode.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ revision + +
+ integer +
+ 		+ + +
A revision number for the task definition.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
State whether the task definition should exist or be deleted.
+
+
+ task_role_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ volumes + +
+ list + / elements=dictionary
+ 		+ + +
A list of names of volumes to be attached.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the volume.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create task definition + ecs_taskdefinition: + containers: + - name: simple-app + cpu: 10 + essential: true + image: "httpd:2.4" + memory: 300 + mountPoints: + - containerPath: /usr/local/apache2/htdocs + sourceVolume: my-vol + portMappings: + - containerPort: 80 + hostPort: 80 + logConfiguration: + logDriver: awslogs + options: + awslogs-group: /ecs/test-cluster-taskdef + awslogs-region: us-west-2 + awslogs-stream-prefix: ecs + - name: busybox + command: + - > + /bin/sh -c "while true; do echo 'Amazon ECS Sample App

Amazon ECS Sample App

Congratulations! +

Your application is now running on a container in Amazon ECS.

' > top; /bin/date > date ; echo '
' > bottom; + cat top date bottom > /usr/local/apache2/htdocs/index.html ; sleep 1; done" + cpu: 10 + entryPoint: + - sh + - "-c" + essential: false + image: busybox + memory: 200 + volumesFrom: + - sourceContainer: simple-app + volumes: + - name: my-vol + family: test-cluster-taskdef + state: present + register: task_output + + - name: Create task definition + ecs_taskdefinition: + family: nginx + containers: + - name: nginx + essential: true + image: "nginx" + portMappings: + - containerPort: 8080 + hostPort: 8080 + cpu: 512 + memory: 1024 + state: present + + - name: Create task definition + ecs_taskdefinition: + family: nginx + containers: + - name: nginx + essential: true + image: "nginx" + portMappings: + - containerPort: 8080 + hostPort: 8080 + launch_type: FARGATE + cpu: 512 + memory: 1024 + state: present + network_mode: awsvpc + + # Create Task Definition with Environment Variables and Secrets + - name: Create task definition + ecs_taskdefinition: + family: nginx + containers: + - name: nginx + essential: true + image: "nginx" + environment: + - name: "PORT" + value: "8080" + secrets: + # For variables stored in Secrets Manager + - name: "NGINX_HOST" + valueFrom: "arn:aws:secretsmanager:us-west-2:123456789012:secret:nginx/NGINX_HOST" + # For variables stored in Parameter Store + - name: "API_KEY" + valueFrom: "arn:aws:ssm:us-west-2:123456789012:parameter/nginx/API_KEY" + launch_type: FARGATE + cpu: 512 + memory: 1GB + state: present + network_mode: awsvpc + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ taskdefinition + +
+ dictionary +
+ 		always +
a reflection of the input parameters
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_taskdefinition_info.rst b/docs/community.aws.ecs_taskdefinition_info.rst new file mode 100644 index 00000000000..2610291e4e7 --- /dev/null +++ b/docs/community.aws.ecs_taskdefinition_info.rst @@ -0,0 +1,1265 @@ + +.. _community.aws.ecs_taskdefinition_info_: + + +************************************* +community.aws.ecs_taskdefinition_info +************************************* + +**Describe a task definition in ECS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Describes a task definition in ECS. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ task_definition + +
+ string + / required
+ 		+ + +
The name of the task definition to get details for
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition + - This module was called ``ecs_taskdefinition_facts`` before Ansible 2.9. The usage did not change. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - ecs_taskdefinition_info: + task_definition: test-td + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ container_definitions + +
+ complex +
+ 		success +
Returns a list of complex objects representing the containers
+
+
  +
+ command + +
+ string +
+ 		when present +
The command that is passed to the container.
+
+
  +
+ cpu + +
+ integer +
+ 		always +
The number of cpu units reserved for the container.
+
+
  +
+ disableNetworking + +
+ boolean +
+ 		when present +
When this parameter is true, networking is disabled within the container.
+
+
  +
+ dnsSearchDomains + +
+ string +
+ 		when present +
A list of DNS search domains that are presented to the container.
+
+
  +
+ dnsServers + +
+ string +
+ 		when present +
A list of DNS servers that are presented to the container.
+
+
  +
+ dockerLabels + +
+ string +
+ 		when present +
A key/value map of labels to add to the container.
+
+
  +
+ dockerSecurityOptions + +
+ string +
+ 		when present +
A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems.
+
+
  +
+ entryPoint + +
+ string +
+ 		when present +
The entry point that is passed to the container.
+
+
  +
+ environment + +
+ complex +
+ 		always +
The environment variables to pass to a container.
+
+
   +
+ name + +
+ string +
+ 		when present +
The name of the environment variable.
+
+
   +
+ value + +
+ string +
+ 		when present +
The value of the environment variable.
+
+
  +
+ essential + +
+ boolean +
+ 		always +
Whether this is an essential container or not.
+
+
  +
+ extraHosts + +
+ complex +
+ 		when present +
A list of hostnames and IP address mappings to append to the /etc/hosts file on the container.
+
+
   +
+ hostname + +
+ string +
+ 		when present +
The hostname to use in the /etc/hosts entry.
+
+
   +
+ ipAddress + +
+ string +
+ 		when present +
The IP address to use in the /etc/hosts entry.
+
+
  +
+ hostname + +
+ string +
+ 		when present +
The hostname to use for your container.
+
+
  +
+ image + +
+ string +
+ 		always +
The image used to start a container.
+
+
  +
+ links + +
+ string +
+ 		when present +
Links to other containers.
+
+
  +
+ logConfiguration + +
+ string +
+ 		when present +
The log configuration specification for the container.
+
+
  +
+ memoryReservation + +
+ integer +
+ 		when present +
The soft limit (in MiB) of memory to reserve for the container.
+
+
  +
+ mountPoints + +
+ complex +
+ 		always +
The mount points for data volumes in your container.
+
+
   +
+ containerPath + +
+ string +
+ 		when present +
The path on the container to mount the host volume at.
+
+
   +
+ readOnly + +
+ boolean +
+ 		when present +
If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
+
+
   +
+ sourceVolume + +
+ string +
+ 		when present +
The name of the volume to mount.
+
+
  +
+ name + +
+ string +
+ 		always +
The name of a container.
+
+
  +
+ options + +
+ string +
+ 		when present +
The configuration options to send to the log driver.
+
+
  +
+ portMappings + +
+ complex +
+ 		always +
The list of port mappings for the container.
+
+
   +
+ containerPort + +
+ integer +
+ 		when present +
The port number on the container.
+
+
   +
+ hostPort + +
+ integer +
+ 		when present +
The port number on the container instance to reserve for your container.
+
+
   +
+ protocol + +
+ string +
+ 		when present +
The protocol used for the port mapping.
+
+
  +
+ privileged + +
+ boolean +
+ 		when present +
When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
+
+
  +
+ readonlyRootFilesystem + +
+ boolean +
+ 		when present +
When this parameter is true, the container is given read-only access to its root file system.
+
+
  +
+ ulimits + +
+ complex +
+ 		when present +
A list of ulimits to set in the container.
+
+
   +
+ hardLimit + +
+ integer +
+ 		when present +
The hard limit for the ulimit type.
+
+
   +
+ name + +
+ string +
+ 		when present +
The type of the ulimit .
+
+
   +
+ softLimit + +
+ integer +
+ 		when present +
The soft limit for the ulimit type.
+
+
  +
+ user + +
+ string +
+ 		when present +
The user name to use inside the container.
+
+
  +
+ volumesFrom + +
+ complex +
+ 		always +
Data volumes to mount from another container.
+
+
   +
+ readOnly + +
+ boolean +
+ 		when present +
If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
+
+
   +
+ sourceContainer + +
+ string +
+ 		when present +
The name of another container within the same task definition to mount volumes from.
+
+
  +
+ workingDirectory + +
+ string +
+ 		when present +
The working directory in which to run commands inside the container.
+
+
+
+ family + +
+ string +
+ 		always +
The family of your task definition, used as the definition name
+
+
+
+ network_mode + +
+ string +
+ 		always +
Network mode for the containers
+
+
+
+ placement_constraints + +
+ complex +
+ 		always +
A list of placement constraint objects to use for tasks
+
+
  +
+ expression + +
+ string +
+ 		when present +
A cluster query language expression to apply to the constraint.
+
+
  +
+ type + +
+ string +
+ 		when present +
The type of constraint.
+
+
+
+ requires_attributes + +
+ complex +
+ 		when present +
The container instance attributes required by your task
+
+
  +
+ name + +
+ string +
+ 		when present +
The name of the attribute.
+
+
  +
+ targetId + +
+ string +
+ 		when present +
The ID of the target.
+
+
  +
+ targetType + +
+ string +
+ 		when present +
The type of the target with which to attach the attribute.
+
+
  +
+ value + +
+ string +
+ 		when present +
The value of the attribute.
+
+
+
+ revision + +
+ integer +
+ 		always +
Revision number that was queried
+
+
+
+ status + +
+ string +
+ 		always +
The status of the task definition
+
+
+
+ task_definition_arn + +
+ string +
+ 		always +
ARN of the task definition
+
+
+
+ task_role_arn + +
+ string +
+ 		when role is set +
The ARN of the IAM role that containers in this task can assume
+
+
+
+ volumes + +
+ complex +
+ 		always +
The list of volumes in a task
+
+
  +
+ host + +
+ boolean +
+ 		when present +
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored.
+
+
  +
+ name + +
+ string +
+ 		when present +
The name of the volume.
+
+
  +
+ source_path + +
+ string +
+ 		when present +
The path on the host container instance that is presented to the container.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gustavo Maia (@gurumaia) +- Mark Chance (@Java1Guy) +- Darek Kaczynski (@kaczynskid) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.efs.rst b/docs/community.aws.efs.rst new file mode 100644 index 00000000000..ba10b219668 --- /dev/null +++ b/docs/community.aws.efs.rst @@ -0,0 +1,813 @@ + +.. _community.aws.efs_: + + +***************** +community.aws.efs +***************** + +**create and maintain EFS file systems** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module allows create, search and destroy Amazon EFS file systems. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ encrypt + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If encrypt=true creates an encrypted file system. This can not be modified after the file system is created.
+
+
+ id + +
+ string +
+ 		+ + +
ID of Amazon EFS. Either name or ID required for delete.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
+
+
+ name + +
+ string +
+ 		+ + +
Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
+
+
+ performance_mode + +
+ string +
+ 		+
    Choices: +
  • general_purpose ←
    • +
  • max_io
    • +
+ 		+ +
File system's performance mode to use. Only takes effect during creation.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ provisioned_throughput_in_mibps + +
+ float +
+ 		+ + +
If the throughput_mode is provisioned, select the amount of throughput to provisioned in Mibps.
+
Requires botocore >= 1.10.57
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Allows to create, search and destroy Amazon EFS file system.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
+
+
+ targets + +
+ list + / elements=dictionary
+ 		+ + +
List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: This data may be modified for existing EFS using state 'present' and new list of mount targets.
+
+
+ ip_address + +
+ string +
+ 		+ + +
A valid IPv4 address within the address range of the specified subnet.
+
+
+ security_groups + +
+ list + / elements=string
+ 		+ + +
List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified
+
+
+ subnet_id + +
+ - + / required
+ 		+ + +
The ID of the subnet to add the mount target in.
+
+
+ throughput_mode + +
+ string +
+ 		+
    Choices: +
  • bursting
    • +
  • provisioned
    • +
+ 		+ +
The throughput_mode for the file system to be created.
+
Requires botocore >= 1.10.57
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
0
+ 		+ +
How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # EFS provisioning + - efs: + state: present + name: myTestEFS + tags: + Name: myTestNameTag + purpose: file-storage + targets: + - subnet_id: subnet-748c5d03 + security_groups: [ "sg-1a2b3c4d" ] + + # Modifying EFS data + - efs: + state: present + name: myTestEFS + tags: + name: myAnotherTestTag + targets: + - subnet_id: subnet-7654fdca + security_groups: [ "sg-4c5d6f7a" ] + + # Deleting EFS + - efs: + state: absent + name: myTestEFS + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ creation_time + +
+ string +
+ 		always +
timestamp of creation date
+
+
Sample:
+
2015-11-16 07:30:57-05:00
+
+
+ creation_token + +
+ string +
+ 		always +
EFS creation token
+
+
Sample:
+
console-88609e04-9a0e-4a2e-912c-feaa99509961
+
+
+ file_system_id + +
+ string +
+ 		always +
ID of the file system
+
+
Sample:
+
fs-xxxxxxxx
+
+
+ filesystem_address + +
+ string +
+ 		always +
url of file system valid for use with mount
+
+
Sample:
+
fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
+
+
+ life_cycle_state + +
+ string +
+ 		always +
state of the EFS file system
+
+
Sample:
+
creating, available, deleting, deleted
+
+
+ mount_point + +
+ string +
+ 		always +
url of file system with leading dot from the time when AWS EFS required to add a region suffix to the address
+
+
Sample:
+
.fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
+
+
+ mount_targets + +
+ list +
+ 		always +
list of mount targets
+
+
Sample:
+
[{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
+
+
+ name + +
+ string +
+ 		always +
name of the file system
+
+
Sample:
+
my-efs
+
+
+ number_of_mount_targets + +
+ integer +
+ 		always +
the number of targets mounted
+
+
Sample:
+
3
+
+
+ owner_id + +
+ string +
+ 		always +
AWS account ID of EFS owner
+
+
Sample:
+
XXXXXXXXXXXX
+
+
+ performance_mode + +
+ string +
+ 		always +
performance mode of the file system
+
+
Sample:
+
generalPurpose
+
+
+ size_in_bytes + +
+ dictionary +
+ 		always +
size of the file system in bytes as of a timestamp
+
+
Sample:
+
{'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
+
+
+ tags + +
+ dictionary +
+ 		always +
tags on the efs instance
+
+
Sample:
+
{'name': 'my-efs', 'key': 'Value'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Sydnor (@ryansydnor) +- Artem Kazakov (@akazakov) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.efs_info.rst b/docs/community.aws.efs_info.rst new file mode 100644 index 00000000000..223a71327a9 --- /dev/null +++ b/docs/community.aws.efs_info.rst @@ -0,0 +1,609 @@ + +.. _community.aws.efs_info_: + + +********************** +community.aws.efs_info +********************** + +**Get information about Amazon EFS file systems** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module can be used to search Amazon EFS file systems. +- This module was called ``efs_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`efs_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ id + +
+ string +
+ 		+ + +
ID of Amazon EFS.
+
+
+ name + +
+ string +
+ 		+ + +
Creation Token of Amazon EFS file system.
+

aliases: creation_token
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ tags + +
+ dictionary +
+ 		+ + +
List of tags of Amazon EFS. Should be defined as dictionary.
+
+
+ targets + +
+ list + / elements=string
+ 		+ + +
List of targets on which to filter the returned results.
+
Result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Find all existing efs + efs_info: + register: result + + - name: Find efs using id + efs_info: + id: fs-1234abcd + register: result + + - name: Searching all EFS instances with tag Name = 'myTestNameTag', in subnet 'subnet-1a2b3c4d' and with security group 'sg-4d3c2b1a' + efs_info: + tags: + Name: myTestNameTag + targets: + - subnet-1a2b3c4d + - sg-4d3c2b1a + register: result + + - debug: + msg: "{{ result['efs'] }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ creation_time + +
+ string +
+ 		always +
timestamp of creation date
+
+
Sample:
+
2015-11-16 07:30:57-05:00
+
+
+ creation_token + +
+ string +
+ 		always +
EFS creation token
+
+
Sample:
+
console-88609e04-9a0e-4a2e-912c-feaa99509961
+
+
+ file_system_id + +
+ string +
+ 		always +
ID of the file system
+
+
Sample:
+
fs-xxxxxxxx
+
+
+ filesystem_address + +
+ string +
+ 		always +
url of file system
+
+
Sample:
+
fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
+
+
+ life_cycle_state + +
+ string +
+ 		always +
state of the EFS file system
+
+
Sample:
+
creating, available, deleting, deleted
+
+
+ mount_point + +
+ string +
+ 		always +
url of file system with leading dot from the time AWS EFS required to add network suffix to EFS address
+
+
Sample:
+
.fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
+
+
+ mount_targets + +
+ list +
+ 		always +
list of mount targets
+
+
Sample:
+
[{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
+
+
+ name + +
+ string +
+ 		always +
name of the file system
+
+
Sample:
+
my-efs
+
+
+ number_of_mount_targets + +
+ integer +
+ 		always +
the number of targets mounted
+
+
Sample:
+
3
+
+
+ owner_id + +
+ string +
+ 		always +
AWS account ID of EFS owner
+
+
Sample:
+
XXXXXXXXXXXX
+
+
+ performance_mode + +
+ string +
+ 		always +
performance mode of the file system
+
+
Sample:
+
generalPurpose
+
+
+ provisioned_throughput_in_mibps + +
+ float +
+ 		when botocore >= 1.10.57 and throughput_mode is set to "provisioned" +
throughput provisioned in Mibps
+
+
Sample:
+
15.0
+
+
+ size_in_bytes + +
+ dictionary +
+ 		always +
size of the file system in bytes as of a timestamp
+
+
Sample:
+
{'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
+
+
+ tags + +
+ dictionary +
+ 		always +
tags on the efs instance
+
+
Sample:
+
{'name': 'my-efs', 'key': 'Value'}
+
+
+ throughput_mode + +
+ string +
+ 		when botocore >= 1.10.57 +
mode of throughput for the file system
+
+
Sample:
+
bursting
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Sydnor (@ryansydnor) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache.rst b/docs/community.aws.elasticache.rst new file mode 100644 index 00000000000..efb72b46ece --- /dev/null +++ b/docs/community.aws.elasticache.rst @@ -0,0 +1,535 @@ + +.. _community.aws.elasticache_: + + +************************* +community.aws.elasticache +************************* + +**Manage cache clusters in Amazon ElastiCache** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage cache clusters in Amazon ElastiCache. +- Returns information about the specified cache cluster. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cache_engine_version + +
+ string +
+ 		+ + +
The version number of the cache engine.
+
+
+ cache_parameter_group + +
+ string +
+ 		+ + +
The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.
+

aliases: parameter_group
+
+
+ cache_port + +
+ integer +
+ 		+ + +
The port number on which each of the cache nodes will accept connections.
+
+
+ cache_security_groups + +
+ list + / elements=string
+ 		+ + +
A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
+
+
+ cache_subnet_group + +
+ string +
+ 		+ + +
The subnet group name to associate with. Only use if inside a vpc.
+
Required if inside a vpc
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ engine + +
+ string +
+ 		+ Default:
"memcached"
+ 		+ +
Name of the cache engine to be used.
+
Supported values are redis and memcached.
+
+
+ hard_modify + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
+
+
+ name + +
+ string + / required
+ 		+ + +
The cache cluster identifier.
+
+
+ node_type + +
+ string +
+ 		+ Default:
"cache.t2.small"
+ 		+ +
The compute and memory capacity of the nodes in the cache cluster.
+
+
+ num_nodes + +
+ integer +
+ 		+ Default:
1
+ 		+ +
The initial number of cache nodes that the cache cluster will have.
+
Required when state=present.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_group_ids + +
+ list + / elements=string
+ 		+ + +
A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • rebooted
    • +
+ 		+ +
absent or present are idempotent actions that will create or destroy a cache cluster as needed.
+
rebooted will reboot the cluster, resulting in a momentary outage.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Wait for cache cluster result before returning.
+
+
+ zone + +
+ string +
+ 		+ + +
The EC2 Availability Zone in which the cache cluster will be created.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + # Basic example + - elasticache: + name: "test-please-delete" + state: present + engine: memcached + cache_engine_version: 1.4.14 + node_type: cache.m1.small + num_nodes: 1 + cache_port: 11211 + cache_security_groups: + - default + zone: us-east-1d + + + # Ensure cache cluster is gone + - elasticache: + name: "test-please-delete" + state: absent + + # Reboot cache cluster + - elasticache: + name: "test-please-delete" + state: rebooted + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jim Dalton (@jsdalton) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_info.rst b/docs/community.aws.elasticache_info.rst new file mode 100644 index 00000000000..b7a1053cc43 --- /dev/null +++ b/docs/community.aws.elasticache_info.rst @@ -0,0 +1,940 @@ + +.. _community.aws.elasticache_info_: + + +****************************** +community.aws.elasticache_info +****************************** + +**Retrieve information for AWS ElastiCache clusters** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve information from AWS ElastiCache clusters +- This module was called ``elasticache_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
The name of an ElastiCache cluster.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: obtain all ElastiCache information + elasticache_info: + + - name: obtain all information for a single ElastiCache cluster + elasticache_info: + name: test_elasticache + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ elasticache_clusters + +
+ complex +
+ 		always +
List of ElastiCache clusters
+
+
  +
+ auto_minor_version_upgrade + +
+ boolean +
+ 		always +
Whether to automatically upgrade to minor versions
+
+
Sample:
+
True
+
  +
+ cache_cluster_create_time + +
+ string +
+ 		always +
Date and time cluster was created
+
+
Sample:
+
2017-09-15T05:43:46.038000+00:00
+
  +
+ cache_cluster_id + +
+ string +
+ 		always +
ID of the cache cluster
+
+
Sample:
+
abcd-1234-001
+
  +
+ cache_cluster_status + +
+ string +
+ 		always +
Status of ElastiCache cluster
+
+
Sample:
+
available
+
  +
+ cache_node_type + +
+ string +
+ 		always +
Instance type of ElastiCache nodes
+
+
Sample:
+
cache.t2.micro
+
  +
+ cache_nodes + +
+ complex +
+ 		always +
List of ElastiCache nodes in the cluster
+
+
   +
+ cache_node_create_time + +
+ string +
+ 		always +
Date and time node was created
+
+
Sample:
+
2017-09-15T05:43:46.038000+00:00
+
   +
+ cache_node_id + +
+ string +
+ 		always +
ID of the cache node
+
+
Sample:
+
0001
+
   +
+ cache_node_status + +
+ string +
+ 		always +
Status of the cache node
+
+
Sample:
+
available
+
   +
+ customer_availability_zone + +
+ string +
+ 		always +
Availability Zone in which the cache node was created
+
+
Sample:
+
ap-southeast-2b
+
   +
+ endpoint + +
+ complex +
+ 		always +
Connection details for the cache node
+
+
    +
+ address + +
+ string +
+ 		always +
URL of the cache node endpoint
+
+
Sample:
+
abcd-1234-001.bgiz2p.0001.apse2.cache.amazonaws.com
+
    +
+ port + +
+ integer +
+ 		always +
Port of the cache node endpoint
+
+
Sample:
+
6379
+
   +
+ parameter_group_status + +
+ string +
+ 		always +
Status of the Cache Parameter Group
+
+
Sample:
+
in-sync
+
  +
+ cache_parameter_group + +
+ complex +
+ 		always +
Contents of the Cache Parameter Group
+
+
   +
+ cache_node_ids_to_reboot + +
+ list +
+ 		always +
Cache nodes which need to be rebooted for parameter changes to be applied
+
+
   +
+ cache_parameter_group_name + +
+ string +
+ 		always +
Name of the cache parameter group
+
+
Sample:
+
default.redis3.2
+
   +
+ parameter_apply_status + +
+ string +
+ 		always +
Status of parameter updates
+
+
Sample:
+
in-sync
+
  +
+ cache_security_groups + +
+ list +
+ 		always +
Security Groups used by the cache
+
+
Sample:
+
['sg-abcd1234']
+
  +
+ cache_subnet_group_name + +
+ string +
+ 		always +
ElastiCache Subnet Group used by the cache
+
+
Sample:
+
abcd-subnet-group
+
  +
+ client_download_landing_page + +
+ string +
+ 		always +
URL of client download web page
+
+
Sample:
+
https://console.aws.amazon.com/elasticache/home#client-download:
+
  +
+ engine + +
+ string +
+ 		always +
Engine used by ElastiCache
+
+
Sample:
+
redis
+
  +
+ engine_version + +
+ string +
+ 		always +
Version of ElastiCache engine
+
+
Sample:
+
3.2.4
+
  +
+ notification_configuration + +
+ complex +
+ 		if notifications are enabled +
Configuration of notifications
+
+
   +
+ topic_arn + +
+ string +
+ 		if notifications are enabled +
ARN of notification destination topic
+
+
Sample:
+
arn:aws:sns:*:123456789012:my_topic
+
   +
+ topic_name + +
+ string +
+ 		if notifications are enabled +
Name of notification destination topic
+
+
Sample:
+
MyTopic
+
  +
+ num_cache_nodes + +
+ integer +
+ 		always +
Number of Cache Nodes
+
+
Sample:
+
1
+
  +
+ pending_modified_values + +
+ complex +
+ 		always +
Values that are pending modification
+
+
  +
+ preferred_availability_zone + +
+ string +
+ 		always +
Preferred Availability Zone
+
+
Sample:
+
ap-southeast-2b
+
  +
+ preferred_maintenance_window + +
+ string +
+ 		always +
Time slot for preferred maintenance window
+
+
Sample:
+
sat:12:00-sat:13:00
+
  +
+ replication_group_id + +
+ string +
+ 		always +
Replication Group Id
+
+
Sample:
+
replication-001
+
  +
+ security_groups + +
+ complex +
+ 		always +
List of Security Groups associated with ElastiCache
+
+
   +
+ security_group_id + +
+ string +
+ 		always +
Security Group ID
+
+
Sample:
+
sg-abcd1234
+
   +
+ status + +
+ string +
+ 		always +
Status of Security Group
+
+
Sample:
+
active
+
  +
+ tags + +
+ complex +
+ 		always +
Tags applied to the ElastiCache cluster
+
+
Sample:
+
{'Application': 'web', 'Environment': 'test'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_parameter_group.rst b/docs/community.aws.elasticache_parameter_group.rst new file mode 100644 index 00000000000..8be993fa929 --- /dev/null +++ b/docs/community.aws.elasticache_parameter_group.rst @@ -0,0 +1,425 @@ + +.. _community.aws.elasticache_parameter_group_: + + +***************************************** +community.aws.elasticache_parameter_group +***************************************** + +**Manage cache parameter groups in Amazon ElastiCache.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage cache security groups in Amazon ElastiCache. +- Returns information about the specified cache cluster. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A user-specified description for the cache parameter group.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ group_family + +
+ string +
+ 		+
    Choices: +
  • memcached1.4
    • +
  • memcached1.5
    • +
  • redis2.6
    • +
  • redis2.8
    • +
  • redis3.2
    • +
  • redis4.0
    • +
  • redis5.0
    • +
+ 		+ +
The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
+
+
+ name + +
+ string + / required
+ 		+ + +
A user-specified name for the cache parameter group.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • reset
    • +
+ 		+ +
Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ values + +
+ dictionary +
+ 		+ + +
A user-specified dictionary of parameters to reset or modify for the cache parameter group.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + --- + - hosts: localhost + connection: local + tasks: + - name: 'Create a test parameter group' + elasticache_parameter_group: + name: 'test-param-group' + group_family: 'redis3.2' + description: 'This is a cache parameter group' + state: 'present' + - name: 'Modify a test parameter group' + elasticache_parameter_group: + name: 'test-param-group' + values: + activerehashing: yes + client-output-buffer-limit-normal-hard-limit: 4 + state: 'present' + - name: 'Reset all modifiable parameters for the test parameter group' + elasticache_parameter_group: + name: 'test-param-group' + state: reset + - name: 'Delete a test parameter group' + elasticache_parameter_group: + name: 'test-param-group' + state: 'absent' + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
if the cache parameter group has changed
+
+
Sample:
+
{'changed': True}
+
+
+ elasticache + +
+ dictionary +
+ 		always +
cache parameter group information and response metadata
+
+
Sample:
+
{'cache_parameter_group': {'cache_parameter_group_family': 'redis3.2', 'cache_parameter_group_name': 'test-please-delete', 'description': 'initial description'}, 'response_metadata': {'http_headers': {'content-length': '562', 'content-type': 'text/xml', 'date': 'Mon, 06 Feb 2017 22:14:08 GMT', 'x-amzn-requestid': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1'}, 'http_status_code': 200, 'request_id': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1', 'retry_attempts': 0}}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_snapshot.rst b/docs/community.aws.elasticache_snapshot.rst new file mode 100644 index 00000000000..18b33deab08 --- /dev/null +++ b/docs/community.aws.elasticache_snapshot.rst @@ -0,0 +1,435 @@ + +.. _community.aws.elasticache_snapshot_: + + +********************************** +community.aws.elasticache_snapshot +********************************** + +**Manage cache snapshots in Amazon ElastiCache** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage cache snapshots in Amazon ElastiCache. +- Returns information about the specified snapshot. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bucket + +
+ string +
+ 		+ + +
The s3 bucket to which the snapshot is exported.
+
+
+ cluster_id + +
+ string +
+ 		+ + +
The name of an existing cache cluster in the replication group to make the snapshot.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the snapshot we want to create, copy, delete.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ replication_id + +
+ string +
+ 		+ + +
The name of the existing replication group to make the snapshot.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • copy
    • +
+ 		+ +
Actions that will create, destroy, or copy a snapshot.
+
+
+ target + +
+ string +
+ 		+ + +
The name of a snapshot copy.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + --- + - hosts: localhost + connection: local + tasks: + - name: 'Create a snapshot' + elasticache_snapshot: + name: 'test-snapshot' + state: 'present' + cluster_id: '{{ cluster }}' + replication_id: '{{ replication }}' + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
if a snapshot has been created, deleted, or copied
+
+
Sample:
+
{'changed': True}
+
+
+ response_metadata + +
+ dictionary +
+ 		always +
response metadata about the snapshot
+
+
Sample:
+
{'http_headers': {'content-length': 1490, 'content-type': 'text/xml', 'date': 'Tue, 07 Feb 2017 16:43:04 GMT', 'x-amzn-requestid': '7f436dea-ed54-11e6-a04c-ab2372a1f14d'}, 'http_status_code': 200, 'request_id': '7f436dea-ed54-11e6-a04c-ab2372a1f14d', 'retry_attempts': 0}
+
+
+ snapshot + +
+ dictionary +
+ 		always +
snapshot data
+
+
Sample:
+
{'auto_minor_version_upgrade': True, 'cache_cluster_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_cluster_id': 'test-please-delete', 'cache_node_type': 'cache.m1.small', 'cache_parameter_group_name': 'default.redis3.2', 'cache_subnet_group_name': 'default', 'engine': 'redis', 'engine_version': '3.2.4', 'node_snapshots': {'cache_node_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_node_id': 1, 'cache_size': None}, 'num_cache_nodes': 1, 'port': 11211, 'preferred_availability_zone': 'us-east-1d', 'preferred_maintenance_window': 'wed:03:00-wed:04:00', 'snapshot_name': 'deletesnapshot', 'snapshot_retention_limit': 0, 'snapshot_source': 'manual', 'snapshot_status': 'creating', 'snapshot_window': '10:00-11:00', 'vpc_id': 'vpc-c248fda4'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_subnet_group.rst b/docs/community.aws.elasticache_subnet_group.rst new file mode 100644 index 00000000000..853c98d14ea --- /dev/null +++ b/docs/community.aws.elasticache_subnet_group.rst @@ -0,0 +1,332 @@ + +.. _community.aws.elasticache_subnet_group_: + + +************************************** +community.aws.elasticache_subnet_group +************************************** + +**manage ElastiCache subnet groups** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, modifies, and deletes ElastiCache subnet groups. This module has a dependency on python-boto >= 2.5. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
ElastiCache subnet group description. Only set when a new group is added.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Database subnet group identifier.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Specifies whether the subnet should be present or absent.
+
+
+ subnets + +
+ list + / elements=string
+ 		+ + +
List of subnet IDs that make up the ElastiCache subnet group.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Add or change a subnet group + - elasticache_subnet_group: + state: present + name: norwegian-blue + description: My Fancy Ex Parrot Subnet Group + subnets: + - subnet-aaaaaaaa + - subnet-bbbbbbbb + + # Remove a subnet group + - elasticache_subnet_group: + state: absent + name: norwegian-blue + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Tim Mahoney (@timmahoney) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_application_lb.rst b/docs/community.aws.elb_application_lb.rst new file mode 100644 index 00000000000..3dc1b32956c --- /dev/null +++ b/docs/community.aws.elb_application_lb.rst @@ -0,0 +1,1467 @@ + +.. _community.aws.elb_application_lb_: + + +******************************** +community.aws.elb_application_lb +******************************** + +**Manage an Application load balancer** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Application Elastic Load Balancer. See https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/ for details. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ access_logs_enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not to enable access logs.
+
When set, access_logs_s3_bucket must also be set.
+
+
+ access_logs_s3_bucket + +
+ string +
+ 		+ + +
The name of the S3 bucket for the access logs.
+
The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
+
Required if access logs in Amazon S3 are enabled.
+
When set, access_logs_enabled must also be set.
+
+
+ access_logs_s3_prefix + +
+ string +
+ 		+ + +
The prefix for the log location in the S3 bucket.
+
If you don't specify a prefix, the access logs are stored in the root of the bucket.
+
Cannot begin or end with a slash.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ deletion_protection + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates whether deletion protection for the ELB is enabled.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ http2 + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates whether to enable HTTP2 routing.
+
+
+ idle_timeout + +
+ integer +
+ 		+ + +
The number of seconds to wait before an idle connection is closed.
+
+
+ listeners + +
+ list +
+ 		+ + +
A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
+
+
+ Certificates + +
+ list +
+ 		+ + +
The SSL server certificate.
+
+
+ CertificateArn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the certificate.
+
+
+ DefaultActions + +
+ list + / required
+ 		+ + +
The default actions for the listener.
+
+
+ TargetGroupArn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the target group.
+
+
+ Type + +
+ string +
+ 		+ + +
The type of action.
+
+
+ Port + +
+ integer + / required
+ 		+ + +
The port on which the load balancer is listening.
+
+
+ Protocol + +
+ string + / required
+ 		+ + +
The protocol for connections from clients to the load balancer.
+
+
+ Rules + +
+ list +
+ 		+ + +
A list of ALB Listener Rules.
+
For the complete documentation of possible Conditions and Actions please see the boto3 documentation:
+
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_rule
+
+
+ Actions + +
+ list +
+ 		+ + +
Actions to apply if all of the rule's conditions are met.
+
+
+ Conditions + +
+ list +
+ 		+ + +
Conditions which must be met for the actions to be applied.
+
+
+ Priority + +
+ integer +
+ 		+ + +
The rule priority.
+
+
+ SslPolicy + +
+ string +
+ 		+ + +
The security policy that defines which ciphers and protocols are supported.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_listeners + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
+
+
+ purge_rules + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ scheme + +
+ string +
+ 		+
    Choices: +
  • internet-facing ←
    • +
  • internal
    • +
+ 		+ +
Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
+
+
+ security_groups + +
+ list +
+ 		+ Default:
[]
+ 		+ +
A list of the names or IDs of the security groups to assign to the load balancer.
+
Required if state=present.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or destroy the load balancer.
+
+
+ subnets + +
+ list +
+ 		+ + +
A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
+
Required if state=present.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of one or more tags to assign to the load balancer.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks.
+
+
+ wait_timeout + +
+ integer +
+ 		+ + +
The time in seconds to use in conjunction with wait.
+
+
+ + +Notes +----- + +.. note:: + - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. + - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an ELB and attach a listener + - elb_application_lb: + name: myelb + security_groups: + - sg-12345678 + - my-sec-group + subnets: + - subnet-012345678 + - subnet-abcdef000 + listeners: + - Protocol: HTTP # Required. The protocol for connections from clients to the load balancer (HTTP or HTTPS) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + # The security policy that defines which ciphers and protocols are supported. The default is the current predefined security policy. + SslPolicy: ELBSecurityPolicy-2015-05 + Certificates: # The ARN of the certificate (only one certficate ARN should be provided) + - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com + DefaultActions: + - Type: forward # Required. + TargetGroupName: # Required. The name of the target group + state: present + + # Create an ELB and attach a listener with logging enabled + - elb_application_lb: + access_logs_enabled: yes + access_logs_s3_bucket: mybucket + access_logs_s3_prefix: "logs" + name: myelb + security_groups: + - sg-12345678 + - my-sec-group + subnets: + - subnet-012345678 + - subnet-abcdef000 + listeners: + - Protocol: HTTP # Required. The protocol for connections from clients to the load balancer (HTTP or HTTPS) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + # The security policy that defines which ciphers and protocols are supported. The default is the current predefined security policy. + SslPolicy: ELBSecurityPolicy-2015-05 + Certificates: # The ARN of the certificate (only one certficate ARN should be provided) + - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com + DefaultActions: + - Type: forward # Required. + TargetGroupName: # Required. The name of the target group + state: present + + # Create an ALB with listeners and rules + - elb_application_lb: + name: test-alb + subnets: + - subnet-12345678 + - subnet-87654321 + security_groups: + - sg-12345678 + scheme: internal + listeners: + - Protocol: HTTPS + Port: 443 + DefaultActions: + - Type: forward + TargetGroupName: test-target-group + Certificates: + - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com + SslPolicy: ELBSecurityPolicy-2015-05 + Rules: + - Conditions: + - Field: path-pattern + Values: + - '/test' + Priority: '1' + Actions: + - TargetGroupName: test-target-group + Type: forward + - Conditions: + - Field: path-pattern + Values: + - "/redirect-path/*" + Priority: '2' + Actions: + - Type: redirect + RedirectConfig: + Host: "#{host}" + Path: "/example/redir" # or /#{path} + Port: "#{port}" + Protocol: "#{protocol}" + Query: "#{query}" + StatusCode: "HTTP_302" # or HTTP_301 + - Conditions: + - Field: path-pattern + Values: + - "/fixed-response-path/" + Priority: '3' + Actions: + - Type: fixed-response + FixedResponseConfig: + ContentType: "text/plain" + MessageBody: "This is the page you're looking for" + StatusCode: "200" + - Conditions: + - Field: host-header + Values: + - "hostname.domain.com" + - "alternate.domain.com" + Priority: '4' + Actions: + - TargetGroupName: test-target-group + Type: forward + state: present + + # Remove an ELB + - elb_application_lb: + name: myelb + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ access_logs_s3_bucket + +
+ string +
+ 		when state is present +
The name of the S3 bucket for the access logs.
+
+
Sample:
+
mys3bucket
+
+
+ access_logs_s3_enabled + +
+ string +
+ 		when state is present +
Indicates whether access logs stored in Amazon S3 are enabled.
+
+
Sample:
+
True
+
+
+ access_logs_s3_prefix + +
+ string +
+ 		when state is present +
The prefix for the location in the S3 bucket.
+
+
Sample:
+
my/logs
+
+
+ availability_zones + +
+ list +
+ 		when state is present +
The Availability Zones for the load balancer.
+
+
Sample:
+
[{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
+
+
+ canonical_hosted_zone_id + +
+ string +
+ 		when state is present +
The ID of the Amazon Route 53 hosted zone associated with the load balancer.
+
+
Sample:
+
ABCDEF12345678
+
+
+ created_time + +
+ string +
+ 		when state is present +
The date and time the load balancer was created.
+
+
Sample:
+
2015-02-12T02:14:02+00:00
+
+
+ deletion_protection_enabled + +
+ string +
+ 		when state is present +
Indicates whether deletion protection is enabled.
+
+
Sample:
+
True
+
+
+ dns_name + +
+ string +
+ 		when state is present +
The public DNS name of the load balancer.
+
+
Sample:
+
internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
+
+
+ idle_timeout_timeout_seconds + +
+ integer +
+ 		when state is present +
The idle timeout value, in seconds.
+
+
Sample:
+
60
+
+
+ ip_address_type + +
+ string +
+ 		when state is present +
The type of IP addresses used by the subnets for the load balancer.
+
+
Sample:
+
ipv4
+
+
+ listeners + +
+ complex +
+ 		when state is present +
Information about the listeners.
+
+
  +
+ certificates + +
+ complex +
+ 		when state is present +
The SSL server certificate.
+
+
   +
+ certificate_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the certificate.
+
+
  +
+ default_actions + +
+ string +
+ 		when state is present +
The default actions for the listener.
+
+
   +
+ target_group_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the target group.
+
+
   +
+ type + +
+ string +
+ 		when state is present +
The type of action.
+
+
  +
+ listener_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the listener.
+
+
  +
+ load_balancer_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the load balancer.
+
+
  +
+ port + +
+ integer +
+ 		when state is present +
The port on which the load balancer is listening.
+
+
Sample:
+
80
+
  +
+ protocol + +
+ string +
+ 		when state is present +
The protocol for connections from clients to the load balancer.
+
+
Sample:
+
HTTPS
+
  +
+ ssl_policy + +
+ string +
+ 		when state is present +
The security policy that defines which ciphers and protocols are supported.
+
+
+
+ load_balancer_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the load balancer.
+
+
Sample:
+
arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
+
+
+ load_balancer_name + +
+ string +
+ 		when state is present +
The name of the load balancer.
+
+
Sample:
+
my-elb
+
+
+ routing_http2_enabled + +
+ string +
+ 		when state is present +
Indicates whether HTTP/2 is enabled.
+
+
Sample:
+
True
+
+
+ scheme + +
+ string +
+ 		when state is present +
Internet-facing or internal load balancer.
+
+
Sample:
+
internal
+
+
+ security_groups + +
+ list +
+ 		when state is present +
The IDs of the security groups for the load balancer.
+
+
Sample:
+
['sg-0011223344']
+
+
+ state + +
+ dictionary +
+ 		when state is present +
The state of the load balancer.
+
+
Sample:
+
{'code': 'active'}
+
+
+ tags + +
+ dictionary +
+ 		when state is present +
The tags attached to the load balancer.
+
+
Sample:
+
{ 'Tag': 'Example' }
+
+
+ type + +
+ string +
+ 		when state is present +
The type of load balancer.
+
+
Sample:
+
application
+
+
+ vpc_id + +
+ string +
+ 		when state is present +
The ID of the VPC for the load balancer.
+
+
Sample:
+
vpc-0011223344
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_application_lb_info.rst b/docs/community.aws.elb_application_lb_info.rst new file mode 100644 index 00000000000..b7d55e7155b --- /dev/null +++ b/docs/community.aws.elb_application_lb_info.rst @@ -0,0 +1,661 @@ + +.. _community.aws.elb_application_lb_info_: + + +************************************* +community.aws.elb_application_lb_info +************************************* + +**Gather information about application ELBs in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about application ELBs in AWS +- This module was called ``elb_application_lb_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ load_balancer_arns + +
+ list +
+ 		+ + +
The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
+
+
+ names + +
+ list +
+ 		+ + +
The names of the load balancers.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all target groups + - elb_application_lb_info: + + # Gather information about the target group attached to a particular ELB + - elb_application_lb_info: + load_balancer_arns: + - "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" + + # Gather information about a target groups named 'tg1' and 'tg2' + - elb_application_lb_info: + names: + - elb1 + - elb2 + + # Gather information about specific ALB + - elb_application_lb_info: + names: "alb-name" + region: "aws-region" + register: alb_info + - debug: + var: alb_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ load_balancers + +
+ complex +
+ 		always +
a list of load balancers
+
+
  +
+ access_logs_s3_bucket + +
+ string +
+ 		when status is present +
The name of the S3 bucket for the access logs.
+
+
Sample:
+
mys3bucket
+
  +
+ access_logs_s3_enabled + +
+ string +
+ 		when status is present +
Indicates whether access logs stored in Amazon S3 are enabled.
+
+
Sample:
+
True
+
  +
+ access_logs_s3_prefix + +
+ string +
+ 		when status is present +
The prefix for the location in the S3 bucket.
+
+
Sample:
+
/my/logs
+
  +
+ availability_zones + +
+ list +
+ 		when status is present +
The Availability Zones for the load balancer.
+
+
Sample:
+
[{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
+
  +
+ canonical_hosted_zone_id + +
+ string +
+ 		when status is present +
The ID of the Amazon Route 53 hosted zone associated with the load balancer.
+
+
Sample:
+
ABCDEF12345678
+
  +
+ created_time + +
+ string +
+ 		when status is present +
The date and time the load balancer was created.
+
+
Sample:
+
2015-02-12T02:14:02+00:00
+
  +
+ deletion_protection_enabled + +
+ string +
+ 		when status is present +
Indicates whether deletion protection is enabled.
+
+
Sample:
+
True
+
  +
+ dns_name + +
+ string +
+ 		when status is present +
The public DNS name of the load balancer.
+
+
Sample:
+
internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
+
  +
+ idle_timeout_timeout_seconds + +
+ string +
+ 		when status is present +
The idle timeout value, in seconds.
+
+
Sample:
+
60
+
  +
+ ip_address_type + +
+ string +
+ 		when status is present +
The type of IP addresses used by the subnets for the load balancer.
+
+
Sample:
+
ipv4
+
  +
+ load_balancer_arn + +
+ string +
+ 		when status is present +
The Amazon Resource Name (ARN) of the load balancer.
+
+
Sample:
+
arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
+
  +
+ load_balancer_name + +
+ string +
+ 		when status is present +
The name of the load balancer.
+
+
Sample:
+
my-elb
+
  +
+ scheme + +
+ string +
+ 		when status is present +
Internet-facing or internal load balancer.
+
+
Sample:
+
internal
+
  +
+ security_groups + +
+ list +
+ 		when status is present +
The IDs of the security groups for the load balancer.
+
+
Sample:
+
['sg-0011223344']
+
  +
+ state + +
+ dictionary +
+ 		when status is present +
The state of the load balancer.
+
+
Sample:
+
{'code': 'active'}
+
  +
+ tags + +
+ dictionary +
+ 		when status is present +
The tags attached to the load balancer.
+
+
Sample:
+
{ 'Tag': 'Example' }
+
  +
+ type + +
+ string +
+ 		when status is present +
The type of load balancer.
+
+
Sample:
+
application
+
  +
+ vpc_id + +
+ string +
+ 		when status is present +
The ID of the VPC for the load balancer.
+
+
Sample:
+
vpc-0011223344
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_classic_lb.rst b/docs/community.aws.elb_classic_lb.rst new file mode 100644 index 00000000000..8182c4f7f6a --- /dev/null +++ b/docs/community.aws.elb_classic_lb.rst @@ -0,0 +1,874 @@ + +.. _community.aws.elb_classic_lb_: + + +**************************** +community.aws.elb_classic_lb +**************************** + +**Creates or destroys Amazon ELB.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Returns information about the load balancer. +- Will be marked changed when called only if state is changed. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ access_logs + +
+ dictionary +
+ 		+ + +
An associative array of access logs configuration settings (see example)
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ connection_draining_timeout + +
+ integer +
+ 		+ + +
Wait a specified timeout allowing connections to drain before terminating an instance
+
+
+ cross_az_load_balancing + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Distribute load across all configured Availability Zones
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ health_check + +
+ dictionary +
+ 		+ + +
An associative array of health check configuration settings (see example)
+
+
+ idle_timeout + +
+ integer +
+ 		+ + +
ELB connections from clients and to servers are timed out after this amount of time
+
+
+ instance_ids + +
+ list +
+ 		+ + +
List of instance ids to attach to this ELB
+
+
+ listeners + +
+ list +
+ 		+ + +
List of ports/protocols for this ELB to listen on (see example)
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the ELB
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_instance_ids + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Purge existing instance ids on ELB that are not found in instance_ids
+
+
+ purge_listeners + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Purge existing listeners on ELB that are not found in listeners
+
+
+ purge_subnets + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Purge existing subnet on ELB that are not found in subnets
+
+
+ purge_zones + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Purge existing availability zones on ELB that are not found in zones
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ scheme + +
+ string +
+ 		+
    Choices: +
  • internal
    • +
  • internet-facing ←
    • +
+ 		+ +
The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
+
+
+ security_group_ids + +
+ list +
+ 		+ + +
A list of security groups to apply to the elb
+
+
+ security_group_names + +
+ list +
+ 		+ + +
A list of security group names to apply to the elb
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or destroy the ELB
+
+
+ stickiness + +
+ dictionary +
+ 		+ + +
An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
+
+
+ subnets + +
+ list +
+ 		+ + +
A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
An associative array of tags. To delete all tags, supply an empty dict.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
60
+ 		+ +
Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
+
+
+ zones + +
+ list +
+ 		+ + +
List of availability zones to enable on this ELB
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + # Basic provisioning example (non-VPC) + + - elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http # options are http, https, ssl, tcp + load_balancer_port: 80 + instance_port: 80 + proxy_protocol: True + - protocol: https + load_balancer_port: 443 + instance_protocol: http # optional, defaults to value of protocol setting + instance_port: 80 + # ssl certificate required for https or ssl + ssl_certificate_id: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert" + delegate_to: localhost + + # Internal ELB example + + - elb_classic_lb: + name: "test-vpc" + scheme: internal + state: present + instance_ids: + - i-abcd1234 + purge_instance_ids: true + subnets: + - subnet-abcd1234 + - subnet-1a2b3c4d + listeners: + - protocol: http # options are http, https, ssl, tcp + load_balancer_port: 80 + instance_port: 80 + delegate_to: localhost + + # Configure a health check and the access logs + - elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + health_check: + ping_protocol: http # options are http, https, ssl, tcp + ping_port: 80 + ping_path: "/index.html" # not required for tcp or ssl + response_timeout: 5 # seconds + interval: 30 # seconds + unhealthy_threshold: 2 + healthy_threshold: 10 + access_logs: + interval: 5 # minutes (defaults to 60) + s3_location: "my-bucket" # This value is required if access_logs is set + s3_prefix: "logs" + delegate_to: localhost + + # Ensure ELB is gone + - elb_classic_lb: + name: "test-please-delete" + state: absent + delegate_to: localhost + + # Ensure ELB is gone and wait for check (for default timeout) + - elb_classic_lb: + name: "test-please-delete" + state: absent + wait: yes + delegate_to: localhost + + # Ensure ELB is gone and wait for check with timeout value + - elb_classic_lb: + name: "test-please-delete" + state: absent + wait: yes + wait_timeout: 600 + delegate_to: localhost + + # Normally, this module will purge any listeners that exist on the ELB + # but aren't specified in the listeners parameter. If purge_listeners is + # false it leaves them alone + - elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + purge_listeners: no + delegate_to: localhost + + # Normally, this module will leave availability zones that are enabled + # on the ELB alone. If purge_zones is true, then any extraneous zones + # will be removed + - elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + purge_zones: yes + delegate_to: localhost + + # Creates a ELB and assigns a list of subnets to it. + - elb_classic_lb: + state: present + name: 'New ELB' + security_group_ids: 'sg-123456, sg-67890' + region: us-west-2 + subnets: 'subnet-123456,subnet-67890' + purge_subnets: yes + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + delegate_to: localhost + + # Create an ELB with connection draining, increased idle timeout and cross availability + # zone load balancing + - elb_classic_lb: + name: "New ELB" + state: present + connection_draining_timeout: 60 + idle_timeout: 300 + cross_az_load_balancing: "yes" + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + delegate_to: localhost + + # Create an ELB with load balancer stickiness enabled + - elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + stickiness: + type: loadbalancer + enabled: yes + expiration: 300 + delegate_to: localhost + + # Create an ELB with application stickiness enabled + - elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + stickiness: + type: application + enabled: yes + cookie: SESSIONID + delegate_to: localhost + + # Create an ELB and add tags + - elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + tags: + Name: "New ELB" + stack: "production" + client: "Bob" + delegate_to: localhost + + # Delete all tags from an ELB + - elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + tags: {} + delegate_to: localhost + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jim Dalton (@jsdalton) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_classic_lb_info.rst b/docs/community.aws.elb_classic_lb_info.rst new file mode 100644 index 00000000000..f084d4c9b9a --- /dev/null +++ b/docs/community.aws.elb_classic_lb_info.rst @@ -0,0 +1,330 @@ + +.. _community.aws.elb_classic_lb_info_: + + +********************************* +community.aws.elb_classic_lb_info +********************************* + +**Gather information about EC2 Elastic Load Balancers in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about EC2 Elastic Load Balancers in AWS +- This module was called ``elb_classic_lb_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ names + +
+ list +
+ 		+ + +
List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Output format tries to match ec2_elb_lb module input parameters + + # Gather information about all ELBs + - elb_classic_lb_info: + register: elb_info + + - debug: + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + # Gather information about a particular ELB + - elb_classic_lb_info: + names: frontend-prod-elb + register: elb_info + + - debug: + msg: "{{ elb_info.elbs.0.dns_name }}" + + # Gather information about a set of ELBs + - elb_classic_lb_info: + names: + - frontend-prod-elb + - backend-prod-elb + register: elb_info + + - debug: + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ elbs + +
+ list +
+ 		always +
a list of load balancers
+
+
Sample:
+
{'elbs': [{'attributes': {'access_log': {'enabled': False}, 'connection_draining': {'enabled': True, 'timeout': 300}, 'connection_settings': {'idle_timeout': 60}, 'cross_zone_load_balancing': {'enabled': True}}, 'availability_zones': ['us-east-1a', 'us-east-1b', 'us-east-1c', 'us-east-1d', 'us-east-1e'], 'backend_server_description': [], 'canonical_hosted_zone_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'canonical_hosted_zone_name_id': 'XXXXXXXXXXXXXX', 'created_time': '2017-08-23T18:25:03.280000+00:00', 'dns_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'health_check': {'healthy_threshold': 10, 'interval': 30, 'target': 'HTTP:80/index.html', 'timeout': 5, 'unhealthy_threshold': 2}, 'instances': [], 'instances_inservice': [], 'instances_inservice_count': 0, 'instances_outofservice': [], 'instances_outofservice_count': 0, 'instances_unknownservice': [], 'instances_unknownservice_count': 0, 'listener_descriptions': [{'listener': {'instance_port': 80, 'instance_protocol': 'HTTP', 'load_balancer_port': 80, 'protocol': 'HTTP'}, 'policy_names': []}], 'load_balancer_name': 'test-lb', 'policies': {'app_cookie_stickiness_policies': [], 'lb_cookie_stickiness_policies': [], 'other_policies': []}, 'scheme': 'internet-facing', 'security_groups': ['sg-29d13055'], 'source_security_group': {'group_name': 'default', 'owner_alias': 'XXXXXXXXXXXX'}, 'subnets': ['subnet-XXXXXXXX', 'subnet-XXXXXXXX'], 'tags': {}, 'vpc_id': 'vpc-c248fda4'}]}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael Schultz (@mjschultz) +- Fernando Jose Pando (@nand0p) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_instance.rst b/docs/community.aws.elb_instance.rst new file mode 100644 index 00000000000..1ff60e0719c --- /dev/null +++ b/docs/community.aws.elb_instance.rst @@ -0,0 +1,383 @@ + +.. _community.aws.elb_instance_: + + +************************** +community.aws.elb_instance +************************** + +**De-registers or registers instances from EC2 ELBs** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module de-registers or registers an AWS EC2 instance from the ELBs that it belongs to. +- Returns fact "ec2_elbs" which is a list of elbs attached to the instance if state=absent is passed as an argument. +- Will be marked changed when called only if there are ELBs found to operate on. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_elbs + +
+ list +
+ 		+ + +
List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ enable_availability_zone + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
+
+
+ instance_id + +
+ string + / required
+ 		+ + +
EC2 Instance ID
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
register or deregister the instance
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Wait for instance registration or deregistration to complete successfully before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
0
+ 		+ +
Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # basic pre_task and post_task example + pre_tasks: + - name: Gathering ec2 facts + action: ec2_facts + - name: Instance De-register + elb_instance: + instance_id: "{{ ansible_ec2_instance_id }}" + state: absent + delegate_to: localhost + roles: + - myrole + post_tasks: + - name: Instance Register + elb_instance: + instance_id: "{{ ansible_ec2_instance_id }}" + ec2_elbs: "{{ item }}" + state: present + delegate_to: localhost + loop: "{{ ec2_elbs }}" + + + + + +Status +------ + + +Authors +~~~~~~~ + +- John Jarvis (@jarv) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_network_lb.rst b/docs/community.aws.elb_network_lb.rst new file mode 100644 index 00000000000..f9b1da0e7bd --- /dev/null +++ b/docs/community.aws.elb_network_lb.rst @@ -0,0 +1,1145 @@ + +.. _community.aws.elb_network_lb_: + + +**************************** +community.aws.elb_network_lb +**************************** + +**Manage a Network Load Balancer** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Network Elastic Load Balancer. See https://aws.amazon.com/blogs/aws/new-network-load-balancer-effortless-scaling-to-millions-of-requests-per-second/ for details. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cross_zone_load_balancing + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates whether cross-zone load balancing is enabled.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ deletion_protection + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates whether deletion protection for the ELB is enabled.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ listeners + +
+ list + / elements=dictionary
+ 		+ + +
A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
+
+
+ Certificates + +
+ list + / elements=dictionary
+ 		+ + +
The SSL server certificate.
+
+
+ CertificateArn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the certificate.
+
+
+ DefaultActions + +
+ list + / elements=dictionary / required
+ 		+ + +
The default actions for the listener.
+
+
+ TargetGroupArn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the target group.
+
+
+ Type + +
+ string +
+ 		+ + +
The type of action.
+
+
+ Port + +
+ integer + / required
+ 		+ + +
The port on which the load balancer is listening.
+
+
+ Protocol + +
+ string + / required
+ 		+ + +
The protocol for connections from clients to the load balancer.
+
+
+ SslPolicy + +
+ string +
+ 		+ + +
The security policy that defines which ciphers and protocols are supported.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_listeners + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If purge_listeners=true, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
+
If the listeners parameter is not set then listeners will not be modified.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If purge_tags=true, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
+
If the tags parameter is not set then tags will not be modified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ scheme + +
+ string +
+ 		+
    Choices: +
  • internet-facing ←
    • +
  • internal
    • +
+ 		+ +
Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or destroy the load balancer.
+
The current default is absent. However, this behavior is inconsistent with other modules and as such the default will change to present in 2.14. To maintain the existing behavior explicitly set state=absent.
+
+
+ subnet_mappings + +
+ list + / elements=dictionary
+ 		+ + +
A list of dicts containing the IDs of the subnets to attach to the load balancer. You can also specify the allocation ID of an Elastic IP to attach to the load balancer. You can specify one Elastic IP address per subnet.
+
This parameter is mutually exclusive with subnets.
+
+
+ subnets + +
+ list +
+ 		+ + +
A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
+
Required when state=present.
+
This parameter is mutually exclusive with subnet_mappings.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of one or more tags to assign to the load balancer.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not to wait for the network load balancer to reach the desired state.
+
+
+ wait_timeout + +
+ integer +
+ 		+ + +
The duration in seconds to wait, used in conjunction with wait.
+
+
+ + +Notes +----- + +.. note:: + - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. + - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an ELB and attach a listener + - elb_network_lb: + name: myelb + subnets: + - subnet-012345678 + - subnet-abcdef000 + listeners: + - Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP, TLS, UDP or TCP_UDP) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + DefaultActions: + - Type: forward # Required. Only 'forward' is accepted at this time + TargetGroupName: mytargetgroup # Required. The name of the target group + state: present + + # Create an ELB with an attached Elastic IP address + - elb_network_lb: + name: myelb + subnet_mappings: + - SubnetId: subnet-012345678 + AllocationId: eipalloc-aabbccdd + listeners: + - Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP, TLS, UDP or TCP_UDP) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + DefaultActions: + - Type: forward # Required. Only 'forward' is accepted at this time + TargetGroupName: mytargetgroup # Required. The name of the target group + state: present + + # Remove an ELB + - elb_network_lb: + name: myelb + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ availability_zones + +
+ list +
+ 		when state is present +
The Availability Zones for the load balancer.
+
+
Sample:
+
[{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a', 'load_balancer_addresses': []}]
+
+
+ canonical_hosted_zone_id + +
+ string +
+ 		when state is present +
The ID of the Amazon Route 53 hosted zone associated with the load balancer.
+
+
Sample:
+
ABCDEF12345678
+
+
+ created_time + +
+ string +
+ 		when state is present +
The date and time the load balancer was created.
+
+
Sample:
+
2015-02-12T02:14:02+00:00
+
+
+ deletion_protection_enabled + +
+ string +
+ 		when state is present +
Indicates whether deletion protection is enabled.
+
+
Sample:
+
True
+
+
+ dns_name + +
+ string +
+ 		when state is present +
The public DNS name of the load balancer.
+
+
Sample:
+
internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
+
+
+ idle_timeout_timeout_seconds + +
+ string +
+ 		when state is present +
The idle timeout value, in seconds.
+
+
Sample:
+
60
+
+
+ ip_address_type + +
+ string +
+ 		when state is present +
The type of IP addresses used by the subnets for the load balancer.
+
+
Sample:
+
ipv4
+
+
+ listeners + +
+ complex +
+ 		when state is present +
Information about the listeners.
+
+
  +
+ certificates + +
+ complex +
+ 		when state is present +
The SSL server certificate.
+
+
   +
+ certificate_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the certificate.
+
+
  +
+ default_actions + +
+ string +
+ 		when state is present +
The default actions for the listener.
+
+
   +
+ target_group_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the target group.
+
+
   +
+ type + +
+ string +
+ 		when state is present +
The type of action.
+
+
  +
+ listener_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the listener.
+
+
  +
+ load_balancer_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the load balancer.
+
+
  +
+ port + +
+ integer +
+ 		when state is present +
The port on which the load balancer is listening.
+
+
Sample:
+
80
+
  +
+ protocol + +
+ string +
+ 		when state is present +
The protocol for connections from clients to the load balancer.
+
+
Sample:
+
HTTPS
+
  +
+ ssl_policy + +
+ string +
+ 		when state is present +
The security policy that defines which ciphers and protocols are supported.
+
+
+
+ load_balancer_arn + +
+ string +
+ 		when state is present +
The Amazon Resource Name (ARN) of the load balancer.
+
+
Sample:
+
arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
+
+
+ load_balancer_name + +
+ string +
+ 		when state is present +
The name of the load balancer.
+
+
Sample:
+
my-elb
+
+
+ load_balancing_cross_zone_enabled + +
+ string +
+ 		when state is present +
Indicates whether cross-zone load balancing is enabled.
+
+
Sample:
+
True
+
+
+ scheme + +
+ string +
+ 		when state is present +
Internet-facing or internal load balancer.
+
+
Sample:
+
internal
+
+
+ state + +
+ dictionary +
+ 		when state is present +
The state of the load balancer.
+
+
Sample:
+
{'code': 'active'}
+
+
+ tags + +
+ dictionary +
+ 		when state is present +
The tags attached to the load balancer.
+
+
Sample:
+
{ 'Tag': 'Example' }
+
+
+ type + +
+ string +
+ 		when state is present +
The type of load balancer.
+
+
Sample:
+
network
+
+
+ vpc_id + +
+ string +
+ 		when state is present +
The ID of the VPC for the load balancer.
+
+
Sample:
+
vpc-0011223344
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target.rst b/docs/community.aws.elb_target.rst new file mode 100644 index 00000000000..ff0cb6d8b22 --- /dev/null +++ b/docs/community.aws.elb_target.rst @@ -0,0 +1,447 @@ + +.. _community.aws.elb_target_: + + +************************ +community.aws.elb_target +************************ + +**Manage a target in a target group** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Used to register or deregister a target in a target group + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ deregister_unused + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Register or deregister the target.
+
+
+ target_az + +
+ string +
+ 		+ + +
An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
+
+
+ target_group_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
+
+
+ target_group_name + +
+ string +
+ 		+ + +
The name of the target group. Mutually exclusive of target_group_arn.
+
+
+ target_id + +
+ string + / required
+ 		+ + +
The ID of the target.
+
+
+ target_port + +
+ integer +
+ 		+ + +
The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
+
The default port for a target is the port for the target group.
+
+
+ target_status + +
+ string +
+ 		+
    Choices: +
  • initial
    • +
  • healthy
    • +
  • unhealthy
    • +
  • unused
    • +
  • draining
    • +
  • unavailable
    • +
+ 		+ +
Blocks and waits for the target status to equal given value. For more detail on target status see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states
+
+
+ target_status_timeout + +
+ integer +
+ 		+ Default:
60
+ 		+ +
Maximum time in seconds to wait for target_status change
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If you specified a port override when you registered a target, you must specify both the target ID and the port when you deregister it. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Register an IP address target to a target group + - elb_target: + target_group_name: myiptargetgroup + target_id: i-1234567 + state: present + + # Register an instance target to a target group + - elb_target: + target_group_name: mytargetgroup + target_id: i-1234567 + state: present + + # Deregister a target from a target group + - elb_target: + target_group_name: mytargetgroup + target_id: i-1234567 + state: absent + + # Modify a target to use a different port + # Register a target to a target group + - elb_target: + target_group_name: mytargetgroup + target_id: i-1234567 + target_port: 8080 + state: present + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target_group.rst b/docs/community.aws.elb_target_group.rst new file mode 100644 index 00000000000..6a130724a6c --- /dev/null +++ b/docs/community.aws.elb_target_group.rst @@ -0,0 +1,1153 @@ + +.. _community.aws.elb_target_group_: + + +****************************** +community.aws.elb_target_group +****************************** + +**Manage a target group for an Application or Network load balancer** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Elastic Load Balancer target group. See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html or https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html for details. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ deregistration_delay_timeout + +
+ integer +
+ 		+ + +
The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ health_check_interval + +
+ integer +
+ 		+ + +
The approximate amount of time, in seconds, between health checks of an individual target.
+
+
+ health_check_path + +
+ string +
+ 		+ + +
The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
+
Requires the health_check_protocol parameter to be set.
+
+
+ health_check_port + +
+ string +
+ 		+ + +
The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
+
When not defined will default to the port on which each target receives traffic from the load balancer.
+
+
+ health_check_protocol + +
+ string +
+ 		+
    Choices: +
  • http
    • +
  • https
    • +
  • tcp
    • +
  • tls
    • +
  • udp
    • +
  • tcp_udp
    • +
  • HTTP
    • +
  • HTTPS
    • +
  • TCP
    • +
  • TLS
    • +
  • UDP
    • +
  • TCP_UDP
    • +
+ 		+ +
The protocol the load balancer uses when performing health checks on targets.
+
+
+ health_check_timeout + +
+ integer +
+ 		+ + +
The amount of time, in seconds, during which no response from a target means a failed health check.
+
+
+ healthy_threshold_count + +
+ integer +
+ 		+ + +
The number of consecutive health checks successes required before considering an unhealthy target healthy.
+
+
+ modify_targets + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether or not to alter existing targets in the group to match what is passed with the module
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the target group.
+
+
+ port + +
+ integer +
+ 		+ + +
The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if state is present.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ protocol + +
+ string +
+ 		+
    Choices: +
  • http
    • +
  • https
    • +
  • tcp
    • +
  • tls
    • +
  • udp
    • +
  • tcp_udp
    • +
  • HTTP
    • +
  • HTTPS
    • +
  • TCP
    • +
  • TLS
    • +
  • UDP
    • +
  • TCP_UDP
    • +
+ 		+ +
The protocol to use for routing traffic to the targets. Required when state is present.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tag parameter is not set then tags will not be modified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or destroy the target group.
+
+
+ stickiness_enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Indicates whether sticky sessions are enabled.
+
+
+ stickiness_lb_cookie_duration + +
+ integer +
+ 		+ + +
The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
+
+
+ stickiness_type + +
+ string +
+ 		+ + +
The type of sticky sessions.
+
If not set AWS will default to lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
+
+
+ successful_response_codes + +
+ string +
+ 		+ + +
The HTTP codes to use when checking for a successful response from a target.
+
Accepts multiple values (for example, "200,202") or a range of values (for example, "200-299").
+
Requires the health_check_protocol parameter to be set.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of one or more tags to assign to the target group.
+
+
+ target_type + +
+ string +
+ 		+
    Choices: +
  • instance
    • +
  • ip
    • +
  • lambda
    • +
+ 		+ +
The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID), ip (targets are specified by IP address) or lambda (target is specified by ARN). Note that you can't specify targets for a target group using more than one type. Target type lambda only accept one target. When more than one target is specified, only the first one is used. All additional targets are ignored. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
+
The default behavior is instance.
+
+
+ targets + +
+ list +
+ 		+ + +
A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
+
+
+ unhealthy_threshold_count + +
+ integer +
+ 		+ + +
The number of consecutive health check failures required before considering a target unhealthy.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
The identifier of the virtual private cloud (VPC). Required when state is present.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to wait for the target group.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
200
+ 		+ +
The time to wait for the target group.
+
+
+ + +Notes +----- + +.. note:: + - Once a target group has been created, only its health check can then be modified using subsequent calls + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create a target group with a default health check + - elb_target_group: + name: mytargetgroup + protocol: http + port: 80 + vpc_id: vpc-01234567 + state: present + + # Modify the target group with a custom health check + - elb_target_group: + name: mytargetgroup + protocol: http + port: 80 + vpc_id: vpc-01234567 + health_check_protocol: http + health_check_path: /health_check + health_check_port: 80 + successful_response_codes: 200 + health_check_interval: 15 + health_check_timeout: 3 + healthy_threshold_count: 4 + unhealthy_threshold_count: 3 + state: present + + # Delete a target group + - elb_target_group: + name: mytargetgroup + state: absent + + # Create a target group with instance targets + - elb_target_group: + name: mytargetgroup + protocol: http + port: 81 + vpc_id: vpc-01234567 + health_check_protocol: http + health_check_path: / + successful_response_codes: "200,250-260" + targets: + - Id: i-01234567 + Port: 80 + - Id: i-98765432 + Port: 80 + state: present + wait_timeout: 200 + wait: True + + # Create a target group with IP address targets + - elb_target_group: + name: mytargetgroup + protocol: http + port: 81 + vpc_id: vpc-01234567 + health_check_protocol: http + health_check_path: / + successful_response_codes: "200,250-260" + target_type: ip + targets: + - Id: 10.0.0.10 + Port: 80 + AvailabilityZone: all + - Id: 10.0.0.20 + Port: 80 + state: present + wait_timeout: 200 + wait: True + + # Using lambda as targets require that the target group + # itself is allow to invoke the lambda function. + # therefore you need first to create an empty target group + # to receive its arn, second, allow the target group + # to invoke the lamba function and third, add the target + # to the target group + - name: first, create empty target group + elb_target_group: + name: my-lambda-targetgroup + target_type: lambda + state: present + modify_targets: False + register: out + + - name: second, allow invoke of the lambda + lambda_policy: + state: "{{ state | default('present') }}" + function_name: my-lambda-function + statement_id: someID + action: lambda:InvokeFunction + principal: elasticloadbalancing.amazonaws.com + source_arn: "{{ out.target_group_arn }}" + + - name: third, add target + elb_target_group: + name: my-lambda-targetgroup + target_type: lambda + state: present + targets: + - Id: arn:aws:lambda:eu-central-1:123456789012:function:my-lambda-function + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ deregistration_delay_timeout_seconds + +
+ integer +
+ 		when state present +
The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
+
+
Sample:
+
300
+
+
+ health_check_interval_seconds + +
+ integer +
+ 		when state present +
The approximate amount of time, in seconds, between health checks of an individual target.
+
+
Sample:
+
30
+
+
+ health_check_path + +
+ string +
+ 		when state present +
The destination for the health check request.
+
+
Sample:
+
/index.html
+
+
+ health_check_port + +
+ string +
+ 		when state present +
The port to use to connect with the target.
+
+
Sample:
+
traffic-port
+
+
+ health_check_protocol + +
+ string +
+ 		when state present +
The protocol to use to connect with the target.
+
+
Sample:
+
HTTP
+
+
+ health_check_timeout_seconds + +
+ integer +
+ 		when state present +
The amount of time, in seconds, during which no response means a failed health check.
+
+
Sample:
+
5
+
+
+ healthy_threshold_count + +
+ integer +
+ 		when state present +
The number of consecutive health checks successes required before considering an unhealthy target healthy.
+
+
Sample:
+
5
+
+
+ load_balancer_arns + +
+ list +
+ 		when state present +
The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
+
+
+
+ matcher + +
+ dictionary +
+ 		when state present +
The HTTP codes to use when checking for a successful response from a target.
+
+
Sample:
+
{'http_code': '200'}
+
+
+ port + +
+ integer +
+ 		when state present +
The port on which the targets are listening.
+
+
Sample:
+
80
+
+
+ protocol + +
+ string +
+ 		when state present +
The protocol to use for routing traffic to the targets.
+
+
Sample:
+
HTTP
+
+
+ stickiness_enabled + +
+ boolean +
+ 		when state present +
Indicates whether sticky sessions are enabled.
+
+
Sample:
+
True
+
+
+ stickiness_lb_cookie_duration_seconds + +
+ integer +
+ 		when state present +
The time period, in seconds, during which requests from a client should be routed to the same target.
+
+
Sample:
+
86400
+
+
+ stickiness_type + +
+ string +
+ 		when state present +
The type of sticky sessions.
+
+
Sample:
+
lb_cookie
+
+
+ tags + +
+ dictionary +
+ 		when state present +
The tags attached to the target group.
+
+
Sample:
+
{ 'Tag': 'Example' }
+
+
+ target_group_arn + +
+ string +
+ 		when state present +
The Amazon Resource Name (ARN) of the target group.
+
+
Sample:
+
arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
+
+
+ target_group_name + +
+ string +
+ 		when state present +
The name of the target group.
+
+
Sample:
+
mytargetgroup
+
+
+ unhealthy_threshold_count + +
+ integer +
+ 		when state present +
The number of consecutive health check failures required before considering the target unhealthy.
+
+
Sample:
+
2
+
+
+ vpc_id + +
+ string +
+ 		when state present +
The ID of the VPC for the targets.
+
+
Sample:
+
vpc-0123456
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target_group_info.rst b/docs/community.aws.elb_target_group_info.rst new file mode 100644 index 00000000000..35baa60ee9d --- /dev/null +++ b/docs/community.aws.elb_target_group_info.rst @@ -0,0 +1,839 @@ + +.. _community.aws.elb_target_group_info_: + + +*********************************** +community.aws.elb_target_group_info +*********************************** + +**Gather information about ELB target groups in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ELB target groups in AWS +- This module was called ``elb_target_group_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ collect_targets_health + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When set to "yes", output contains targets health description
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ load_balancer_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the load balancer.
+
+
+ names + +
+ list +
+ 		+ + +
The names of the target groups.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ target_group_arns + +
+ list +
+ 		+ + +
The Amazon Resource Names (ARN) of the target groups.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all target groups + - elb_target_group_info: + + # Gather information about the target group attached to a particular ELB + - elb_target_group_info: + load_balancer_arn: "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" + + # Gather information about a target groups named 'tg1' and 'tg2' + - elb_target_group_info: + names: + - tg1 + - tg2 + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ target_groups + +
+ complex +
+ 		always +
a list of target groups
+
+
  +
+ deregistration_delay_timeout_seconds + +
+ integer +
+ 		always +
The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
+
+
Sample:
+
300
+
  +
+ health_check_interval_seconds + +
+ integer +
+ 		always +
The approximate amount of time, in seconds, between health checks of an individual target.
+
+
Sample:
+
30
+
  +
+ health_check_path + +
+ string +
+ 		always +
The destination for the health check request.
+
+
Sample:
+
/index.html
+
  +
+ health_check_port + +
+ string +
+ 		always +
The port to use to connect with the target.
+
+
Sample:
+
traffic-port
+
  +
+ health_check_protocol + +
+ string +
+ 		always +
The protocol to use to connect with the target.
+
+
Sample:
+
HTTP
+
  +
+ health_check_timeout_seconds + +
+ integer +
+ 		always +
The amount of time, in seconds, during which no response means a failed health check.
+
+
Sample:
+
5
+
  +
+ healthy_threshold_count + +
+ integer +
+ 		always +
The number of consecutive health checks successes required before considering an unhealthy target healthy.
+
+
Sample:
+
5
+
  +
+ load_balancer_arns + +
+ list +
+ 		always +
The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
+
+
  +
+ matcher + +
+ dictionary +
+ 		always +
The HTTP codes to use when checking for a successful response from a target.
+
+
Sample:
+
{'http_code': '200'}
+
  +
+ port + +
+ integer +
+ 		always +
The port on which the targets are listening.
+
+
Sample:
+
80
+
  +
+ protocol + +
+ string +
+ 		always +
The protocol to use for routing traffic to the targets.
+
+
Sample:
+
HTTP
+
  +
+ stickiness_enabled + +
+ boolean +
+ 		always +
Indicates whether sticky sessions are enabled.
+
+
Sample:
+
True
+
  +
+ stickiness_lb_cookie_duration_seconds + +
+ integer +
+ 		always +
Indicates whether sticky sessions are enabled.
+
+
Sample:
+
86400
+
  +
+ stickiness_type + +
+ string +
+ 		always +
The type of sticky sessions.
+
+
Sample:
+
lb_cookie
+
  +
+ tags + +
+ dictionary +
+ 		always +
The tags attached to the target group.
+
+
Sample:
+
{ 'Tag': 'Example' }
+
  +
+ target_group_arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) of the target group.
+
+
Sample:
+
arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
+
  +
+ target_group_name + +
+ string +
+ 		always +
The name of the target group.
+
+
Sample:
+
mytargetgroup
+
  +
+ targets_health_description + +
+ complex +
+ 		when collect_targets_health is enabled +
Targets health description.
+
+
   +
+ health_check_port + +
+ string +
+ 		always +
The port to check target health.
+
+
Sample:
+
80
+
   +
+ target + +
+ complex +
+ 		always +
The target metadata.
+
+
    +
+ id + +
+ string +
+ 		always +
The ID of the target.
+
+
Sample:
+
i-0123456789
+
    +
+ port + +
+ integer +
+ 		always +
The port to use to connect with the target.
+
+
Sample:
+
80
+
   +
+ target_health + +
+ complex +
+ 		always +
The target health status.
+
+
    +
+ state + +
+ string +
+ 		always +
The state of the target health.
+
+
Sample:
+
healthy
+
  +
+ unhealthy_threshold_count + +
+ integer +
+ 		always +
The number of consecutive health check failures required before considering the target unhealthy.
+
+
Sample:
+
2
+
  +
+ vpc_id + +
+ string +
+ 		always +
The ID of the VPC for the targets.
+
+
Sample:
+
vpc-0123456
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target_info.rst b/docs/community.aws.elb_target_info.rst new file mode 100644 index 00000000000..3055ec55e06 --- /dev/null +++ b/docs/community.aws.elb_target_info.rst @@ -0,0 +1,600 @@ + +.. _community.aws.elb_target_info_: + + +***************************** +community.aws.elb_target_info +***************************** + +**Gathers which target groups a target is associated with.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module will search through every target group in a region to find which ones have registered a given instance ID or IP. +- This module was called ``elb_target_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ get_unused_target_groups + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether or not to get target groups not used by any load balancers.
+
+
+ instance_id + +
+ string + / required
+ 		+ + +
What instance ID to get information for.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # practical use case - dynamically deregistering and reregistering nodes + + - name: Get EC2 Metadata + action: ec2_metadata_facts + + - name: Get initial list of target groups + delegate_to: localhost + elb_target_info: + instance_id: "{{ ansible_ec2_instance_id }}" + region: "{{ ansible_ec2_placement_region }}" + register: target_info + + - name: save fact for later + set_fact: + original_tgs: "{{ target_info.instance_target_groups }}" + + - name: Deregister instance from all target groups + delegate_to: localhost + elb_target: + target_group_arn: "{{ item.0.target_group_arn }}" + target_port: "{{ item.1.target_port }}" + target_az: "{{ item.1.target_az }}" + target_id: "{{ item.1.target_id }}" + state: absent + target_status: "draining" + region: "{{ ansible_ec2_placement_region }}" + with_subelements: + - "{{ original_tgs }}" + - "targets" + + # This avoids having to wait for 'elb_target' to serially deregister each + # target group. An alternative would be to run all of the 'elb_target' + # tasks async and wait for them to finish. + + - name: wait for all targets to deregister simultaneously + delegate_to: localhost + elb_target_info: + get_unused_target_groups: false + instance_id: "{{ ansible_ec2_instance_id }}" + region: "{{ ansible_ec2_placement_region }}" + register: target_info + until: (target_info.instance_target_groups | length) == 0 + retries: 60 + delay: 10 + + - name: reregister in elbv2s + elb_target: + region: "{{ ansible_ec2_placement_region }}" + target_group_arn: "{{ item.0.target_group_arn }}" + target_port: "{{ item.1.target_port }}" + target_az: "{{ item.1.target_az }}" + target_id: "{{ item.1.target_id }}" + state: present + target_status: "initial" + with_subelements: + - "{{ original_tgs }}" + - "targets" + + # wait until all groups associated with this instance are 'healthy' or + # 'unused' + - name: wait for registration + elb_target_info: + get_unused_target_groups: false + instance_id: "{{ ansible_ec2_instance_id }}" + region: "{{ ansible_ec2_placement_region }}" + register: target_info + until: (target_info.instance_target_groups | + map(attribute='targets') | + flatten | + map(attribute='target_health') | + rejectattr('state', 'equalto', 'healthy') | + rejectattr('state', 'equalto', 'unused') | + list | + length) == 0 + retries: 61 + delay: 10 + + # using the target groups to generate AWS CLI commands to reregister the + # instance - useful in case the playbook fails mid-run and manual + # rollback is required + - name: "reregistration commands: ELBv2s" + debug: + msg: > + aws --region {{ansible_ec2_placement_region}} elbv2 + register-targets --target-group-arn {{item.target_group_arn}} + --targets{%for target in item.targets%} + Id={{target.target_id}}, + Port={{target.target_port}}{%if target.target_az%},AvailabilityZone={{target.target_az}} + {%endif%} + {%endfor%} + loop: "{{target_info.instance_target_groups}}" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ instance_target_groups + +
+ complex +
+ 		always +
a list of target groups to which the instance is registered to
+
+
  +
+ target_group_arn + +
+ string +
+ 		always +
The ARN of the target group
+
+
Sample:
+
['arn:aws:elasticloadbalancing:eu-west-1:111111111111:targetgroup/target-group/deadbeefdeadbeef']
+
  +
+ target_group_type + +
+ string +
+ 		always +
Which target type is used for this group
+
+
Sample:
+
['ip', 'instance']
+
  +
+ targets + +
+ complex +
+ 		always +
A list of targets that point to this instance ID
+
+
   +
+ target_az + +
+ string +
+ 		when an AZ is associated with this instance +
which availability zone is explicitly associated with this target
+
+
Sample:
+
['us-west-2a']
+
   +
+ target_health + +
+ complex +
+ 		always +
The target health description.
+ +
+
    +
+ description + +
+ string +
+ 		if state!=present +
description of target health
+
+
Sample:
+
['Target desregistration is in progress']
+
    +
+ reason + +
+ string +
+ 		if state!=healthy +
reason code for target health
+
+
Sample:
+
['Target.Deregistration in progress']
+
    +
+ state + +
+ string +
+ 		always +
health state
+
+
Sample:
+
['healthy', 'draining', 'initial', 'unhealthy', 'unused', 'unavailable']
+
   +
+ target_id + +
+ string +
+ 		always +
the target ID referring to this instance
+
+
Sample:
+
['i-deadbeef', '1.2.3.4']
+
   +
+ target_port + +
+ string +
+ 		always +
which port this target is listening on
+
+
Sample:
+
[80]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Yaakov Kuperman (@yaakov-github) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.execute_lambda.rst b/docs/community.aws.execute_lambda.rst new file mode 100644 index 00000000000..e51cebce457 --- /dev/null +++ b/docs/community.aws.execute_lambda.rst @@ -0,0 +1,479 @@ + +.. _community.aws.execute_lambda_: + + +**************************** +community.aws.execute_lambda +**************************** + +**Execute an AWS Lambda function** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module executes AWS Lambda functions, allowing synchronous and asynchronous invocation. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ dry_run + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Do not *actually* invoke the function. A DryRun call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ function_arn + +
+ string +
+ 		+ + +
The name of the function to be invoked
+
+
+ name + +
+ string +
+ 		+ + +
The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use function_arn to specify the full ARN.
+
+
+ payload + +
+ dictionary +
+ 		+ Default:
{}
+ 		+ +
A dictionary in any form to be provided as input to the Lambda function.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ tail_log + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If tail_log=yes, the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation wait=yes. This is usually used for development or testing Lambdas.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ version_qualifier + +
+ string +
+ 		+ + +
Which version/alias of the function to run. This defaults to the LATEST revision, but can be set to any existing version or alias. See https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to wait for the function results or not. If wait=no the task will not return any results. To wait for the Lambda function to complete, set wait=yes and the result will be available in the output key.
+
+
+ + +Notes +----- + +.. note:: + - Async invocation will always return an empty ``output`` key. + - Synchronous invocation may result in a function timeout, resulting in an empty ``output`` key. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - execute_lambda: + name: test-function + # the payload is automatically serialized and sent to the function + payload: + foo: bar + value: 8 + register: response + + # Test that you have sufficient permissions to execute a Lambda function in + # another account + - execute_lambda: + function_arn: arn:aws:lambda:us-east-1:123456789012:function/some-function + dry_run: true + + - execute_lambda: + name: test-function + payload: + foo: bar + value: 8 + wait: true + tail_log: true + register: response + # the response will have a `logs` key that will contain a log (up to 4KB) of the function execution in Lambda + + # Pass the Lambda event payload as a json file. + - execute_lambda: + name: test-function + payload: "{{ lookup('file','lambda_event.json') }}" + register: response + + - execute_lambda: + name: test-function + version_qualifier: PRODUCTION + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ logs + +
+ string +
+ 		if tail_log == true +
The last 4KB of the function logs. Only provided if tail_log is true
+
+
+
+ output + +
+ dictionary +
+ 		success +
Function output if wait=true and the function returns a value
+
+
Sample:
+
{ 'output': 'something' }
+
+
+ status + +
+ integer +
+ 		always +
StatusCode of API call exit (200 for synchronous invokes, 202 for async)
+
+
Sample:
+
200
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam.rst b/docs/community.aws.iam.rst new file mode 100644 index 00000000000..78b6029adf4 --- /dev/null +++ b/docs/community.aws.iam.rst @@ -0,0 +1,616 @@ + +.. _community.aws.iam_: + + +***************** +community.aws.iam +***************** + +**Manage IAM users, groups, roles and keys** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of IAM users, user API keys, groups, roles. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ access_key_ids + +
+ list +
+ 		+ + +
A list of the keys that you want affected by the access_key_state parameter.
+
+
+ access_key_state + +
+ string +
+ 		+
    Choices: +
  • create
    • +
  • remove
    • +
  • active
    • +
  • inactive
    • +
  • Create
    • +
  • Remove
    • +
  • Active
    • +
  • Inactive
    • +
+ 		+ +
When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ groups + +
+ list +
+ 		+ + +
A list of groups the user should belong to. When state=update, will gracefully remove groups not listed.
+
+
+ iam_type + +
+ string + / required
+ 		+
    Choices: +
  • user
    • +
  • group
    • +
  • role
    • +
+ 		+ +
Type of IAM resource.
+
+
+ key_count + +
+ integer +
+ 		+ Default:
1
+ 		+ +
When access_key_state=create it will ensure this quantity of keys are present.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of IAM resource to create or identify.
+
+
+ new_name + +
+ string +
+ 		+ + +
When state=update, will replace name with new_name on IAM resource.
+
+
+ new_path + +
+ string +
+ 		+ + +
When state=update, will replace the path with new_path on the IAM resource.
+
+
+ password + +
+ string +
+ 		+ + +
When type=user and either state=present or state=update, define the users login password.
+
Note that this will always return 'changed'.
+
+
+ path + +
+ string +
+ 		+ Default:
"/"
+ 		+ +
When creating or updating, specify the desired path of the resource.
+
If state=present, it will replace the current path to match what is passed in when they do not match.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • update
    • +
+ 		+ +
Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
+
+
+ trust_policy + +
+ dictionary +
+ 		+ + +
The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role.
+
Mutually exclusive with trust_policy_filepath.
+
+
+ trust_policy_filepath + +
+ string +
+ 		+ + +
The path to the trust policy document that grants an entity permission to assume the role.
+
Mutually exclusive with trust_policy.
+
+
+ update_password + +
+ string +
+ 		+
    Choices: +
  • always ←
    • +
  • on_create
    • +
+ 		+ +
When to update user passwords.
+
update_password=always will ensure the password is set to password.
+
update_password=on_create will only set the password for newly created users.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - Currently boto does not support the removal of Managed Policies, the module will error out if your user/group/role has managed policies when you try to do state=absent. They will need to be removed manually. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic user creation example + tasks: + - name: Create two new IAM users with API keys + iam: + iam_type: user + name: "{{ item }}" + state: present + password: "{{ temp_pass }}" + access_key_state: create + loop: + - jcleese + - mpython + + # Advanced example, create two new groups and add the pre-existing user + # jdavila to both groups. + task: + - name: Create Two Groups, Mario and Luigi + iam: + iam_type: group + name: "{{ item }}" + state: present + loop: + - Mario + - Luigi + register: new_groups + + - name: + iam: + iam_type: user + name: jdavila + state: update + groups: "{{ item.created_group.group_name }}" + loop: "{{ new_groups.results }}" + + # Example of role with custom trust policy for Lambda service + - name: Create IAM role with custom trust relationship + iam: + iam_type: role + name: AAALambdaTestRole + state: present + trust_policy: + Version: '2012-10-17' + Statement: + - Action: sts:AssumeRole + Effect: Allow + Principal: + Service: lambda.amazonaws.com + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ role_result + +
+ string +
+ 		if iam_type=role and state=present +
the IAM.role dict returned by Boto
+
+
Sample:
+
{'arn': 'arn:aws:iam::A1B2C3D4E5F6:role/my-new-role', 'assume_role_policy_document': '...truncated...', 'create_date': '2017-09-02T14:32:23Z', 'path': '/', 'role_id': 'AROAA1B2C3D4E5F6G7H8I', 'role_name': 'my-new-role'}
+
+
+ roles + +
+ list +
+ 		if iam_type=role and state=present +
a list containing the name of the currently defined roles
+
+
Sample:
+
['my-new-role', 'my-existing-role-1', 'my-existing-role-2', 'my-existing-role-3', 'my-existing-role-...']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jonathan I. Davila (@defionscode) +- Paul Seiffert (@seiffert) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_cert.rst b/docs/community.aws.iam_cert.rst new file mode 100644 index 00000000000..d2073436b4b --- /dev/null +++ b/docs/community.aws.iam_cert.rst @@ -0,0 +1,444 @@ + +.. _community.aws.iam_cert_: + + +********************** +community.aws.iam_cert +********************** + +**Manage server certificates for use on ELBs and CloudFront** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of server certificates. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cert + +
+ string +
+ 		+ + +
The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
+
+
+ cert_chain + +
+ string +
+ 		+ + +
The path to, or content of, the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ dup_ok + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
By default the module will not upload a certificate that is already uploaded into AWS.
+
If dup_ok=True, it will upload the certificate as long as the name is unique.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ key + +
+ string +
+ 		+ + +
The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of certificate to add, update or remove.
+
+
+ new_name + +
+ string +
+ 		+ + +
When state is present, this will update the name of the cert.
+
The cert, key and cert_chain parameters will be ignored if this is defined.
+
+
+ new_path + +
+ string +
+ 		+ + +
When state is present, this will update the path of the cert.
+
The cert, key and cert_chain parameters will be ignored if this is defined.
+
+
+ path + +
+ string +
+ 		+ Default:
"/"
+ 		+ +
When creating or updating, specify the desired path of the certificate.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Whether to create(or update) or delete the certificate.
+
If new_path or new_name is defined, specifying present will attempt to make an update these.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic server certificate upload from local file + - iam_cert: + name: very_ssl + state: present + cert: "{{ lookup('file', 'path/to/cert') }}" + key: "{{ lookup('file', 'path/to/key') }}" + cert_chain: "{{ lookup('file', 'path/to/certchain') }}" + + # Basic server certificate upload + - iam_cert: + name: very_ssl + state: present + cert: path/to/cert + key: path/to/key + cert_chain: path/to/certchain + + # Server certificate upload using key string + - iam_cert: + name: very_ssl + state: present + path: "/a/cert/path/" + cert: body_of_somecert + key: vault_body_of_privcertkey + cert_chain: body_of_myverytrustedchain + + # Basic rename of existing certificate + - iam_cert: + name: very_ssl + new_name: new_very_ssl + state: present + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jonathan I. Davila (@defionscode) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_group.rst b/docs/community.aws.iam_group.rst new file mode 100644 index 00000000000..0d7c2680ba0 --- /dev/null +++ b/docs/community.aws.iam_group.rst @@ -0,0 +1,666 @@ + +.. _community.aws.iam_group_: + + +*********************** +community.aws.iam_group +*********************** + +**Manage AWS IAM groups** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage AWS IAM groups. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ managed_policies + +
+ list + / elements=string
+ 		+ + +
A list of managed policy ARNs or friendly names to attach to the role.
+
To embed an inline policy, use iam_policy.
+

aliases: managed_policy
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the group to create.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_policies + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When purge_policies=true any managed policies not listed in managed_policies will be detatched.
+

aliases: purge_policy, purge_managed_policies
+
+
+ purge_users + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When purge_users=true users which are not included in users will be detached.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or remove the IAM group.
+
+
+ users + +
+ list + / elements=string
+ 		+ + +
A list of existing users to add as members of the group.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create a group + - iam_group: + name: testgroup1 + state: present + + # Create a group and attach a managed policy using its ARN + - iam_group: + name: testgroup1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + state: present + + # Create a group with users as members and attach a managed policy using its ARN + - iam_group: + name: testgroup1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + users: + - test_user1 + - test_user2 + state: present + + # Remove all managed policies from an existing group with an empty list + - iam_group: + name: testgroup1 + state: present + purge_policies: true + + # Remove all group members from an existing group + - iam_group: + name: testgroup1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + purge_users: true + state: present + + + # Delete the group + - iam_group: + name: testgroup1 + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ iam_group + +
+ complex +
+ 		success +
dictionary containing all the group information including group membership
+
+
  +
+ group + +
+ complex +
+ 		success +
dictionary containing all the group information
+
+
   +
+ arn + +
+ string +
+ 		+
the Amazon Resource Name (ARN) specifying the group
+
+
Sample:
+
arn:aws:iam::1234567890:group/testgroup1
+
   +
+ create_date + +
+ string +
+ 		+
the date and time, in ISO 8601 date-time format, when the group was created
+
+
Sample:
+
2017-02-08T04:36:28+00:00
+
   +
+ group_id + +
+ string +
+ 		+
the stable and unique string identifying the group
+
+
Sample:
+
AGPAIDBWE12NSFINE55TM
+
   +
+ group_name + +
+ string +
+ 		+
the friendly name that identifies the group
+
+
Sample:
+
testgroup1
+
   +
+ path + +
+ string +
+ 		+
the path to the group
+
+
Sample:
+
/
+
  +
+ users + +
+ complex +
+ 		success +
list containing all the group members
+
+
   +
+ arn + +
+ string +
+ 		+
the Amazon Resource Name (ARN) specifying the user
+
+
Sample:
+
arn:aws:iam::1234567890:user/test_user1
+
   +
+ create_date + +
+ string +
+ 		+
the date and time, in ISO 8601 date-time format, when the user was created
+
+
Sample:
+
2017-02-08T04:36:28+00:00
+
   +
+ path + +
+ string +
+ 		+
the path to the user
+
+
Sample:
+
/
+
   +
+ user_id + +
+ string +
+ 		+
the stable and unique string identifying the user
+
+
Sample:
+
AIDAIZTPY123YQRS22YU2
+
   +
+ user_name + +
+ string +
+ 		+
the friendly name that identifies the user
+
+
Sample:
+
testgroup1
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) +- Maksym Postument (@infectsoldier) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_managed_policy.rst b/docs/community.aws.iam_managed_policy.rst new file mode 100644 index 00000000000..3e84add10eb --- /dev/null +++ b/docs/community.aws.iam_managed_policy.rst @@ -0,0 +1,453 @@ + +.. _community.aws.iam_managed_policy_: + + +******************************** +community.aws.iam_managed_policy +******************************** + +**Manage User Managed IAM policies** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows creating and removing managed IAM policies + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ fail_on_delete + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
The fail_on_delete option does nothing and will be removed in Ansible 2.14.
+
+
+ make_default + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Make this revision the default revision.
+
+
+ only_version + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Remove all other non default revisions, if this is used with make_default it will result in all other versions of this policy being deleted.
+
+
+ policy + +
+ json +
+ 		+ + +
A properly json formatted policy
+
+
+ policy_description + +
+ string +
+ 		+ Default:
""
+ 		+ +
A helpful description of this policy, this value is immutable and only set when creating a new policy.
+
+
+ policy_name + +
+ string + / required
+ 		+ + +
The name of the managed policy.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create Policy ex nihilo + - name: Create IAM Managed Policy + iam_managed_policy: + policy_name: "ManagedPolicy" + policy_description: "A Helpful managed policy" + policy: "{{ lookup('template', 'managed_policy.json.j2') }}" + state: present + + # Update a policy with a new default version + - name: Create IAM Managed Policy + iam_managed_policy: + policy_name: "ManagedPolicy" + policy: "{{ lookup('file', 'managed_policy_update.json') }}" + state: present + + # Update a policy with a new non default version + - name: Create IAM Managed Policy + iam_managed_policy: + policy_name: "ManagedPolicy" + policy: "{{ lookup('file', 'managed_policy_update.json') }}" + make_default: false + state: present + + # Update a policy and make it the only version and the default version + - name: Create IAM Managed Policy + iam_managed_policy: + policy_name: "ManagedPolicy" + policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" + only_version: true + state: present + + # Remove a policy + - name: Create IAM Managed Policy + iam_managed_policy: + policy_name: "ManagedPolicy" + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ policy + +
+ string +
+ 		success +
Returns the policy json structure, when state == absent this will return the value of the removed policy.
+
+
Sample:
+
{ "arn": "arn:aws:iam::aws:policy/AdministratorAccess " "attachment_count": 0, "create_date": "2017-03-01T15:42:55.981000+00:00", "default_version_id": "v1", "is_attachable": true, "path": "/", "policy_id": "ANPALM4KLDMTFXGOOJIHL", "policy_name": "AdministratorAccess", "update_date": "2017-03-01T15:42:55.981000+00:00" }
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Dan Kozlowski (@dkhenry) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_mfa_device_info.rst b/docs/community.aws.iam_mfa_device_info.rst new file mode 100644 index 00000000000..8488c41b42e --- /dev/null +++ b/docs/community.aws.iam_mfa_device_info.rst @@ -0,0 +1,311 @@ + +.. _community.aws.iam_mfa_device_info_: + + +********************************* +community.aws.iam_mfa_device_info +********************************* + +**List the MFA (Multi-Factor Authentication) devices registered for a user** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- List the MFA (Multi-Factor Authentication) devices registered for a user +- This module was called ``iam_mfa_device_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ user_name + +
+ string +
+ 		+ + +
The name of the user whose MFA devices will be listed
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # List MFA devices (more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html) + - iam_mfa_device_info: + register: mfa_devices + + # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) + - sts_assume_role: + mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" + role_arn: "arn:aws:iam::123456789012:role/someRole" + role_session_name: "someRoleSession" + register: assumed_role + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ mfa_devices + +
+ list +
+ 		always +
The MFA devices registered for the given user
+
+
Sample:
+
[{'enable_date': '2016-03-11T23:25:36+00:00', 'serial_number': 'arn:aws:iam::085120003701:mfa/pwnall', 'user_name': 'pwnall'}, {'enable_date': '2016-03-11T23:25:37+00:00', 'serial_number': 'arn:aws:iam::085120003702:mfa/pwnall', 'user_name': 'pwnall'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Victor Costan (@pwnall) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_password_policy.rst b/docs/community.aws.iam_password_policy.rst new file mode 100644 index 00000000000..fe5e56eaaaf --- /dev/null +++ b/docs/community.aws.iam_password_policy.rst @@ -0,0 +1,467 @@ + +.. _community.aws.iam_password_policy_: + + +********************************* +community.aws.iam_password_policy +********************************* + +**Update an IAM Password Policy** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module updates an IAM Password Policy on a given AWS account + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ allow_pw_change + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Allow users to change their password.
+

aliases: allow_password_change
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ min_pw_length + +
+ integer +
+ 		+ Default:
6
+ 		+ +
Minimum password length.
+

aliases: minimum_password_length
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ pw_expire + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Prevents users from change an expired password.
+

aliases: password_expire, expire
+
+
+ pw_max_age + +
+ integer +
+ 		+ Default:
0
+ 		+ +
Maximum age for a password in days. When this option is 0 then passwords do not expire automatically.
+

aliases: password_max_age
+
+
+ pw_reuse_prevent + +
+ integer +
+ 		+ Default:
0
+ 		+ +
Prevent re-use of passwords.
+

aliases: password_reuse_prevent, prevent_reuse
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ require_lowercase + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Require lowercase letters in password.
+
+
+ require_numbers + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Require numbers in password.
+
+
+ require_symbols + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Require symbols in password.
+
+
+ require_uppercase + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Require uppercase letters in password.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Specifies the overall state of the password policy.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Password policy for AWS account + iam_password_policy: + state: present + min_pw_length: 8 + require_symbols: false + require_numbers: true + require_uppercase: true + require_lowercase: true + allow_pw_change: true + pw_max_age: 60 + pw_reuse_prevent: 5 + pw_expire: false + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_policy.rst b/docs/community.aws.iam_policy.rst new file mode 100644 index 00000000000..2d507d5c790 --- /dev/null +++ b/docs/community.aws.iam_policy.rst @@ -0,0 +1,428 @@ + +.. _community.aws.iam_policy_: + + +************************ +community.aws.iam_policy +************************ + +**Manage inline IAM policies for users, groups, and roles** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows uploading or removing inline IAM policies for IAM users, groups or roles. +- To administer managed policies please see :ref:`iam_user `, :ref:`iam_role `, :ref:`iam_group ` and :ref:`iam_managed_policy ` + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ iam_name + +
+ string + / required
+ 		+ + +
Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
+
+
+ iam_type + +
+ string + / required
+ 		+
    Choices: +
  • user
    • +
  • group
    • +
  • role
    • +
+ 		+ +
Type of IAM resource.
+
+
+ policy_document + +
+ string +
+ 		+ + +
The path to the properly json formatted policy file.
+
Mutually exclusive with policy_json.
+
This option has been deprecated and will be removed in 2.14. The existing behavior can be reproduced by using the policy_json option and reading the file using the lookup plugin.
+
+
+ policy_json + +
+ json +
+ 		+ + +
A properly json formatted policy as string.
+
Mutually exclusive with policy_document.
+ +
+
+ policy_name + +
+ string + / required
+ 		+ + +
The name label for the policy to create or remove.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ skip_duplicates + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
When skip_duplicates=true the module looks for any policies that match the document you pass in. If there is a match it will not make a new policy object with the same rules.
+
The current default is true. However, this behavior can be confusing and as such the default will change to false in 2.14. To maintain the existing behavior explicitly set skip_duplicates=true.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether to create or delete the IAM policy.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a policy with the name of 'Admin' to the group 'administrators' + - name: Assign a policy called Admin to the administrators group + iam_policy: + iam_type: group + iam_name: administrators + policy_name: Admin + state: present + policy_document: admin_policy.json + + # Advanced example, create two new groups and add a READ-ONLY policy to both + # groups. + - name: Create Two Groups, Mario and Luigi + iam: + iam_type: group + name: "{{ item }}" + state: present + loop: + - Mario + - Luigi + register: new_groups + + - name: Apply READ-ONLY policy to new groups that have been recently created + iam_policy: + iam_type: group + iam_name: "{{ item.created_group.group_name }}" + policy_name: "READ-ONLY" + policy_document: readonlypolicy.json + state: present + loop: "{{ new_groups.results }}" + + # Create a new S3 policy with prefix per user + - name: Create S3 policy from template + iam_policy: + iam_type: user + iam_name: "{{ item.user }}" + policy_name: "s3_limited_access_{{ item.prefix }}" + state: present + policy_json: " {{ lookup( 'template', 's3_policy.json.j2') }} " + loop: + - user: s3_user + prefix: s3_user_prefix + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jonathan I. Davila (@defionscode) +- Dennis Podkovyrin (@sbj-ss) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_policy_info.rst b/docs/community.aws.iam_policy_info.rst new file mode 100644 index 00000000000..eeab1bf3fcf --- /dev/null +++ b/docs/community.aws.iam_policy_info.rst @@ -0,0 +1,407 @@ + +.. _community.aws.iam_policy_info_: + + +***************************** +community.aws.iam_policy_info +***************************** + +**Retrieve inline IAM policies for users, groups, and roles** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Supports fetching of inline IAM policies for IAM users, groups and roles. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ iam_name + +
+ string + / required
+ 		+ + +
Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name.
+
+
+ iam_type + +
+ string + / required
+ 		+
    Choices: +
  • user
    • +
  • group
    • +
  • role
    • +
+ 		+ +
Type of IAM resource you wish to retrieve inline policies for.
+
+
+ policy_name + +
+ string +
+ 		+ + +
Name of a specific IAM inline policy you with to retrieve.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Describe all inline IAM policies on an IAM User + - iam_policy_info: + iam_type: user + iam_name: example_user + + # Describe a specific inline policy on an IAM Role + - iam_policy_info: + iam_type: role + iam_name: example_role + policy_name: example_policy + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ all_policy_names + +
+ list +
+ 		success +
A list of names of all of the IAM inline policies on the queried object
+
+
+
+ policies + +
+ complex +
+ 		success +
A list containing the matching IAM inline policy names and their data
+
+
  +
+ policy_document + +
+ list +
+ 		success +
The JSON document representing the inline IAM policy
+
+
  +
+ policy_name + +
+ string +
+ 		success +
The Name of the inline policy
+
+
+
+ policy_names + +
+ list +
+ 		success +
A list of matching names of the IAM inline policies on the queried object
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chappell (@tremble) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_role.rst b/docs/community.aws.iam_role.rst new file mode 100644 index 00000000000..28bfd73043d --- /dev/null +++ b/docs/community.aws.iam_role.rst @@ -0,0 +1,709 @@ + +.. _community.aws.iam_role_: + + +********************** +community.aws.iam_role +********************** + +**Manage AWS IAM roles** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage AWS IAM roles. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ assume_role_policy_document + +
+ json +
+ 		+ + +
The trust relationship policy document that grants an entity permission to assume the role.
+
This parameter is required when state=present.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ boundary + +
+ string +
+ 		+ + +
The ARN of an IAM managed policy to use to restrict the permissions this role can pass on to IAM roles/users that it creates.
+
Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
+
This is intended for roles/users that have permissions to create new IAM objects.
+ +
Requires botocore 1.10.57 or above.
+

aliases: boundary_policy_arn
+
+
+ create_instance_profile + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Creates an IAM instance profile along with the role.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delete_instance_profile + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When delete_instance_profile=true and state=absent deleting a role will also delete the instance profile created with the same name as the role.
+
Only applies when state=absent.
+
+
+ description + +
+ string +
+ 		+ + +
Provides a description of the role.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ managed_policies + +
+ list +
+ 		+ + +
A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
+
To remove all policies set purge_polices=true and managed_policies=[None].
+
To embed an inline policy, use iam_policy.
+

aliases: managed_policy
+
+
+ max_session_duration + +
+ integer +
+ 		+ + +
The maximum duration (in seconds) of a session when assuming the role.
+
Valid values are between 1 and 12 hours (3600 and 43200 seconds).
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the role to create.
+
+
+ path + +
+ string +
+ 		+ Default:
"/"
+ 		+ +
The path to the role. For more information about paths, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_policies + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
When purge_policies=true any managed policies not listed in managed_policies will be detatched.
+
By default purge_policies=true. In Ansible 2.14 this will be changed to purge_policies=false.
+

aliases: purge_policy, purge_managed_policies
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Remove tags not listed in tags when tags is specified.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or remove the IAM role.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Tag dict to apply to the queue.
+
Requires botocore 1.12.46 or above.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create a role with description and tags + iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file','policy.json') }}" + description: This is My New Role + tags: + env: dev + + - name: "Create a role and attach a managed policy called 'PowerUserAccess'" + iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file','policy.json') }}" + managed_policies: + - arn:aws:iam::aws:policy/PowerUserAccess + + - name: Keep the role created above but remove all managed policies + iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file','policy.json') }}" + managed_policies: [] + + - name: Delete the role + iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file', 'policy.json') }}" + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ iam_role + +
+ complex +
+ 		success +
dictionary containing the IAM Role data
+
+
  +
+ arn + +
+ string +
+ 		always +
the Amazon Resource Name (ARN) specifying the role
+
+
Sample:
+
arn:aws:iam::1234567890:role/mynewrole
+
  +
+ assume_role_policy_document + +
+ string +
+ 		always +
the policy that grants an entity permission to assume the role
+
+
Sample:
+
{'statement': [{'action': 'sts:AssumeRole', 'effect': 'Allow', 'principal': {'service': 'ec2.amazonaws.com'}, 'sid': ''}], 'version': '2012-10-17'}
+
  +
+ attached_policies + +
+ list +
+ 		always +
a list of dicts containing the name and ARN of the managed IAM policies attached to the role
+
+
Sample:
+
[{'policy_arn': 'arn:aws:iam::aws:policy/PowerUserAccess', 'policy_name': 'PowerUserAccess'}]
+
  +
+ create_date + +
+ string +
+ 		always +
the date and time, in ISO 8601 date-time format, when the role was created
+
+
Sample:
+
2016-08-14T04:36:28+00:00
+
  +
+ path + +
+ string +
+ 		always +
the path to the role
+
+
Sample:
+
/
+
  +
+ role_id + +
+ string +
+ 		always +
the stable and unique string identifying the role
+
+
Sample:
+
ABCDEFF4EZ4ABCDEFV4ZC
+
  +
+ role_name + +
+ string +
+ 		always +
the friendly name that identifies the role
+
+
Sample:
+
myrole
+
  +
+ tags + +
+ dictionary +
+ 		always +
role tags
+
+
Sample:
+
{"Env": "Prod"}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_role_info.rst b/docs/community.aws.iam_role_info.rst new file mode 100644 index 00000000000..557c5696399 --- /dev/null +++ b/docs/community.aws.iam_role_info.rst @@ -0,0 +1,652 @@ + +.. _community.aws.iam_role_info_: + + +*************************** +community.aws.iam_role_info +*************************** + +**Gather information on IAM roles** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gathers information about IAM roles. +- This module was called ``iam_role_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
Name of a role to search for.
+
Mutually exclusive with path_prefix.
+

aliases: role_name
+
+
+ path_prefix + +
+ string +
+ 		+ + +
Prefix of role to restrict IAM role search for.
+
Mutually exclusive with name.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # find all existing IAM roles + - iam_role_info: + register: result + + # describe a single role + - iam_role_info: + name: MyIAMRole + + # describe all roles matching a path prefix + - iam_role_info: + path_prefix: /application/path + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ iam_roles + +
+ complex +
+ 		always +
List of IAM roles
+
+
  +
+ arn + +
+ string +
+ 		always +
Amazon Resource Name for IAM role.
+
+
Sample:
+
arn:aws:iam::123456789012:role/AnsibleTestRole
+
  +
+ assume_role_policy_document + +
+ string +
+ 		always +
Policy Document describing what can assume the role.
+
+
  +
+ create_date + +
+ string +
+ 		always +
Date IAM role was created.
+
+
Sample:
+
2017-10-23T00:05:08+00:00
+
  +
+ inline_policies + +
+ list +
+ 		always +
List of names of inline policies.
+
+
  +
+ instance_profiles + +
+ complex +
+ 		always +
List of attached instance profiles.
+
+
   +
+ arn + +
+ string +
+ 		always +
Amazon Resource Name for the instance profile.
+
+
Sample:
+
arn:aws:iam::123456789012:instance-profile/AnsibleTestEC2Policy
+
   +
+ create_date + +
+ string +
+ 		always +
Date instance profile was created.
+
+
Sample:
+
2017-10-23T00:05:08+00:00
+
   +
+ instance_profile_id + +
+ string +
+ 		always +
Amazon Identifier for the instance profile.
+
+
Sample:
+
AROAII7ABCD123456EFGH
+
   +
+ instance_profile_name + +
+ string +
+ 		always +
Name of instance profile.
+
+
Sample:
+
AnsibleTestEC2Policy
+
   +
+ path + +
+ string +
+ 		always +
Path of instance profile.
+
+
Sample:
+
/
+
   +
+ roles + +
+ list +
+ 		always +
List of roles associated with this instance profile.
+
+
  +
+ managed_policies + +
+ complex +
+ 		always +
List of attached managed policies.
+
+
   +
+ policy_arn + +
+ string +
+ 		always +
Amazon Resource Name for the policy.
+
+
Sample:
+
arn:aws:iam::123456789012:policy/AnsibleTestEC2Policy
+
   +
+ policy_name + +
+ string +
+ 		always +
Name of managed policy.
+
+
Sample:
+
AnsibleTestEC2Policy
+
  +
+ path + +
+ string +
+ 		always +
Path of role.
+
+
Sample:
+
/
+
  +
+ role_id + +
+ string +
+ 		always +
Amazon Identifier for the role.
+
+
Sample:
+
AROAII7ABCD123456EFGH
+
  +
+ role_name + +
+ string +
+ 		always +
Name of the role.
+
+
Sample:
+
AnsibleTestRole
+
  +
+ tags + +
+ dictionary +
+ 		always +
Role tags.
+
+
Sample:
+
{"Env": "Prod"}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_saml_federation.rst b/docs/community.aws.iam_saml_federation.rst new file mode 100644 index 00000000000..d2b4feabbd1 --- /dev/null +++ b/docs/community.aws.iam_saml_federation.rst @@ -0,0 +1,426 @@ + +.. _community.aws.iam_saml_federation_: + + +********************************* +community.aws.iam_saml_federation +********************************* + +**Maintain IAM SAML federation configuration.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Provides a mechanism to manage AWS IAM SAML Identity Federation providers (create/update/delete metadata). + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the provider to create.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ saml_metadata_document + +
+ string +
+ 		+ + +
The XML document generated by an identity provider (IdP) that supports SAML 2.0.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether to create or delete identity provider. If 'present' is specified it will attempt to update the identity provider matching the name field.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # It is assumed that their matching environment variables are set. + # Creates a new iam saml identity provider if not present + - name: saml provider + iam_saml_federation: + name: example1 + # the > below opens an indented block, so no escaping/quoting is needed when in the indentation level under this key + saml_metadata_document: > + ... + `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ saml_provider + +
+ complex +
+ 		present +
Details of the SAML Identity Provider that was created/modified.
+
+
  +
+ arn + +
+ string +
+ 		present +
The ARN of the identity provider.
+
+
Sample:
+
arn:aws:iam::123456789012:saml-provider/my_saml_provider
+
  +
+ create_date + +
+ string +
+ 		present +
The date and time when the SAML provider was created in ISO 8601 date-time format.
+
+
Sample:
+
2017-02-08T04:36:28+00:00
+
  +
+ expire_date + +
+ string +
+ 		present +
The expiration date and time for the SAML provider in ISO 8601 date-time format.
+
+
Sample:
+
2017-02-08T04:36:28+00:00
+
  +
+ metadata_document + +
+ string +
+ 		present +
The XML metadata document that includes information about an identity provider.
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Tony (@axc450) +- Aidan Rowe (@aidan-) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_server_certificate_info.rst b/docs/community.aws.iam_server_certificate_info.rst new file mode 100644 index 00000000000..15b12cbe680 --- /dev/null +++ b/docs/community.aws.iam_server_certificate_info.rst @@ -0,0 +1,411 @@ + +.. _community.aws.iam_server_certificate_info_: + + +***************************************** +community.aws.iam_server_certificate_info +***************************************** + +**Retrieve the information of a server certificate** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve the attributes of a server certificate. +- This module was called ``iam_server_certificate_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string +
+ 		+ + +
The name of the server certificate you are retrieving attributes for.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Retrieve server certificate + - iam_server_certificate_info: + name: production-cert + register: server_cert + + # Fail if the server certificate name was not found + - iam_server_certificate_info: + name: production-cert + register: server_cert + failed_when: "{{ server_cert.results | length == 0 }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ arn + +
+ string +
+ 		success +
The Amazon resource name of the server certificate
+
+
Sample:
+
arn:aws:iam::911277865346:server-certificate/server-cert-name
+
+
+ certificate_body + +
+ string +
+ 		success +
The asn1der encoded PEM string
+
+
Sample:
+
-----BEGIN CERTIFICATE----- bunch of random data -----END CERTIFICATE-----
+
+
+ expiration + +
+ string +
+ 		success +
The date and time this server certificate will expire, in ISO 8601 format.
+
+
Sample:
+
2017-06-15T12:00:00+00:00
+
+
+ path + +
+ string +
+ 		success +
The path of the server certificate
+
+
Sample:
+
/
+
+
+ server_certificate_id + +
+ string +
+ 		success +
The 21 character certificate id
+
+
Sample:
+
ADWAJXWTZAXIPIMQHMJPO
+
+
+ server_certificate_name + +
+ string +
+ 		success +
The name of the server certificate
+
+
Sample:
+
server-cert-name
+
+
+ upload_date + +
+ string +
+ 		success +
The date and time this server certificate was uploaded, in ISO 8601 format.
+
+
Sample:
+
2015-04-25T00:36:40+00:00
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Allen Sanabria (@linuxdynasty) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_user.rst b/docs/community.aws.iam_user.rst new file mode 100644 index 00000000000..350e6b85d6b --- /dev/null +++ b/docs/community.aws.iam_user.rst @@ -0,0 +1,477 @@ + +.. _community.aws.iam_user_: + + +********************** +community.aws.iam_user +********************** + +**Manage AWS IAM users** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage AWS IAM users. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ managed_policies + +
+ list +
+ 		+ + +
A list of managed policy ARNs or friendly names to attach to the user.
+
To embed an inline policy, use iam_policy.
+

aliases: managed_policy
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the user to create.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_policies + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When purge_policies=true any managed policies not listed in managed_policies will be detatched.
+

aliases: purge_policy, purge_managed_policies
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Create or remove the IAM user.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Note: This module does not allow management of groups that users belong to. + # Groups should manage their membership directly using `iam_group`, + # as users belong to them. + + # Create a user + - iam_user: + name: testuser1 + state: present + + # Create a user and attach a managed policy using its ARN + - iam_user: + name: testuser1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + state: present + + # Remove all managed policies from an existing user with an empty list + - iam_user: + name: testuser1 + state: present + purge_policies: true + + # Delete the user + - iam_user: + name: testuser1 + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ user + +
+ complex +
+ 		success +
dictionary containing all the user information
+
+
  +
+ arn + +
+ string +
+ 		+
the Amazon Resource Name (ARN) specifying the user
+
+
Sample:
+
arn:aws:iam::1234567890:user/testuser1
+
  +
+ create_date + +
+ string +
+ 		+
the date and time, in ISO 8601 date-time format, when the user was created
+
+
Sample:
+
2017-02-08T04:36:28+00:00
+
  +
+ path + +
+ string +
+ 		+
the path to the user
+
+
Sample:
+
/
+
  +
+ user_id + +
+ string +
+ 		+
the stable and unique string identifying the user
+
+
Sample:
+
AGPAIDBWE12NSFINE55TM
+
  +
+ user_name + +
+ string +
+ 		+
the friendly name that identifies the user
+
+
Sample:
+
testuser1
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Josh Souza (@joshsouza) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_user_info.rst b/docs/community.aws.iam_user_info.rst new file mode 100644 index 00000000000..93b74db510d --- /dev/null +++ b/docs/community.aws.iam_user_info.rst @@ -0,0 +1,457 @@ + +.. _community.aws.iam_user_info_: + + +*************************** +community.aws.iam_user_info +*************************** + +**Gather IAM user(s) facts in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module can be used to gather IAM user(s) facts in AWS. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ group + +
+ string +
+ 		+ + +
The group name name of the IAM user to look for. Mutually exclusive with path.
+
+
+ name + +
+ string +
+ 		+ + +
The name of the IAM user to look for.
+
+
+ path + +
+ string +
+ 		+ Default:
"/"
+ 		+ +
The path to the IAM user. Mutually exclusive with group.
+
If specified, then would get all user names whose path starts with user provided value.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Gather facts about "test" user. + - name: Get IAM user facts + iam_user_info: + name: "test" + + # Gather facts about all users in the "dev" group. + - name: Get IAM user facts + iam_user_info: + group: "dev" + + # Gather facts about all users with "/division_abc/subdivision_xyz/" path. + - name: Get IAM user facts + iam_user_info: + path: "/division_abc/subdivision_xyz/" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ iam_users + +
+ complex +
+ 		success +
list of maching iam users
+
+
  +
+ arn + +
+ string +
+ 		if user exists +
the ARN of the user
+
+
Sample:
+
arn:aws:iam::156360693172:user/dev/test_user
+
  +
+ create_date + +
+ string +
+ 		if user exists +
the datetime user was created
+
+
Sample:
+
2016-05-24T12:24:59+00:00
+
  +
+ password_last_used + +
+ string +
+ 		if password was used at least once +
the last datetime the password was used by user
+
+
Sample:
+
2016-05-25T13:39:11+00:00
+
  +
+ path + +
+ string +
+ 		if user exists +
the path to user
+
+
Sample:
+
/dev/
+
  +
+ user_id + +
+ string +
+ 		if user exists +
the unique user id
+
+
Sample:
+
AIDUIOOCQKTUGI6QJLGH2
+
  +
+ user_name + +
+ string +
+ 		if user exists +
the user name
+
+
Sample:
+
test_user
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Constantin Bugneac (@Constantin07) +- Abhijeet Kasurde (@Akasurde) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.kinesis_stream.rst b/docs/community.aws.kinesis_stream.rst new file mode 100644 index 00000000000..d2822df4212 --- /dev/null +++ b/docs/community.aws.kinesis_stream.rst @@ -0,0 +1,610 @@ + +.. _community.aws.kinesis_stream_: + + +**************************** +community.aws.kinesis_stream +**************************** + +**Manage a Kinesis Stream.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or Delete a Kinesis Stream. +- Update the retention period of a Kinesis Stream. +- Update Tags on a Kinesis Stream. +- Enable/disable server side encryption on a Kinesis Stream. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ encryption_state + +
+ string +
+ 		+
    Choices: +
  • enabled
    • +
  • disabled
    • +
+ 		+ +
Enable or Disable encryption on the Kinesis Stream.
+
+
+ encryption_type + +
+ string +
+ 		+
    Choices: +
  • KMS
    • +
  • NONE
    • +
+ 		+ +
The type of encryption.
+
Defaults to KMS
+
+
+ key_id + +
+ string +
+ 		+ + +
The GUID or alias for the KMS key.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name of the Kinesis Stream you are managing.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ retention_period + +
+ integer +
+ 		+ + +
The length of time (in hours) data records are accessible after they are added to the stream.
+
The default retention period is 24 hours and can not be less than 24 hours.
+
The maximum retention period is 168 hours.
+
The retention period can be modified during any point in time.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ shards + +
+ integer +
+ 		+ + +
The number of shards you want to have with this stream.
+
This is required when state=present
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or Delete the Kinesis Stream.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.
+

aliases: resource_tags
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Wait for operation to complete before returning.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
How many seconds to wait for an operation to complete before timing out.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic creation example: + - name: Set up Kinesis Stream with 10 shards and wait for the stream to become ACTIVE + kinesis_stream: + name: test-stream + shards: 10 + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic creation example with tags: + - name: Set up Kinesis Stream with 10 shards, tag the environment, and wait for the stream to become ACTIVE + kinesis_stream: + name: test-stream + shards: 10 + tags: + Env: development + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic creation example with tags and increase the retention period from the default 24 hours to 48 hours: + - name: Set up Kinesis Stream with 10 shards, tag the environment, increase the retention period and wait for the stream to become ACTIVE + kinesis_stream: + name: test-stream + retention_period: 48 + shards: 10 + tags: + Env: development + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic delete example: + - name: Delete Kinesis Stream test-stream and wait for it to finish deleting. + kinesis_stream: + name: test-stream + state: absent + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic enable encryption example: + - name: Encrypt Kinesis Stream test-stream. + kinesis_stream: + name: test-stream + state: present + encryption_state: enabled + encryption_type: KMS + key_id: alias/aws/kinesis + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic disable encryption example: + - name: Encrypt Kinesis Stream test-stream. + kinesis_stream: + name: test-stream + state: present + encryption_state: disabled + encryption_type: KMS + key_id: alias/aws/kinesis + wait: yes + wait_timeout: 600 + register: test_stream + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ retention_period_hours + +
+ integer +
+ 		when state == present. +
Number of hours messages will be kept for a Kinesis Stream.
+
+
Sample:
+
24
+
+
+ stream_arn + +
+ string +
+ 		when state == present. +
The amazon resource identifier
+
+
Sample:
+
arn:aws:kinesis:east-side:123456789:stream/test-stream
+
+
+ stream_name + +
+ string +
+ 		when state == present. +
The name of the Kinesis Stream.
+
+
Sample:
+
test-stream
+
+
+ stream_status + +
+ string +
+ 		when state == present. +
The current state of the Kinesis Stream.
+
+
Sample:
+
ACTIVE
+
+
+ tags + +
+ dictionary +
+ 		when state == present. +
Dictionary containing all the tags associated with the Kinesis stream.
+
+
Sample:
+
{'Name': 'Splunk', 'Env': 'development'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Allen Sanabria (@linuxdynasty) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda.rst b/docs/community.aws.lambda.rst new file mode 100644 index 00000000000..53b46757dba --- /dev/null +++ b/docs/community.aws.lambda.rst @@ -0,0 +1,674 @@ + +.. _community.aws.lambda_: + + +******************** +community.aws.lambda +******************** + +**Manage AWS Lambda functions** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of Lambda functions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ dead_letter_arn + +
+ string +
+ 		+ + +
The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ environment_variables + +
+ dictionary +
+ 		+ + +
A dictionary of environment variables the Lambda function is given.
+
+
+ handler + +
+ string +
+ 		+ + +
The function within your code that Lambda calls to begin execution.
+
+
+ memory_size + +
+ integer +
+ 		+ Default:
128
+ 		+ +
The amount of memory, in MB, your Lambda function is given.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name you want to assign to the function you are uploading. Cannot be changed.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.
+
Required when state=present.
+
+
+ runtime + +
+ string +
+ 		+ + +
The runtime environment for the Lambda function you are uploading.
+
Required when creating a function. Uses parameters as described in boto3 docs.
+
Required when state=present.
+ +
+
+ s3_bucket + +
+ string +
+ 		+ + +
Amazon S3 bucket name where the .zip file containing your deployment package is stored.
+
If state=present then either zip_file or s3_bucket must be present.
+
s3_bucket and s3_key are required together.
+
+
+ s3_key + +
+ string +
+ 		+ + +
The Amazon S3 object (the deployment package) key name you want to upload.
+
s3_bucket and s3_key are required together.
+
+
+ s3_object_version + +
+ string +
+ 		+ + +
The Amazon S3 object (the deployment package) version you want to upload.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete Lambda function.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
tag dict to apply to the function (requires botocore 1.5.40 or above).
+
+
+ timeout + +
+ integer +
+ 		+ Default:
3
+ 		+ +
The function maximum execution time in seconds after which Lambda should terminate the function.
+
+
+ tracing_mode + +
+ string +
+ 		+
    Choices: +
  • Active
    • +
  • PassThrough
    • +
+ 		+ +
Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_security_group_ids + +
+ list + / elements=string
+ 		+ + +
List of VPC security group IDs to associate with the Lambda function.
+
Required when vpc_subnet_ids is used.
+
+
+ vpc_subnet_ids + +
+ list + / elements=string
+ 		+ + +
List of subnet IDs to run Lambda function in.
+
Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
+
If set, vpc_security_group_ids must also be set.
+
+
+ zip_file + +
+ string +
+ 		+ + +
A .zip file containing your deployment package
+
If state=present then either zip_file or s3_bucket must be present.
+

aliases: src
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create Lambda functions + - name: looped creation + lambda: + name: '{{ item.name }}' + state: present + zip_file: '{{ item.zip_file }}' + runtime: 'python2.7' + role: 'arn:aws:iam::987654321012:role/lambda_basic_execution' + handler: 'hello_python.my_handler' + vpc_subnet_ids: + - subnet-123abcde + - subnet-edcba321 + vpc_security_group_ids: + - sg-123abcde + - sg-edcba321 + environment_variables: '{{ item.env_vars }}' + tags: + key1: 'value1' + loop: + - name: HelloWorld + zip_file: hello-code.zip + env_vars: + key1: "first" + key2: "second" + - name: ByeBye + zip_file: bye-code.zip + env_vars: + key1: "1" + key2: "2" + + # To remove previously added tags pass an empty dict + - name: remove tags + lambda: + name: 'Lambda function' + state: present + zip_file: 'code.zip' + runtime: 'python2.7' + role: 'arn:aws:iam::987654321012:role/lambda_basic_execution' + handler: 'hello_python.my_handler' + tags: {} + + # Basic Lambda function deletion + - name: Delete Lambda functions HelloWorld and ByeBye + lambda: + name: '{{ item }}' + state: absent + loop: + - HelloWorld + - ByeBye + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ code + +
+ dictionary +
+ 		success +
the lambda function location returned by get_function in boto3
+
+
Sample:
+
{'location': 'a presigned S3 URL', 'repository_type': 'S3'}
+
+
+ configuration + +
+ dictionary +
+ 		success +
the lambda function metadata returned by get_function in boto3
+
+
Sample:
+
{'code_sha256': 'zOAGfF5JLFuzZoSNirUtOrQp+S341IOA3BcoXXoaIaU=', 'code_size': 123, 'description': 'My function', 'environment': {'variables': {'key': 'value'}}, 'function_arn': 'arn:aws:lambda:us-east-1:123456789012:function:myFunction:1', 'function_name': 'myFunction', 'handler': 'index.handler', 'last_modified': '2017-08-01T00:00:00.000+0000', 'memory_size': 128, 'revision_id': 'a2x9886d-d48a-4a0c-ab64-82abc005x80c', 'role': 'arn:aws:iam::123456789012:role/lambda_basic_execution', 'runtime': 'nodejs6.10', 'tracing_config': {'mode': 'Active'}, 'timeout': 3, 'version': '1', 'vpc_config': {'security_group_ids': [], 'subnet_ids': [], 'vpc_id': '123'}}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Steyn Huizinga (@steynovich) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_alias.rst b/docs/community.aws.lambda_alias.rst new file mode 100644 index 00000000000..cf152fb538a --- /dev/null +++ b/docs/community.aws.lambda_alias.rst @@ -0,0 +1,482 @@ + +.. _community.aws.lambda_alias_: + + +************************** +community.aws.lambda_alias +************************** + +**Creates, updates or deletes AWS Lambda function aliases** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda functions aliases via the Ansible framework. It is idempotent and supports "Check" mode. Use module :ref:`lambda ` to manage the lambda function itself and :ref:`lambda_event ` to manage event source mappings. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
A short, user-defined function alias description.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ function_name + +
+ string + / required
+ 		+ + +
The name of the function alias.
+
+
+ function_version + +
+ integer +
+ 		+ + +
Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
+

aliases: version
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the function alias.
+

aliases: alias_name
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Simple example to create a lambda function and publish a version + - hosts: localhost + gather_facts: no + vars: + state: present + project_folder: /path/to/deployment/package + deployment_package: lambda.zip + account: 123456789012 + production_version: 5 + tasks: + - name: AWS Lambda Function + lambda: + state: "{{ state | default('present') }}" + name: myLambdaFunction + publish: True + description: lambda function description + code_s3_bucket: package-bucket + code_s3_key: "lambda/{{ deployment_package }}" + local_path: "{{ project_folder }}/{{ deployment_package }}" + runtime: python2.7 + timeout: 5 + handler: lambda.handler + memory_size: 128 + role: "arn:aws:iam::{{ account }}:role/API2LambdaExecRole" + + - name: Get information + lambda_info: + name: myLambdaFunction + register: lambda_info + - name: show results + debug: + msg: "{{ lambda_info['lambda_facts'] }}" + + # The following will set the Dev alias to the latest version ($LATEST) since version is omitted (or = 0) + - name: "alias 'Dev' for function {{ lambda_info.lambda_facts.FunctionName }} " + lambda_alias: + state: "{{ state | default('present') }}" + function_name: "{{ lambda_info.lambda_facts.FunctionName }}" + name: Dev + description: Development is $LATEST version + + # The QA alias will only be created when a new version is published (i.e. not = '$LATEST') + - name: "alias 'QA' for function {{ lambda_info.lambda_facts.FunctionName }} " + lambda_alias: + state: "{{ state | default('present') }}" + function_name: "{{ lambda_info.lambda_facts.FunctionName }}" + name: QA + version: "{{ lambda_info.lambda_facts.Version }}" + description: "QA is version {{ lambda_info.lambda_facts.Version }}" + when: lambda_info.lambda_facts.Version != "$LATEST" + + # The Prod alias will have a fixed version based on a variable + - name: "alias 'Prod' for function {{ lambda_info.lambda_facts.FunctionName }} " + lambda_alias: + state: "{{ state | default('present') }}" + function_name: "{{ lambda_info.lambda_facts.FunctionName }}" + name: Prod + version: "{{ production_version }}" + description: "Production is version {{ production_version }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ alias_arn + +
+ string +
+ 		success +
Full ARN of the function, including the alias
+
+
Sample:
+
arn:aws:lambda:us-west-2:123456789012:function:myFunction:dev
+
+
+ description + +
+ string +
+ 		success +
A short description of the alias
+
+
Sample:
+
The development stage for my hot new app
+
+
+ function_version + +
+ string +
+ 		success +
The qualifier that the alias refers to
+
+
Sample:
+
$LATEST
+
+
+ name + +
+ string +
+ 		success +
The name of the alias assigned
+
+
Sample:
+
dev
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin), Ryan Scott Brown (@ryansb) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_event.rst b/docs/community.aws.lambda_event.rst new file mode 100644 index 00000000000..9e30161e6bf --- /dev/null +++ b/docs/community.aws.lambda_event.rst @@ -0,0 +1,499 @@ + +.. _community.aws.lambda_event_: + + +************************** +community.aws.lambda_event +************************** + +**Creates, updates or deletes AWS Lambda function event mappings** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda function event source mappings such as DynamoDB and Kinesis stream events via the Ansible framework. These event source mappings are relevant only in the AWS Lambda pull model, where AWS Lambda invokes the function. It is idempotent and supports "Check" mode. Use module :ref:`lambda ` to manage the lambda function itself and :ref:`lambda_alias ` to manage function aliases. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ alias + +
+ string +
+ 		+ + +
Name of the function alias.
+
Mutually exclusive with version.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ event_source + +
+ string +
+ 		+
    Choices: +
  • stream ←
    • +
  • sqs
    • +
+ 		+ +
Source of the event that triggers the lambda function.
+
For DynamoDB and Kinesis events, select stream
+
For SQS queues, select sqs
+
+
+ lambda_function_arn + +
+ string + / required
+ 		+ + +
The name or ARN of the lambda function.
+

aliases: function_name, function_arn
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ source_params + +
+ dictionary + / required
+ 		+ + +
Sub-parameters required for event source.
+
+
+ batch_size + +
+ integer +
+ 		+ Default:
100
+ 		+ +
The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
+
+
+ enabled + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ Default:
"true."
+ 		+ +
Indicates whether AWS Lambda should begin polling or readin from the event source.
+
+
+ source_arn + +
+ string + / required
+ 		+ + +
The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
+
+
+ starting_position + +
+ string +
+ 		+
    Choices: +
  • TRIM_HORIZON
    • +
  • LATEST
    • +
+ 		+ +
The position in the stream where AWS Lambda should start reading.
+
Required when event_source=stream.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ version + +
+ integer +
+ 		+ + +
Version of the Lambda function.
+
Mutually exclusive with alias.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Example that creates a lambda event notification for a DynamoDB stream + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: DynamoDB stream event mapping + lambda_event: + state: "{{ state | default('present') }}" + event_source: stream + function_name: "{{ function_name }}" + alias: Dev + source_params: + source_arn: arn:aws:dynamodb:us-east-1:123456789012:table/tableName/stream/2016-03-19T19:51:37.457 + enabled: True + batch_size: 100 + starting_position: TRIM_HORIZON + + - name: Show source event + debug: + var: lambda_stream_events + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ lambda_stream_events + +
+ list +
+ 		success +
list of dictionaries returned by the API describing stream event mappings
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin), Ryan Brown (@ryansb) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_facts.rst b/docs/community.aws.lambda_facts.rst new file mode 100644 index 00000000000..3c2e155bc82 --- /dev/null +++ b/docs/community.aws.lambda_facts.rst @@ -0,0 +1,400 @@ + +.. _community.aws.lambda_facts_: + + +************************** +community.aws.lambda_facts +************************** + +**Gathers AWS Lambda function details as Ansible facts** + + + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in Ansible: version: 2.13 +:Why: Deprecated in favour of ``_info`` module. +:Alternative: Use :ref:`lambda_info ` instead. + + + +Synopsis +-------- +- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases and :ref:`lambda_event ` to manage lambda event source mappings. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ event_source_arn + +
+ string +
+ 		+ + +
For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
+
+
+ function_name + +
+ string +
+ 		+ + +
The name of the lambda function for which facts are requested.
+

aliases: function, name
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ query + +
+ string +
+ 		+
    Choices: +
  • aliases
    • +
  • all ←
    • +
  • config
    • +
  • mappings
    • +
  • policy
    • +
  • versions
    • +
+ 		+ +
Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Simple example of listing all info for a function + - name: List all for a specific function + lambda_facts: + query: all + function_name: myFunction + register: my_function_details + # List all versions of a function + - name: List function versions + lambda_facts: + query: versions + function_name: myFunction + register: my_function_versions + # List all lambda function versions + - name: List all function + lambda_facts: + query: all + max_items: 20 + - name: show Lambda facts + debug: + var: lambda_facts + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ lambda_facts + +
+ dictionary +
+ 		success +
lambda facts
+
+
+
+ lambda_facts.function + +
+ dictionary +
+ 		success +
lambda function list
+
+
+
+ lambda_facts.function.TheName + +
+ dictionary +
+ 		success +
lambda function information, including event, mapping, and version information
+
+
+

+ + +Status +------ + + +- This will be removed in version 2.13. *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_info.rst b/docs/community.aws.lambda_info.rst new file mode 100644 index 00000000000..f93ec6a6141 --- /dev/null +++ b/docs/community.aws.lambda_info.rst @@ -0,0 +1,376 @@ + +.. _community.aws.lambda_info_: + + +************************* +community.aws.lambda_info +************************* + +**Gathers AWS Lambda function details** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. +- Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases and :ref:`lambda_event ` to manage lambda event source mappings. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ event_source_arn + +
+ string +
+ 		+ + +
When query=mappings, this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
+
+
+ function_name + +
+ string +
+ 		+ + +
The name of the lambda function for which information is requested.
+

aliases: function, name
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ query + +
+ string +
+ 		+
    Choices: +
  • aliases
    • +
  • all ←
    • +
  • config
    • +
  • mappings
    • +
  • policy
    • +
  • versions
    • +
+ 		+ +
Specifies the resource type for which to gather information. Leave blank to retrieve all information.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Simple example of listing all info for a function + - name: List all for a specific function + lambda_info: + query: all + function_name: myFunction + register: my_function_details + # List all versions of a function + - name: List function versions + lambda_info: + query: versions + function_name: myFunction + register: my_function_versions + # List all lambda function versions + - name: List all function + lambda_info: + query: all + max_items: 20 + register: output + - name: show Lambda information + debug: + msg: "{{ output['function'] }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ function + +
+ dictionary +
+ 		success +
lambda function list
+
+
+
+ function.TheName + +
+ dictionary +
+ 		success +
lambda function information, including event, mapping, and version information
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_policy.rst b/docs/community.aws.lambda_policy.rst new file mode 100644 index 00000000000..060f37fbb1e --- /dev/null +++ b/docs/community.aws.lambda_policy.rst @@ -0,0 +1,483 @@ + +.. _community.aws.lambda_policy_: + + +*************************** +community.aws.lambda_policy +*************************** + +**Creates, updates or deletes AWS Lambda policy statements.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda policy statements. +- It is idempotent and supports "Check" mode. +- Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases, :ref:`lambda_event ` to manage event source mappings such as Kinesis streams, :ref:`execute_lambda ` to execute a lambda function and :ref:`lambda_info ` to gather information relating to one or more lambda functions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ action + +
+ string + / required
+ 		+ + +
The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:*) to grant permission for all AWS Lambda actions.
+
+
+ alias + +
+ string +
+ 		+ + +
Name of the function alias. Mutually exclusive with version.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ event_source_token + +
+ string +
+ 		+ + +
Token string representing source ARN or account. Mutually exclusive with source_arn or source_account.
+
+
+ function_name + +
+ string + / required
+ 		+ + +
Name of the Lambda function whose resource policy you are updating by adding a new permission.
+
You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the
+
function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to
+
specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the
+
ARN. If you specify only the function name, it is limited to 64 character in length.
+

aliases: lambda_function_arn, function_arn
+
+
+ principal + +
+ string + / required
+ 		+ + +
The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ source_account + +
+ string +
+ 		+ + +
The AWS account ID (without a hyphen) of the source owner. For example, if source_arn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the source_arn ) owned by a specific account.
+
+
+ source_arn + +
+ string +
+ 		+ + +
This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ statement_id + +
+ string + / required
+ 		+ + +
A unique statement identifier.
+

aliases: sid
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ version + +
+ integer +
+ 		+ + +
Version of the Lambda function. Mutually exclusive with alias.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: Lambda S3 event notification + lambda_policy: + state: "{{ state | default('present') }}" + function_name: functionName + alias: Dev + statement_id: lambda-s3-myBucket-create-data-log + action: lambda:InvokeFunction + principal: s3.amazonaws.com + source_arn: arn:aws:s3:eu-central-1:123456789012:bucketName + source_account: 123456789012 + register: lambda_policy_action + + - name: show results + debug: + var: lambda_policy_action + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ lambda_policy_action + +
+ string +
+ 		success +
describes what action was taken
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin) +- Michael De La Rue (@mikedlr) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lightsail.rst b/docs/community.aws.lightsail.rst new file mode 100644 index 00000000000..594672d4f68 --- /dev/null +++ b/docs/community.aws.lightsail.rst @@ -0,0 +1,490 @@ + +.. _community.aws.lightsail_: + + +*********************** +community.aws.lightsail +*********************** + +**Manage instances in AWS Lightsail** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage instances in AWS Lightsail. +- Instance tagging is not yet supported in this module. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ blueprint_id + +
+ string +
+ 		+ + +
ID of the instance blueprint image.
+
Required when state=present
+
+
+ bundle_id + +
+ string +
+ 		+ + +
Bundle of specification info for the instance.
+
Required when state=present.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ key_pair_name + +
+ string +
+ 		+ + +
Name of the key pair to use with the instance.
+
If state=present and a key_pair_name is not provided, the default keypair from the region will be used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the instance.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
  • running
    • +
  • restarted
    • +
  • rebooted
    • +
  • stopped
    • +
+ 		+ +
Indicate desired state of the target.
+
rebooted and restarted are aliases.
+
+
+ user_data + +
+ string +
+ 		+ + +
Launch script that can configure the instance with additional data.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Wait for the instance to be in state 'running' before returning.
+
If wait=false an ip_address may not be returned.
+
Has no effect when state=rebooted or state=absent.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
How long before wait gives up, in seconds.
+
+
+ zone + +
+ string +
+ 		+ + +
AWS availability zone in which to launch the instance.
+
Required when state=present
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a new Lightsail instance + - lightsail: + state: present + name: my_instance + region: us-east-1 + zone: us-east-1a + blueprint_id: ubuntu_16_04 + bundle_id: nano_1_0 + key_pair_name: id_rsa + user_data: " echo 'hello world' > /home/ubuntu/test.txt" + register: my_instance + + # Delete an instance + - lightsail: + state: absent + region: us-east-1 + name: my_instance + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
if a snapshot has been modified/created
+
+
Sample:
+
{'changed': True}
+
+
+ instance + +
+ dictionary +
+ 		always +
instance data
+
+
Sample:
+
{'arn': 'arn:aws:lightsail:us-east-1:448830907657:Instance/1fef0175-d6c8-480e-84fa-214f969cda87', 'blueprint_id': 'ubuntu_16_04', 'blueprint_name': 'Ubuntu', 'bundle_id': 'nano_1_0', 'created_at': '2017-03-27T08:38:59.714000-04:00', 'hardware': {'cpu_count': 1, 'ram_size_in_gb': 0.5}, 'is_static_ip': False, 'location': {'availability_zone': 'us-east-1a', 'region_name': 'us-east-1'}, 'name': 'my_instance', 'networking': {'monthly_transfer': {'gb_per_month_allocated': 1024}, 'ports': [{'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 80, 'protocol': 'tcp', 'to_port': 80}, {'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 22, 'protocol': 'tcp', 'to_port': 22}]}, 'private_ip_address': '172.26.8.14', 'public_ip_address': '34.207.152.202', 'resource_type': 'Instance', 'ssh_key_name': 'keypair', 'state': {'code': 16, 'name': 'running'}, 'support_code': '588307843083/i-0997c97831ee21e33', 'username': 'ubuntu'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Nick Ball (@nickball) +- Prasad Katti (@prasadkatti) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds.rst b/docs/community.aws.rds.rst new file mode 100644 index 00000000000..565be0c9e91 --- /dev/null +++ b/docs/community.aws.rds.rst @@ -0,0 +1,1770 @@ + +.. _community.aws.rds_: + + +***************** +community.aws.rds +***************** + +**create, delete, or modify Amazon rds instances, rds snapshots, and related facts** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, deletes, or modifies rds resources. +- When creating an instance it can be either a new instance or a read-only replica of an existing instance. +- This module has a dependency on python-boto >= 2.5 and will soon be deprecated. +- The 'promote' command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0). +- Please use boto3 based :ref:`rds_instance ` instead. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ apply_immediately + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When apply_immediately=trye, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
+
Used only when command=modify.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ backup_retention + +
+ string +
+ 		+ + +
Number of days backups are retained.
+
Set to 0 to disable backups.
+
Default is 1 day.
+
Valid range: 0-35.
+
Used only when command=create or command=modify.
+
+
+ backup_window + +
+ string +
+ 		+ + +
Backup window in format of hh24:mi-hh24:mi. (Example: 18:00-20:30)
+
Times are specified in UTC.
+
If not specified then a random backup window is assigned.
+
Used only when command=create or command=modify.
+
+
+ character_set_name + +
+ string +
+ 		+ + +
Associate the DB instance with a specified character set.
+
Used with command=create.
+
+
+ command + +
+ string + / required
+ 		+
    Choices: +
  • create
    • +
  • replicate
    • +
  • delete
    • +
  • facts
    • +
  • modify
    • +
  • promote
    • +
  • snapshot
    • +
  • reboot
    • +
  • restore
    • +
+ 		+ +
Specifies the action to take. The 'reboot' option is available starting at version 2.0.
+
+
+ db_engine + +
+ string +
+ 		+
    Choices: +
  • mariadb
    • +
  • MySQL
    • +
  • oracle-se1
    • +
  • oracle-se2
    • +
  • oracle-se
    • +
  • oracle-ee
    • +
  • sqlserver-ee
    • +
  • sqlserver-se
    • +
  • sqlserver-ex
    • +
  • sqlserver-web
    • +
  • postgres
    • +
  • aurora
    • +
+ 		+ +
The type of database.
+
Used only when command=create.
+
mariadb was added in version 2.2.
+
+
+ db_name + +
+ string +
+ 		+ + +
Name of a database to create within the instance.
+
If not specified then no database is created.
+
Used only when command=create.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ engine_version + +
+ string +
+ 		+ + +
Version number of the database engine to use.
+
If not specified then the current Amazon RDS default engine version is used
+
Used only when command=create.
+
+
+ force_failover + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If enabled, the reboot is done using a MultiAZ failover.
+
Used only when command=reboot.
+
+
+ instance_name + +
+ string +
+ 		+ + +
Database instance identifier.
+
Required except when using command=facts or command=delete on just a snapshot.
+
+
+ instance_type + +
+ string +
+ 		+ + +
The instance type of the database.
+
If not specified then the replica inherits the same instance type as the source instance.
+
Required when command=create.
+
Optional when command=replicate, command=modify or command=restore.
+

aliases: type
+
+
+ iops + +
+ string +
+ 		+ + +
Specifies the number of IOPS for the instance.
+
Used only when command=create or command=modify.
+
Must be an integer greater than 1000.
+
+
+ license_model + +
+ string +
+ 		+
    Choices: +
  • license-included
    • +
  • bring-your-own-license
    • +
  • general-public-license
    • +
  • postgresql-license
    • +
+ 		+ +
The license model for this DB instance.
+
Used only when command=create or command=restore.
+
+
+ maint_window + +
+ string +
+ 		+ + +
Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
+
Times are specified in UTC.
+
If not specified then a random maintenance window is assigned.
+
Used only when command=create or command=modify.
+
+
+ multi_zone + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Specifies if this is a Multi-availability-zone deployment.
+
Can not be used in conjunction with zone parameter.
+
Used only when command=create or command=modify.
+
+
+ new_instance_name + +
+ string +
+ 		+ + +
Name to rename an instance to.
+
Used only when command=modify.
+
+
+ option_group + +
+ string +
+ 		+ + +
The name of the option group to use.
+
If not specified then the default option group is used.
+
Used only when command=create.
+
+
+ parameter_group + +
+ string +
+ 		+ + +
Name of the DB parameter group to associate with this instance.
+
If omitted then the RDS default DBParameterGroup will be used.
+
Used only when command=create or command=modify.
+
+
+ password + +
+ string +
+ 		+ + +
Password for the master database username.
+
Used only when command=create or command=modify.
+
+
+ port + +
+ integer +
+ 		+ + +
Port number that the DB instance uses for connections.
+
Used only when command=create or command=replicate.
+
Defaults to the standard ports for each db_engine: 3306 for MySQL and MariaDB, 1521 for Oracle 1433 for SQL Server, 5432 for PostgreSQL.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ publicly_accessible + +
+ string +
+ 		+ + +
Explicitly set whether the resource should be publicly accessible or not.
+
Used with command=create, command=replicate.
+
Requires boto >= 2.26.0
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_groups + +
+ string +
+ 		+ + +
Comma separated list of one or more security groups.
+
Used only when command=create or command=modify.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ size + +
+ string +
+ 		+ + +
Size in gigabytes of the initial storage for the DB instance.
+
Used only when command=create or command=modify.
+
+
+ snapshot + +
+ string +
+ 		+ + +
Name of snapshot to take.
+
When command=delete, if no snapshot name is provided then no snapshot is taken.
+
When command=delete, if no instance_name is provided the snapshot is deleted.
+
Used with command=facts, command=delete or command=snapshot.
+
+
+ source_instance + +
+ string +
+ 		+ + +
Name of the database to replicate.
+
Used only when command=replicate.
+
+
+ subnet + +
+ string +
+ 		+ + +
VPC subnet group.
+
If specified then a VPC instance is created.
+
Used only when command=create.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
tags dict to apply to a resource.
+
Used with command=create, command=replicate, command=restore.
+
Requires boto >= 2.26.0
+
+
+ upgrade + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates that minor version upgrades should be applied automatically.
+
Used only when command=create or command=modify or command=restore or command=replicate.
+
+
+ username + +
+ string +
+ 		+ + +
Master database username.
+
Used only when command=create.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_security_groups + +
+ list + / elements=string
+ 		+ + +
Comma separated list of one or more vpc security group ids.
+
Also requires subnet to be specified.
+
Used only when command=create or command=modify.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When command=create, replicate, modify or restore then wait for the database to enter the 'available' state.
+
When command=delete, wait for the database to be terminated.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
How long before wait gives up, in seconds.
+
Used when wait=true.
+
+
+ zone + +
+ string +
+ 		+ + +
availability zone in which to launch the instance.
+
Used only when command=create, command=replicate or command=restore.
+
Can not be used in conjunction with multi_zone parameter.
+

aliases: aws_zone, ec2_zone
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic mysql provisioning example + - rds: + command: create + instance_name: new-database + db_engine: MySQL + size: 10 + instance_type: db.m1.small + username: mysql_admin + password: 1nsecure + tags: + Environment: testing + Application: cms + + # Create a read-only replica and wait for it to become available + - rds: + command: replicate + instance_name: new-database-replica + source_instance: new_database + wait: yes + wait_timeout: 600 + + # Delete an instance, but create a snapshot before doing so + - rds: + command: delete + instance_name: new-database + snapshot: new_database_snapshot + + # Get facts about an instance + - rds: + command: facts + instance_name: new-database + register: new_database_facts + + # Rename an instance and wait for the change to take effect + - rds: + command: modify + instance_name: new-database + new_instance_name: renamed-database + wait: yes + + # Reboot an instance and wait for it to become available again + - rds: + command: reboot + instance_name: database + wait: yes + + # Restore a Postgres db instance from a snapshot, wait for it to become available again, and + # then modify it to add your security group. Also, display the new endpoint. + # Note that the "publicly_accessible" option is allowed here just as it is in the AWS CLI + - local_action: + module: rds + command: restore + snapshot: mypostgres-snapshot + instance_name: MyNewInstanceName + region: us-west-2 + zone: us-west-2b + subnet: default-vpc-xx441xxx + publicly_accessible: yes + wait: yes + wait_timeout: 600 + tags: + Name: pg1_test_name_tag + register: rds + + - local_action: + module: rds + command: modify + instance_name: MyNewInstanceName + region: us-west-2 + vpc_security_groups: sg-xxx945xx + + - debug: + msg: "The new db endpoint is {{ rds.instance.endpoint }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ instance + +
+ complex +
+ 		always +
the rds instance
+
+
  +
+ allocated_storage + +
+ string +
+ 		when RDS instance exists +
the allocated storage size in gigabytes (GB)
+
+
Sample:
+
100
+
  +
+ auto_minor_version_upgrade + +
+ boolean +
+ 		when RDS instance exists +
indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window
+
+
Sample:
+
true
+
  +
+ backup_window + +
+ string +
+ 		when RDS instance exists and automated backups are enabled +
the daily time range during which automated backups are created if automated backups are enabled
+
+
Sample:
+
03:00-03:30
+
  +
+ character_set_name + +
+ string +
+ 		when RDS instance exists +
the name of the character set that this instance is associated with
+
+
Sample:
+
AL32UTF8
+
  +
+ db_name + +
+ string +
+ 		when RDS instance exists +
the name of the database to create when the DB instance is created
+
+
Sample:
+
ASERTG
+
  +
+ db_subnet_groups + +
+ complex +
+ 		when RDS instance exists +
information on the subnet group associated with this RDS instance
+
+
   +
+ description + +
+ string +
+ 		when RDS instance exists +
the subnet group associated with the DB instance
+
+
Sample:
+
Subnets for the UAT RDS SQL DB Instance
+
   +
+ name + +
+ string +
+ 		when RDS instance exists +
the name of the DB subnet group
+
+
Sample:
+
samplesubnetgrouprds-j6paiqkxqp4z
+
   +
+ status + +
+ string +
+ 		when RDS instance exists +
the status of the DB subnet group
+
+
Sample:
+
complete
+
   +
+ subnets + +
+ complex +
+ 		when RDS instance exists +
the description of the DB subnet group
+
+
    +
+ availability_zone + +
+ complex +
+ 		when RDS instance exists +
subnet availability zone information
+
+
     +
+ name + +
+ string +
+ 		when RDS instance exists +
availability zone
+
+
Sample:
+
eu-west-1b
+
     +
+ provisioned_iops_capable + +
+ boolean +
+ 		when RDS instance exists +
whether provisioned iops are available in AZ subnet
+
+
Sample:
+
false
+
    +
+ identifier + +
+ string +
+ 		when RDS instance exists +
the identifier of the subnet
+
+
Sample:
+
subnet-3fdba63e
+
    +
+ status + +
+ string +
+ 		when RDS instance exists +
the status of the subnet
+
+
Sample:
+
active
+
  +
+ endpoint + +
+ string +
+ 		when RDS instance exists +
the endpoint uri of the database instance
+
+
Sample:
+
my-ansible-database.asdfaosdgih.us-east-1.rds.amazonaws.com
+
  +
+ engine + +
+ string +
+ 		when RDS instance exists +
the name of the database engine
+
+
Sample:
+
oracle-se
+
  +
+ engine_version + +
+ string +
+ 		when RDS instance exists +
the version of the database engine
+
+
Sample:
+
11.2.0.4.v6
+
  +
+ latest_restorable_time + +
+ string +
+ 		when RDS instance exists +
the latest time to which a database can be restored with point-in-time restore
+
+
Sample:
+
1489707802.0
+
  +
+ license_model + +
+ string +
+ 		when RDS instance exists +
the license model information
+
+
Sample:
+
bring-your-own-license
+
  +
+ option_groups + +
+ complex +
+ 		when RDS instance exists +
the list of option group memberships for this RDS instance
+
+
   +
+ option_group_name + +
+ string +
+ 		when RDS instance exists +
the option group name for this RDS instance
+
+
Sample:
+
default:oracle-se-11-2
+
   +
+ status + +
+ string +
+ 		when RDS instance exists +
the status of the RDS instance's option group membership
+
+
Sample:
+
in-sync
+
  +
+ parameter_groups + +
+ complex +
+ 		when RDS instance exists and parameter groups are defined +
the list of DB parameter groups applied to this RDS instance
+
+
   +
+ parameter_apply_status + +
+ string +
+ 		when RDS instance exists +
the status of parameter updates
+
+
Sample:
+
in-sync
+
   +
+ parameter_group_name + +
+ string +
+ 		when RDS instance exists +
the name of the DP parameter group
+
+
Sample:
+
testawsrpprodb01spfile-1ujg7nrs7sgyz
+
  +
+ pending_modified_values + +
+ complex +
+ 		when RDS instance exists +
a dictionary of changes to the RDS instance that are pending
+
+
   +
+ allocated_storage + +
+ string +
+ 		when RDS instance exists +
the new allocated storage size for this RDS instance that will be applied or is in progress
+
+
Sample:
+
null
+
   +
+ backup_retention_period + +
+ string +
+ 		when RDS instance exists +
the pending number of days for which automated backups are retained
+
+
Sample:
+
null
+
   +
+ db_instance_class + +
+ string +
+ 		when RDS instance exists +
the new DB instance class for this RDS instance that will be applied or is in progress
+
+
Sample:
+
null
+
   +
+ db_instance_identifier + +
+ string +
+ 		when RDS instance exists +
the new DB instance identifier this RDS instance that will be applied or is in progress
+
+
Sample:
+
null
+
   +
+ engine_version + +
+ string +
+ 		when RDS instance exists +
indicates the database engine version
+
+
Sample:
+
null
+
   +
+ iops + +
+ string +
+ 		when RDS instance exists +
the new provisioned IOPS value for this RDS instance that will be applied or is being applied
+
+
Sample:
+
null
+
   +
+ master_user_password + +
+ string +
+ 		when RDS instance exists +
the pending or in-progress change of the master credentials for this RDS instance
+
+
Sample:
+
null
+
   +
+ multi_az + +
+ string +
+ 		when RDS instance exists +
indicates that the single-AZ RDS instance is to change to a multi-AZ deployment
+
+
Sample:
+
null
+
   +
+ port + +
+ string +
+ 		when RDS instance exists +
specifies the pending port for this RDS instance
+
+
Sample:
+
null
+
  +
+ port + +
+ integer +
+ 		when RDS instance exists +
the listening port of the database instance
+
+
Sample:
+
3306
+
  +
+ publicly_accessible + +
+ boolean +
+ 		when RDS instance exists +
the accessibility options for the DB instance
+
+
Sample:
+
true
+
  +
+ read_replica_source_dbinstance_identifier + +
+ string +
+ 		when read replica RDS instance exists +
the identifier of the source DB instance if this RDS instance is a read replica
+
+
Sample:
+
null
+
  +
+ secondary_availability_zone + +
+ string +
+ 		when RDS instance exists and is multy-AZ +
the name of the secondary AZ for a DB instance with multi-AZ support
+
+
Sample:
+
eu-west-1b
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Bruce Pennypacker (@bpennypacker) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_instance.rst b/docs/community.aws.rds_instance.rst new file mode 100644 index 00000000000..5f271079667 --- /dev/null +++ b/docs/community.aws.rds_instance.rst @@ -0,0 +1,2597 @@ + +.. _community.aws.rds_instance_: + + +************************** +community.aws.rds_instance +************************** + +**Manage RDS instances** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modify, and delete RDS instances. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.5.0 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ allocated_storage + +
+ integer +
+ 		+ + +
The amount of storage (in gibibytes) to allocate for the DB instance.
+
+
+ allow_major_version_upgrade + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to allow major version upgrades.
+
+
+ apply_immediately + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
A value that specifies whether modifying a cluster with new_db_instance_identifier and master_user_password should be applied as soon as possible, regardless of the preferred_maintenance_window setting. If false, changes are applied during the next maintenance window.
+
+
+ auto_minor_version_upgrade + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether minor version upgrades are applied automatically to the DB instance during the maintenance window.
+
+
+ availability_zone + +
+ string +
+ 		+ + +
A list of EC2 Availability Zones that instances in the DB cluster can be created in. May be used when creating a cluster or when restoring from S3 or a snapshot. Mutually exclusive with multi_az.
+

aliases: az, zone
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ backup_retention_period + +
+ integer +
+ 		+ + +
The number of days for which automated backups are retained (must be greater or equal to 1). May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
+
+
+ ca_certificate_identifier + +
+ string +
+ 		+ + +
The identifier of the CA certificate for the DB instance.
+
+
+ character_set_name + +
+ string +
+ 		+ + +
The character set to associate with the DB cluster.
+
+
+ copy_tags_to_snapshot + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether or not to copy all tags from the DB instance to snapshots of the instance. When initially creating a DB instance the RDS API defaults this to false if unspecified.
+
+
+ creation_source + +
+ string +
+ 		+
    Choices: +
  • snapshot
    • +
  • s3
    • +
  • instance
    • +
+ 		+ +
Which source to use if restoring from a template (an existing instance, S3 bucket, or snapshot).
+
+
+ db_cluster_identifier + +
+ string +
+ 		+ + +
The DB cluster (lowercase) identifier to add the aurora DB instance to. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
+

aliases: cluster_id
+
+
+ db_instance_class + +
+ string +
+ 		+ + +
The compute and memory capacity of the DB instance, for example db.t2.micro.
+

aliases: class, instance_type
+
+
+ db_instance_identifier + +
+ string + / required
+ 		+ + +
The DB instance (lowercase) identifier. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
+

aliases: instance_id, id
+
+
+ db_name + +
+ string +
+ 		+ + +
The name for your database. If a name is not provided Amazon RDS will not create a database.
+
+
+ db_parameter_group_name + +
+ string +
+ 		+ + +
The name of the DB parameter group to associate with this DB instance. When creating the DB instance if this argument is omitted the default DBParameterGroup for the specified engine is used.
+
+
+ db_security_groups + +
+ list +
+ 		+ + +
(EC2-Classic platform) A list of DB security groups to associate with this DB instance.
+
+
+ db_snapshot_identifier + +
+ string +
+ 		+ + +
The identifier for the DB snapshot to restore from if using creation_source=snapshot.
+
+
+ db_subnet_group_name + +
+ string +
+ 		+ + +
The DB subnet group name to use for the DB instance.
+

aliases: subnet_group
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ domain + +
+ string +
+ 		+ + +
The Active Directory Domain to restore the instance in.
+
+
+ domain_iam_role_name + +
+ string +
+ 		+ + +
The name of the IAM role to be used when making API calls to the Directory Service.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ enable_cloudwatch_logs_exports + +
+ list +
+ 		+ + +
A list of log types that need to be enabled for exporting to CloudWatch Logs.
+

aliases: cloudwatch_log_exports
+
+
+ enable_iam_database_authentication + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. If this option is omitted when creating the cluster, Amazon RDS sets this to False.
+
+
+ enable_performance_insights + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to enable Performance Insights for the DB instance.
+
+
+ engine + +
+ string +
+ 		+ + +
The name of the database engine to be used for this DB instance. This is required to create an instance. Valid choices are aurora | aurora-mysql | aurora-postgresql | mariadb | mysql | oracle-ee | oracle-se | oracle-se1 | oracle-se2 | postgres | sqlserver-ee | sqlserver-ex | sqlserver-se | sqlserver-web
+
+
+ engine_version + +
+ string +
+ 		+ + +
The version number of the database engine to use. For Aurora MySQL that could be 5.6.10a , 5.7.12. Aurora PostgreSQL example, 9.6.3
+
+
+ final_db_snapshot_identifier + +
+ string +
+ 		+ + +
The DB instance snapshot identifier of the new DB instance snapshot created when skip_final_snapshot is false.
+

aliases: final_snapshot_identifier
+
+
+ force_failover + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Set to true to conduct the reboot through a MultiAZ failover.
+
+
+ force_update_password + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Set to True to update your cluster password with master_user_password. Since comparing passwords to determine if it needs to be updated is not possible this is set to False by default to allow idempotence.
+
+
+ iops + +
+ integer +
+ 		+ + +
The Provisioned IOPS (I/O operations per second) value. Is only set when using storage_type is set to io1.
+
+
+ kms_key_id + +
+ string +
+ 		+ + +
The ARN of the AWS KMS key identifier for an encrypted DB instance. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
+
If storage_encrypted is true and and this option is not provided, the default encryption key is used.
+
+
+ license_model + +
+ string +
+ 		+ + +
The license model for the DB instance.
+
Several options are license-included, bring-your-own-license, and general-public-license.
+
This option can also be omitted to default to an accepted value.
+
+
+ master_user_password + +
+ string +
+ 		+ + +
An 8-41 character password for the master database user. The password can contain any printable ASCII character except "/", """, or "@". To modify the password use force_password_update. Use apply immediately to change the password immediately, otherwise it is updated during the next maintenance window.
+

aliases: password
+
+
+ master_username + +
+ string +
+ 		+ + +
The name of the master user for the DB cluster. Must be 1-16 letters or numbers and begin with a letter.
+

aliases: username
+
+
+ max_allocated_storage + +
+ integer +
+ 		+ + +
The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
+
+
+ monitoring_interval + +
+ integer +
+ 		+ + +
The interval, in seconds, when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting metrics, specify 0. Amazon RDS defaults this to 0 if omitted when initially creating a DB instance.
+
+
+ monitoring_role_arn + +
+ string +
+ 		+ + +
The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
+
+
+ multi_az + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Specifies if the DB instance is a Multi-AZ deployment. Mutually exclusive with availability_zone.
+
+
+ new_db_instance_identifier + +
+ string +
+ 		+ + +
The new DB cluster (lowercase) identifier for the DB cluster when renaming a DB instance. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens. Use apply_immediately to rename immediately, otherwise it is updated during the next maintenance window.
+

aliases: new_instance_id, new_id
+
+
+ option_group_name + +
+ string +
+ 		+ + +
The option group to associate with the DB instance.
+
+
+ performance_insights_kms_key_id + +
+ string +
+ 		+ + +
The AWS KMS key identifier (ARN, name, or alias) for encryption of Performance Insights data.
+
+
+ performance_insights_retention_period + +
+ integer +
+ 		+ + +
The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731.
+
+
+ port + +
+ integer +
+ 		+ + +
The port number on which the instances accept connections.
+
+
+ preferred_backup_window + +
+ string +
+ 		+ + +
The daily time range (in UTC) of at least 30 minutes, during which automated backups are created if automated backups are enabled using backup_retention_period. The option must be in the format of "hh24:mi-hh24:mi" and not conflict with preferred_maintenance_window.
+

aliases: backup_window
+
+
+ preferred_maintenance_window + +
+ string +
+ 		+ + +
The weekly time range (in UTC) of at least 30 minutes, during which system maintenance can occur. The option must be in the format "ddd:hh24:mi-ddd:hh24:mi" where ddd is one of Mon, Tue, Wed, Thu, Fri, Sat, Sun.
+

aliases: maintenance_window
+
+
+ processor_features + +
+ dictionary +
+ 		+ + +
A dictionary of Name, Value pairs to indicate the number of CPU cores and the number of threads per core for the DB instance class of the DB instance. Names are threadsPerCore and coreCount. Set this option to an empty dictionary to use the default processor features.
+
+
+ coreCount + +
+ - +
+ 		+ + +
The number of CPU cores
+
+
+ threadsPerCore + +
+ - +
+ 		+ + +
The number of threads per core
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ promotion_tier + +
+ string +
+ 		+ + +
An integer that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
+
+
+ publicly_accessible + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
+
+
+ purge_cloudwatch_logs_exports + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Set to False to retain any enabled cloudwatch logs that aren't specified in the task and are associated with the instance.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Set to False to retain any tags that aren't specified in task and are associated with the instance.
+
+
+ read_replica + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Set to False to promote a read replica cluster or true to create one. When creating a read replica creation_source should be set to 'instance' or not provided. source_db_instance_identifier must be provided with this option.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ restore_time + +
+ string +
+ 		+ + +
If using creation_source=instance this indicates the UTC date and time to restore from the source instance. For example, "2009-09-07T23:45:00Z".
+
May alternatively set use_latest_restore_time=True.
+
Only one of use_latest_restorable_time and restore_time may be provided.
+
+
+ s3_bucket_name + +
+ string +
+ 		+ + +
The name of the Amazon S3 bucket that contains the data used to create the Amazon DB instance.
+
+
+ s3_ingestion_role_arn + +
+ string +
+ 		+ + +
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.
+
+
+ s3_prefix + +
+ string +
+ 		+ + +
The prefix for all of the file names that contain the data used to create the Amazon DB instance. If you do not specify a SourceS3Prefix value, then the Amazon DB instance is created by using all of the files in the Amazon S3 bucket.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ skip_final_snapshot + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether a final DB cluster snapshot is created before the DB cluster is deleted. If this is false final_db_snapshot_identifier must be provided.
+
+
+ snapshot_identifier + +
+ string +
+ 		+ + +
The ARN of the DB snapshot to restore from when using creation_source=snapshot.
+
+
+ source_db_instance_identifier + +
+ string +
+ 		+ + +
The identifier or ARN of the source DB instance from which to restore when creating a read replica or spinning up a point-in-time DB instance using creation_source=instance. If the source DB is not in the same region this should be an ARN.
+
+
+ source_engine + +
+ string +
+ 		+
    Choices: +
  • mysql
    • +
+ 		+ +
The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.
+
+
+ source_engine_version + +
+ string +
+ 		+ + +
The version of the database that the backup files were created from.
+
+
+ source_region + +
+ string +
+ 		+ + +
The region of the DB instance from which the replica is created.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
  • terminated
    • +
  • running
    • +
  • started
    • +
  • stopped
    • +
  • rebooted
    • +
  • restarted
    • +
+ 		+ +
Whether the snapshot should exist or not. rebooted is not idempotent and will leave the DB instance in a running state and start it prior to rebooting if it was stopped. present will leave the DB instance in the current running/stopped state, (running if creating the DB instance).
+
state=running and state=started are synonyms, as are state=rebooted and state=restarted. Note - rebooting the instance is not idempotent.
+
+
+ storage_encrypted + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether the DB instance is encrypted.
+
+
+ storage_type + +
+ string +
+ 		+
    Choices: +
  • standard
    • +
  • gp2
    • +
  • io1
    • +
+ 		+ +
The storage type to be associated with the DB instance. storage_type does not apply to Aurora DB instances.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary of key value pairs to assign the DB cluster.
+
+
+ tde_credential_arn + +
+ string +
+ 		+ + +
The ARN from the key store with which to associate the instance for Transparent Data Encryption. This is supported by Oracle or SQL Server DB instances and may be used in conjunction with storage_encrypted though it might slightly affect the performance of your database.
+

aliases: transparent_data_encryption_arn
+
+
+ tde_credential_password + +
+ string +
+ 		+ + +
The password for the given ARN from the key store in order to access the device.
+

aliases: transparent_data_encryption_password
+
+
+ timezone + +
+ string +
+ 		+ + +
The time zone of the DB instance.
+
+
+ use_latest_restorable_time + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to restore the DB instance to the latest restorable backup time.
+
Only one of use_latest_restorable_time and restore_time may be provided.
+

aliases: restore_from_latest
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_security_group_ids + +
+ list +
+ 		+ + +
A list of EC2 VPC security groups to associate with the DB cluster.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to wait for the cluster to be available, stopped, or deleted. At a later time a wait_timeout option may be added. Following each API call to create/modify/delete the instance a waiter is used with a 60 second delay 30 times until the instance reaches the expected state (available/stopped/deleted). The total task time may also be influenced by AWSRetry which helps stabilize if the instance is in an invalid state to operate on to begin with (such as if you try to stop it when it is in the process of rebooting). If setting this to False task retries and delays may make your playbook execution better handle timeouts for major modifications.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + - name: create minimal aurora instance in default VPC and default subnet group + rds_instance: + engine: aurora + db_instance_identifier: ansible-test-aurora-db-instance + instance_type: db.t2.small + password: "{{ password }}" + username: "{{ username }}" + cluster_id: ansible-test-cluster # This cluster must exist - see rds_cluster to manage it + + - name: Create a DB instance using the default AWS KMS encryption key + rds_instance: + id: test-encrypted-db + state: present + engine: mariadb + storage_encrypted: True + db_instance_class: db.t2.medium + username: "{{ username }}" + password: "{{ password }}" + allocated_storage: "{{ allocated_storage }}" + + - name: remove the DB instance without a final snapshot + rds_instance: + id: "{{ instance_id }}" + state: absent + skip_final_snapshot: True + + - name: remove the DB instance with a final snapshot + rds_instance: + id: "{{ instance_id }}" + state: absent + final_snapshot_identifier: "{{ snapshot_id }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ allocated_storage + +
+ integer +
+ 		always +
The allocated storage size in gibibytes. This is always 1 for aurora database engines.
+
+
Sample:
+
20
+
+
+ auto_minor_version_upgrade + +
+ boolean +
+ 		always +
Whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
+
+
Sample:
+
True
+
+
+ availability_zone + +
+ string +
+ 		always +
The availability zone for the DB instance.
+
+
Sample:
+
us-east-1f
+
+
+ backup_retention_period + +
+ integer +
+ 		always +
The number of days for which automated backups are retained.
+
+
Sample:
+
1
+
+
+ ca_certificate_identifier + +
+ string +
+ 		always +
The identifier of the CA certificate for the DB instance.
+
+
Sample:
+
rds-ca-2015
+
+
+ copy_tags_to_snapshot + +
+ boolean +
+ 		always +
Whether tags are copied from the DB instance to snapshots of the DB instance.
+
+
+
+ db_instance_arn + +
+ string +
+ 		always +
The Amazon Resource Name (ARN) for the DB instance.
+
+
Sample:
+
arn:aws:rds:us-east-1:123456789012:db:ansible-test
+
+
+ db_instance_class + +
+ string +
+ 		always +
The name of the compute and memory capacity class of the DB instance.
+
+
Sample:
+
db.m4.large
+
+
+ db_instance_identifier + +
+ string +
+ 		always +
The identifier of the DB instance
+
+
Sample:
+
ansible-test
+
+
+ db_instance_port + +
+ integer +
+ 		always +
The port that the DB instance listens on.
+
+
+
+ db_instance_status + +
+ string +
+ 		always +
The current state of this database.
+
+
Sample:
+
stopped
+
+
+ db_parameter_groups + +
+ complex +
+ 		always +
The list of DB parameter groups applied to this DB instance.
+
+
  +
+ db_parameter_group_name + +
+ string +
+ 		always +
The name of the DP parameter group.
+
+
Sample:
+
default.mariadb10.0
+
  +
+ parameter_apply_status + +
+ string +
+ 		always +
The status of parameter updates.
+
+
Sample:
+
in-sync
+
+
+ db_security_groups + +
+ list +
+ 		always +
A list of DB security groups associated with this DB instance.
+
+
+
+ db_subnet_group + +
+ complex +
+ 		always +
The subnet group associated with the DB instance.
+
+
  +
+ db_subnet_group_description + +
+ string +
+ 		always +
The description of the DB subnet group.
+
+
Sample:
+
default
+
  +
+ db_subnet_group_name + +
+ string +
+ 		always +
The name of the DB subnet group.
+
+
Sample:
+
default
+
  +
+ subnet_group_status + +
+ string +
+ 		always +
The status of the DB subnet group.
+
+
Sample:
+
Complete
+
  +
+ subnets + +
+ complex +
+ 		always +
A list of Subnet elements.
+
+
   +
+ subnet_availability_zone + +
+ complex +
+ 		always +
The availability zone of the subnet.
+
+
    +
+ name + +
+ string +
+ 		always +
The name of the Availability Zone.
+
+
Sample:
+
us-east-1c
+
   +
+ subnet_identifier + +
+ string +
+ 		always +
The ID of the subnet.
+
+
Sample:
+
subnet-12345678
+
   +
+ subnet_status + +
+ string +
+ 		always +
The status of the subnet.
+
+
Sample:
+
Active
+
  +
+ vpc_id + +
+ string +
+ 		always +
The VpcId of the DB subnet group.
+
+
Sample:
+
vpc-12345678
+
+
+ dbi_resource_id + +
+ string +
+ 		always +
The AWS Region-unique, immutable identifier for the DB instance.
+
+
Sample:
+
db-UHV3QRNWX4KB6GALCIGRML6QFA
+
+
+ domain_memberships + +
+ list +
+ 		always +
The Active Directory Domain membership records associated with the DB instance.
+
+
+
+ endpoint + +
+ complex +
+ 		always +
The connection endpoint.
+
+
  +
+ address + +
+ string +
+ 		always +
The DNS address of the DB instance.
+
+
Sample:
+
ansible-test.cvlrtwiennww.us-east-1.rds.amazonaws.com
+
  +
+ hosted_zone_id + +
+ string +
+ 		always +
The ID that Amazon Route 53 assigns when you create a hosted zone.
+
+
Sample:
+
ZTR2ITUGPA61AM
+
  +
+ port + +
+ integer +
+ 		always +
The port that the database engine is listening on.
+
+
Sample:
+
3306
+
+
+ engine + +
+ string +
+ 		always +
The database engine version.
+
+
Sample:
+
mariadb
+
+
+ engine_version + +
+ string +
+ 		always +
The database engine version.
+
+
Sample:
+
10.0.35
+
+
+ iam_database_authentication_enabled + +
+ boolean +
+ 		always +
Whether mapping of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.
+
+
+
+ instance_create_time + +
+ string +
+ 		always +
The date and time the DB instance was created.
+
+
Sample:
+
2018-07-04T16:48:35.332000+00:00
+
+
+ kms_key_id + +
+ string +
+ 		When storage_encrypted is true +
The AWS KMS key identifier for the encrypted DB instance when storage_encrypted is true.
+
+
Sample:
+
arn:aws:kms:us-east-1:123456789012:key/70c45553-ad2e-4a85-9f14-cfeb47555c33
+
+
+ latest_restorable_time + +
+ string +
+ 		always +
The latest time to which a database can be restored with point-in-time restore.
+
+
Sample:
+
2018-07-04T16:50:50.642000+00:00
+
+
+ license_model + +
+ string +
+ 		always +
The License model information for this DB instance.
+
+
Sample:
+
general-public-license
+
+
+ master_username + +
+ string +
+ 		always +
The master username for the DB instance.
+
+
Sample:
+
test
+
+
+ max_allocated_storage + +
+ integer +
+ 		When max allocated storage is present. +
The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
+
+
Sample:
+
100
+
+
+ monitoring_interval + +
+ integer +
+ 		always +
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. 0 means collecting Enhanced Monitoring metrics is disabled.
+
+
+
+ multi_az + +
+ boolean +
+ 		always +
Whether the DB instance is a Multi-AZ deployment.
+
+
+
+ option_group_memberships + +
+ complex +
+ 		always +
The list of option group memberships for this DB instance.
+
+
  +
+ option_group_name + +
+ string +
+ 		always +
The name of the option group that the instance belongs to.
+
+
Sample:
+
default:mariadb-10-0
+
  +
+ status + +
+ string +
+ 		always +
The status of the DB instance's option group membership.
+
+
Sample:
+
in-sync
+
+
+ pending_modified_values + +
+ complex +
+ 		always +
The changes to the DB instance that are pending.
+
+
+
+ performance_insights_enabled + +
+ boolean +
+ 		always +
True if Performance Insights is enabled for the DB instance, and otherwise false.
+
+
+
+ preferred_backup_window + +
+ string +
+ 		always +
The daily time range during which automated backups are created if automated backups are enabled.
+
+
Sample:
+
07:01-07:31
+
+
+ preferred_maintenance_window + +
+ string +
+ 		always +
The weekly time range (in UTC) during which system maintenance can occur.
+
+
Sample:
+
sun:09:31-sun:10:01
+
+
+ publicly_accessible + +
+ boolean +
+ 		always +
True for an Internet-facing instance with a publicly resolvable DNS name, False to indicate an internal instance with a DNS name that resolves to a private IP address.
+
+
Sample:
+
True
+
+
+ read_replica_db_instance_identifiers + +
+ list +
+ 		always +
Identifiers of the Read Replicas associated with this DB instance.
+
+
+
+ storage_encrypted + +
+ boolean +
+ 		always +
Whether the DB instance is encrypted.
+
+
+
+ storage_type + +
+ string +
+ 		always +
The storage type to be associated with the DB instance.
+
+
Sample:
+
standard
+
+
+ tags + +
+ complex +
+ 		always +
A dictionary of tags associated with the DB instance.
+
+
+
+ vpc_security_groups + +
+ complex +
+ 		always +
A list of VPC security group elements that the DB instance belongs to.
+
+
  +
+ status + +
+ string +
+ 		always +
The status of the VPC security group.
+
+
Sample:
+
active
+
  +
+ vpc_security_group_id + +
+ string +
+ 		always +
The name of the VPC security group.
+
+
Sample:
+
sg-12345678
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_instance_info.rst b/docs/community.aws.rds_instance_info.rst new file mode 100644 index 00000000000..b1e2e83f531 --- /dev/null +++ b/docs/community.aws.rds_instance_info.rst @@ -0,0 +1,1342 @@ + +.. _community.aws.rds_instance_info_: + + +******************************* +community.aws.rds_instance_info +******************************* + +**obtain information about one or more RDS instances** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Obtain information about one or more RDS instances. +- This module was called ``rds_instance_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 +- python >= 2.7 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ db_instance_identifier + +
+ string +
+ 		+ + +
The RDS instance's unique identifier.
+

aliases: id
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ filters + +
+ dictionary +
+ 		+ + +
A filter that specifies one or more DB instances to describe. See https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Get information about an instance + - rds_instance_info: + db_instance_identifier: new-database + register: new_database_info + + # Get all RDS instances + - rds_instance_info: + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ instances + +
+ complex +
+ 		always +
List of RDS instances
+
+
  +
+ allocated_storage + +
+ integer +
+ 		always +
Gigabytes of storage allocated to the database
+
+
Sample:
+
10
+
  +
+ auto_minor_version_upgrade + +
+ boolean +
+ 		always +
Whether minor version upgrades happen automatically
+
+
Sample:
+
True
+
  +
+ availability_zone + +
+ string +
+ 		always +
Availability Zone in which the database resides
+
+
Sample:
+
us-west-2b
+
  +
+ backup_retention_period + +
+ integer +
+ 		always +
Days for which backups are retained
+
+
Sample:
+
7
+
  +
+ ca_certificate_identifier + +
+ string +
+ 		always +
ID for the CA certificate
+
+
Sample:
+
rds-ca-2015
+
  +
+ copy_tags_to_snapshot + +
+ boolean +
+ 		always +
Whether DB tags should be copied to the snapshot
+
+
  +
+ db_instance_arn + +
+ string +
+ 		always +
ARN of the database instance
+
+
Sample:
+
arn:aws:rds:us-west-2:111111111111:db:helloworld-rds
+
  +
+ db_instance_class + +
+ string +
+ 		always +
Instance class of the database instance
+
+
Sample:
+
db.t2.small
+
  +
+ db_instance_identifier + +
+ string +
+ 		always +
Database instance identifier
+
+
Sample:
+
helloworld-rds
+
  +
+ db_instance_port + +
+ integer +
+ 		always +
Port used by the database instance
+
+
  +
+ db_instance_status + +
+ string +
+ 		always +
Status of the database instance
+
+
Sample:
+
available
+
  +
+ db_name + +
+ string +
+ 		always +
Name of the database
+
+
Sample:
+
management
+
  +
+ db_parameter_groups + +
+ complex +
+ 		always +
List of database parameter groups
+
+
   +
+ db_parameter_group_name + +
+ string +
+ 		always +
Name of the database parameter group
+
+
Sample:
+
psql-pg-helloworld
+
   +
+ parameter_apply_status + +
+ string +
+ 		always +
Whether the parameter group has been applied
+
+
Sample:
+
in-sync
+
  +
+ db_security_groups + +
+ list +
+ 		always +
List of security groups used by the database instance
+
+
  +
+ db_subnet_group + +
+ complex +
+ 		always +
list of subnet groups
+
+
   +
+ db_subnet_group_description + +
+ string +
+ 		always +
Description of the DB subnet group
+
+
Sample:
+
My database subnet group
+
   +
+ db_subnet_group_name + +
+ string +
+ 		always +
Name of the database subnet group
+
+
Sample:
+
my-subnet-group
+
   +
+ subnet_group_status + +
+ string +
+ 		always +
Subnet group status
+
+
Sample:
+
Complete
+
   +
+ subnets + +
+ complex +
+ 		always +
List of subnets in the subnet group
+
+
    +
+ subnet_availability_zone + +
+ complex +
+ 		always +
Availability zone of the subnet
+
+
     +
+ name + +
+ string +
+ 		always +
Name of the availability zone
+
+
Sample:
+
us-west-2c
+
    +
+ subnet_identifier + +
+ string +
+ 		always +
Subnet ID
+
+
Sample:
+
subnet-abcd1234
+
    +
+ subnet_status + +
+ string +
+ 		always +
Subnet status
+
+
Sample:
+
Active
+
   +
+ vpc_id + +
+ string +
+ 		always +
VPC id of the subnet group
+
+
Sample:
+
vpc-abcd1234
+
  +
+ dbi_resource_id + +
+ string +
+ 		always +
AWS Region-unique, immutable identifier for the DB instance
+
+
Sample:
+
db-AAAAAAAAAAAAAAAAAAAAAAAAAA
+
  +
+ domain_memberships + +
+ list +
+ 		always +
List of domain memberships
+
+
  +
+ endpoint + +
+ complex +
+ 		always +
Database endpoint
+
+
   +
+ address + +
+ string +
+ 		always +
Database endpoint address
+
+
Sample:
+
helloworld-rds.ctrqpe3so1sf.us-west-2.rds.amazonaws.com
+
   +
+ hosted_zone_id + +
+ string +
+ 		always +
Route53 hosted zone ID
+
+
Sample:
+
Z1PABCD0000000
+
   +
+ port + +
+ integer +
+ 		always +
Database endpoint port
+
+
Sample:
+
5432
+
  +
+ engine + +
+ string +
+ 		always +
Database engine
+
+
Sample:
+
postgres
+
  +
+ engine_version + +
+ string +
+ 		always +
Database engine version
+
+
Sample:
+
9.5.10
+
  +
+ iam_database_authentication_enabled + +
+ boolean +
+ 		always +
Whether database authentication through IAM is enabled
+
+
  +
+ instance_create_time + +
+ string +
+ 		always +
Date and time the instance was created
+
+
Sample:
+
2017-10-10T04:00:07.434000+00:00
+
  +
+ kms_key_id + +
+ string +
+ 		always +
KMS Key ID
+
+
Sample:
+
arn:aws:kms:us-west-2:111111111111:key/abcd1234-0000-abcd-1111-0123456789ab
+
  +
+ latest_restorable_time + +
+ string +
+ 		always +
Latest time to which a database can be restored with point-in-time restore
+
+
Sample:
+
2018-05-17T00:03:56+00:00
+
  +
+ license_model + +
+ string +
+ 		always +
License model
+
+
Sample:
+
postgresql-license
+
  +
+ master_username + +
+ string +
+ 		always +
Database master username
+
+
Sample:
+
dbadmin
+
  +
+ monitoring_interval + +
+ integer +
+ 		always +
Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance
+
+
  +
+ multi_az + +
+ boolean +
+ 		always +
Whether Multi-AZ is on
+
+
  +
+ option_group_memberships + +
+ complex +
+ 		always +
List of option groups
+
+
   +
+ option_group_name + +
+ string +
+ 		always +
Option group name
+
+
Sample:
+
default:postgres-9-5
+
   +
+ status + +
+ string +
+ 		always +
Status of option group
+
+
Sample:
+
in-sync
+
  +
+ pending_modified_values + +
+ complex +
+ 		always +
Modified values pending application
+
+
  +
+ performance_insights_enabled + +
+ boolean +
+ 		always +
Whether performance insights are enabled
+
+
  +
+ preferred_backup_window + +
+ string +
+ 		always +
Preferred backup window
+
+
Sample:
+
04:00-05:00
+
  +
+ preferred_maintenance_window + +
+ string +
+ 		always +
Preferred maintenance window
+
+
Sample:
+
mon:05:00-mon:05:30
+
  +
+ publicly_accessible + +
+ boolean +
+ 		always +
Whether the DB is publicly accessible
+
+
  +
+ read_replica_db_instance_identifiers + +
+ list +
+ 		always +
List of database instance read replicas
+
+
  +
+ storage_encrypted + +
+ boolean +
+ 		always +
Whether the storage is encrypted
+
+
Sample:
+
True
+
  +
+ storage_type + +
+ string +
+ 		always +
Storage type of the Database instance
+
+
Sample:
+
gp2
+
  +
+ tags + +
+ complex +
+ 		always +
Tags used by the database instance
+
+
  +
+ vpc_security_groups + +
+ complex +
+ 		always +
List of VPC security groups
+
+
   +
+ status + +
+ string +
+ 		always +
Status of the VPC security group
+
+
Sample:
+
active
+
   +
+ vpc_security_group_id + +
+ string +
+ 		always +
VPC Security Group ID
+
+
Sample:
+
sg-abcd1234
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) +- Michael De La Rue (@mikedlr) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_param_group.rst b/docs/community.aws.rds_param_group.rst new file mode 100644 index 00000000000..ec8acedf04b --- /dev/null +++ b/docs/community.aws.rds_param_group.rst @@ -0,0 +1,523 @@ + +.. _community.aws.rds_param_group_: + + +***************************** +community.aws.rds_param_group +***************************** + +**manage RDS parameter groups** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, modifies, and deletes RDS parameter groups. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
Database parameter group description. Only set when a new group is added.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ engine + +
+ string +
+ 		+ + +
The type of database for this group.
+
Please use following command to get list of all supported db engines and their respective versions.
+
# aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
+
Required for state=present.
+
+
+ immediate + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether to apply the changes immediately, or after the next reboot of any associated instances.
+

aliases: apply_immediately
+
+
+ name + +
+ string + / required
+ 		+ + +
Database parameter group identifier.
+
+
+ params + +
+ dictionary +
+ 		+ + +
Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
+

aliases: parameters
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to remove tags that do not appear in the tags list.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Specifies whether the group should be present or absent.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Dictionary of tags to attach to the parameter group.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 + - rds_param_group: + state: present + name: norwegian-blue + description: 'My Fancy Ex Parrot Group' + engine: 'mysql5.6' + params: + auto_increment_increment: "42K" + tags: + Environment: production + Application: parrot + + # Remove a parameter group + - rds_param_group: + state: absent + name: norwegian-blue + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ db_parameter_group_arn + +
+ string +
+ 		when state is present +
ARN of the DB parameter group
+
+
+
+ db_parameter_group_family + +
+ string +
+ 		when state is present +
DB parameter group family that this DB parameter group is compatible with.
+
+
+
+ db_parameter_group_name + +
+ string +
+ 		when state is present +
Name of DB parameter group
+
+
+
+ description + +
+ string +
+ 		when state is present +
description of the DB parameter group
+
+
+
+ errors + +
+ list +
+ 		when state is present +
list of errors from attempting to modify parameters that are not modifiable
+
+
+
+ tags + +
+ dictionary +
+ 		when state is present +
dictionary of tags
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Scott Anderson (@tastychutney) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_snapshot.rst b/docs/community.aws.rds_snapshot.rst new file mode 100644 index 00000000000..720e807469e --- /dev/null +++ b/docs/community.aws.rds_snapshot.rst @@ -0,0 +1,790 @@ + +.. _community.aws.rds_snapshot_: + + +************************** +community.aws.rds_snapshot +************************** + +**manage Amazon RDS snapshots.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or deletes RDS snapshots. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ db_instance_identifier + +
+ string +
+ 		+ + +
Database instance identifier. Required when state is present.
+

aliases: instance_id
+
+
+ db_snapshot_identifier + +
+ string + / required
+ 		+ + +
The snapshot to manage.
+

aliases: id, snapshot_id
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
whether to remove tags not present in the tags parameter.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Specify the desired state of the snapshot.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
tags dict to apply to a snapshot.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to wait for snapshot creation or deletion.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
how long before wait gives up, in seconds.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create snapshot + - rds_snapshot: + db_instance_identifier: new-database + db_snapshot_identifier: new-database-snapshot + + # Delete snapshot + - rds_snapshot: + db_snapshot_identifier: new-database-snapshot + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ allocated_storage + +
+ integer +
+ 		always +
How much storage is allocated in GB.
+
+
Sample:
+
20
+
+
+ availability_zone + +
+ string +
+ 		always +
Availability zone of the database from which the snapshot was created.
+
+
Sample:
+
us-west-2a
+
+
+ db_instance_identifier + +
+ string +
+ 		always +
Database from which the snapshot was created.
+
+
Sample:
+
ansible-test-16638696
+
+
+ db_snapshot_arn + +
+ string +
+ 		always +
Amazon Resource Name for the snapshot.
+
+
Sample:
+
arn:aws:rds:us-west-2:123456789012:snapshot:ansible-test-16638696-test-snapshot
+
+
+ db_snapshot_identifier + +
+ string +
+ 		always +
Name of the snapshot.
+
+
Sample:
+
ansible-test-16638696-test-snapshot
+
+
+ dbi_resource_id + +
+ string +
+ 		always +
The identifier for the source DB instance, which can't be changed and which is unique to an AWS Region.
+
+
Sample:
+
db-MM4P2U35RQRAMWD3QDOXWPZP4U
+
+
+ encrypted + +
+ boolean +
+ 		always +
Whether the snapshot is encrypted.
+
+
+
+ engine + +
+ string +
+ 		always +
Engine of the database from which the snapshot was created.
+
+
Sample:
+
mariadb
+
+
+ engine_version + +
+ string +
+ 		always +
Version of the database from which the snapshot was created.
+
+
Sample:
+
10.2.21
+
+
+ iam_database_authentication_enabled + +
+ boolean +
+ 		always +
Whether IAM database authentication is enabled.
+
+
+
+ instance_create_time + +
+ string +
+ 		always +
Creation time of the instance from which the snapshot was created.
+
+
Sample:
+
2019-06-15T10:15:56.221000+00:00
+
+
+ license_model + +
+ string +
+ 		always +
License model of the database.
+
+
Sample:
+
general-public-license
+
+
+ master_username + +
+ string +
+ 		always +
Master username of the database.
+
+
Sample:
+
test
+
+
+ option_group_name + +
+ string +
+ 		always +
Option group of the database.
+
+
Sample:
+
default:mariadb-10-2
+
+
+ percent_progress + +
+ integer +
+ 		always +
How much progress has been made taking the snapshot. Will be 100 for an available snapshot.
+
+
Sample:
+
100
+
+
+ port + +
+ integer +
+ 		always +
Port on which the database is listening.
+
+
Sample:
+
3306
+
+
+ processor_features + +
+ list +
+ 		always +
List of processor features of the database.
+
+
+
+ snapshot_create_time + +
+ string +
+ 		always +
Creation time of the snapshot.
+
+
Sample:
+
2019-06-15T10:46:23.776000+00:00
+
+
+ snapshot_type + +
+ string +
+ 		always +
How the snapshot was created (always manual for this module!).
+
+
Sample:
+
manual
+
+
+ status + +
+ string +
+ 		always +
Status of the snapshot.
+
+
Sample:
+
available
+
+
+ storage_type + +
+ string +
+ 		always +
Storage type of the database.
+
+
Sample:
+
gp2
+
+
+ tags + +
+ complex +
+ 		always +
Tags applied to the snapshot.
+
+
+
+ vpc_id + +
+ string +
+ 		always +
ID of the VPC in which the DB lives.
+
+
Sample:
+
vpc-09ff232e222710ae0
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) +- Michael De La Rue (@mikedlr) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_snapshot_info.rst b/docs/community.aws.rds_snapshot_info.rst new file mode 100644 index 00000000000..81ffae3f73b --- /dev/null +++ b/docs/community.aws.rds_snapshot_info.rst @@ -0,0 +1,1128 @@ + +.. _community.aws.rds_snapshot_info_: + + +******************************* +community.aws.rds_snapshot_info +******************************* + +**obtain information about one or more RDS snapshots** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Obtain information about one or more RDS snapshots. These can be for unclustered snapshots or snapshots of clustered DBs (Aurora). +- Aurora snapshot information may be obtained if no identifier parameters are passed or if one of the cluster parameters are passed. +- This module was called ``rds_snapshot_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ db_cluster_identifier + +
+ string +
+ 		+ + +
RDS cluster name for which to find snapshots.
+
Mutually exclusive with db_snapshot_identifier, db_instance_identifier, db_cluster_snapshot_identifier
+
+
+ db_cluster_snapshot_identifier + +
+ string +
+ 		+ + +
Name of an RDS cluster snapshot.
+
Mutually exclusive with db_instance_identifier, db_snapshot_identifier, db_cluster_identifier
+
+
+ db_instance_identifier + +
+ string +
+ 		+ + +
RDS instance name for which to find snapshots.
+
Mutually exclusive with db_snapshot_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
+
+
+ db_snapshot_identifier + +
+ string +
+ 		+ + +
Name of an RDS (unclustered) snapshot.
+
Mutually exclusive with db_instance_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
+

aliases: snapshot_name
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ snapshot_type + +
+ string +
+ 		+
    Choices: +
  • automated
    • +
  • manual
    • +
  • shared
    • +
  • public
    • +
+ 		+ +
Type of snapshot to find.
+
By default both automated and manual snapshots will be returned.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Get information about an snapshot + - rds_snapshot_info: + db_snapshot_identifier: snapshot_name + register: new_database_info + + # Get all RDS snapshots for an RDS instance + - rds_snapshot_info: + db_instance_identifier: helloworld-rds-master + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ cluster_snapshots + +
+ complex +
+ 		always +
List of cluster snapshots
+
+
  +
+ allocated_storage + +
+ integer +
+ 		always +
How many gigabytes of storage are allocated
+
+
Sample:
+
1
+
  +
+ availability_zones + +
+ list +
+ 		always +
The availability zones of the database from which the snapshot was taken
+
+
Sample:
+
['ca-central-1a', 'ca-central-1b']
+
  +
+ cluster_create_time + +
+ string +
+ 		always +
Date and time the cluster was created
+
+
Sample:
+
2018-05-17T00:13:40.223000+00:00
+
  +
+ db_cluster_identifier + +
+ string +
+ 		always +
Database cluster identifier
+
+
Sample:
+
test-aurora-cluster
+
  +
+ db_cluster_snapshot_arn + +
+ string +
+ 		always +
ARN of the database snapshot
+
+
Sample:
+
arn:aws:rds:ca-central-1:111111111111:cluster-snapshot:test-aurora-snapshot
+
  +
+ db_cluster_snapshot_identifier + +
+ string +
+ 		always +
Snapshot identifier
+
+
Sample:
+
test-aurora-snapshot
+
  +
+ engine + +
+ string +
+ 		always +
Database engine
+
+
Sample:
+
aurora
+
  +
+ engine_version + +
+ string +
+ 		always +
Database engine version
+
+
Sample:
+
5.6.10a
+
  +
+ iam_database_authentication_enabled + +
+ boolean +
+ 		always +
Whether database authentication through IAM is enabled
+
+
  +
+ kms_key_id + +
+ string +
+ 		always +
ID of the KMS Key encrypting the snapshot
+
+
Sample:
+
arn:aws:kms:ca-central-1:111111111111:key/abcd1234-abcd-1111-aaaa-0123456789ab
+
  +
+ license_model + +
+ string +
+ 		always +
License model
+
+
Sample:
+
aurora
+
  +
+ master_username + +
+ string +
+ 		always +
Database master username
+
+
Sample:
+
shertel
+
  +
+ percent_progress + +
+ integer +
+ 		always +
Percent progress of snapshot
+
+
  +
+ port + +
+ integer +
+ 		always +
Database port
+
+
  +
+ snapshot_create_time + +
+ string +
+ 		always +
Date and time when the snapshot was created
+
+
Sample:
+
2018-05-17T00:23:23.731000+00:00
+
  +
+ snapshot_type + +
+ string +
+ 		always +
Type of snapshot
+
+
Sample:
+
manual
+
  +
+ status + +
+ string +
+ 		always +
Status of snapshot
+
+
Sample:
+
creating
+
  +
+ storage_encrypted + +
+ boolean +
+ 		always +
Whether the snapshot is encrypted
+
+
Sample:
+
True
+
  +
+ tags + +
+ complex +
+ 		when snapshot is not shared +
Tags of the snapshot
+
+
  +
+ vpc_id + +
+ string +
+ 		always +
VPC of the database
+
+
Sample:
+
vpc-abcd1234
+
+
+ snapshots + +
+ complex +
+ 		When cluster parameters are not passed +
List of non-clustered snapshots
+
+
  +
+ allocated_storage + +
+ integer +
+ 		always +
How many gigabytes of storage are allocated
+
+
Sample:
+
10
+
  +
+ availability_zone + +
+ string +
+ 		always +
The availability zone of the database from which the snapshot was taken
+
+
Sample:
+
us-west-2b
+
  +
+ db_instance_identifier + +
+ string +
+ 		always +
Database instance identifier
+
+
Sample:
+
hello-world-rds
+
  +
+ db_snapshot_arn + +
+ string +
+ 		always +
Snapshot ARN
+
+
Sample:
+
arn:aws:rds:us-west-2:111111111111:snapshot:rds:hello-world-rds-us1-2018-05-16-04-03
+
  +
+ db_snapshot_identifier + +
+ string +
+ 		always +
Snapshot name
+
+
Sample:
+
rds:hello-world-rds-us1-2018-05-16-04-03
+
  +
+ encrypted + +
+ boolean +
+ 		always +
Whether the snapshot was encrypted
+
+
Sample:
+
True
+
  +
+ engine + +
+ string +
+ 		always +
Database engine
+
+
Sample:
+
postgres
+
  +
+ engine_version + +
+ string +
+ 		always +
Database engine version
+
+
Sample:
+
9.5.10
+
  +
+ iam_database_authentication_enabled + +
+ boolean +
+ 		always +
Whether database authentication through IAM is enabled
+
+
  +
+ instance_create_time + +
+ string +
+ 		always +
Time the Instance was created
+
+
Sample:
+
2017-10-10T04:00:07.434000+00:00
+
  +
+ kms_key_id + +
+ string +
+ 		always +
ID of the KMS Key encrypting the snapshot
+
+
Sample:
+
arn:aws:kms:us-west-2:111111111111:key/abcd1234-1234-aaaa-0000-1234567890ab
+
  +
+ license_model + +
+ string +
+ 		always +
License model
+
+
Sample:
+
postgresql-license
+
  +
+ master_username + +
+ string +
+ 		always +
Database master username
+
+
Sample:
+
dbadmin
+
  +
+ option_group_name + +
+ string +
+ 		always +
Database option group name
+
+
Sample:
+
default:postgres-9-5
+
  +
+ percent_progress + +
+ integer +
+ 		always +
Percent progress of snapshot
+
+
Sample:
+
100
+
  +
+ snapshot_create_time + +
+ string +
+ 		always +
Time snapshot was created
+
+
Sample:
+
2018-05-16T04:03:33.871000+00:00
+
  +
+ snapshot_type + +
+ string +
+ 		always +
Type of snapshot
+
+
Sample:
+
automated
+
  +
+ status + +
+ string +
+ 		always +
Status of snapshot
+
+
Sample:
+
available
+
  +
+ storage_type + +
+ string +
+ 		always +
Storage type of underlying DB
+
+
Sample:
+
gp2
+
  +
+ tags + +
+ complex +
+ 		when snapshot is not shared +
Snapshot tags
+
+
  +
+ vpc_id + +
+ string +
+ 		always +
ID of VPC containing the DB
+
+
Sample:
+
vpc-abcd1234
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_subnet_group.rst b/docs/community.aws.rds_subnet_group.rst new file mode 100644 index 00000000000..19c76a946bc --- /dev/null +++ b/docs/community.aws.rds_subnet_group.rst @@ -0,0 +1,445 @@ + +.. _community.aws.rds_subnet_group_: + + +****************************** +community.aws.rds_subnet_group +****************************** + +**manage RDS database subnet groups** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, modifies, and deletes RDS database subnet groups. This module has a dependency on python-boto >= 2.5. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ description + +
+ string +
+ 		+ + +
Database subnet group description.
+
Required when state=present.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Database subnet group identifier.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Specifies whether the subnet should be present or absent.
+
+
+ subnets + +
+ list +
+ 		+ + +
List of subnet IDs that make up the database subnet group.
+
Required when state=present.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Add or change a subnet group + - rds_subnet_group: + state: present + name: norwegian-blue + description: My Fancy Ex Parrot Subnet Group + subnets: + - subnet-aaaaaaaa + - subnet-bbbbbbbb + + # Remove a subnet group + - rds_subnet_group: + state: absent + name: norwegian-blue + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ subnet_group + +
+ complex +
+ 		state=present +
Dictionary of DB subnet group values
+
+
  +
+ description + +
+ string +
+ 		state=present +
The description of the DB subnet group
+
+
  +
+ name + +
+ string +
+ 		state=present +
The name of the DB subnet group
+
+
  +
+ status + +
+ string +
+ 		state=present +
The status of the DB subnet group
+
+
  +
+ subnet_ids + +
+ list +
+ 		state=present +
Contains a list of Subnet IDs
+
+
  +
+ vpc_id + +
+ string +
+ 		state=present +
The VpcId of the DB subnet group
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Scott Anderson (@tastychutney) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift.rst b/docs/community.aws.redshift.rst new file mode 100644 index 00000000000..fa89fb8bced --- /dev/null +++ b/docs/community.aws.redshift.rst @@ -0,0 +1,1022 @@ + +.. _community.aws.redshift_: + + +********************** +community.aws.redshift +********************** + +**create, delete, or modify an Amazon Redshift instance** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, deletes, or modifies Amazon Redshift cluster instances. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ allow_version_upgrade + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When allow_version_upgrade=true the cluster may be automatically upgraded during the maintenance window.
+

aliases: version_upgrade
+
+
+ automated_snapshot_retention_period + +
+ integer +
+ 		+ + +
The number of days that automated snapshots are retained.
+

aliases: retention_period
+
+
+ availability_zone + +
+ string +
+ 		+ + +
Availability zone in which to launch cluster.
+

aliases: zone, aws_zone
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster_parameter_group_name + +
+ string +
+ 		+ + +
Name of the cluster parameter group.
+

aliases: param_group_name
+
+
+ cluster_security_groups + +
+ list + / elements=string
+ 		+ + +
In which security group the cluster belongs.
+

aliases: security_groups
+
+
+ cluster_subnet_group_name + +
+ string +
+ 		+ + +
Which subnet to place the cluster.
+

aliases: subnet
+
+
+ cluster_type + +
+ string +
+ 		+
    Choices: +
  • multi-node
    • +
  • single-node ←
    • +
+ 		+ +
The type of cluster.
+
+
+ cluster_version + +
+ string +
+ 		+
    Choices: +
  • 1.0
    • +
+ 		+ +
Which version the cluster should have.
+

aliases: version
+
+
+ command + +
+ string + / required
+ 		+
    Choices: +
  • create
    • +
  • facts
    • +
  • delete
    • +
  • modify
    • +
+ 		+ +
Specifies the action to take.
+
+
+ db_name + +
+ string +
+ 		+ + +
Name of the database.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ elastic_ip + +
+ string +
+ 		+ + +
An Elastic IP to use for the cluster.
+
+
+ encrypted + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If the cluster is encrypted or not.
+
+
+ enhanced_vpc_routing + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether the cluster should have enhanced VPC routing enabled.
+
+
+ final_cluster_snapshot_identifier + +
+ string +
+ 		+ + +
Identifier of the final snapshot to be created before deleting the cluster.
+
If this parameter is provided, skip_final_cluster_snapshot must be false.
+
Used only when command=delete.
+

aliases: final_snapshot_id
+
+
+ identifier + +
+ string + / required
+ 		+ + +
Redshift cluster identifier.
+
+
+ new_cluster_identifier + +
+ string +
+ 		+ + +
Only used when command=modify.
+

aliases: new_identifier
+
+
+ node_type + +
+ string +
+ 		+
    Choices: +
  • ds1.xlarge
    • +
  • ds1.8xlarge
    • +
  • ds2.xlarge
    • +
  • ds2.8xlarge
    • +
  • dc1.large
    • +
  • dc2.large
    • +
  • dc1.8xlarge
    • +
  • dw1.xlarge
    • +
  • dw1.8xlarge
    • +
  • dw2.large
    • +
  • dw2.8xlarge
    • +
+ 		+ +
The node type of the cluster.
+
Require when command=create.
+
+
+ number_of_nodes + +
+ integer +
+ 		+ + +
Number of nodes.
+
Only used when cluster_type=multi-node.
+
+
+ password + +
+ string +
+ 		+ + +
Master database password.
+
Used only when command=create.
+
+
+ port + +
+ integer +
+ 		+ + +
Which port the cluster is listening on.
+
+
+ preferred_maintenance_window + +
+ string +
+ 		+ + +
Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
+
Times are specified in UTC.
+
If not specified then a random 30 minute maintenance window is assigned.
+

aliases: maintance_window, maint_window
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ publicly_accessible + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If the cluster is accessible publicly or not.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ skip_final_cluster_snapshot + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Skip a final snapshot before deleting the cluster.
+
Used only when command=delete.
+

aliases: skip_final_snapshot
+
+
+ username + +
+ string +
+ 		+ + +
Master database username.
+
Used only when command=create.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_security_group_ids + +
+ list + / elements=string
+ 		+ + +
VPC security group
+

aliases: vpc_security_groups
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
When command=create, command=modify or command=restore then wait for the database to enter the 'available' state.
+
When command=delete wait for the database to be terminated.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
When wait=true defines how long in seconds before giving up.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic cluster provisioning example + - redshift: > + command=create + node_type=ds1.xlarge + identifier=new_cluster + username=cluster_admin + password=1nsecure + + # Cluster delete example + - redshift: + command: delete + identifier: new_cluster + skip_final_cluster_snapshot: true + wait: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ cluster + +
+ complex +
+ 		success +
dictionary containing all the cluster information
+
+
  +
+ availability_zone + +
+ string +
+ 		success +
Amazon availability zone where the cluster is located. "None" until cluster is available.
+
+
Sample:
+
us-east-1b
+
  +
+ create_time + +
+ float +
+ 		success +
Time of the cluster creation as timestamp.
+
+
Sample:
+
1430158536.308
+
  +
+ db_name + +
+ string +
+ 		success +
Name of the database.
+
+
Sample:
+
new_db_name
+
  +
+ enhanced_vpc_routing + +
+ boolean +
+ 		success +
status of the enhanced vpc routing feature.
+
+
  +
+ identifier + +
+ string +
+ 		success +
Id of the cluster.
+
+
Sample:
+
new_redshift_cluster
+
  +
+ maintenance_window + +
+ string +
+ 		success +
Time frame when maintenance/upgrade are done.
+
+
Sample:
+
sun:09:30-sun:10:00
+
  +
+ port + +
+ integer +
+ 		success +
Port of the cluster. "None" until cluster is available.
+
+
Sample:
+
5439
+
  +
+ private_ip_address + +
+ string +
+ 		success +
Private IP address of the main node.
+
+
Sample:
+
10.10.10.10
+
  +
+ public_ip_address + +
+ string +
+ 		success +
Public IP address of the main node. "None" when enhanced_vpc_routing is enabled.
+
+
Sample:
+
0.0.0.0
+
  +
+ status + +
+ string +
+ 		success +
Status of the cluster.
+
+
Sample:
+
available
+
  +
+ url + +
+ string +
+ 		success +
FQDN of the main cluster node. "None" until cluster is available.
+
+
Sample:
+
new-redshift_cluster.jfkdjfdkj.us-east-1.redshift.amazonaws.com
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jens Carl (@j-carl), Hothead Games Inc. +- Rafael Driutti (@rafaeldriutti) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift_cross_region_snapshots.rst b/docs/community.aws.redshift_cross_region_snapshots.rst new file mode 100644 index 00000000000..10df01c3550 --- /dev/null +++ b/docs/community.aws.redshift_cross_region_snapshots.rst @@ -0,0 +1,367 @@ + +.. _community.aws.redshift_cross_region_snapshots_: + + +********************************************* +community.aws.redshift_cross_region_snapshots +********************************************* + +**Manage Redshift Cross Region Snapshots** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage Redshift Cross Region Snapshots. Supports KMS-Encrypted Snapshots. +- For more information, see https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html#cross-region-snapshot-copy + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster_name + +
+ string + / required
+ 		+ + +
The name of the cluster to configure cross-region snapshots for.
+

aliases: cluster
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ destination_region + +
+ string + / required
+ 		+ + +
The region to copy snapshots to.
+

aliases: destination
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string + / required
+ 		+ + +
The cluster's region.
+

aliases: source
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ snapshot_copy_grant + +
+ string +
+ 		+ + +
A grant for Amazon Redshift to use a master key in the destination_region.
+ +

aliases: copy_grant
+
+
+ snapshot_retention_period + +
+ integer + / required
+ 		+ + +
The number of days to keep cross-region snapshots for.
+

aliases: retention_period
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or remove the cross-region snapshot configuration.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure cross-region snapshot on cluster `johniscool` + redshift_cross_region_snapshots: + cluster_name: johniscool + state: present + region: us-east-1 + destination_region: us-west-2 + retention_period: 1 + + - name: configure cross-region snapshot on kms-encrypted cluster + redshift_cross_region_snapshots: + cluster_name: whatever + state: present + region: us-east-1 + destination: us-west-2 + copy_grant: 'my-grant-in-destination' + retention_period: 10 + + - name: disable cross-region snapshots, necessary before most cluster modifications (rename, resize) + redshift_cross_region_snapshots: + cluster_name: whatever + state: absent + region: us-east-1 + destination_region: us-west-2 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- JR Kerkstra (@captainkerk) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift_info.rst b/docs/community.aws.redshift_info.rst new file mode 100644 index 00000000000..cf2524b4bf6 --- /dev/null +++ b/docs/community.aws.redshift_info.rst @@ -0,0 +1,869 @@ + +.. _community.aws.redshift_info_: + + +*************************** +community.aws.redshift_info +*************************** + +**Gather information about Redshift cluster(s)** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about Redshift cluster(s). +- This module was called ``redshift_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ cluster_identifier + +
+ string +
+ 		+ + +
The prefix of cluster identifier of the Redshift cluster you are searching for.
+
This is a regular expression match with implicit '^'. Append '$' for a complete match.
+

aliases: name, identifier
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ tags + +
+ dictionary +
+ 		+ + +
A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do net set authentication details, see the AWS guide for details. + + # Find all clusters + - redshift_info: + register: redshift + + # Find cluster(s) with matching tags + - redshift_info: + tags: + env: prd + stack: monitoring + register: redshift_tags + + # Find cluster(s) with matching name/prefix and tags + - redshift_info: + tags: + env: dev + stack: web + name: user- + register: redshift_web + + # Fail if no cluster(s) is/are found + - redshift_info: + tags: + env: stg + stack: db + register: redshift_user + failed_when: "{{ redshift_user.results | length == 0 }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ allow_version_upgrade + +
+ boolean +
+ 		success +
A Boolean value that, if true, indicates that major version upgrades will be applied automatically to the cluster during the maintenance window.
+
+
Sample:
+
true|false
+
+
+ automated_snapshot_retention_period + +
+ integer +
+ 		success +
The number of days that automatic cluster snapshots are retained.
+
+
Sample:
+
1
+
+
+ availability_zone + +
+ string +
+ 		success +
The name of the Availability Zone in which the cluster is located.
+
+
Sample:
+
us-east-1b
+
+
+ cluster_create_time + +
+ string +
+ 		success +
The date and time that the cluster was created.
+
+
Sample:
+
2016-05-10T08:33:16.629000+00:00
+
+
+ cluster_identifier + +
+ string +
+ 		success +
Unique key to identify the cluster.
+
+
Sample:
+
redshift-identifier
+
+
+ cluster_nodes + +
+ list +
+ 		success +
The nodes in the cluster.
+
+
Sample:
+
[{'node_role': 'LEADER', 'private_ip_address': '10.0.0.1', 'public_ip_address': 'x.x.x.x'}, {'node_role': 'COMPUTE-1', 'private_ip_address': '10.0.0.3', 'public_ip_address': 'x.x.x.x'}]
+
+
+ cluster_paramater_groups + +
+ list +
+ 		success +
The list of cluster parameters that are associated with this cluster.
+
+
Sample:
+
[{'cluster_parameter_status_list': [{'parameter_apply_status': 'in-sync', 'parameter_name': 'statement_timeout'}, {'parameter_apply_status': 'in-sync', 'parameter_name': 'require_ssl'}], 'parameter_apply_status': 'in-sync', 'parameter_group_name': 'tuba'}]
+
+
+ cluster_public_keys + +
+ string +
+ 		success +
The public key for the cluster.
+
+
Sample:
+
ssh-rsa anjigfam Amazon-Redshift
+
+
+ cluster_revision_number + +
+ string +
+ 		success +
The specific revision number of the database in the cluster.
+
+
Sample:
+
1231
+
+
+ cluster_security_groups + +
+ list +
+ 		success +
A list of cluster security groups that are associated with the cluster.
+
+
+
+ cluster_snapshot_copy_status + +
+ dictionary +
+ 		success +
A value that returns the destination region and retention period that are configured for cross-region snapshot copy.
+
+
+
+ cluster_status + +
+ string +
+ 		success +
Current state of the cluster.
+
+
Sample:
+
available
+
+
+ cluster_subnet_group_name + +
+ string +
+ 		success +
The name of the subnet group that is associated with the cluster.
+
+
Sample:
+
redshift-subnet
+
+
+ cluster_version + +
+ string +
+ 		success +
The version ID of the Amazon Redshift engine that is running on the cluster.
+
+
Sample:
+
1.0
+
+
+ db_name + +
+ string +
+ 		success +
The name of the initial database that was created when the cluster was created.
+
+
Sample:
+
dev
+
+
+ elastic_ip_status + +
+ dictionary +
+ 		success +
The status of the elastic IP (EIP) address.
+
+
+
+ encrypted + +
+ boolean +
+ 		success +
Boolean value that, if true , indicates that data in the cluster is encrypted at rest.
+
+
Sample:
+
true|false
+
+
+ endpoint + +
+ string +
+ 		success +
The connection endpoint.
+
+
Sample:
+
{'address': 'cluster-ds2.ocmugla0rf.us-east-1.redshift.amazonaws.com', 'port': 5439}
+
+
+ enhanced_vpc_routing + +
+ boolean +
+ 		success +
An option that specifies whether to create the cluster with enhanced VPC routing enabled.
+
+
Sample:
+
true|false
+
+
+ hsm_status + +
+ dictionary +
+ 		success +
A value that reports whether the Amazon Redshift cluster has finished applying any hardware security module (HSM) settings changes specified in a modify cluster command.
+
+
+
+ iam_roles + +
+ list +
+ 		success +
List of IAM roles attached to the cluster.
+
+
+
+ kms_key_id + +
+ string +
+ 		success +
The AWS Key Management Service (AWS KMS) key ID of the encryption key used to encrypt data in the cluster.
+
+
+
+ master_username + +
+ string +
+ 		success +
The master user name for the cluster.
+
+
Sample:
+
admin
+
+
+ modify_status + +
+ string +
+ 		optional +
The status of a modify operation.
+
+
+
+ node_type + +
+ string +
+ 		success +
The node type for nodes in the cluster.
+
+
Sample:
+
ds2.xlarge
+
+
+ number_of_nodes + +
+ integer +
+ 		success +
The number of compute nodes in the cluster.
+
+
Sample:
+
12
+
+
+ pending_modified_values + +
+ dictionary +
+ 		success +
A value that, if present, indicates that changes to the cluster are pending.
+
+
+
+ preferred_maintenance_window + +
+ string +
+ 		success +
The weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur.
+
+
Sample:
+
tue:07:30-tue:08:00
+
+
+ publicly_accessible + +
+ boolean +
+ 		success +
A Boolean value that, if true , indicates that the cluster can be accessed from a public network.
+
+
Sample:
+
true|false
+
+
+ restore_status + +
+ dictionary +
+ 		success +
A value that describes the status of a cluster restore action.
+
+
+
+ tags + +
+ list +
+ 		success +
The list of tags for the cluster.
+
+
+
+ vpc_id + +
+ string +
+ 		success +
The identifier of the VPC the cluster is in, if the cluster is in a VPC.
+
+
Sample:
+
vpc-1234567
+
+
+ vpc_security_groups + +
+ list +
+ 		success +
A list of VPC security groups the are associated with the cluster.
+
+
Sample:
+
[{'status': 'active', 'vpc_security_group_id': 'sg-12cghhg'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jens Carl (@j-carl) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift_subnet_group.rst b/docs/community.aws.redshift_subnet_group.rst new file mode 100644 index 00000000000..0ab43b10fd0 --- /dev/null +++ b/docs/community.aws.redshift_subnet_group.rst @@ -0,0 +1,403 @@ + +.. _community.aws.redshift_subnet_group_: + + +*********************************** +community.aws.redshift_subnet_group +*********************************** + +**manage Redshift cluster subnet groups** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modifies, and deletes Redshift cluster subnet groups. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ group_description + +
+ string +
+ 		+ + +
Database subnet group description.
+

aliases: description
+
+
+ group_name + +
+ string + / required
+ 		+ + +
Cluster subnet group name.
+

aliases: name
+
+
+ group_subnets + +
+ list + / elements=string
+ 		+ + +
List of subnet IDs that make up the cluster subnet group.
+

aliases: subnets
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Specifies whether the subnet should be present or absent.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a Redshift subnet group + - local_action: + module: redshift_subnet_group + state: present + group_name: redshift-subnet + group_description: Redshift subnet + group_subnets: + - 'subnet-aaaaa' + - 'subnet-bbbbb' + + # Remove subnet group + - redshift_subnet_group: + state: absent + group_name: redshift-subnet + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ group + +
+ complex +
+ 		success +
dictionary containing all Redshift subnet group information
+
+
  +
+ name + +
+ string +
+ 		success +
name of the Redshift subnet group
+
+
Sample:
+
redshift_subnet_group_name
+
  +
+ vpc_id + +
+ string +
+ 		success +
Id of the VPC where the subnet is located
+
+
Sample:
+
vpc-aabb1122
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Jens Carl (@j-carl), Hothead Games Inc. + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53.rst b/docs/community.aws.route53.rst new file mode 100644 index 00000000000..074aae43bf8 --- /dev/null +++ b/docs/community.aws.route53.rst @@ -0,0 +1,1041 @@ + +.. _community.aws.route53_: + + +********************* +community.aws.route53 +********************* + +**add or delete entries in Amazons Route53 DNS service** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and deletes DNS records in Amazons Route53 service + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ alias + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Indicates if this is an alias record.
+
+
+ alias_evaluate_target_health + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
+
+
+ alias_hosted_zone_id + +
+ string +
+ 		+ + +
The hosted zone identifier.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ failover + +
+ string +
+ 		+
    Choices: +
  • SECONDARY
    • +
  • PRIMARY
    • +
+ 		+ +
Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
+
+
+ health_check + +
+ string +
+ 		+ + +
Health check to associate with this record
+
+
+ hosted_zone_id + +
+ string +
+ 		+ + +
The Hosted Zone ID of the DNS zone to modify.
+
This is a required parameter, if parameter zone is not supplied.
+
+
+ identifier + +
+ string +
+ 		+ + +
Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
+
+
+ overwrite + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
Whether an existing record should be overwritten on create if values do not match.
+
+
+ private_zone + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ record + +
+ string + / required
+ 		+ + +
The full DNS record to create or delete.
+
+
+ region + +
+ string +
+ 		+ + +
Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
+
+
+ retry_interval + +
+ integer +
+ 		+ Default:
500
+ 		+ +
In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
  • get
    • +
  • create
    • +
  • delete
    • +
+ 		+ +
Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.
+

aliases: command
+
+
+ ttl + +
+ integer +
+ 		+ Default:
3600
+ 		+ +
The TTL, in second, to give the new record.
+
+
+ type + +
+ string + / required
+ 		+
    Choices: +
  • A
    • +
  • CNAME
    • +
  • MX
    • +
  • AAAA
    • +
  • TXT
    • +
  • PTR
    • +
  • SRV
    • +
  • SPF
    • +
  • CAA
    • +
  • NS
    • +
  • SOA
    • +
+ 		+ +
The type of DNS record to create.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ value + +
+ list +
+ 		+ + +
The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
+
When deleting a record all values for the record must be specified or Route53 will not delete it.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.
+
This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
+
+
+ wait + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
+
+
+ wait_timeout + +
+ integer +
+ 		+ Default:
300
+ 		+ +
How long to wait for the changes to be replicated, in seconds.
+
+
+ weight + +
+ integer +
+ 		+ + +
Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
+
+
+ zone + +
+ string +
+ 		+ + +
The DNS zone to modify.
+
This is a required parameter, if parameter hosted_zone_id is not supplied.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated + - route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: 1.1.1.1,2.2.2.2,3.3.3.3 + wait: yes + + # Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated + - route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: + - 1.1.1.1 + - 2.2.2.2 + - 3.3.3.3 + wait: yes + + # Retrieve the details for new.foo.com + - route53: + state: get + zone: foo.com + record: new.foo.com + type: A + register: rec + + # Delete new.foo.com A record using the results from the get command + - route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" + + # Add an AAAA record. Note that because there are colons in the value + # that the IPv6 address must be quoted. Also shows using the old form command=create. + - route53: + command: create + zone: foo.com + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + + # Add a SRV record with multiple fields for a service on port 22222 + # For more information on SRV records see: + # https://en.wikipedia.org/wiki/SRV_record + - route53: + state: present + zone: foo.com + record: "_example-service._tcp.foo.com" + type: SRV + value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" + + # Add a TXT record. Note that TXT and SPF records must be surrounded + # by quotes when sent to Route 53: + - route53: + state: present + zone: foo.com + record: localhost.foo.com + type: TXT + ttl: 7200 + value: '"bar"' + + # Add an alias record that points to an Amazon ELB: + - route53: + state: present + zone: foo.com + record: elb.foo.com + type: A + value: "{{ elb_dns_name }}" + alias: True + alias_hosted_zone_id: "{{ elb_zone_id }}" + + # Retrieve the details for elb.foo.com + - route53: + state: get + zone: foo.com + record: elb.foo.com + type: A + register: rec + + # Delete an alias record using the results from the get command + - route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" + alias: True + alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" + + # Add an alias record that points to an Amazon ELB and evaluates it health: + - route53: + state: present + zone: foo.com + record: elb.foo.com + type: A + value: "{{ elb_dns_name }}" + alias: True + alias_hosted_zone_id: "{{ elb_zone_id }}" + alias_evaluate_target_health: True + + # Add an AAAA record with Hosted Zone ID. + - route53: + state: present + zone: foo.com + hosted_zone_id: Z2AABBCCDDEEFF + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + + # Use a routing policy to distribute traffic: + - route53: + state: present + zone: foo.com + record: www.foo.com + type: CNAME + value: host1.foo.com + ttl: 30 + # Routing policy + identifier: "host1@www" + weight: 100 + health_check: "d994b780-3150-49fd-9205-356abdd42e75" + + # Add a CAA record (RFC 6844): + - route53: + state: present + zone: example.com + record: example.com + type: CAA + value: + - 0 issue "ca.example.net" + - 0 issuewild ";" + - 0 iodef "mailto:security@example.com" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ nameservers + +
+ list +
+ 		when state is 'get' +
Nameservers associated with the zone.
+
+
Sample:
+
['ns-1036.awsdns-00.org.', 'ns-516.awsdns-00.net.', 'ns-1504.awsdns-00.co.uk.', 'ns-1.awsdns-00.com.']
+
+
+ set + +
+ complex +
+ 		when state is 'get' +
Info specific to the resource record.
+
+
  +
+ alias + +
+ boolean +
+ 		always +
Whether this is an alias.
+
+
  +
+ failover + +
+ string +
+ 		always +
Whether this is the primary or secondary resource record set.
+
+
Sample:
+
PRIMARY
+
  +
+ health_check + +
+ string +
+ 		always +
health_check associated with this record.
+
+
  +
+ identifier + +
+ string +
+ 		always +
An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
+
+
  +
+ record + +
+ string +
+ 		always +
Domain name for the record set.
+
+
Sample:
+
new.foo.com.
+
  +
+ region + +
+ string +
+ 		always +
Which region this should be associated with for latency-based routing.
+
+
Sample:
+
us-west-2
+
  +
+ ttl + +
+ string +
+ 		always +
Resource record cache TTL.
+
+
Sample:
+
3600
+
  +
+ type + +
+ string +
+ 		always +
Resource record set type.
+
+
Sample:
+
A
+
  +
+ value + +
+ string +
+ 		always +
Record value.
+
+
Sample:
+
52.43.18.27
+
  +
+ values + +
+ list +
+ 		always +
Record Values.
+
+
Sample:
+
['52.43.18.27']
+
  +
+ weight + +
+ string +
+ 		always +
Weight of the record.
+
+
Sample:
+
3
+
  +
+ zone + +
+ string +
+ 		always +
Zone this record set belongs to.
+
+
Sample:
+
foo.bar.com.
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Bruce Pennypacker (@bpennypacker) +- Mike Buzzetti (@jimbydamonk) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53_health_check.rst b/docs/community.aws.route53_health_check.rst new file mode 100644 index 00000000000..87656616e1e --- /dev/null +++ b/docs/community.aws.route53_health_check.rst @@ -0,0 +1,459 @@ + +.. _community.aws.route53_health_check_: + + +********************************** +community.aws.route53_health_check +********************************** + +**Add or delete health-checks in Amazons Route53 DNS service** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and deletes DNS Health checks in Amazons Route53 service. +- Only the port, resource_path, string_match and request_interval are considered when updating existing health-checks. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ failure_threshold + +
+ integer +
+ 		+
    Choices: +
  • 1
    • +
  • 2
    • +
  • 3 ←
    • +
  • 4
    • +
  • 5
    • +
  • 6
    • +
  • 7
    • +
  • 8
    • +
  • 9
    • +
  • 10
    • +
+ 		+ +
The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
+
+
+ fqdn + +
+ string +
+ 		+ + +
Domain name of the endpoint to check. Either this or ip_address has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
+
+
+ ip_address + +
+ string +
+ 		+ + +
IP address of the end-point to check. Either this or fqdn has to be provided.
+
+
+ port + +
+ integer +
+ 		+ + +
The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ request_interval + +
+ integer +
+ 		+
    Choices: +
  • 10
    • +
  • 30 ←
    • +
+ 		+ +
The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
+
+
+ resource_path + +
+ string +
+ 		+ + +
The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.
+
Required for all checks except TCP.
+
The path must begin with a /
+
Maximum 255 characters.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Specifies the action to take.
+
+
+ string_match + +
+ string +
+ 		+ + +
If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
+
+
+ type + +
+ string + / required
+ 		+
    Choices: +
  • HTTP
    • +
  • HTTPS
    • +
  • HTTP_STR_MATCH
    • +
  • HTTPS_STR_MATCH
    • +
  • TCP
    • +
+ 		+ +
The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a health-check for host1.example.com and use it in record + - route53_health_check: + state: present + fqdn: host1.example.com + type: HTTP_STR_MATCH + resource_path: / + string_match: "Hello" + request_interval: 10 + failure_threshold: 2 + register: my_health_check + + - route53: + action: create + zone: "example.com" + type: CNAME + record: "www.example.com" + value: host1.example.com + ttl: 30 + # Routing policy + identifier: "host1@www" + weight: 100 + health_check: "{{ my_health_check.health_check.id }}" + + # Delete health-check + - route53_health_check: + state: absent + fqdn: host1.example.com + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- zimbatm (@zimbatm) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53_info.rst b/docs/community.aws.route53_info.rst new file mode 100644 index 00000000000..12f54987ac3 --- /dev/null +++ b/docs/community.aws.route53_info.rst @@ -0,0 +1,580 @@ + +.. _community.aws.route53_info_: + + +************************** +community.aws.route53_info +************************** + +**Retrieves route53 details using AWS methods** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to Route53 zone, record set or health check details. +- This module was called ``route53_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ change_id + +
+ string +
+ 		+ + +
The ID of the change batch request.
+
The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
+
Required if query=change.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delegation_set_id + +
+ string +
+ 		+ + +
The DNS Zone delegation set ID.
+
+
+ dns_name + +
+ string +
+ 		+ + +
The first name in the lexicographic ordering of domain names that you want the list_command to start listing from.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ health_check_id + +
+ string +
+ 		+ + +
The ID of the health check.
+
Required if query is set to health_check and health_check_method is set to details or status or failure_reason.
+
+
+ health_check_method + +
+ string +
+ 		+
    Choices: +
  • list ←
    • +
  • details
    • +
  • status
    • +
  • failure_reason
    • +
  • count
    • +
  • tags
    • +
+ 		+ +
This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
+
+
+ hosted_zone_id + +
+ string +
+ 		+ + +
The Hosted Zone ID of the DNS zone.
+
Required if query is set to hosted_zone and hosted_zone_method is set to details.
+
Required if query is set to record_sets.
+
+
+ hosted_zone_method + +
+ string +
+ 		+
    Choices: +
  • details
    • +
  • list ←
    • +
  • list_by_name
    • +
  • count
    • +
  • tags
    • +
+ 		+ +
This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
+
+
+ max_items + +
+ string +
+ 		+ + +
Maximum number of items to return for various get/list requests.
+
+
+ next_marker + +
+ string +
+ 		+ + +
Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ query + +
+ string + / required
+ 		+
    Choices: +
  • change
    • +
  • checker_ip_range
    • +
  • health_check
    • +
  • hosted_zone
    • +
  • record_sets
    • +
  • reusable_delegation_set
    • +
+ 		+ +
Specifies the query action to take.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ resource_id + +
+ list + / elements=string
+ 		+ + +
The ID/s of the specified resource/s.
+
Required if query=health_check and health_check_method=tags.
+
Required if query=hosted_zone and hosted_zone_method=tags.
+

aliases: resource_ids
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ start_record_name + +
+ string +
+ 		+ + +
The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from.
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • A
    • +
  • CNAME
    • +
  • MX
    • +
  • AAAA
    • +
  • TXT
    • +
  • PTR
    • +
  • SRV
    • +
  • SPF
    • +
  • CAA
    • +
  • NS
    • +
+ 		+ +
The type of DNS record.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all hosted zones + - name: List all hosted zones + route53_info: + query: hosted_zone + register: hosted_zones + + # Getting a count of hosted zones + - name: Return a count of all hosted zones + route53_info: + query: hosted_zone + hosted_zone_method: count + register: hosted_zone_count + + - name: List the first 20 resource record sets in a given hosted zone + route53_info: + profile: account_name + query: record_sets + hosted_zone_id: ZZZ1111112222 + max_items: 20 + register: record_sets + + - name: List first 20 health checks + route53_info: + query: health_check + health_check_method: list + max_items: 20 + register: health_checks + + - name: Get health check last failure_reason + route53_info: + query: health_check + health_check_method: failure_reason + health_check_id: 00000000-1111-2222-3333-12345678abcd + register: health_check_failure_reason + + - name: Retrieve reusable delegation set details + route53_info: + query: reusable_delegation_set + delegation_set_id: delegation id + register: delegation_sets + + - name: setup of example for using next_marker + route53_info: + query: hosted_zone + max_items: 1 + register: first_info + + - name: example for using next_marker + route53_info: + query: hosted_zone + next_marker: "{{ first_info.NextMarker }}" + max_items: 1 + when: "{{ 'NextMarker' in first_info }}" + + - name: retrieve host entries starting with host1.workshop.test.io + block: + - name: grab zone id + route53_zone: + zone: "test.io" + register: AWSINFO + + - name: grab Route53 record information + route53_info: + type: A + query: record_sets + hosted_zone_id: "{{ AWSINFO.zone_id }}" + start_record_name: "host1.workshop.test.io" + register: RECORDS + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53_zone.rst b/docs/community.aws.route53_zone.rst new file mode 100644 index 00000000000..4cab82c7544 --- /dev/null +++ b/docs/community.aws.route53_zone.rst @@ -0,0 +1,530 @@ + +.. _community.aws.route53_zone_: + + +************************** +community.aws.route53_zone +************************** + +**add or delete Route53 zones** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and deletes Route53 private and public zones. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ comment + +
+ string +
+ 		+ Default:
""
+ 		+ +
Comment associated with the zone.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delegation_set_id + +
+ string +
+ 		+ + +
The reusable delegation set ID to be associated with the zone.
+
Note that you can't associate a reusable delegation set with a private hosted zone.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ hosted_zone_id + +
+ string +
+ 		+ + +
The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
+
Required if there are multiple zones identified with the above options.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Whether or not the zone should exist or not.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ vpc_id + +
+ string +
+ 		+ + +
The VPC ID the zone should be a part of (if this is going to be a private zone).
+
+
+ vpc_region + +
+ string +
+ 		+ + +
The VPC Region the zone should be a part of (if this is going to be a private zone).
+
+
+ zone + +
+ string + / required
+ 		+ + +
The DNS zone record (eg: foo.com.)
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create a public zone + route53_zone: + zone: example.com + comment: this is an example + + - name: delete a public zone + route53_zone: + zone: example.com + state: absent + + - name: create a private zone + route53_zone: + zone: devel.example.com + vpc_id: '{{ myvpc_id }}' + vpc_region: us-west-2 + comment: developer domain + + - name: create a public zone associated with a specific reusable delegation set + route53_zone: + zone: example.com + comment: reusable delegation set example + delegation_set_id: A1BCDEF2GHIJKL + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ comment + +
+ string +
+ 		when hosted zone exists +
optional hosted zone comment
+
+
Sample:
+
Private zone
+
+
+ delegation_set_id + +
+ string +
+ 		for public hosted zones, if they have been associated with a reusable delegation set +
id of the associated reusable delegation set
+
+
Sample:
+
A1BCDEF2GHIJKL
+
+
+ name + +
+ string +
+ 		when hosted zone exists +
hosted zone name
+
+
Sample:
+
private.local.
+
+
+ private_zone + +
+ boolean +
+ 		when hosted zone exists +
whether hosted zone is private or public
+
+
Sample:
+
True
+
+
+ vpc_id + +
+ string +
+ 		for private hosted zone +
id of vpc attached to private hosted zone
+
+
Sample:
+
vpc-1d36c84f
+
+
+ vpc_region + +
+ string +
+ 		for private hosted zone +
region of vpc attached to private hosted zone
+
+
Sample:
+
eu-west-1
+
+
+ zone_id + +
+ string +
+ 		when hosted zone exists +
hosted zone id
+
+
Sample:
+
Z6JQG9820BEFMW
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Christopher Troup (@minichate) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_bucket_notification.rst b/docs/community.aws.s3_bucket_notification.rst new file mode 100644 index 00000000000..3b9835f82cb --- /dev/null +++ b/docs/community.aws.s3_bucket_notification.rst @@ -0,0 +1,469 @@ + +.. _community.aws.s3_bucket_notification_: + + +************************************ +community.aws.s3_bucket_notification +************************************ + +**Creates, updates or deletes S3 Bucket notification for lambda** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda function bucket event mappings via the Ansible framework. Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases and :ref:`lambda_policy ` to modify lambda permissions. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bucket_name + +
+ string + / required
+ 		+ + +
S3 bucket name.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ event_name + +
+ string + / required
+ 		+ + +
Unique name for event notification on bucket.
+
+
+ events + +
+ list + / elements=string
+ 		+
    Choices: +
  • s3:ObjectCreated:*
    • +
  • s3:ObjectCreated:Put
    • +
  • s3:ObjectCreated:Post
    • +
  • s3:ObjectCreated:Copy
    • +
  • s3:ObjectCreated:CompleteMultipartUpload
    • +
  • s3:ObjectRemoved:*
    • +
  • s3:ObjectRemoved:Delete
    • +
  • s3:ObjectRemoved:DeleteMarkerCreated
    • +
  • s3:ObjectRestore:Post
    • +
  • s3:ObjectRestore:Completed
    • +
  • s3:ReducedRedundancyLostObject
    • +
+ 		+ +
Events that you want to be triggering notifications. You can select multiple events to send to the same destination, you can set up different events to send to different destinations, and you can set up a prefix or suffix for an event. However, for each bucket, individual events cannot have multiple configurations with overlapping prefixes or suffixes that could match the same object key.
+
Required when state=present.
+
+
+ lambda_alias + +
+ string +
+ 		+ + +
Name of the Lambda function alias.
+
Mutually exclusive with lambda_version.
+
+
+ lambda_function_arn + +
+ string +
+ 		+ + +
The ARN of the lambda function.
+

aliases: function_arn
+
+
+ lambda_version + +
+ integer +
+ 		+ + +
Version of the Lambda function.
+
Mutually exclusive with lambda_alias.
+
+
+ prefix + +
+ string +
+ 		+ + +
Optional prefix to limit the notifications to objects with keys that start with matching characters.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Describes the desired state.
+
+
+ suffix + +
+ string +
+ 		+ + +
Optional suffix to limit the notifications to objects with keys that end with matching characters.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - This module heavily depends on :ref:`lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Example that creates a lambda event notification for a bucket + - hosts: localhost + gather_facts: no + tasks: + - name: Process jpg image + s3_bucket_notification: + state: present + event_name: on_file_add_or_remove + bucket_name: test-bucket + function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda + events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] + prefix: images/ + suffix: .jpg + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + +
KeyReturnedDescription
+
+ notification_configuration + +
+ list +
+ 		success +
list of currently applied notifications
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- XLAB d.o.o. (@xlab-si) +- Aljaz Kosir (@aljazkosir) +- Miha Plesko (@miha-plesko) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_lifecycle.rst b/docs/community.aws.s3_lifecycle.rst new file mode 100644 index 00000000000..9a65b8bf803 --- /dev/null +++ b/docs/community.aws.s3_lifecycle.rst @@ -0,0 +1,631 @@ + +.. _community.aws.s3_lifecycle_: + + +************************** +community.aws.s3_lifecycle +************************** + +**Manage s3 bucket lifecycle rules in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage s3 bucket lifecycle rules in AWS + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- python >= 2.6 +- python-dateutil + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ expiration_date + +
+ string +
+ 		+ + +
Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.
+
+
+ expiration_days + +
+ integer +
+ 		+ + +
Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the s3 bucket
+
+
+ noncurrent_version_expiration_days + +
+ integer +
+ 		+ + +
Delete noncurrent versions this many days after they become noncurrent
+
+
+ noncurrent_version_storage_class + +
+ string +
+ 		+
    Choices: +
  • glacier ←
    • +
  • onezone_ia
    • +
  • standard_ia
    • +
+ 		+ +
Transition noncurrent versions to this storage class
+
+
+ noncurrent_version_transition_days + +
+ integer +
+ 		+ + +
Transition noncurrent versions this many days after they become noncurrent
+
+
+ noncurrent_version_transitions + +
+ list +
+ 		+ + +
A list of transition behaviors to be applied to noncurrent versions for the rule. Each storage class may be used only once. Each transition behavior contains these elements + transition_days + storage_class
+
+
+ prefix + +
+ string +
+ 		+ + +
Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_transitions + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
"Whether to replace all the current transition(s) with the new transition(s). When false, the provided transition(s) will be added, replacing transitions with the same storage_class. When true, existing transitions will be removed and replaced with the new transition(s)
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ requester_pays + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+ +
The requester_pays option does nothing and will be removed in Ansible 2.14.
+
+
+ rule_id + +
+ string +
+ 		+ + +
Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or remove the lifecycle rule
+
+
+ status + +
+ string +
+ 		+
    Choices: +
  • enabled ←
    • +
  • disabled
    • +
+ 		+ +
If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
+
+
+ storage_class + +
+ string +
+ 		+
    Choices: +
  • glacier ←
    • +
  • onezone_ia
    • +
  • standard_ia
    • +
+ 		+ +
The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
+
The 'standard_ia' class is only being available from Ansible version 2.2.
+
+
+ transition_date + +
+ string +
+ 		+ + +
Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required."
+
+
+ transition_days + +
+ integer +
+ 		+ + +
Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
+
+
+ transitions + +
+ list +
+ 		+ + +
A list of transition behaviors to be applied to the rule. Each storage class may be used only once. Each transition behavior may contain these elements transition_days transition_date storage_class
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If specifying expiration time as days then transition time must also be specified in days + - If specifying expiration time as a date then transition time must also be specified as a date + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days + - s3_lifecycle: + name: mybucket + expiration_days: 30 + prefix: logs/ + status: enabled + state: present + + # Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days + - s3_lifecycle: + name: mybucket + transition_days: 7 + expiration_days: 90 + prefix: logs/ + status: enabled + state: present + + # Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. + # Note that midnight GMT must be specified. + # Be sure to quote your date strings + - s3_lifecycle: + name: mybucket + transition_date: "2020-12-30T00:00:00.000Z" + expiration_date: "2030-12-30T00:00:00.000Z" + prefix: logs/ + status: enabled + state: present + + # Disable the rule created above + - s3_lifecycle: + name: mybucket + prefix: logs/ + status: disabled + state: present + + # Delete the lifecycle rule created above + - s3_lifecycle: + name: mybucket + prefix: logs/ + state: absent + + # Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. + - s3_lifecycle: + name: mybucket + prefix: backups/ + storage_class: standard_ia + transition_days: 31 + state: present + status: enabled + + # Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 + - s3_lifecycle: + name: mybucket + prefix: logs/ + state: present + status: enabled + transitions: + - transition_days: 30 + storage_class: standard_ia + - transition_days: 90 + storage_class: glacier + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_logging.rst b/docs/community.aws.s3_logging.rst new file mode 100644 index 00000000000..2b166197801 --- /dev/null +++ b/docs/community.aws.s3_logging.rst @@ -0,0 +1,334 @@ + +.. _community.aws.s3_logging_: + + +************************ +community.aws.s3_logging +************************ + +**Manage logging facility of an s3 bucket in AWS** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage logging facility of an s3 bucket in AWS + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the s3 bucket.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Enable or disable logging.
+
+
+ target_bucket + +
+ string +
+ 		+ + +
The bucket to log to. Required when state=present.
+
+
+ target_prefix + +
+ string +
+ 		+ Default:
""
+ 		+ +
The prefix that should be prepended to the generated log files written to the target_bucket.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Enable logging of s3 bucket mywebsite.com to s3 bucket mylogs + s3_logging: + name: mywebsite.com + target_bucket: mylogs + target_prefix: logs/mywebsite.com + state: present + + - name: Remove logging on an s3 bucket + s3_logging: + name: mywebsite.com + state: absent + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_sync.rst b/docs/community.aws.s3_sync.rst new file mode 100644 index 00000000000..20c33e9b6b2 --- /dev/null +++ b/docs/community.aws.s3_sync.rst @@ -0,0 +1,622 @@ + +.. _community.aws.s3_sync_: + + +********************* +community.aws.s3_sync +********************* + +**Efficiently upload multiple files to S3** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The S3 module is great, but it is very slow for a large volume of files- even a dozen will be noticeable. In addition to speed, it handles globbing, inclusions/exclusions, mime types, expiration mapping, recursion, cache control and smart directory mapping. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 >= 1.4.4 +- botocore +- python >= 2.6 +- python-dateutil + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ bucket + +
+ string + / required
+ 		+ + +
Bucket name.
+
+
+ cache_control + +
+ string +
+ 		+ + +
Cache-Control header set on uploaded objects.
+
Directives are separated by commas.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delete + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Remove remote files that exist in bucket but are not present in the file root.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ exclude + +
+ string +
+ 		+ Default:
".*"
+ 		+ +
Shell pattern-style file matching.
+
Used after include to remove files (for instance, skip "*.txt")
+
For multiple patterns, comma-separate them.
+
+
+ file_change_strategy + +
+ string +
+ 		+
    Choices: +
  • force
    • +
  • checksum
    • +
  • date_size ←
    • +
+ 		+ +
Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.
+
date_size will upload if file sizes don't match or if local file modified date is newer than s3's version
+
checksum will compare etag values based on s3's implementation of chunked md5s.
+
force will always upload all files.
+
+
+ file_root + +
+ path + / required
+ 		+ + +
File/directory path for synchronization. This is a local path.
+
This root path is scrubbed from the key name, so subdirectories will remain as keys.
+
+
+ include + +
+ string +
+ 		+ Default:
"*"
+ 		+ +
Shell pattern-style file matching.
+
Used before exclude to determine eligible files (for instance, only "*.gif")
+
For multiple patterns, comma-separate them.
+
+
+ key_prefix + +
+ string +
+ 		+ + +
In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
+
+
+ mime_map + +
+ dictionary +
+ 		+ + +
Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example {".txt": "application/text", ".yml": "application/text"}
+
+
+ mode + +
+ string +
+ 		+
    Choices: +
  • push ←
    • +
+ 		+ +
sync direction.
+
+
+ permission + +
+ string +
+ 		+
    Choices: +
  • private
    • +
  • public-read
    • +
  • public-read-write
    • +
  • authenticated-read
    • +
  • aws-exec-read
    • +
  • bucket-owner-read
    • +
  • bucket-owner-full-control
    • +
+ 		+ +
Canned ACL to apply to synced files.
+
Changing this ACL only changes newly synced files, it does not trigger a full reupload.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ retries + +
+ string +
+ 		+ + +
The retries option does nothing and will be removed in Ansible 2.14.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: basic upload + s3_sync: + bucket: tedder + file_root: roles/s3/files/ + + - name: all the options + s3_sync: + bucket: tedder + file_root: roles/s3/files + mime_map: + .yml: application/text + .json: application/text + key_prefix: config_files/web + file_change_strategy: force + permission: public-read + cache_control: "public, max-age=31536000" + include: "*" + exclude: "*.txt,.*" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ filelist_actionable + +
+ list +
+ 		always +
file listing (dicts) of files that will be uploaded after the strategy decision
+
+
Sample:
+
[{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477931256, 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931256 / 1477929260'}]
+
+
+ filelist_initial + +
+ list +
+ 		always +
file listing (dicts) from initial globbing
+
+
Sample:
+
[{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'modified_epoch': 1477416706}]
+
+
+ filelist_local_etag + +
+ list +
+ 		always +
file listing (dicts) including calculated local etag
+
+
Sample:
+
[{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
+
+
+ filelist_s3 + +
+ list +
+ 		always +
file listing (dicts) including information about previously-uploaded versions
+
+
Sample:
+
[{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
+
+
+ filelist_typed + +
+ list +
+ 		always +
file listing (dicts) with calculated or overridden mime types
+
+
Sample:
+
[{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706}]
+
+
+ uploaded + +
+ list +
+ 		always +
file listing (dicts) of files that were actually uploaded
+
+
Sample:
+
[{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931637 / 1477931489'}]
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Ted Timmons (@tedder) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_website.rst b/docs/community.aws.s3_website.rst new file mode 100644 index 00000000000..c462eab5318 --- /dev/null +++ b/docs/community.aws.s3_website.rst @@ -0,0 +1,672 @@ + +.. _community.aws.s3_website_: + + +************************ +community.aws.s3_website +************************ + +**Configure an s3 bucket as a website** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Configure an s3 bucket as a website + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ error_key + +
+ string +
+ 		+ + +
The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the s3 bucket
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ redirect_all_requests + +
+ string +
+ 		+ + +
Describes the redirect behavior for every request to this s3 bucket website endpoint
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string + / required
+ 		+
    Choices: +
  • present
    • +
  • absent
    • +
+ 		+ +
Add or remove s3 website configuration
+
+
+ suffix + +
+ string +
+ 		+ Default:
"index.html"
+ 		+ +
Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Configure an s3 bucket to redirect all requests to example.com + - s3_website: + name: mybucket.com + redirect_all_requests: example.com + state: present + + # Remove website configuration from an s3 bucket + - s3_website: + name: mybucket.com + state: absent + + # Configure an s3 bucket as a website with index and error pages + - s3_website: + name: mybucket.com + suffix: home.htm + error_key: errors/404.htm + state: present + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ error_document + +
+ complex +
+ 		always +
error document
+
+
  +
+ key + +
+ string +
+ 		when error_document parameter set +
object key name to use when a 4XX class error occurs
+
+
Sample:
+
error.html
+
+
+ index_document + +
+ complex +
+ 		always +
index document
+
+
  +
+ suffix + +
+ string +
+ 		success +
suffix that is appended to a request that is for a directory on the website endpoint
+
+
Sample:
+
index.html
+
+
+ redirect_all_requests_to + +
+ complex +
+ 		always +
where to redirect requests
+
+
  +
+ host_name + +
+ string +
+ 		when redirect all requests parameter set +
name of the host where requests will be redirected.
+
+
Sample:
+
ansible.com
+
  +
+ protocol + +
+ string +
+ 		when redirect all requests parameter set +
protocol to use when redirecting requests.
+
+
Sample:
+
https
+
+
+ routing_rules + +
+ list +
+ 		always +
routing rules
+
+
  +
+ condition + +
+ complex +
+ 		+
A container for describing a condition that must be met for the specified redirect to apply.
+
+
   +
+ http_error_code_returned_equals + +
+ string +
+ 		always +
The HTTP error code when the redirect is applied.
+
+
   +
+ key_prefix_equals + +
+ string +
+ 		when routing rule present +
object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html
+
+
Sample:
+
docs/
+
  +
+ redirect + +
+ complex +
+ 		always +
Container for redirect information.
+
+
   +
+ host_name + +
+ string +
+ 		when host name set as part of redirect rule +
name of the host where requests will be redirected.
+
+
Sample:
+
ansible.com
+
   +
+ http_redirect_code + +
+ string +
+ 		when routing rule present +
The HTTP redirect code to use on the response.
+
+
   +
+ protocol + +
+ string +
+ 		when routing rule present +
Protocol to use when redirecting requests.
+
+
Sample:
+
http
+
   +
+ replace_key_prefix_with + +
+ string +
+ 		when routing rule present +
object key prefix to use in the redirect request
+
+
Sample:
+
documents/
+
   +
+ replace_key_with + +
+ string +
+ 		when routing rule present +
object key prefix to use in the redirect request
+
+
Sample:
+
documents/
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sns.rst b/docs/community.aws.sns.rst new file mode 100644 index 00000000000..58481f03c7a --- /dev/null +++ b/docs/community.aws.sns.rst @@ -0,0 +1,555 @@ + +.. _community.aws.sns_: + + +***************** +community.aws.sns +***************** + +**Send Amazon Simple Notification Service messages** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Sends a notification to a topic on your Amazon SNS account. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ application + +
+ string +
+ 		+ + +
Message to send to application subscriptions.
+
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ email + +
+ string +
+ 		+ + +
Message to send to email subscriptions.
+
+
+ email_json + +
+ string +
+ 		+ + +
Message to send to email-json subscriptions.
+
+
+ http + +
+ string +
+ 		+ + +
Message to send to HTTP subscriptions.
+
+
+ https + +
+ string +
+ 		+ + +
Message to send to HTTPS subscriptions.
+
+
+ lambda + +
+ string +
+ 		+ + +
Message to send to Lambda subscriptions.
+
+
+ message_attributes + +
+ dictionary +
+ 		+ + +
Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
+
This is in AWS's distinct Name/Type/Value format; see example below.
+
+
+ message_structure + +
+ string +
+ 		+
    Choices: +
  • json ←
    • +
  • string
    • +
+ 		+ +
The payload format to use for the message.
+
This must be 'json' to support protocol-specific messages (http, https, email, sms, sqs).
+
It must be 'string' to support message_attributes.
+
+
+ msg + +
+ string + / required
+ 		+ + +
Default message for subscriptions without a more specific message.
+

aliases: default
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ sms + +
+ string +
+ 		+ + +
Message to send to SMS subscriptions.
+
+
+ sqs + +
+ string +
+ 		+ + +
Message to send to SQS subscriptions.
+
+
+ subject + +
+ string +
+ 		+ + +
Message subject
+
+
+ topic + +
+ string + / required
+ 		+ + +
The name or ARN of the topic to publish to.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Send default notification message via SNS + sns: + msg: '{{ inventory_hostname }} has completed the play.' + subject: Deploy complete! + topic: deploy + delegate_to: localhost + + - name: Send notification messages via SNS with short message for SMS + sns: + msg: '{{ inventory_hostname }} has completed the play.' + sms: deployed! + subject: Deploy complete! + topic: deploy + delegate_to: localhost + + - name: Send message with message_attributes + sns: + topic: "deploy" + msg: "message with extra details!" + message_attributes: + channel: + data_type: String + string_value: "mychannel" + color: + data_type: String + string_value: "green" + delegate_to: localhost + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ message_id + +
+ string +
+ 		when success +
The message ID of the submitted message
+
+
Sample:
+
2f681ef0-6d76-5c94-99b2-4ae3996ce57b
+
+
+ msg + +
+ string +
+ 		always +
Human-readable diagnostic information
+
+
Sample:
+
OK
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Michael J. Schultz (@mjschultz) +- Paul Arthur (@flowerysong) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sns_topic.rst b/docs/community.aws.sns_topic.rst new file mode 100644 index 00000000000..fb3aaac7c34 --- /dev/null +++ b/docs/community.aws.sns_topic.rst @@ -0,0 +1,812 @@ + +.. _community.aws.sns_topic_: + + +*********************** +community.aws.sns_topic +*********************** + +**Manages AWS SNS topics and subscriptions** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The :ref:`sns_topic ` module allows you to create, delete, and manage subscriptions for AWS SNS topics. +- As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delivery_policy + +
+ dictionary +
+ 		+ + +
Delivery policy to apply to the SNS topic.
+
+
+ display_name + +
+ string +
+ 		+ + +
Display name of the topic.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ name + +
+ string + / required
+ 		+ + +
The name or ARN of the SNS topic to manage.
+
+
+ policy + +
+ dictionary +
+ 		+ + +
Policy to apply to the SNS topic.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_subscriptions + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • absent
    • +
  • present ←
    • +
+ 		+ +
Whether to create or destroy an SNS topic.
+
+
+ subscriptions + +
+ list + / elements=dictionary
+ 		+ Default:
[]
+ 		+ +
List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
+
+
+ endpoint + +
+ - + / required
+ 		+ + +
Endpoint of subscription.
+
+
+ protocol + +
+ - + / required
+ 		+ + +
Protocol of subscription.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: Create alarm SNS topic + sns_topic: + name: "alarms" + state: present + display_name: "alarm SNS topic" + delivery_policy: + http: + defaultHealthyRetryPolicy: + minDelayTarget: 2 + maxDelayTarget: 4 + numRetries: 3 + numMaxDelayRetries: 5 + backoffFunction: "" + disableSubscriptionOverrides: True + defaultThrottlePolicy: + maxReceivesPerSecond: 10 + subscriptions: + - endpoint: "my_email_address@example.com" + protocol: "email" + - endpoint: "my_mobile_number" + protocol: "sms" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ sns_arn + +
+ string +
+ 		always +
The ARN of the topic you are modifying
+
+
Sample:
+
arn:aws:sns:us-east-2:111111111111:my_topic_name
+
+
+ sns_topic + +
+ complex +
+ 		always +
Dict of sns topic details
+
+
  +
+ attributes_set + +
+ list +
+ 		always +
list of attributes set during this run
+
+
  +
+ check_mode + +
+ boolean +
+ 		always +
whether check mode was on
+
+
  +
+ delivery_policy + +
+ string +
+ 		when topic is owned by this AWS account +
Delivery policy for the SNS topic
+
+
Sample:
+
{"http":{"defaultHealthyRetryPolicy":{"minDelayTarget":20,"maxDelayTarget":20,"numRetries":3,"numMaxDelayRetries":0, "numNoDelayRetries":0,"numMinDelayRetries":0,"backoffFunction":"linear"},"disableSubscriptionOverrides":false}}
+
  +
+ display_name + +
+ string +
+ 		when topic is owned by this AWS account +
Display name for SNS topic
+
+
Sample:
+
My topic name
+
  +
+ name + +
+ string +
+ 		always +
Topic name
+
+
Sample:
+
ansible-test-dummy-topic
+
  +
+ owner + +
+ string +
+ 		when topic is owned by this AWS account +
AWS account that owns the topic
+
+
Sample:
+
111111111111
+
  +
+ policy + +
+ string +
+ 		when topic is owned by this AWS account +
Policy for the SNS topic
+
+
Sample:
+
{"Version":"2012-10-17","Id":"SomePolicyId","Statement":[{"Sid":"ANewSid","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111111111111:root"}, "Action":"sns:Subscribe","Resource":"arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic","Condition":{"StringEquals":{"sns:Protocol":"email"}}}]}
+
  +
+ state + +
+ string +
+ 		always +
whether the topic is present or absent
+
+
Sample:
+
present
+
  +
+ subscriptions + +
+ list +
+ 		always +
List of subscribers to the topic in this AWS account
+
+
  +
+ subscriptions_added + +
+ list +
+ 		always +
List of subscribers added in this run
+
+
  +
+ subscriptions_confirmed + +
+ string +
+ 		when topic is owned by this AWS account +
Count of confirmed subscriptions
+
+
Sample:
+
0
+
  +
+ subscriptions_deleted + +
+ string +
+ 		when topic is owned by this AWS account +
Count of deleted subscriptions
+
+
Sample:
+
0
+
  +
+ subscriptions_existing + +
+ list +
+ 		always +
List of existing subscriptions
+
+
  +
+ subscriptions_new + +
+ list +
+ 		always +
List of new subscriptions
+
+
  +
+ subscriptions_pending + +
+ string +
+ 		when topic is owned by this AWS account +
Count of pending subscriptions
+
+
Sample:
+
0
+
  +
+ subscriptions_purge + +
+ boolean +
+ 		always +
Whether or not purge_subscriptions was set
+
+
Sample:
+
True
+
  +
+ topic_arn + +
+ string +
+ 		when topic is owned by this AWS account +
ARN of the SNS topic (equivalent to sns_arn)
+
+
Sample:
+
arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic
+
  +
+ topic_created + +
+ boolean +
+ 		always +
Whether the topic was created
+
+
  +
+ topic_deleted + +
+ boolean +
+ 		always +
Whether the topic was deleted
+
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Joel Thompson (@joelthompson) +- Fernando Jose Pando (@nand0p) +- Will Thames (@willthames) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sqs_queue.rst b/docs/community.aws.sqs_queue.rst new file mode 100644 index 00000000000..3f968332221 --- /dev/null +++ b/docs/community.aws.sqs_queue.rst @@ -0,0 +1,807 @@ + +.. _community.aws.sqs_queue_: + + +*********************** +community.aws.sqs_queue +*********************** + +**Creates or deletes AWS SQS queues.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete AWS SQS queues. +- Update attributes on existing queues. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ content_based_deduplication + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Enables content-based deduplication. Used for FIFOs only.
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ delay_seconds + +
+ integer +
+ 		+ + +
The delivery delay in seconds.
+

aliases: delivery_delay
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ kms_data_key_reuse_period_seconds + +
+ integer +
+ 		+ + +
The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
+

aliases: kms_data_key_reuse_period
+
+
+ kms_master_key_id + +
+ string +
+ 		+ + +
The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
+
+
+ maximum_message_size + +
+ integer +
+ 		+ + +
The maximum message size in bytes.
+
+
+ message_retention_period + +
+ integer +
+ 		+ + +
The message retention period in seconds.
+
+
+ name + +
+ string + / required
+ 		+ + +
Name of the queue.
+
+
+ policy + +
+ dictionary +
+ 		+ + +
The JSON dict policy to attach to queue.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ purge_tags + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Remove tags not listed in tags.
+
+
+ queue_type + +
+ string +
+ 		+
    Choices: +
  • standard ←
    • +
  • fifo
    • +
+ 		+ +
Standard or FIFO queue.
+
queue_type can only be set at queue creation and will otherwise be ignored.
+
+
+ receive_message_wait_time_seconds + +
+ integer +
+ 		+ + +
The receive message wait time in seconds.
+

aliases: receive_message_wait_time
+
+
+ redrive_policy + +
+ dictionary +
+ 		+ + +
JSON dict with the redrive_policy (see example).
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • present ←
    • +
  • absent
    • +
+ 		+ +
Create or delete the queue.
+
+
+ tags + +
+ dictionary +
+ 		+ + +
Tag dict to apply to the queue (requires botocore 1.5.40 or above).
+
To remove all tags set tags={} and purge_tags=true.
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ visibility_timeout + +
+ integer +
+ 		+ + +
The default visibility timeout in seconds.
+

aliases: default_visibility_timeout
+
+
+ + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create SQS queue with redrive policy + - sqs_queue: + name: my-queue + region: ap-southeast-2 + default_visibility_timeout: 120 + message_retention_period: 86400 + maximum_message_size: 1024 + delivery_delay: 30 + receive_message_wait_time: 20 + policy: "{{ json_dict }}" + redrive_policy: + maxReceiveCount: 5 + deadLetterTargetArn: arn:aws:sqs:eu-west-1:123456789012:my-dead-queue + + # Drop redrive policy + - sqs_queue: + name: my-queue + region: ap-southeast-2 + redrive_policy: {} + + # Create FIFO queue + - sqs_queue: + name: fifo-queue + region: ap-southeast-2 + queue_type: fifo + content_based_deduplication: yes + + # Tag queue + - sqs_queue: + name: fifo-queue + region: ap-southeast-2 + tags: + example: SomeValue + + # Configure Encryption, automatically uses a new data key every hour + - sqs_queue: + name: fifo-queue + region: ap-southeast-2 + kms_master_key_id: alias/MyQueueKey + kms_data_key_reuse_period_seconds: 3600 + + # Delete SQS queue + - sqs_queue: + name: my-queue + region: ap-southeast-2 + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ content_based_deduplication + +
+ boolean +
+ 		always +
Enables content-based deduplication. Used for FIFOs only.
+
+
Sample:
+
True
+
+
+ delay_seconds + +
+ integer +
+ 		always +
The delivery delay in seconds.
+
+
+
+ kms_data_key_reuse_period_seconds + +
+ integer +
+ 		always +
The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
+
+
Sample:
+
300
+
+
+ kms_master_key_id + +
+ string +
+ 		always +
The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
+
+
Sample:
+
alias/MyAlias
+
+
+ maximum_message_size + +
+ integer +
+ 		always +
The maximum message size in bytes.
+
+
Sample:
+
262144
+
+
+ message_retention_period + +
+ integer +
+ 		always +
The message retention period in seconds.
+
+
Sample:
+
345600
+
+
+ name + +
+ string +
+ 		always +
Name of the SQS Queue
+
+
Sample:
+
queuename-987d2de0
+
+
+ queue_arn + +
+ string +
+ 		on success +
The queue's Amazon resource name (ARN).
+
+
Sample:
+
arn:aws:sqs:us-east-1:199999999999:queuename-987d2de0
+
+
+ queue_url + +
+ string +
+ 		on success +
URL to access the queue
+
+
Sample:
+
https://queue.amazonaws.com/123456789012/MyQueue
+
+
+ receive_message_wait_time_seconds + +
+ integer +
+ 		always +
The receive message wait time in seconds.
+
+
+
+ region + +
+ string +
+ 		always +
Region that the queue was created within
+
+
Sample:
+
us-east-1
+
+
+ tags + +
+ dictionary +
+ 		always +
List of queue tags
+
+
Sample:
+
{"Env": "prod"}
+
+
+ visibility_timeout + +
+ integer +
+ 		always +
The default visibility timeout in seconds.
+
+
Sample:
+
30
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Alan Loi (@loia) +- Fernando Jose Pando (@nand0p) +- Nadir Lloret (@nadirollo) +- Dennis Podkovyrin (@sbj-ss) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sts_assume_role.rst b/docs/community.aws.sts_assume_role.rst new file mode 100644 index 00000000000..1c63e2f4b8a --- /dev/null +++ b/docs/community.aws.sts_assume_role.rst @@ -0,0 +1,454 @@ + +.. _community.aws.sts_assume_role_: + + +***************************** +community.aws.sts_assume_role +***************************** + +**Assume a role using AWS Security Token Service and obtain temporary credentials** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Assume a role using AWS Security Token Service and obtain temporary credentials. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ duration_seconds + +
+ integer +
+ 		+ + +
The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
+
The max depends on the IAM role's sessions duration setting.
+
By default, the value is set to 3600 seconds.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ external_id + +
+ string +
+ 		+ + +
A unique identifier that is used by third parties to assume a role in their customers' accounts.
+
+
+ mfa_serial_number + +
+ string +
+ 		+ + +
The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
+
+
+ mfa_token + +
+ string +
+ 		+ + +
The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
+
+
+ policy + +
+ string +
+ 		+ + +
Supplemental policy to use in addition to assumed role's policies.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ role_arn + +
+ string + / required
+ 		+ + +
The Amazon Resource Name (ARN) of the role that the caller is assuming https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs.
+
+
+ role_session_name + +
+ string + / required
+ 		+ + +
Name of the role's session - will be used by CloudTrail.
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) + - sts_assume_role: + role_arn: "arn:aws:iam::123456789012:role/someRole" + role_session_name: "someRoleSession" + register: assumed_role + + # Use the assumed role above to tag an instance in account 123456789012 + - ec2_tag: + aws_access_key: "{{ assumed_role.sts_creds.access_key }}" + aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}" + security_token: "{{ assumed_role.sts_creds.session_token }}" + resource: i-xyzxyz01 + state: present + tags: + MyNewTag: value + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
True if obtaining the credentials succeeds
+
+
+
+ sts_creds + +
+ dictionary +
+ 		always +
The temporary security credentials, which include an access key ID, a secret access key, and a security (or session) token
+
+
Sample:
+
{'access_key': 'XXXXXXXXXXXXXXXXXXXX', 'expiration': '2017-11-11T11:11:11+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
+
+
+ sts_user + +
+ dictionary +
+ 		always +
The Amazon Resource Name (ARN) and the assumed role ID
+
+
Sample:
+
{'assumed_role_id': 'arn:aws:sts::123456789012:assumed-role/demo/Bob', 'arn': 'ARO123EXAMPLE123:Bob'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Boris Ekelchik (@bekelchik) +- Marek Piatek (@piontas) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sts_session_token.rst b/docs/community.aws.sts_session_token.rst new file mode 100644 index 00000000000..2ef04ffa0ec --- /dev/null +++ b/docs/community.aws.sts_session_token.rst @@ -0,0 +1,365 @@ + +.. _community.aws.sts_session_token_: + + +******************************* +community.aws.sts_session_token +******************************* + +**Obtain a session token from the AWS Security Token Service** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Obtain a session token from the AWS Security Token Service. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this . + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsConfigurationComments
+
+ aws_access_key + +
+ string +
+ 		+ + +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
+

aliases: ec2_access_key, access_key
+
+
+ aws_config + +
+ dictionary +
+ 		+ + +
A dictionary to modify the botocore configuration.
+ +
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
+
+
+ aws_secret_key + +
+ string +
+ 		+ + +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
+

aliases: ec2_secret_key, secret_key
+
+
+ debug_botocore_endpoint_logs + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+ +
Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
+
+
+ duration_seconds + +
+ integer +
+ 		+ + +
The duration, in seconds, of the session token. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
+
+
+ ec2_url + +
+ string +
+ 		+ + +
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
+
+
+ mfa_serial_number + +
+ string +
+ 		+ + +
The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
+
+
+ mfa_token + +
+ string +
+ 		+ + +
The value provided by the MFA device, if the trust policy of the user requires MFA.
+
+
+ profile + +
+ string +
+ 		+ + +
Uses a boto profile. Only works with boto >= 2.24.0.
+
+
+ region + +
+ string +
+ 		+ + +
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
+

aliases: aws_region, ec2_region
+
+
+ security_token + +
+ string +
+ 		+ + +
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
+

aliases: access_token
+
+
+ validate_certs + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes ←
    • +
+ 		+ +
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
+
+
+ + +Notes +----- + +.. note:: + - In order to use the session token in a following playbook task you must pass the *access_key*, *access_secret* and *access_token*. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Get a session token (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) + sts_session_token: + duration_seconds: 3600 + register: session_credentials + + # Use the session token obtained above to tag an instance in account 123456789012 + ec2_tag: + aws_access_key: "{{ session_credentials.sts_creds.access_key }}" + aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" + security_token: "{{ session_credentials.sts_creds.session_token }}" + resource: i-xyzxyz01 + state: present + tags: + MyNewTag: value + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this : + +.. raw:: html + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ changed + +
+ boolean +
+ 		always +
True if obtaining the credentials succeeds
+
+
+
+ sts_creds + +
+ list +
+ 		always +
The Credentials object returned by the AWS Security Token Service
+
+
Sample:
+
{'access_key': 'ASXXXXXXXXXXXXXXXXXX', 'expiration': '2016-04-08T11:59:47+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Victor Costan (@pwnall) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. From 1861e88e9ea6a95852d6a7937d30eb378716c986 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 2 Jun 2020 11:39:48 -0700 Subject: [PATCH 010/129] Disable unit tests affected by botocore #2002 on py3.9 (#83) * Disable unit tests affected by botocore #2002 on py3.9 * ci_complete --- shippable.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/shippable.yml b/shippable.yml index 24f3ff76cff..53e37c78d70 100644 --- a/shippable.yml +++ b/shippable.yml @@ -14,7 +14,8 @@ matrix: - env: T=units/3.6/1 - env: T=units/3.7/1 - env: T=units/3.8/1 - - env: T=units/3.9/1 +# Until boto/botocore#2002 is fixed +# - env: T=units/3.9/1 - env: T=aws/2.7/1 - env: T=aws/3.7/1 From 39825901337484701cd3e52b63cfa653c9df2818 Mon Sep 17 00:00:00 2001 From: Tyler Schwend Date: Tue, 2 Jun 2020 14:59:29 -0400 Subject: [PATCH 011/129] fix: don't create aws_kms keys when in check mode (#30) * fix: don't create aws_kms keys when in check mode https://github.com/ansible/ansible/issues/68019 * fix: ftests for kms check mode * style: avoid the big block * lint: bad space * fix: be sure to pass changed in result * style: replace newlines * fix: ftest ensure that check mode returned `changed` * fix: bomb out early Co-authored-by: Tyler Schwend --- plugins/modules/aws_kms.py | 6 +++- .../targets/aws_kms/tasks/main.yml | 34 +++++++++++++++++++ 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index 577ec365d5c..6da965d4b99 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -824,6 +824,10 @@ def create_key(connection, module): Tags=ansible_dict_to_boto3_tag_list(module.params['tags'], tag_name_key_name='TagKey', tag_value_key_name='TagValue'), KeyUsage='ENCRYPT_DECRYPT', Origin='AWS_KMS') + + if module.check_mode: + return {'changed': True} + if module.params.get('description'): params['Description'] = module.params['description'] if module.params.get('policy'): @@ -833,8 +837,8 @@ def create_key(connection, module): result = connection.create_key(**params)['KeyMetadata'] except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to create initial key") - key = get_key_details(connection, module, result['KeyId']) + key = get_key_details(connection, module, result['KeyId']) update_alias(connection, module, key, module.params['alias']) update_key_rotation(connection, module, key, module.params.get('enable_key_rotation')) diff --git a/tests/integration/targets/aws_kms/tasks/main.yml b/tests/integration/targets/aws_kms/tasks/main.yml index d8408b95e9b..14ecde0a954 100644 --- a/tests/integration/targets/aws_kms/tasks/main.yml +++ b/tests/integration/targets/aws_kms/tasks/main.yml @@ -32,6 +32,28 @@ filters: alias: "{{ resource_prefix }}-kms" + - name: create a key in check mode + check_mode: yes + aws_kms: + alias: "{{ resource_prefix }}-kms-check" + tags: + Hello: World + state: present + enabled: yes + register: create_kms_check + + - name: find facts about the check mode key + aws_kms_info: + filters: + alias: "{{ resource_prefix }}-kms-check" + register: check_key + + - name: ensure that check mode worked as expected + assert: + that: + - check_key["keys"]|length == 0 + - create_kms_check is changed + - name: create a key aws_kms: alias: "{{ resource_prefix }}-kms" @@ -65,6 +87,17 @@ - create_kms.tags['Hello'] == 'World' - create_kms.enable_key_rotation == true + - name: delete the key in check mode + check_mode: yes + aws_kms: + alias: "{{ resource_prefix }}-kms" + state: absent + register: delete_kms_check + + - assert: + that: + - delete_kms_check is changed + - name: find facts about the key aws_kms_info: filters: @@ -76,6 +109,7 @@ that: - new_key["keys"]|length == 1 - new_key["keys"][0]["enable_key_rotation"] == true + - new_key["keys"][0]["key_state"] != PendingDeletion - name: Update Policy on key to match AWS Console generate policy aws_kms: From eb3c5f12d54cf98d8b3ad6610e5d4f22b5646c5c Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 9 Jun 2020 09:52:13 -0700 Subject: [PATCH 012/129] Draft README (#54) * Draft README * Add requirements.yml example without a version specified --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 392996356f9..d1e211fb927 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,6 @@ The Ansible Community AWS collection includes a variety of Ansible content to help automate the management of AWS instances. This collection is maintained by the Ansible community. ## Included content - ## Connection plugins Name | Description @@ -200,6 +199,7 @@ You can also include it in a `requirements.yml` file and install it with `ansibl --- collections: - name: community.aws + ``` A specific version of the collection can be installed by using the `version` keyword in the `requirements.yml` file: @@ -263,4 +263,4 @@ See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/commun GNU General Public License v3.0 or later. -See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. \ No newline at end of file +See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. From bfd470d0b780e580d8bfa91e5c7a818146c7b327 Mon Sep 17 00:00:00 2001 From: Sloane Hertel Date: Wed, 10 Jun 2020 15:07:16 -0400 Subject: [PATCH 013/129] Rename meta/routing.yml -> meta/runtime.yml (#84) Add action_groups field to meta/runtime.yml and remove meta/action_groups.yml --- meta/action_groups.yml | 215 ----------------------------- meta/{routing.yml => runtime.yml} | 217 ++++++++++++++++++++++++++++++ 2 files changed, 217 insertions(+), 215 deletions(-) delete mode 100644 meta/action_groups.yml rename meta/{routing.yml => runtime.yml} (52%) diff --git a/meta/action_groups.yml b/meta/action_groups.yml deleted file mode 100644 index 263ce2686a3..00000000000 --- a/meta/action_groups.yml +++ /dev/null @@ -1,215 +0,0 @@ -aws: -- ec2 -- rds -- route53 -- ec2 -- ec2 -- aws_acm_facts -- aws_kms_facts -- aws_region_facts -- aws_s3_bucket_facts -- aws_sgw_facts -- aws_waf_facts -- cloudfront_facts -- cloudwatchlogs_log_group_facts -- ec2_asg_facts -- ec2_customer_gateway_facts -- ec2_instance_facts -- ec2_eip_facts -- ec2_elb_facts -- ec2_lc_facts -- ec2_placement_group_facts -- ec2_vpc_endpoint_facts -- ec2_vpc_igw_facts -- ec2_vpc_nacl_facts -- ec2_vpc_nat_gateway_facts -- ec2_vpc_peering_facts -- ec2_vpc_route_table_facts -- ec2_vpc_vgw_facts -- ec2_vpc_vpn_facts -- ecs_service_facts -- ecs_taskdefinition_facts -- efs_facts -- elasticache_facts -- elb_application_lb_facts -- elb_classic_lb_facts -- elb_target_facts -- elb_target_group_facts -- iam_mfa_device_facts -- iam_role_facts -- iam_server_certificate_facts -- lambda_facts -- rds_instance_facts -- rds_snapshot_facts -- redshift_facts -- route53_facts -- aws_acm -- aws_acm_info -- aws_api_gateway -- aws_application_scaling_policy -- aws_batch_compute_environment -- aws_batch_job_definition -- aws_batch_job_queue -- aws_codebuild -- aws_codecommit -- aws_codepipeline -- aws_config_aggregation_authorization -- aws_config_aggregator -- aws_config_delivery_channel -- aws_config_recorder -- aws_config_rule -- aws_direct_connect_connection -- aws_direct_connect_gateway -- aws_direct_connect_link_aggregation_group -- aws_direct_connect_virtual_interface -- aws_eks_cluster -- aws_elasticbeanstalk_app -- aws_glue_connection -- aws_glue_job -- aws_inspector_target -- aws_kms -- aws_kms_info -- aws_region_info -- aws_s3_bucket_info -- aws_s3_cors -- aws_secret -- aws_ses_identity -- aws_ses_identity_policy -- aws_ses_rule_set -- aws_sgw_info -- aws_ssm_parameter_store -- aws_step_functions_state_machine -- aws_step_functions_state_machine_execution -- aws_waf_condition -- aws_waf_info -- aws_waf_rule -- aws_waf_web_acl -- cloudformation_stack_set -- cloudformation_exports_info -- cloudfront_distribution -- cloudfront_info -- cloudfront_invalidation -- cloudfront_origin_access_identity -- cloudtrail -- cloudwatchevent_rule -- cloudwatchlogs_log_group -- cloudwatchlogs_log_group_info -- cloudwatchlogs_log_group_metric_filter -- data_pipeline -- dms_endpoint -- dms_replication_subnet_group -- dynamodb_table -- dynamodb_ttl -- ec2_ami_copy -- ec2_asg -- ec2_asg_info -- ec2_asg_lifecycle_hook -- ec2_customer_gateway -- ec2_customer_gateway_info -- ec2_eip -- ec2_eip_info -- ec2_elb -- ec2_elb_info -- ec2_instance -- ec2_instance_info -- ec2_launch_template -- ec2_lc -- ec2_lc_find -- ec2_lc_info -- ec2_metric_alarm -- ec2_placement_group -- ec2_placement_group_info -- ec2_scaling_policy -- ec2_snapshot_copy -- ec2_transit_gateway -- ec2_transit_gateway_info -- ec2_vpc_egress_igw -- ec2_vpc_endpoint -- ec2_vpc_endpoint_info -- ec2_vpc_igw -- ec2_vpc_igw_info -- ec2_vpc_nacl -- ec2_vpc_nacl_info -- ec2_vpc_nat_gateway -- ec2_vpc_nat_gateway_info -- ec2_vpc_peer -- ec2_vpc_peering_info -- ec2_vpc_route_table -- ec2_vpc_route_table_info -- ec2_vpc_vgw -- ec2_vpc_vgw_info -- ec2_vpc_vpn -- ec2_vpc_vpn_info -- ec2_win_password -- ecs_attribute -- ecs_cluster -- ecs_ecr -- ecs_service -- ecs_service_info -- ecs_tag -- ecs_task -- ecs_taskdefinition -- ecs_taskdefinition_info -- efs -- efs_info -- elasticache -- elasticache_info -- elasticache_parameter_group -- elasticache_snapshot -- elasticache_subnet_group -- elb_application_lb -- elb_application_lb_info -- elb_classic_lb -- elb_classic_lb_info -- elb_instance -- elb_network_lb -- elb_target -- elb_target_group -- elb_target_group_info -- elb_target_info -- execute_lambda -- iam -- iam_cert -- iam_group -- iam_managed_policy -- iam_mfa_device_info -- iam_password_policy -- iam_policy -- iam_policy_info -- iam_role -- iam_role_info -- iam_saml_federation -- iam_server_certificate_info -- iam_user -- iam_user_info -- kinesis_stream -- lambda -- lambda_alias -- lambda_event -- lambda_info -- lambda_policy -- lightsail -- rds -- rds_instance -- rds_instance_info -- rds_param_group -- rds_snapshot_info -- rds_subnet_group -- redshift -- redshift_cross_region_snapshots -- redshift_info -- redshift_subnet_group -- route53 -- route53_health_check -- route53_info -- route53_zone -- s3_bucket_notification -- s3_lifecycle -- s3_logging -- s3_sync -- s3_website -- sns -- sns_topic -- sqs_queue -- sts_assume_role -- sts_session_token diff --git a/meta/routing.yml b/meta/runtime.yml similarity index 52% rename from meta/routing.yml rename to meta/runtime.yml index acbed741ee0..e4c61873d66 100644 --- a/meta/routing.yml +++ b/meta/runtime.yml @@ -1,3 +1,220 @@ +action_groups: + aws: + - ec2 + - rds + - route53 + - ec2 + - ec2 + - aws_acm_facts + - aws_kms_facts + - aws_region_facts + - aws_s3_bucket_facts + - aws_sgw_facts + - aws_waf_facts + - cloudfront_facts + - cloudwatchlogs_log_group_facts + - ec2_asg_facts + - ec2_customer_gateway_facts + - ec2_instance_facts + - ec2_eip_facts + - ec2_elb_facts + - ec2_lc_facts + - ec2_placement_group_facts + - ec2_vpc_endpoint_facts + - ec2_vpc_igw_facts + - ec2_vpc_nacl_facts + - ec2_vpc_nat_gateway_facts + - ec2_vpc_peering_facts + - ec2_vpc_route_table_facts + - ec2_vpc_vgw_facts + - ec2_vpc_vpn_facts + - ecs_service_facts + - ecs_taskdefinition_facts + - efs_facts + - elasticache_facts + - elb_application_lb_facts + - elb_classic_lb_facts + - elb_target_facts + - elb_target_group_facts + - iam_mfa_device_facts + - iam_role_facts + - iam_server_certificate_facts + - lambda_facts + - rds_instance_facts + - rds_snapshot_facts + - redshift_facts + - route53_facts + - aws_acm + - aws_acm_info + - aws_api_gateway + - aws_application_scaling_policy + - aws_batch_compute_environment + - aws_batch_job_definition + - aws_batch_job_queue + - aws_codebuild + - aws_codecommit + - aws_codepipeline + - aws_config_aggregation_authorization + - aws_config_aggregator + - aws_config_delivery_channel + - aws_config_recorder + - aws_config_rule + - aws_direct_connect_connection + - aws_direct_connect_gateway + - aws_direct_connect_link_aggregation_group + - aws_direct_connect_virtual_interface + - aws_eks_cluster + - aws_elasticbeanstalk_app + - aws_glue_connection + - aws_glue_job + - aws_inspector_target + - aws_kms + - aws_kms_info + - aws_region_info + - aws_s3_bucket_info + - aws_s3_cors + - aws_secret + - aws_ses_identity + - aws_ses_identity_policy + - aws_ses_rule_set + - aws_sgw_info + - aws_ssm_parameter_store + - aws_step_functions_state_machine + - aws_step_functions_state_machine_execution + - aws_waf_condition + - aws_waf_info + - aws_waf_rule + - aws_waf_web_acl + - cloudformation_stack_set + - cloudformation_exports_info + - cloudfront_distribution + - cloudfront_info + - cloudfront_invalidation + - cloudfront_origin_access_identity + - cloudtrail + - cloudwatchevent_rule + - cloudwatchlogs_log_group + - cloudwatchlogs_log_group_info + - cloudwatchlogs_log_group_metric_filter + - data_pipeline + - dms_endpoint + - dms_replication_subnet_group + - dynamodb_table + - dynamodb_ttl + - ec2_ami_copy + - ec2_asg + - ec2_asg_info + - ec2_asg_lifecycle_hook + - ec2_customer_gateway + - ec2_customer_gateway_info + - ec2_eip + - ec2_eip_info + - ec2_elb + - ec2_elb_info + - ec2_instance + - ec2_instance_info + - ec2_launch_template + - ec2_lc + - ec2_lc_find + - ec2_lc_info + - ec2_metric_alarm + - ec2_placement_group + - ec2_placement_group_info + - ec2_scaling_policy + - ec2_snapshot_copy + - ec2_transit_gateway + - ec2_transit_gateway_info + - ec2_vpc_egress_igw + - ec2_vpc_endpoint + - ec2_vpc_endpoint_info + - ec2_vpc_igw + - ec2_vpc_igw_info + - ec2_vpc_nacl + - ec2_vpc_nacl_info + - ec2_vpc_nat_gateway + - ec2_vpc_nat_gateway_info + - ec2_vpc_peer + - ec2_vpc_peering_info + - ec2_vpc_route_table + - ec2_vpc_route_table_info + - ec2_vpc_vgw + - ec2_vpc_vgw_info + - ec2_vpc_vpn + - ec2_vpc_vpn_info + - ec2_win_password + - ecs_attribute + - ecs_cluster + - ecs_ecr + - ecs_service + - ecs_service_info + - ecs_tag + - ecs_task + - ecs_taskdefinition + - ecs_taskdefinition_info + - efs + - efs_info + - elasticache + - elasticache_info + - elasticache_parameter_group + - elasticache_snapshot + - elasticache_subnet_group + - elb_application_lb + - elb_application_lb_info + - elb_classic_lb + - elb_classic_lb_info + - elb_instance + - elb_network_lb + - elb_target + - elb_target_group + - elb_target_group_info + - elb_target_info + - execute_lambda + - iam + - iam_cert + - iam_group + - iam_managed_policy + - iam_mfa_device_info + - iam_password_policy + - iam_policy + - iam_policy_info + - iam_role + - iam_role_info + - iam_saml_federation + - iam_server_certificate_info + - iam_user + - iam_user_info + - kinesis_stream + - lambda + - lambda_alias + - lambda_event + - lambda_info + - lambda_policy + - lightsail + - rds + - rds_instance + - rds_instance_info + - rds_param_group + - rds_snapshot_info + - rds_subnet_group + - redshift + - redshift_cross_region_snapshots + - redshift_info + - redshift_subnet_group + - route53 + - route53_health_check + - route53_info + - route53_zone + - s3_bucket_notification + - s3_lifecycle + - s3_logging + - s3_sync + - s3_website + - sns + - sns_topic + - sqs_queue + - sts_assume_role + - sts_session_token + plugin_routing: modules: aws_acm_facts: From 3c6b77fbdacb021c8bc2db0bdbd4a3e71dca77b5 Mon Sep 17 00:00:00 2001 From: John R Barker Date: Tue, 16 Jun 2020 15:54:37 +0100 Subject: [PATCH 014/129] Create settings.yml --- .github/settings.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .github/settings.yml diff --git a/.github/settings.yml b/.github/settings.yml new file mode 100644 index 00000000000..b27b575f0cb --- /dev/null +++ b/.github/settings.yml @@ -0,0 +1,5 @@ +# DO NOT MODIFY + +# Settings: https://probot.github.io/apps/settings/ +# Pull settings from https://github.com/ansible-collections/.github/blob/master/.github/settings.yml +_extends: ".github" From 8b0f283a132d93d8f31e83c1a1aab3913d471a40 Mon Sep 17 00:00:00 2001 From: John R Barker Date: Tue, 16 Jun 2020 19:10:40 +0100 Subject: [PATCH 015/129] BOTMETA.yml labels (#98) Add labels for the common areas --- .github/BOTMETA.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.github/BOTMETA.yml b/.github/BOTMETA.yml index 7fdc0e6671a..4aeb1bc1861 100644 --- a/.github/BOTMETA.yml +++ b/.github/BOTMETA.yml @@ -1,10 +1,15 @@ automerge: false files: + docs/: + labels: docs + $connection/: + labels: connection $connections/aws_ssm.py: $modules/: authors: wimnat maintainers: $team_aws ignore: erydo nadirollo seiffert tedder + label: modules $modules/_aws_region_facts.py: authors: Sodki $modules/_aws_s3_bucket_facts.py: @@ -340,6 +345,15 @@ files: authors: bekelchik piontas $modules/sts_session_token.py: authors: pwnall + scripts/inventory/: + labels: inventory + tests/: + labels: tests + tests/integration/: + labels: integrations + tests/units/: + labels: units + macros: connections: plugins/connection modules: plugins/modules From 62ec03635079078198707aee233944bfff2cab73 Mon Sep 17 00:00:00 2001 From: John R Barker Date: Tue, 16 Jun 2020 19:17:47 +0100 Subject: [PATCH 016/129] BOTMETA: connection --- .github/BOTMETA.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/BOTMETA.yml b/.github/BOTMETA.yml index 4aeb1bc1861..0e12bff9341 100644 --- a/.github/BOTMETA.yml +++ b/.github/BOTMETA.yml @@ -4,7 +4,7 @@ files: labels: docs $connection/: labels: connection - $connections/aws_ssm.py: + $connection/aws_ssm.py: $modules/: authors: wimnat maintainers: $team_aws @@ -355,6 +355,6 @@ files: labels: units macros: - connections: plugins/connection + connection: plugins/connection modules: plugins/modules team_aws: jillr s-hertel tremble From 7cd211e9383db26bc2aa4cc06e657cf60ed0acc0 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 16 Jun 2020 11:23:52 -0700 Subject: [PATCH 017/129] Collections related fixes for CI (#96) * Update module deprecations Switch version to `removed_at_date` * Don't install amazon.aws from galaxy We've been using galaxy to install amazon.aws in shippable, but that doesn't really work if we aren't publising faster. Get that collection from git so it is most up to date. * We need to declare python test deps now * missed a python dep --- meta/runtime.yml | 80 +++++++++---------- plugins/modules/aws_acm_info.py | 2 +- plugins/modules/aws_kms.py | 2 +- plugins/modules/aws_kms_info.py | 2 +- plugins/modules/aws_region_info.py | 2 +- plugins/modules/aws_s3_bucket_info.py | 2 +- plugins/modules/aws_sgw_info.py | 2 +- plugins/modules/aws_waf_info.py | 2 +- plugins/modules/cloudfront_info.py | 2 +- .../modules/cloudwatchlogs_log_group_info.py | 3 +- plugins/modules/data_pipeline.py | 5 +- plugins/modules/ec2_asg_info.py | 2 +- plugins/modules/ec2_customer_gateway_info.py | 3 +- plugins/modules/ec2_eip.py | 4 +- plugins/modules/ec2_eip_info.py | 2 +- plugins/modules/ec2_elb_info.py | 2 +- plugins/modules/ec2_instance_info.py | 2 +- plugins/modules/ec2_lc.py | 4 +- plugins/modules/ec2_lc_info.py | 2 +- plugins/modules/ec2_metric_alarm.py | 5 +- plugins/modules/ec2_placement_group_info.py | 3 +- plugins/modules/ec2_vpc_endpoint_info.py | 2 +- plugins/modules/ec2_vpc_igw_info.py | 2 +- plugins/modules/ec2_vpc_nacl_info.py | 2 +- plugins/modules/ec2_vpc_nat_gateway_info.py | 3 +- plugins/modules/ec2_vpc_peering_info.py | 2 +- plugins/modules/ec2_vpc_route_table_info.py | 3 +- plugins/modules/ec2_vpc_vgw_info.py | 2 +- plugins/modules/ec2_vpc_vpn_info.py | 2 +- plugins/modules/ecs_ecr.py | 4 +- plugins/modules/ecs_service_info.py | 2 +- plugins/modules/ecs_taskdefinition_info.py | 3 +- plugins/modules/efs_info.py | 2 +- plugins/modules/elasticache_info.py | 2 +- plugins/modules/elb_application_lb_info.py | 3 +- plugins/modules/elb_classic_lb_info.py | 2 +- plugins/modules/elb_network_lb.py | 2 +- plugins/modules/elb_target_group_info.py | 2 +- plugins/modules/elb_target_info.py | 2 +- plugins/modules/iam_managed_policy.py | 4 +- plugins/modules/iam_mfa_device_info.py | 2 +- plugins/modules/iam_policy.py | 4 +- plugins/modules/iam_role.py | 2 +- plugins/modules/iam_role_info.py | 2 +- .../modules/iam_server_certificate_info.py | 3 +- plugins/modules/lambda_facts.py | 3 +- plugins/modules/rds_instance_info.py | 2 +- plugins/modules/rds_snapshot_info.py | 2 +- plugins/modules/redshift_info.py | 2 +- plugins/modules/route53_info.py | 2 +- plugins/modules/s3_lifecycle.py | 4 +- plugins/modules/s3_sync.py | 4 +- tests/integration/requirements.txt | 3 + tests/utils/shippable/shippable.sh | 2 +- 54 files changed, 114 insertions(+), 102 deletions(-) create mode 100644 tests/integration/requirements.txt diff --git a/meta/runtime.yml b/meta/runtime.yml index e4c61873d66..09a846da2e1 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -219,161 +219,161 @@ plugin_routing: modules: aws_acm_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details aws_kms_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details aws_region_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details aws_s3_bucket_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details aws_sgw_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details aws_waf_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details cloudfront_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details cloudwatchlogs_log_group_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_asg_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_customer_gateway_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_instance_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_eip_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_elb_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_lc_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_placement_group_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_endpoint_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_igw_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_nacl_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_nat_gateway_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_peering_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_route_table_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_vgw_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ec2_vpc_vpn_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ecs_service_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details ecs_taskdefinition_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details efs_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details elasticache_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details elb_application_lb_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details elb_classic_lb_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details elb_target_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details elb_target_group_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details iam_cert_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details iam_mfa_device_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details iam_role_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details iam_server_certificate_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details lambda_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details rds_instance_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details rds_snapshot_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details redshift_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details route53_facts: deprecation: - removal_date: TBD + removal_date: 2021-12-01 warning_text: see plugin documentation for details diff --git a/plugins/modules/aws_acm_info.py b/plugins/modules/aws_acm_info.py index 4cc072a7aef..ac11eb696a8 100644 --- a/plugins/modules/aws_acm_info.py +++ b/plugins/modules/aws_acm_info.py @@ -274,7 +274,7 @@ def main(): acm_info = ACMServiceManager(module) if module._name == 'aws_acm_facts': - module.deprecate("The 'aws_acm_facts' module has been renamed to 'aws_acm_info'", version='2.13') + module.deprecate("The 'aws_acm_facts' module has been renamed to 'aws_acm_info'", date='2021-12-01', collection_name='community.aws') client = module.client('acm') diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index 6da965d4b99..7722a4803f8 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -1052,7 +1052,7 @@ def main(): if module.params.get('policy_grant_types') or mode == 'deny': module.deprecate('Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile' - ' and has been deprecated in favour of the policy option.', version='2.13') + ' and has been deprecated in favour of the policy option.', date='2021-12-01', collection_name='community.aws') result = update_policy_grants(kms, module, key_metadata, mode) module.exit_json(**result) diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index a51b30a85cc..4424e8fe2ce 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -409,7 +409,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'aws_kms_facts': - module.deprecate("The 'aws_kms_facts' module has been renamed to 'aws_kms_info'", version='2.13') + module.deprecate("The 'aws_kms_facts' module has been renamed to 'aws_kms_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 and botocore are required for this module') diff --git a/plugins/modules/aws_region_info.py b/plugins/modules/aws_region_info.py index b20bf9f84ef..cafb743ece1 100644 --- a/plugins/modules/aws_region_info.py +++ b/plugins/modules/aws_region_info.py @@ -70,7 +70,7 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec) if module._name == 'aws_region_facts': - module.deprecate("The 'aws_region_facts' module has been renamed to 'aws_region_info'", version='2.13') + module.deprecate("The 'aws_region_facts' module has been renamed to 'aws_region_info'", date='2021-12-01', collection_name='community.aws') connection = module.client('ec2', retry_decorator=AWSRetry.jittered_backoff()) diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index 4646e40e3d5..30964ab1c5a 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -94,7 +94,7 @@ def main(): is_old_facts = module._name == 'aws_s3_bucket_facts' if is_old_facts: module.deprecate("The 'aws_s3_bucket_facts' module has been renamed to 'aws_s3_bucket_info', " - "and the renamed one no longer returns ansible_facts", version='2.13') + "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') # Verify Boto3 is used if not HAS_BOTO3: diff --git a/plugins/modules/aws_sgw_info.py b/plugins/modules/aws_sgw_info.py index f18084d06e7..5cfc7ab8cc0 100644 --- a/plugins/modules/aws_sgw_info.py +++ b/plugins/modules/aws_sgw_info.py @@ -345,7 +345,7 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec) if module._name == 'aws_sgw_facts': - module.deprecate("The 'aws_sgw_facts' module has been renamed to 'aws_sgw_info'", version='2.13') + module.deprecate("The 'aws_sgw_facts' module has been renamed to 'aws_sgw_info'", date='2021-12-01', collection_name='community.aws') client = module.client('storagegateway') if client is None: # this should never happen diff --git a/plugins/modules/aws_waf_info.py b/plugins/modules/aws_waf_info.py index a3169453f1d..76fe5d084a7 100644 --- a/plugins/modules/aws_waf_info.py +++ b/plugins/modules/aws_waf_info.py @@ -126,7 +126,7 @@ def main(): ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'aws_waf_facts': - module.deprecate("The 'aws_waf_facts' module has been renamed to 'aws_waf_info'", version='2.13') + module.deprecate("The 'aws_waf_facts' module has been renamed to 'aws_waf_info'", date='2021-12-01', collection_name='community.aws') resource = 'waf' if not module.params['waf_regional'] else 'waf-regional' client = module.client(resource) diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index eb89ff35fad..46aa714dbf2 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -601,7 +601,7 @@ def main(): is_old_facts = module._name == 'cloudfront_facts' if is_old_facts: module.deprecate("The 'cloudfront_facts' module has been renamed to 'cloudfront_info', " - "and the renamed one no longer returns ansible_facts", version='2.13') + "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 is required.') diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index 61b9ad235e2..448bb954d40 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -110,7 +110,8 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'cloudwatchlogs_log_group_facts': - module.deprecate("The 'cloudwatchlogs_log_group_facts' module has been renamed to 'cloudwatchlogs_log_group_info'", version='2.13') + module.deprecate("The 'cloudwatchlogs_log_group_facts' module has been renamed to 'cloudwatchlogs_log_group_info'", + date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 is required.') diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index ac06922a7b3..9f9ef5d818b 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -123,8 +123,7 @@ type: dict version: description: - - The version option has never had any effect and will be removed in - Ansible 2.14 + - The version option has never had any effect and will be removed after 2022-06-01. type: str ''' @@ -605,7 +604,7 @@ def main(): argument_spec.update( dict( name=dict(required=True), - version=dict(removed_in_version='2.14'), + version=dict(removed_at_date='2022-06-01', removed_from_collection='community.aws'), description=dict(required=False, default=''), objects=dict(required=False, type='list', default=[]), parameters=dict(required=False, type='list', default=[]), diff --git a/plugins/modules/ec2_asg_info.py b/plugins/modules/ec2_asg_info.py index b2c971ae81b..4c523db50de 100644 --- a/plugins/modules/ec2_asg_info.py +++ b/plugins/modules/ec2_asg_info.py @@ -394,7 +394,7 @@ def main(): ) module = AnsibleAWSModule(argument_spec=argument_spec) if module._name == 'ec2_asg_facts': - module.deprecate("The 'ec2_asg_facts' module has been renamed to 'ec2_asg_info'", version='2.13') + module.deprecate("The 'ec2_asg_facts' module has been renamed to 'ec2_asg_info'", date='2021-12-01', collection_name='community.aws') asg_name = module.params.get('name') asg_tags = module.params.get('tags') diff --git a/plugins/modules/ec2_customer_gateway_info.py b/plugins/modules/ec2_customer_gateway_info.py index 001c88ae8cf..f37a0f35567 100644 --- a/plugins/modules/ec2_customer_gateway_info.py +++ b/plugins/modules/ec2_customer_gateway_info.py @@ -126,7 +126,8 @@ def main(): mutually_exclusive=[['customer_gateway_ids', 'filters']], supports_check_mode=True) if module._module._name == 'ec2_customer_gateway_facts': - module._module.deprecate("The 'ec2_customer_gateway_facts' module has been renamed to 'ec2_customer_gateway_info'", version='2.13') + module._module.deprecate("The 'ec2_customer_gateway_facts' module has been renamed to 'ec2_customer_gateway_info'", + date='2021-12-01', collection_name='community.aws') connection = module.client('ec2') diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index a43fe9a0a50..f4ba39f75a4 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -78,7 +78,7 @@ type: str wait_timeout: description: - - The I(wait_timeout) option does nothing and will be removed in Ansible 2.14. + - The I(wait_timeout) option does nothing and will be removed after 2022-06-01 type: int extends_documentation_fragment: - amazon.aws.aws @@ -525,7 +525,7 @@ def main(): default=False), release_on_disassociation=dict(required=False, type='bool', default=False), allow_reassociation=dict(type='bool', default=False), - wait_timeout=dict(type='int', removed_in_version='2.14'), + wait_timeout=dict(type='int', removed_at_date='2022-06-01', removed_from_collection='community.aws'), private_ip_address=dict(), tag_name=dict(), tag_value=dict(), diff --git a/plugins/modules/ec2_eip_info.py b/plugins/modules/ec2_eip_info.py index 6001110b71b..61c3a49ad8a 100644 --- a/plugins/modules/ec2_eip_info.py +++ b/plugins/modules/ec2_eip_info.py @@ -133,7 +133,7 @@ def main(): supports_check_mode=True ) if module._module._name == 'ec2_eip_facts': - module._module.deprecate("The 'ec2_eip_facts' module has been renamed to 'ec2_eip_info'", version='2.13') + module._module.deprecate("The 'ec2_eip_facts' module has been renamed to 'ec2_eip_info'", date='2021-12-01', collection_name='community.aws') module.exit_json(changed=False, addresses=get_eips_details(module)) diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index 0c4c2dc1b76..215483a093f 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -239,7 +239,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_elb_facts': - module.deprecate("The 'ec2_elb_facts' module has been renamed to 'ec2_elb_info'", version='2.13') + module.deprecate("The 'ec2_elb_facts' module has been renamed to 'ec2_elb_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index 79d056d4ea6..d2da8b96b6f 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -551,7 +551,7 @@ def main(): supports_check_mode=True ) if module._name == 'ec2_instance_facts': - module.deprecate("The 'ec2_instance_facts' module has been renamed to 'ec2_instance_info'", version='2.13') + module.deprecate("The 'ec2_instance_facts' module has been renamed to 'ec2_instance_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index b9f4740a73f..8e13c7ab13e 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -176,7 +176,7 @@ choices: ['default', 'dedicated'] associate_public_ip_address: description: - - The I(associate_public_ip_address) option does nothing and will be removed in Ansible 2.14. + - The I(associate_public_ip_address) option does nothing and will be removed after 2022-06-01 type: bool extends_documentation_fragment: @@ -669,7 +669,7 @@ def main(): ramdisk_id=dict(), instance_profile_name=dict(), ebs_optimized=dict(default=False, type='bool'), - associate_public_ip_address=dict(type='bool', removed_in_version='2.14'), + associate_public_ip_address=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), instance_monitoring=dict(default=False, type='bool'), assign_public_ip=dict(type='bool'), classic_link_vpc_security_groups=dict(type='list'), diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index e7cdd9b24f1..5e032332af3 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -217,7 +217,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec) if module._name == 'ec2_lc_facts': - module.deprecate("The 'ec2_lc_facts' module has been renamed to 'ec2_lc_info'", version='2.13') + module.deprecate("The 'ec2_lc_facts' module has been renamed to 'ec2_lc_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index 804474294e3..debc170c123 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -58,7 +58,7 @@ comparison: description: - Determines how the threshold value is compared - - Symbolic comparison operators have been deprecated, and will be removed in 2.14 + - Symbolic comparison operators have been deprecated, and will be removed after 2022-06-22. required: false type: str choices: @@ -238,7 +238,8 @@ def create_metric_alarm(connection, module): '>': 'GreaterThanThreshold'} if comparison in ('<=', '<', '>', '>='): module.deprecate('Using the <=, <, > and >= operators for comparison has been deprecated. Please use LessThanOrEqualToThreshold, ' - 'LessThanThreshold, GreaterThanThreshold or GreaterThanOrEqualToThreshold instead.', version="2.14") + 'LessThanThreshold, GreaterThanThreshold or GreaterThanOrEqualToThreshold instead.', + date='2022-06-01', collection_name='community.aws') comparison = comparisons[comparison] if not isinstance(dimensions, list): diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index 5a4bc09a842..33be33516d9 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -113,7 +113,8 @@ def main(): supports_check_mode=True ) if module._module._name == 'ec2_placement_group_facts': - module._module.deprecate("The 'ec2_placement_group_facts' module has been renamed to 'ec2_placement_group_info'", version='2.13') + module._module.deprecate("The 'ec2_placement_group_facts' module has been renamed to 'ec2_placement_group_info'", + date='2021-12-01', collection_name='community.aws') connection = module.client('ec2') diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index fa4f8c59713..75ceb6b9bc7 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -174,7 +174,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_endpoint_facts': - module.deprecate("The 'ec2_vpc_endpoint_facts' module has been renamed to 'ec2_vpc_endpoint_info'", version='2.13') + module.deprecate("The 'ec2_vpc_endpoint_facts' module has been renamed to 'ec2_vpc_endpoint_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements if not HAS_BOTO3: diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index 7bdff093461..29845d2ccf5 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -137,7 +137,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_igw_facts': - module.deprecate("The 'ec2_vpc_igw_facts' module has been renamed to 'ec2_vpc_igw_info'", version='2.13') + module.deprecate("The 'ec2_vpc_igw_facts' module has been renamed to 'ec2_vpc_igw_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements if not HAS_BOTO3: diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index 658816545b4..d4c0c431465 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -209,7 +209,7 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_nacl_facts': - module.deprecate("The 'ec2_vpc_nacl_facts' module has been renamed to 'ec2_vpc_nacl_info'", version='2.13') + module.deprecate("The 'ec2_vpc_nacl_facts' module has been renamed to 'ec2_vpc_nacl_info'", date='2021-12-01', collection_name='community.aws') connection = module.client('ec2', retry_decorator=AWSRetry.jittered_backoff()) diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index a4e7ac6db99..85f96cc7340 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -133,7 +133,8 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_nat_gateway_facts': - module.deprecate("The 'ec2_vpc_nat_gateway_facts' module has been renamed to 'ec2_vpc_nat_gateway_info'", version='2.13') + module.deprecate("The 'ec2_vpc_nat_gateway_facts' module has been renamed to 'ec2_vpc_nat_gateway_info'", + date='2021-12-01', collection_name='community.aws') # Validate Requirements if not HAS_BOTO3: diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index 008f75fbd10..75af1b65613 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -113,7 +113,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_peering_facts': - module.deprecate("The 'ec2_vpc_peering_facts' module has been renamed to 'ec2_vpc_peering_info'", version='2.13') + module.deprecate("The 'ec2_vpc_peering_facts' module has been renamed to 'ec2_vpc_peering_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements if not HAS_BOTO3: diff --git a/plugins/modules/ec2_vpc_route_table_info.py b/plugins/modules/ec2_vpc_route_table_info.py index b0b5b189de1..acb203f1eab 100644 --- a/plugins/modules/ec2_vpc_route_table_info.py +++ b/plugins/modules/ec2_vpc_route_table_info.py @@ -107,7 +107,8 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_route_table_facts': - module.deprecate("The 'ec2_vpc_route_table_facts' module has been renamed to 'ec2_vpc_route_table_info'", version='2.13') + module.deprecate("The 'ec2_vpc_route_table_facts' module has been renamed to 'ec2_vpc_route_table_info'", + date='2021-12-01', collection_name='community.aws') if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index 177f4a7ea21..a8c8da426c9 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -143,7 +143,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_vgw_facts': - module.deprecate("The 'ec2_vpc_vgw_facts' module has been renamed to 'ec2_vpc_vgw_info'", version='2.13') + module.deprecate("The 'ec2_vpc_vgw_facts' module has been renamed to 'ec2_vpc_vgw_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements if not HAS_BOTO3: diff --git a/plugins/modules/ec2_vpc_vpn_info.py b/plugins/modules/ec2_vpc_vpn_info.py index 3041a747d69..427b4b8cec8 100644 --- a/plugins/modules/ec2_vpc_vpn_info.py +++ b/plugins/modules/ec2_vpc_vpn_info.py @@ -205,7 +205,7 @@ def main(): mutually_exclusive=[['vpn_connection_ids', 'filters']], supports_check_mode=True) if module._module._name == 'ec2_vpc_vpn_facts': - module._module.deprecate("The 'ec2_vpc_vpn_facts' module has been renamed to 'ec2_vpc_vpn_info'", version='2.13') + module._module.deprecate("The 'ec2_vpc_vpn_facts' module has been renamed to 'ec2_vpc_vpn_info'", date='2021-12-01', collection_name='community.aws') connection = module.client('ec2') diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index d2eb786370b..de9ab574fdb 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -43,7 +43,7 @@ purge_policy: description: - If yes, remove the policy from the repository. - - Alias C(delete_policy) has been deprecated and will be removed in Ansible 2.14 + - Alias C(delete_policy) has been deprecated and will be removed after 2022-06-01. required: false default: false type: bool @@ -502,7 +502,7 @@ def main(): image_tag_mutability=dict(required=False, choices=['mutable', 'immutable'], default='mutable'), purge_policy=dict(required=False, type='bool', aliases=['delete_policy'], - deprecated_aliases=[dict(name='delete_policy', version='2.14')]), + deprecated_aliases=[dict(name='delete_policy', date='2022-06-01', collection_name='community.aws')]), lifecycle_policy=dict(required=False, type='json'), purge_lifecycle_policy=dict(required=False, type='bool') ) diff --git a/plugins/modules/ecs_service_info.py b/plugins/modules/ecs_service_info.py index 4e479bbb443..e7628d36881 100644 --- a/plugins/modules/ecs_service_info.py +++ b/plugins/modules/ecs_service_info.py @@ -225,7 +225,7 @@ def main(): is_old_facts = module._name == 'ecs_service_facts' if is_old_facts: module.deprecate("The 'ecs_service_facts' module has been renamed to 'ecs_service_info', " - "and the renamed one no longer returns ansible_facts", version='2.13') + "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') show_details = module.params.get('details') diff --git a/plugins/modules/ecs_taskdefinition_info.py b/plugins/modules/ecs_taskdefinition_info.py index 3711c47767a..a6b1c627f4c 100644 --- a/plugins/modules/ecs_taskdefinition_info.py +++ b/plugins/modules/ecs_taskdefinition_info.py @@ -314,7 +314,8 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ecs_taskdefinition_facts': - module.deprecate("The 'ecs_taskdefinition_facts' module has been renamed to 'ecs_taskdefinition_info'", version='2.13') + module.deprecate("The 'ecs_taskdefinition_facts' module has been renamed to 'ecs_taskdefinition_info'", + date='2021-12-01', collection_name='community.aws') ecs = module.client('ecs') diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index 9835be169e4..992b650627e 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -365,7 +365,7 @@ def main(): is_old_facts = module._name == 'efs_facts' if is_old_facts: module.deprecate("The 'efs_facts' module has been renamed to 'efs_info', " - "and the renamed one no longer returns ansible_facts", version='2.13') + "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') connection = EFSConnection(module) diff --git a/plugins/modules/elasticache_info.py b/plugins/modules/elasticache_info.py index 86763b39a0d..f7000116ca3 100644 --- a/plugins/modules/elasticache_info.py +++ b/plugins/modules/elasticache_info.py @@ -299,7 +299,7 @@ def main(): ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'elasticache_facts': - module.deprecate("The 'elasticache_facts' module has been renamed to 'elasticache_info'", version='2.13') + module.deprecate("The 'elasticache_facts' module has been renamed to 'elasticache_info'", date='2021-12-01', collection_name='community.aws') client = module.client('elasticache') diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index ca5290e3892..2f9c1c39cc9 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -273,7 +273,8 @@ def main(): supports_check_mode=True ) if module._name == 'elb_application_lb_facts': - module.deprecate("The 'elb_application_lb_facts' module has been renamed to 'elb_application_lb_info'", version='2.13') + module.deprecate("The 'elb_application_lb_facts' module has been renamed to 'elb_application_lb_info'", + date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index a38aee6b253..915bf19aece 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -197,7 +197,7 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'elb_classic_lb_facts': - module.deprecate("The 'elb_classic_lb_facts' module has been renamed to 'elb_classic_lb_info'", version='2.13') + module.deprecate("The 'elb_classic_lb_facts' module has been renamed to 'elb_classic_lb_info'", date='2021-12-01', collection_name='community.aws') connection = module.client('elb') diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index 858cfaaffd9..616c8e061be 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -440,7 +440,7 @@ def main(): # See below, unless state==present we delete. Ouch. module.deprecate('State currently defaults to absent. This is inconsistent with other modules' ' and the default will be changed to `present` in Ansible 2.14', - version='2.14') + date='2022-06-01', collection_name='community.aws') # Quick check of listeners parameters listeners = module.params.get("listeners") diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index f285221eb33..2505026b0d7 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -309,7 +309,7 @@ def main(): supports_check_mode=True ) if module._name == 'elb_target_group_facts': - module.deprecate("The 'elb_target_group_facts' module has been renamed to 'elb_target_group_info'", version='2.13') + module.deprecate("The 'elb_target_group_facts' module has been renamed to 'elb_target_group_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') diff --git a/plugins/modules/elb_target_info.py b/plugins/modules/elb_target_info.py index 1101965a318..40a9ac26420 100644 --- a/plugins/modules/elb_target_info.py +++ b/plugins/modules/elb_target_info.py @@ -416,7 +416,7 @@ def main(): supports_check_mode=True, ) if module._name == 'elb_target_facts': - module.deprecate("The 'elb_target_facts' module has been renamed to 'elb_target_info'", version='2.13') + module.deprecate("The 'elb_target_facts' module has been renamed to 'elb_target_info'", date='2021-12-01', collection_name='community.aws') instance_id = module.params["instance_id"] get_unused_target_groups = module.params["get_unused_target_groups"] diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 0631a243dd0..06e31a906d5 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -45,7 +45,7 @@ type: str fail_on_delete: description: - - The I(fail_on_delete) option does nothing and will be removed in Ansible 2.14. + - The I(fail_on_delete) option does nothing and will be removed after 2022-06-01 type: bool author: "Dan Kozlowski (@dkhenry)" @@ -289,7 +289,7 @@ def main(): policy=dict(type='json'), make_default=dict(type='bool', default=True), only_version=dict(type='bool', default=False), - fail_on_delete=dict(type='bool', removed_in_version='2.14'), + fail_on_delete=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), state=dict(default='present', choices=['present', 'absent']), )) diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 2431a57c063..bb59d8d8177 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -98,7 +98,7 @@ def main(): module = AnsibleModule(argument_spec=argument_spec) if module._name == 'iam_mfa_device_facts': - module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", version='2.13') + module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') diff --git a/plugins/modules/iam_policy.py b/plugins/modules/iam_policy.py index 105d985df5b..5eb4694c3c7 100644 --- a/plugins/modules/iam_policy.py +++ b/plugins/modules/iam_policy.py @@ -304,13 +304,13 @@ def main(): if (skip_duplicates is None): module.deprecate('The skip_duplicates behaviour has caused confusion and' ' will be disabled by default in Ansible 2.14', - version='2.14') + date='2022-06-01', collection_name='community.aws') skip_duplicates = True if module.params.get('policy_document'): module.deprecate('The policy_document option has been deprecated and' ' will be removed in Ansible 2.14', - version='2.14') + date='2022-06-01', collection_name='community.aws') args = dict( client=module.client('iam'), diff --git a/plugins/modules/iam_role.py b/plugins/modules/iam_role.py index 432fcab64ad..dc96bc93f3f 100644 --- a/plugins/modules/iam_role.py +++ b/plugins/modules/iam_role.py @@ -629,7 +629,7 @@ def main(): if module.params.get('purge_policies') is None: module.deprecate('In Ansible 2.14 the default value of purge_policies will change from true to false.' - ' To maintain the existing behaviour explicity set purge_policies=true', version='2.14') + ' To maintain the existing behaviour explicity set purge_policies=true', date='2022-06-01', collection_name='community.aws') if module.params.get('boundary'): if module.params.get('create_instance_profile'): diff --git a/plugins/modules/iam_role_info.py b/plugins/modules/iam_role_info.py index bf32d32adbf..7fdb4ac58fa 100644 --- a/plugins/modules/iam_role_info.py +++ b/plugins/modules/iam_role_info.py @@ -242,7 +242,7 @@ def main(): supports_check_mode=True, mutually_exclusive=[['name', 'path_prefix']]) if module._name == 'iam_role_facts': - module.deprecate("The 'iam_role_facts' module has been renamed to 'iam_role_info'", version='2.13') + module.deprecate("The 'iam_role_facts' module has been renamed to 'iam_role_info'", date='2021-12-01', collection_name='community.aws') client = module.client('iam') diff --git a/plugins/modules/iam_server_certificate_info.py b/plugins/modules/iam_server_certificate_info.py index 49daffe72c8..8bd9b0f1969 100644 --- a/plugins/modules/iam_server_certificate_info.py +++ b/plugins/modules/iam_server_certificate_info.py @@ -147,7 +147,8 @@ def main(): module = AnsibleModule(argument_spec=argument_spec,) if module._name == 'iam_server_certificate_facts': - module.deprecate("The 'iam_server_certificate_facts' module has been renamed to 'iam_server_certificate_info'", version='2.13') + module.deprecate("The 'iam_server_certificate_facts' module has been renamed to 'iam_server_certificate_info'", + date='2021-12-01', collection_name='community.aws') if not HAS_BOTO3: module.fail_json(msg='boto3 required for this module') diff --git a/plugins/modules/lambda_facts.py b/plugins/modules/lambda_facts.py index f9399769954..aac0bd1e92a 100644 --- a/plugins/modules/lambda_facts.py +++ b/plugins/modules/lambda_facts.py @@ -10,7 +10,8 @@ --- module: lambda_facts deprecated: - removed_in: '2.13' + removed_at_date: '2021-12-01' + removed_from_collection: 'community.aws' why: Deprecated in favour of C(_info) module. alternative: Use M(lambda_info) instead. short_description: Gathers AWS Lambda function details as Ansible facts diff --git a/plugins/modules/rds_instance_info.py b/plugins/modules/rds_instance_info.py index ab6bcbcc0b4..8a23c392ddd 100644 --- a/plugins/modules/rds_instance_info.py +++ b/plugins/modules/rds_instance_info.py @@ -396,7 +396,7 @@ def main(): supports_check_mode=True, ) if module._name == 'rds_instance_facts': - module.deprecate("The 'rds_instance_facts' module has been renamed to 'rds_instance_info'", version='2.13') + module.deprecate("The 'rds_instance_facts' module has been renamed to 'rds_instance_info'", date='2021-12-01', collection_name='community.aws') conn = module.client('rds', retry_decorator=AWSRetry.jittered_backoff(retries=10)) diff --git a/plugins/modules/rds_snapshot_info.py b/plugins/modules/rds_snapshot_info.py index 5d330b47e66..30f30a815c1 100644 --- a/plugins/modules/rds_snapshot_info.py +++ b/plugins/modules/rds_snapshot_info.py @@ -376,7 +376,7 @@ def main(): mutually_exclusive=[['db_snapshot_identifier', 'db_instance_identifier', 'db_cluster_identifier', 'db_cluster_snapshot_identifier']] ) if module._name == 'rds_snapshot_facts': - module.deprecate("The 'rds_snapshot_facts' module has been renamed to 'rds_snapshot_info'", version='2.13') + module.deprecate("The 'rds_snapshot_facts' module has been renamed to 'rds_snapshot_info'", date='2021-12-01', collection_name='community.aws') conn = module.client('rds', retry_decorator=AWSRetry.jittered_backoff(retries=10)) results = dict() diff --git a/plugins/modules/redshift_info.py b/plugins/modules/redshift_info.py index 6763aee9428..77aa5e1fb36 100644 --- a/plugins/modules/redshift_info.py +++ b/plugins/modules/redshift_info.py @@ -335,7 +335,7 @@ def main(): supports_check_mode=True ) if module._name == 'redshift_facts': - module.deprecate("The 'redshift_facts' module has been renamed to 'redshift_info'", version='2.13') + module.deprecate("The 'redshift_facts' module has been renamed to 'redshift_info'", date='2021-12-01', collection_name='community.aws') cluster_identifier = module.params.get('cluster_identifier') cluster_tags = module.params.get('tags') diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index 454875bb47f..cb6f74b369a 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -463,7 +463,7 @@ def main(): ], ) if module._name == 'route53_facts': - module.deprecate("The 'route53_facts' module has been renamed to 'route53_info'", version='2.13') + module.deprecate("The 'route53_facts' module has been renamed to 'route53_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements if not (HAS_BOTO or HAS_BOTO3): diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index 32ac0dfd246..9ab279d2b50 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -115,7 +115,7 @@ type: list requester_pays: description: - - The I(requester_pays) option does nothing and will be removed in Ansible 2.14. + - The I(requester_pays) option does nothing and will be removed after 2022-06-01 type: bool extends_documentation_fragment: - amazon.aws.aws @@ -443,7 +443,7 @@ def main(): noncurrent_version_transition_days=dict(type='int'), noncurrent_version_transitions=dict(type='list'), prefix=dict(), - requester_pays=dict(type='bool', removed_in_version='2.14'), + requester_pays=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), rule_id=dict(), state=dict(default='present', choices=['present', 'absent']), status=dict(default='enabled', choices=['enabled', 'disabled']), diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 05f1ffa92df..aa527092d3c 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -109,7 +109,7 @@ type: bool retries: description: - - The I(retries) option does nothing and will be removed in Ansible 2.14. + - The I(retries) option does nothing and will be removed after 2022-06-01 type: str requirements: @@ -512,7 +512,7 @@ def main(): file_root=dict(required=True, type='path'), permission=dict(required=False, choices=['private', 'public-read', 'public-read-write', 'authenticated-read', 'aws-exec-read', 'bucket-owner-read', 'bucket-owner-full-control']), - retries=dict(required=False, removed_in_version='2.14'), + retries=dict(required=False, removed_at_date='2022-06-01', removed_from_collection='community.aws'), mime_map=dict(required=False, type='dict'), exclude=dict(required=False, default=".*"), include=dict(required=False, default="*"), diff --git a/tests/integration/requirements.txt b/tests/integration/requirements.txt new file mode 100644 index 00000000000..4f1c4feb0c9 --- /dev/null +++ b/tests/integration/requirements.txt @@ -0,0 +1,3 @@ +# netaddr is needed for ansible.netcommon.ipv6 +netaddr +virtualenv diff --git a/tests/utils/shippable/shippable.sh b/tests/utils/shippable/shippable.sh index 130f386aeee..75baeb7dd38 100755 --- a/tests/utils/shippable/shippable.sh +++ b/tests/utils/shippable/shippable.sh @@ -87,7 +87,7 @@ git clone https://github.com/ansible-collections/community.general community/gen # once community.general is published this will be handled by galaxy cli git clone https://github.com/ansible-collections/ansible_collections_google google/cloud git clone https://opendev.org/openstack/ansible-collections-openstack openstack/cloud -ansible-galaxy collection install amazon.aws +git clone https://github.com/ansible-collections/amazon.aws amazon/aws ansible-galaxy collection install ansible.netcommon ansible-galaxy collection install community.crypto cd "${cwd}" From 98173aefbbceed7fc0d9db62687b73f96a55a999 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 17 Jun 2020 01:24:54 +0530 Subject: [PATCH 018/129] Update Examples with FQCN (#67) Updated module examples with FQCN Signed-off-by: Abhijeet Kasurde --- plugins/modules/aws_acm.py | 10 +- plugins/modules/aws_acm_info.py | 10 +- plugins/modules/aws_api_gateway.py | 6 +- .../modules/aws_application_scaling_policy.py | 6 +- .../modules/aws_batch_compute_environment.py | 6 +- plugins/modules/aws_batch_job_definition.py | 6 +- plugins/modules/aws_batch_job_queue.py | 6 +- plugins/modules/aws_codebuild.py | 2 +- plugins/modules/aws_codecommit.py | 4 +- plugins/modules/aws_codepipeline.py | 2 +- .../aws_config_aggregation_authorization.py | 6 +- plugins/modules/aws_config_aggregator.py | 2 +- .../modules/aws_config_delivery_channel.py | 2 +- plugins/modules/aws_config_recorder.py | 2 +- plugins/modules/aws_config_rule.py | 2 +- .../modules/aws_direct_connect_connection.py | 8 +- plugins/modules/aws_direct_connect_gateway.py | 4 +- ...s_direct_connect_link_aggregation_group.py | 2 +- .../aws_direct_connect_virtual_interface.py | 4 +- plugins/modules/aws_eks_cluster.py | 4 +- plugins/modules/aws_elasticbeanstalk_app.py | 4 +- plugins/modules/aws_glue_connection.py | 4 +- plugins/modules/aws_glue_job.py | 4 +- plugins/modules/aws_inspector_target.py | 6 +- plugins/modules/aws_kms.py | 16 +- plugins/modules/aws_kms_info.py | 6 +- plugins/modules/aws_region_info.py | 4 +- plugins/modules/aws_s3_bucket_info.py | 4 +- plugins/modules/aws_s3_cors.py | 4 +- plugins/modules/aws_secret.py | 4 +- plugins/modules/aws_ses_identity.py | 14 +- plugins/modules/aws_ses_identity_policy.py | 8 +- plugins/modules/aws_ses_rule_set.py | 12 +- plugins/modules/aws_sgw_info.py | 4 +- plugins/modules/aws_ssm_parameter_store.py | 13 +- .../aws_step_functions_state_machine.py | 6 +- ..._step_functions_state_machine_execution.py | 4 +- plugins/modules/aws_waf_condition.py | 14 +- plugins/modules/aws_waf_info.py | 6 +- plugins/modules/aws_waf_rule.py | 6 +- plugins/modules/aws_waf_web_acl.py | 4 +- .../modules/cloudformation_exports_info.py | 2 +- plugins/modules/cloudformation_stack_set.py | 8 +- plugins/modules/cloudfront_distribution.py | 43 ++- plugins/modules/cloudfront_info.py | 35 +-- plugins/modules/cloudfront_invalidation.py | 4 +- .../cloudfront_origin_access_identity.py | 6 +- plugins/modules/cloudtrail.py | 10 +- plugins/modules/cloudwatchevent_rule.py | 6 +- plugins/modules/cloudwatchlogs_log_group.py | 8 +- .../modules/cloudwatchlogs_log_group_info.py | 2 +- .../cloudwatchlogs_log_group_metric_filter.py | 6 +- plugins/modules/data_pipeline.py | 8 +- plugins/modules/dms_endpoint.py | 6 +- .../modules/dms_replication_subnet_group.py | 2 +- plugins/modules/dynamodb_table.py | 16 +- plugins/modules/dynamodb_ttl.py | 4 +- plugins/modules/ec2_ami_copy.py | 24 +- plugins/modules/ec2_asg.py | 16 +- plugins/modules/ec2_asg_info.py | 24 +- plugins/modules/ec2_asg_lifecycle_hook.py | 8 +- plugins/modules/ec2_customer_gateway.py | 9 +- plugins/modules/ec2_customer_gateway_info.py | 6 +- plugins/modules/ec2_eip.py | 32 +-- plugins/modules/ec2_eip_info.py | 25 +- plugins/modules/ec2_elb.py | 8 +- plugins/modules/ec2_elb_info.py | 27 +- plugins/modules/ec2_instance.py | 40 +-- plugins/modules/ec2_instance_info.py | 20 +- plugins/modules/ec2_launch_template.py | 10 +- plugins/modules/ec2_lc.py | 14 +- plugins/modules/ec2_lc_find.py | 4 +- plugins/modules/ec2_lc_info.py | 12 +- plugins/modules/ec2_metric_alarm.py | 4 +- plugins/modules/ec2_placement_group.py | 12 +- plugins/modules/ec2_placement_group_info.py | 13 +- plugins/modules/ec2_scaling_policy.py | 2 +- plugins/modules/ec2_snapshot_copy.py | 20 +- plugins/modules/ec2_transit_gateway.py | 8 +- plugins/modules/ec2_transit_gateway_info.py | 16 +- plugins/modules/ec2_vpc_egress_igw.py | 8 +- plugins/modules/ec2_vpc_endpoint.py | 10 +- plugins/modules/ec2_vpc_endpoint_info.py | 8 +- plugins/modules/ec2_vpc_igw.py | 8 +- plugins/modules/ec2_vpc_igw_info.py | 6 +- plugins/modules/ec2_vpc_nacl.py | 10 +- plugins/modules/ec2_vpc_nacl_info.py | 8 +- plugins/modules/ec2_vpc_nat_gateway.py | 16 +- plugins/modules/ec2_vpc_nat_gateway_info.py | 8 +- plugins/modules/ec2_vpc_peer.py | 28 +- plugins/modules/ec2_vpc_peering_info.py | 6 +- plugins/modules/ec2_vpc_route_table.py | 6 +- plugins/modules/ec2_vpc_route_table_info.py | 16 +- plugins/modules/ec2_vpc_vgw.py | 8 +- plugins/modules/ec2_vpc_vgw_info.py | 6 +- plugins/modules/ec2_vpc_vpn.py | 16 +- plugins/modules/ec2_vpc_vpn_info.py | 6 +- plugins/modules/ec2_win_password.py | 8 +- plugins/modules/ecs_attribute.py | 8 +- plugins/modules/ecs_cluster.py | 10 +- plugins/modules/ecs_ecr.py | 23 +- plugins/modules/ecs_service.py | 8 +- plugins/modules/ecs_service_info.py | 6 +- plugins/modules/ecs_tag.py | 8 +- plugins/modules/ecs_task.py | 8 +- plugins/modules/ecs_taskdefinition.py | 8 +- plugins/modules/ecs_taskdefinition_info.py | 2 +- plugins/modules/efs.py | 12 +- plugins/modules/efs_info.py | 8 +- plugins/modules/elasticache.py | 12 +- plugins/modules/elasticache_info.py | 4 +- .../modules/elasticache_parameter_group.py | 8 +- plugins/modules/elasticache_snapshot.py | 17 +- plugins/modules/elasticache_subnet_group.py | 8 +- plugins/modules/elb_application_lb.py | 8 +- plugins/modules/elb_application_lb_info.py | 16 +- plugins/modules/elb_classic_lb.py | 28 +- plugins/modules/elb_classic_lb_info.py | 8 +- plugins/modules/elb_instance.py | 6 +- plugins/modules/elb_network_lb.py | 12 +- plugins/modules/elb_target.py | 16 +- plugins/modules/elb_target_group.py | 28 +- plugins/modules/elb_target_group_info.py | 12 +- plugins/modules/elb_target_info.py | 14 +- plugins/modules/execute_lambda.py | 10 +- plugins/modules/iam.py | 12 +- plugins/modules/iam_cert.py | 16 +- plugins/modules/iam_group.py | 27 +- plugins/modules/iam_managed_policy.py | 10 +- plugins/modules/iam_mfa_device_info.py | 12 +- plugins/modules/iam_password_policy.py | 2 +- plugins/modules/iam_policy.py | 12 +- plugins/modules/iam_policy_info.py | 8 +- plugins/modules/iam_role.py | 10 +- plugins/modules/iam_role_info.py | 12 +- plugins/modules/iam_saml_federation.py | 6 +- .../modules/iam_server_certificate_info.py | 8 +- plugins/modules/iam_user.py | 18 +- plugins/modules/iam_user_info.py | 6 +- plugins/modules/kinesis_stream.py | 12 +- plugins/modules/lambda.py | 6 +- plugins/modules/lambda_alias.py | 10 +- plugins/modules/lambda_event.py | 39 ++- plugins/modules/lambda_facts.py | 14 +- plugins/modules/lambda_info.py | 10 +- plugins/modules/lambda_policy.py | 42 ++- plugins/modules/lightsail.py | 8 +- plugins/modules/rds.py | 62 +++-- plugins/modules/rds_instance.py | 8 +- plugins/modules/rds_instance_info.py | 8 +- plugins/modules/rds_param_group.py | 8 +- plugins/modules/rds_snapshot.py | 8 +- plugins/modules/rds_snapshot_info.py | 8 +- plugins/modules/rds_subnet_group.py | 8 +- plugins/modules/redshift.py | 20 +- .../redshift_cross_region_snapshots.py | 6 +- plugins/modules/redshift_info.py | 16 +- plugins/modules/redshift_subnet_group.py | 9 +- plugins/modules/route53.py | 252 +++++++++--------- plugins/modules/route53_health_check.py | 10 +- plugins/modules/route53_info.py | 20 +- plugins/modules/route53_zone.py | 8 +- plugins/modules/s3_bucket_notification.py | 27 +- plugins/modules/s3_lifecycle.py | 28 +- plugins/modules/s3_logging.py | 4 +- plugins/modules/s3_sync.py | 4 +- plugins/modules/s3_website.py | 12 +- plugins/modules/sns.py | 6 +- plugins/modules/sns_topic.py | 6 +- plugins/modules/sqs_queue.py | 24 +- plugins/modules/sts_assume_role.py | 4 +- plugins/modules/sts_session_token.py | 29 +- 172 files changed, 1057 insertions(+), 1089 deletions(-) diff --git a/plugins/modules/aws_acm.py b/plugins/modules/aws_acm.py index 93034e7e71f..de20833ac03 100644 --- a/plugins/modules/aws_acm.py +++ b/plugins/modules/aws_acm.py @@ -157,14 +157,14 @@ EXAMPLES = ''' - name: upload a self-signed certificate - aws_acm: + community.aws.aws_acm: certificate: "{{ lookup('file', 'cert.pem' ) }}" privateKey: "{{ lookup('file', 'key.pem' ) }}" name_tag: my_cert # to be applied through an AWS tag as "Name":"my_cert" region: ap-southeast-2 # AWS region - name: create/update a certificate with a chain - aws_acm: + community.aws.aws_acm: certificate: "{{ lookup('file', 'cert.pem' ) }}" privateKey: "{{ lookup('file', 'key.pem' ) }}" name_tag: my_cert @@ -178,19 +178,19 @@ var: cert_create.certificate.arn - name: delete the cert we just created - aws_acm: + community.aws.aws_acm: name_tag: my_cert state: absent region: ap-southeast-2 - name: delete a certificate with a particular ARN - aws_acm: + community.aws.aws_acm: certificate_arn: "arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901" state: absent region: ap-southeast-2 - name: delete all certificates with a particular domain name - aws_acm: + community.aws.aws_acm: domain_name: acm.ansible.com state: absent region: ap-southeast-2 diff --git a/plugins/modules/aws_acm_info.py b/plugins/modules/aws_acm_info.py index ac11eb696a8..dfbd955a178 100644 --- a/plugins/modules/aws_acm_info.py +++ b/plugins/modules/aws_acm_info.py @@ -50,19 +50,19 @@ EXAMPLES = ''' - name: obtain all ACM certificates - aws_acm_info: + community.aws.aws_acm_info: - name: obtain all information for a single ACM certificate - aws_acm_info: + community.aws.aws_acm_info: domain_name: "*.example_com" - name: obtain all certificates pending validation - aws_acm_info: + community.aws.aws_acm_info: statuses: - PENDING_VALIDATION - name: obtain all certificates with tag Name=foo and myTag=bar - aws_acm_info: + community.aws.aws_acm_info: tags: Name: foo myTag: bar @@ -70,7 +70,7 @@ # The output is still a list of certificates, just one item long. - name: obtain information about a certificate with a particular ARN - aws_acm_info: + community.aws.aws_acm_info: certificate_arn: "arn:aws:acm:ap-southeast-2:123456789876:certificate/abcdeabc-abcd-1234-4321-abcdeabcde12" ''' diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index 1a508299e06..49b1a1f8a4e 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -116,7 +116,7 @@ EXAMPLES = ''' - name: Setup AWS API Gateway setup on AWS and deploy API definition - aws_api_gateway: + community.aws.aws_api_gateway: swagger_file: my_api.yml stage: production cache_enabled: true @@ -126,7 +126,7 @@ state: present - name: Update API definition to deploy new version - aws_api_gateway: + community.aws.aws_api_gateway: api_id: 'abc123321cba' swagger_file: my_api.yml deploy_desc: Make auth fix available. @@ -136,7 +136,7 @@ state: present - name: Update API definitions and settings and deploy as canary - aws_api_gateway: + community.aws.aws_api_gateway: api_id: 'abc123321cba' swagger_file: my_api.yml cache_enabled: true diff --git a/plugins/modules/aws_application_scaling_policy.py b/plugins/modules/aws_application_scaling_policy.py index 51d98743da3..369302d7a9b 100644 --- a/plugins/modules/aws_application_scaling_policy.py +++ b/plugins/modules/aws_application_scaling_policy.py @@ -111,7 +111,7 @@ # Create step scaling policy for ECS Service - name: scaling_policy - aws_application_scaling_policy: + community.aws.aws_application_scaling_policy: state: present policy_name: test_policy service_namespace: ecs @@ -132,7 +132,7 @@ # Create target tracking scaling policy for ECS Service - name: scaling_policy - aws_application_scaling_policy: + community.aws.aws_application_scaling_policy: state: present policy_name: test_policy service_namespace: ecs @@ -150,7 +150,7 @@ # Remove scalable target for ECS Service - name: scaling_policy - aws_application_scaling_policy: + community.aws.aws_application_scaling_policy: state: absent policy_name: test_policy policy_type: StepScaling diff --git a/plugins/modules/aws_batch_compute_environment.py b/plugins/modules/aws_batch_compute_environment.py index 38a22ca69cd..04738ffefae 100644 --- a/plugins/modules/aws_batch_compute_environment.py +++ b/plugins/modules/aws_batch_compute_environment.py @@ -12,8 +12,8 @@ short_description: Manage AWS Batch Compute Environments description: - This module allows the management of AWS Batch Compute Environments. - It is idempotent and supports "Check" mode. Use module M(aws_batch_compute_environment) to manage the compute - environment, M(aws_batch_job_queue) to manage job queues, M(aws_batch_job_definition) to manage job definitions. + It is idempotent and supports "Check" mode. Use module M(community.aws.aws_batch_compute_environment) to manage the compute + environment, M(community.aws.aws_batch_job_queue) to manage job queues, M(community.aws.aws_batch_job_definition) to manage job definitions. author: Jon Meran (@jonmer85) @@ -131,7 +131,7 @@ state: present tasks: - name: My Batch Compute Environment - aws_batch_compute_environment: + community.aws.aws_batch_compute_environment: compute_environment_name: computeEnvironmentName state: present region: us-east-1 diff --git a/plugins/modules/aws_batch_job_definition.py b/plugins/modules/aws_batch_job_definition.py index 6f385ef20fc..7debf759156 100644 --- a/plugins/modules/aws_batch_job_definition.py +++ b/plugins/modules/aws_batch_job_definition.py @@ -12,8 +12,8 @@ short_description: Manage AWS Batch Job Definitions description: - This module allows the management of AWS Batch Job Definitions. - It is idempotent and supports "Check" mode. Use module M(aws_batch_compute_environment) to manage the compute - environment, M(aws_batch_job_queue) to manage job queues, M(aws_batch_job_definition) to manage job definitions. + It is idempotent and supports "Check" mode. Use module M(community.aws.aws_batch_compute_environment) to manage the compute + environment, M(community.aws.aws_batch_job_queue) to manage job queues, M(community.aws.aws_batch_job_definition) to manage job definitions. author: Jon Meran (@jonmer85) @@ -185,7 +185,7 @@ state: present tasks: - name: My Batch Job Definition - aws_batch_job_definition: + community.aws.aws_batch_job_definition: job_definition_name: My Batch Job Definition state: present type: container diff --git a/plugins/modules/aws_batch_job_queue.py b/plugins/modules/aws_batch_job_queue.py index c888b560e0b..3ca0333b940 100644 --- a/plugins/modules/aws_batch_job_queue.py +++ b/plugins/modules/aws_batch_job_queue.py @@ -12,8 +12,8 @@ short_description: Manage AWS Batch Job Queues description: - This module allows the management of AWS Batch Job Queues. - It is idempotent and supports "Check" mode. Use module M(aws_batch_compute_environment) to manage the compute - environment, M(aws_batch_job_queue) to manage job queues, M(aws_batch_job_definition) to manage job definitions. + It is idempotent and supports "Check" mode. Use module M(community.aws.aws_batch_compute_environment) to manage the compute + environment, M(community.aws.aws_batch_job_queue) to manage job queues, M(community.aws.aws_batch_job_definition) to manage job definitions. author: Jon Meran (@jonmer85) @@ -75,7 +75,7 @@ state: present tasks: - name: My Batch Job Queue - aws_batch_job_queue: + community.aws.aws_batch_job_queue: job_queue_name: jobQueueName state: present region: us-east-1 diff --git a/plugins/modules/aws_codebuild.py b/plugins/modules/aws_codebuild.py index ca79d056bce..8b4a7bf04c4 100644 --- a/plugins/modules/aws_codebuild.py +++ b/plugins/modules/aws_codebuild.py @@ -165,7 +165,7 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -- aws_codebuild: +- community.aws.aws_codebuild: name: my_project description: My nice little project service_role: "arn:aws:iam::123123:role/service-role/code-build-service-role" diff --git a/plugins/modules/aws_codecommit.py b/plugins/modules/aws_codecommit.py index dc7bbaee160..8f26be4ed48 100644 --- a/plugins/modules/aws_codecommit.py +++ b/plugins/modules/aws_codecommit.py @@ -126,12 +126,12 @@ EXAMPLES = ''' # Create a new repository -- aws_codecommit: +- community.aws.aws_codecommit: name: repo state: present # Delete a repository -- aws_codecommit: +- community.aws.aws_codecommit: name: repo state: absent ''' diff --git a/plugins/modules/aws_codepipeline.py b/plugins/modules/aws_codepipeline.py index 1784d7859c4..90fea4016cd 100644 --- a/plugins/modules/aws_codepipeline.py +++ b/plugins/modules/aws_codepipeline.py @@ -82,7 +82,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) -- aws_codepipeline: +- community.aws.aws_codepipeline: name: my_deploy_pipeline role_arn: arn:aws:iam::123456:role/AWS-CodePipeline-Service artifact_store: diff --git a/plugins/modules/aws_config_aggregation_authorization.py b/plugins/modules/aws_config_aggregation_authorization.py index d2057a18591..a29eda64394 100644 --- a/plugins/modules/aws_config_aggregation_authorization.py +++ b/plugins/modules/aws_config_aggregation_authorization.py @@ -41,12 +41,12 @@ EXAMPLES = ''' - name: Get current account ID - aws_caller_info: + community.aws.aws_caller_info: register: whoami -- aws_config_aggregation_authorization: +- community.aws.aws_config_aggregation_authorization: state: present authorized_account_id: '{{ whoami.account }}' - authorzed_aws_region: us-east-1 + authorized_aws_region: us-east-1 ''' RETURN = '''#''' diff --git a/plugins/modules/aws_config_aggregator.py b/plugins/modules/aws_config_aggregator.py index 7b97fded3c9..5976c9058fb 100644 --- a/plugins/modules/aws_config_aggregator.py +++ b/plugins/modules/aws_config_aggregator.py @@ -76,7 +76,7 @@ EXAMPLES = ''' - name: Create cross-account aggregator - aws_config_aggregator: + community.aws.aws_config_aggregator: name: test_config_rule state: present account_sources: diff --git a/plugins/modules/aws_config_delivery_channel.py b/plugins/modules/aws_config_delivery_channel.py index f0fda8e61f4..afaef581de7 100644 --- a/plugins/modules/aws_config_delivery_channel.py +++ b/plugins/modules/aws_config_delivery_channel.py @@ -54,7 +54,7 @@ EXAMPLES = ''' - name: Create Delivery Channel for AWS Config - aws_config_delivery_channel: + community.aws.aws_config_delivery_channel: name: test_delivery_channel state: present s3_bucket: 'test_aws_config_bucket' diff --git a/plugins/modules/aws_config_recorder.py b/plugins/modules/aws_config_recorder.py index 970e6f8c0bc..7b576b6cda7 100644 --- a/plugins/modules/aws_config_recorder.py +++ b/plugins/modules/aws_config_recorder.py @@ -67,7 +67,7 @@ EXAMPLES = ''' - name: Create Configuration Recorder for AWS Config - aws_config_recorder: + community.aws.aws_config_recorder: name: test_configuration_recorder state: present role_arn: 'arn:aws:iam::123456789012:role/AwsConfigRecorder' diff --git a/plugins/modules/aws_config_rule.py b/plugins/modules/aws_config_rule.py index 9ce254def76..50c8d82c552 100644 --- a/plugins/modules/aws_config_rule.py +++ b/plugins/modules/aws_config_rule.py @@ -91,7 +91,7 @@ EXAMPLES = ''' - name: Create Config Rule for AWS Config - aws_config_rule: + community.aws.aws_config_rule: name: test_config_rule state: present description: 'This AWS Config rule checks for public write access on S3 buckets' diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index 0b2f16ea083..61a0caf0149 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -71,7 +71,7 @@ EXAMPLES = """ # create a Direct Connect connection -- aws_direct_connect_connection: +- community.aws.aws_direct_connect_connection: name: ansible-test-connection state: present location: EqDC2 @@ -80,14 +80,14 @@ register: dc # disassociate the LAG from the connection -- aws_direct_connect_connection: +- community.aws.aws_direct_connect_connection: state: present connection_id: dc.connection.connection_id location: EqDC2 bandwidth: 1Gbps # replace the connection with one with more bandwidth -- aws_direct_connect_connection: +- community.aws.aws_direct_connect_connection: state: present name: ansible-test-connection location: EqDC2 @@ -95,7 +95,7 @@ forced_update: True # delete the connection -- aws_direct_connect_connection: +- community.aws.aws_direct_connect_connection: state: absent name: ansible-test-connection """ diff --git a/plugins/modules/aws_direct_connect_gateway.py b/plugins/modules/aws_direct_connect_gateway.py index 7fa8ca23740..1524e17fd7a 100644 --- a/plugins/modules/aws_direct_connect_gateway.py +++ b/plugins/modules/aws_direct_connect_gateway.py @@ -55,7 +55,7 @@ EXAMPLES = ''' - name: Create a new direct connect gateway attached to virtual private gateway - dxgw: + community.aws.aws_direct_connect_gateway: state: present name: my-dx-gateway amazon_asn: 7224 @@ -63,7 +63,7 @@ register: created_dxgw - name: Create a new unattached dxgw - dxgw: + community.aws.aws_direct_connect_gateway: state: present name: my-dx-gateway amazon_asn: 7224 diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index 92e8433f5ed..30b0656af5f 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -82,7 +82,7 @@ EXAMPLES = """ # create a Direct Connect connection -- aws_direct_connect_link_aggregation_group: +- community.aws.aws_direct_connect_link_aggregation_group: state: present location: EqDC2 lag_id: dxlag-xxxxxxxx diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index 3883d12331b..6450be0ab08 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -219,14 +219,14 @@ EXAMPLES = ''' --- - name: create an association between a LAG and connection - aws_direct_connect_virtual_interface: + community.aws.aws_direct_connect_virtual_interface: state: present name: "{{ name }}" link_aggregation_group_id: LAG-XXXXXXXX connection_id: dxcon-XXXXXXXX - name: remove an association between a connection and virtual interface - aws_direct_connect_virtual_interface: + community.aws.aws_direct_connect_virtual_interface: state: absent connection_id: dxcon-XXXXXXXX virtual_interface_id: dxv-XXXXXXXX diff --git a/plugins/modules/aws_eks_cluster.py b/plugins/modules/aws_eks_cluster.py index 6cb7d4fe0ce..27200f55908 100644 --- a/plugins/modules/aws_eks_cluster.py +++ b/plugins/modules/aws_eks_cluster.py @@ -65,7 +65,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create an EKS cluster - aws_eks_cluster: + community.aws.aws_eks_cluster: name: my_cluster version: 1.14 role_arn: my_eks_role @@ -77,7 +77,7 @@ register: caller_facts - name: Remove an EKS cluster - aws_eks_cluster: + community.aws.aws_eks_cluster: name: my_cluster wait: yes state: absent diff --git a/plugins/modules/aws_elasticbeanstalk_app.py b/plugins/modules/aws_elasticbeanstalk_app.py index 88c6b58d4af..67f5bc611a8 100644 --- a/plugins/modules/aws_elasticbeanstalk_app.py +++ b/plugins/modules/aws_elasticbeanstalk_app.py @@ -48,13 +48,13 @@ EXAMPLES = ''' # Create or update an application -- aws_elasticbeanstalk_app: +- community.aws.aws_elasticbeanstalk_app: app_name: Sample_App description: "Hello World App" state: present # Delete application -- aws_elasticbeanstalk_app: +- community.aws.aws_elasticbeanstalk_app: app_name: Sample_App state: absent diff --git a/plugins/modules/aws_glue_connection.py b/plugins/modules/aws_glue_connection.py index d2dec7b8db8..1810a6df2e9 100644 --- a/plugins/modules/aws_glue_connection.py +++ b/plugins/modules/aws_glue_connection.py @@ -70,7 +70,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue connection -- aws_glue_connection: +- community.aws.aws_glue_connection: name: my-glue-connection connection_properties: JDBC_CONNECTION_URL: jdbc:mysql://mydb:3306/databasename @@ -79,7 +79,7 @@ state: present # Delete an AWS Glue connection -- aws_glue_connection: +- community.aws.aws_glue_connection: name: my-glue-connection state: absent diff --git a/plugins/modules/aws_glue_job.py b/plugins/modules/aws_glue_job.py index 7a9d76d0890..966029ce325 100644 --- a/plugins/modules/aws_glue_job.py +++ b/plugins/modules/aws_glue_job.py @@ -84,14 +84,14 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue job -- aws_glue_job: +- community.aws.aws_glue_job: command_script_location: s3bucket/script.py name: my-glue-job role: my-iam-role state: present # Delete an AWS Glue job -- aws_glue_job: +- community.aws.aws_glue_job: name: my-glue-job state: absent diff --git a/plugins/modules/aws_inspector_target.py b/plugins/modules/aws_inspector_target.py index 00d5ac35ba1..d7e668038fd 100644 --- a/plugins/modules/aws_inspector_target.py +++ b/plugins/modules/aws_inspector_target.py @@ -45,20 +45,20 @@ EXAMPLES = ''' - name: Create my_target Assessment Target - aws_inspector_target: + community.aws.aws_inspector_target: name: my_target tags: role: scan_target - name: Update Existing my_target Assessment Target with Additional Tags - aws_inspector_target: + community.aws.aws_inspector_target: name: my_target tags: env: dev role: scan_target - name: Delete my_target Assessment Target - aws_inspector_target: + community.aws.aws_inspector_target: name: my_target state: absent ''' diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index 7722a4803f8..0a0bba626e6 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -17,7 +17,7 @@ description: An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be - referred to by I(key_id). Use M(aws_kms_info) to find key ids. Required + referred to by I(key_id). Use M(community.aws.aws_kms_info) to find key ids. Required if I(key_id) is not given. Note that passing a I(key_id) and I(alias) will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional. @@ -177,28 +177,28 @@ # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile # and has been deprecated in favour of the policy option. - name: grant user-style access to production secrets - aws_kms: + community.aws.aws_kms: args: alias: "alias/my_production_secrets" policy_mode: grant policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" policy_grant_types: "role,role grant" - name: remove access to production secrets from role - aws_kms: + community.aws.aws_kms: args: alias: "alias/my_production_secrets" policy_mode: deny policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" # Create a new KMS key -- aws_kms: +- community.aws.aws_kms: alias: mykey tags: Name: myKey Purpose: protect_stuff # Update previous key with more tags -- aws_kms: +- community.aws.aws_kms: alias: mykey tags: Name: myKey @@ -208,7 +208,7 @@ # Update a known key with grants allowing an instance with the billing-prod IAM profile # to decrypt data encrypted with the environment: production, application: billing # encryption context -- aws_kms: +- community.aws.aws_kms: key_id: abcd1234-abcd-1234-5678-ef1234567890 grants: - name: billing_prod @@ -222,13 +222,13 @@ - RetireGrant - name: Update IAM policy on an existing KMS key - aws_kms: + community.aws.aws_kms: alias: my-kms-key policy: '{"Version": "2012-10-17", "Id": "my-kms-key-permissions", "Statement": [ { } ]}' state: present - name: Example using lookup for policy json - aws_kms: + community.aws.aws_kms: alias: my-kms-key policy: "{{ lookup('template', 'kms_iam_policy_template.json.j2') }}" state: present diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index 4424e8fe2ce..1f6f9f394e3 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -36,15 +36,15 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all KMS keys -- aws_kms_info: +- community.aws.aws_kms_info: # Gather information about all keys with a Name tag -- aws_kms_info: +- community.aws.aws_kms_info: filters: tag-key: Name # Gather information about all keys with a specific name -- aws_kms_info: +- community.aws.aws_kms_info: filters: "tag:Name": Example ''' diff --git a/plugins/modules/aws_region_info.py b/plugins/modules/aws_region_info.py index cafb743ece1..719cce0cec8 100644 --- a/plugins/modules/aws_region_info.py +++ b/plugins/modules/aws_region_info.py @@ -33,10 +33,10 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all regions -- aws_region_info: +- community.aws.aws_region_info: # Gather information about a single region -- aws_region_info: +- community.aws.aws_region_info: filters: region-name: eu-west-1 ''' diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index 30964ab1c5a..7b250f89ed6 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -16,7 +16,7 @@ description: - Lists S3 buckets in AWS - This module was called C(aws_s3_bucket_facts) before Ansible 2.9, returning C(ansible_facts). - Note that the M(aws_s3_bucket_info) module no longer returns C(ansible_facts)! + Note that the M(community.aws.aws_s3_bucket_info) module no longer returns C(ansible_facts)! author: "Gerben Geijteman (@hyperized)" extends_documentation_fragment: - amazon.aws.aws @@ -30,7 +30,7 @@ # Note: Only AWS S3 is currently supported # Lists all s3 buckets -- aws_s3_bucket_info: +- community.aws.aws_s3_bucket_info: register: result - name: List buckets diff --git a/plugins/modules/aws_s3_cors.py b/plugins/modules/aws_s3_cors.py index 7a63596e6ab..130b20966e2 100644 --- a/plugins/modules/aws_s3_cors.py +++ b/plugins/modules/aws_s3_cors.py @@ -40,7 +40,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Create a simple cors for s3 bucket -- aws_s3_cors: +- community.aws.aws_s3_cors: name: mys3bucket state: present rules: @@ -57,7 +57,7 @@ max_age_seconds: 30000 # Remove cors for s3 bucket -- aws_s3_cors: +- community.aws.aws_s3_cors: name: mys3bucket state: absent ''' diff --git a/plugins/modules/aws_secret.py b/plugins/modules/aws_secret.py index 0f4a8e78c9f..a007cf564f5 100644 --- a/plugins/modules/aws_secret.py +++ b/plugins/modules/aws_secret.py @@ -76,14 +76,14 @@ EXAMPLES = r''' - name: Add string to AWS Secrets Manager - aws_secret: + community.aws.aws_secret: name: 'test_secret_string' state: present secret_type: 'string' secret: "{{ super_secret_string }}" - name: remove string from AWS Secrets Manager - aws_secret: + community.aws.aws_secret: name: 'test_secret_string' state: absent secret_type: 'string' diff --git a/plugins/modules/aws_ses_identity.py b/plugins/modules/aws_ses_identity.py index 81a80630f97..2185d07d0e8 100644 --- a/plugins/modules/aws_ses_identity.py +++ b/plugins/modules/aws_ses_identity.py @@ -95,31 +95,31 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Ensure example@example.com email identity exists - aws_ses_identity: + community.aws.aws_ses_identity: identity: example@example.com state: present - name: Delete example@example.com email identity - aws_ses_identity: + community.aws.aws_ses_identity: email: example@example.com state: absent - name: Ensure example.com domain identity exists - aws_ses_identity: + community.aws.aws_ses_identity: identity: example.com state: present # Create an SNS topic and send bounce and complaint notifications to it # instead of emailing the identity owner - name: Ensure complaints-topic exists - sns_topic: + community.aws.sns_topic: name: "complaints-topic" state: present purge_subscriptions: False register: topic_info - name: Deliver feedback to topic instead of owner email - aws_ses_identity: + community.aws.aws_ses_identity: identity: example@example.com state: present complaint_notifications: @@ -133,14 +133,14 @@ # Create an SNS topic for delivery notifications and leave complaints # Being forwarded to the identity owner email - name: Ensure delivery-notifications-topic exists - sns_topic: + community.aws.sns_topic: name: "delivery-notifications-topic" state: present purge_subscriptions: False register: topic_info - name: Delivery notifications to topic - aws_ses_identity: + community.aws.aws_ses_identity: identity: example@example.com state: present delivery_notifications: diff --git a/plugins/modules/aws_ses_identity_policy.py b/plugins/modules/aws_ses_identity_policy.py index a657a1a4175..bb166523585 100644 --- a/plugins/modules/aws_ses_identity_policy.py +++ b/plugins/modules/aws_ses_identity_policy.py @@ -46,28 +46,28 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: add sending authorization policy to domain identity - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: example.com policy_name: ExamplePolicy policy: "{{ lookup('template', 'policy.json.j2') }}" state: present - name: add sending authorization policy to email identity - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: example@example.com policy_name: ExamplePolicy policy: "{{ lookup('template', 'policy.json.j2') }}" state: present - name: add sending authorization policy to identity using ARN - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: "arn:aws:ses:us-east-1:12345678:identity/example.com" policy_name: ExamplePolicy policy: "{{ lookup('template', 'policy.json.j2') }}" state: present - name: remove sending authorization policy - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: example.com policy_name: ExamplePolicy state: absent diff --git a/plugins/modules/aws_ses_rule_set.py b/plugins/modules/aws_ses_rule_set.py index d351f2b8d26..b6b45afce75 100644 --- a/plugins/modules/aws_ses_rule_set.py +++ b/plugins/modules/aws_ses_rule_set.py @@ -11,7 +11,7 @@ module: aws_ses_rule_set short_description: Manages SES inbound receipt rule sets description: - - The M(aws_ses_rule_set) module allows you to create, delete, and manage SES receipt rule sets + - The M(community.aws.aws_ses_rule_set) module allows you to create, delete, and manage SES receipt rule sets author: - "Ben Tomasik (@tomislacker)" - "Ed Costello (@orthanc)" @@ -54,29 +54,29 @@ # It is assumed that their matching environment variables are set. --- - name: Create default rule set and activate it if not already - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: default-rule-set state: present active: yes - name: Create some arbitrary rule set but do not activate it - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: arbitrary-rule-set state: present - name: Explicitly deactivate the default rule set leaving no active rule set - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: default-rule-set state: present active: no - name: Remove an arbitrary inactive rule set - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: arbitrary-rule-set state: absent - name: Remove an ruleset even if we have to first deactivate it to remove it - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: default-rule-set state: absent force: yes diff --git a/plugins/modules/aws_sgw_info.py b/plugins/modules/aws_sgw_info.py index 5cfc7ab8cc0..7963e11bfc0 100644 --- a/plugins/modules/aws_sgw_info.py +++ b/plugins/modules/aws_sgw_info.py @@ -165,10 +165,10 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: "Get AWS storage gateway information" - aws_sgw_info: + community.aws.aws_sgw_info: - name: "Get AWS storage gateway information for region eu-west-3" - aws_sgw_info: + community.aws.aws_sgw_info: region: eu-west-3 ''' diff --git a/plugins/modules/aws_ssm_parameter_store.py b/plugins/modules/aws_ssm_parameter_store.py index 7e9cb76e897..c721fe3385d 100644 --- a/plugins/modules/aws_ssm_parameter_store.py +++ b/plugins/modules/aws_ssm_parameter_store.py @@ -77,25 +77,25 @@ EXAMPLES = ''' - name: Create or update key/value pair in aws parameter store - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" description: "This is your first key" value: "World" - name: Delete the key - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" state: absent - name: Create or update secure key/value pair with default kms key (aws/ssm) - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" description: "This is your first key" string_type: "SecureString" value: "World" - name: Create or update secure key/value pair with nominated kms key - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" description: "This is your first key" string_type: "SecureString" @@ -103,7 +103,7 @@ value: "World" - name: Always update a parameter store value and create a new version - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "overwrite_example" description: "This example will always overwrite the value" string_type: "String" @@ -111,7 +111,8 @@ overwrite_value: "always" - name: recommend to use with aws_ssm lookup plugin - debug: msg="{{ lookup('aws_ssm', 'hello') }}" + debug: + msg: "{{ lookup('amazon.aws.aws_ssm', 'hello') }}" ''' RETURN = ''' diff --git a/plugins/modules/aws_step_functions_state_machine.py b/plugins/modules/aws_step_functions_state_machine.py index a5261e593da..a283a57ce6d 100644 --- a/plugins/modules/aws_step_functions_state_machine.py +++ b/plugins/modules/aws_step_functions_state_machine.py @@ -66,7 +66,7 @@ EXAMPLES = ''' # Create a new AWS Step Functions state machine - name: Setup HelloWorld state machine - aws_step_functions_state_machine: + community.aws.aws_step_functions_state_machine: name: "HelloWorldStateMachine" definition: "{{ lookup('file','state_machine.json') }}" role_arn: arn:aws:iam::987654321012:role/service-role/invokeLambdaStepFunctionsRole @@ -75,7 +75,7 @@ # Update an existing state machine - name: Change IAM Role and tags of HelloWorld state machine - aws_step_functions_state_machine: + community.aws.aws_step_functions_state_machine: name: HelloWorldStateMachine definition: "{{ lookup('file','state_machine.json') }}" role_arn: arn:aws:iam::987654321012:role/service-role/anotherStepFunctionsRole @@ -84,7 +84,7 @@ # Remove the AWS Step Functions state machine - name: Delete HelloWorld state machine - aws_step_functions_state_machine: + community.aws.aws_step_functions_state_machine: name: HelloWorldStateMachine state: absent ''' diff --git a/plugins/modules/aws_step_functions_state_machine_execution.py b/plugins/modules/aws_step_functions_state_machine_execution.py index b64efacbaf7..65ed30453c7 100644 --- a/plugins/modules/aws_step_functions_state_machine_execution.py +++ b/plugins/modules/aws_step_functions_state_machine_execution.py @@ -56,13 +56,13 @@ EXAMPLES = ''' - name: Start an execution of a state machine - aws_step_functions_state_machine_execution: + community.aws.aws_step_functions_state_machine_execution: name: an_execution_name execution_input: '{ "IsHelloWorldExample": true }' state_machine_arn: "arn:aws:states:us-west-2:682285639423:stateMachine:HelloWorldStateMachine" - name: Stop an execution of a state machine - aws_step_functions_state_machine_execution: + community.aws.aws_step_functions_state_machine_execution: action: stop execution_arn: "arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8" cause: "cause of task failure" diff --git a/plugins/modules/aws_waf_condition.py b/plugins/modules/aws_waf_condition.py index bab1f97772e..df6632ce1d6 100644 --- a/plugins/modules/aws_waf_condition.py +++ b/plugins/modules/aws_waf_condition.py @@ -138,7 +138,7 @@ EXAMPLES = ''' - name: create WAF byte condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_byte_condition filters: - field_to_match: header @@ -148,7 +148,7 @@ type: byte - name: create WAF geo condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_geo_condition filters: - country: US @@ -157,7 +157,7 @@ type: geo - name: create IP address condition - aws_waf_condition: + community.aws.aws_waf_condition: name: "{{ resource_prefix }}_ip_condition" filters: - ip_address: "10.0.0.0/8" @@ -165,7 +165,7 @@ type: ip - name: create WAF regex condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_regex_condition filters: - field_to_match: query_string @@ -178,7 +178,7 @@ type: regex - name: create WAF size condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_size_condition filters: - field_to_match: query_string @@ -187,7 +187,7 @@ type: size - name: create WAF sql injection condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_sql_condition filters: - field_to_match: query_string @@ -195,7 +195,7 @@ type: sql - name: create WAF xss condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_xss_condition filters: - field_to_match: query_string diff --git a/plugins/modules/aws_waf_info.py b/plugins/modules/aws_waf_info.py index 76fe5d084a7..9a895c847ea 100644 --- a/plugins/modules/aws_waf_info.py +++ b/plugins/modules/aws_waf_info.py @@ -35,14 +35,14 @@ EXAMPLES = ''' - name: obtain all WAF information - aws_waf_info: + community.aws.aws_waf_info: - name: obtain all information for a single WAF - aws_waf_info: + community.aws.aws_waf_info: name: test_waf - name: obtain all information for a single WAF Regional - aws_waf_info: + community.aws.aws_waf_info: name: test_waf waf_regional: true ''' diff --git a/plugins/modules/aws_waf_rule.py b/plugins/modules/aws_waf_rule.py index 5d1c8d3667b..54fb1b23f8b 100644 --- a/plugins/modules/aws_waf_rule.py +++ b/plugins/modules/aws_waf_rule.py @@ -42,7 +42,7 @@ type: str conditions: description: > - List of conditions used in the rule. M(aws_waf_condition) can be used to + List of conditions used in the rule. M(community.aws.aws_waf_condition) can be used to create new conditions. type: list elements: dict @@ -75,7 +75,7 @@ EXAMPLES = ''' - name: create WAF rule - aws_waf_rule: + community.aws.aws_waf_rule: name: my_waf_rule conditions: - name: my_regex_condition @@ -89,7 +89,7 @@ negated: yes - name: remove WAF rule - aws_waf_rule: + community.aws.aws_waf_rule: name: "my_waf_rule" state: absent diff --git a/plugins/modules/aws_waf_web_acl.py b/plugins/modules/aws_waf_web_acl.py index 22da20a7692..fe954dda1b2 100644 --- a/plugins/modules/aws_waf_web_acl.py +++ b/plugins/modules/aws_waf_web_acl.py @@ -85,7 +85,7 @@ EXAMPLES = ''' - name: create web ACL - aws_waf_web_acl: + community.aws.aws_waf_web_acl: name: my_web_acl rules: - name: my_rule @@ -96,7 +96,7 @@ state: present - name: delete the web acl - aws_waf_web_acl: + community.aws.aws_waf_web_acl: name: my_web_acl state: absent ''' diff --git a/plugins/modules/cloudformation_exports_info.py b/plugins/modules/cloudformation_exports_info.py index 50f4f847af5..2c6166dc0d5 100644 --- a/plugins/modules/cloudformation_exports_info.py +++ b/plugins/modules/cloudformation_exports_info.py @@ -22,7 +22,7 @@ EXAMPLES = ''' - name: Get Exports - cloudformation_exports_info: + community.aws.cloudformation_exports_info: profile: 'my_aws_profile' region: 'my_region' register: cf_exports diff --git a/plugins/modules/cloudformation_stack_set.py b/plugins/modules/cloudformation_stack_set.py index 69f53669f51..a7b476d032e 100644 --- a/plugins/modules/cloudformation_stack_set.py +++ b/plugins/modules/cloudformation_stack_set.py @@ -13,7 +13,7 @@ description: - Launches/updates/deletes AWS CloudFormation Stack Sets. notes: - - To make an individual stack, you want the M(cloudformation) module. + - To make an individual stack, you want the M(amazon.aws.cloudformation) module. options: name: description: @@ -177,7 +177,7 @@ EXAMPLES = ''' - name: Create a stack set with instances in two accounts - cloudformation_stack_set: + community.aws.cloudformation_stack_set: name: my-stack description: Test stack in two accounts state: present @@ -187,7 +187,7 @@ - us-east-1 - name: on subsequent calls, templates are optional but parameters and tags can be altered - cloudformation_stack_set: + community.aws.cloudformation_stack_set: name: my-stack state: present parameters: @@ -200,7 +200,7 @@ - us-east-1 - name: The same type of update, but wait for the update to complete in all stacks - cloudformation_stack_set: + community.aws.cloudformation_stack_set: name: my-stack state: present wait: true diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 6597d37bbef..26237ea1851 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -580,11 +580,9 @@ ''' -EXAMPLES = ''' - -# create a basic distribution with defaults and tags - -- cloudfront_distribution: +EXAMPLES = r''' +- name: create a basic distribution with defaults and tags + community.aws.cloudfront_distribution: state: present default_origin_domain_name: www.my-cloudfront-origin.com tags: @@ -592,31 +590,27 @@ Project: example project Priority: '1' -# update a distribution comment by distribution_id - -- cloudfront_distribution: +- name: update a distribution comment by distribution_id + community.aws.cloudfront_distribution: state: present distribution_id: E1RP5A2MJ8073O comment: modified by ansible cloudfront.py -# update a distribution comment by caller_reference - -- cloudfront_distribution: +- name: update a distribution comment by caller_reference + community.aws.cloudfront_distribution: state: present caller_reference: my cloudfront distribution 001 comment: modified by ansible cloudfront.py -# update a distribution's aliases and comment using the distribution_id as a reference - -- cloudfront_distribution: +- name: update a distribution's aliases and comment using the distribution_id as a reference + community.aws.cloudfront_distribution: state: present distribution_id: E1RP5A2MJ8073O comment: modified by cloudfront.py again aliases: [ 'www.my-distribution-source.com', 'zzz.aaa.io' ] -# update a distribution's aliases and comment using an alias as a reference - -- cloudfront_distribution: +- name: update a distribution's aliases and comment using an alias as a reference + community.aws.cloudfront_distribution: state: present caller_reference: my test distribution comment: modified by cloudfront.py again @@ -624,9 +618,8 @@ - www.my-distribution-source.com - zzz.aaa.io -# update a distribution's comment and aliases and tags and remove existing tags - -- cloudfront_distribution: +- name: update a distribution's comment and aliases and tags and remove existing tags + community.aws.cloudfront_distribution: state: present distribution_id: E15BU8SDCGSG57 comment: modified by cloudfront.py again @@ -636,9 +629,8 @@ Project: distribution 1.2 purge_tags: yes -# create a distribution with an origin, logging and default cache behavior - -- cloudfront_distribution: +- name: create a distribution with an origin, logging and default cache behavior + community.aws.cloudfront_distribution: state: present caller_reference: unique test distribution ID origins: @@ -674,9 +666,8 @@ enabled: false comment: this is a CloudFront distribution with logging -# delete a distribution - -- cloudfront_distribution: +- name: delete a distribution + community.aws.cloudfront_distribution: state: absent caller_reference: replaceable distribution ''' diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index 46aa714dbf2..a5bcb4ca572 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -13,7 +13,7 @@ description: - Gets information about an AWS CloudFront distribution. - This module was called C(cloudfront_facts) before Ansible 2.9, returning C(ansible_facts). - Note that the M(cloudfront_info) module no longer returns C(ansible_facts)! + Note that the M(community.aws.cloudfront_info) module no longer returns C(ansible_facts)! requirements: - boto3 >= 1.0.0 - python >= 2.6 @@ -152,21 +152,21 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Get a summary of distributions -- cloudfront_info: +- name: Get a summary of distributions + community.aws.cloudfront_info: summary: true register: result -# Get information about a distribution -- cloudfront_info: +- name: Get information about a distribution + community.aws.cloudfront_info: distribution: true distribution_id: my-cloudfront-distribution-id register: result_did - debug: msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" -# Get information about a distribution using the CNAME of the cloudfront distribution. -- cloudfront_info: +- name: Get information about a distribution using the CNAME of the cloudfront distribution. + community.aws.cloudfront_info: distribution: true domain_name_alias: www.my-website.com register: result_website @@ -176,36 +176,37 @@ # When the module is called as cloudfront_facts, return values are published # in ansible_facts['cloudfront'][] and can be used as follows. # Note that this is deprecated and will stop working in Ansible 2.13. -- cloudfront_facts: +- name: Gather facts + community.aws.cloudfront_facts: distribution: true distribution_id: my-cloudfront-distribution-id - debug: msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" -- cloudfront_facts: +- community.aws.cloudfront_facts: distribution: true domain_name_alias: www.my-website.com - debug: msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" -# Get all information about an invalidation for a distribution. -- cloudfront_facts: +- name: Get all information about an invalidation for a distribution. + community.aws.cloudfront_info: invalidation: true distribution_id: my-cloudfront-distribution-id invalidation_id: my-cloudfront-invalidation-id -# Get all information about a CloudFront origin access identity. -- cloudfront_facts: +- name: Get all information about a CloudFront origin access identity. + community.aws.cloudfront_info: origin_access_identity: true origin_access_identity_id: my-cloudfront-origin-access-identity-id -# Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) -- cloudfront_facts: +- name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + community.aws.cloudfront_info: origin_access_identity: true origin_access_identity_id: my-cloudfront-origin-access-identity-id -# Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) -- cloudfront_facts: +- name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + community.aws.cloudfront_info: all_lists: true ''' diff --git a/plugins/modules/cloudfront_invalidation.py b/plugins/modules/cloudfront_invalidation.py index fe84099931d..13a7d8c30b3 100644 --- a/plugins/modules/cloudfront_invalidation.py +++ b/plugins/modules/cloudfront_invalidation.py @@ -60,7 +60,7 @@ EXAMPLES = ''' - name: create a batch of invalidations using a distribution_id for a reference - cloudfront_invalidation: + community.aws.cloudfront_invalidation: distribution_id: E15BU8SDCGSG57 caller_reference: testing 123 target_paths: @@ -69,7 +69,7 @@ - /testpaththree/test3.ss - name: create a batch of invalidations using an alias as a reference and one path using a wildcard match - cloudfront_invalidation: + community.aws.cloudfront_invalidation: alias: alias.test.com caller_reference: testing 123 target_paths: diff --git a/plugins/modules/cloudfront_origin_access_identity.py b/plugins/modules/cloudfront_origin_access_identity.py index fd66d587ab2..17bfb6a71d1 100644 --- a/plugins/modules/cloudfront_origin_access_identity.py +++ b/plugins/modules/cloudfront_origin_access_identity.py @@ -62,19 +62,19 @@ EXAMPLES = ''' - name: create an origin access identity - cloudfront_origin_access_identity: + community.aws.cloudfront_origin_access_identity: state: present caller_reference: this is an example reference comment: this is an example comment - name: update an existing origin access identity using caller_reference as an identifier - cloudfront_origin_access_identity: + community.aws.cloudfront_origin_access_identity: origin_access_identity_id: E17DRN9XUOAHZX caller_reference: this is an example reference comment: this is a new comment - name: delete an existing origin access identity using caller_reference as an identifier - cloudfront_origin_access_identity: + community.aws.cloudfront_origin_access_identity: state: absent caller_reference: this is an example reference comment: this is a new comment diff --git a/plugins/modules/cloudtrail.py b/plugins/modules/cloudtrail.py index c4a5f2e6e74..83e6cc0b0f1 100644 --- a/plugins/modules/cloudtrail.py +++ b/plugins/modules/cloudtrail.py @@ -105,7 +105,7 @@ EXAMPLES = ''' - name: create single region cloudtrail - cloudtrail: + community.aws.cloudtrail: state: present name: default s3_bucket_name: mylogbucket @@ -113,7 +113,7 @@ region: us-east-1 - name: create multi-region trail with validation and tags - cloudtrail: + community.aws.cloudtrail: state: present name: default s3_bucket_name: mylogbucket @@ -128,7 +128,7 @@ Name: default - name: show another valid kms_key_id - cloudtrail: + community.aws.cloudtrail: state: present name: default s3_bucket_name: mylogbucket @@ -136,7 +136,7 @@ # simply "12345678-1234-1234-1234-123456789012" would be valid too. - name: pause logging the trail we just created - cloudtrail: + community.aws.cloudtrail: state: present name: default enable_logging: false @@ -149,7 +149,7 @@ Name: default - name: delete a trail - cloudtrail: + community.aws.cloudtrail: state: absent name: default ''' diff --git a/plugins/modules/cloudwatchevent_rule.py b/plugins/modules/cloudwatchevent_rule.py index 23f3efa7aec..29854fcc10b 100644 --- a/plugins/modules/cloudwatchevent_rule.py +++ b/plugins/modules/cloudwatchevent_rule.py @@ -107,7 +107,7 @@ ''' EXAMPLES = ''' -- cloudwatchevent_rule: +- community.aws.cloudwatchevent_rule: name: MyCronTask schedule_expression: "cron(0 20 * * ? *)" description: Run my scheduled task @@ -115,7 +115,7 @@ - id: MyTargetId arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction -- cloudwatchevent_rule: +- community.aws.cloudwatchevent_rule: name: MyDisabledCronTask schedule_expression: "rate(5 minutes)" description: Run my disabled scheduled task @@ -125,7 +125,7 @@ arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction input: '{"foo": "bar"}' -- cloudwatchevent_rule: +- community.aws.cloudwatchevent_rule: name: MyCronTask state: absent ''' diff --git a/plugins/modules/cloudwatchlogs_log_group.py b/plugins/modules/cloudwatchlogs_log_group.py index 54687816f03..c2f10956f34 100644 --- a/plugins/modules/cloudwatchlogs_log_group.py +++ b/plugins/modules/cloudwatchlogs_log_group.py @@ -71,21 +71,21 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -- cloudwatchlogs_log_group: +- community.aws.cloudwatchlogs_log_group: log_group_name: test-log-group -- cloudwatchlogs_log_group: +- community.aws.cloudwatchlogs_log_group: state: present log_group_name: test-log-group tags: { "Name": "test-log-group", "Env" : "QA" } -- cloudwatchlogs_log_group: +- community.aws.cloudwatchlogs_log_group: state: present log_group_name: test-log-group tags: { "Name": "test-log-group", "Env" : "QA" } kms_key_id: arn:aws:kms:region:account-id:key/key-id -- cloudwatchlogs_log_group: +- community.aws.cloudwatchlogs_log_group: state: absent log_group_name: test-log-group diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index 448bb954d40..f1b87c8d52d 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -30,7 +30,7 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -- cloudwatchlogs_log_group_info: +- community.aws.cloudwatchlogs_log_group_info: log_group_name: test-log-group ''' diff --git a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py index fd2c9221eff..b606a9ef8a9 100644 --- a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py +++ b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py @@ -13,7 +13,7 @@ short_description: Manage CloudWatch log group metric filter description: - Create, modify and delete CloudWatch log group metric filter. - - CloudWatch log group metric filter can be use with M(ec2_metric_alarm). + - CloudWatch log group metric filter can be use with M(community.aws.ec2_metric_alarm). requirements: - boto3 - botocore @@ -67,7 +67,7 @@ EXAMPLES = ''' - name: set metric filter on log group /fluentd/testcase - cloudwatchlogs_log_group_metric_filter: + community.aws.cloudwatchlogs_log_group_metric_filter: log_group_name: /fluentd/testcase filter_name: BoxFreeStorage filter_pattern: '{($.value = *) && ($.hostname = "box")}' @@ -78,7 +78,7 @@ metric_value: "$.value" - name: delete metric filter on log group /fluentd/testcase - cloudwatchlogs_log_group_metric_filter: + community.aws.cloudwatchlogs_log_group_metric_filter: log_group_name: /fluentd/testcase filter_name: BoxFreeStorage state: absent diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index 9f9ef5d818b..f52cf3f842e 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -131,7 +131,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Create pipeline -- data_pipeline: +- community.aws.data_pipeline: name: test-dp region: us-west-2 objects: "{{pipelineObjects}}" @@ -143,7 +143,7 @@ state: present # Example populating and activating a pipeline that demonstrates two ways of providing pipeline objects -- data_pipeline: +- community.aws.data_pipeline: name: test-dp objects: - "id": "DefaultSchedule" @@ -166,13 +166,13 @@ state: active # Activate pipeline -- data_pipeline: +- community.aws.data_pipeline: name: test-dp region: us-west-2 state: active # Delete pipeline -- data_pipeline: +- community.aws.data_pipeline: name: test-dp region: us-west-2 state: absent diff --git a/plugins/modules/dms_endpoint.py b/plugins/modules/dms_endpoint.py index 1fea45a4a04..7fc1a253a9f 100644 --- a/plugins/modules/dms_endpoint.py +++ b/plugins/modules/dms_endpoint.py @@ -149,8 +149,8 @@ EXAMPLES = ''' # Note: These examples do not set authentication details -# Endpoint Creation -- dms_endpoint: +- name: Endpoint Creation + community.aws.dms_endpoint: state: absent endpointidentifier: 'testsource' endpointtype: source @@ -165,7 +165,7 @@ ''' RETURN = ''' # ''' -__metaclass__ = type + import traceback from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry diff --git a/plugins/modules/dms_replication_subnet_group.py b/plugins/modules/dms_replication_subnet_group.py index 9cb0caf060f..9354eeabc86 100644 --- a/plugins/modules/dms_replication_subnet_group.py +++ b/plugins/modules/dms_replication_subnet_group.py @@ -48,7 +48,7 @@ ''' EXAMPLES = ''' -- dms_replication_subnet_group: +- community.aws.dms_replication_subnet_group: state: present identifier: "dev-sngroup" description: "Development Subnet Group asdasdas" diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py index 1edf139dbfa..ee5cd8470c0 100644 --- a/plugins/modules/dynamodb_table.py +++ b/plugins/modules/dynamodb_table.py @@ -121,8 +121,8 @@ ''' EXAMPLES = ''' -# Create dynamo table with hash and range primary key -- dynamodb_table: +- name: Create dynamo table with hash and range primary key + community.aws.dynamodb_table: name: my-table region: us-east-1 hash_key_name: id @@ -134,15 +134,15 @@ tags: tag_name: tag_value -# Update capacity on existing dynamo table -- dynamodb_table: +- name: Update capacity on existing dynamo table + community.aws.dynamodb_table: name: my-table region: us-east-1 read_capacity: 10 write_capacity: 10 -# set index on existing dynamo table -- dynamodb_table: +- name: set index on existing dynamo table + community.aws.dynamodb_table: name: my-table region: us-east-1 indexes: @@ -156,8 +156,8 @@ read_capacity: 10 write_capacity: 10 -# Delete dynamo table -- dynamodb_table: +- name: Delete dynamo table + community.aws.dynamodb_table: name: my-table region: us-east-1 state: absent diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index 654b311c72a..dbf7bcfc53c 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -42,13 +42,13 @@ EXAMPLES = ''' - name: enable TTL on my cowfacts table - dynamodb_ttl: + community.aws.dynamodb_ttl: state: enable table_name: cowfacts attribute_name: cow_deleted_date - name: disable TTL on my cowfacts table - dynamodb_ttl: + community.aws.dynamodb_ttl: state: disable table_name: cowfacts attribute_name: cow_deleted_date diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index 974993a42ed..c6a1bb0ee45 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -75,14 +75,14 @@ ''' EXAMPLES = ''' -# Basic AMI Copy -- ec2_ami_copy: +- name: Basic AMI Copy + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx -# AMI copy wait until available -- ec2_ami_copy: +- name: AMI copy wait until available + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx @@ -90,16 +90,16 @@ wait_timeout: 1200 # Default timeout is 600 register: image_id -# Named AMI copy -- ec2_ami_copy: +- name: Named AMI copy + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx name: My-Awesome-AMI description: latest patch -# Tagged AMI copy (will not copy the same AMI twice) -- ec2_ami_copy: +- name: Tagged AMI copy (will not copy the same AMI twice) + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx @@ -108,15 +108,15 @@ Patch: 1.2.3 tag_equality: yes -# Encrypted AMI copy -- ec2_ami_copy: +- name: Encrypted AMI copy + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx encrypted: yes -# Encrypted AMI copy with specified key -- ec2_ami_copy: +- name: Encrypted AMI copy with specified key + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index 3f43193f102..3bfd6f131a9 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -12,7 +12,7 @@ short_description: Create or delete AWS AutoScaling Groups (ASGs) description: - Can create or delete AWS AutoScaling Groups. - - Can be used with the M(ec2_lc) module to manage Launch Configurations. + - Can be used with the M(community.aws.ec2_lc) module to manage Launch Configurations. author: "Gareth Rushgrove (@garethr)" requirements: [ "boto3", "botocore" ] options: @@ -45,7 +45,7 @@ elements: str launch_config_name: description: - - Name of the Launch configuration to use for the group. See the M(ec2_lc) module for managing these. + - Name of the Launch configuration to use for the group. See the community.aws.ec2_lc) module for managing these. - If unspecified then the current group value will be used. One of I(launch_config_name) or I(launch_template) must be provided. type: str launch_template: @@ -243,7 +243,7 @@ EXAMPLES = ''' # Basic configuration with Launch Configuration -- ec2_asg: +- community.aws.ec2_asg: name: special load_balancers: [ 'lb1', 'lb2' ] availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] @@ -269,7 +269,7 @@ # will have the current launch configuration. - name: create launch config - ec2_lc: + community.aws.ec2_lc: name: my_new_lc image_id: ami-lkajsf key_name: mykey @@ -278,7 +278,7 @@ instance_type: m1.small assign_public_ip: yes -- ec2_asg: +- community.aws.ec2_asg: name: myasg launch_config_name: my_new_lc health_check_period: 60 @@ -292,7 +292,7 @@ # To only replace a couple of instances instead of all of them, supply a list # to "replace_instances": -- ec2_asg: +- community.aws.ec2_asg: name: myasg launch_config_name: my_new_lc health_check_period: 60 @@ -307,7 +307,7 @@ # Basic Configuration with Launch Template -- ec2_asg: +- community.aws.ec2_asg: name: special load_balancers: [ 'lb1', 'lb2' ] availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] @@ -325,7 +325,7 @@ # Basic Configuration with Launch Template using mixed instance policy -- ec2_asg: +- community.aws.ec2_asg: name: special load_balancers: [ 'lb1', 'lb2' ] availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] diff --git a/plugins/modules/ec2_asg_info.py b/plugins/modules/ec2_asg_info.py index 4c523db50de..2cce6380fd6 100644 --- a/plugins/modules/ec2_asg_info.py +++ b/plugins/modules/ec2_asg_info.py @@ -38,37 +38,37 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Find all groups -- ec2_asg_info: +- name: Find all groups + community.aws.ec2_asg_info: register: asgs -# Find a group with matching name/prefix -- ec2_asg_info: +- name: Find a group with matching name/prefix + community.aws.ec2_asg_info: name: public-webserver-asg register: asgs -# Find a group with matching tags -- ec2_asg_info: +- name: Find a group with matching tags + community.aws.ec2_asg_info: tags: project: webapp env: production register: asgs -# Find a group with matching name/prefix and tags -- ec2_asg_info: +- name: Find a group with matching name/prefix and tags + community.aws.ec2_asg_info: name: myproject tags: env: production register: asgs -# Fail if no groups are found -- ec2_asg_info: +- name: Fail if no groups are found + community.aws.ec2_asg_info: name: public-webserver-asg register: asgs failed_when: "{{ asgs.results | length == 0 }}" -# Fail if more than 1 group is found -- ec2_asg_info: +- name: Fail if more than 1 group is found + community.aws.ec2_asg_info: name: public-webserver-asg register: asgs failed_when: "{{ asgs.results | length > 1 }}" diff --git a/plugins/modules/ec2_asg_lifecycle_hook.py b/plugins/modules/ec2_asg_lifecycle_hook.py index 50e483d0ed1..9e01ca21aee 100644 --- a/plugins/modules/ec2_asg_lifecycle_hook.py +++ b/plugins/modules/ec2_asg_lifecycle_hook.py @@ -78,8 +78,8 @@ ''' EXAMPLES = ''' -# Create / Update lifecycle hook -- ec2_asg_lifecycle_hook: +- name: Create / Update lifecycle hook + community.aws.ec2_asg_lifecycle_hook: region: eu-central-1 state: present autoscaling_group_name: example @@ -88,8 +88,8 @@ heartbeat_timeout: 7000 default_result: ABANDON -# Delete lifecycle hook -- ec2_asg_lifecycle_hook: +- name: Delete lifecycle hook + community.aws.ec2_asg_lifecycle_hook: region: eu-central-1 state: absent autoscaling_group_name: example diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index 675e69a430f..8ac3f73d46a 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -54,17 +54,16 @@ ''' EXAMPLES = ''' - -# Create Customer Gateway -- ec2_customer_gateway: +- name: Create Customer Gateway + community.aws.ec2_customer_gateway: bgp_asn: 12345 ip_address: 1.2.3.4 name: IndianapolisOffice region: us-east-1 register: cgw -# Delete Customer Gateway -- ec2_customer_gateway: +- name: Delete Customer Gateway + community.aws.ec2_customer_gateway: ip_address: 1.2.3.4 name: IndianapolisOffice state: absent diff --git a/plugins/modules/ec2_customer_gateway_info.py b/plugins/modules/ec2_customer_gateway_info.py index f37a0f35567..4872e691023 100644 --- a/plugins/modules/ec2_customer_gateway_info.py +++ b/plugins/modules/ec2_customer_gateway_info.py @@ -36,10 +36,10 @@ # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all customer gateways - ec2_customer_gateway_info: + community.aws.ec2_customer_gateway_info: - name: Gather information about a filtered list of customer gateways, based on tags - ec2_customer_gateway_info: + community.aws.ec2_customer_gateway_info: region: ap-southeast-2 filters: "tag:Name": test-customer-gateway @@ -47,7 +47,7 @@ register: cust_gw_info - name: Gather information about a specific customer gateway by specifying customer gateway ID - ec2_customer_gateway_info: + community.aws.ec2_customer_gateway_info: region: ap-southeast-2 customer_gateway_ids: - 'cgw-48841a09' diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index f4ba39f75a4..2859ccaee7f 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -99,39 +99,39 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: associate an elastic IP with an instance - ec2_eip: + community.aws.ec2_eip: device_id: i-1212f003 ip: 93.184.216.119 - name: associate an elastic IP with a device - ec2_eip: + community.aws.ec2_eip: device_id: eni-c8ad70f3 ip: 93.184.216.119 - name: associate an elastic IP with a device and allow reassociation - ec2_eip: + community.aws.ec2_eip: device_id: eni-c8ad70f3 public_ip: 93.184.216.119 allow_reassociation: true - name: disassociate an elastic IP from an instance - ec2_eip: + community.aws.ec2_eip: device_id: i-1212f003 ip: 93.184.216.119 state: absent - name: disassociate an elastic IP with a device - ec2_eip: + community.aws.ec2_eip: device_id: eni-c8ad70f3 ip: 93.184.216.119 state: absent - name: allocate a new elastic IP and associate it with an instance - ec2_eip: + community.aws.ec2_eip: device_id: i-1212f003 - name: allocate a new elastic IP without associating it to anything - ec2_eip: + community.aws.ec2_eip: state: present register: eip @@ -140,7 +140,7 @@ msg: "Allocated IP is {{ eip.public_ip }}" - name: provision new instances with ec2 - ec2: + amazon.aws.ec2: keypair: mykey instance_type: c1.medium image: ami-40603AD1 @@ -150,12 +150,12 @@ register: ec2 - name: associate new elastic IPs with each of the instances - ec2_eip: + community.aws.ec2_eip: device_id: "{{ item }}" loop: "{{ ec2.instance_ids }}" - name: allocate a new elastic IP inside a VPC in us-west-2 - ec2_eip: + community.aws.ec2_eip: region: us-west-2 in_vpc: true register: eip @@ -165,14 +165,14 @@ msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" - name: allocate eip - reuse unallocated ips (if found) with FREE tag - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true tag_name: FREE -- name: allocate eip - reuse unallocted ips if tag reserved is nope - ec2_eip: +- name: allocate eip - reuse unallocated ips if tag reserved is nope + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true @@ -180,13 +180,13 @@ tag_value: nope - name: allocate new eip - from servers given ipv4 pool - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: allocate eip - from a given pool (if no free addresses where dev-servers tag is dynamic) - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true @@ -194,7 +194,7 @@ public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: allocate eip from pool - check if tag reserved_for exists and value is our hostname - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true diff --git a/plugins/modules/ec2_eip_info.py b/plugins/modules/ec2_eip_info.py index 61c3a49ad8a..4c2f8c6756d 100644 --- a/plugins/modules/ec2_eip_info.py +++ b/plugins/modules/ec2_eip_info.py @@ -29,38 +29,39 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. -# List all EIP addresses in the current region. -- ec2_eip_info: +- name: List all EIP addresses in the current region. + community.aws.ec2_eip_info: register: regional_eip_addresses -# List all EIP addresses for a VM. -- ec2_eip_info: +- name: List all EIP addresses for a VM. + community.aws.ec2_eip_info: filters: instance-id: i-123456789 register: my_vm_eips -- debug: msg="{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" +- debug: + msg: "{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" -# List all EIP addresses for several VMs. -- ec2_eip_info: +- name: List all EIP addresses for several VMs. + community.aws.ec2_eip_info: filters: instance-id: - i-123456789 - i-987654321 register: my_vms_eips -# List all EIP addresses using the 'Name' tag as a filter. -- ec2_eip_info: +- name: List all EIP addresses using the 'Name' tag as a filter. + community.aws.ec2_eip_info: filters: tag:Name: www.example.com register: my_vms_eips -# List all EIP addresses using the Allocation-id as a filter -- ec2_eip_info: +- name: List all EIP addresses using the Allocation-id as a filter + community.aws.ec2_eip_info: filters: allocation-id: eipalloc-64de1b01 register: my_vms_eips diff --git a/plugins/modules/ec2_elb.py b/plugins/modules/ec2_elb.py index f820453a2d8..9ae1dc08b58 100644 --- a/plugins/modules/ec2_elb.py +++ b/plugins/modules/ec2_elb.py @@ -59,19 +59,15 @@ EXAMPLES = """ # basic pre_task and post_task example pre_tasks: - - name: Gathering ec2 facts - action: ec2_facts - name: Instance De-register - local_action: - module: ec2_elb + community.aws.ec2_elb: instance_id: "{{ ansible_ec2_instance_id }}" state: absent roles: - myrole post_tasks: - name: Instance Register - local_action: - module: ec2_elb + community.aws.ec2_elb: instance_id: "{{ ansible_ec2_instance_id }}" ec2_elbs: "{{ item }}" state: present diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index 215483a093f..bf753c2cbf6 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -40,38 +40,31 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Output format tries to match ec2_elb_lb module input parameters +# Output format tries to match amazon.aws.ec2_elb_lb module input parameters -# Gather information about all ELBs -- action: - module: ec2_elb_info +- name: Gather information about all ELBs + ec2_elb_info: register: elb_info - -- action: - module: debug +- debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" -# Gather information about a particular ELB -- action: - module: ec2_elb_info +- name: Gather information about a particular ELB + community.aws.ec2_elb_info: names: frontend-prod-elb register: elb_info -- action: - module: debug +- debug: msg: "{{ elb_info.elbs.0.dns_name }}" -# Gather information about a set of ELBs -- action: - module: ec2_elb_info +- name: Gather information about a set of ELBs + ec2_elb_info: names: - frontend-prod-elb - backend-prod-elb register: elb_info -- action: - module: debug +- debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index 4238a7c15e7..8a682c56e12 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -14,7 +14,7 @@ - Create and manage AWS EC2 instances. - > Note: This module does not support creating - L(EC2 Spot instances,https://aws.amazon.com/ec2/spot/). The M(ec2) module + L(EC2 Spot instances,https://aws.amazon.com/ec2/spot/). The M(amazon.aws.ec2) module can create and manage spot instances. author: - Ryan Scott Brown (@ryansb) @@ -82,7 +82,7 @@ type: bool image: description: - - An image to use for the instance. The M(ec2_ami_info) module may be used to retrieve images. + - An image to use for the instance. The M(amazon.aws.ec2_ami_info) module may be used to retrieve images. One of I(image) or I(image_id) are required when instance is not already present. type: dict suboptions: @@ -117,14 +117,14 @@ vpc_subnet_id: description: - The subnet ID in which to launch the instance (VPC) - If none is provided, ec2_instance will chose the default zone of the default VPC. + If none is provided, M(community.aws.ec2_instance) will chose the default zone of the default VPC. aliases: ['subnet_id'] type: str network: description: - Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface. - - Use the ec2_eni module to create ENIs with special settings. + - Use the M(amazon.aws.ec2_eni) module to create ENIs with special settings. type: dict suboptions: interfaces: @@ -282,20 +282,20 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Terminate every running instance in a region. Use with EXTREME caution. -- ec2_instance: +- name: Terminate every running instance in a region. Use with EXTREME caution. + community.aws.ec2_instance: state: absent filters: instance-state-name: running -# restart a particular instance by its ID -- ec2_instance: +- name: restart a particular instance by its ID + community.aws.ec2_instance: state: restarted instance_ids: - i-12345678 -# start an instance with a public IP address -- ec2_instance: +- name: start an instance with a public IP address + community.aws.ec2_instance: name: "public-compute-instance" key_name: "prod-ssh-key" vpc_subnet_id: subnet-5ca1ab1e @@ -307,8 +307,8 @@ tags: Environment: Testing -# start an instance and Add EBS -- ec2_instance: +- name: start an instance and Add EBS + community.aws.ec2_instance: name: "public-withebs-instance" vpc_subnet_id: subnet-5ca1ab1e instance_type: t2.micro @@ -320,8 +320,8 @@ volume_size: 16 delete_on_termination: true -# start an instance with a cpu_options -- ec2_instance: +- name: start an instance with a cpu_options + community.aws.ec2_instance: name: "public-cpuoption-instance" vpc_subnet_id: subnet-5ca1ab1e tags: @@ -335,8 +335,8 @@ core_count: 1 threads_per_core: 1 -# start an instance and have it begin a Tower callback on boot -- ec2_instance: +- name: start an instance and have it begin a Tower callback on boot + community.aws.ec2_instance: name: "tower-callback-test" key_name: "prod-ssh-key" vpc_subnet_id: subnet-5ca1ab1e @@ -353,8 +353,8 @@ tags: SomeThing: "A value" -# start an instance with ENI (An existing ENI ID is required) -- ec2_instance: +- name: start an instance with ENI (An existing ENI ID is required) + community.aws.ec2_instance: name: "public-eni-instance" key_name: "prod-ssh-key" vpc_subnet_id: subnet-5ca1ab1e @@ -370,8 +370,8 @@ instance_type: t2.micro image_id: ami-123456 -# add second ENI interface -- ec2_instance: +- name: add second ENI interface + community.aws.ec2_instance: name: "public-eni-instance" network: interfaces: diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index d2da8b96b6f..e94aaa74b21 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -41,26 +41,26 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Gather information about all instances -- ec2_instance_info: +- name: Gather information about all instances + community.aws.ec2_instance_info: -# Gather information about all instances in AZ ap-southeast-2a -- ec2_instance_info: +- name: Gather information about all instances in AZ ap-southeast-2a + community.aws.ec2_instance_info: filters: availability-zone: ap-southeast-2a -# Gather information about a particular instance using ID -- ec2_instance_info: +- name: Gather information about a particular instance using ID + community.aws.ec2_instance_info: instance_ids: - i-12345678 -# Gather information about any instance with a tag key Name and value Example -- ec2_instance_info: +- name: Gather information about any instance with a tag key Name and value Example + community.aws.ec2_instance_info: filters: "tag:Name": Example -# Gather information about any instance in states "shutting-down", "stopping", "stopped" -- ec2_instance_info: +- name: Gather information about any instance in states "shutting-down", "stopping", "stopped" + community.aws.ec2_instance_info: filters: instance-state-name: [ "shutting-down", "stopping", "stopped" ] diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index d80a226f155..5c1a993dd58 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -12,7 +12,7 @@ description: - Create, modify, and delete EC2 Launch Templates, which can be used to create individual instances or with Autoscaling Groups. - - The I(ec2_instance) and I(ec2_asg) modules can, instead of specifying all + - The M(community.aws.ec2_instance) and M(community.aws.ec2_asg) modules can, instead of specifying all parameters on those tasks, be passed a Launch Template which contains settings like instance size, disk type, subnet, and more. requirements: @@ -219,7 +219,7 @@ type: str key_name: description: - - The name of the key pair. You can create a key pair using M(ec2_key). + - The name of the key pair. You can create a key pair using M(amazon.aws.ec2_key). - If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in. @@ -326,7 +326,7 @@ EXAMPLES = ''' - name: Create an ec2 launch template - ec2_launch_template: + community.aws.ec2_launch_template: name: "my_template" image_id: "ami-04b762b4289fba92b" key_name: my_ssh_key @@ -337,13 +337,13 @@ - name: > Create a new version of an existing ec2 launch template with a different instance type, while leaving an older version as the default version - ec2_launch_template: + community.aws.ec2_launch_template: name: "my_template" default_version: 1 instance_type: c5.4xlarge - name: Delete an ec2 launch template - ec2_launch_template: + community.aws.ec2_launch_template: name: "my_template" state: absent diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index 8e13c7ab13e..a8e6d87378a 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -194,7 +194,7 @@ # create a launch configuration using an AMI image and instance type as a basis - name: note that encrypted volumes are only supported in >= Ansible 2.4 - ec2_lc: + community.aws.ec2_lc: name: special image_id: ami-XXX key_name: default @@ -210,9 +210,8 @@ - device_name: /dev/sdb ephemeral: ephemeral0 -# create a launch configuration using a running instance id as a basis - -- ec2_lc: +- name: create a launch configuration using a running instance id as a basis + community.aws.ec2_lc: name: special instance_id: i-00a48b207ec59e948 key_name: default @@ -224,9 +223,8 @@ iops: 3000 delete_on_termination: true -# create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image - -- ec2_lc: +- name: create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image + community.aws.ec2_lc: name: special image_id: ami-XXX key_name: default @@ -250,7 +248,7 @@ encrypted: no - name: Create launch configuration - ec2_lc: + community.aws.ec2_lc: name: lc1 image_id: ami-xxxx assign_public_ip: yes diff --git a/plugins/modules/ec2_lc_find.py b/plugins/modules/ec2_lc_find.py index 043df722367..b1c457b945a 100644 --- a/plugins/modules/ec2_lc_find.py +++ b/plugins/modules/ec2_lc_find.py @@ -49,8 +49,8 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Search for the Launch Configurations that start with "app" -- ec2_lc_find: +- name: Search for the Launch Configurations that start with "app" + community.aws.ec2_lc_find: name_regex: app.* sort_order: descending limit: 2 diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 5e032332af3..8e1cf258851 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -54,15 +54,15 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Gather information about all launch configurations -- ec2_lc_info: +- name: Gather information about all launch configurations + community.aws.ec2_lc_info: -# Gather information about launch configuration with name "example" -- ec2_lc_info: +- name: Gather information about launch configuration with name "example" + community.aws.ec2_lc_info: name: example -# Gather information sorted by created_time from most recent to least recent -- ec2_lc_info: +- name: Gather information sorted by created_time from most recent to least recent + community.aws.ec2_lc_info: sort: created_time sort_order: descending ''' diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index debc170c123..42791c518bb 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -167,7 +167,7 @@ EXAMPLES = ''' - name: create alarm - ec2_metric_alarm: + community.aws.ec2_metric_alarm: state: present region: ap-southeast-2 name: "cpu-low" @@ -184,7 +184,7 @@ alarm_actions: ["action1","action2"] - name: Create an alarm to recover a failed instance - ec2_metric_alarm: + community.aws.ec2_metric_alarm: state: present region: us-west-1 name: "recover-instance" diff --git a/plugins/modules/ec2_placement_group.py b/plugins/modules/ec2_placement_group.py index 4298c6522ec..b95069065aa 100644 --- a/plugins/modules/ec2_placement_group.py +++ b/plugins/modules/ec2_placement_group.py @@ -46,19 +46,19 @@ # Note: These examples do not set authentication details, see the AWS Guide # for details. -# Create a placement group. -- ec2_placement_group: +- name: Create a placement group. + community.aws.ec2_placement_group: name: my-cluster state: present -# Create a Spread placement group. -- ec2_placement_group: +- name: Create a Spread placement group. + community.aws.ec2_placement_group: name: my-cluster state: present strategy: spread -# Delete a placement group. -- ec2_placement_group: +- name: Delete a placement group. + community.aws.ec2_placement_group: name: my-cluster state: absent diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index 33be33516d9..e9fa6338bad 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -29,22 +29,23 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. -# List all placement groups. -- ec2_placement_group_info: +- name: List all placement groups. + community.aws.ec2_placement_group_info: register: all_ec2_placement_groups -# List two placement groups. -- ec2_placement_group_info: +- name: List two placement groups. + community.aws.ec2_placement_group_info: names: - my-cluster - my-other-cluster register: specific_ec2_placement_groups -- debug: msg="{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" +- debug: + msg: "{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" ''' diff --git a/plugins/modules/ec2_scaling_policy.py b/plugins/modules/ec2_scaling_policy.py index 7beb95c0a0c..540b70527df 100644 --- a/plugins/modules/ec2_scaling_policy.py +++ b/plugins/modules/ec2_scaling_policy.py @@ -54,7 +54,7 @@ ''' EXAMPLES = ''' -- ec2_scaling_policy: +- community.aws.ec2_scaling_policy: state: present region: US-XXX name: "scaledown-policy" diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 38b22315a2f..68378d3b9c3 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -61,14 +61,14 @@ ''' EXAMPLES = ''' -# Basic Snapshot Copy -- ec2_snapshot_copy: +- name: Basic Snapshot Copy + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx -# Copy Snapshot and wait until available -- ec2_snapshot_copy: +- name: Copy Snapshot and wait until available + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx @@ -76,23 +76,23 @@ wait_timeout: 1200 # Default timeout is 600 register: snapshot_id -# Tagged Snapshot copy -- ec2_snapshot_copy: +- name: Tagged Snapshot copy + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx tags: Name: Snapshot-Name -# Encrypted Snapshot copy -- ec2_snapshot_copy: +- name: Encrypted Snapshot copy + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx encrypted: yes -# Encrypted Snapshot copy with specified key -- ec2_snapshot_copy: +- name: Encrypted Snapshot copy with specified key + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx diff --git a/plugins/modules/ec2_transit_gateway.py b/plugins/modules/ec2_transit_gateway.py index 4f2f4dbd0c0..b75eb5510a4 100644 --- a/plugins/modules/ec2_transit_gateway.py +++ b/plugins/modules/ec2_transit_gateway.py @@ -89,14 +89,14 @@ EXAMPLES = ''' - name: Create a new transit gateway using defaults - ec2_transit_gateway: + community.aws.ec2_transit_gateway: state: present region: us-east-1 description: personal-testing register: created_tgw - name: Create a new transit gateway with options - ec2_transit_gateway: + community.aws.ec2_transit_gateway: asn: 64514 auto_associate: no auto_propagate: no @@ -110,13 +110,13 @@ status: testing - name: Remove a transit gateway by description - ec2_transit_gateway: + community.aws.ec2_transit_gateway: state: absent region: us-east-1 description: personal-testing - name: Remove a transit gateway by id - ec2_transit_gateway: + community.aws.ec2_transit_gateway: state: absent region: ap-southeast-2 transit_gateway_id: tgw-3a9aa123 diff --git a/plugins/modules/ec2_transit_gateway_info.py b/plugins/modules/ec2_transit_gateway_info.py index d0f1409a2b5..7e5f69c5917 100644 --- a/plugins/modules/ec2_transit_gateway_info.py +++ b/plugins/modules/ec2_transit_gateway_info.py @@ -36,22 +36,22 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Gather info about all transit gateways -- ec2_transit_gateway_info: +- name: Gather info about all transit gateways + community.aws.ec2_transit_gateway_info: -# Gather info about a particular transit gateway using filter transit gateway ID -- ec2_transit_gateway_info: +- name: Gather info about a particular transit gateway using filter transit gateway ID + community.aws.ec2_transit_gateway_info: filters: transit-gateway-id: tgw-02c42332e6b7da829 -# Gather info about a particular transit gateway using multiple option filters -- ec2_transit_gateway_info: +- name: Gather info about a particular transit gateway using multiple option filters + community.aws.ec2_transit_gateway_info: filters: options.dns-support: enable options.vpn-ecmp-support: enable -# Gather info about multiple transit gateways using module param -- ec2_transit_gateway_info: +- name: Gather info about multiple transit gateways using module param + community.aws.ec2_transit_gateway_info: transit_gateway_ids: - tgw-02c42332e6b7da829 - tgw-03c53443d5a8cb716 diff --git a/plugins/modules/ec2_vpc_egress_igw.py b/plugins/modules/ec2_vpc_egress_igw.py index 9b4040484c3..e93ce7791e9 100644 --- a/plugins/modules/ec2_vpc_egress_igw.py +++ b/plugins/modules/ec2_vpc_egress_igw.py @@ -36,10 +36,10 @@ # Ensure that the VPC has an Internet Gateway. # The Internet Gateway ID is can be accessed via {{eigw.gateway_id}} for use in setting up NATs etc. -ec2_vpc_egress_igw: - vpc_id: vpc-abcdefgh - state: present -register: eigw +- community.aws.ec2_vpc_egress_igw: + vpc_id: vpc-abcdefgh + state: present + register: eigw ''' diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 1b89387bf36..7978c48dfde 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -22,7 +22,7 @@ type: str service: description: - - An AWS supported vpc endpoint service. Use the M(ec2_vpc_endpoint_info) + - An AWS supported vpc endpoint service. Use the M(community.aws.ec2_vpc_endpoint_info) module to describe the supported endpoint services. - Required when creating an endpoint. required: false @@ -99,7 +99,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new vpc endpoint with a json template for policy - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: present region: ap-southeast-2 vpc_id: vpc-12345678 @@ -111,7 +111,7 @@ register: new_vpc_endpoint - name: Create new vpc endpoint with the default policy - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: present region: ap-southeast-2 vpc_id: vpc-12345678 @@ -122,7 +122,7 @@ register: new_vpc_endpoint - name: Create new vpc endpoint with json file - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: present region: ap-southeast-2 vpc_id: vpc-12345678 @@ -134,7 +134,7 @@ register: new_vpc_endpoint - name: Delete newly created vpc endpoint - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ new_vpc_endpoint.result['VpcEndpointId'] }}" region: ap-southeast-2 diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index 75ceb6b9bc7..0f23ca53217 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -43,19 +43,19 @@ EXAMPLES = ''' # Simple example of listing all support AWS services for VPC endpoints - name: List supported AWS endpoint services - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: services region: ap-southeast-2 register: supported_endpoint_services - name: Get all endpoints in ap-southeast-2 region - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: endpoints region: ap-southeast-2 register: existing_endpoints - name: Get all endpoints with specific filters - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: endpoints region: ap-southeast-2 filters: @@ -68,7 +68,7 @@ register: existing_endpoints - name: Get details on specific endpoint - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: endpoints region: ap-southeast-2 vpc_endpoint_ids: diff --git a/plugins/modules/ec2_vpc_igw.py b/plugins/modules/ec2_vpc_igw.py index 0c85169c7d7..6b1a69911d4 100644 --- a/plugins/modules/ec2_vpc_igw.py +++ b/plugins/modules/ec2_vpc_igw.py @@ -44,10 +44,10 @@ # Ensure that the VPC has an Internet Gateway. # The Internet Gateway ID is can be accessed via {{igw.gateway_id}} for use in setting up NATs etc. -ec2_vpc_igw: - vpc_id: vpc-abcdefgh - state: present -register: igw +- community.aws.ec2_vpc_igw: + vpc_id: vpc-abcdefgh + state: present + register: igw ''' diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index 29845d2ccf5..dcc07a4349b 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -36,13 +36,13 @@ # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all Internet Gateways for an account or profile - ec2_vpc_igw_info: + community.aws.ec2_vpc_igw_info: region: ap-southeast-2 profile: production register: igw_info - name: Gather information about a filtered list of Internet Gateways - ec2_vpc_igw_info: + community.aws.ec2_vpc_igw_info: region: ap-southeast-2 profile: production filters: @@ -50,7 +50,7 @@ register: igw_info - name: Gather information about a specific internet gateway by InternetGatewayId - ec2_vpc_igw_info: + community.aws.ec2_vpc_igw_info: region: ap-southeast-2 profile: production internet_gateway_ids: igw-c1231234 diff --git a/plugins/modules/ec2_vpc_nacl.py b/plugins/modules/ec2_vpc_nacl.py index 23130310720..5c14fec8040 100644 --- a/plugins/modules/ec2_vpc_nacl.py +++ b/plugins/modules/ec2_vpc_nacl.py @@ -86,7 +86,7 @@ # Complete example to create and delete a network ACL # that allows SSH, HTTP and ICMP in, and all traffic out. - name: "Create and associate production DMZ network ACL with DMZ subnets" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: vpc-12345678 name: prod-dmz-nacl region: ap-southeast-2 @@ -106,7 +106,7 @@ state: 'present' - name: "Remove the ingress and egress rules - defaults to deny all" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: vpc-12345678 name: prod-dmz-nacl region: ap-southeast-2 @@ -120,20 +120,20 @@ state: present - name: "Remove the NACL subnet associations and tags" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: 'vpc-12345678' name: prod-dmz-nacl region: ap-southeast-2 state: present - name: "Delete nacl and subnet associations" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: vpc-12345678 name: prod-dmz-nacl state: absent - name: "Delete nacl by its id" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: nacl_id: acl-33b4ee5b state: absent ''' diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index d4c0c431465..31b1099b04c 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -44,17 +44,17 @@ # Gather information about all Network ACLs: - name: Get All NACLs - register: all_nacls - ec2_vpc_nacl_info: + community.aws.ec2_vpc_nacl_info: region: us-west-2 + register: all_nacls # Retrieve default Network ACLs: - name: Get Default NACLs - register: default_nacls - ec2_vpc_nacl_info: + community.aws.ec2_vpc_nacl_info: region: us-west-2 filters: 'default': 'true' + register: default_nacls ''' RETURN = ''' diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index d8ee5167b67..306c8ac49c4 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -84,7 +84,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new nat gateway with client token. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 eip_address: 52.1.1.1 @@ -93,7 +93,7 @@ register: new_nat_gateway - name: Create new nat gateway using an allocation-id. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 allocation_id: eipalloc-12345678 @@ -101,7 +101,7 @@ register: new_nat_gateway - name: Create new nat gateway, using an EIP address and wait for available status. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 eip_address: 52.1.1.1 @@ -110,7 +110,7 @@ register: new_nat_gateway - name: Create new nat gateway and allocate new EIP. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 wait: true @@ -118,7 +118,7 @@ register: new_nat_gateway - name: Create new nat gateway and allocate new EIP if a nat gateway does not yet exist in the subnet. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 wait: true @@ -127,7 +127,7 @@ register: new_nat_gateway - name: Delete nat gateway using discovered nat gateways from facts module. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: absent region: ap-southeast-2 wait: true @@ -137,7 +137,7 @@ loop: "{{ gateways_to_remove.result }}" - name: Delete nat gateway and wait for deleted status. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: absent nat_gateway_id: nat-12345678 wait: true @@ -145,7 +145,7 @@ region: ap-southeast-2 - name: Delete nat gateway and release EIP. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: absent nat_gateway_id: nat-12345678 release_eip: true diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index 85f96cc7340..83fb9b0f182 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -35,7 +35,7 @@ EXAMPLES = ''' # Simple example of listing all nat gateways - name: List all managed nat gateways in ap-southeast-2 - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: region: ap-southeast-2 register: all_ngws @@ -44,7 +44,7 @@ msg: "{{ all_ngws.result }}" - name: Get details on specific nat gateways - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: nat_gateway_ids: - nat-1234567891234567 - nat-7654321987654321 @@ -52,14 +52,14 @@ register: specific_ngws - name: Get all nat gateways with specific filters - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: region: ap-southeast-2 filters: state: ['pending'] register: pending_ngws - name: Get nat gateways with specific filter - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: region: ap-southeast-2 filters: subnet-id: subnet-12345678 diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index c029eb5afa0..b8e263c1242 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -61,7 +61,7 @@ EXAMPLES = ''' # Complete example to create and accept a local peering connection. - name: Create local account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -73,7 +73,7 @@ register: vpc_peer - name: Accept local VPC peering request - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" state: accept @@ -81,7 +81,7 @@ # Complete example to delete a local peering connection. - name: Create local account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -93,7 +93,7 @@ register: vpc_peer - name: delete a local VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" state: absent @@ -101,7 +101,7 @@ # Complete example to create and accept a cross account peering connection. - name: Create cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-12345678 @@ -114,7 +114,7 @@ register: vpc_peer - name: Accept peering connection from remote account - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" profile: bot03_profile_for_cross_account @@ -123,7 +123,7 @@ # Complete example to create and accept an intra-region peering connection. - name: Create intra-region VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: us-east-1 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -136,7 +136,7 @@ register: vpc_peer - name: Accept peering connection from peer region - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: us-west-2 peering_id: "{{ vpc_peer.peering_id }}" state: accept @@ -144,7 +144,7 @@ # Complete example to create and reject a local peering connection. - name: Create local account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -156,14 +156,14 @@ register: vpc_peer - name: Reject a local VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" state: reject # Complete example to create and accept a cross account peering connection. - name: Create cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-12345678 @@ -176,7 +176,7 @@ register: vpc_peer - name: Accept a cross account VPC peering connection request - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" profile: bot03_profile_for_cross_account @@ -188,7 +188,7 @@ # Complete example to create and reject a cross account peering connection. - name: Create cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-12345678 @@ -201,7 +201,7 @@ register: vpc_peer - name: Reject a cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" profile: bot03_profile_for_cross_account diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index 75af1b65613..8472fc4f58c 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -35,7 +35,7 @@ EXAMPLES = ''' # Simple example of listing all VPC Peers - name: List all vpc peers - ec2_vpc_peering_info: + community.aws.ec2_vpc_peering_info: region: ap-southeast-2 register: all_vpc_peers @@ -44,7 +44,7 @@ msg: "{{ all_vpc_peers.result }}" - name: Get details on specific VPC peer - ec2_vpc_peering_info: + community.aws.ec2_vpc_peering_info: peer_connection_ids: - pcx-12345678 - pcx-87654321 @@ -52,7 +52,7 @@ register: all_vpc_peers - name: Get all vpc peers with specific filters - ec2_vpc_peering_info: + community.aws.ec2_vpc_peering_info: region: ap-southeast-2 filters: status-code: ['pending-acceptance'] diff --git a/plugins/modules/ec2_vpc_route_table.py b/plugins/modules/ec2_vpc_route_table.py index 442efca01d7..0b8230ac7e1 100644 --- a/plugins/modules/ec2_vpc_route_table.py +++ b/plugins/modules/ec2_vpc_route_table.py @@ -85,7 +85,7 @@ # Basic creation example: - name: Set up public subnet route table - ec2_vpc_route_table: + community.aws.ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 tags: @@ -100,7 +100,7 @@ register: public_route_table - name: Set up NAT-protected route table - ec2_vpc_route_table: + community.aws.ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 tags: @@ -115,7 +115,7 @@ register: nat_route_table - name: delete route table - ec2_vpc_route_table: + community.aws.ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 route_table_id: "{{ route_table.id }}" diff --git a/plugins/modules/ec2_vpc_route_table_info.py b/plugins/modules/ec2_vpc_route_table_info.py index acb203f1eab..4823f2db49e 100644 --- a/plugins/modules/ec2_vpc_route_table_info.py +++ b/plugins/modules/ec2_vpc_route_table_info.py @@ -29,21 +29,21 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Gather information about all VPC route tables -- ec2_vpc_route_table_info: +- name: Gather information about all VPC route tables + community.aws.ec2_vpc_route_table_info: -# Gather information about a particular VPC route table using route table ID -- ec2_vpc_route_table_info: +- name: Gather information about a particular VPC route table using route table ID + community.aws.ec2_vpc_route_table_info: filters: route-table-id: rtb-00112233 -# Gather information about any VPC route table with a tag key Name and value Example -- ec2_vpc_route_table_info: +- name: Gather information about any VPC route table with a tag key Name and value Example + community.aws.ec2_vpc_route_table_info: filters: "tag:Name": Example -# Gather information about any VPC route table within VPC with ID vpc-abcdef00 -- ec2_vpc_route_table_info: +- name: Gather information about any VPC route table within VPC with ID vpc-abcdef00 + community.aws.ec2_vpc_route_table_info: filters: vpc-id: vpc-abcdef00 diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index 004a64c394c..d1ea852d0e3 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -64,7 +64,7 @@ EXAMPLES = ''' - name: Create a new vgw attached to a specific VPC - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: present region: ap-southeast-2 profile: personal @@ -74,7 +74,7 @@ register: created_vgw - name: Create a new unattached vgw - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: present region: ap-southeast-2 profile: personal @@ -86,7 +86,7 @@ register: created_vgw - name: Remove a new vgw using the name - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: absent region: ap-southeast-2 profile: personal @@ -95,7 +95,7 @@ register: deleted_vgw - name: Remove a new vgw using the vpn_gateway_id - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: absent region: ap-southeast-2 profile: personal diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index a8c8da426c9..d526b54a372 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -36,13 +36,13 @@ # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all virtual gateways for an account or profile - ec2_vpc_vgw_info: + community.aws.ec2_vpc_vgw_info: region: ap-southeast-2 profile: production register: vgw_info - name: Gather information about a filtered list of Virtual Gateways - ec2_vpc_vgw_info: + community.aws.ec2_vpc_vgw_info: region: ap-southeast-2 profile: production filters: @@ -50,7 +50,7 @@ register: vgw_info - name: Gather information about a specific virtual gateway by VpnGatewayIds - ec2_vpc_vgw_info: + community.aws.ec2_vpc_vgw_info: region: ap-southeast-2 profile: production vpn_gateway_ids: vgw-c432f6a7 diff --git a/plugins/modules/ec2_vpc_vpn.py b/plugins/modules/ec2_vpc_vpn.py index c344cc8e73e..4d0f06fb5a3 100644 --- a/plugins/modules/ec2_vpc_vpn.py +++ b/plugins/modules/ec2_vpc_vpn.py @@ -145,13 +145,13 @@ # It is assumed that their matching environment variables are set. - name: create a VPN connection - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present vpn_gateway_id: vgw-XXXXXXXX customer_gateway_id: cgw-XXXXXXXX - name: modify VPN connection tags - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present vpn_connection_id: vpn-XXXXXXXX tags: @@ -159,12 +159,12 @@ Other: ansible-tag-2 - name: delete a connection - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: vpn_connection_id: vpn-XXXXXXXX state: absent - name: modify VPN tags (identifying VPN by filters) - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present filters: cidr: 194.168.1.0/24 @@ -177,7 +177,7 @@ static_only: true - name: set up VPN with tunnel options utilizing 'TunnelInsideCidr' only - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present filters: vpn: vpn-XXXXXXXX @@ -189,7 +189,7 @@ TunnelInsideCidr: '169.254.100.5/30' - name: add routes and remove any preexisting ones - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present filters: vpn: vpn-XXXXXXXX @@ -199,14 +199,14 @@ purge_routes: true - name: remove all routes - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present vpn_connection_id: vpn-XXXXXXXX routes: [] purge_routes: true - name: delete a VPN identified by filters - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: absent filters: tags: diff --git a/plugins/modules/ec2_vpc_vpn_info.py b/plugins/modules/ec2_vpc_vpn_info.py index 427b4b8cec8..f34ddb8a937 100644 --- a/plugins/modules/ec2_vpc_vpn_info.py +++ b/plugins/modules/ec2_vpc_vpn_info.py @@ -37,16 +37,16 @@ EXAMPLES = ''' # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all vpn connections - ec2_vpc_vpn_info: + community.aws.ec2_vpc_vpn_info: - name: Gather information about a filtered list of vpn connections, based on tags - ec2_vpc_vpn_info: + community.aws.ec2_vpc_vpn_info: filters: "tag:Name": test-connection register: vpn_conn_info - name: Gather information about vpn connections by specifying connection IDs. - ec2_vpc_vpn_info: + community.aws.ec2_vpc_vpn_info: filters: vpn-gateway-id: vgw-cbe66beb register: vpn_conn_info diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index 782ff16829c..9ae8cd52dc8 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -64,7 +64,7 @@ EXAMPLES = ''' # Example of getting a password - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 @@ -72,7 +72,7 @@ # Example of getting a password using a variable - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 @@ -80,7 +80,7 @@ # Example of getting a password with a password protected key - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 @@ -89,7 +89,7 @@ # Example of waiting for a password - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index 67b1664305e..37faa28ac03 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -62,8 +62,8 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Set attributes -- ecs_attribute: +- name: Set attributes + community.aws.ecs_attribute: state: present cluster: test-cluster ec2_instance_id: "{{ ec2_id }}" @@ -72,8 +72,8 @@ - migrated delegate_to: localhost -# Delete attributes -- ecs_attribute: +- name: Delete attributes + community.aws.ecs_attribute: state: absent cluster: test-cluster ec2_instance_id: "{{ ec2_id }}" diff --git a/plugins/modules/ecs_cluster.py b/plugins/modules/ecs_cluster.py index bf41601b011..3610dcc6a6e 100644 --- a/plugins/modules/ecs_cluster.py +++ b/plugins/modules/ecs_cluster.py @@ -50,18 +50,18 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Cluster creation -- ecs_cluster: +- name: Cluster creation + community.aws.ecs_cluster: name: default state: present -# Cluster deletion -- ecs_cluster: +- name: Cluster deletion + community.aws.ecs_cluster: name: default state: absent - name: Wait for register - ecs_cluster: + community.aws.ecs_cluster: name: "{{ new_cluster }}" state: has_instances delay: 10 diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index de9ab574fdb..23e1018c1f7 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -85,16 +85,21 @@ # If the repository does not exist, it is created. If it does exist, would not # affect any policies already on it. - name: ecr-repo - ecs_ecr: name=super/cool + community.aws.ecs_ecr: + name: super/cool - name: destroy-ecr-repo - ecs_ecr: name=old/busted state=absent + community.aws.ecs_ecr: + name: old/busted + state: absent - name: Cross account ecr-repo - ecs_ecr: registry_id=999999999999 name=cross/account + community.aws.ecs_ecr: + registry_id: 999999999999 + name: cross/account - name: set-policy as object - ecs_ecr: + community.aws.ecs_ecr: name: needs-policy-object policy: Version: '2008-10-17' @@ -109,22 +114,22 @@ - ecr:BatchCheckLayerAvailability - name: set-policy as string - ecs_ecr: + community.aws.ecs_ecr: name: needs-policy-string policy: "{{ lookup('template', 'policy.json.j2') }}" - name: delete-policy - ecs_ecr: + community.aws.ecs_ecr: name: needs-no-policy purge_policy: yes - name: create immutable ecr-repo - ecs_ecr: + community.aws.ecs_ecr: name: super/cool image_tag_mutability: immutable - name: set-lifecycle-policy - ecs_ecr: + community.aws.ecs_ecr: name: needs-lifecycle-policy lifecycle_policy: rules: @@ -139,7 +144,7 @@ type: expire - name: purge-lifecycle-policy - ecs_ecr: + community.aws.ecs_ecr: name: needs-no-lifecycle-policy purge_lifecycle_policy: true ''' diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index 7761d3d3a26..ddb2b8c1bba 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -195,7 +195,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic provisioning example -- ecs_service: +- community.aws.ecs_service: state: present name: console-test-service cluster: new_cluster @@ -203,7 +203,7 @@ desired_count: 0 - name: create ECS service on VPC network - ecs_service: + community.aws.ecs_service: state: present name: console-test-service cluster: new_cluster @@ -217,13 +217,13 @@ - my_security_group # Simple example to delete -- ecs_service: +- community.aws.ecs_service: name: default state: absent cluster: new_cluster # With custom deployment configuration (added in version 2.3), placement constraints and strategy (added in version 2.4) -- ecs_service: +- community.aws.ecs_service: state: present name: test-service cluster: test-cluster diff --git a/plugins/modules/ecs_service_info.py b/plugins/modules/ecs_service_info.py index e7628d36881..9843f638d55 100644 --- a/plugins/modules/ecs_service_info.py +++ b/plugins/modules/ecs_service_info.py @@ -13,7 +13,7 @@ description: - Lists or describes services in ECS. - This module was called C(ecs_service_facts) before Ansible 2.9, returning C(ansible_facts). - Note that the M(ecs_service_info) module no longer returns C(ansible_facts)! + Note that the M(community.aws.ecs_service_info) module no longer returns C(ansible_facts)! author: - "Mark Chance (@Java1Guy)" - "Darek Kaczynski (@kaczynskid)" @@ -52,14 +52,14 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic listing example -- ecs_service_info: +- community.aws.ecs_service_info: cluster: test-cluster service: console-test-service details: true register: output # Basic listing example -- ecs_service_info: +- community.aws.ecs_service_info: cluster: test-cluster register: output ''' diff --git a/plugins/modules/ecs_tag.py b/plugins/modules/ecs_tag.py index fd49461fb07..a3c16d74681 100644 --- a/plugins/modules/ecs_tag.py +++ b/plugins/modules/ecs_tag.py @@ -59,7 +59,7 @@ EXAMPLES = r''' - name: Ensure tags are present on a resource - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster state: present @@ -68,7 +68,7 @@ env: prod - name: Remove the Env tag - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster tags: @@ -76,7 +76,7 @@ state: absent - name: Remove the Env tag if it's currently 'development' - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster tags: @@ -84,7 +84,7 @@ state: absent - name: Remove all tags except for Name from a cluster - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster tags: diff --git a/plugins/modules/ecs_task.py b/plugins/modules/ecs_task.py index 1f831a413ea..c11c6b2a792 100644 --- a/plugins/modules/ecs_task.py +++ b/plugins/modules/ecs_task.py @@ -90,7 +90,7 @@ EXAMPLES = ''' # Simple example of run task - name: Run task - ecs_task: + community.aws.ecs_task: operation: run cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -101,7 +101,7 @@ # Simple example of start task - name: Start a task - ecs_task: + community.aws.ecs_task: operation: start cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -123,7 +123,7 @@ register: task_output - name: RUN a task on Fargate - ecs_task: + community.aws.ecs_task: operation: run cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -139,7 +139,7 @@ register: task_output - name: Stop a task - ecs_task: + community.aws.ecs_task: operation: stop cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index def891bb527..e7d3864a785 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -105,7 +105,7 @@ EXAMPLES = ''' - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: containers: - name: simple-app cpu: 10 @@ -146,7 +146,7 @@ register: task_output - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: family: nginx containers: - name: nginx @@ -160,7 +160,7 @@ state: present - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: family: nginx containers: - name: nginx @@ -177,7 +177,7 @@ # Create Task Definition with Environment Variables and Secrets - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: family: nginx containers: - name: nginx diff --git a/plugins/modules/ecs_taskdefinition_info.py b/plugins/modules/ecs_taskdefinition_info.py index a6b1c627f4c..e4e93e0a90f 100644 --- a/plugins/modules/ecs_taskdefinition_info.py +++ b/plugins/modules/ecs_taskdefinition_info.py @@ -36,7 +36,7 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -- ecs_taskdefinition_info: +- community.aws.ecs_taskdefinition_info: task_definition: test-td ''' diff --git a/plugins/modules/efs.py b/plugins/modules/efs.py index 5d6ce13e707..95e5df78499 100644 --- a/plugins/modules/efs.py +++ b/plugins/modules/efs.py @@ -106,8 +106,8 @@ ''' EXAMPLES = ''' -# EFS provisioning -- efs: +- name: EFS provisioning + community.aws.efs: state: present name: myTestEFS tags: @@ -117,8 +117,8 @@ - subnet_id: subnet-748c5d03 security_groups: [ "sg-1a2b3c4d" ] -# Modifying EFS data -- efs: +- name: Modifying EFS data + community.aws.efs: state: present name: myTestEFS tags: @@ -127,8 +127,8 @@ - subnet_id: subnet-7654fdca security_groups: [ "sg-4c5d6f7a" ] -# Deleting EFS -- efs: +- name: Deleting EFS + community.aws.efs: state: absent name: myTestEFS ''' diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index 992b650627e..bc2ddeda5a5 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -13,7 +13,7 @@ description: - This module can be used to search Amazon EFS file systems. - This module was called C(efs_facts) before Ansible 2.9, returning C(ansible_facts). - Note that the M(efs_info) module no longer returns C(ansible_facts)! + Note that the M(community.aws.efs_info) module no longer returns C(ansible_facts)! requirements: [ boto3 ] author: - "Ryan Sydnor (@ryansydnor)" @@ -45,16 +45,16 @@ EXAMPLES = ''' - name: Find all existing efs - efs_info: + community.aws.efs_info: register: result - name: Find efs using id - efs_info: + community.aws.efs_info: id: fs-1234abcd register: result - name: Searching all EFS instances with tag Name = 'myTestNameTag', in subnet 'subnet-1a2b3c4d' and with security group 'sg-4d3c2b1a' - efs_info: + community.aws.efs_info: tags: Name: myTestNameTag targets: diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index e1c255ebbde..f649ea8010c 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -100,8 +100,8 @@ # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. -# Basic example -- elasticache: +- name: Basic example + community.aws.elasticache: name: "test-please-delete" state: present engine: memcached @@ -114,13 +114,13 @@ zone: us-east-1d -# Ensure cache cluster is gone -- elasticache: +- name: Ensure cache cluster is gone + community.aws.elasticache: name: "test-please-delete" state: absent -# Reboot cache cluster -- elasticache: +- name: Reboot cache cluster + community.aws.elasticache: name: "test-please-delete" state: rebooted diff --git a/plugins/modules/elasticache_info.py b/plugins/modules/elasticache_info.py index f7000116ca3..ffefc9b53a0 100644 --- a/plugins/modules/elasticache_info.py +++ b/plugins/modules/elasticache_info.py @@ -28,10 +28,10 @@ EXAMPLES = ''' - name: obtain all ElastiCache information - elasticache_info: + community.aws.elasticache_info: - name: obtain all information for a single ElastiCache cluster - elasticache_info: + community.aws.elasticache_info: name: test_elasticache ''' diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index c701d6a763d..c866fa9c83c 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -55,24 +55,24 @@ connection: local tasks: - name: 'Create a test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' group_family: 'redis3.2' description: 'This is a cache parameter group' state: 'present' - name: 'Modify a test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' values: activerehashing: yes client-output-buffer-limit-normal-hard-limit: 4 state: 'present' - name: 'Reset all modifiable parameters for the test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' state: reset - name: 'Delete a test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' state: 'absent' """ diff --git a/plugins/modules/elasticache_snapshot.py b/plugins/modules/elasticache_snapshot.py index f932544b505..4784dd53a29 100644 --- a/plugins/modules/elasticache_snapshot.py +++ b/plugins/modules/elasticache_snapshot.py @@ -52,16 +52,13 @@ EXAMPLES = """ # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. ---- -- hosts: localhost - connection: local - tasks: - - name: 'Create a snapshot' - elasticache_snapshot: - name: 'test-snapshot' - state: 'present' - cluster_id: '{{ cluster }}' - replication_id: '{{ replication }}' + +- name: 'Create a snapshot' + community.aws.elasticache_snapshot: + name: 'test-snapshot' + state: 'present' + cluster_id: '{{ cluster }}' + replication_id: '{{ replication }}' """ RETURN = """ diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py index 72b41f08ea6..3048f0a7baa 100644 --- a/plugins/modules/elasticache_subnet_group.py +++ b/plugins/modules/elasticache_subnet_group.py @@ -41,8 +41,8 @@ ''' EXAMPLES = ''' -# Add or change a subnet group -- elasticache_subnet_group: +- name: Add or change a subnet group + community.aws.elasticache_subnet_group: state: present name: norwegian-blue description: My Fancy Ex Parrot Subnet Group @@ -50,8 +50,8 @@ - subnet-aaaaaaaa - subnet-bbbbbbbb -# Remove a subnet group -- elasticache_subnet_group: +- name: Remove a subnet group + community.aws.elasticache_subnet_group: state: absent name: norwegian-blue ''' diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index 28915d551fa..c314a60aa40 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -185,7 +185,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an ELB and attach a listener -- elb_application_lb: +- community.aws.elb_application_lb: name: myelb security_groups: - sg-12345678 @@ -206,7 +206,7 @@ state: present # Create an ELB and attach a listener with logging enabled -- elb_application_lb: +- community.aws.elb_application_lb: access_logs_enabled: yes access_logs_s3_bucket: mybucket access_logs_s3_prefix: "logs" @@ -230,7 +230,7 @@ state: present # Create an ALB with listeners and rules -- elb_application_lb: +- community.aws.elb_application_lb: name: test-alb subnets: - subnet-12345678 @@ -293,7 +293,7 @@ state: present # Remove an ELB -- elb_application_lb: +- community.aws.elb_application_lb: name: myelb state: absent diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index 2f9c1c39cc9..e1711dbef45 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -36,22 +36,22 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Gather information about all target groups -- elb_application_lb_info: +- name: Gather information about all target groups + community.aws.elb_application_lb_info: -# Gather information about the target group attached to a particular ELB -- elb_application_lb_info: +- name: Gather information about the target group attached to a particular ELB + community.aws.elb_application_lb_info: load_balancer_arns: - "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" -# Gather information about a target groups named 'tg1' and 'tg2' -- elb_application_lb_info: +- name: Gather information about a target groups named 'tg1' and 'tg2' + community.aws.elb_application_lb_info: names: - elb1 - elb2 -# Gather information about specific ALB -- elb_application_lb_info: +- name: Gather information about specific ALB + community.aws.elb_application_lb_info: names: "alb-name" region: "aws-region" register: alb_info diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index bd309465abe..0ae1bc7dda5 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -138,7 +138,7 @@ # Basic provisioning example (non-VPC) -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -159,7 +159,7 @@ # Internal ELB example -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-vpc" scheme: internal state: present @@ -176,7 +176,7 @@ delegate_to: localhost # Configure a health check and the access logs -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -200,20 +200,20 @@ delegate_to: localhost # Ensure ELB is gone -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: absent delegate_to: localhost # Ensure ELB is gone and wait for check (for default timeout) -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: absent wait: yes delegate_to: localhost # Ensure ELB is gone and wait for check with timeout value -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: absent wait: yes @@ -223,7 +223,7 @@ # Normally, this module will purge any listeners that exist on the ELB # but aren't specified in the listeners parameter. If purge_listeners is # false it leaves them alone -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -239,7 +239,7 @@ # Normally, this module will leave availability zones that are enabled # on the ELB alone. If purge_zones is true, then any extraneous zones # will be removed -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -253,7 +253,7 @@ delegate_to: localhost # Creates a ELB and assigns a list of subnets to it. -- elb_classic_lb: +- community.aws.elb_classic_lb: state: present name: 'New ELB' security_group_ids: 'sg-123456, sg-67890' @@ -268,7 +268,7 @@ # Create an ELB with connection draining, increased idle timeout and cross availability # zone load balancing -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "New ELB" state: present connection_draining_timeout: 60 @@ -285,7 +285,7 @@ delegate_to: localhost # Create an ELB with load balancer stickiness enabled -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 @@ -303,7 +303,7 @@ delegate_to: localhost # Create an ELB with application stickiness enabled -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 @@ -321,7 +321,7 @@ delegate_to: localhost # Create an ELB and add tags -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 @@ -339,7 +339,7 @@ delegate_to: localhost # Delete all tags from an ELB -- elb_classic_lb: +- community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index 915bf19aece..9341cb59b4b 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -43,10 +43,10 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Output format tries to match ec2_elb_lb module input parameters +# Output format tries to match amazon.aws.ec2_elb_lb module input parameters # Gather information about all ELBs -- elb_classic_lb_info: +- community.aws.elb_classic_lb_info: register: elb_info - debug: @@ -54,7 +54,7 @@ loop: "{{ elb_info.elbs }}" # Gather information about a particular ELB -- elb_classic_lb_info: +- community.aws.elb_classic_lb_info: names: frontend-prod-elb register: elb_info @@ -62,7 +62,7 @@ msg: "{{ elb_info.elbs.0.dns_name }}" # Gather information about a set of ELBs -- elb_classic_lb_info: +- community.aws.elb_classic_lb_info: names: - frontend-prod-elb - backend-prod-elb diff --git a/plugins/modules/elb_instance.py b/plugins/modules/elb_instance.py index 0c41ef3a6e4..20992459f57 100644 --- a/plugins/modules/elb_instance.py +++ b/plugins/modules/elb_instance.py @@ -64,10 +64,8 @@ EXAMPLES = """ # basic pre_task and post_task example pre_tasks: - - name: Gathering ec2 facts - action: ec2_facts - name: Instance De-register - elb_instance: + community.aws.elb_instance: instance_id: "{{ ansible_ec2_instance_id }}" state: absent delegate_to: localhost @@ -75,7 +73,7 @@ - myrole post_tasks: - name: Instance Register - elb_instance: + community.aws.elb_instance: instance_id: "{{ ansible_ec2_instance_id }}" ec2_elbs: "{{ item }}" state: present diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index 616c8e061be..a3405fd5cae 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -135,8 +135,8 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Create an ELB and attach a listener -- elb_network_lb: +- name: Create an ELB and attach a listener + community.aws.elb_network_lb: name: myelb subnets: - subnet-012345678 @@ -149,8 +149,8 @@ TargetGroupName: mytargetgroup # Required. The name of the target group state: present -# Create an ELB with an attached Elastic IP address -- elb_network_lb: +- name: Create an ELB with an attached Elastic IP address + community.aws.elb_network_lb: name: myelb subnet_mappings: - SubnetId: subnet-012345678 @@ -163,8 +163,8 @@ TargetGroupName: mytargetgroup # Required. The name of the target group state: present -# Remove an ELB -- elb_network_lb: +- name: Remove an ELB + community.aws.elb_network_lb: name: myelb state: absent diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index 553e5f7f860..53d715578b8 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -75,27 +75,27 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Register an IP address target to a target group -- elb_target: +- name: Register an IP address target to a target group + community.aws.elb_target: target_group_name: myiptargetgroup target_id: i-1234567 state: present -# Register an instance target to a target group -- elb_target: +- name: Register an instance target to a target group + community.aws.elb_target: target_group_name: mytargetgroup target_id: i-1234567 state: present -# Deregister a target from a target group -- elb_target: +- name: Deregister a target from a target group + community.aws.elb_target: target_group_name: mytargetgroup target_id: i-1234567 state: absent # Modify a target to use a different port -# Register a target to a target group -- elb_target: +- name: Register a target to a target group + community.aws.elb_target: target_group_name: mytargetgroup target_id: i-1234567 target_port: 8080 diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index 3818d5da7df..43723bfd6e9 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -168,16 +168,16 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Create a target group with a default health check -- elb_target_group: +- name: Create a target group with a default health check + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 80 vpc_id: vpc-01234567 state: present -# Modify the target group with a custom health check -- elb_target_group: +- name: Modify the target group with a custom health check + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 80 @@ -192,13 +192,13 @@ unhealthy_threshold_count: 3 state: present -# Delete a target group -- elb_target_group: +- name: Delete a target group + community.aws.elb_target_group: name: mytargetgroup state: absent -# Create a target group with instance targets -- elb_target_group: +- name: Create a target group with instance targets + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 81 @@ -215,8 +215,8 @@ wait_timeout: 200 wait: True -# Create a target group with IP address targets -- elb_target_group: +- name: Create a target group with IP address targets + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 81 @@ -239,10 +239,10 @@ # itself is allow to invoke the lambda function. # therefore you need first to create an empty target group # to receive its arn, second, allow the target group -# to invoke the lamba function and third, add the target +# to invoke the lambda function and third, add the target # to the target group - name: first, create empty target group - elb_target_group: + community.aws.elb_target_group: name: my-lambda-targetgroup target_type: lambda state: present @@ -250,7 +250,7 @@ register: out - name: second, allow invoke of the lambda - lambda_policy: + community.aws.lambda_policy: state: "{{ state | default('present') }}" function_name: my-lambda-function statement_id: someID @@ -259,7 +259,7 @@ source_arn: "{{ out.target_group_arn }}" - name: third, add target - elb_target_group: + community.aws.elb_target_group: name: my-lambda-targetgroup target_type: lambda state: present diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 2505026b0d7..5c4fa2f1f64 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -47,15 +47,15 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Gather information about all target groups -- elb_target_group_info: +- name: Gather information about all target groups + community.aws.elb_target_group_info: -# Gather information about the target group attached to a particular ELB -- elb_target_group_info: +- name: Gather information about the target group attached to a particular ELB + community.aws.elb_target_group_info: load_balancer_arn: "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" -# Gather information about a target groups named 'tg1' and 'tg2' -- elb_target_group_info: +- name: Gather information about a target groups named 'tg1' and 'tg2' + community.aws.elb_target_group_info: names: - tg1 - tg2 diff --git a/plugins/modules/elb_target_info.py b/plugins/modules/elb_target_info.py index 40a9ac26420..af2dc55cd5b 100644 --- a/plugins/modules/elb_target_info.py +++ b/plugins/modules/elb_target_info.py @@ -36,14 +36,14 @@ ''' EXAMPLES = """ -# practical use case - dynamically deregistering and reregistering nodes +# practical use case - dynamically de-registering and re-registering nodes - name: Get EC2 Metadata - action: ec2_metadata_facts + amazon.aws.ec2_metadata_facts: - name: Get initial list of target groups delegate_to: localhost - elb_target_info: + community.aws.elb_target_info: instance_id: "{{ ansible_ec2_instance_id }}" region: "{{ ansible_ec2_placement_region }}" register: target_info @@ -54,7 +54,7 @@ - name: Deregister instance from all target groups delegate_to: localhost - elb_target: + community.aws.elb_target: target_group_arn: "{{ item.0.target_group_arn }}" target_port: "{{ item.1.target_port }}" target_az: "{{ item.1.target_az }}" @@ -72,7 +72,7 @@ - name: wait for all targets to deregister simultaneously delegate_to: localhost - elb_target_info: + community.aws.elb_target_info: get_unused_target_groups: false instance_id: "{{ ansible_ec2_instance_id }}" region: "{{ ansible_ec2_placement_region }}" @@ -82,7 +82,7 @@ delay: 10 - name: reregister in elbv2s - elb_target: + community.aws.elb_target: region: "{{ ansible_ec2_placement_region }}" target_group_arn: "{{ item.0.target_group_arn }}" target_port: "{{ item.1.target_port }}" @@ -97,7 +97,7 @@ # wait until all groups associated with this instance are 'healthy' or # 'unused' - name: wait for registration - elb_target_info: + community.aws.elb_target_info: get_unused_target_groups: false instance_id: "{{ ansible_ec2_instance_id }}" region: "{{ ansible_ec2_placement_region }}" diff --git a/plugins/modules/execute_lambda.py b/plugins/modules/execute_lambda.py index 45d0eef8e2b..846cf47d22a 100644 --- a/plugins/modules/execute_lambda.py +++ b/plugins/modules/execute_lambda.py @@ -74,7 +74,7 @@ ''' EXAMPLES = ''' -- execute_lambda: +- community.aws.execute_lambda: name: test-function # the payload is automatically serialized and sent to the function payload: @@ -84,11 +84,11 @@ # Test that you have sufficient permissions to execute a Lambda function in # another account -- execute_lambda: +- community.aws.execute_lambda: function_arn: arn:aws:lambda:us-east-1:123456789012:function/some-function dry_run: true -- execute_lambda: +- community.aws.execute_lambda: name: test-function payload: foo: bar @@ -99,12 +99,12 @@ # the response will have a `logs` key that will contain a log (up to 4KB) of the function execution in Lambda # Pass the Lambda event payload as a json file. -- execute_lambda: +- community.aws.execute_lambda: name: test-function payload: "{{ lookup('file','lambda_event.json') }}" register: response -- execute_lambda: +- community.aws.execute_lambda: name: test-function version_qualifier: PRODUCTION ''' diff --git a/plugins/modules/iam.py b/plugins/modules/iam.py index 9b5bae141c2..57d7ca653e3 100644 --- a/plugins/modules/iam.py +++ b/plugins/modules/iam.py @@ -99,9 +99,8 @@ EXAMPLES = ''' # Basic user creation example -tasks: - name: Create two new IAM users with API keys - iam: + community.aws.iam: iam_type: user name: "{{ item }}" state: present @@ -113,9 +112,8 @@ # Advanced example, create two new groups and add the pre-existing user # jdavila to both groups. -task: - name: Create Two Groups, Mario and Luigi - iam: + community.aws.iam: iam_type: group name: "{{ item }}" state: present @@ -124,8 +122,8 @@ - Luigi register: new_groups -- name: - iam: +- name: Update user + community.aws.iam: iam_type: user name: jdavila state: update @@ -134,7 +132,7 @@ # Example of role with custom trust policy for Lambda service - name: Create IAM role with custom trust relationship - iam: + community.aws.iam: iam_type: role name: AAALambdaTestRole state: present diff --git a/plugins/modules/iam_cert.py b/plugins/modules/iam_cert.py index 24e317b71c6..1ea54c859d3 100644 --- a/plugins/modules/iam_cert.py +++ b/plugins/modules/iam_cert.py @@ -83,24 +83,24 @@ ''' EXAMPLES = ''' -# Basic server certificate upload from local file -- iam_cert: +- name: Basic server certificate upload from local file + community.aws.iam_cert: name: very_ssl state: present cert: "{{ lookup('file', 'path/to/cert') }}" key: "{{ lookup('file', 'path/to/key') }}" cert_chain: "{{ lookup('file', 'path/to/certchain') }}" -# Basic server certificate upload -- iam_cert: +- name: Basic server certificate upload + community.aws.iam_cert: name: very_ssl state: present cert: path/to/cert key: path/to/key cert_chain: path/to/certchain -# Server certificate upload using key string -- iam_cert: +- name: Server certificate upload using key string + community.aws.iam_cert: name: very_ssl state: present path: "/a/cert/path/" @@ -108,8 +108,8 @@ key: vault_body_of_privcertkey cert_chain: body_of_myverytrustedchain -# Basic rename of existing certificate -- iam_cert: +- name: Basic rename of existing certificate + community.aws.iam_cert: name: very_ssl new_name: new_very_ssl state: present diff --git a/plugins/modules/iam_group.py b/plugins/modules/iam_group.py index 672de888fba..121801275eb 100644 --- a/plugins/modules/iam_group.py +++ b/plugins/modules/iam_group.py @@ -36,7 +36,7 @@ managed_policies: description: - A list of managed policy ARNs or friendly names to attach to the role. - - To embed an inline policy, use M(iam_policy). + - To embed an inline policy, use M(community.aws.iam_policy). required: false type: list elements: str @@ -76,20 +76,20 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Create a group -- iam_group: +- name: Create a group + community.aws.iam_group: name: testgroup1 state: present -# Create a group and attach a managed policy using its ARN -- iam_group: +- name: Create a group and attach a managed policy using its ARN + community.aws.iam_group: name: testgroup1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess state: present -# Create a group with users as members and attach a managed policy using its ARN -- iam_group: +- name: Create a group with users as members and attach a managed policy using its ARN + community.aws.iam_group: name: testgroup1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess @@ -98,23 +98,22 @@ - test_user2 state: present -# Remove all managed policies from an existing group with an empty list -- iam_group: +- name: Remove all managed policies from an existing group with an empty list + community.aws.iam_group: name: testgroup1 state: present purge_policies: true -# Remove all group members from an existing group -- iam_group: +- name: Remove all group members from an existing group + community.aws.iam_group: name: testgroup1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess purge_users: true state: present - -# Delete the group -- iam_group: +- name: Delete the group + community.aws.iam_group: name: testgroup1 state: absent diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 06e31a906d5..0abe10faf5d 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -61,7 +61,7 @@ EXAMPLES = ''' # Create Policy ex nihilo - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy_description: "A Helpful managed policy" policy: "{{ lookup('template', 'managed_policy.json.j2') }}" @@ -69,14 +69,14 @@ # Update a policy with a new default version - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy: "{{ lookup('file', 'managed_policy_update.json') }}" state: present # Update a policy with a new non default version - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy: "{{ lookup('file', 'managed_policy_update.json') }}" make_default: false @@ -84,7 +84,7 @@ # Update a policy and make it the only version and the default version - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" only_version: true @@ -92,7 +92,7 @@ # Remove a policy - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" state: absent ''' diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index bb59d8d8177..07e98d6851c 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -42,15 +42,17 @@ user_name: pwnall """ -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# List MFA devices (more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html) -- iam_mfa_device_info: +# more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html +- name: List MFA devices + community.aws.iam_mfa_device_info: register: mfa_devices -# Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) -- sts_assume_role: +# more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html +- name: Assume an existing role + community.aws.sts_assume_role: mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" role_arn: "arn:aws:iam::123456789012:role/someRole" role_session_name: "someRoleSession" diff --git a/plugins/modules/iam_password_policy.py b/plugins/modules/iam_password_policy.py index 53c1d5bc479..a26821e10a4 100644 --- a/plugins/modules/iam_password_policy.py +++ b/plugins/modules/iam_password_policy.py @@ -82,7 +82,7 @@ EXAMPLES = ''' - name: Password policy for AWS account - iam_password_policy: + community.aws.iam_password_policy: state: present min_pw_length: 8 require_symbols: false diff --git a/plugins/modules/iam_policy.py b/plugins/modules/iam_policy.py index 5eb4694c3c7..7ff98790146 100644 --- a/plugins/modules/iam_policy.py +++ b/plugins/modules/iam_policy.py @@ -12,8 +12,8 @@ short_description: Manage inline IAM policies for users, groups, and roles description: - Allows uploading or removing inline IAM policies for IAM users, groups or roles. - - To administer managed policies please see M(iam_user), M(iam_role), - M(iam_group) and M(iam_managed_policy) + - To administer managed policies please see M(community.aws.iam_user), M(community.aws.iam_role), + M(community.aws.iam_group) and M(community.aws.iam_managed_policy) options: iam_type: description: @@ -70,7 +70,7 @@ EXAMPLES = ''' # Create a policy with the name of 'Admin' to the group 'administrators' - name: Assign a policy called Admin to the administrators group - iam_policy: + community.aws.iam_policy: iam_type: group iam_name: administrators policy_name: Admin @@ -80,7 +80,7 @@ # Advanced example, create two new groups and add a READ-ONLY policy to both # groups. - name: Create Two Groups, Mario and Luigi - iam: + community.aws.iam: iam_type: group name: "{{ item }}" state: present @@ -90,7 +90,7 @@ register: new_groups - name: Apply READ-ONLY policy to new groups that have been recently created - iam_policy: + community.aws.iam_policy: iam_type: group iam_name: "{{ item.created_group.group_name }}" policy_name: "READ-ONLY" @@ -100,7 +100,7 @@ # Create a new S3 policy with prefix per user - name: Create S3 policy from template - iam_policy: + community.aws.iam_policy: iam_type: user iam_name: "{{ item.user }}" policy_name: "s3_limited_access_{{ item.prefix }}" diff --git a/plugins/modules/iam_policy_info.py b/plugins/modules/iam_policy_info.py index 73eded00824..8df1c9fc216 100644 --- a/plugins/modules/iam_policy_info.py +++ b/plugins/modules/iam_policy_info.py @@ -40,13 +40,13 @@ ''' EXAMPLES = ''' -# Describe all inline IAM policies on an IAM User -- iam_policy_info: +- name: Describe all inline IAM policies on an IAM User + community.aws.iam_policy_info: iam_type: user iam_name: example_user -# Describe a specific inline policy on an IAM Role -- iam_policy_info: +- name: Describe a specific inline policy on an IAM Role + community.aws.iam_policy_info: iam_type: role iam_name: example_role policy_name: example_policy diff --git a/plugins/modules/iam_role.py b/plugins/modules/iam_role.py index dc96bc93f3f..1ce2ceae9d0 100644 --- a/plugins/modules/iam_role.py +++ b/plugins/modules/iam_role.py @@ -45,7 +45,7 @@ description: - A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names. - To remove all policies set I(purge_polices=true) and I(managed_policies=[None]). - - To embed an inline policy, use M(iam_policy). + - To embed an inline policy, use M(community.aws.iam_policy). aliases: ['managed_policy'] type: list max_session_duration: @@ -98,7 +98,7 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a role with description and tags - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" description: This is My New Role @@ -106,20 +106,20 @@ env: dev - name: "Create a role and attach a managed policy called 'PowerUserAccess'" - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" managed_policies: - arn:aws:iam::aws:policy/PowerUserAccess - name: Keep the role created above but remove all managed policies - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" managed_policies: [] - name: Delete the role - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file', 'policy.json') }}" state: absent diff --git a/plugins/modules/iam_role_info.py b/plugins/modules/iam_role_info.py index 7fdb4ac58fa..ac000ae8552 100644 --- a/plugins/modules/iam_role_info.py +++ b/plugins/modules/iam_role_info.py @@ -36,16 +36,16 @@ ''' EXAMPLES = ''' -# find all existing IAM roles -- iam_role_info: +- name: find all existing IAM roles + community.aws.iam_role_info: register: result -# describe a single role -- iam_role_info: +- name: describe a single role + community.aws.iam_role_info: name: MyIAMRole -# describe all roles matching a path prefix -- iam_role_info: +- name: describe all roles matching a path prefix + community.aws.iam_role_info: path_prefix: /application/path ''' diff --git a/plugins/modules/iam_saml_federation.py b/plugins/modules/iam_saml_federation.py index 7f8077bbb8a..0172a4cf47e 100644 --- a/plugins/modules/iam_saml_federation.py +++ b/plugins/modules/iam_saml_federation.py @@ -57,7 +57,7 @@ # It is assumed that their matching environment variables are set. # Creates a new iam saml identity provider if not present - name: saml provider - iam_saml_federation: + community.aws.iam_saml_federation: name: example1 # the > below opens an indented block, so no escaping/quoting is needed when in the indentation level under this key saml_metadata_document: > @@ -65,13 +65,13 @@ /home/ubuntu/test.txt" register: my_instance -# Delete an instance -- lightsail: +- name: Delete an instance + community.aws.lightsail: state: absent region: us-east-1 name: my_instance diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index cc123f9c22f..2f4728bbbad 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -15,7 +15,7 @@ - When creating an instance it can be either a new instance or a read-only replica of an existing instance. - This module has a dependency on python-boto >= 2.5 and will soon be deprecated. - The 'promote' command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0). - - Please use boto3 based M(rds_instance) instead. + - Please use boto3 based M(community.aws.rds_instance) instead. options: command: description: @@ -235,8 +235,8 @@ # FIXME: the command stuff needs a 'state' like alias to make things consistent -- MPD EXAMPLES = ''' -# Basic mysql provisioning example -- rds: +- name: Basic mysql provisioning example + community.aws.rds: command: create instance_name: new-database db_engine: MySQL @@ -248,35 +248,35 @@ Environment: testing Application: cms -# Create a read-only replica and wait for it to become available -- rds: +- name: Create a read-only replica and wait for it to become available + community.aws.rds: command: replicate instance_name: new-database-replica source_instance: new_database wait: yes wait_timeout: 600 -# Delete an instance, but create a snapshot before doing so -- rds: +- name: Delete an instance, but create a snapshot before doing so + community.aws.rds: command: delete instance_name: new-database snapshot: new_database_snapshot -# Get facts about an instance -- rds: +- name: Get facts about an instance + community.aws.rds: command: facts instance_name: new-database register: new_database_facts -# Rename an instance and wait for the change to take effect -- rds: +- name: Rename an instance and wait for the change to take effect + community.aws.rds: command: modify instance_name: new-database new_instance_name: renamed-database wait: yes -# Reboot an instance and wait for it to become available again -- rds: +- name: Reboot an instance and wait for it to become available again + community.aws.rds: command: reboot instance_name: database wait: yes @@ -284,27 +284,25 @@ # Restore a Postgres db instance from a snapshot, wait for it to become available again, and # then modify it to add your security group. Also, display the new endpoint. # Note that the "publicly_accessible" option is allowed here just as it is in the AWS CLI -- local_action: - module: rds - command: restore - snapshot: mypostgres-snapshot - instance_name: MyNewInstanceName - region: us-west-2 - zone: us-west-2b - subnet: default-vpc-xx441xxx - publicly_accessible: yes - wait: yes - wait_timeout: 600 - tags: - Name: pg1_test_name_tag +- community.aws.rds: + command: restore + snapshot: mypostgres-snapshot + instance_name: MyNewInstanceName + region: us-west-2 + zone: us-west-2b + subnet: default-vpc-xx441xxx + publicly_accessible: yes + wait: yes + wait_timeout: 600 + tags: + Name: pg1_test_name_tag register: rds -- local_action: - module: rds - command: modify - instance_name: MyNewInstanceName - region: us-west-2 - vpc_security_groups: sg-xxx945xx +- community.aws.rds: + command: modify + instance_name: MyNewInstanceName + region: us-west-2 + vpc_security_groups: sg-xxx945xx - debug: msg: "The new db endpoint is {{ rds.instance.endpoint }}" diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index efbffd8aa8b..bd40dd086d4 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -416,7 +416,7 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: create minimal aurora instance in default VPC and default subnet group - rds_instance: + community.aws.rds_instance: engine: aurora db_instance_identifier: ansible-test-aurora-db-instance instance_type: db.t2.small @@ -425,7 +425,7 @@ cluster_id: ansible-test-cluster # This cluster must exist - see rds_cluster to manage it - name: Create a DB instance using the default AWS KMS encryption key - rds_instance: + community.aws.rds_instance: id: test-encrypted-db state: present engine: mariadb @@ -436,13 +436,13 @@ allocated_storage: "{{ allocated_storage }}" - name: remove the DB instance without a final snapshot - rds_instance: + community.aws.rds_instance: id: "{{ instance_id }}" state: absent skip_final_snapshot: True - name: remove the DB instance with a final snapshot - rds_instance: + community.aws.rds_instance: id: "{{ instance_id }}" state: absent final_snapshot_identifier: "{{ snapshot_id }}" diff --git a/plugins/modules/rds_instance_info.py b/plugins/modules/rds_instance_info.py index 8a23c392ddd..d26965a7970 100644 --- a/plugins/modules/rds_instance_info.py +++ b/plugins/modules/rds_instance_info.py @@ -41,13 +41,13 @@ ''' EXAMPLES = ''' -# Get information about an instance -- rds_instance_info: +- name: Get information about an instance + community.aws.rds_instance_info: db_instance_identifier: new-database register: new_database_info -# Get all RDS instances -- rds_instance_info: +- name: Get all RDS instances + community.aws.rds_instance_info: ''' RETURN = ''' diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index a30df260a25..e5cd2457458 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -67,8 +67,8 @@ ''' EXAMPLES = ''' -# Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 -- rds_param_group: +- name: Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 + community.aws.rds_param_group: state: present name: norwegian-blue description: 'My Fancy Ex Parrot Group' @@ -79,8 +79,8 @@ Environment: production Application: parrot -# Remove a parameter group -- rds_param_group: +- name: Remove a parameter group + community.aws.rds_param_group: state: absent name: norwegian-blue ''' diff --git a/plugins/modules/rds_snapshot.py b/plugins/modules/rds_snapshot.py index 872af39c8e6..3db9afe0b85 100644 --- a/plugins/modules/rds_snapshot.py +++ b/plugins/modules/rds_snapshot.py @@ -67,13 +67,13 @@ ''' EXAMPLES = ''' -# Create snapshot -- rds_snapshot: +- name: Create snapshot + community.aws.rds_snapshot: db_instance_identifier: new-database db_snapshot_identifier: new-database-snapshot -# Delete snapshot -- rds_snapshot: +- name: Delete snapshot + community.aws.rds_snapshot: db_snapshot_identifier: new-database-snapshot state: absent ''' diff --git a/plugins/modules/rds_snapshot_info.py b/plugins/modules/rds_snapshot_info.py index 30f30a815c1..3e47a444677 100644 --- a/plugins/modules/rds_snapshot_info.py +++ b/plugins/modules/rds_snapshot_info.py @@ -62,13 +62,13 @@ ''' EXAMPLES = ''' -# Get information about an snapshot -- rds_snapshot_info: +- name: Get information about an snapshot + community.aws.rds_snapshot_info: db_snapshot_identifier: snapshot_name register: new_database_info -# Get all RDS snapshots for an RDS instance -- rds_snapshot_info: +- name: Get all RDS snapshots for an RDS instance + community.aws.rds_snapshot_info: db_instance_identifier: helloworld-rds-master ''' diff --git a/plugins/modules/rds_subnet_group.py b/plugins/modules/rds_subnet_group.py index 99bfb002752..f913d41f296 100644 --- a/plugins/modules/rds_subnet_group.py +++ b/plugins/modules/rds_subnet_group.py @@ -42,8 +42,8 @@ ''' EXAMPLES = ''' -# Add or change a subnet group -- rds_subnet_group: +- name: Add or change a subnet group + community.aws.rds_subnet_group: state: present name: norwegian-blue description: My Fancy Ex Parrot Subnet Group @@ -51,8 +51,8 @@ - subnet-aaaaaaaa - subnet-bbbbbbbb -# Remove a subnet group -- rds_subnet_group: +- name: Remove a subnet group + community.aws.rds_subnet_group: state: absent name: norwegian-blue ''' diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 86343d4ef79..6939204d819 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -174,16 +174,16 @@ ''' EXAMPLES = ''' -# Basic cluster provisioning example -- redshift: > - command=create - node_type=ds1.xlarge - identifier=new_cluster - username=cluster_admin - password=1nsecure - -# Cluster delete example -- redshift: +- name: Basic cluster provisioning example + community.aws.redshift: + command: create + node_type: ds1.xlarge + identifier: new_cluster + username: cluster_admin + password: 1nsecure + +- name: Cluster delete example + community.aws.redshift: command: delete identifier: new_cluster skip_final_cluster_snapshot: true diff --git a/plugins/modules/redshift_cross_region_snapshots.py b/plugins/modules/redshift_cross_region_snapshots.py index d7931a812b6..e97bf0795cd 100644 --- a/plugins/modules/redshift_cross_region_snapshots.py +++ b/plugins/modules/redshift_cross_region_snapshots.py @@ -61,7 +61,7 @@ EXAMPLES = ''' - name: configure cross-region snapshot on cluster `johniscool` - redshift_cross_region_snapshots: + community.aws.redshift_cross_region_snapshots: cluster_name: johniscool state: present region: us-east-1 @@ -69,7 +69,7 @@ retention_period: 1 - name: configure cross-region snapshot on kms-encrypted cluster - redshift_cross_region_snapshots: + community.aws.redshift_cross_region_snapshots: cluster_name: whatever state: present region: us-east-1 @@ -78,7 +78,7 @@ retention_period: 10 - name: disable cross-region snapshots, necessary before most cluster modifications (rename, resize) - redshift_cross_region_snapshots: + community.aws.redshift_cross_region_snapshots: cluster_name: whatever state: absent region: us-east-1 diff --git a/plugins/modules/redshift_info.py b/plugins/modules/redshift_info.py index 77aa5e1fb36..56e7f7139b7 100644 --- a/plugins/modules/redshift_info.py +++ b/plugins/modules/redshift_info.py @@ -39,27 +39,27 @@ EXAMPLES = ''' # Note: These examples do net set authentication details, see the AWS guide for details. -# Find all clusters -- redshift_info: +- name: Find all clusters + community.aws.redshift_info: register: redshift -# Find cluster(s) with matching tags -- redshift_info: +- name: Find cluster(s) with matching tags + community.aws.redshift_info: tags: env: prd stack: monitoring register: redshift_tags -# Find cluster(s) with matching name/prefix and tags -- redshift_info: +- name: Find cluster(s) with matching name/prefix and tags + community.aws.redshift_info: tags: env: dev stack: web name: user- register: redshift_web -# Fail if no cluster(s) is/are found -- redshift_info: +- name: Fail if no cluster(s) is/are found + community.aws.redshift_info: tags: env: stg stack: db diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py index cb9d085e8c8..4351ac9e717 100644 --- a/plugins/modules/redshift_subnet_group.py +++ b/plugins/modules/redshift_subnet_group.py @@ -47,9 +47,8 @@ ''' EXAMPLES = ''' -# Create a Redshift subnet group -- local_action: - module: redshift_subnet_group +- name: Create a Redshift subnet group + community.aws.redshift_subnet_group: state: present group_name: redshift-subnet group_description: Redshift subnet @@ -57,8 +56,8 @@ - 'subnet-aaaaa' - 'subnet-bbbbb' -# Remove subnet group -- redshift_subnet_group: +- name: Remove subnet group + community.aws.redshift_subnet_group: state: absent group_name: redshift-subnet ''' diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py index c93d941f39f..385a1d10ec4 100644 --- a/plugins/modules/route53.py +++ b/plugins/modules/route53.py @@ -212,108 +212,110 @@ sample: foo.bar.com. ''' -EXAMPLES = ''' -# Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated -- route53: - state: present - zone: foo.com - record: new.foo.com - type: A - ttl: 7200 - value: 1.1.1.1,2.2.2.2,3.3.3.3 - wait: yes - -# Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated -- route53: - state: present - zone: foo.com - record: new.foo.com - type: A - ttl: 7200 - value: - - 1.1.1.1 - - 2.2.2.2 - - 3.3.3.3 - wait: yes - -# Retrieve the details for new.foo.com -- route53: - state: get - zone: foo.com - record: new.foo.com - type: A +EXAMPLES = r''' +- name: Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated + community.aws.route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: 1.1.1.1,2.2.2.2,3.3.3.3 + wait: yes + +- name: Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated + community.aws.route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: + - 1.1.1.1 + - 2.2.2.2 + - 3.3.3.3 + wait: yes + +- name: Retrieve the details for new.foo.com + community.aws.route53: + state: get + zone: foo.com + record: new.foo.com + type: A register: rec -# Delete new.foo.com A record using the results from the get command -- route53: - state: absent - zone: foo.com - record: "{{ rec.set.record }}" - ttl: "{{ rec.set.ttl }}" - type: "{{ rec.set.type }}" - value: "{{ rec.set.value }}" +- name: Delete new.foo.com A record using the results from the get command + community.aws.route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" # Add an AAAA record. Note that because there are colons in the value # that the IPv6 address must be quoted. Also shows using the old form command=create. -- route53: - command: create - zone: foo.com - record: localhost.foo.com - type: AAAA - ttl: 7200 - value: "::1" - -# Add a SRV record with multiple fields for a service on port 22222 +- name: Add an AAAA record + community.aws.route53: + command: create + zone: foo.com + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + # For more information on SRV records see: # https://en.wikipedia.org/wiki/SRV_record -- route53: - state: present - zone: foo.com - record: "_example-service._tcp.foo.com" - type: SRV - value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" - -# Add a TXT record. Note that TXT and SPF records must be surrounded +- name: Add a SRV record with multiple fields for a service on port 22222 + community.aws.route53: + state: present + zone: foo.com + record: "_example-service._tcp.foo.com" + type: SRV + value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" + +# Note that TXT and SPF records must be surrounded # by quotes when sent to Route 53: -- route53: - state: present - zone: foo.com - record: localhost.foo.com - type: TXT - ttl: 7200 - value: '"bar"' - -# Add an alias record that points to an Amazon ELB: -- route53: - state: present - zone: foo.com - record: elb.foo.com - type: A - value: "{{ elb_dns_name }}" - alias: True - alias_hosted_zone_id: "{{ elb_zone_id }}" - -# Retrieve the details for elb.foo.com -- route53: - state: get - zone: foo.com - record: elb.foo.com - type: A +- name: Add a TXT record. + community.aws.route53: + state: present + zone: foo.com + record: localhost.foo.com + type: TXT + ttl: 7200 + value: '"bar"' + +- name: Add an alias record that points to an Amazon ELB + community.aws.route53: + state: present + zone: foo.com + record: elb.foo.com + type: A + value: "{{ elb_dns_name }}" + alias: True + alias_hosted_zone_id: "{{ elb_zone_id }}" + +- name: Retrieve the details for elb.foo.com + community.aws.route53: + state: get + zone: foo.com + record: elb.foo.com + type: A register: rec -# Delete an alias record using the results from the get command -- route53: - state: absent - zone: foo.com - record: "{{ rec.set.record }}" - ttl: "{{ rec.set.ttl }}" - type: "{{ rec.set.type }}" - value: "{{ rec.set.value }}" - alias: True - alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" - -# Add an alias record that points to an Amazon ELB and evaluates it health: -- route53: +- name: Delete an alias record using the results from the get command + community.aws.route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" + alias: True + alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" + +- name: Add an alias record that points to an Amazon ELB and evaluates it health + community.aws.route53: state: present zone: foo.com record: elb.foo.com @@ -323,39 +325,39 @@ alias_hosted_zone_id: "{{ elb_zone_id }}" alias_evaluate_target_health: True -# Add an AAAA record with Hosted Zone ID. -- route53: - state: present - zone: foo.com - hosted_zone_id: Z2AABBCCDDEEFF - record: localhost.foo.com - type: AAAA - ttl: 7200 - value: "::1" - -# Use a routing policy to distribute traffic: -- route53: - state: present - zone: foo.com - record: www.foo.com - type: CNAME - value: host1.foo.com - ttl: 30 - # Routing policy - identifier: "host1@www" - weight: 100 - health_check: "d994b780-3150-49fd-9205-356abdd42e75" - -# Add a CAA record (RFC 6844): -- route53: - state: present - zone: example.com - record: example.com - type: CAA - value: - - 0 issue "ca.example.net" - - 0 issuewild ";" - - 0 iodef "mailto:security@example.com" +- name: Add an AAAA record with Hosted Zone ID + community.aws.route53: + state: present + zone: foo.com + hosted_zone_id: Z2AABBCCDDEEFF + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + +- name: Use a routing policy to distribute traffic + community.aws.route53: + state: present + zone: foo.com + record: www.foo.com + type: CNAME + value: host1.foo.com + ttl: 30 + # Routing policy + identifier: "host1@www" + weight: 100 + health_check: "d994b780-3150-49fd-9205-356abdd42e75" + +- name: Add a CAA record (RFC 6844) + community.aws.route53: + state: present + zone: example.com + record: example.com + type: CAA + value: + - 0 issue "ca.example.net" + - 0 issuewild ";" + - 0 iodef "mailto:security@example.com" ''' diff --git a/plugins/modules/route53_health_check.py b/plugins/modules/route53_health_check.py index 414f27a3eee..80f6691407a 100644 --- a/plugins/modules/route53_health_check.py +++ b/plugins/modules/route53_health_check.py @@ -84,8 +84,8 @@ ''' EXAMPLES = ''' -# Create a health-check for host1.example.com and use it in record -- route53_health_check: +- name: Create a health-check for host1.example.com and use it in record + community.aws.route53_health_check: state: present fqdn: host1.example.com type: HTTP_STR_MATCH @@ -95,7 +95,7 @@ failure_threshold: 2 register: my_health_check -- route53: +- community.aws.route53: action: create zone: "example.com" type: CNAME @@ -107,8 +107,8 @@ weight: 100 health_check: "{{ my_health_check.health_check.id }}" -# Delete health-check -- route53_health_check: +- name: Delete health-check + community.aws.route53_health_check: state: absent fqdn: host1.example.com diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index cb6f74b369a..466e39bd79f 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -136,19 +136,19 @@ EXAMPLES = ''' # Simple example of listing all hosted zones - name: List all hosted zones - route53_info: + community.aws.route53_info: query: hosted_zone register: hosted_zones # Getting a count of hosted zones - name: Return a count of all hosted zones - route53_info: + community.aws.route53_info: query: hosted_zone hosted_zone_method: count register: hosted_zone_count - name: List the first 20 resource record sets in a given hosted zone - route53_info: + community.aws.route53_info: profile: account_name query: record_sets hosted_zone_id: ZZZ1111112222 @@ -156,33 +156,33 @@ register: record_sets - name: List first 20 health checks - route53_info: + community.aws.route53_info: query: health_check health_check_method: list max_items: 20 register: health_checks - name: Get health check last failure_reason - route53_info: + community.aws.route53_info: query: health_check health_check_method: failure_reason health_check_id: 00000000-1111-2222-3333-12345678abcd register: health_check_failure_reason - name: Retrieve reusable delegation set details - route53_info: + community.aws.route53_info: query: reusable_delegation_set delegation_set_id: delegation id register: delegation_sets - name: setup of example for using next_marker - route53_info: + community.aws.route53_info: query: hosted_zone max_items: 1 register: first_info - name: example for using next_marker - route53_info: + community.aws.route53_info: query: hosted_zone next_marker: "{{ first_info.NextMarker }}" max_items: 1 @@ -191,12 +191,12 @@ - name: retrieve host entries starting with host1.workshop.test.io block: - name: grab zone id - route53_zone: + community.aws.route53_zone: zone: "test.io" register: AWSINFO - name: grab Route53 record information - route53_info: + community.aws.route53_info: type: A query: record_sets hosted_zone_id: "{{ AWSINFO.zone_id }}" diff --git a/plugins/modules/route53_zone.py b/plugins/modules/route53_zone.py index 3eee17506f4..b7a2b6858ce 100644 --- a/plugins/modules/route53_zone.py +++ b/plugins/modules/route53_zone.py @@ -56,24 +56,24 @@ EXAMPLES = ''' - name: create a public zone - route53_zone: + community.aws.route53_zone: zone: example.com comment: this is an example - name: delete a public zone - route53_zone: + community.aws.route53_zone: zone: example.com state: absent - name: create a private zone - route53_zone: + community.aws.route53_zone: zone: devel.example.com vpc_id: '{{ myvpc_id }}' vpc_region: us-west-2 comment: developer domain - name: create a public zone associated with a specific reusable delegation set - route53_zone: + community.aws.route53_zone: zone: example.com comment: reusable delegation set example delegation_set_id: A1BCDEF2GHIJKL diff --git a/plugins/modules/s3_bucket_notification.py b/plugins/modules/s3_bucket_notification.py index 41eaf3cfe72..6732e9a4432 100644 --- a/plugins/modules/s3_bucket_notification.py +++ b/plugins/modules/s3_bucket_notification.py @@ -13,10 +13,10 @@ short_description: Creates, updates or deletes S3 Bucket notification for lambda description: - This module allows the management of AWS Lambda function bucket event mappings via the - Ansible framework. Use module M(lambda) to manage the lambda function itself, M(lambda_alias) - to manage function aliases and M(lambda_policy) to modify lambda permissions. + Ansible framework. Use module M(community.aws.lambda) to manage the lambda function itself, M(community.aws.lambda_alias) + to manage function aliases and M(community.aws.lambda_policy) to modify lambda permissions. notes: - - This module heavily depends on M(lambda_policy) as you need to allow C(lambda:InvokeFunction) + - This module heavily depends on M(community.aws.lambda_policy) as you need to allow C(lambda:InvokeFunction) permission for your lambda function. author: @@ -91,18 +91,15 @@ EXAMPLES = ''' --- # Example that creates a lambda event notification for a bucket -- hosts: localhost - gather_facts: no - tasks: - - name: Process jpg image - s3_bucket_notification: - state: present - event_name: on_file_add_or_remove - bucket_name: test-bucket - function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda - events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] - prefix: images/ - suffix: .jpg +- name: Process jpg image + community.aws.s3_bucket_notification: + state: present + event_name: on_file_add_or_remove + bucket_name: test-bucket + function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda + events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] + prefix: images/ + suffix: .jpg ''' RETURN = ''' diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index 9ab279d2b50..ceef7fd97d5 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -126,16 +126,16 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days -- s3_lifecycle: +- name: Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days + community.aws.s3_lifecycle: name: mybucket expiration_days: 30 prefix: logs/ status: enabled state: present -# Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days -- s3_lifecycle: +- name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days + community.aws.s3_lifecycle: name: mybucket transition_days: 7 expiration_days: 90 @@ -143,10 +143,10 @@ status: enabled state: present -# Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. # Note that midnight GMT must be specified. # Be sure to quote your date strings -- s3_lifecycle: +- name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. + community.aws.s3_lifecycle: name: mybucket transition_date: "2020-12-30T00:00:00.000Z" expiration_date: "2030-12-30T00:00:00.000Z" @@ -154,21 +154,21 @@ status: enabled state: present -# Disable the rule created above -- s3_lifecycle: +- name: Disable the rule created above + community.aws.s3_lifecycle: name: mybucket prefix: logs/ status: disabled state: present -# Delete the lifecycle rule created above -- s3_lifecycle: +- name: Delete the lifecycle rule created above + community.aws.s3_lifecycle: name: mybucket prefix: logs/ state: absent -# Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. -- s3_lifecycle: +- name: Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. + community.aws.s3_lifecycle: name: mybucket prefix: backups/ storage_class: standard_ia @@ -176,8 +176,8 @@ state: present status: enabled -# Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 -- s3_lifecycle: +- name: Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 + community.aws.s3_lifecycle: name: mybucket prefix: logs/ state: present diff --git a/plugins/modules/s3_logging.py b/plugins/modules/s3_logging.py index 9d074f4876a..b672562131e 100644 --- a/plugins/modules/s3_logging.py +++ b/plugins/modules/s3_logging.py @@ -44,14 +44,14 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Enable logging of s3 bucket mywebsite.com to s3 bucket mylogs - s3_logging: + community.aws.s3_logging: name: mywebsite.com target_bucket: mylogs target_prefix: logs/mywebsite.com state: present - name: Remove logging on an s3 bucket - s3_logging: + community.aws.s3_logging: name: mywebsite.com state: absent diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index aa527092d3c..879452af057 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -126,12 +126,12 @@ EXAMPLES = ''' - name: basic upload - s3_sync: + community.aws.s3_sync: bucket: tedder file_root: roles/s3/files/ - name: all the options - s3_sync: + community.aws.s3_sync: bucket: tedder file_root: roles/s3/files mime_map: diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index 5f0822af6fe..08d786cf0f1 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -52,19 +52,19 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Configure an s3 bucket to redirect all requests to example.com -- s3_website: +- name: Configure an s3 bucket to redirect all requests to example.com + community.aws.s3_website: name: mybucket.com redirect_all_requests: example.com state: present -# Remove website configuration from an s3 bucket -- s3_website: +- name: Remove website configuration from an s3 bucket + community.aws.s3_website: name: mybucket.com state: absent -# Configure an s3 bucket as a website with index and error pages -- s3_website: +- name: Configure an s3 bucket as a website with index and error pages + community.aws.s3_website: name: mybucket.com suffix: home.htm error_key: errors/404.htm diff --git a/plugins/modules/sns.py b/plugins/modules/sns.py index 41c346ac317..0a0ceda75d6 100644 --- a/plugins/modules/sns.py +++ b/plugins/modules/sns.py @@ -88,14 +88,14 @@ EXAMPLES = """ - name: Send default notification message via SNS - sns: + community.aws.sns: msg: '{{ inventory_hostname }} has completed the play.' subject: Deploy complete! topic: deploy delegate_to: localhost - name: Send notification messages via SNS with short message for SMS - sns: + community.aws.sns: msg: '{{ inventory_hostname }} has completed the play.' sms: deployed! subject: Deploy complete! @@ -103,7 +103,7 @@ delegate_to: localhost - name: Send message with message_attributes - sns: + community.aws.sns: topic: "deploy" msg: "message with extra details!" message_attributes: diff --git a/plugins/modules/sns_topic.py b/plugins/modules/sns_topic.py index 52c21a41f0f..2f0865406d1 100644 --- a/plugins/modules/sns_topic.py +++ b/plugins/modules/sns_topic.py @@ -11,7 +11,7 @@ module: sns_topic short_description: Manages AWS SNS topics and subscriptions description: - - The M(sns_topic) module allows you to create, delete, and manage subscriptions for AWS SNS topics. + - The M(community.aws.sns_topic) module allows you to create, delete, and manage subscriptions for AWS SNS topics. - As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account. author: - "Joel Thompson (@joelthompson)" @@ -75,7 +75,7 @@ EXAMPLES = """ - name: Create alarm SNS topic - sns_topic: + community.aws.sns_topic: name: "alarms" state: present display_name: "alarm SNS topic" @@ -104,7 +104,7 @@ type: str returned: always sample: "arn:aws:sns:us-east-2:111111111111:my_topic_name" -sns_topic: +community.aws.sns_topic: description: Dict of sns topic details type: complex returned: always diff --git a/plugins/modules/sqs_queue.py b/plugins/modules/sqs_queue.py index 763db04c774..1682d424592 100644 --- a/plugins/modules/sqs_queue.py +++ b/plugins/modules/sqs_queue.py @@ -169,8 +169,8 @@ ''' EXAMPLES = ''' -# Create SQS queue with redrive policy -- sqs_queue: +- name: Create SQS queue with redrive policy + community.aws.sqs_queue: name: my-queue region: ap-southeast-2 default_visibility_timeout: 120 @@ -183,35 +183,35 @@ maxReceiveCount: 5 deadLetterTargetArn: arn:aws:sqs:eu-west-1:123456789012:my-dead-queue -# Drop redrive policy -- sqs_queue: +- name: Drop redrive policy + community.aws.sqs_queue: name: my-queue region: ap-southeast-2 redrive_policy: {} -# Create FIFO queue -- sqs_queue: +- name: Create FIFO queue + community.aws.sqs_queue: name: fifo-queue region: ap-southeast-2 queue_type: fifo content_based_deduplication: yes -# Tag queue -- sqs_queue: +- name: Tag queue + community.aws.sqs_queue: name: fifo-queue region: ap-southeast-2 tags: example: SomeValue -# Configure Encryption, automatically uses a new data key every hour -- sqs_queue: +- name: Configure Encryption, automatically uses a new data key every hour + community.aws.sqs_queue: name: fifo-queue region: ap-southeast-2 kms_master_key_id: alias/MyQueueKey kms_data_key_reuse_period_seconds: 3600 -# Delete SQS queue -- sqs_queue: +- name: Delete SQS queue + community.aws.sqs_queue: name: my-queue region: ap-southeast-2 state: absent diff --git a/plugins/modules/sts_assume_role.py b/plugins/modules/sts_assume_role.py index f836e478e23..4048373c614 100644 --- a/plugins/modules/sts_assume_role.py +++ b/plugins/modules/sts_assume_role.py @@ -88,13 +88,13 @@ # Note: These examples do not set authentication details, see the AWS Guide for details. # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) -- sts_assume_role: +- community.aws.sts_assume_role: role_arn: "arn:aws:iam::123456789012:role/someRole" role_session_name: "someRoleSession" register: assumed_role # Use the assumed role above to tag an instance in account 123456789012 -- ec2_tag: +- amazon.aws.ec2_tag: aws_access_key: "{{ assumed_role.sts_creds.access_key }}" aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}" security_token: "{{ assumed_role.sts_creds.session_token }}" diff --git a/plugins/modules/sts_session_token.py b/plugins/modules/sts_session_token.py index d39519e8e0f..50c537623f6 100644 --- a/plugins/modules/sts_session_token.py +++ b/plugins/modules/sts_session_token.py @@ -60,20 +60,21 @@ EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Get a session token (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) -sts_session_token: - duration_seconds: 3600 -register: session_credentials - -# Use the session token obtained above to tag an instance in account 123456789012 -ec2_tag: - aws_access_key: "{{ session_credentials.sts_creds.access_key }}" - aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" - security_token: "{{ session_credentials.sts_creds.session_token }}" - resource: i-xyzxyz01 - state: present - tags: - MyNewTag: value +# (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) +- name: Get a session token + community.aws.sts_session_token: + duration_seconds: 3600 + register: session_credentials + +- name: Use the session token obtained above to tag an instance in account 123456789012 + amazon.aws.ec2_tag: + aws_access_key: "{{ session_credentials.sts_creds.access_key }}" + aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" + security_token: "{{ session_credentials.sts_creds.session_token }}" + resource: i-xyzxyz01 + state: present + tags: + MyNewTag: value ''' From 10853d9441a586ba177006dd889325cfb24a3dd6 Mon Sep 17 00:00:00 2001 From: flowerysong Date: Tue, 16 Jun 2020 19:30:00 -0400 Subject: [PATCH 019/129] Update module_utils paths to remove aws subdir (#23) Co-authored-by: Ezekiel Hendrickson --- plugins/modules/aws_acm.py | 4 +-- plugins/modules/aws_acm_info.py | 4 +-- plugins/modules/aws_api_gateway.py | 2 +- .../modules/aws_application_scaling_policy.py | 2 +- .../modules/aws_batch_compute_environment.py | 2 +- plugins/modules/aws_batch_job_definition.py | 4 +-- plugins/modules/aws_batch_job_queue.py | 4 +-- plugins/modules/aws_codebuild.py | 2 +- plugins/modules/aws_codecommit.py | 2 +- plugins/modules/aws_codepipeline.py | 2 +- .../aws_config_aggregation_authorization.py | 2 +- plugins/modules/aws_config_aggregator.py | 2 +- .../modules/aws_config_delivery_channel.py | 2 +- plugins/modules/aws_config_recorder.py | 2 +- plugins/modules/aws_config_rule.py | 2 +- .../modules/aws_direct_connect_connection.py | 13 +++++----- ...s_direct_connect_link_aggregation_group.py | 26 ++++++++++--------- .../aws_direct_connect_virtual_interface.py | 4 +-- plugins/modules/aws_eks_cluster.py | 4 +-- plugins/modules/aws_elasticbeanstalk_app.py | 2 +- plugins/modules/aws_glue_connection.py | 2 +- plugins/modules/aws_glue_job.py | 2 +- plugins/modules/aws_inspector_target.py | 2 +- plugins/modules/aws_kms.py | 2 +- plugins/modules/aws_region_info.py | 2 +- plugins/modules/aws_s3_cors.py | 2 +- plugins/modules/aws_secret.py | 2 +- plugins/modules/aws_ses_identity.py | 2 +- plugins/modules/aws_ses_identity_policy.py | 2 +- plugins/modules/aws_ses_rule_set.py | 2 +- plugins/modules/aws_sgw_info.py | 2 +- plugins/modules/aws_ssm_parameter_store.py | 2 +- .../aws_step_functions_state_machine.py | 2 +- ..._step_functions_state_machine_execution.py | 2 +- plugins/modules/aws_waf_condition.py | 6 ++--- plugins/modules/aws_waf_info.py | 4 +-- plugins/modules/aws_waf_rule.py | 22 +++++++++------- plugins/modules/aws_waf_web_acl.py | 17 ++++++------ .../modules/cloudformation_exports_info.py | 2 +- plugins/modules/cloudformation_stack_set.py | 2 +- plugins/modules/cloudfront_distribution.py | 4 +-- plugins/modules/cloudfront_invalidation.py | 4 +-- .../cloudfront_origin_access_identity.py | 4 +-- plugins/modules/cloudtrail.py | 2 +- plugins/modules/cloudwatchevent_rule.py | 2 +- .../cloudwatchlogs_log_group_metric_filter.py | 2 +- plugins/modules/dms_endpoint.py | 2 +- .../modules/dms_replication_subnet_group.py | 2 +- plugins/modules/ec2_ami_copy.py | 2 +- plugins/modules/ec2_asg.py | 4 +-- plugins/modules/ec2_asg_info.py | 2 +- plugins/modules/ec2_asg_lifecycle_hook.py | 2 +- plugins/modules/ec2_customer_gateway_info.py | 2 +- plugins/modules/ec2_eip.py | 2 +- plugins/modules/ec2_eip_info.py | 2 +- plugins/modules/ec2_instance.py | 2 +- plugins/modules/ec2_launch_template.py | 2 +- plugins/modules/ec2_metric_alarm.py | 2 +- plugins/modules/ec2_placement_group.py | 2 +- plugins/modules/ec2_placement_group_info.py | 2 +- plugins/modules/ec2_transit_gateway.py | 2 +- plugins/modules/ec2_transit_gateway_info.py | 2 +- plugins/modules/ec2_vpc_egress_igw.py | 2 +- plugins/modules/ec2_vpc_igw.py | 4 +-- plugins/modules/ec2_vpc_nacl.py | 2 +- plugins/modules/ec2_vpc_nacl_info.py | 2 +- plugins/modules/ec2_vpc_peer.py | 2 +- plugins/modules/ec2_vpc_route_table.py | 4 +-- plugins/modules/ec2_vpc_vgw.py | 4 +-- plugins/modules/ec2_vpc_vpn.py | 2 +- plugins/modules/ec2_vpc_vpn_info.py | 2 +- plugins/modules/ecs_ecr.py | 2 +- plugins/modules/ecs_service.py | 2 +- plugins/modules/ecs_service_info.py | 2 +- plugins/modules/ecs_tag.py | 2 +- plugins/modules/ecs_task.py | 2 +- plugins/modules/ecs_taskdefinition.py | 2 +- plugins/modules/ecs_taskdefinition_info.py | 2 +- plugins/modules/efs.py | 2 +- plugins/modules/efs_info.py | 2 +- plugins/modules/elasticache_info.py | 2 +- plugins/modules/elb_application_lb.py | 17 ++++++------ plugins/modules/elb_classic_lb_info.py | 2 +- plugins/modules/elb_network_lb.py | 4 +-- plugins/modules/elb_target_group.py | 2 +- plugins/modules/elb_target_info.py | 2 +- plugins/modules/iam_group.py | 2 +- plugins/modules/iam_password_policy.py | 2 +- plugins/modules/iam_policy.py | 2 +- plugins/modules/iam_policy_info.py | 2 +- plugins/modules/iam_role.py | 2 +- plugins/modules/iam_role_info.py | 2 +- plugins/modules/iam_saml_federation.py | 2 +- plugins/modules/iam_user.py | 2 +- plugins/modules/iam_user_info.py | 2 +- plugins/modules/lambda.py | 2 +- plugins/modules/lambda_facts.py | 2 +- plugins/modules/lambda_info.py | 2 +- plugins/modules/lambda_policy.py | 2 +- plugins/modules/lightsail.py | 2 +- plugins/modules/rds_instance.py | 19 +++++++------- plugins/modules/rds_instance_info.py | 2 +- plugins/modules/rds_snapshot.py | 2 +- plugins/modules/rds_snapshot_info.py | 2 +- plugins/modules/redshift.py | 2 +- .../redshift_cross_region_snapshots.py | 2 +- plugins/modules/redshift_info.py | 2 +- plugins/modules/route53_zone.py | 2 +- plugins/modules/s3_bucket_notification.py | 2 +- plugins/modules/s3_lifecycle.py | 2 +- plugins/modules/sns.py | 2 +- plugins/modules/sns_topic.py | 2 +- plugins/modules/sqs_queue.py | 2 +- plugins/modules/sts_assume_role.py | 2 +- tests/unit/modules/test_aws_api_gateway.py | 2 +- tests/unit/modules/test_lambda_policy.py | 2 +- tests/unit/modules/test_route53_zone.py | 2 +- 117 files changed, 189 insertions(+), 181 deletions(-) diff --git a/plugins/modules/aws_acm.py b/plugins/modules/aws_acm.py index de20833ac03..5da9ab617e1 100644 --- a/plugins/modules/aws_acm.py +++ b/plugins/modules/aws_acm.py @@ -223,8 +223,8 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.acm import ACMServiceManager +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.acm import ACMServiceManager from ansible.module_utils._text import to_text import base64 import re # regex library diff --git a/plugins/modules/aws_acm_info.py b/plugins/modules/aws_acm_info.py index dfbd955a178..d23fe502ea7 100644 --- a/plugins/modules/aws_acm_info.py +++ b/plugins/modules/aws_acm_info.py @@ -259,8 +259,8 @@ type: str ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.acm import ACMServiceManager +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.acm import ACMServiceManager def main(): diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index 49b1a1f8a4e..380745a4408 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -177,7 +177,7 @@ pass import traceback -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, camel_dict_to_snake_dict) diff --git a/plugins/modules/aws_application_scaling_policy.py b/plugins/modules/aws_application_scaling_policy.py index 369302d7a9b..5a2441c5a02 100644 --- a/plugins/modules/aws_application_scaling_policy.py +++ b/plugins/modules/aws_application_scaling_policy.py @@ -282,7 +282,7 @@ sample: '2017-09-28T08:22:51.881000-03:00' ''' # NOQA -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import _camel_to_snake, camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_batch_compute_environment.py b/plugins/modules/aws_batch_compute_environment.py index 04738ffefae..dd7ce4cb9f2 100644 --- a/plugins/modules/aws_batch_compute_environment.py +++ b/plugins/modules/aws_batch_compute_environment.py @@ -228,7 +228,7 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict, camel_dict_to_snake_dict import re diff --git a/plugins/modules/aws_batch_job_definition.py b/plugins/modules/aws_batch_job_definition.py index 7debf759156..347af23ee4e 100644 --- a/plugins/modules/aws_batch_job_definition.py +++ b/plugins/modules/aws_batch_job_definition.py @@ -223,8 +223,8 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.batch import cc, set_api_params -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.batch import cc, set_api_params +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_batch_job_queue.py b/plugins/modules/aws_batch_job_queue.py index 3ca0333b940..59cc0b3a24c 100644 --- a/plugins/modules/aws_batch_job_queue.py +++ b/plugins/modules/aws_batch_job_queue.py @@ -111,8 +111,8 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.batch import set_api_params -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.batch import set_api_params +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_codebuild.py b/plugins/modules/aws_codebuild.py index 8b4a7bf04c4..5ad56103123 100644 --- a/plugins/modules/aws_codebuild.py +++ b/plugins/modules/aws_codebuild.py @@ -285,7 +285,7 @@ sample: "2018-04-17T16:56:03.245000+02:00" ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, get_boto3_client_method_parameters +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, get_boto3_client_method_parameters from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, snake_dict_to_camel_dict diff --git a/plugins/modules/aws_codecommit.py b/plugins/modules/aws_codecommit.py index 8f26be4ed48..8b929454e9d 100644 --- a/plugins/modules/aws_codecommit.py +++ b/plugins/modules/aws_codecommit.py @@ -141,7 +141,7 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/aws_codepipeline.py b/plugins/modules/aws_codepipeline.py index 90fea4016cd..ff38319ac7b 100644 --- a/plugins/modules/aws_codepipeline.py +++ b/plugins/modules/aws_codepipeline.py @@ -196,7 +196,7 @@ import traceback from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, compare_policies diff --git a/plugins/modules/aws_config_aggregation_authorization.py b/plugins/modules/aws_config_aggregation_authorization.py index a29eda64394..7bd95fc3b0b 100644 --- a/plugins/modules/aws_config_aggregation_authorization.py +++ b/plugins/modules/aws_config_aggregation_authorization.py @@ -58,7 +58,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry diff --git a/plugins/modules/aws_config_aggregator.py b/plugins/modules/aws_config_aggregator.py index 5976c9058fb..c750edae99b 100644 --- a/plugins/modules/aws_config_aggregator.py +++ b/plugins/modules/aws_config_aggregator.py @@ -95,7 +95,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict diff --git a/plugins/modules/aws_config_delivery_channel.py b/plugins/modules/aws_config_delivery_channel.py index afaef581de7..a50de66a3a9 100644 --- a/plugins/modules/aws_config_delivery_channel.py +++ b/plugins/modules/aws_config_delivery_channel.py @@ -71,7 +71,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry diff --git a/plugins/modules/aws_config_recorder.py b/plugins/modules/aws_config_recorder.py index 7b576b6cda7..b769e6278ff 100644 --- a/plugins/modules/aws_config_recorder.py +++ b/plugins/modules/aws_config_recorder.py @@ -85,7 +85,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry diff --git a/plugins/modules/aws_config_rule.py b/plugins/modules/aws_config_rule.py index 50c8d82c552..08675f9a514 100644 --- a/plugins/modules/aws_config_rule.py +++ b/plugins/modules/aws_config_rule.py @@ -113,7 +113,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index 61a0caf0149..9975206e050 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -154,13 +154,14 @@ """ import traceback -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, AWSRetry) -from ansible_collections.amazon.aws.plugins.module_utils.aws.direct_connect import (DirectConnectError, - delete_connection, - associate_connection_and_lag, - disassociate_connection_and_lag, - ) +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import ( + DirectConnectError, + delete_connection, + associate_connection_and_lag, + disassociate_connection_and_lag, +) try: from botocore.exceptions import BotoCoreError, ClientError diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index 30b0656af5f..557be09929f 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -160,19 +160,21 @@ returned: when I(state=present) """ -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, - ec2_argument_spec, - HAS_BOTO3, - get_aws_connection_info, - boto3_conn, - AWSRetry, - ) +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( + AWSRetry, + HAS_BOTO3, + boto3_conn, + camel_dict_to_snake_dict, + ec2_argument_spec, + get_aws_connection_info, +) from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.direct_connect import (DirectConnectError, - delete_connection, - delete_virtual_interface, - disassociate_connection_and_lag, - ) +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import ( + DirectConnectError, + delete_connection, + delete_virtual_interface, + disassociate_connection_and_lag, +) import traceback import time diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index 6450be0ab08..4139e5fd7f1 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -234,8 +234,8 @@ ''' import traceback -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.direct_connect import DirectConnectError, delete_virtual_interface +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError, delete_virtual_interface from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_eks_cluster.py b/plugins/modules/aws_eks_cluster.py index 27200f55908..5851b52661c 100644 --- a/plugins/modules/aws_eks_cluster.py +++ b/plugins/modules/aws_eks_cluster.py @@ -158,9 +158,9 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, get_ec2_security_group_ids_from_names -from ansible_collections.amazon.aws.plugins.module_utils.aws.waiters import get_waiter +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter try: import botocore.exceptions diff --git a/plugins/modules/aws_elasticbeanstalk_app.py b/plugins/modules/aws_elasticbeanstalk_app.py index 67f5bc611a8..cb610a29f82 100644 --- a/plugins/modules/aws_elasticbeanstalk_app.py +++ b/plugins/modules/aws_elasticbeanstalk_app.py @@ -88,7 +88,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule def describe_app(ebs, app_name, module): diff --git a/plugins/modules/aws_glue_connection.py b/plugins/modules/aws_glue_connection.py index 1810a6df2e9..9aafb4c1d8a 100644 --- a/plugins/modules/aws_glue_connection.py +++ b/plugins/modules/aws_glue_connection.py @@ -129,7 +129,7 @@ sample: {'subnet-id':'subnet-aabbccddee'} ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, get_ec2_security_group_ids_from_names # Non-ansible imports diff --git a/plugins/modules/aws_glue_job.py b/plugins/modules/aws_glue_job.py index 966029ce325..f3c7513fdda 100644 --- a/plugins/modules/aws_glue_job.py +++ b/plugins/modules/aws_glue_job.py @@ -184,7 +184,7 @@ sample: 300 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict # Non-ansible imports diff --git a/plugins/modules/aws_inspector_target.py b/plugins/modules/aws_inspector_target.py index d7e668038fd..3d7af6b6c4a 100644 --- a/plugins/modules/aws_inspector_target.py +++ b/plugins/modules/aws_inspector_target.py @@ -98,7 +98,7 @@ sample: "2018-01-29T13:48:51.958000+00:00" ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( ansible_dict_to_boto3_tag_list, diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index 0a0bba626e6..e83fd9657e2 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -404,7 +404,7 @@ 'admin': 'Allow access for Key Administrators' } -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict, ansible_dict_to_boto3_tag_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags, compare_policies diff --git a/plugins/modules/aws_region_info.py b/plugins/modules/aws_region_info.py index 719cce0cec8..dfe7892164b 100644 --- a/plugins/modules/aws_region_info.py +++ b/plugins/modules/aws_region_info.py @@ -54,7 +54,7 @@ }]" ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, ansible_dict_to_boto3_filter_list, camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_s3_cors.py b/plugins/modules/aws_s3_cors.py index 130b20966e2..d9a13e302fe 100644 --- a/plugins/modules/aws_s3_cors.py +++ b/plugins/modules/aws_s3_cors.py @@ -98,7 +98,7 @@ except Exception: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict, compare_policies diff --git a/plugins/modules/aws_secret.py b/plugins/modules/aws_secret.py index a007cf564f5..4ee846f1bb6 100644 --- a/plugins/modules/aws_secret.py +++ b/plugins/modules/aws_secret.py @@ -130,7 +130,7 @@ ''' from ansible.module_utils._text import to_bytes -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict, camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict, compare_aws_tags, ansible_dict_to_boto3_tag_list diff --git a/plugins/modules/aws_ses_identity.py b/plugins/modules/aws_ses_identity.py index 2185d07d0e8..5f649873ab3 100644 --- a/plugins/modules/aws_ses_identity.py +++ b/plugins/modules/aws_ses_identity.py @@ -217,7 +217,7 @@ type: bool ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry, get_aws_connection_info import time diff --git a/plugins/modules/aws_ses_identity_policy.py b/plugins/modules/aws_ses_identity_policy.py index bb166523585..4be04d8ecfd 100644 --- a/plugins/modules/aws_ses_identity_policy.py +++ b/plugins/modules/aws_ses_identity_policy.py @@ -81,7 +81,7 @@ sample: [ExamplePolicy] ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies, AWSRetry import json diff --git a/plugins/modules/aws_ses_rule_set.py b/plugins/modules/aws_ses_rule_set.py index b6b45afce75..86b5f9bf2b5 100644 --- a/plugins/modules/aws_ses_rule_set.py +++ b/plugins/modules/aws_ses_rule_set.py @@ -98,7 +98,7 @@ }] """ -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry try: diff --git a/plugins/modules/aws_sgw_info.py b/plugins/modules/aws_sgw_info.py index 7963e11bfc0..409eeb8126b 100644 --- a/plugins/modules/aws_sgw_info.py +++ b/plugins/modules/aws_sgw_info.py @@ -172,7 +172,7 @@ region: eu-west-3 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_ssm_parameter_store.py b/plugins/modules/aws_ssm_parameter_store.py index c721fe3385d..2c397ab5326 100644 --- a/plugins/modules/aws_ssm_parameter_store.py +++ b/plugins/modules/aws_ssm_parameter_store.py @@ -126,7 +126,7 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule try: from botocore.exceptions import ClientError diff --git a/plugins/modules/aws_step_functions_state_machine.py b/plugins/modules/aws_step_functions_state_machine.py index a283a57ce6d..1220f69f42a 100644 --- a/plugins/modules/aws_step_functions_state_machine.py +++ b/plugins/modules/aws_step_functions_state_machine.py @@ -96,7 +96,7 @@ returned: always ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_tag_list, AWSRetry, compare_aws_tags, diff --git a/plugins/modules/aws_step_functions_state_machine_execution.py b/plugins/modules/aws_step_functions_state_machine_execution.py index 65ed30453c7..a3a1d13d6c4 100644 --- a/plugins/modules/aws_step_functions_state_machine_execution.py +++ b/plugins/modules/aws_step_functions_state_machine_execution.py @@ -88,7 +88,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/aws_waf_condition.py b/plugins/modules/aws_waf_condition.py index df6632ce1d6..7774d13f06f 100644 --- a/plugins/modules/aws_waf_condition.py +++ b/plugins/modules/aws_waf_condition.py @@ -401,10 +401,10 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry, compare_policies -from ansible_collections.amazon.aws.plugins.module_utils.aws.waf import run_func_with_change_token_backoff, MATCH_LOOKUP -from ansible_collections.amazon.aws.plugins.module_utils.aws.waf import get_rule_with_backoff, list_rules_with_backoff, list_regional_rules_with_backoff +from ansible_collections.amazon.aws.plugins.module_utils.waf import run_func_with_change_token_backoff, MATCH_LOOKUP +from ansible_collections.amazon.aws.plugins.module_utils.waf import get_rule_with_backoff, list_rules_with_backoff, list_regional_rules_with_backoff class Condition(object): diff --git a/plugins/modules/aws_waf_info.py b/plugins/modules/aws_waf_info.py index 9a895c847ea..15c1ef98f81 100644 --- a/plugins/modules/aws_waf_info.py +++ b/plugins/modules/aws_waf_info.py @@ -115,8 +115,8 @@ ] ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.waf import list_web_acls, get_web_acl +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.waf import list_web_acls, get_web_acl def main(): diff --git a/plugins/modules/aws_waf_rule.py b/plugins/modules/aws_waf_rule.py index 54fb1b23f8b..d2a9ad395ae 100644 --- a/plugins/modules/aws_waf_rule.py +++ b/plugins/modules/aws_waf_rule.py @@ -145,17 +145,19 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.aws.waf import (run_func_with_change_token_backoff, - list_rules_with_backoff, - list_regional_rules_with_backoff, - MATCH_LOOKUP, - ) -from ansible_collections.amazon.aws.plugins.module_utils.aws.waf import (get_web_acl_with_backoff, - list_web_acls_with_backoff, - list_regional_web_acls_with_backoff, - ) +from ansible_collections.amazon.aws.plugins.module_utils.waf import ( + MATCH_LOOKUP, + list_regional_rules_with_backoff, + list_rules_with_backoff, + run_func_with_change_token_backoff, +) +from ansible_collections.amazon.aws.plugins.module_utils.waf import ( + get_web_acl_with_backoff, + list_web_acls_with_backoff, + list_regional_web_acls_with_backoff, +) def get_rule_by_name(client, module, name): diff --git a/plugins/modules/aws_waf_web_acl.py b/plugins/modules/aws_waf_web_acl.py index fe954dda1b2..57ff9ea3515 100644 --- a/plugins/modules/aws_waf_web_acl.py +++ b/plugins/modules/aws_waf_web_acl.py @@ -163,15 +163,16 @@ import re -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.waiters import get_waiter +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.aws.waf import (list_rules_with_backoff, - list_web_acls_with_backoff, - list_regional_web_acls_with_backoff, - run_func_with_change_token_backoff, - list_regional_rules_with_backoff, - ) +from ansible_collections.amazon.aws.plugins.module_utils.waf import ( + list_regional_rules_with_backoff, + list_regional_web_acls_with_backoff, + list_rules_with_backoff, + list_web_acls_with_backoff, + run_func_with_change_token_backoff, +) def get_web_acl_by_name(client, module, name): diff --git a/plugins/modules/cloudformation_exports_info.py b/plugins/modules/cloudformation_exports_info.py index 2c6166dc0d5..2308eb8e02e 100644 --- a/plugins/modules/cloudformation_exports_info.py +++ b/plugins/modules/cloudformation_exports_info.py @@ -37,7 +37,7 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry try: diff --git a/plugins/modules/cloudformation_stack_set.py b/plugins/modules/cloudformation_stack_set.py index a7b476d032e..986db8dac3a 100644 --- a/plugins/modules/cloudformation_stack_set.py +++ b/plugins/modules/cloudformation_stack_set.py @@ -313,7 +313,7 @@ ansible_dict_to_boto3_tag_list, camel_dict_to_snake_dict, ) -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible.module_utils._text import to_native diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 26237ea1851..80be45e1268 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -1363,8 +1363,8 @@ ''' from ansible.module_utils._text import to_text, to_native -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.cloudfront_facts import CloudFrontFactsServiceManager +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.cloudfront_facts import CloudFrontFactsServiceManager from ansible.module_utils.common.dict_transformations import recursive_diff from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags, ansible_dict_to_boto3_tag_list, boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, snake_dict_to_camel_dict diff --git a/plugins/modules/cloudfront_invalidation.py b/plugins/modules/cloudfront_invalidation.py index 13a7d8c30b3..b1da91c1c66 100644 --- a/plugins/modules/cloudfront_invalidation.py +++ b/plugins/modules/cloudfront_invalidation.py @@ -137,8 +137,8 @@ from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.cloudfront_facts import CloudFrontFactsServiceManager +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.cloudfront_facts import CloudFrontFactsServiceManager import datetime try: diff --git a/plugins/modules/cloudfront_origin_access_identity.py b/plugins/modules/cloudfront_origin_access_identity.py index 17bfb6a71d1..af1ea4964b1 100644 --- a/plugins/modules/cloudfront_origin_access_identity.py +++ b/plugins/modules/cloudfront_origin_access_identity.py @@ -119,9 +119,9 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.cloudfront_facts import CloudFrontFactsServiceManager +from ansible_collections.amazon.aws.plugins.module_utils.cloudfront_facts import CloudFrontFactsServiceManager from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule import datetime from functools import partial import json diff --git a/plugins/modules/cloudtrail.py b/plugins/modules/cloudtrail.py index 83e6cc0b0f1..fe8d500a4c3 100644 --- a/plugins/modules/cloudtrail.py +++ b/plugins/modules/cloudtrail.py @@ -253,7 +253,7 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, ansible_dict_to_boto3_tag_list, boto3_tag_list_to_ansible_dict, diff --git a/plugins/modules/cloudwatchevent_rule.py b/plugins/modules/cloudwatchevent_rule.py index 29854fcc10b..00a1908145a 100644 --- a/plugins/modules/cloudwatchevent_rule.py +++ b/plugins/modules/cloudwatchevent_rule.py @@ -153,7 +153,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py index b606a9ef8a9..852d7900e3a 100644 --- a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py +++ b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py @@ -99,7 +99,7 @@ ] """ -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/dms_endpoint.py b/plugins/modules/dms_endpoint.py index 7fc1a253a9f..438a9a57271 100644 --- a/plugins/modules/dms_endpoint.py +++ b/plugins/modules/dms_endpoint.py @@ -167,7 +167,7 @@ RETURN = ''' # ''' import traceback -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry try: import botocore diff --git a/plugins/modules/dms_replication_subnet_group.py b/plugins/modules/dms_replication_subnet_group.py index 9354eeabc86..0c4a37d5b1f 100644 --- a/plugins/modules/dms_replication_subnet_group.py +++ b/plugins/modules/dms_replication_subnet_group.py @@ -58,7 +58,7 @@ RETURN = ''' # ''' import traceback -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry try: import botocore diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index c6a1bb0ee45..2430d04cbb7 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -132,7 +132,7 @@ sample: ami-e689729e ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, ansible_dict_to_boto3_tag_list from ansible.module_utils._text import to_native diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index 3bfd6f131a9..323120035f8 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -528,7 +528,7 @@ import traceback from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( AWSRetry, camel_dict_to_snake_dict @@ -539,7 +539,7 @@ except ImportError: pass # will be detected by imported HAS_BOTO3 -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule ASG_ATTRIBUTES = ('AvailabilityZones', 'DefaultCooldown', 'DesiredCapacity', 'HealthCheckGracePeriod', 'HealthCheckType', 'LaunchConfigurationName', diff --git a/plugins/modules/ec2_asg_info.py b/plugins/modules/ec2_asg_info.py index 2cce6380fd6..d3fb1e101bb 100644 --- a/plugins/modules/ec2_asg_info.py +++ b/plugins/modules/ec2_asg_info.py @@ -222,7 +222,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/ec2_asg_lifecycle_hook.py b/plugins/modules/ec2_asg_lifecycle_hook.py index 9e01ca21aee..0127ac9137c 100644 --- a/plugins/modules/ec2_asg_lifecycle_hook.py +++ b/plugins/modules/ec2_asg_lifecycle_hook.py @@ -101,7 +101,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule try: import botocore diff --git a/plugins/modules/ec2_customer_gateway_info.py b/plugins/modules/ec2_customer_gateway_info.py index 4872e691023..d4a10d23cd0 100644 --- a/plugins/modules/ec2_customer_gateway_info.py +++ b/plugins/modules/ec2_customer_gateway_info.py @@ -84,7 +84,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_filter_list, boto3_tag_list_to_ansible_dict, camel_dict_to_snake_dict, diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index 2859ccaee7f..16ce4ddf70f 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -221,7 +221,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, ansible_dict_to_boto3_filter_list diff --git a/plugins/modules/ec2_eip_info.py b/plugins/modules/ec2_eip_info.py index 4c2f8c6756d..33899dd648c 100644 --- a/plugins/modules/ec2_eip_info.py +++ b/plugins/modules/ec2_eip_info.py @@ -96,7 +96,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_filter_list, boto3_tag_list_to_ansible_dict, camel_dict_to_snake_dict, diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index 8a682c56e12..912fa7cbe72 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -816,7 +816,7 @@ camel_dict_to_snake_dict, ) -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule module = None diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index 5c1a993dd58..3605b0a2db5 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -364,7 +364,7 @@ from uuid import uuid4 from ansible.module_utils._text import to_text -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict, snake_dict_to_camel_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_tag_list, AWSRetry, diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index 42791c518bb..a07639aa387 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -202,7 +202,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule try: from botocore.exceptions import ClientError diff --git a/plugins/modules/ec2_placement_group.py b/plugins/modules/ec2_placement_group.py index b95069065aa..5d4b0087086 100644 --- a/plugins/modules/ec2_placement_group.py +++ b/plugins/modules/ec2_placement_group.py @@ -86,7 +86,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry try: from botocore.exceptions import (BotoCoreError, ClientError) diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index e9fa6338bad..3559debfe60 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -71,7 +71,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule try: from botocore.exceptions import (BotoCoreError, ClientError) except ImportError: diff --git a/plugins/modules/ec2_transit_gateway.py b/plugins/modules/ec2_transit_gateway.py index b75eb5510a4..b4eca57de97 100644 --- a/plugins/modules/ec2_transit_gateway.py +++ b/plugins/modules/ec2_transit_gateway.py @@ -225,7 +225,7 @@ pass # handled by imported AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from time import sleep, time from ansible.module_utils._text import to_text from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( diff --git a/plugins/modules/ec2_transit_gateway_info.py b/plugins/modules/ec2_transit_gateway_info.py index 7e5f69c5917..42f180ab97f 100644 --- a/plugins/modules/ec2_transit_gateway_info.py +++ b/plugins/modules/ec2_transit_gateway_info.py @@ -168,7 +168,7 @@ pass # handled by imported AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( AWSRetry, boto3_tag_list_to_ansible_dict, diff --git a/plugins/modules/ec2_vpc_egress_igw.py b/plugins/modules/ec2_vpc_egress_igw.py index e93ce7791e9..2981d194ef9 100644 --- a/plugins/modules/ec2_vpc_egress_igw.py +++ b/plugins/modules/ec2_vpc_egress_igw.py @@ -57,7 +57,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/ec2_vpc_igw.py b/plugins/modules/ec2_vpc_igw.py index 6b1a69911d4..c1960c14bbb 100644 --- a/plugins/modules/ec2_vpc_igw.py +++ b/plugins/modules/ec2_vpc_igw.py @@ -84,8 +84,8 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.waiters import get_waiter +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( AWSRetry, camel_dict_to_snake_dict, diff --git a/plugins/modules/ec2_vpc_nacl.py b/plugins/modules/ec2_vpc_nacl.py index 5c14fec8040..14853edf767 100644 --- a/plugins/modules/ec2_vpc_nacl.py +++ b/plugins/modules/ec2_vpc_nacl.py @@ -154,7 +154,7 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry # VPC-supported IANA protocol numbers diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index 31b1099b04c..2cc4f012d58 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -107,7 +107,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, ansible_dict_to_boto3_filter_list, diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index b8e263c1242..5c94d4e399b 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -225,7 +225,7 @@ from ansible.module_utils.basic import AnsibleModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info, HAS_BOTO3 -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code def tags_changed(pcx_id, client, module): diff --git a/plugins/modules/ec2_vpc_route_table.py b/plugins/modules/ec2_vpc_route_table.py index 0b8230ac7e1..fbbae5c5a00 100644 --- a/plugins/modules/ec2_vpc_route_table.py +++ b/plugins/modules/ec2_vpc_route_table.py @@ -225,8 +225,8 @@ import re from time import sleep -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.waiters import get_waiter +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, snake_dict_to_camel_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, boto3_tag_list_to_ansible_dict diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index d1ea852d0e3..511616a0838 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -120,8 +120,8 @@ except ImportError: HAS_BOTO3 = False -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.aws.waiters import get_waiter +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter from ansible.module_utils.basic import AnsibleModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3, boto3_conn, ec2_argument_spec, get_aws_connection_info, AWSRetry from ansible.module_utils._text import to_native diff --git a/plugins/modules/ec2_vpc_vpn.py b/plugins/modules/ec2_vpc_vpn.py index 4d0f06fb5a3..72a3b9a3eb1 100644 --- a/plugins/modules/ec2_vpc_vpn.py +++ b/plugins/modules/ec2_vpc_vpn.py @@ -296,7 +296,7 @@ vpn_connection_id: vpn-781e0e19 """ -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible.module_utils._text import to_text from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( camel_dict_to_snake_dict, diff --git a/plugins/modules/ec2_vpc_vpn_info.py b/plugins/modules/ec2_vpc_vpn_info.py index f34ddb8a937..b9830d7d31e 100644 --- a/plugins/modules/ec2_vpc_vpn_info.py +++ b/plugins/modules/ec2_vpc_vpn_info.py @@ -164,7 +164,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_filter_list, boto3_tag_list_to_ansible_dict, camel_dict_to_snake_dict, diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index 23e1018c1f7..f0b0df8b7f1 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -182,7 +182,7 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception, compare_policies, sort_json_policy_dict from ansible.module_utils.six import string_types diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index ddb2b8c1bba..27ee4b8fc39 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -475,7 +475,7 @@ 'minimum_healthy_percent': 'int' } -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict, map_complex_type, get_ec2_security_group_ids_from_names try: diff --git a/plugins/modules/ecs_service_info.py b/plugins/modules/ecs_service_info.py index 9843f638d55..eb7f6215ef4 100644 --- a/plugins/modules/ecs_service_info.py +++ b/plugins/modules/ecs_service_info.py @@ -136,7 +136,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry diff --git a/plugins/modules/ecs_tag.py b/plugins/modules/ecs_tag.py index a3c16d74681..364546a4bee 100644 --- a/plugins/modules/ecs_tag.py +++ b/plugins/modules/ecs_tag.py @@ -108,7 +108,7 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict, ansible_dict_to_boto3_tag_list, compare_aws_tags try: diff --git a/plugins/modules/ecs_task.py b/plugins/modules/ecs_task.py index c11c6b2a792..0c926954023 100644 --- a/plugins/modules/ecs_task.py +++ b/plugins/modules/ecs_task.py @@ -211,7 +211,7 @@ type: str ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible.module_utils.basic import missing_required_lib from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_ec2_security_group_ids_from_names, ansible_dict_to_boto3_tag_list diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index e7d3864a785..f61595fcd77 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -211,7 +211,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible.module_utils._text import to_text diff --git a/plugins/modules/ecs_taskdefinition_info.py b/plugins/modules/ecs_taskdefinition_info.py index e4e93e0a90f..82a9bc968c7 100644 --- a/plugins/modules/ecs_taskdefinition_info.py +++ b/plugins/modules/ecs_taskdefinition_info.py @@ -298,7 +298,7 @@ type: str ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/efs.py b/plugins/modules/efs.py index 95e5df78499..b5174777ff4 100644 --- a/plugins/modules/efs.py +++ b/plugins/modules/efs.py @@ -233,7 +233,7 @@ except ImportError as e: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (compare_aws_tags, camel_dict_to_snake_dict, ansible_dict_to_boto3_tag_list, diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index bc2ddeda5a5..edc8e0daac6 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -176,7 +176,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info, AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, boto3_tag_list_to_ansible_dict from ansible.module_utils._text import to_native diff --git a/plugins/modules/elasticache_info.py b/plugins/modules/elasticache_info.py index ffefc9b53a0..93e8ae8d43d 100644 --- a/plugins/modules/elasticache_info.py +++ b/plugins/modules/elasticache_info.py @@ -222,7 +222,7 @@ Environment: test ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (get_aws_connection_info, camel_dict_to_snake_dict, AWSRetry, diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index c314a60aa40..6daaad7a49c 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -454,16 +454,17 @@ sample: vpc-0011223344 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, boto3_tag_list_to_ansible_dict, compare_aws_tags -from ansible_collections.amazon.aws.plugins.module_utils.aws.elbv2 import (ApplicationLoadBalancer, - ELBListeners, - ELBListener, - ELBListenerRules, - ELBListenerRule, - ) -from ansible_collections.amazon.aws.plugins.module_utils.aws.elb_utils import get_elb_listener_rules +from ansible_collections.amazon.aws.plugins.module_utils.elbv2 import ( + ApplicationLoadBalancer, + ELBListener, + ELBListenerRule, + ELBListenerRules, + ELBListeners, +) +from ansible_collections.amazon.aws.plugins.module_utils.elb_utils import get_elb_listener_rules def create_or_update_elb(elb_obj): diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index 9341cb59b4b..4b2a2db64bb 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -140,7 +140,7 @@ vpc_id: vpc-c248fda4 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( AWSRetry, camel_dict_to_snake_dict, diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index a3405fd5cae..5e1b52213cc 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -305,9 +305,9 @@ sample: vpc-0011223344 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, boto3_tag_list_to_ansible_dict, compare_aws_tags -from ansible_collections.amazon.aws.plugins.module_utils.aws.elbv2 import NetworkLoadBalancer, ELBListeners, ELBListener +from ansible_collections.amazon.aws.plugins.module_utils.elbv2 import NetworkLoadBalancer, ELBListeners, ELBListener def create_or_update_elb(elb_obj): diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index 43723bfd6e9..f3c0723ac27 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -377,7 +377,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, boto3_tag_list_to_ansible_dict, compare_aws_tags, diff --git a/plugins/modules/elb_target_info.py b/plugins/modules/elb_target_info.py index af2dc55cd5b..f6b0f104032 100644 --- a/plugins/modules/elb_target_info.py +++ b/plugins/modules/elb_target_info.py @@ -215,7 +215,7 @@ # we can handle the lack of boto3 based on the ec2 module pass -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry diff --git a/plugins/modules/iam_group.py b/plugins/modules/iam_group.py index 121801275eb..4a53a870833 100644 --- a/plugins/modules/iam_group.py +++ b/plugins/modules/iam_group.py @@ -176,7 +176,7 @@ sample: / ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry diff --git a/plugins/modules/iam_password_policy.py b/plugins/modules/iam_password_policy.py index a26821e10a4..fda220c0097 100644 --- a/plugins/modules/iam_password_policy.py +++ b/plugins/modules/iam_password_policy.py @@ -102,7 +102,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/iam_policy.py b/plugins/modules/iam_policy.py index 7ff98790146..1775a7a749e 100644 --- a/plugins/modules/iam_policy.py +++ b/plugins/modules/iam_policy.py @@ -118,7 +118,7 @@ except ImportError: pass -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies from ansible.module_utils.six import string_types diff --git a/plugins/modules/iam_policy_info.py b/plugins/modules/iam_policy_info.py index 8df1c9fc216..9f250e37b8d 100644 --- a/plugins/modules/iam_policy_info.py +++ b/plugins/modules/iam_policy_info.py @@ -83,7 +83,7 @@ except ImportError: pass -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible.module_utils.six import string_types diff --git a/plugins/modules/iam_role.py b/plugins/modules/iam_role.py index 1ce2ceae9d0..09db6ed9643 100644 --- a/plugins/modules/iam_role.py +++ b/plugins/modules/iam_role.py @@ -192,7 +192,7 @@ import json -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, compare_policies from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, ansible_dict_to_boto3_tag_list, diff --git a/plugins/modules/iam_role_info.py b/plugins/modules/iam_role_info.py index ac000ae8552..6b15c186360 100644 --- a/plugins/modules/iam_role_info.py +++ b/plugins/modules/iam_role_info.py @@ -151,7 +151,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict, camel_dict_to_snake_dict, AWSRetry diff --git a/plugins/modules/iam_saml_federation.py b/plugins/modules/iam_saml_federation.py index 0172a4cf47e..27310083802 100644 --- a/plugins/modules/iam_saml_federation.py +++ b/plugins/modules/iam_saml_federation.py @@ -108,7 +108,7 @@ except ImportError: pass -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry diff --git a/plugins/modules/iam_user.py b/plugins/modules/iam_user.py index 17e126641de..15a972ebc09 100644 --- a/plugins/modules/iam_user.py +++ b/plugins/modules/iam_user.py @@ -105,7 +105,7 @@ ''' from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict import traceback diff --git a/plugins/modules/iam_user_info.py b/plugins/modules/iam_user_info.py index cfb8f886324..97a01ca142f 100644 --- a/plugins/modules/iam_user_info.py +++ b/plugins/modules/iam_user_info.py @@ -100,7 +100,7 @@ sample: "test_user" ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry try: diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py index 887bdec2fac..705344ab9f6 100644 --- a/plugins/modules/lambda.py +++ b/plugins/modules/lambda.py @@ -211,7 +211,7 @@ ''' from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info, boto3_conn, camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags import base64 diff --git a/plugins/modules/lambda_facts.py b/plugins/modules/lambda_facts.py index 43ad5e6b406..ad56e9c70a5 100644 --- a/plugins/modules/lambda_facts.py +++ b/plugins/modules/lambda_facts.py @@ -88,7 +88,7 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict import json import datetime diff --git a/plugins/modules/lambda_info.py b/plugins/modules/lambda_info.py index 818a9713f0b..568d1f72d2a 100644 --- a/plugins/modules/lambda_info.py +++ b/plugins/modules/lambda_info.py @@ -78,7 +78,7 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict import json import datetime diff --git a/plugins/modules/lambda_policy.py b/plugins/modules/lambda_policy.py index fedfcbc5059..81bd7ec9200 100644 --- a/plugins/modules/lambda_policy.py +++ b/plugins/modules/lambda_policy.py @@ -134,7 +134,7 @@ import json import re from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule try: from botocore.exceptions import ClientError diff --git a/plugins/modules/lightsail.py b/plugins/modules/lightsail.py index 722d9e0ed89..f65c39ea0c8 100644 --- a/plugins/modules/lightsail.py +++ b/plugins/modules/lightsail.py @@ -159,7 +159,7 @@ # will be caught by AnsibleAWSModule pass -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index bd40dd086d4..f626d114dee 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -741,15 +741,16 @@ ''' from ansible.module_utils._text import to_text -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters -from ansible_collections.amazon.aws.plugins.module_utils.aws.rds import (ensure_tags, - arg_spec_to_rds_params, - call_method, - get_rds_method_attribute, - get_tags, - get_final_identifier, - ) -from ansible_collections.amazon.aws.plugins.module_utils.aws.waiters import get_waiter +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters +from ansible_collections.amazon.aws.plugins.module_utils.rds import ( + arg_spec_to_rds_params, + call_method, + ensure_tags, + get_final_identifier, + get_rds_method_attribute, + get_tags, +) +from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, AWSRetry from ansible.module_utils.six import string_types diff --git a/plugins/modules/rds_instance_info.py b/plugins/modules/rds_instance_info.py index d26965a7970..9cc95e378ad 100644 --- a/plugins/modules/rds_instance_info.py +++ b/plugins/modules/rds_instance_info.py @@ -343,7 +343,7 @@ sample: sg-abcd1234 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_filter_list, boto3_tag_list_to_ansible_dict, AWSRetry, diff --git a/plugins/modules/rds_snapshot.py b/plugins/modules/rds_snapshot.py index 3db9afe0b85..fe6b827f6c7 100644 --- a/plugins/modules/rds_snapshot.py +++ b/plugins/modules/rds_snapshot.py @@ -202,7 +202,7 @@ pass # protected by AnsibleAWSModule # import module snippets -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry, compare_aws_tags from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict, ansible_dict_to_boto3_tag_list diff --git a/plugins/modules/rds_snapshot_info.py b/plugins/modules/rds_snapshot_info.py index 3e47a444677..470ed0e2c6d 100644 --- a/plugins/modules/rds_snapshot_info.py +++ b/plugins/modules/rds_snapshot_info.py @@ -292,7 +292,7 @@ sample: vpc-abcd1234 ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, boto3_tag_list_to_ansible_dict, camel_dict_to_snake_dict try: diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 6939204d819..8c3b5ccdfac 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -258,7 +258,7 @@ pass # caught by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, snake_dict_to_camel_dict -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code def _collect_facts(resource): diff --git a/plugins/modules/redshift_cross_region_snapshots.py b/plugins/modules/redshift_cross_region_snapshots.py index e97bf0795cd..b022aaafbba 100644 --- a/plugins/modules/redshift_cross_region_snapshots.py +++ b/plugins/modules/redshift_cross_region_snapshots.py @@ -87,7 +87,7 @@ RETURN = ''' # ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule class SnapshotController(object): diff --git a/plugins/modules/redshift_info.py b/plugins/modules/redshift_info.py index 56e7f7139b7..b1fbe802b5f 100644 --- a/plugins/modules/redshift_info.py +++ b/plugins/modules/redshift_info.py @@ -282,7 +282,7 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict diff --git a/plugins/modules/route53_zone.py b/plugins/modules/route53_zone.py index b7a2b6858ce..bcab3b2e167 100644 --- a/plugins/modules/route53_zone.py +++ b/plugins/modules/route53_zone.py @@ -118,7 +118,7 @@ ''' import time -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule try: from botocore.exceptions import BotoCoreError, ClientError diff --git a/plugins/modules/s3_bucket_notification.py b/plugins/modules/s3_bucket_notification.py index 6732e9a4432..f61e5607a66 100644 --- a/plugins/modules/s3_bucket_notification.py +++ b/plugins/modules/s3_bucket_notification.py @@ -109,7 +109,7 @@ type: list ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index ceef7fd97d5..5bdf65ab1e3 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -203,7 +203,7 @@ except ImportError: pass # handled by AnsibleAwsModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule def create_lifecycle_rule(client, module): diff --git a/plugins/modules/sns.py b/plugins/modules/sns.py index 0a0ceda75d6..e1edfb99660 100644 --- a/plugins/modules/sns.py +++ b/plugins/modules/sns.py @@ -137,7 +137,7 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule def arn_topic_lookup(module, client, short_topic): diff --git a/plugins/modules/sns_topic.py b/plugins/modules/sns_topic.py index 2f0865406d1..ae3b960b7d8 100644 --- a/plugins/modules/sns_topic.py +++ b/plugins/modules/sns_topic.py @@ -219,7 +219,7 @@ except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies, AWSRetry, camel_dict_to_snake_dict diff --git a/plugins/modules/sqs_queue.py b/plugins/modules/sqs_queue.py index 1682d424592..1756a6e33b4 100644 --- a/plugins/modules/sqs_queue.py +++ b/plugins/modules/sqs_queue.py @@ -218,7 +218,7 @@ ''' import json -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, camel_dict_to_snake_dict, compare_aws_tags, diff --git a/plugins/modules/sts_assume_role.py b/plugins/modules/sts_assume_role.py index 4048373c614..fca345ad4ac 100644 --- a/plugins/modules/sts_assume_role.py +++ b/plugins/modules/sts_assume_role.py @@ -105,7 +105,7 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict try: diff --git a/tests/unit/modules/test_aws_api_gateway.py b/tests/unit/modules/test_aws_api_gateway.py index 39e158d7a70..ae6c2681cc4 100644 --- a/tests/unit/modules/test_aws_api_gateway.py +++ b/tests/unit/modules/test_aws_api_gateway.py @@ -19,7 +19,7 @@ pytestmark = pytest.mark.skip("test_api_gateway.py requires the `boto3` and `botocore` modules") import ansible_collections.community.aws.plugins.modules.aws_api_gateway as agw -from ansible_collections.amazon.aws.plugins.module_utils.aws import core +from ansible_collections.amazon.aws.plugins.module_utils import core exit_return_dict = {} diff --git a/tests/unit/modules/test_lambda_policy.py b/tests/unit/modules/test_lambda_policy.py index 08c3ee2c0f9..25ad47c19d8 100644 --- a/tests/unit/modules/test_lambda_policy.py +++ b/tests/unit/modules/test_lambda_policy.py @@ -12,7 +12,7 @@ import pytest -from ansible_collections.amazon.aws.plugins.module_utils.aws.core import HAS_BOTO3 +from ansible_collections.amazon.aws.plugins.module_utils.core import HAS_BOTO3 from ansible_collections.community.aws.tests.unit.compat.mock import MagicMock from ansible_collections.community.aws.tests.unit.modules.utils import set_module_args diff --git a/tests/unit/modules/test_route53_zone.py b/tests/unit/modules/test_route53_zone.py index 9fc4965ffbc..c8fe719d9f0 100644 --- a/tests/unit/modules/test_route53_zone.py +++ b/tests/unit/modules/test_route53_zone.py @@ -26,7 +26,7 @@ def is_subdict(subdict, superdict): return all(superdict[k] == v for k, v in subdict.items()) -@patch('ansible_collections.amazon.aws.plugins.module_utils.aws.core.HAS_BOTO3', new=True) +@patch('ansible_collections.amazon.aws.plugins.module_utils.core.HAS_BOTO3', new=True) @patch.object(route53_zone.AnsibleAWSModule, 'client') @patch.object(route53_zone.time, 'time', return_value=1) class TestRoute53Module(ModuleTestCase): From 96ee268e5267f5b12c3d59892bc1279f75aa3135 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 17 Jun 2020 09:31:32 -0700 Subject: [PATCH 020/129] Update docs (#99) * Update docs Remove .git from repo url so links in readme will generate correctly Add required ansible version Run latest version of add_docs.py Add version_added string to modules * galaxy.yml was missing authors --- README.md | 352 ++++++------ docs/community.aws.aws_acm.rst | 82 +-- docs/community.aws.aws_acm_info.rst | 70 +-- docs/community.aws.aws_api_gateway.rst | 102 +--- ...ity.aws.aws_application_scaling_policy.rst | 118 ++-- ...nity.aws.aws_batch_compute_environment.rst | 120 ++-- ...community.aws.aws_batch_job_definition.rst | 160 ++---- docs/community.aws.aws_batch_job_queue.rst | 76 +-- docs/community.aws.aws_codebuild.rst | 174 ++---- docs/community.aws.aws_codecommit.rst | 60 +- docs/community.aws.aws_codepipeline.rst | 86 +-- ...s.aws_config_aggregation_authorization.rst | 60 +- docs/community.aws.aws_config_aggregator.rst | 84 +-- ...munity.aws.aws_config_delivery_channel.rst | 68 +-- docs/community.aws.aws_config_recorder.rst | 72 +-- docs/community.aws.aws_config_rule.rst | 100 +--- ...nity.aws.aws_direct_connect_connection.rst | 80 +-- ...mmunity.aws.aws_direct_connect_gateway.rst | 72 +-- ..._direct_connect_link_aggregation_group.rst | 94 +--- ...s.aws_direct_connect_virtual_interface.rst | 100 +--- docs/community.aws.aws_eks_cluster.rst | 80 +-- ...community.aws.aws_elasticbeanstalk_app.rst | 64 +-- docs/community.aws.aws_glue_connection.rst | 84 +-- docs/community.aws.aws_glue_job.rst | 96 +--- docs/community.aws.aws_inspector_target.rst | 62 +-- docs/community.aws.aws_kms.rst | 140 ++--- docs/community.aws.aws_kms_info.rst | 58 +- docs/community.aws.aws_region_info.rst | 52 +- docs/community.aws.aws_s3_bucket_info.rst | 48 +- docs/community.aws.aws_s3_cors.rst | 60 +- docs/community.aws.aws_secret.rst | 88 +-- docs/community.aws.aws_ses_identity.rst | 106 ++-- .../community.aws.aws_ses_identity_policy.rst | 68 +-- docs/community.aws.aws_ses_rule_set.rst | 72 +-- docs/community.aws.aws_sgw_info.rst | 64 +-- docs/community.aws.aws_ssm.rst | 4 +- .../community.aws.aws_ssm_parameter_store.rst | 89 +-- ...y.aws.aws_step_functions_state_machine.rst | 74 +-- ...step_functions_state_machine_execution.rst | 76 +-- docs/community.aws.aws_waf_condition.rst | 130 ++--- docs/community.aws.aws_waf_info.rst | 58 +- docs/community.aws.aws_waf_rule.rst | 86 +-- docs/community.aws.aws_waf_web_acl.rst | 92 +--- ...munity.aws.cloudformation_exports_info.rst | 46 +- ...community.aws.cloudformation_stack_set.rst | 136 ++--- .../community.aws.cloudfront_distribution.rst | 521 +++++------------- docs/community.aws.cloudfront_info.rst | 151 ++--- .../community.aws.cloudfront_invalidation.rst | 64 +-- ....aws.cloudfront_origin_access_identity.rst | 66 +-- docs/community.aws.cloudtrail.rst | 106 ++-- docs/community.aws.cloudwatchevent_rule.rst | 110 ++-- ...community.aws.cloudwatchlogs_log_group.rst | 80 +-- ...nity.aws.cloudwatchlogs_log_group_info.rst | 50 +- ...cloudwatchlogs_log_group_metric_filter.rst | 86 +-- docs/community.aws.data_pipeline.rst | 138 ++--- docs/community.aws.dms_endpoint.rst | 146 ++--- ...unity.aws.dms_replication_subnet_group.rst | 60 +- docs/community.aws.dynamodb_table.rst | 140 ++--- docs/community.aws.dynamodb_ttl.rst | 60 +- docs/community.aws.ec2_ami_copy.rst | 108 ++-- docs/community.aws.ec2_asg.rst | 204 ++----- docs/community.aws.ec2_asg_info.rst | 76 +-- docs/community.aws.ec2_asg_lifecycle_hook.rst | 86 +-- docs/community.aws.ec2_customer_gateway.rst | 73 +-- ...ommunity.aws.ec2_customer_gateway_info.rst | 58 +- docs/community.aws.ec2_eip.rst | 126 ++--- docs/community.aws.ec2_eip_info.rst | 71 +-- docs/community.aws.ec2_elb.rst | 74 +-- docs/community.aws.ec2_elb_info.rst | 73 +-- docs/community.aws.ec2_instance.rst | 292 +++------- docs/community.aws.ec2_instance_info.rst | 72 +-- docs/community.aws.ec2_launch_template.rst | 302 +++------- docs/community.aws.ec2_lc.rst | 184 ++----- docs/community.aws.ec2_lc_find.rst | 60 +- docs/community.aws.ec2_lc_info.rst | 76 +-- docs/community.aws.ec2_metric_alarm.rst | 112 ++-- docs/community.aws.ec2_placement_group.rst | 68 +-- ...community.aws.ec2_placement_group_info.rst | 59 +- docs/community.aws.ec2_scaling_policy.rst | 72 +-- docs/community.aws.ec2_snapshot_copy.rst | 96 ++-- docs/community.aws.ec2_transit_gateway.rst | 104 +--- ...community.aws.ec2_transit_gateway_info.rst | 68 +-- docs/community.aws.ec2_vpc_egress_igw.rst | 60 +- docs/community.aws.ec2_vpc_endpoint.rst | 94 +--- docs/community.aws.ec2_vpc_endpoint_info.rst | 64 +-- docs/community.aws.ec2_vpc_igw.rst | 64 +-- docs/community.aws.ec2_vpc_igw_info.rst | 58 +- docs/community.aws.ec2_vpc_nacl.rst | 86 +-- docs/community.aws.ec2_vpc_nacl_info.rst | 60 +- docs/community.aws.ec2_vpc_nat_gateway.rst | 100 ++-- ...community.aws.ec2_vpc_nat_gateway_info.rst | 60 +- docs/community.aws.ec2_vpc_peer.rst | 100 ++-- docs/community.aws.ec2_vpc_peering_info.rst | 58 +- docs/community.aws.ec2_vpc_route_table.rst | 94 +--- ...community.aws.ec2_vpc_route_table_info.rst | 62 +-- docs/community.aws.ec2_vpc_vgw.rst | 84 +-- docs/community.aws.ec2_vpc_vgw_info.rst | 58 +- docs/community.aws.ec2_vpc_vpn.rst | 164 ++---- docs/community.aws.ec2_vpc_vpn_info.rst | 58 +- docs/community.aws.ec2_win_password.rst | 74 +-- docs/community.aws.ecs_attribute.rst | 76 +-- docs/community.aws.ecs_cluster.rst | 70 +-- docs/community.aws.ecs_ecr.rst | 105 ++-- docs/community.aws.ecs_service.rst | 176 ++---- docs/community.aws.ecs_service_info.rst | 66 +-- docs/community.aws.ecs_tag.rst | 76 +-- docs/community.aws.ecs_task.rst | 104 +--- docs/community.aws.ecs_taskdefinition.rst | 108 ++-- .../community.aws.ecs_taskdefinition_info.rst | 50 +- docs/community.aws.efs.rst | 120 ++-- docs/community.aws.efs_info.rst | 68 +-- docs/community.aws.elasticache.rst | 110 ++-- docs/community.aws.elasticache_info.rst | 52 +- ...munity.aws.elasticache_parameter_group.rst | 72 +-- docs/community.aws.elasticache_snapshot.rst | 85 +-- ...community.aws.elasticache_subnet_group.rst | 66 +-- docs/community.aws.elb_application_lb.rst | 172 ++---- .../community.aws.elb_application_lb_info.rst | 68 +-- docs/community.aws.elb_classic_lb.rst | 158 ++---- docs/community.aws.elb_classic_lb_info.rst | 56 +- docs/community.aws.elb_instance.rst | 72 +-- docs/community.aws.elb_network_lb.rst | 140 ++--- docs/community.aws.elb_target.rst | 94 +--- docs/community.aws.elb_target_group.rst | 168 ++---- docs/community.aws.elb_target_group_info.rst | 72 +-- docs/community.aws.elb_target_info.rst | 66 +-- docs/community.aws.execute_lambda.rst | 82 +-- docs/community.aws.iam.rst | 112 ++-- docs/community.aws.iam_cert.rst | 94 +--- docs/community.aws.iam_group.rst | 95 ++-- docs/community.aws.iam_managed_policy.rst | 84 +-- docs/community.aws.iam_mfa_device_info.rst | 58 +- docs/community.aws.iam_password_policy.rst | 84 +-- docs/community.aws.iam_policy.rst | 80 +-- docs/community.aws.iam_policy_info.rst | 64 +-- docs/community.aws.iam_role.rst | 106 ++-- docs/community.aws.iam_role_info.rst | 64 +-- docs/community.aws.iam_saml_federation.rst | 62 +-- ...munity.aws.iam_server_certificate_info.rst | 56 +- docs/community.aws.iam_user.rst | 78 +-- docs/community.aws.iam_user_info.rst | 62 +-- docs/community.aws.kinesis_stream.rst | 96 +--- docs/community.aws.lambda.rst | 122 ++-- docs/community.aws.lambda_alias.rst | 72 +-- docs/community.aws.lambda_event.rst | 119 ++-- docs/community.aws.lambda_facts.rst | 72 +-- docs/community.aws.lambda_info.rst | 64 +-- docs/community.aws.lambda_policy.rst | 120 ++-- docs/community.aws.lightsail.rst | 88 +-- docs/community.aws.rds.rst | 238 +++----- docs/community.aws.rds_instance.rst | 340 +++--------- docs/community.aws.rds_instance_info.rst | 60 +- docs/community.aws.rds_param_group.rst | 84 +-- docs/community.aws.rds_snapshot.rst | 80 +-- docs/community.aws.rds_snapshot_info.rst | 72 +-- docs/community.aws.rds_subnet_group.rst | 68 +-- docs/community.aws.redshift.rst | 172 ++---- ...ty.aws.redshift_cross_region_snapshots.rst | 68 +-- docs/community.aws.redshift_info.rst | 68 +-- docs/community.aws.redshift_subnet_group.rst | 69 +-- docs/community.aws.route53.rst | 362 +++++------- docs/community.aws.route53_health_check.rst | 88 +-- docs/community.aws.route53_info.rst | 114 ++-- docs/community.aws.route53_zone.rst | 80 +-- docs/community.aws.s3_bucket_notification.rst | 105 ++-- docs/community.aws.s3_lifecycle.rst | 140 ++--- docs/community.aws.s3_logging.rst | 62 +-- docs/community.aws.s3_sync.rst | 98 +--- docs/community.aws.s3_website.rst | 76 +-- docs/community.aws.sns.rst | 102 +--- docs/community.aws.sns_topic.rst | 122 ++-- docs/community.aws.sqs_queue.rst | 128 ++--- docs/community.aws.sts_assume_role.rst | 76 +-- docs/community.aws.sts_session_token.rst | 83 +-- galaxy.yml | 5 +- plugins/modules/aws_acm.py | 1 + plugins/modules/aws_acm_info.py | 1 + plugins/modules/aws_api_gateway.py | 1 + .../modules/aws_application_scaling_policy.py | 1 + .../modules/aws_batch_compute_environment.py | 1 + plugins/modules/aws_batch_job_definition.py | 1 + plugins/modules/aws_batch_job_queue.py | 1 + plugins/modules/aws_codebuild.py | 1 + plugins/modules/aws_codecommit.py | 1 + plugins/modules/aws_codepipeline.py | 1 + .../aws_config_aggregation_authorization.py | 1 + plugins/modules/aws_config_aggregator.py | 1 + .../modules/aws_config_delivery_channel.py | 1 + plugins/modules/aws_config_recorder.py | 1 + plugins/modules/aws_config_rule.py | 1 + .../modules/aws_direct_connect_connection.py | 1 + plugins/modules/aws_direct_connect_gateway.py | 1 + ...s_direct_connect_link_aggregation_group.py | 1 + .../aws_direct_connect_virtual_interface.py | 1 + plugins/modules/aws_eks_cluster.py | 1 + plugins/modules/aws_elasticbeanstalk_app.py | 1 + plugins/modules/aws_glue_connection.py | 1 + plugins/modules/aws_glue_job.py | 1 + plugins/modules/aws_inspector_target.py | 1 + plugins/modules/aws_kms.py | 1 + plugins/modules/aws_kms_info.py | 1 + plugins/modules/aws_region_info.py | 1 + plugins/modules/aws_s3_bucket_info.py | 1 + plugins/modules/aws_s3_cors.py | 1 + plugins/modules/aws_secret.py | 1 + plugins/modules/aws_ses_identity.py | 1 + plugins/modules/aws_ses_identity_policy.py | 1 + plugins/modules/aws_ses_rule_set.py | 1 + plugins/modules/aws_sgw_info.py | 1 + plugins/modules/aws_ssm_parameter_store.py | 1 + .../aws_step_functions_state_machine.py | 1 + ..._step_functions_state_machine_execution.py | 1 + plugins/modules/aws_waf_condition.py | 1 + plugins/modules/aws_waf_info.py | 1 + plugins/modules/aws_waf_rule.py | 1 + plugins/modules/aws_waf_web_acl.py | 1 + .../modules/cloudformation_exports_info.py | 1 + plugins/modules/cloudformation_stack_set.py | 1 + plugins/modules/cloudfront_distribution.py | 1 + plugins/modules/cloudfront_info.py | 1 + plugins/modules/cloudfront_invalidation.py | 1 + .../cloudfront_origin_access_identity.py | 1 + plugins/modules/cloudtrail.py | 1 + plugins/modules/cloudwatchevent_rule.py | 1 + plugins/modules/cloudwatchlogs_log_group.py | 1 + .../modules/cloudwatchlogs_log_group_info.py | 1 + .../cloudwatchlogs_log_group_metric_filter.py | 1 + plugins/modules/data_pipeline.py | 1 + plugins/modules/dms_endpoint.py | 1 + .../modules/dms_replication_subnet_group.py | 1 + plugins/modules/dynamodb_table.py | 1 + plugins/modules/dynamodb_ttl.py | 1 + plugins/modules/ec2_ami_copy.py | 1 + plugins/modules/ec2_asg.py | 1 + plugins/modules/ec2_asg_info.py | 1 + plugins/modules/ec2_asg_lifecycle_hook.py | 1 + plugins/modules/ec2_customer_gateway.py | 1 + plugins/modules/ec2_customer_gateway_info.py | 1 + plugins/modules/ec2_eip.py | 1 + plugins/modules/ec2_eip_info.py | 1 + plugins/modules/ec2_elb.py | 1 + plugins/modules/ec2_elb_info.py | 1 + plugins/modules/ec2_instance.py | 1 + plugins/modules/ec2_instance_info.py | 1 + plugins/modules/ec2_launch_template.py | 1 + plugins/modules/ec2_lc.py | 1 + plugins/modules/ec2_lc_find.py | 1 + plugins/modules/ec2_lc_info.py | 1 + plugins/modules/ec2_metric_alarm.py | 1 + plugins/modules/ec2_placement_group.py | 1 + plugins/modules/ec2_placement_group_info.py | 1 + plugins/modules/ec2_scaling_policy.py | 1 + plugins/modules/ec2_snapshot_copy.py | 1 + plugins/modules/ec2_transit_gateway.py | 1 + plugins/modules/ec2_transit_gateway_info.py | 1 + plugins/modules/ec2_vpc_egress_igw.py | 1 + plugins/modules/ec2_vpc_endpoint.py | 1 + plugins/modules/ec2_vpc_endpoint_info.py | 1 + plugins/modules/ec2_vpc_igw.py | 1 + plugins/modules/ec2_vpc_igw_info.py | 1 + plugins/modules/ec2_vpc_nacl.py | 1 + plugins/modules/ec2_vpc_nacl_info.py | 1 + plugins/modules/ec2_vpc_nat_gateway.py | 1 + plugins/modules/ec2_vpc_nat_gateway_info.py | 1 + plugins/modules/ec2_vpc_peer.py | 1 + plugins/modules/ec2_vpc_peering_info.py | 1 + plugins/modules/ec2_vpc_route_table.py | 1 + plugins/modules/ec2_vpc_route_table_info.py | 1 + plugins/modules/ec2_vpc_vgw.py | 1 + plugins/modules/ec2_vpc_vgw_info.py | 1 + plugins/modules/ec2_vpc_vpn.py | 1 + plugins/modules/ec2_vpc_vpn_info.py | 1 + plugins/modules/ec2_win_password.py | 1 + plugins/modules/ecs_attribute.py | 1 + plugins/modules/ecs_cluster.py | 1 + plugins/modules/ecs_ecr.py | 1 + plugins/modules/ecs_service.py | 1 + plugins/modules/ecs_service_info.py | 1 + plugins/modules/ecs_tag.py | 1 + plugins/modules/ecs_task.py | 1 + plugins/modules/ecs_taskdefinition.py | 1 + plugins/modules/ecs_taskdefinition_info.py | 1 + plugins/modules/efs.py | 1 + plugins/modules/efs_info.py | 1 + plugins/modules/elasticache.py | 1 + plugins/modules/elasticache_info.py | 1 + .../modules/elasticache_parameter_group.py | 1 + plugins/modules/elasticache_snapshot.py | 1 + plugins/modules/elasticache_subnet_group.py | 1 + plugins/modules/elb_application_lb.py | 1 + plugins/modules/elb_application_lb_info.py | 1 + plugins/modules/elb_classic_lb.py | 1 + plugins/modules/elb_classic_lb_info.py | 1 + plugins/modules/elb_instance.py | 1 + plugins/modules/elb_network_lb.py | 1 + plugins/modules/elb_target.py | 1 + plugins/modules/elb_target_group.py | 1 + plugins/modules/elb_target_group_info.py | 1 + plugins/modules/elb_target_info.py | 1 + plugins/modules/execute_lambda.py | 1 + plugins/modules/iam.py | 1 + plugins/modules/iam_cert.py | 1 + plugins/modules/iam_group.py | 1 + plugins/modules/iam_managed_policy.py | 1 + plugins/modules/iam_mfa_device_info.py | 1 + plugins/modules/iam_password_policy.py | 1 + plugins/modules/iam_policy.py | 1 + plugins/modules/iam_policy_info.py | 1 + plugins/modules/iam_role.py | 1 + plugins/modules/iam_role_info.py | 1 + plugins/modules/iam_saml_federation.py | 1 + .../modules/iam_server_certificate_info.py | 1 + plugins/modules/iam_user.py | 1 + plugins/modules/iam_user_info.py | 1 + plugins/modules/kinesis_stream.py | 1 + plugins/modules/lambda.py | 1 + plugins/modules/lambda_alias.py | 1 + plugins/modules/lambda_event.py | 1 + plugins/modules/lambda_facts.py | 1 + plugins/modules/lambda_info.py | 1 + plugins/modules/lambda_policy.py | 1 + plugins/modules/lightsail.py | 1 + plugins/modules/rds.py | 1 + plugins/modules/rds_instance.py | 1 + plugins/modules/rds_instance_info.py | 1 + plugins/modules/rds_param_group.py | 1 + plugins/modules/rds_snapshot.py | 1 + plugins/modules/rds_snapshot_info.py | 1 + plugins/modules/rds_subnet_group.py | 1 + plugins/modules/redshift.py | 1 + .../redshift_cross_region_snapshots.py | 1 + plugins/modules/redshift_info.py | 1 + plugins/modules/redshift_subnet_group.py | 1 + plugins/modules/route53.py | 1 + plugins/modules/route53_health_check.py | 1 + plugins/modules/route53_info.py | 1 + plugins/modules/route53_zone.py | 1 + plugins/modules/s3_bucket_notification.py | 1 + plugins/modules/s3_lifecycle.py | 1 + plugins/modules/s3_logging.py | 1 + plugins/modules/s3_sync.py | 1 + plugins/modules/s3_website.py | 1 + plugins/modules/sns.py | 1 + plugins/modules/sns_topic.py | 1 + plugins/modules/sqs_queue.py | 1 + plugins/modules/sts_assume_role.py | 1 + plugins/modules/sts_session_token.py | 1 + 347 files changed, 5394 insertions(+), 11895 deletions(-) diff --git a/README.md b/README.md index d1e211fb927..58b56eca5ba 100644 --- a/README.md +++ b/README.md @@ -6,185 +6,185 @@ The Ansible Community AWS collection includes a variety of Ansible content to he ## Included content -## Connection plugins +### Connection plugins Name | Description --- | --- -[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ssm.rst)|execute via AWS Systems Manager -## Modules +[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm.rst)|execute via AWS Systems Manager +### Modules Name | Description --- | --- -[community.aws.aws_acm](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_acm.rst)|Upload and delete certificates in the AWS Certificate Manager service -[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_acm_info.rst)|Retrieve certificate information from AWS Certificate Manager service -[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_api_gateway.rst)|Manage AWS API Gateway APIs -[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_application_scaling_policy.rst)|Manage Application Auto Scaling Scaling Policies -[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_batch_compute_environment.rst)|Manage AWS Batch Compute Environments -[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_batch_job_definition.rst)|Manage AWS Batch Job Definitions -[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_batch_job_queue.rst)|Manage AWS Batch Job Queues -[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_codebuild.rst)|Create or delete an AWS CodeBuild project -[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_codecommit.rst)|Manage repositories in AWS CodeCommit -[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_codepipeline.rst)|Create or delete AWS CodePipelines -[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_aggregation_authorization.rst)|Manage cross-account AWS Config authorizations -[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_aggregator.rst)|Manage AWS Config aggregations across multiple accounts -[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_delivery_channel.rst)|Manage AWS Config delivery channels -[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_recorder.rst)|Manage AWS Config Recorders -[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_config_rule.rst)|Manage AWS Config resources -[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_connection.rst)|Creates, deletes, modifies a DirectConnect connection -[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_gateway.rst)|Manage AWS Direct Connect gateway -[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_link_aggregation_group.rst)|Manage Direct Connect LAG bundles -[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_direct_connect_virtual_interface.rst)|Manage Direct Connect virtual interfaces -[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_eks_cluster.rst)|Manage Elastic Kubernetes Service Clusters -[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_elasticbeanstalk_app.rst)|Create, update, and delete an elastic beanstalk application -[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_glue_connection.rst)|Manage an AWS Glue connection -[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_glue_job.rst)|Manage an AWS Glue job -[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_inspector_target.rst)|Create, Update and Delete Amazon Inspector Assessment Targets -[community.aws.aws_kms](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_kms.rst)|Perform various KMS management tasks. -[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_kms_info.rst)|Gather information about AWS KMS keys -[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_region_info.rst)|Gather information about AWS regions. -[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_s3_bucket_info.rst)|Lists S3 buckets in AWS -[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_s3_cors.rst)|Manage CORS for S3 buckets in AWS -[community.aws.aws_secret](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_secret.rst)|Manage secrets stored in AWS Secrets Manager. -[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ses_identity.rst)|Manages SES email and domain identity -[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ses_identity_policy.rst)|Manages SES sending authorization policies -[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ses_rule_set.rst)|Manages SES inbound receipt rule sets -[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_sgw_info.rst)|Fetch AWS Storage Gateway information -[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_ssm_parameter_store.rst)|Manage key-value pairs in aws parameter store. -[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_step_functions_state_machine.rst)|Manage AWS Step Functions state machines -[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_step_functions_state_machine_execution.rst)|Start or stop execution of an AWS Step Functions state machine. -[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_condition.rst)|Create and delete WAF Conditions -[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_info.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. -[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_rule.rst)|Create and delete WAF Rules -[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.aws_waf_web_acl.rst)|Create and delete WAF Web ACLs. -[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudformation_exports_info.rst)|Read a value from CloudFormation Exports -[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudformation_stack_set.rst)|Manage groups of CloudFormation stacks -[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_distribution.rst)|Create, update and delete AWS CloudFront distributions. -[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_info.rst)|Obtain facts about an AWS CloudFront distribution -[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_invalidation.rst)|create invalidations for AWS CloudFront distributions -[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudfront_origin_access_identity.rst)|Create, update and delete origin access identities for a CloudFront distribution -[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudtrail.rst)|manage CloudTrail create, delete, update -[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchevent_rule.rst)|Manage CloudWatch Event rules and targets -[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchlogs_log_group.rst)|create or delete log_group in CloudWatchLogs -[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchlogs_log_group_info.rst)|Get information about log_group in CloudWatchLogs -[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst)|Manage CloudWatch log group metric filter -[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.data_pipeline.rst)|Create and manage AWS Datapipelines -[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dms_endpoint.rst)|Creates or destroys a data migration services endpoint -[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dms_replication_subnet_group.rst)|creates or destroys a data migration services subnet group -[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dynamodb_table.rst)|Create, update or delete AWS Dynamo DB tables -[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.dynamodb_ttl.rst)|Set TTL for a given DynamoDB table -[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_ami_copy.rst)|copies AMI between AWS regions, return new image id -[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_asg.rst)|Create or delete AWS AutoScaling Groups (ASGs) -[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_asg_info.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS -[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_asg_lifecycle_hook.rst)|Create, delete or update AWS ASG Lifecycle Hooks. -[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_customer_gateway.rst)|Manage an AWS customer gateway -[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_customer_gateway_info.rst)|Gather information about customer gateways in AWS -[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_eip.rst)|manages EC2 elastic IP (EIP) addresses. -[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_eip_info.rst)|List EC2 EIP details -[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_elb.rst)|De-registers or registers instances from EC2 ELBs -[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_elb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS -[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_instance.rst)|Create & manage EC2 instances -[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_instance_info.rst)|Gather information about ec2 instances in AWS -[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_launch_template.rst)|Manage EC2 launch templates -[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_lc.rst)|Create or delete AWS Autoscaling Launch Configurations -[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_lc_find.rst)|Find AWS Autoscaling Launch Configurations -[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_lc_info.rst)|Gather information about AWS Autoscaling Launch Configurations. -[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_metric_alarm.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' -[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_placement_group.rst)|Create or delete an EC2 Placement Group -[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_placement_group_info.rst)|List EC2 Placement Group(s) details -[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_scaling_policy.rst)|Create or delete AWS scaling policies for Autoscaling groups -[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_snapshot_copy.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. -[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_transit_gateway.rst)|Create and delete AWS Transit Gateways -[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_transit_gateway_info.rst)|Gather information about ec2 transit gateways in AWS -[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_egress_igw.rst)|Manage an AWS VPC Egress Only Internet gateway -[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_endpoint.rst)|Create and delete AWS VPC Endpoints. -[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_endpoint_info.rst)|Retrieves AWS VPC endpoints details using AWS methods. -[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_igw.rst)|Manage an AWS VPC Internet gateway -[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_igw_info.rst)|Gather information about internet gateways in AWS -[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nacl.rst)|create and delete Network ACLs. -[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nacl_info.rst)|Gather information about Network ACLs in an AWS VPC -[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nat_gateway.rst)|Manage AWS VPC NAT Gateways. -[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_nat_gateway_info.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. -[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_peer.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. -[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_peering_info.rst)|Retrieves AWS VPC Peering details using AWS methods. -[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_route_table.rst)|Manage route tables for AWS virtual private clouds -[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_route_table_info.rst)|Gather information about ec2 VPC route tables in AWS -[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vgw.rst)|Create and delete AWS VPN Virtual Gateways. -[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vgw_info.rst)|Gather information about virtual gateways in AWS -[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vpn.rst)|Create, modify, and delete EC2 VPN connections. -[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_vpc_vpn_info.rst)|Gather information about VPN Connections in AWS. -[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ec2_win_password.rst)|Gets the default administrator password for ec2 windows instances -[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_attribute.rst)|manage ecs attributes -[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_cluster.rst)|Create or terminate ECS clusters. -[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_ecr.rst)|Manage Elastic Container Registry repositories -[community.aws.ecs_service](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_service.rst)|Create, terminate, start or stop a service in ECS -[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_service_info.rst)|List or describe services in ECS -[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_tag.rst)|create and remove tags on Amazon ECS resources -[community.aws.ecs_task](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_task.rst)|Run, start or stop a task in ecs -[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_taskdefinition.rst)|register a task definition in ecs -[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.ecs_taskdefinition_info.rst)|Describe a task definition in ECS -[community.aws.efs](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.efs.rst)|create and maintain EFS file systems -[community.aws.efs_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.efs_info.rst)|Get information about Amazon EFS file systems -[community.aws.elasticache](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache.rst)|Manage cache clusters in Amazon ElastiCache -[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_info.rst)|Retrieve information for AWS ElastiCache clusters -[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_parameter_group.rst)|Manage cache parameter groups in Amazon ElastiCache. -[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_snapshot.rst)|Manage cache snapshots in Amazon ElastiCache -[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elasticache_subnet_group.rst)|manage ElastiCache subnet groups -[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_application_lb.rst)|Manage an Application load balancer -[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_application_lb_info.rst)|Gather information about application ELBs in AWS -[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_classic_lb.rst)|Creates or destroys Amazon ELB. -[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_classic_lb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS -[community.aws.elb_instance](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_instance.rst)|De-registers or registers instances from EC2 ELBs -[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_network_lb.rst)|Manage a Network Load Balancer -[community.aws.elb_target](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target.rst)|Manage a target in a target group -[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target_group.rst)|Manage a target group for an Application or Network load balancer -[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target_group_info.rst)|Gather information about ELB target groups in AWS -[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.elb_target_info.rst)|Gathers which target groups a target is associated with. -[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.execute_lambda.rst)|Execute an AWS Lambda function -[community.aws.iam](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam.rst)|Manage IAM users, groups, roles and keys -[community.aws.iam_cert](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_cert.rst)|Manage server certificates for use on ELBs and CloudFront -[community.aws.iam_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_group.rst)|Manage AWS IAM groups -[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_managed_policy.rst)|Manage User Managed IAM policies -[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_mfa_device_info.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user -[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_password_policy.rst)|Update an IAM Password Policy -[community.aws.iam_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_policy.rst)|Manage inline IAM policies for users, groups, and roles -[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_policy_info.rst)|Retrieve inline IAM policies for users, groups, and roles -[community.aws.iam_role](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_role.rst)|Manage AWS IAM roles -[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_role_info.rst)|Gather information on IAM roles -[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_saml_federation.rst)|Maintain IAM SAML federation configuration. -[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_server_certificate_info.rst)|Retrieve the information of a server certificate -[community.aws.iam_user](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_user.rst)|Manage AWS IAM users -[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.iam_user_info.rst)|Gather IAM user(s) facts in AWS -[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.kinesis_stream.rst)|Manage a Kinesis Stream. -[community.aws.lambda](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda.rst)|Manage AWS Lambda functions -[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_alias.rst)|Creates, updates or deletes AWS Lambda function aliases -[community.aws.lambda_event](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_event.rst)|Creates, updates or deletes AWS Lambda function event mappings -[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_facts.rst)|Gathers AWS Lambda function details as Ansible facts -[community.aws.lambda_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_info.rst)|Gathers AWS Lambda function details -[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lambda_policy.rst)|Creates, updates or deletes AWS Lambda policy statements. -[community.aws.lightsail](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.lightsail.rst)|Manage instances in AWS Lightsail -[community.aws.rds](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts -[community.aws.rds_instance](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_instance.rst)|Manage RDS instances -[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_instance_info.rst)|obtain information about one or more RDS instances -[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_param_group.rst)|manage RDS parameter groups -[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_snapshot.rst)|manage Amazon RDS snapshots. -[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_snapshot_info.rst)|obtain information about one or more RDS snapshots -[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.rds_subnet_group.rst)|manage RDS database subnet groups -[community.aws.redshift](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift.rst)|create, delete, or modify an Amazon Redshift instance -[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift_cross_region_snapshots.rst)|Manage Redshift Cross Region Snapshots -[community.aws.redshift_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift_info.rst)|Gather information about Redshift cluster(s) -[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.redshift_subnet_group.rst)|manage Redshift cluster subnet groups -[community.aws.route53](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53.rst)|add or delete entries in Amazons Route53 DNS service -[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53_health_check.rst)|Add or delete health-checks in Amazons Route53 DNS service -[community.aws.route53_info](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53_info.rst)|Retrieves route53 details using AWS methods -[community.aws.route53_zone](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.route53_zone.rst)|add or delete Route53 zones -[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_bucket_notification.rst)|Creates, updates or deletes S3 Bucket notification for lambda -[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_lifecycle.rst)|Manage s3 bucket lifecycle rules in AWS -[community.aws.s3_logging](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_logging.rst)|Manage logging facility of an s3 bucket in AWS -[community.aws.s3_sync](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_sync.rst)|Efficiently upload multiple files to S3 -[community.aws.s3_website](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.s3_website.rst)|Configure an s3 bucket as a website -[community.aws.sns](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sns.rst)|Send Amazon Simple Notification Service messages -[community.aws.sns_topic](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sns_topic.rst)|Manages AWS SNS topics and subscriptions -[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sqs_queue.rst)|Creates or deletes AWS SQS queues. -[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sts_assume_role.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials -[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws.git/blob/master/docs/community.aws.sts_session_token.rst)|Obtain a session token from the AWS Security Token Service +[community.aws.aws_acm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm.rst)|Upload and delete certificates in the AWS Certificate Manager service +[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm_info.rst)|Retrieve certificate information from AWS Certificate Manager service +[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_api_gateway.rst)|Manage AWS API Gateway APIs +[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_application_scaling_policy.rst)|Manage Application Auto Scaling Scaling Policies +[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_compute_environment.rst)|Manage AWS Batch Compute Environments +[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_definition.rst)|Manage AWS Batch Job Definitions +[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_queue.rst)|Manage AWS Batch Job Queues +[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codebuild.rst)|Create or delete an AWS CodeBuild project +[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codecommit.rst)|Manage repositories in AWS CodeCommit +[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codepipeline.rst)|Create or delete AWS CodePipelines +[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregation_authorization.rst)|Manage cross-account AWS Config authorizations +[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregator.rst)|Manage AWS Config aggregations across multiple accounts +[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_delivery_channel.rst)|Manage AWS Config delivery channels +[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_recorder.rst)|Manage AWS Config Recorders +[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_rule.rst)|Manage AWS Config resources +[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_connection.rst)|Creates, deletes, modifies a DirectConnect connection +[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_gateway.rst)|Manage AWS Direct Connect gateway +[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_link_aggregation_group.rst)|Manage Direct Connect LAG bundles +[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_virtual_interface.rst)|Manage Direct Connect virtual interfaces +[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_eks_cluster.rst)|Manage Elastic Kubernetes Service Clusters +[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_elasticbeanstalk_app.rst)|Create, update, and delete an elastic beanstalk application +[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_connection.rst)|Manage an AWS Glue connection +[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_job.rst)|Manage an AWS Glue job +[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_inspector_target.rst)|Create, Update and Delete Amazon Inspector Assessment Targets +[community.aws.aws_kms](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms.rst)|Perform various KMS management tasks. +[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms_info.rst)|Gather information about AWS KMS keys +[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_region_info.rst)|Gather information about AWS regions. +[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_bucket_info.rst)|Lists S3 buckets in AWS +[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_cors.rst)|Manage CORS for S3 buckets in AWS +[community.aws.aws_secret](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_secret.rst)|Manage secrets stored in AWS Secrets Manager. +[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity.rst)|Manages SES email and domain identity +[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity_policy.rst)|Manages SES sending authorization policies +[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_rule_set.rst)|Manages SES inbound receipt rule sets +[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_sgw_info.rst)|Fetch AWS Storage Gateway information +[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm_parameter_store.rst)|Manage key-value pairs in aws parameter store. +[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine.rst)|Manage AWS Step Functions state machines +[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine_execution.rst)|Start or stop execution of an AWS Step Functions state machine. +[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_condition.rst)|Create and delete WAF Conditions +[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_info.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. +[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_rule.rst)|Create and delete WAF Rules +[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_web_acl.rst)|Create and delete WAF Web ACLs. +[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_exports_info.rst)|Read a value from CloudFormation Exports +[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_stack_set.rst)|Manage groups of CloudFormation stacks +[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_distribution.rst)|Create, update and delete AWS CloudFront distributions. +[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_info.rst)|Obtain facts about an AWS CloudFront distribution +[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_invalidation.rst)|create invalidations for AWS CloudFront distributions +[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_origin_access_identity.rst)|Create, update and delete origin access identities for a CloudFront distribution +[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudtrail.rst)|manage CloudTrail create, delete, update +[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchevent_rule.rst)|Manage CloudWatch Event rules and targets +[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group.rst)|create or delete log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_info.rst)|Get information about log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst)|Manage CloudWatch log group metric filter +[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.data_pipeline.rst)|Create and manage AWS Datapipelines +[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_endpoint.rst)|Creates or destroys a data migration services endpoint +[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_replication_subnet_group.rst)|creates or destroys a data migration services subnet group +[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_table.rst)|Create, update or delete AWS Dynamo DB tables +[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_ttl.rst)|Set TTL for a given DynamoDB table +[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_ami_copy.rst)|copies AMI between AWS regions, return new image id +[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg.rst)|Create or delete AWS AutoScaling Groups (ASGs) +[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_info.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_lifecycle_hook.rst)|Create, delete or update AWS ASG Lifecycle Hooks. +[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway.rst)|Manage an AWS customer gateway +[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway_info.rst)|Gather information about customer gateways in AWS +[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip.rst)|manages EC2 elastic IP (EIP) addresses. +[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip_info.rst)|List EC2 EIP details +[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance.rst)|Create & manage EC2 instances +[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance_info.rst)|Gather information about ec2 instances in AWS +[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_launch_template.rst)|Manage EC2 launch templates +[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc.rst)|Create or delete AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_find.rst)|Find AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_info.rst)|Gather information about AWS Autoscaling Launch Configurations. +[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_metric_alarm.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' +[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group.rst)|Create or delete an EC2 Placement Group +[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group_info.rst)|List EC2 Placement Group(s) details +[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_scaling_policy.rst)|Create or delete AWS scaling policies for Autoscaling groups +[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_snapshot_copy.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. +[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway.rst)|Create and delete AWS Transit Gateways +[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway_info.rst)|Gather information about ec2 transit gateways in AWS +[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_egress_igw.rst)|Manage an AWS VPC Egress Only Internet gateway +[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint.rst)|Create and delete AWS VPC Endpoints. +[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint_info.rst)|Retrieves AWS VPC endpoints details using AWS methods. +[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw.rst)|Manage an AWS VPC Internet gateway +[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw_info.rst)|Gather information about internet gateways in AWS +[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl.rst)|create and delete Network ACLs. +[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl_info.rst)|Gather information about Network ACLs in an AWS VPC +[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway.rst)|Manage AWS VPC NAT Gateways. +[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway_info.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. +[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peer.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. +[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peering_info.rst)|Retrieves AWS VPC Peering details using AWS methods. +[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table.rst)|Manage route tables for AWS virtual private clouds +[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table_info.rst)|Gather information about ec2 VPC route tables in AWS +[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw.rst)|Create and delete AWS VPN Virtual Gateways. +[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw_info.rst)|Gather information about virtual gateways in AWS +[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn.rst)|Create, modify, and delete EC2 VPN connections. +[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn_info.rst)|Gather information about VPN Connections in AWS. +[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_win_password.rst)|Gets the default administrator password for ec2 windows instances +[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_attribute.rst)|manage ecs attributes +[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_cluster.rst)|Create or terminate ECS clusters. +[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_ecr.rst)|Manage Elastic Container Registry repositories +[community.aws.ecs_service](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service.rst)|Create, terminate, start or stop a service in ECS +[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service_info.rst)|List or describe services in ECS +[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_tag.rst)|create and remove tags on Amazon ECS resources +[community.aws.ecs_task](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_task.rst)|Run, start or stop a task in ecs +[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition.rst)|register a task definition in ecs +[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition_info.rst)|Describe a task definition in ECS +[community.aws.efs](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs.rst)|create and maintain EFS file systems +[community.aws.efs_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs_info.rst)|Get information about Amazon EFS file systems +[community.aws.elasticache](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache.rst)|Manage cache clusters in Amazon ElastiCache +[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_info.rst)|Retrieve information for AWS ElastiCache clusters +[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_parameter_group.rst)|Manage cache parameter groups in Amazon ElastiCache. +[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_snapshot.rst)|Manage cache snapshots in Amazon ElastiCache +[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_subnet_group.rst)|manage ElastiCache subnet groups +[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb.rst)|Manage an Application load balancer +[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb_info.rst)|Gather information about application ELBs in AWS +[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb.rst)|Creates or destroys Amazon ELB. +[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.elb_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_instance.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_network_lb.rst)|Manage a Network Load Balancer +[community.aws.elb_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target.rst)|Manage a target in a target group +[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group.rst)|Manage a target group for an Application or Network load balancer +[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group_info.rst)|Gather information about ELB target groups in AWS +[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_info.rst)|Gathers which target groups a target is associated with. +[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.execute_lambda.rst)|Execute an AWS Lambda function +[community.aws.iam](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam.rst)|Manage IAM users, groups, roles and keys +[community.aws.iam_cert](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_cert.rst)|Manage server certificates for use on ELBs and CloudFront +[community.aws.iam_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_group.rst)|Manage AWS IAM groups +[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_managed_policy.rst)|Manage User Managed IAM policies +[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_mfa_device_info.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user +[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_password_policy.rst)|Update an IAM Password Policy +[community.aws.iam_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy.rst)|Manage inline IAM policies for users, groups, and roles +[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy_info.rst)|Retrieve inline IAM policies for users, groups, and roles +[community.aws.iam_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role.rst)|Manage AWS IAM roles +[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role_info.rst)|Gather information on IAM roles +[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_saml_federation.rst)|Maintain IAM SAML federation configuration. +[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_server_certificate_info.rst)|Retrieve the information of a server certificate +[community.aws.iam_user](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user.rst)|Manage AWS IAM users +[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user_info.rst)|Gather IAM user(s) facts in AWS +[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.kinesis_stream.rst)|Manage a Kinesis Stream. +[community.aws.lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda.rst)|Manage AWS Lambda functions +[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_alias.rst)|Creates, updates or deletes AWS Lambda function aliases +[community.aws.lambda_event](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_event.rst)|Creates, updates or deletes AWS Lambda function event mappings +[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_facts.rst)|Gathers AWS Lambda function details as Ansible facts +[community.aws.lambda_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_info.rst)|Gathers AWS Lambda function details +[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_policy.rst)|Creates, updates or deletes AWS Lambda policy statements. +[community.aws.lightsail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lightsail.rst)|Manage instances in AWS Lightsail +[community.aws.rds](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts +[community.aws.rds_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance.rst)|Manage RDS instances +[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance_info.rst)|obtain information about one or more RDS instances +[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_param_group.rst)|manage RDS parameter groups +[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot.rst)|manage Amazon RDS snapshots. +[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot_info.rst)|obtain information about one or more RDS snapshots +[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_subnet_group.rst)|manage RDS database subnet groups +[community.aws.redshift](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift.rst)|create, delete, or modify an Amazon Redshift instance +[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_cross_region_snapshots.rst)|Manage Redshift Cross Region Snapshots +[community.aws.redshift_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_info.rst)|Gather information about Redshift cluster(s) +[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_subnet_group.rst)|manage Redshift cluster subnet groups +[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53.rst)|add or delete entries in Amazons Route53 DNS service +[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_health_check.rst)|Add or delete health-checks in Amazons Route53 DNS service +[community.aws.route53_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_info.rst)|Retrieves route53 details using AWS methods +[community.aws.route53_zone](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_zone.rst)|add or delete Route53 zones +[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_bucket_notification.rst)|Creates, updates or deletes S3 Bucket notification for lambda +[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_lifecycle.rst)|Manage s3 bucket lifecycle rules in AWS +[community.aws.s3_logging](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_logging.rst)|Manage logging facility of an s3 bucket in AWS +[community.aws.s3_sync](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_sync.rst)|Efficiently upload multiple files to S3 +[community.aws.s3_website](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_website.rst)|Configure an s3 bucket as a website +[community.aws.sns](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns.rst)|Send Amazon Simple Notification Service messages +[community.aws.sns_topic](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns_topic.rst)|Manages AWS SNS topics and subscriptions +[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sqs_queue.rst)|Creates or deletes AWS SQS queues. +[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_assume_role.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials +[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_session_token.rst)|Obtain a session token from the AWS Security Token Service ## Installing this collection @@ -263,4 +263,4 @@ See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/commun GNU General Public License v3.0 or later. -See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. +See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. \ No newline at end of file diff --git a/docs/community.aws.aws_acm.rst b/docs/community.aws.aws_acm.rst index 8d0793fc7d4..9df10011171 100644 --- a/docs/community.aws.aws_acm.rst +++ b/docs/community.aws.aws_acm.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_acm_: +.. _community.aws.aws_acm_module: ********************* @@ -39,7 +40,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -55,7 +56,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -69,9 +69,7 @@ Parameters - - - +
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

aliases: ec2_access_key, access_key
@@ -87,9 +85,7 @@ Parameters - - - +
A dictionary to modify the botocore configuration.
Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
@@ -106,9 +102,7 @@ Parameters - - - +
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

aliases: ec2_secret_key, secret_key
@@ -124,9 +118,7 @@ Parameters - - - +
The body of the PEM encoded public certificate.
Required when state is not absent.
If your certificate is in a file, use lookup('file', 'path/to/cert.pem').
@@ -143,9 +135,7 @@ Parameters - - - +
The ARN of a certificate in ACM to delete
Ignored when state=present.
If state=absent, you must provide one of certificate_arn, domain_name or name_tag.
@@ -165,9 +155,7 @@ Parameters - - - +
The body of the PEM encoded chain for your certificate.
If your certificate chain is in a file, use lookup('file', 'path/to/chain.pem').
Ignored when state=absent
@@ -188,9 +176,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -205,9 +191,7 @@ Parameters - - - +
    The domain name of the certificate.
    If state=absent and domain_name is specified, this task will delete all ACM certificates with this domain.
    Exactly one of domain_name, name_tag and certificate_arn must be provided.
    @@ -226,9 +210,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -243,9 +225,7 @@ Parameters - - - +
    The unique identifier for tagging resources using AWS tags, with key Name.
    This can be any set of characters accepted by AWS for tag values.
    This is to ensure Ansible can treat certificates idempotently, even though the ACM API allows duplicate certificates.
    @@ -265,9 +245,7 @@ Parameters - - - +
    The body of the PEM encoded private key.
    Required when state=present.
    Ignored when state=absent.
    @@ -285,9 +263,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -302,9 +278,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -320,9 +294,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -342,9 +314,7 @@ Parameters
  • absent
    • - - - +
    If state=present, the specified public certificate and private key will be uploaded, with Name tag equal to name_tag.
    If state=absent, any certificates in this region with a corresponding domain_name, name_tag or certificate_arn will be deleted.
    @@ -364,9 +334,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -392,14 +360,14 @@ Examples - name: upload a self-signed certificate - aws_acm: + community.aws.aws_acm: certificate: "{{ lookup('file', 'cert.pem' ) }}" privateKey: "{{ lookup('file', 'key.pem' ) }}" name_tag: my_cert # to be applied through an AWS tag as "Name":"my_cert" region: ap-southeast-2 # AWS region - name: create/update a certificate with a chain - aws_acm: + community.aws.aws_acm: certificate: "{{ lookup('file', 'cert.pem' ) }}" privateKey: "{{ lookup('file', 'key.pem' ) }}" name_tag: my_cert @@ -413,19 +381,19 @@ Examples var: cert_create.certificate.arn - name: delete the cert we just created - aws_acm: + community.aws.aws_acm: name_tag: my_cert state: absent region: ap-southeast-2 - name: delete a certificate with a particular ARN - aws_acm: + community.aws.aws_acm: certificate_arn: "arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901" state: absent region: ap-southeast-2 - name: delete all certificates with a particular domain name - aws_acm: + community.aws.aws_acm: domain_name: acm.ansible.com state: absent region: ap-southeast-2 @@ -436,7 +404,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_acm_info.rst b/docs/community.aws.aws_acm_info.rst index 5b9704051e2..e68876774ee 100644 --- a/docs/community.aws.aws_acm_info.rst +++ b/docs/community.aws.aws_acm_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_acm_info_: +.. _community.aws.aws_acm_info_module: ************************** @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    If provided, the results will be filtered to show only the certificate with this ARN.
    If no certificate with this ARN exists, this task will fail.
    If a certificate with this ARN exists in a different region, this task will fail
    @@ -134,9 +126,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -151,9 +141,7 @@ Parameters - - - +
    The domain name of an ACM certificate to limit the search to

    aliases: name
    @@ -169,9 +157,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -186,9 +172,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -203,9 +187,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -221,9 +203,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -248,9 +228,7 @@ Parameters
  • FAILED
    • - - - +
    Status to filter the certificate results
    @@ -265,9 +243,7 @@ Parameters - - - +
    Filter results to show only certificates with tags that match all the tags specified here.
    @@ -286,9 +262,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -313,19 +287,19 @@ Examples - name: obtain all ACM certificates - aws_acm_info: + community.aws.aws_acm_info: - name: obtain all information for a single ACM certificate - aws_acm_info: + community.aws.aws_acm_info: domain_name: "*.example_com" - name: obtain all certificates pending validation - aws_acm_info: + community.aws.aws_acm_info: statuses: - PENDING_VALIDATION - name: obtain all certificates with tag Name=foo and myTag=bar - aws_acm_info: + community.aws.aws_acm_info: tags: Name: foo myTag: bar @@ -333,7 +307,7 @@ Examples # The output is still a list of certificates, just one item long. - name: obtain information about a certificate with a particular ARN - aws_acm_info: + community.aws.aws_acm_info: certificate_arn: "arn:aws:acm:ap-southeast-2:123456789876:certificate/abcdeabc-abcd-1234-4321-abcdeabcde12" @@ -342,7 +316,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_api_gateway.rst b/docs/community.aws.aws_api_gateway.rst index 91b4a960ad1..2e8a844fbef 100644 --- a/docs/community.aws.aws_api_gateway.rst +++ b/docs/community.aws.aws_api_gateway.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_api_gateway_: +.. _community.aws.aws_api_gateway_module: ***************************** @@ -26,7 +27,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    The ID of the API you want to manage.
    @@ -73,9 +71,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -91,9 +87,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -110,9 +104,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Enable API GW caching of backend responses. Defaults to false.
    @@ -159,9 +149,7 @@ Parameters
  • 237
    • - - - +
    Size in GB of the API GW cache, becomes effective when cache_enabled is true.
    @@ -180,9 +168,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -198,9 +184,7 @@ Parameters Default:
    "Automatic deployment by Ansible."
    - - - +
    Description of the deployment - recorded and visible in the AWS console.
    @@ -215,9 +199,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -237,9 +219,7 @@ Parameters
  • PRIVATE
    • - - - +
    Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
    REGIONAL for just a regional deploy or PRIVATE for a private API.
    This will flag will only be used when creating a new API Gateway setup, not for updates.
    @@ -256,9 +236,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -273,9 +251,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -291,9 +267,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -309,9 +283,7 @@ Parameters - - - +
    The name of the stage the API should be deployed to.
    @@ -326,9 +298,7 @@ Parameters - - - +
    Canary settings for the deployment of the stage.
    Dict with following settings:
    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
    @@ -349,9 +319,7 @@ Parameters - - - +
    ENV variables for the stage. Define a dict of key values pairs for variables.
    @@ -370,9 +338,7 @@ Parameters
  • absent
    • - - - +
    Create or delete API Gateway.
    @@ -387,9 +353,7 @@ Parameters - - - +
    Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
    @@ -404,9 +368,7 @@ Parameters - - - +
    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.

    aliases: src, api_file
    @@ -422,9 +384,7 @@ Parameters - - - +
    Swagger definitions for API in JSON or YAML as a string direct from playbook.
    @@ -443,9 +403,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether active tracing with X-ray is enabled for the API GW stage.
    @@ -464,9 +422,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -493,7 +449,7 @@ Examples - name: Setup AWS API Gateway setup on AWS and deploy API definition - aws_api_gateway: + community.aws.aws_api_gateway: swagger_file: my_api.yml stage: production cache_enabled: true @@ -503,7 +459,7 @@ Examples state: present - name: Update API definition to deploy new version - aws_api_gateway: + community.aws.aws_api_gateway: api_id: 'abc123321cba' swagger_file: my_api.yml deploy_desc: Make auth fix available. @@ -513,7 +469,7 @@ Examples state: present - name: Update API definitions and settings and deploy as canary - aws_api_gateway: + community.aws.aws_api_gateway: api_id: 'abc123321cba' swagger_file: my_api.yml cache_enabled: true @@ -526,7 +482,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_application_scaling_policy.rst b/docs/community.aws.aws_application_scaling_policy.rst index 39f96644674..e244a142610 100644 --- a/docs/community.aws.aws_application_scaling_policy.rst +++ b/docs/community.aws.aws_application_scaling_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_application_scaling_policy_: +.. _community.aws.aws_application_scaling_policy_module: ******************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service.
    @@ -186,9 +172,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to override values of minimum and/or maximum tasks if it's already set.
    @@ -203,9 +187,7 @@ Parameters - - - +
    The name of the scaling policy.
    @@ -224,9 +206,7 @@ Parameters
  • TargetTrackingScaling
    • - - - +
    The policy type.
    @@ -241,9 +221,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -258,9 +236,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -276,9 +252,7 @@ Parameters - - - +
    The identifier of the resource associated with the scalable target.
    @@ -303,9 +277,7 @@ Parameters
  • dynamodb:index:WriteCapacityUnits
    • - - - +
    The scalable dimension associated with the scalable target.
    @@ -320,9 +292,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -345,9 +315,7 @@ Parameters
  • dynamodb
    • - - - +
    The namespace of the AWS service.
    @@ -366,9 +334,7 @@ Parameters
  • present
    • - - - +
    Whether a policy should be present or absent
    @@ -383,9 +349,7 @@ Parameters - - - +
    A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
    @@ -400,9 +364,7 @@ Parameters - - - +
    A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
    Full documentation of the suboptions can be found in the API documentation:
    @@ -420,9 +382,7 @@ Parameters - - - +
    The metric to use if using a customized metric.
    @@ -442,9 +402,7 @@ Parameters
  • yes
    • - - - +
    Whether scaling-in should be disabled.
    @@ -460,9 +418,7 @@ Parameters - - - +
    The metric to use if using a predefined metric.
    @@ -478,9 +434,7 @@ Parameters - - - +
    The time (in seconds) to wait after scaling-in before another scaling action can occur.
    @@ -496,9 +450,7 @@ Parameters - - - +
    The time (in seconds) to wait after scaling-out before another scaling action can occur.
    @@ -514,9 +466,7 @@ Parameters - - - +
    The target value for the metric
    @@ -536,9 +486,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -567,7 +515,7 @@ Examples # Create step scaling policy for ECS Service - name: scaling_policy - aws_application_scaling_policy: + community.aws.aws_application_scaling_policy: state: present policy_name: test_policy service_namespace: ecs @@ -588,7 +536,7 @@ Examples # Create target tracking scaling policy for ECS Service - name: scaling_policy - aws_application_scaling_policy: + community.aws.aws_application_scaling_policy: state: present policy_name: test_policy service_namespace: ecs @@ -606,7 +554,7 @@ Examples # Remove scalable target for ECS Service - name: scaling_policy - aws_application_scaling_policy: + community.aws.aws_application_scaling_policy: state: absent policy_name: test_policy policy_type: StepScaling @@ -619,7 +567,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_batch_compute_environment.rst b/docs/community.aws.aws_batch_compute_environment.rst index 4acb618b32e..9422dfab469 100644 --- a/docs/community.aws.aws_batch_compute_environment.rst +++ b/docs/community.aws.aws_batch_compute_environment.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_batch_compute_environment_: +.. _community.aws.aws_batch_compute_environment_module: ******************************************* @@ -17,13 +18,13 @@ community.aws.aws_batch_compute_environment Synopsis -------- -- This module allows the management of AWS Batch Compute Environments. It is idempotent and supports "Check" mode. Use module :ref:`aws_batch_compute_environment ` to manage the compute environment, :ref:`aws_batch_job_queue ` to manage job queues, :ref:`aws_batch_job_definition ` to manage job definitions. +- This module allows the management of AWS Batch Compute Environments. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
    @@ -125,9 +117,7 @@ Parameters - - - +
    The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
    @@ -146,9 +136,7 @@ Parameters
  • DISABLED
    • - - - +
    The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
    @@ -167,9 +155,7 @@ Parameters
  • SPOT
    • - - - +
    The type of compute resource.
    @@ -188,9 +174,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -205,9 +189,7 @@ Parameters - - - +
    The desired number of EC2 vCPUS in the compute environment.
    @@ -222,9 +204,7 @@ Parameters - - - +
    The EC2 key pair that is used for instances launched in the compute environment.
    @@ -239,9 +219,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -256,9 +234,7 @@ Parameters - - - +
    The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
    @@ -273,9 +249,7 @@ Parameters - - - +
    The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
    @@ -290,9 +264,7 @@ Parameters - - - +
    The instance types that may be launched.
    @@ -307,9 +279,7 @@ Parameters - - - +
    The maximum number of EC2 vCPUs that an environment can reach.
    @@ -324,9 +294,7 @@ Parameters - - - +
    The minimum number of EC2 vCPUs that an environment should maintain.
    @@ -341,9 +309,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -358,9 +324,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -376,9 +340,7 @@ Parameters - - - +
    The EC2 security groups that are associated with instances launched in the compute environment.
    @@ -393,9 +355,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -411,9 +371,7 @@ Parameters - - - +
    The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
    @@ -428,9 +386,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
    @@ -449,9 +405,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -466,9 +420,7 @@ Parameters - - - +
    The VPC subnets into which the compute resources are launched.
    @@ -483,9 +435,7 @@ Parameters - - - +
    Key-value pair tags to be applied to resources that are launched in the compute environment.
    @@ -504,9 +454,7 @@ Parameters
  • UNMANAGED
    • - - - +
    The type of the compute environment.
    @@ -525,9 +473,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -558,7 +504,7 @@ Examples state: present tasks: - name: My Batch Compute Environment - aws_batch_compute_environment: + community.aws.aws_batch_compute_environment: compute_environment_name: computeEnvironmentName state: present region: us-east-1 @@ -592,7 +538,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_batch_job_definition.rst b/docs/community.aws.aws_batch_job_definition.rst index 835346efa4d..4e6cd969454 100644 --- a/docs/community.aws.aws_batch_job_definition.rst +++ b/docs/community.aws.aws_batch_job_definition.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_batch_job_definition_: +.. _community.aws.aws_batch_job_definition_module: ************************************** @@ -17,13 +18,13 @@ community.aws.aws_batch_job_definition Synopsis -------- -- This module allows the management of AWS Batch Job Definitions. It is idempotent and supports "Check" mode. Use module :ref:`aws_batch_compute_environment ` to manage the compute environment, :ref:`aws_batch_job_queue ` to manage job queues, :ref:`aws_batch_job_definition ` to manage job definitions. +- This module allows the management of AWS Batch Job Definitions. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -125,9 +117,7 @@ Parameters - - - +
    The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
    @@ -146,9 +136,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The name of the key value pair. For environment variables, this is the name of the environment variable.
    @@ -216,9 +198,7 @@ Parameters - - - +
    The value of the key value pair. For environment variables, this is the value of the environment variable.
    @@ -234,9 +214,7 @@ Parameters - - - +
    The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
    @@ -251,9 +229,7 @@ Parameters - - - +
    The ARN for the job definition.
    @@ -268,9 +244,7 @@ Parameters - - - +
    The name for the job definition.
    @@ -285,9 +259,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
    @@ -302,9 +274,7 @@ Parameters - - - +
    The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
    @@ -319,9 +289,7 @@ Parameters - - - +
    The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
    @@ -337,9 +305,7 @@ Parameters - - - +
    The path on the container at which to mount the host volume.
    @@ -355,9 +321,7 @@ Parameters - - - +
    If this value is true , the container has read-only access to the volume; otherwise, the container can write to the volume. The default value is false.
    @@ -373,9 +337,7 @@ Parameters - - - +
    The name of the volume to mount.
    @@ -391,9 +353,7 @@ Parameters - - - +
    Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
    @@ -408,9 +368,7 @@ Parameters - - - +
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
    @@ -425,9 +383,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -442,9 +398,7 @@ Parameters - - - +
    When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
    @@ -459,9 +413,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -477,9 +429,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -499,9 +449,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -516,9 +464,7 @@ Parameters - - - +
    The type of job definition.
    @@ -533,9 +479,7 @@ Parameters - - - +
    A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run.
    @@ -551,9 +495,7 @@ Parameters - - - +
    The hard limit for the ulimit type.
    @@ -569,9 +511,7 @@ Parameters - - - +
    The type of the ulimit.
    @@ -587,9 +527,7 @@ Parameters - - - +
    The soft limit for the ulimit type.
    @@ -605,9 +543,7 @@ Parameters - - - +
    The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
    @@ -626,9 +562,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -643,9 +577,7 @@ Parameters - - - +
    The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
    @@ -660,9 +592,7 @@ Parameters - - - +
    A list of data volumes used in a job.
    @@ -678,9 +608,7 @@ Parameters - - - +
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume, but the data is not guaranteed to persist after the containers associated with it stop running. This is a dictionary with one property, sourcePath - The path on the host container instance that is presented to the container. If this parameter is empty,then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value does not exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
    @@ -696,9 +624,7 @@ Parameters - - - +
    The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
    @@ -730,7 +656,7 @@ Examples state: present tasks: - name: My Batch Job Definition - aws_batch_job_definition: + community.aws.aws_batch_job_definition: job_definition_name: My Batch Job Definition state: present type: container @@ -756,7 +682,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_batch_job_queue.rst b/docs/community.aws.aws_batch_job_queue.rst index 6426b2993c3..aa0dacd87ce 100644 --- a/docs/community.aws.aws_batch_job_queue.rst +++ b/docs/community.aws.aws_batch_job_queue.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_batch_job_queue_: +.. _community.aws.aws_batch_job_queue_module: ********************************* @@ -17,13 +18,13 @@ community.aws.aws_batch_job_queue Synopsis -------- -- This module allows the management of AWS Batch Job Queues. It is idempotent and supports "Check" mode. Use module :ref:`aws_batch_compute_environment ` to manage the compute environment, :ref:`aws_batch_job_queue ` to manage job queues, :ref:`aws_batch_job_definition ` to manage job definitions. +- This module allows the management of AWS Batch Job Queues. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
    @@ -126,9 +118,7 @@ Parameters - - - +
    The name of the compute environment.
    @@ -144,9 +134,7 @@ Parameters - - - +
    The relative priority of the environment.
    @@ -166,9 +154,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The name for the job queue
    @@ -221,9 +203,7 @@ Parameters
  • DISABLED
    • - - - +
    The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
    @@ -238,9 +218,7 @@ Parameters - - - +
    The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
    @@ -255,9 +233,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -272,9 +248,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -290,9 +264,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -312,9 +284,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -333,9 +303,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -366,7 +334,7 @@ Examples state: present tasks: - name: My Batch Job Queue - aws_batch_job_queue: + community.aws.aws_batch_job_queue: job_queue_name: jobQueueName state: present region: us-east-1 @@ -388,7 +356,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_codebuild.rst b/docs/community.aws.aws_codebuild.rst index 83e3d069378..7a4915af009 100644 --- a/docs/community.aws.aws_codebuild.rst +++ b/docs/community.aws.aws_codebuild.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_codebuild_: +.. _community.aws.aws_codebuild_module: *************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    Information about the build output artifacts for the build project.
    @@ -72,9 +70,7 @@ Parameters - - - +
    Information about the build output artifact location. When choosing type S3, set the bucket name here.
    @@ -90,9 +86,7 @@ Parameters - - - +
    Along with path and namespace_type, the pattern that AWS CodeBuild will use to name and store the output artifact.
    @@ -108,9 +102,7 @@ Parameters - - - +
    Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts.
    Accepts BUILD_ID and NONE.
    @@ -128,9 +120,7 @@ Parameters - - - +
    The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Along with namespace_type and name, the pattern that AWS CodeBuild will use to name and store the output artifacts.
    Used for path in S3 bucket when type is S3.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The type of build output for artifacts. Can be one of the following: CODEPIPELINE, NO_ARTIFACTS, S3.
    @@ -183,9 +169,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -201,9 +185,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -220,9 +202,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -238,9 +218,7 @@ Parameters - - - +
    Caching params to speed up following builds.
    @@ -256,9 +234,7 @@ Parameters - - - +
    Caching location on S3.
    @@ -274,9 +250,7 @@ Parameters - - - +
    Cache type. Can be NO_CACHE or S3.
    @@ -296,9 +270,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -313,9 +285,7 @@ Parameters - - - +
    Descriptive text of the CodeBuild project.
    @@ -330,9 +300,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -347,9 +315,7 @@ Parameters - - - +
    The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
    @@ -364,9 +330,7 @@ Parameters - - - +
    Information about the build environment for the build project.
    @@ -382,9 +346,7 @@ Parameters - - - +
    Information about the compute resources the build project will use.
    Available values include: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE.
    @@ -401,9 +363,7 @@ Parameters - - - +
    A set of environment variables to make available to builds for the build project. List of dictionaries with name and value fields.
    Example: { name: 'MY_ENV_VARIABLE', value: 'test' }
    @@ -420,9 +380,7 @@ Parameters - - - +
    The ID of the Docker image to use for this build project.
    @@ -438,9 +396,7 @@ Parameters - - - +
    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
    @@ -456,9 +412,7 @@ Parameters - - - +
    The type of build environment to use for the project. Usually LINUX_CONTAINER.
    @@ -474,9 +428,7 @@ Parameters - - - +
    Name of the CodeBuild project.
    @@ -491,9 +443,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -508,9 +458,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -526,9 +474,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -544,9 +490,7 @@ Parameters - - - +
    The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
    @@ -561,9 +505,7 @@ Parameters - - - +
    Configure service and location for the build input source.
    @@ -579,9 +521,7 @@ Parameters - - - +
    The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
    @@ -597,9 +537,7 @@ Parameters - - - +
    When using git you can specify the clone depth as an integer here.
    @@ -619,9 +557,7 @@ Parameters
  • yes
    • - - - +
    Enable this flag to ignore SSL warnings while connecting to the project source code.
    @@ -637,9 +573,7 @@ Parameters - - - +
    Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
    @@ -655,9 +589,7 @@ Parameters - - - +
    The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE.
    @@ -677,9 +609,7 @@ Parameters
  • absent
    • - - - +
    Create or remove code build project.
    @@ -694,9 +624,7 @@ Parameters - - - +
    A set of tags for the build project.
    @@ -712,9 +640,7 @@ Parameters - - - +
    The name of the Tag.
    @@ -730,9 +656,7 @@ Parameters - - - +
    The value of the Tag.
    @@ -749,9 +673,7 @@ Parameters Default:
    60
    - - - +
    How long CodeBuild should wait until timing out any build that has not been marked as completed.
    @@ -770,9 +692,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -787,9 +707,7 @@ Parameters - - - +
    The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
    @@ -816,7 +734,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - - aws_codebuild: + - community.aws.aws_codebuild: name: my_project description: My nice little project service_role: "arn:aws:iam::123123:role/service-role/code-build-service-role" @@ -845,7 +763,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_codecommit.rst b/docs/community.aws.aws_codecommit.rst index 862865ec31f..273c6f6504f 100644 --- a/docs/community.aws.aws_codecommit.rst +++ b/docs/community.aws.aws_codecommit.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_codecommit_: +.. _community.aws.aws_codecommit_module: **************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    description or comment of repository.

    aliases: comment
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    name of repository.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -218,9 +200,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -240,9 +220,7 @@ Parameters
  • absent
    • - - - +
    Specifies the state of repository.
    @@ -261,9 +239,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -288,12 +264,12 @@ Examples # Create a new repository - - aws_codecommit: + - community.aws.aws_codecommit: name: repo state: present # Delete a repository - - aws_codecommit: + - community.aws.aws_codecommit: name: repo state: absent @@ -302,7 +278,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_codepipeline.rst b/docs/community.aws.aws_codepipeline.rst index 48f4ba6541e..8eededc759d 100644 --- a/docs/community.aws.aws_codepipeline.rst +++ b/docs/community.aws.aws_codepipeline.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_codepipeline_: +.. _community.aws.aws_codepipeline_module: ****************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    Location information where artifacts are stored (on S3). Dictionary with fields type and location.
    @@ -72,9 +70,7 @@ Parameters - - - +
    Bucket name for artifacts.
    @@ -90,9 +86,7 @@ Parameters - - - +
    Type of the artifacts storage (only 'S3' is currently supported).
    @@ -108,9 +102,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -126,9 +118,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -145,9 +135,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -167,9 +155,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -201,9 +185,7 @@ Parameters - - - +
    Name of the pipeline
    @@ -218,9 +200,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -235,9 +215,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -253,9 +231,7 @@ Parameters - - - +
    ARN of the IAM role to use when executing the pipeline
    @@ -270,9 +246,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -288,9 +262,7 @@ Parameters - - - +
    List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
    @@ -306,9 +278,7 @@ Parameters - - - +
    List of action configurations for that stage.
    See the boto3 documentation for full documentation of suboptions:
    @@ -326,9 +296,7 @@ Parameters - - - +
    Name of the stage (step) in the codepipeline
    @@ -348,9 +316,7 @@ Parameters
  • absent
    • - - - +
    Create or remove code pipeline
    @@ -369,9 +335,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -386,9 +350,7 @@ Parameters - - - +
    Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
    @@ -416,7 +378,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) - - aws_codepipeline: + - community.aws.aws_codepipeline: name: my_deploy_pipeline role_arn: arn:aws:iam::123456:role/AWS-CodePipeline-Service artifact_store: @@ -485,7 +447,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_config_aggregation_authorization.rst b/docs/community.aws.aws_config_aggregation_authorization.rst index d07d4326b4e..333c51d687a 100644 --- a/docs/community.aws.aws_config_aggregation_authorization.rst +++ b/docs/community.aws.aws_config_aggregation_authorization.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_config_aggregation_authorization_: +.. _community.aws.aws_config_aggregation_authorization_module: ************************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    The 12-digit account ID of the account authorized to aggregate data.
    @@ -71,9 +69,7 @@ Parameters - - - +
    The region authorized to collect aggregated data.
    @@ -88,9 +84,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -106,9 +100,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -125,9 +117,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -147,9 +137,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -216,9 +198,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -238,9 +218,7 @@ Parameters
  • absent
    • - - - +
    Whether the Config rule should be present or absent.
    @@ -259,9 +237,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -286,12 +262,12 @@ Examples - name: Get current account ID - aws_caller_info: + community.aws.aws_caller_info: register: whoami - - aws_config_aggregation_authorization: + - community.aws.aws_config_aggregation_authorization: state: present authorized_account_id: '{{ whoami.account }}' - authorzed_aws_region: us-east-1 + authorized_aws_region: us-east-1 diff --git a/docs/community.aws.aws_config_aggregator.rst b/docs/community.aws.aws_config_aggregator.rst index 29bd8fae530..8e980438a59 100644 --- a/docs/community.aws.aws_config_aggregator.rst +++ b/docs/community.aws.aws_config_aggregator.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_config_aggregator_: +.. _community.aws.aws_config_aggregator_module: *********************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    Provides a list of source accounts and regions to be aggregated.
    @@ -72,9 +70,7 @@ Parameters - - - +
    A list of 12-digit account IDs of accounts being aggregated.
    @@ -94,9 +90,7 @@ Parameters
  • yes
    • - - - +
    If true, aggregate existing AWS Config regions and future regions.
    @@ -112,9 +106,7 @@ Parameters - - - +
    A list of source regions being aggregated.
    @@ -130,9 +122,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -148,9 +138,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -167,9 +155,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -189,9 +175,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -206,9 +190,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -223,9 +205,7 @@ Parameters - - - +
    The name of the AWS Config resource.
    @@ -240,9 +220,7 @@ Parameters - - - +
    The region authorized to collect aggregated data.
    @@ -262,9 +240,7 @@ Parameters
  • yes
    • - - - +
    If true, aggregate existing AWS Config regions and future regions.
    @@ -280,9 +256,7 @@ Parameters - - - +
    The source regions being aggregated.
    @@ -298,9 +272,7 @@ Parameters - - - +
    ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
    @@ -316,9 +288,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -333,9 +303,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -351,9 +319,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -373,9 +339,7 @@ Parameters
  • absent
    • - - - +
    Whether the Config rule should be present or absent.
    @@ -394,9 +358,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -421,7 +383,7 @@ Examples - name: Create cross-account aggregator - aws_config_aggregator: + community.aws.aws_config_aggregator: name: test_config_rule state: present account_sources: diff --git a/docs/community.aws.aws_config_delivery_channel.rst b/docs/community.aws.aws_config_delivery_channel.rst index dc9baf7697e..0e9ab296160 100644 --- a/docs/community.aws.aws_config_delivery_channel.rst +++ b/docs/community.aws.aws_config_delivery_channel.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_config_delivery_channel_: +.. _community.aws.aws_config_delivery_channel_module: ***************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -137,9 +129,7 @@ Parameters
  • TwentyFour_Hours
    • - - - +
    The frequency with which AWS Config delivers configuration snapshots.
    @@ -154,9 +144,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -171,9 +159,7 @@ Parameters - - - +
    The name of the AWS Config resource.
    @@ -188,9 +174,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -205,9 +189,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -223,9 +205,7 @@ Parameters - - - +
    The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
    @@ -240,9 +220,7 @@ Parameters - - - +
    The prefix for the specified Amazon S3 bucket.
    @@ -257,9 +235,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -275,9 +251,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
    @@ -296,9 +270,7 @@ Parameters
  • absent
    • - - - +
    Whether the Config rule should be present or absent.
    @@ -317,9 +289,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -344,7 +314,7 @@ Examples - name: Create Delivery Channel for AWS Config - aws_config_delivery_channel: + community.aws.aws_config_delivery_channel: name: test_delivery_channel state: present s3_bucket: 'test_aws_config_bucket' diff --git a/docs/community.aws.aws_config_recorder.rst b/docs/community.aws.aws_config_recorder.rst index 175de2cf8a8..6762b32c84e 100644 --- a/docs/community.aws.aws_config_recorder.rst +++ b/docs/community.aws.aws_config_recorder.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_config_recorder_: +.. _community.aws.aws_config_recorder_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The name of the AWS Config resource.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Specifies the types of AWS resources for which AWS Config records configuration changes.
    Required when state=present
    @@ -200,9 +184,7 @@ Parameters - - - +
    Specifies whether AWS Config records configuration changes for every supported type of regional resource.
    If all_supported=true, when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
    If all_supported=true, you cannot enumerate a list of resource_types.
    @@ -220,9 +202,7 @@ Parameters - - - +
    Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
    The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
    If you set include_global_types=true, you must also set all_supported=true.
    @@ -241,9 +221,7 @@ Parameters - - - +
    A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
    Before you can set this option, you must set all_supported=false.
    @@ -260,9 +238,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -278,9 +254,7 @@ Parameters - - - +
    Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
    Required when state=present.
    @@ -296,9 +270,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -318,9 +290,7 @@ Parameters
  • absent
    • - - - +
    Whether the Config rule should be present or absent.
    @@ -339,9 +309,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -366,7 +334,7 @@ Examples - name: Create Configuration Recorder for AWS Config - aws_config_recorder: + community.aws.aws_config_recorder: name: test_configuration_recorder state: present role_arn: 'arn:aws:iam::123456789012:role/AwsConfigRecorder' diff --git a/docs/community.aws.aws_config_rule.rst b/docs/community.aws.aws_config_rule.rst index 33ae6e9d4fa..5f5b217833c 100644 --- a/docs/community.aws.aws_config_rule.rst +++ b/docs/community.aws.aws_config_rule.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_config_rule_: +.. _community.aws.aws_config_rule_module: ***************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    The description that you provide for the AWS Config rule.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -171,9 +159,7 @@ Parameters
  • TwentyFour_Hours
    • - - - +
    The maximum frequency with which AWS Config runs evaluations for a rule.
    @@ -188,9 +174,7 @@ Parameters - - - +
    A string, in JSON format, that is passed to the AWS Config rule Lambda function.
    @@ -205,9 +189,7 @@ Parameters - - - +
    The name of the AWS Config resource.
    @@ -222,9 +204,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -239,9 +219,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -257,9 +235,7 @@ Parameters - - - +
    Defines which resources can trigger an evaluation for the rule.
    @@ -275,9 +251,7 @@ Parameters - - - +
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    @@ -293,9 +267,7 @@ Parameters - - - +
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    @@ -311,9 +283,7 @@ Parameters - - - +
    The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
    @@ -329,9 +299,7 @@ Parameters - - - +
    The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for tag_value, you must also specify a value for tag_key.
    @@ -347,9 +315,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -365,9 +331,7 @@ Parameters - - - +
    Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
    @@ -383,9 +347,7 @@ Parameters - - - +
    Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
    This parameter expects a list of dictionaries. Each dictionary expects the following key/value pairs.
    Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
    @@ -405,9 +367,7 @@ Parameters - - - +
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    @@ -423,9 +383,7 @@ Parameters - - - +
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    @@ -445,9 +403,7 @@ Parameters
  • absent
    • - - - +
    Whether the Config rule should be present or absent.
    @@ -466,9 +422,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -493,7 +447,7 @@ Examples - name: Create Config Rule for AWS Config - aws_config_rule: + community.aws.aws_config_rule: name: test_config_rule state: present description: 'This AWS Config rule checks for public write access on S3 buckets' diff --git a/docs/community.aws.aws_direct_connect_connection.rst b/docs/community.aws.aws_direct_connect_connection.rst index 2c7fa679acd..cfbc2f70a83 100644 --- a/docs/community.aws.aws_direct_connect_connection.rst +++ b/docs/community.aws.aws_direct_connect_connection.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_direct_connect_connection_: +.. _community.aws.aws_direct_connect_connection_module: ******************************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • 10Gbps
    • - - - +
    The bandwidth of the Direct Connect connection.
    Required when state=present.
    @@ -131,9 +123,7 @@ Parameters - - - +
    The ID of the Direct Connect connection.
    Modifying attributes of a connection with forced_update will result in a new Direct Connect connection ID.
    One of connection_id or name must be specified.
    @@ -154,9 +144,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -171,9 +159,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -192,9 +178,7 @@ Parameters
  • yes
    • - - - +
    To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
    @@ -209,9 +193,7 @@ Parameters - - - +
    The ID of the link aggregation group you want to associate with the connection.
    This is optional when a stand-alone connection is desired.
    @@ -227,9 +209,7 @@ Parameters - - - +
    Where the Direct Connect connection is located.
    Required when state=present.
    @@ -245,9 +225,7 @@ Parameters - - - +
    The name of the Direct Connect connection. This is required to create a new connection.
    One of connection_id or name must be specified.
    @@ -263,9 +241,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -280,9 +256,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -298,9 +272,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -320,9 +292,7 @@ Parameters
  • absent
    • - - - +
    The state of the Direct Connect connection.
    @@ -341,9 +311,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -369,7 +337,7 @@ Examples # create a Direct Connect connection - - aws_direct_connect_connection: + - community.aws.aws_direct_connect_connection: name: ansible-test-connection state: present location: EqDC2 @@ -378,14 +346,14 @@ Examples register: dc # disassociate the LAG from the connection - - aws_direct_connect_connection: + - community.aws.aws_direct_connect_connection: state: present connection_id: dc.connection.connection_id location: EqDC2 bandwidth: 1Gbps # replace the connection with one with more bandwidth - - aws_direct_connect_connection: + - community.aws.aws_direct_connect_connection: state: present name: ansible-test-connection location: EqDC2 @@ -393,7 +361,7 @@ Examples forced_update: True # delete the connection - - aws_direct_connect_connection: + - community.aws.aws_direct_connect_connection: state: absent name: ansible-test-connection @@ -402,7 +370,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_direct_connect_gateway.rst b/docs/community.aws.aws_direct_connect_gateway.rst index 8230f5014cc..e5615dfb917 100644 --- a/docs/community.aws.aws_direct_connect_gateway.rst +++ b/docs/community.aws.aws_direct_connect_gateway.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_direct_connect_gateway_: +.. _community.aws.aws_direct_connect_gateway_module: **************************************** @@ -26,7 +27,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    The Amazon side ASN.
    Required when state=present.
    @@ -74,9 +72,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -92,9 +88,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -111,9 +105,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -133,9 +125,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -150,9 +140,7 @@ Parameters - - - +
    The ID of an existing Direct Connect Gateway.
    Required when state=absent.
    @@ -168,9 +156,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -185,9 +171,7 @@ Parameters - - - +
    Name of the Direct Connect Gateway to be created or deleted.
    @@ -202,9 +186,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -259,9 +237,7 @@ Parameters
  • absent
    • - - - +
    Set state=present to ensure a resource is created.
    Set state=absent to remove a resource.
    @@ -281,9 +257,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -298,9 +272,7 @@ Parameters - - - +
    The VPN gateway ID of an existing virtual gateway.
    @@ -316,9 +288,7 @@ Parameters Default:
    320
    - - - +
    How long to wait for the association to be deleted.
    @@ -343,7 +313,7 @@ Examples - name: Create a new direct connect gateway attached to virtual private gateway - dxgw: + community.aws.aws_direct_connect_gateway: state: present name: my-dx-gateway amazon_asn: 7224 @@ -351,7 +321,7 @@ Examples register: created_dxgw - name: Create a new unattached dxgw - dxgw: + community.aws.aws_direct_connect_gateway: state: present name: my-dx-gateway amazon_asn: 7224 @@ -363,7 +333,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group.rst index 16daf73b8ef..56ad8b10b2e 100644 --- a/docs/community.aws.aws_direct_connect_link_aggregation_group.rst +++ b/docs/community.aws.aws_direct_connect_link_aggregation_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_direct_connect_link_aggregation_group_: +.. _community.aws.aws_direct_connect_link_aggregation_group_module: ******************************************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    The bandwidth of the link aggregation group.
    @@ -126,9 +118,7 @@ Parameters - - - +
    A connection ID to link with the link aggregation group upon creation.
    @@ -147,9 +137,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -168,9 +156,7 @@ Parameters
  • yes
    • - - - +
    To be used with state=absent to delete connections after disassociating them with the LAG.
    @@ -185,9 +171,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -206,9 +190,7 @@ Parameters
  • yes
    • - - - +
    This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
    @@ -223,9 +205,7 @@ Parameters - - - +
    The ID of the Direct Connect link aggregation group.
    @@ -240,9 +220,7 @@ Parameters - - - +
    The location of the link aggregation group.
    @@ -257,9 +235,7 @@ Parameters - - - +
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    @@ -274,9 +250,7 @@ Parameters - - - +
    The name of the Direct Connect link aggregation group.
    @@ -291,9 +265,7 @@ Parameters - - - +
    The number of connections with which to initialize the link aggregation group.
    @@ -308,9 +280,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -325,9 +295,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -343,9 +311,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -365,9 +331,7 @@ Parameters
  • absent
    • - - - +
    The state of the Direct Connect link aggregation group.
    @@ -386,9 +350,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -407,9 +369,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to wait for the operation to complete.
    May be useful when waiting for virtual interfaces to be deleted.
    The time to wait can be controlled by setting wait_timeout.
    @@ -427,9 +387,7 @@ Parameters Default:
    120
    - - - +
    The duration in seconds to wait if wait=true.
    @@ -455,7 +413,7 @@ Examples # create a Direct Connect connection - - aws_direct_connect_link_aggregation_group: + - community.aws.aws_direct_connect_link_aggregation_group: state: present location: EqDC2 lag_id: dxlag-xxxxxxxx @@ -467,7 +425,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_direct_connect_virtual_interface.rst b/docs/community.aws.aws_direct_connect_virtual_interface.rst index dae3652864d..6eb62085160 100644 --- a/docs/community.aws.aws_direct_connect_virtual_interface.rst +++ b/docs/community.aws.aws_direct_connect_virtual_interface.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_direct_connect_virtual_interface_: +.. _community.aws.aws_direct_connect_virtual_interface_module: ************************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    The type of IP address for the BGP peer.
    @@ -71,9 +69,7 @@ Parameters - - - +
    The amazon address CIDR with which to create the virtual interface.
    @@ -88,9 +84,7 @@ Parameters - - - +
    The authentication key for BGP configuration.
    @@ -105,9 +99,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -123,9 +115,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -142,9 +132,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -161,9 +149,7 @@ Parameters Default:
    65000
    - - - +
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    @@ -178,9 +164,7 @@ Parameters - - - +
    A list of route filter prefix CIDRs with which to create the public virtual interface.
    @@ -195,9 +179,7 @@ Parameters - - - +
    The customer address CIDR with which to create the virtual interface.
    @@ -216,9 +198,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -233,9 +213,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -250,9 +228,7 @@ Parameters - - - +
    The ID of the link aggregation group or connection to associate with the virtual interface.

    aliases: link_aggregation_group_id, connection_id
    @@ -268,9 +244,7 @@ Parameters - - - +
    The name of the virtual interface.
    @@ -285,9 +259,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -306,9 +278,7 @@ Parameters
  • yes
    • - - - +
    The type of virtual interface.
    @@ -323,9 +293,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -341,9 +309,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -363,9 +329,7 @@ Parameters
  • absent
    • - - - +
    The desired state of the Direct Connect virtual interface.
    @@ -384,9 +348,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -401,9 +363,7 @@ Parameters - - - +
    The virtual gateway ID required for creating a private virtual interface.
    @@ -418,9 +378,7 @@ Parameters - - - +
    The virtual interface ID.
    @@ -436,9 +394,7 @@ Parameters Default:
    100
    - - - +
    The VLAN ID.
    @@ -464,14 +420,14 @@ Examples --- - name: create an association between a LAG and connection - aws_direct_connect_virtual_interface: + community.aws.aws_direct_connect_virtual_interface: state: present name: "{{ name }}" link_aggregation_group_id: LAG-XXXXXXXX connection_id: dxcon-XXXXXXXX - name: remove an association between a connection and virtual interface - aws_direct_connect_virtual_interface: + community.aws.aws_direct_connect_virtual_interface: state: absent connection_id: dxcon-XXXXXXXX virtual_interface_id: dxv-XXXXXXXX @@ -482,7 +438,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_eks_cluster.rst b/docs/community.aws.aws_eks_cluster.rst index 5b7b9cd6e6a..0ae14e2756a 100644 --- a/docs/community.aws.aws_eks_cluster.rst +++ b/docs/community.aws.aws_eks_cluster.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_eks_cluster_: +.. _community.aws.aws_eks_cluster_module: ***************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Name of EKS cluster
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    ARN of IAM role used by the EKS cluster
    @@ -216,9 +198,7 @@ Parameters - - - +
    list of security group names or IDs
    @@ -233,9 +213,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -255,9 +233,7 @@ Parameters
  • present ←
    • - - - +
    desired state of the EKS cluster
    @@ -272,9 +248,7 @@ Parameters - - - +
    list of subnet IDs for the Kubernetes cluster
    @@ -293,9 +267,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -310,9 +282,7 @@ Parameters - - - +
    Kubernetes version - defaults to latest
    @@ -331,9 +301,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether the module waits until the cluster is active or deleted before moving on. It takes "usually less than 10 minutes" per AWS documentation.
    @@ -349,9 +317,7 @@ Parameters Default:
    1200
    - - - +
    The duration in seconds to wait for the cluster to become active. Defaults to 1200 seconds (20 minutes).
    @@ -378,7 +344,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create an EKS cluster - aws_eks_cluster: + community.aws.aws_eks_cluster: name: my_cluster version: 1.14 role_arn: my_eks_role @@ -390,7 +356,7 @@ Examples register: caller_facts - name: Remove an EKS cluster - aws_eks_cluster: + community.aws.aws_eks_cluster: name: my_cluster wait: yes state: absent @@ -400,7 +366,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_elasticbeanstalk_app.rst b/docs/community.aws.aws_elasticbeanstalk_app.rst index c77b8a21216..fe7ac89178b 100644 --- a/docs/community.aws.aws_elasticbeanstalk_app.rst +++ b/docs/community.aws.aws_elasticbeanstalk_app.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_elasticbeanstalk_app_: +.. _community.aws.aws_elasticbeanstalk_app_module: ************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    Name of the beanstalk application you wish to manage.

    aliases: name
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -129,9 +121,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    The description of the application.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -180,9 +166,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -197,9 +181,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -215,9 +197,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -237,9 +217,7 @@ Parameters
  • present ←
    • - - - +
    Whether to ensure the application is present or absent.
    @@ -258,9 +236,7 @@ Parameters
  • yes
    • - - - +
    When terminate_by_force=true, running environments will be terminated before deleting the application.
    @@ -279,9 +255,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -306,13 +280,13 @@ Examples # Create or update an application - - aws_elasticbeanstalk_app: + - community.aws.aws_elasticbeanstalk_app: app_name: Sample_App description: "Hello World App" state: present # Delete application - - aws_elasticbeanstalk_app: + - community.aws.aws_elasticbeanstalk_app: app_name: Sample_App state: absent @@ -322,7 +296,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_glue_connection.rst b/docs/community.aws.aws_glue_connection.rst index e5628b6e335..5c4efd0ae39 100644 --- a/docs/community.aws.aws_glue_connection.rst +++ b/docs/community.aws.aws_glue_connection.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_glue_connection_: +.. _community.aws.aws_glue_connection_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.
    @@ -125,9 +117,7 @@ Parameters - - - +
    A dict of key-value pairs used as parameters for this connection.
    Required when state=present.
    @@ -147,9 +137,7 @@ Parameters
  • SFTP
    • - - - +
    The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
    @@ -168,9 +156,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -185,9 +171,7 @@ Parameters - - - +
    The description of the connection.
    @@ -202,9 +186,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -219,9 +201,7 @@ Parameters - - - +
    A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
    @@ -236,9 +216,7 @@ Parameters - - - +
    The name of the connection.
    @@ -253,9 +231,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -270,9 +246,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -288,9 +262,7 @@ Parameters - - - +
    A list of security groups to be used by the connection. Use either security group name or ID.
    @@ -305,9 +277,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -327,9 +297,7 @@ Parameters
  • absent
    • - - - +
    Create or delete the AWS Glue connection.
    @@ -344,9 +312,7 @@ Parameters - - - +
    The subnet ID used by the connection.
    @@ -365,9 +331,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -394,7 +358,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue connection - - aws_glue_connection: + - community.aws.aws_glue_connection: name: my-glue-connection connection_properties: JDBC_CONNECTION_URL: jdbc:mysql://mydb:3306/databasename @@ -403,7 +367,7 @@ Examples state: present # Delete an AWS Glue connection - - aws_glue_connection: + - community.aws.aws_glue_connection: name: my-glue-connection state: absent @@ -413,7 +377,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_glue_job.rst b/docs/community.aws.aws_glue_job.rst index ae06385d933..6323f1071ce 100644 --- a/docs/community.aws.aws_glue_job.rst +++ b/docs/community.aws.aws_glue_job.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_glue_job_: +.. _community.aws.aws_glue_job_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    The number of AWS Glue data processing units (DPUs) to allocate to this Job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -126,9 +118,7 @@ Parameters Default:
    "glueetl"
    - - - +
    The name of the job command. This must be 'glueetl'.
    @@ -143,9 +133,7 @@ Parameters - - - +
    The S3 path to a script that executes a job.
    Required when state=present.
    @@ -161,9 +149,7 @@ Parameters - - - +
    A list of Glue connections used for this job.
    @@ -182,9 +168,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -199,9 +183,7 @@ Parameters - - - +
    A dict of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.
    @@ -216,9 +198,7 @@ Parameters - - - +
    Description of the job being defined.
    @@ -233,9 +213,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -250,9 +228,7 @@ Parameters - - - +
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    @@ -267,9 +243,7 @@ Parameters - - - +
    The maximum number of times to retry this job if it fails.
    @@ -284,9 +258,7 @@ Parameters - - - +
    The name you assign to this job definition. It must be unique in your account.
    @@ -301,9 +273,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -318,9 +288,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -336,9 +304,7 @@ Parameters - - - +
    The name or ARN of the IAM role associated with this job.
    Required when state=present.
    @@ -354,9 +320,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -376,9 +340,7 @@ Parameters
  • absent
    • - - - +
    Create or delete the AWS Glue job.
    @@ -393,9 +355,7 @@ Parameters - - - +
    The job timeout in minutes.
    @@ -414,9 +374,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -443,14 +401,14 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue job - - aws_glue_job: + - community.aws.aws_glue_job: command_script_location: s3bucket/script.py name: my-glue-job role: my-iam-role state: present # Delete an AWS Glue job - - aws_glue_job: + - community.aws.aws_glue_job: name: my-glue-job state: absent @@ -460,7 +418,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_inspector_target.rst b/docs/community.aws.aws_inspector_target.rst index 18e99501c48..dfb5d551a9c 100644 --- a/docs/community.aws.aws_inspector_target.rst +++ b/docs/community.aws.aws_inspector_target.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_inspector_target_: +.. _community.aws.aws_inspector_target_module: ********************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The user-defined name that identifies the assessment target. The name must be unique within the AWS account.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -221,9 +203,7 @@ Parameters
  • present ←
    • - - - +
    The state of the assessment target.
    @@ -238,9 +218,7 @@ Parameters - - - +
    Tags of the EC2 instances to be added to the assessment target.
    Required if state=present.
    @@ -260,9 +238,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -287,20 +263,20 @@ Examples - name: Create my_target Assessment Target - aws_inspector_target: + community.aws.aws_inspector_target: name: my_target tags: role: scan_target - name: Update Existing my_target Assessment Target with Additional Tags - aws_inspector_target: + community.aws.aws_inspector_target: name: my_target tags: env: dev role: scan_target - name: Delete my_target Assessment Target - aws_inspector_target: + community.aws.aws_inspector_target: name: my_target state: absent @@ -309,7 +285,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_kms.rst b/docs/community.aws.aws_kms.rst index b175063ab26..d8231c77ad6 100644 --- a/docs/community.aws.aws_kms.rst +++ b/docs/community.aws.aws_kms.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_kms_: +.. _community.aws.aws_kms_module: ********************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,10 +52,8 @@ Parameters - - - -
    An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.
    + +
    An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use community.aws.aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.

    aliases: key_alias
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -129,9 +121,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -184,9 +170,7 @@ Parameters
  • yes
    • - - - +
    Whether the key should be automatically rotated every year.
    @@ -205,9 +189,7 @@ Parameters
  • yes ←
    • - - - +
    Whether or not a key is enabled
    @@ -222,9 +204,7 @@ Parameters - - - +
    A list of grants to apply to the key. Each item must contain grantee_principal. Each item can optionally contain retiring_principal, operations, constraints, name.
    grantee_principal and retiring_principal must be ARNs
    For full documentation of suboptions see the boto3 documentation:
    @@ -243,9 +223,7 @@ Parameters - - - +
    Constraints is a dict containing encryption_context_subset or encryption_context_equals, either or both being a dict specifying an encryption context match. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html or https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant
    @@ -261,9 +239,7 @@ Parameters - - - +
    The full ARN of the principal being granted permissions.
    @@ -292,9 +268,7 @@ Parameters
  • Sign
    • - - - +
    A list of operations that the grantee may perform using the CMK.
    @@ -310,9 +284,7 @@ Parameters - - - +
    The full ARN of the principal permitted to revoke/retire the grant.
    @@ -328,9 +300,7 @@ Parameters - - - +
    Key ID or ARN of the key.
    One of alias or key_id are required.

    aliases: key_arn
    @@ -347,9 +317,7 @@ Parameters - - - +
    policy to apply to the KMS key.
    @@ -369,9 +337,7 @@ Parameters
  • yes ←
    • - - - +
    (deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
    Only cleans if changes are being made.
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    @@ -390,9 +356,7 @@ Parameters - - - +
    (deprecated) List of grants to give to user/role. Likely "role,role grant" or "role,role grant,admin".
    Required when policy_mode=grant.
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    @@ -415,9 +379,7 @@ Parameters
  • deny
    • - - - +
    (deprecated) Grant or deny access.
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    @@ -435,9 +397,7 @@ Parameters - - - +
    (deprecated) ARN of role to allow/deny access.
    One of policy_role_name or policy_role_arn are required.
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    @@ -456,9 +416,7 @@ Parameters - - - +
    (deprecated) Role to allow/deny access.
    One of policy_role_name or policy_role_arn are required.
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    @@ -477,9 +435,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -498,9 +454,7 @@ Parameters
  • yes
    • - - - +
    Whether the grants argument should cause grants not in the list to be removed
    @@ -519,9 +473,7 @@ Parameters
  • yes
    • - - - +
    Whether the tags argument should cause tags not in the list to be removed
    @@ -536,9 +488,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -554,9 +504,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -576,9 +524,7 @@ Parameters
  • absent
    • - - - +
    Whether a key should be present or absent. Note that making an existing key absent only schedules a key for deletion. Passing a key that is scheduled for deletion with state present will cancel key deletion.
    @@ -593,9 +539,7 @@ Parameters - - - +
    A dictionary of tags to apply to a key.
    @@ -614,9 +558,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -643,28 +585,28 @@ Examples # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile # and has been deprecated in favour of the policy option. - name: grant user-style access to production secrets - aws_kms: + community.aws.aws_kms: args: alias: "alias/my_production_secrets" policy_mode: grant policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" policy_grant_types: "role,role grant" - name: remove access to production secrets from role - aws_kms: + community.aws.aws_kms: args: alias: "alias/my_production_secrets" policy_mode: deny policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" # Create a new KMS key - - aws_kms: + - community.aws.aws_kms: alias: mykey tags: Name: myKey Purpose: protect_stuff # Update previous key with more tags - - aws_kms: + - community.aws.aws_kms: alias: mykey tags: Name: myKey @@ -674,7 +616,7 @@ Examples # Update a known key with grants allowing an instance with the billing-prod IAM profile # to decrypt data encrypted with the environment: production, application: billing # encryption context - - aws_kms: + - community.aws.aws_kms: key_id: abcd1234-abcd-1234-5678-ef1234567890 grants: - name: billing_prod @@ -688,13 +630,13 @@ Examples - RetireGrant - name: Update IAM policy on an existing KMS key - aws_kms: + community.aws.aws_kms: alias: my-kms-key policy: '{"Version": "2012-10-17", "Id": "my-kms-key-permissions", "Statement": [ { } ]}' state: present - name: Example using lookup for policy json - aws_kms: + community.aws.aws_kms: alias: my-kms-key policy: "{{ lookup('template', 'kms_iam_policy_template.json.j2') }}" state: present @@ -704,7 +646,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_kms_info.rst b/docs/community.aws.aws_kms_info.rst index 2d22c58e18b..75afa4074a3 100644 --- a/docs/community.aws.aws_kms_info.rst +++ b/docs/community.aws.aws_kms_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_kms_info_: +.. _community.aws.aws_kms_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (tag-key, tag-value and tag:tagName) are available, as are key-id and alias
    @@ -167,9 +155,7 @@ Parameters
  • yes
    • - - - +
    Whether to get full details (tags, grants etc.) of keys pending deletion
    @@ -184,9 +170,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -201,9 +185,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -219,9 +201,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -241,9 +221,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -270,15 +248,15 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all KMS keys - - aws_kms_info: + - community.aws.aws_kms_info: # Gather information about all keys with a Name tag - - aws_kms_info: + - community.aws.aws_kms_info: filters: tag-key: Name # Gather information about all keys with a specific name - - aws_kms_info: + - community.aws.aws_kms_info: filters: "tag:Name": Example @@ -287,7 +265,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_region_info.rst b/docs/community.aws.aws_region_info.rst index d3146fced5a..e55d0d635cf 100644 --- a/docs/community.aws.aws_region_info.rst +++ b/docs/community.aws.aws_region_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_region_info_: +.. _community.aws.aws_region_info_module: ***************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -149,9 +139,7 @@ Parameters Default:
    {}
    - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
    @@ -166,9 +154,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -201,9 +185,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -223,9 +205,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -252,10 +232,10 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all regions - - aws_region_info: + - community.aws.aws_region_info: # Gather information about a single region - - aws_region_info: + - community.aws.aws_region_info: filters: region-name: eu-west-1 @@ -264,7 +244,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_s3_bucket_info.rst b/docs/community.aws.aws_s3_bucket_info.rst index 0e3dcddf04e..e61bfd693fa 100644 --- a/docs/community.aws.aws_s3_bucket_info.rst +++ b/docs/community.aws.aws_s3_bucket_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_s3_bucket_info_: +.. _community.aws.aws_s3_bucket_info_module: ******************************** @@ -18,13 +19,13 @@ community.aws.aws_s3_bucket_info Synopsis -------- - Lists S3 buckets in AWS -- This module was called ``aws_s3_bucket_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`aws_s3_bucket_info ` module no longer returns ``ansible_facts``! +- This module was called ``aws_s3_bucket_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.aws_s3_bucket_info ` module no longer returns ``ansible_facts``! Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.4.4 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -182,9 +168,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -204,9 +188,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -235,7 +217,7 @@ Examples # Note: Only AWS S3 is currently supported # Lists all s3 buckets - - aws_s3_bucket_info: + - community.aws.aws_s3_bucket_info: register: result - name: List buckets @@ -247,7 +229,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_s3_cors.rst b/docs/community.aws.aws_s3_cors.rst index 040dadd8aa0..e7475fd59bc 100644 --- a/docs/community.aws.aws_s3_cors.rst +++ b/docs/community.aws.aws_s3_cors.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_s3_cors_: +.. _community.aws.aws_s3_cors_module: ************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Name of the s3 bucket
    @@ -162,9 +150,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -179,9 +165,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -197,9 +181,7 @@ Parameters - - - +
    Cors rules to put on the s3 bucket
    @@ -214,9 +196,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -236,9 +216,7 @@ Parameters
  • absent
    • - - - +
    Create or remove cors on the s3 bucket
    @@ -257,9 +235,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -286,7 +262,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Create a simple cors for s3 bucket - - aws_s3_cors: + - community.aws.aws_s3_cors: name: mys3bucket state: present rules: @@ -303,7 +279,7 @@ Examples max_age_seconds: 30000 # Remove cors for s3 bucket - - aws_s3_cors: + - community.aws.aws_s3_cors: name: mys3bucket state: absent @@ -312,7 +288,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_secret.rst b/docs/community.aws.aws_secret.rst index 8bdc31cb759..ab115c4f6df 100644 --- a/docs/community.aws.aws_secret.rst +++ b/docs/community.aws.aws_secret.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_secret_: +.. _community.aws.aws_secret_module: ************************ @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Specifies a user-provided description of the secret.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Friendly name for the secret you are creating.
    @@ -198,9 +182,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -216,9 +198,7 @@ Parameters Default:
    30
    - - - +
    Only used if state is absent.
    Specifies the number of days that Secrets Manager waits before it can delete the secret.
    If set to 0, the deletion is forced without recovery.
    @@ -235,9 +215,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -254,9 +232,7 @@ Parameters Default:
    30
    - - - +
    Specifies the number of days between automatic scheduled rotations of the secret.
    @@ -271,9 +247,7 @@ Parameters - - - +
    Specifies the ARN of the Lambda function that can rotate the secret.
    @@ -289,9 +263,7 @@ Parameters Default:
    ""
    - - - +
    Specifies string or binary data that you want to encrypt and store in the new version of the secret.
    @@ -310,9 +282,7 @@ Parameters
  • string ←
    • - - - +
    Specifies the type of data that you want to encrypt.
    @@ -327,9 +297,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -349,9 +317,7 @@ Parameters
  • absent
    • - - - +
    Whether the secret should be exist or not.
    @@ -366,9 +332,7 @@ Parameters - - - +
    Specifies a list of user-defined tags that are attached to the secret.
    @@ -387,9 +351,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -414,14 +376,14 @@ Examples - name: Add string to AWS Secrets Manager - aws_secret: + community.aws.aws_secret: name: 'test_secret_string' state: present secret_type: 'string' secret: "{{ super_secret_string }}" - name: remove string from AWS Secrets Manager - aws_secret: + community.aws.aws_secret: name: 'test_secret_string' state: absent secret_type: 'string' @@ -432,7 +394,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_ses_identity.rst b/docs/community.aws.aws_ses_identity.rst index d1791624d96..b5964692f03 100644 --- a/docs/community.aws.aws_ses_identity.rst +++ b/docs/community.aws.aws_ses_identity.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_ses_identity_: +.. _community.aws.aws_ses_identity_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    Setup the SNS topic used to report bounce notifications.
    If omitted, bounce notifications will not be delivered to a SNS topic.
    If bounce notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    @@ -134,9 +126,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to include headers when delivering to the SNS topic.
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    @@ -153,9 +143,7 @@ Parameters - - - +
    The ARN of the topic to send notifications to.
    If omitted, notifications will not be delivered to a SNS topic.
    @@ -172,9 +160,7 @@ Parameters - - - +
    Setup the SNS topic used to report complaint notifications.
    If omitted, complaint notifications will not be delivered to a SNS topic.
    If complaint notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    @@ -196,9 +182,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to include headers when delivering to the SNS topic.
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    @@ -215,9 +199,7 @@ Parameters - - - +
    The ARN of the topic to send notifications to.
    If omitted, notifications will not be delivered to a SNS topic.
    @@ -238,9 +220,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -255,9 +235,7 @@ Parameters - - - +
    Setup the SNS topic used to report delivery notifications.
    If omitted, delivery notifications will not be delivered to a SNS topic.
    @@ -278,9 +256,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to include headers when delivering to the SNS topic.
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    @@ -297,9 +273,7 @@ Parameters - - - +
    The ARN of the topic to send notifications to.
    If omitted, notifications will not be delivered to a SNS topic.
    @@ -316,9 +290,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -337,9 +309,7 @@ Parameters
  • yes ←
    • - - - +
    Whether or not to enable feedback forwarding.
    This can only be false if both bounce_notifications and complaint_notifications specify SNS topics.
    @@ -355,9 +325,7 @@ Parameters - - - +
    This is the email address or domain to verify / delete.
    If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
    @@ -373,9 +341,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -390,9 +356,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -408,9 +372,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -430,9 +392,7 @@ Parameters
  • absent
    • - - - +
    Whether to create(or update) or delete the identity.
    @@ -451,9 +411,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -480,31 +438,31 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Ensure example@example.com email identity exists - aws_ses_identity: + community.aws.aws_ses_identity: identity: example@example.com state: present - name: Delete example@example.com email identity - aws_ses_identity: + community.aws.aws_ses_identity: email: example@example.com state: absent - name: Ensure example.com domain identity exists - aws_ses_identity: + community.aws.aws_ses_identity: identity: example.com state: present # Create an SNS topic and send bounce and complaint notifications to it # instead of emailing the identity owner - name: Ensure complaints-topic exists - sns_topic: + community.aws.sns_topic: name: "complaints-topic" state: present purge_subscriptions: False register: topic_info - name: Deliver feedback to topic instead of owner email - aws_ses_identity: + community.aws.aws_ses_identity: identity: example@example.com state: present complaint_notifications: @@ -518,14 +476,14 @@ Examples # Create an SNS topic for delivery notifications and leave complaints # Being forwarded to the identity owner email - name: Ensure delivery-notifications-topic exists - sns_topic: + community.aws.sns_topic: name: "delivery-notifications-topic" state: present purge_subscriptions: False register: topic_info - name: Delivery notifications to topic - aws_ses_identity: + community.aws.aws_ses_identity: identity: example@example.com state: present delivery_notifications: @@ -536,7 +494,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_ses_identity_policy.rst b/docs/community.aws.aws_ses_identity_policy.rst index 04766d3f3ff..b0357951f28 100644 --- a/docs/community.aws.aws_ses_identity_policy.rst +++ b/docs/community.aws.aws_ses_identity_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_ses_identity_policy_: +.. _community.aws.aws_ses_identity_policy_module: ************************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The SES identity to attach or remove a policy from. This can be either the full ARN or just the verified email or domain.
    @@ -166,9 +154,7 @@ Parameters - - - +
    A properly formatted JSON sending authorization policy. Required when state=present.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The name used to identify the policy within the scope of the identity it's attached to.
    @@ -200,9 +184,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -217,9 +199,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -235,9 +215,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -257,9 +235,7 @@ Parameters
  • absent
    • - - - +
    Whether to create(or update) or delete the authorization policy on the identity.
    @@ -278,9 +254,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -307,28 +281,28 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: add sending authorization policy to domain identity - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: example.com policy_name: ExamplePolicy policy: "{{ lookup('template', 'policy.json.j2') }}" state: present - name: add sending authorization policy to email identity - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: example@example.com policy_name: ExamplePolicy policy: "{{ lookup('template', 'policy.json.j2') }}" state: present - name: add sending authorization policy to identity using ARN - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: "arn:aws:ses:us-east-1:12345678:identity/example.com" policy_name: ExamplePolicy policy: "{{ lookup('template', 'policy.json.j2') }}" state: present - name: remove sending authorization policy - aws_ses_identity_policy: + community.aws.aws_ses_identity_policy: identity: example.com policy_name: ExamplePolicy state: absent @@ -338,7 +312,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_ses_rule_set.rst b/docs/community.aws.aws_ses_rule_set.rst index 59be41a56b4..473db71bb6b 100644 --- a/docs/community.aws.aws_ses_rule_set.rst +++ b/docs/community.aws.aws_ses_rule_set.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_ses_rule_set_: +.. _community.aws.aws_ses_rule_set_module: ****************************** @@ -17,13 +18,13 @@ community.aws.aws_ses_rule_set Synopsis -------- -- The :ref:`aws_ses_rule_set ` module allows you to create, delete, and manage SES receipt rule sets +- The :ref:`community.aws.aws_ses_rule_set ` module allows you to create, delete, and manage SES receipt rule sets Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -58,9 +58,7 @@ Parameters
  • yes
    • - - - +
    Whether or not this rule set should be the active rule set. Only has an impact if state is present.
    If omitted, the active rule set will not be changed.
    If True then this rule set will be made active and all others inactive.
    @@ -78,9 +76,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -96,9 +92,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -115,9 +109,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -137,9 +129,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -154,9 +144,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -175,9 +163,7 @@ Parameters
  • yes
    • - - - +
    When deleting a rule set, deactivate it first (AWS prevents deletion of the active rule set).
    @@ -192,9 +178,7 @@ Parameters - - - +
    The name of the receipt rule set.
    @@ -209,9 +193,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -226,9 +208,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -244,9 +224,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -266,9 +244,7 @@ Parameters
  • present ←
    • - - - +
    Whether to create (or update) or destroy the receipt rule set.
    @@ -287,9 +263,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -317,29 +291,29 @@ Examples # It is assumed that their matching environment variables are set. --- - name: Create default rule set and activate it if not already - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: default-rule-set state: present active: yes - name: Create some arbitrary rule set but do not activate it - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: arbitrary-rule-set state: present - name: Explicitly deactivate the default rule set leaving no active rule set - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: default-rule-set state: present active: no - name: Remove an arbitrary inactive rule set - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: arbitrary-rule-set state: absent - name: Remove an ruleset even if we have to first deactivate it to remove it - aws_ses_rule_set: + community.aws.aws_ses_rule_set: name: default-rule-set state: absent force: yes @@ -349,7 +323,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_sgw_info.rst b/docs/community.aws.aws_sgw_info.rst index 7544471e139..166c39b5972 100644 --- a/docs/community.aws.aws_sgw_info.rst +++ b/docs/community.aws.aws_sgw_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_sgw_info_: +.. _community.aws.aws_sgw_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -151,9 +141,7 @@ Parameters
  • yes ←
    • - - - +
    Gather file share information for storage gateways in s3 mode.
    @@ -172,9 +160,7 @@ Parameters
  • yes ←
    • - - - +
    Gather local disks attached to the storage gateway.
    @@ -193,9 +179,7 @@ Parameters
  • yes ←
    • - - - +
    Gather tape information for storage gateways in tape mode.
    @@ -214,9 +198,7 @@ Parameters
  • yes ←
    • - - - +
    Gather volume information for storage gateways in iSCSI (cached & stored) modes.
    @@ -231,9 +213,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -248,9 +228,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -266,9 +244,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -288,9 +264,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -317,10 +291,10 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: "Get AWS storage gateway information" - aws_sgw_info: + community.aws.aws_sgw_info: - name: "Get AWS storage gateway information for region eu-west-3" - aws_sgw_info: + community.aws.aws_sgw_info: region: eu-west-3 @@ -328,7 +302,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_ssm.rst b/docs/community.aws.aws_ssm.rst index 3c3b3b9ba91..14dca08d823 100644 --- a/docs/community.aws.aws_ssm.rst +++ b/docs/community.aws.aws_ssm.rst @@ -1,5 +1,5 @@ -.. _community.aws.aws_ssm_: +.. _community.aws.aws_ssm_connection: ********************* @@ -23,7 +23,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the local master node that executes this connection. - The remote EC2 instance must be running the AWS Systems Manager Agent (SSM Agent). - The control machine must have the aws session manager plugin installed. diff --git a/docs/community.aws.aws_ssm_parameter_store.rst b/docs/community.aws.aws_ssm_parameter_store.rst index 99c5c69ccb6..94cbbe34d8d 100644 --- a/docs/community.aws.aws_ssm_parameter_store.rst +++ b/docs/community.aws.aws_ssm_parameter_store.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_ssm_parameter_store_: +.. _community.aws.aws_ssm_parameter_store_module: ************************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -134,9 +126,7 @@ Parameters
  • yes ←
    • - - - +
    Work with SecureString type to get plain text secrets
    @@ -151,9 +141,7 @@ Parameters - - - +
    Parameter key description.
    @@ -168,9 +156,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -186,9 +172,7 @@ Parameters Default:
    "alias/aws/ssm"
    - - - +
    AWS KMS key to decrypt the secrets.
    The default key (alias/aws/ssm) is automatically generated the first time it's requested.
    @@ -204,9 +188,7 @@ Parameters - - - +
    Parameter key name.
    @@ -226,9 +208,7 @@ Parameters
  • always
    • - - - +
    Option to overwrite an existing value if it already exists.
    @@ -243,9 +223,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -260,9 +238,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -278,9 +254,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -300,9 +274,7 @@ Parameters
  • absent
    • - - - +
    Creates or modifies an existing parameter.
    Deletes a parameter.
    @@ -323,9 +295,7 @@ Parameters
  • SecureString
    • - - - +
    Parameter String type.
    @@ -344,9 +314,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -361,9 +329,7 @@ Parameters - - - +
    Parameter value.
    @@ -388,25 +354,25 @@ Examples - name: Create or update key/value pair in aws parameter store - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" description: "This is your first key" value: "World" - name: Delete the key - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" state: absent - name: Create or update secure key/value pair with default kms key (aws/ssm) - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" description: "This is your first key" string_type: "SecureString" value: "World" - name: Create or update secure key/value pair with nominated kms key - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "Hello" description: "This is your first key" string_type: "SecureString" @@ -414,7 +380,7 @@ Examples value: "World" - name: Always update a parameter store value and create a new version - aws_ssm_parameter_store: + community.aws.aws_ssm_parameter_store: name: "overwrite_example" description: "This example will always overwrite the value" string_type: "String" @@ -422,14 +388,15 @@ Examples overwrite_value: "always" - name: recommend to use with aws_ssm lookup plugin - debug: msg="{{ lookup('aws_ssm', 'hello') }}" + debug: + msg: "{{ lookup('amazon.aws.aws_ssm', 'hello') }}" Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_step_functions_state_machine.rst b/docs/community.aws.aws_step_functions_state_machine.rst index 974ac88e222..ec6ae2e96f5 100644 --- a/docs/community.aws.aws_step_functions_state_machine.rst +++ b/docs/community.aws.aws_step_functions_state_machine.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_step_functions_state_machine_: +.. _community.aws.aws_step_functions_state_machine_module: ********************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    The Amazon States Language definition of the state machine. See https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information on the Amazon States Language.
    This parameter is required when state=present.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Name of the state machine
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -202,9 +186,7 @@ Parameters
  • yes ←
    • - - - +
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters - - - +
    The ARN of the IAM Role that will be used by the state machine for its executions.
    This parameter is required when state=present.
    @@ -255,9 +233,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -277,9 +253,7 @@ Parameters
  • absent
    • - - - +
    Desired state for the state machine
    @@ -294,9 +268,7 @@ Parameters - - - +
    A hash/dictionary of tags to add to the new state machine or to add/remove from an existing one.
    @@ -315,9 +287,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -343,7 +313,7 @@ Examples # Create a new AWS Step Functions state machine - name: Setup HelloWorld state machine - aws_step_functions_state_machine: + community.aws.aws_step_functions_state_machine: name: "HelloWorldStateMachine" definition: "{{ lookup('file','state_machine.json') }}" role_arn: arn:aws:iam::987654321012:role/service-role/invokeLambdaStepFunctionsRole @@ -352,7 +322,7 @@ Examples # Update an existing state machine - name: Change IAM Role and tags of HelloWorld state machine - aws_step_functions_state_machine: + community.aws.aws_step_functions_state_machine: name: HelloWorldStateMachine definition: "{{ lookup('file','state_machine.json') }}" role_arn: arn:aws:iam::987654321012:role/service-role/anotherStepFunctionsRole @@ -361,7 +331,7 @@ Examples # Remove the AWS Step Functions state machine - name: Delete HelloWorld state machine - aws_step_functions_state_machine: + community.aws.aws_step_functions_state_machine: name: HelloWorldStateMachine state: absent @@ -370,7 +340,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_step_functions_state_machine_execution.rst b/docs/community.aws.aws_step_functions_state_machine_execution.rst index ef5e1112649..8d3b2b77ec3 100644 --- a/docs/community.aws.aws_step_functions_state_machine_execution.rst +++ b/docs/community.aws.aws_step_functions_state_machine_execution.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_step_functions_state_machine_execution_: +.. _community.aws.aws_step_functions_state_machine_execution_module: ******************************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters
  • stop
    • - - - +
    Desired action (start or stop) for a state machine execution.
    @@ -73,9 +71,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -91,9 +87,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -110,9 +104,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -129,9 +121,7 @@ Parameters Default:
    ""
    - - - +
    A detailed explanation of the cause for stopping the execution.
    @@ -150,9 +140,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -167,9 +155,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -185,9 +171,7 @@ Parameters Default:
    ""
    - - - +
    The error code of the failure to pass in when stopping the execution.
    @@ -202,9 +186,7 @@ Parameters - - - +
    The ARN of the execution you wish to stop.
    @@ -220,9 +202,7 @@ Parameters Default:
    {}
    - - - +
    The JSON input data for the execution.
    @@ -237,9 +217,7 @@ Parameters - - - +
    Name of the execution.
    @@ -254,9 +232,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -271,9 +247,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -289,9 +263,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -307,9 +279,7 @@ Parameters - - - +
    The ARN of the state machine that will be executed.
    @@ -328,9 +298,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -355,13 +323,13 @@ Examples - name: Start an execution of a state machine - aws_step_functions_state_machine_execution: + community.aws.aws_step_functions_state_machine_execution: name: an_execution_name execution_input: '{ "IsHelloWorldExample": true }' state_machine_arn: "arn:aws:states:us-west-2:682285639423:stateMachine:HelloWorldStateMachine" - name: Stop an execution of a state machine - aws_step_functions_state_machine_execution: + community.aws.aws_step_functions_state_machine_execution: action: stop execution_arn: "arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8" cause: "cause of task failure" @@ -372,7 +340,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_waf_condition.rst b/docs/community.aws.aws_waf_condition.rst index d9f014a2efd..2301928b362 100644 --- a/docs/community.aws.aws_waf_condition.rst +++ b/docs/community.aws.aws_waf_condition.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_waf_condition_: +.. _community.aws.aws_waf_condition_module: ******************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    A list of the filters against which to match.
    For type=byte, valid keys are field_to_match, position, header, transformation and target_string.
    For type=geo, the only valid key is country.
    @@ -179,9 +167,7 @@ Parameters
  • GT
    • - - - +
    What type of comparison to perform.
    Only valid key when type=size.
    @@ -198,9 +184,7 @@ Parameters - - - +
    Value of geo constraint (typically a two letter country code).
    The only valid key when type=geo.
    @@ -224,9 +208,7 @@ Parameters
  • body
    • - - - +
    The field upon which to perform the match.
    Valid when type=byte, type=regex, type=sql or type=xss.
    @@ -243,9 +225,7 @@ Parameters - - - +
    Which specific header should be matched.
    Required when field_to_match=header.
    Valid when type=byte.
    @@ -263,9 +243,7 @@ Parameters - - - +
    An IP Address or CIDR to match.
    The only valid key when type=ip.
    @@ -289,9 +267,7 @@ Parameters
  • contains_word
    • - - - +
    Where in the field the match needs to occur.
    Only valid when type=byte.
    @@ -308,9 +284,7 @@ Parameters - - - +
    A dict describing the regular expressions used to perform the match.
    Only valid when type=regex.
    @@ -328,9 +302,7 @@ Parameters - - - +
    A name to describe the set of patterns.
    @@ -347,9 +319,7 @@ Parameters - - - +
    A list of regular expressions to match.
    @@ -366,9 +336,7 @@ Parameters - - - +
    The size of the field (in bytes).
    Only valid key when type=size.
    @@ -385,9 +353,7 @@ Parameters - - - +
    The string to search for.
    May be up to 50 bytes.
    Valid when type=byte.
    @@ -413,9 +379,7 @@ Parameters
  • url_decode
    • - - - +
    A transform to apply on the field prior to performing the match.
    Valid when type=byte, type=regex, type=sql or type=xss.
    @@ -432,9 +396,7 @@ Parameters - - - +
    Name of the Web Application Firewall condition to manage.
    @@ -449,9 +411,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -470,9 +430,7 @@ Parameters
  • yes
    • - - - +
    Whether to remove existing filters from a condition if not passed in filters.
    @@ -487,9 +445,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -505,9 +461,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -527,9 +481,7 @@ Parameters
  • absent
    • - - - +
    Whether the condition should be present or absent.
    @@ -553,9 +505,7 @@ Parameters
  • xss
    • - - - +
    The type of matching to perform.
    @@ -574,9 +524,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -595,9 +543,7 @@ Parameters
  • yes
    • - - - +
    Whether to use waf-regional module.
    @@ -622,7 +568,7 @@ Examples - name: create WAF byte condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_byte_condition filters: - field_to_match: header @@ -632,7 +578,7 @@ Examples type: byte - name: create WAF geo condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_geo_condition filters: - country: US @@ -641,7 +587,7 @@ Examples type: geo - name: create IP address condition - aws_waf_condition: + community.aws.aws_waf_condition: name: "{{ resource_prefix }}_ip_condition" filters: - ip_address: "10.0.0.0/8" @@ -649,7 +595,7 @@ Examples type: ip - name: create WAF regex condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_regex_condition filters: - field_to_match: query_string @@ -662,7 +608,7 @@ Examples type: regex - name: create WAF size condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_size_condition filters: - field_to_match: query_string @@ -671,7 +617,7 @@ Examples type: size - name: create WAF sql injection condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_sql_condition filters: - field_to_match: query_string @@ -679,7 +625,7 @@ Examples type: sql - name: create WAF xss condition - aws_waf_condition: + community.aws.aws_waf_condition: name: my_xss_condition filters: - field_to_match: query_string @@ -692,7 +638,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_waf_info.rst b/docs/community.aws.aws_waf_info.rst index d5b3999eb0e..9772e3d7e85 100644 --- a/docs/community.aws.aws_waf_info.rst +++ b/docs/community.aws.aws_waf_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_waf_info_: +.. _community.aws.aws_waf_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The name of a Web Application Firewall.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -221,9 +203,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -242,9 +222,7 @@ Parameters
  • yes
    • - - - +
    Whether to use the waf-regional module.
    @@ -269,14 +247,14 @@ Examples - name: obtain all WAF information - aws_waf_info: + community.aws.aws_waf_info: - name: obtain all information for a single WAF - aws_waf_info: + community.aws.aws_waf_info: name: test_waf - name: obtain all information for a single WAF Regional - aws_waf_info: + community.aws.aws_waf_info: name: test_waf waf_regional: true @@ -285,7 +263,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_waf_rule.rst b/docs/community.aws.aws_waf_rule.rst index 8f1188d2197..12bbd6dfdd0 100644 --- a/docs/community.aws.aws_waf_rule.rst +++ b/docs/community.aws.aws_waf_rule.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_waf_rule_: +.. _community.aws.aws_waf_rule_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -107,10 +101,8 @@ Parameters - - - -
    List of conditions used in the rule. aws_waf_condition can be used to create new conditions.
    + +
    List of conditions used in the rule. community.aws.aws_waf_condition can be used to create new conditions.
    @@ -125,9 +117,7 @@ Parameters - - - +
    The name of the condition. The condition must already exist.
    @@ -147,9 +137,7 @@ Parameters
  • yes
    • - - - +
    Whether the condition should be negated.
    @@ -173,9 +161,7 @@ Parameters
  • xss
    • - - - +
    The type of rule to match.
    @@ -195,9 +181,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -212,9 +196,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -229,9 +211,7 @@ Parameters - - - +
    A friendly name or description for the metrics for the rule.
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    You can't change metric_name after you create the rule.
    @@ -249,9 +229,7 @@ Parameters - - - +
    Name of the Web Application Firewall rule.
    @@ -266,9 +244,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -287,9 +263,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to remove conditions that are not passed when updating `conditions`.
    @@ -304,9 +278,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -322,9 +294,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -344,9 +314,7 @@ Parameters
  • absent
    • - - - +
    Whether the rule should be present or absent.
    @@ -365,9 +333,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -386,9 +352,7 @@ Parameters
  • yes
    • - - - +
    Whether to use waf-regional module.
    @@ -414,7 +378,7 @@ Examples - name: create WAF rule - aws_waf_rule: + community.aws.aws_waf_rule: name: my_waf_rule conditions: - name: my_regex_condition @@ -428,7 +392,7 @@ Examples negated: yes - name: remove WAF rule - aws_waf_rule: + community.aws.aws_waf_rule: name: "my_waf_rule" state: absent @@ -438,7 +402,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.aws_waf_web_acl.rst b/docs/community.aws.aws_waf_web_acl.rst index 3e590749f95..551129a72b1 100644 --- a/docs/community.aws.aws_waf_web_acl.rst +++ b/docs/community.aws.aws_waf_web_acl.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.aws_waf_web_acl_: +.. _community.aws.aws_waf_web_acl_module: ***************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -133,9 +125,7 @@ Parameters
  • count
    • - - - +
    The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL.
    @@ -150,9 +140,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -167,9 +155,7 @@ Parameters - - - +
    A friendly name or description for the metrics for this WebACL.
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    You can't change metric_name after you create the WebACL.
    @@ -187,9 +173,7 @@ Parameters - - - +
    Name of the Web Application Firewall ACL to manage.
    @@ -204,9 +188,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -225,9 +207,7 @@ Parameters
  • yes
    • - - - +
    Whether to remove rules that aren't passed with rules.
    @@ -242,9 +222,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -260,9 +238,7 @@ Parameters - - - +
    A list of rules that the Web ACL will enforce.
    @@ -278,9 +254,7 @@ Parameters - - - +
    The action to perform.
    @@ -296,9 +270,7 @@ Parameters - - - +
    Name of the rule.
    @@ -314,9 +286,7 @@ Parameters - - - +
    The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
    @@ -336,9 +306,7 @@ Parameters
  • regular
    • - - - +
    The type of rule.
    @@ -354,9 +322,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -376,9 +342,7 @@ Parameters
  • absent
    • - - - +
    Whether the Web ACL should be present or absent.
    @@ -397,9 +361,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -418,9 +380,7 @@ Parameters
  • yes
    • - - - +
    Whether to use waf-regional module.
    @@ -445,7 +405,7 @@ Examples - name: create web ACL - aws_waf_web_acl: + community.aws.aws_waf_web_acl: name: my_web_acl rules: - name: my_rule @@ -456,7 +416,7 @@ Examples state: present - name: delete the web acl - aws_waf_web_acl: + community.aws.aws_waf_web_acl: name: my_web_acl state: absent @@ -465,7 +425,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudformation_exports_info.rst b/docs/community.aws.cloudformation_exports_info.rst index 9e1a071ddab..6a3400001c0 100644 --- a/docs/community.aws.cloudformation_exports_info.rst +++ b/docs/community.aws.cloudformation_exports_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudformation_exports_info_: +.. _community.aws.cloudformation_exports_info_module: ***************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.11.15 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -163,9 +151,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -181,9 +167,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -203,9 +187,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -230,7 +212,7 @@ Examples - name: Get Exports - cloudformation_exports_info: + community.aws.cloudformation_exports_info: profile: 'my_aws_profile' region: 'my_region' register: cf_exports @@ -242,7 +224,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudformation_stack_set.rst b/docs/community.aws.cloudformation_stack_set.rst index 330690bf119..c6db71ccdae 100644 --- a/docs/community.aws.cloudformation_stack_set.rst +++ b/docs/community.aws.cloudformation_stack_set.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudformation_stack_set_: +.. _community.aws.cloudformation_stack_set_module: ************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3>=1.6 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    A list of AWS accounts in which to create instance of CloudFormation stacks.
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    @@ -72,9 +70,7 @@ Parameters - - - +
    ARN of the administration role, meaning the role that CloudFormation Stack Sets use to assume the roles in your child accounts.
    This defaults to arn:aws:iam::{{ account ID }}:role/AWSCloudFormationStackSetAdministrationRole where {{ account ID }} is replaced with the account number of the current IAM role/user/STS credentials.

    aliases: admin_role_arn, admin_role, administration_role
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -128,9 +120,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -150,9 +140,7 @@ Parameters
  • CAPABILITY_NAMED_IAM
    • - - - +
    Capabilities allow stacks to create and modify IAM resources, which may include adding users or roles.
    Currently the only available values are 'CAPABILITY_IAM' and 'CAPABILITY_NAMED_IAM'. Either or both may be provided.
    The following resources require that one or both of these parameters is specified: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::IAM::UserToGroupAddition
    @@ -173,9 +161,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -190,9 +176,7 @@ Parameters - - - +
    A description of what this stack set creates.
    @@ -207,9 +191,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -224,9 +206,7 @@ Parameters - - - +
    ARN of the execution role, meaning the role that CloudFormation Stack Sets assumes in your child accounts.
    This MUST NOT be an ARN, and the roles must exist in each child account specified.
    The default name for the execution role is AWSCloudFormationStackSetExecutionRole
    @@ -244,9 +224,7 @@ Parameters - - - +
    Settings to change what is considered "failed" when running stack instance updates, and how many to do at a time.
    @@ -262,9 +240,7 @@ Parameters - - - +
    The number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region.
    You must specify one of fail_count and fail_percentage.
    @@ -281,9 +257,7 @@ Parameters - - - +
    The percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region.
    You must specify one of fail_count and fail_percentage.
    @@ -300,9 +274,7 @@ Parameters - - - +
    The maximum number of accounts in which to perform this operation at one time.
    parallel_count may be at most one more than the fail_count.
    You must specify one of parallel_count and parallel_percentage.
    @@ -321,9 +293,7 @@ Parameters - - - +
    The maximum percentage of accounts in which to perform this operation at one time.
    You must specify one of parallel_count and parallel_percentage.
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual percentage may be lower.
    @@ -341,9 +311,7 @@ Parameters - - - +
    Name of the CloudFormation stack set.
    @@ -359,9 +327,7 @@ Parameters Default:
    {}
    - - - +
    A list of hashes of all the template variables for the stack. The value can be a string or a dict.
    Dict can be used to set additional template parameter attributes like UsePreviousValue (see example).
    @@ -377,9 +343,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -398,9 +362,7 @@ Parameters
  • yes ←
    • - - - +
    Only applicable when state=absent. Sets whether, when deleting a stack set, the stack instances should also be deleted.
    By default, instances will be deleted. To keep stacks when stack set is deleted set purge_stacks=false.
    @@ -416,9 +378,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -434,9 +394,7 @@ Parameters - - - +
    A list of AWS regions to create instances of a stack in. The region parameter chooses where the Stack Set is created, and regions specifies the region for stack instances.
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    @@ -452,9 +410,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -474,9 +430,7 @@ Parameters
  • absent
    • - - - +
    If state=present, stack will be created. If state=present and if stack exists and template has changed, it will be updated. If state=absent, stack will be removed.
    @@ -491,9 +445,7 @@ Parameters - - - +
    Dictionary of tags to associate with stack and its resources during stack creation.
    Can be updated later, updating tags removes previous entries.
    @@ -509,9 +461,7 @@ Parameters - - - +
    The local path of the CloudFormation template.
    This must be the full path to the file, relative to the working directory. If using roles this may look like roles/cloudformation/files/cloudformation-example.json.
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    @@ -529,9 +479,7 @@ Parameters - - - +
    Template body. Use this to pass in the actual body of the CloudFormation template.
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    @@ -548,9 +496,7 @@ Parameters - - - +
    Location of file containing the template body.
    The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    @@ -572,9 +518,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -593,9 +537,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to wait for stack operation to complete. This includes waiting for stack instances to reach UPDATE_COMPLETE status.
    If you choose not to wait, this module will not notify when stack operations fail because it will not wait for them to finish.
    @@ -612,9 +554,7 @@ Parameters Default:
    900
    - - - +
    How long to wait (in seconds) for stacks to complete create/update/delete operations.
    @@ -626,7 +566,7 @@ Notes ----- .. note:: - - To make an individual stack, you want the :ref:`cloudformation ` module. + - To make an individual stack, you want the :ref:`amazon.aws.cloudformation ` module. - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -640,7 +580,7 @@ Examples - name: Create a stack set with instances in two accounts - cloudformation_stack_set: + community.aws.cloudformation_stack_set: name: my-stack description: Test stack in two accounts state: present @@ -650,7 +590,7 @@ Examples - us-east-1 - name: on subsequent calls, templates are optional but parameters and tags can be altered - cloudformation_stack_set: + community.aws.cloudformation_stack_set: name: my-stack state: present parameters: @@ -663,7 +603,7 @@ Examples - us-east-1 - name: The same type of update, but wait for the update to complete in all stacks - cloudformation_stack_set: + community.aws.cloudformation_stack_set: name: my-stack state: present wait: true @@ -681,7 +621,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudfront_distribution.rst b/docs/community.aws.cloudfront_distribution.rst index c0721aa5635..fa619bae52a 100644 --- a/docs/community.aws.cloudfront_distribution.rst +++ b/docs/community.aws.cloudfront_distribution.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudfront_distribution_: +.. _community.aws.cloudfront_distribution_module: ************************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.0.0 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the distribution_id as well as the e_tag, or caller_reference of an existing distribution.
    @@ -70,9 +68,7 @@ Parameters - - - +
    A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
    Each alias must be unique across all distribution for the AWS account.
    @@ -88,9 +84,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -106,9 +100,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -125,9 +117,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -143,9 +133,7 @@ Parameters - - - +
    A list of dictionaries describing the cache behaviors for the distribution.
    The order of the list is preserved across runs unless purge_cache_behaviors is enabled.
    @@ -162,9 +150,7 @@ Parameters - - - +
    A dict that specifies how CloudFront handles query strings and cookies.
    @@ -181,9 +167,7 @@ Parameters - - - +
    A dict that controls which HTTP methods CloudFront processes and forwards.
    @@ -201,9 +185,7 @@ Parameters - - - +
    A list of HTTP methods that you want CloudFront to apply caching to.
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    @@ -222,9 +204,7 @@ Parameters - - - +
    A list of HTTP methods that you want CloudFront to process and forward.
    @@ -246,9 +226,7 @@ Parameters
  • yes
    • - - - +
    Whether you want CloudFront to automatically compress files.
    @@ -265,9 +243,7 @@ Parameters - - - +
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    @@ -285,9 +261,7 @@ Parameters - - - +
    Specifies which cookies to forward to the origin for this cache behavior.
    Valid values are all, none, or whitelist.
    @@ -306,9 +280,7 @@ Parameters - - - +
    A list of coockies to forward to the origin for this cache behavior.
    @@ -326,9 +298,7 @@ Parameters - - - +
    The default amount of time that you want objects to stay in CloudFront caches.
    @@ -345,9 +315,7 @@ Parameters - - - +
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    @@ -364,9 +332,7 @@ Parameters - - - +
    A list of headers to forward to the origin for this cache behavior.
    To forward all headers use a list containing a single element '*' (['*'])
    @@ -384,9 +350,7 @@ Parameters - - - +
    A list of Lambda function associations to use for this cache behavior.
    @@ -404,9 +368,7 @@ Parameters - - - +
    Specifies the event type that triggers a Lambda function invocation.
    This can be viewer-request, origin-request, origin-response or viewer-response.
    @@ -425,9 +387,7 @@ Parameters - - - +
    The ARN of the Lambda function.
    @@ -445,9 +405,7 @@ Parameters - - - +
    The maximum amount of time that you want objects to stay in CloudFront caches.
    @@ -464,9 +422,7 @@ Parameters - - - +
    The minimum amount of time that you want objects to stay in CloudFront caches.
    @@ -487,9 +443,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    @@ -506,9 +460,7 @@ Parameters - - - +
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    @@ -529,9 +481,7 @@ Parameters
  • yes
    • - - - +
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    @@ -548,9 +498,7 @@ Parameters - - - +
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    @@ -572,9 +520,7 @@ Parameters
  • yes
    • - - - +
    Whether you want to require viewers to use signed URLs to access the files specified by path_pattern and target_origin_id
    @@ -592,9 +538,7 @@ Parameters - - - +
    A list of trusted signers for this cache behavior.
    @@ -612,9 +556,7 @@ Parameters - - - +
    The protocol that viewers can use to access the files in the origin specified by target_origin_id when a request matches path_pattern.
    Valid values are allow-all, redirect-to-https and https-only.
    @@ -632,9 +574,7 @@ Parameters - - - +
    The pattern that specifies which requests to apply the behavior to.
    @@ -650,9 +590,7 @@ Parameters - - - +
    The ID of the origin that you want CloudFront to route requests to by default.
    @@ -668,9 +606,7 @@ Parameters - - - +
    A unique identifier for creating and updating CloudFront distributions.
    Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of distribution_id to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format YYYY-MM-DDTHH:MM:SS.ffffff.
    @@ -686,9 +622,7 @@ Parameters - - - +
    A comment that describes the CloudFront distribution.
    If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
    @@ -704,9 +638,7 @@ Parameters - - - +
    A config element that is a list[] of complex custom error responses to be specified for the distribution.
    This attribute configures custom http error messages returned to the user.
    @@ -723,9 +655,7 @@ Parameters - - - +
    The length of time (in seconds) that CloudFront will cache status codes for.
    @@ -741,9 +671,7 @@ Parameters - - - +
    The error code the custom error page is for.
    @@ -759,9 +687,7 @@ Parameters - - - +
    The HTTP status code that CloudFront should return to a user when the origin returns the HTTP status code specified by error_code.
    @@ -777,9 +703,7 @@ Parameters - - - +
    The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by error_code.
    @@ -799,9 +723,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -816,9 +738,7 @@ Parameters - - - +
    A dict specifying the default cache behavior of the distribution.
    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
    @@ -835,9 +755,7 @@ Parameters - - - +
    A dict that specifies how CloudFront handles query strings and cookies.
    @@ -854,9 +772,7 @@ Parameters - - - +
    A dict that controls which HTTP methods CloudFront processes and forwards.
    @@ -874,9 +790,7 @@ Parameters - - - +
    A list of HTTP methods that you want CloudFront to apply caching to.
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    @@ -895,9 +809,7 @@ Parameters - - - +
    A list of HTTP methods that you want CloudFront to process and forward.
    @@ -919,9 +831,7 @@ Parameters
  • yes
    • - - - +
    Whether you want CloudFront to automatically compress files.
    @@ -938,9 +848,7 @@ Parameters - - - +
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    @@ -958,9 +866,7 @@ Parameters - - - +
    Specifies which cookies to forward to the origin for this cache behavior.
    Valid values are all, none, or whitelist.
    @@ -979,9 +885,7 @@ Parameters - - - +
    A list of coockies to forward to the origin for this cache behavior.
    @@ -999,9 +903,7 @@ Parameters - - - +
    The default amount of time that you want objects to stay in CloudFront caches.
    @@ -1018,9 +920,7 @@ Parameters - - - +
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    @@ -1037,9 +937,7 @@ Parameters - - - +
    A list of headers to forward to the origin for this cache behavior.
    To forward all headers use a list containing a single element '*' (['*'])
    @@ -1057,9 +955,7 @@ Parameters - - - +
    A list of Lambda function associations to use for this cache behavior.
    @@ -1077,9 +973,7 @@ Parameters - - - +
    Specifies the event type that triggers a Lambda function invocation.
    This can be viewer-request, origin-request, origin-response or viewer-response.
    @@ -1098,9 +992,7 @@ Parameters - - - +
    The ARN of the Lambda function.
    @@ -1118,9 +1010,7 @@ Parameters - - - +
    The maximum amount of time that you want objects to stay in CloudFront caches.
    @@ -1137,9 +1027,7 @@ Parameters - - - +
    The minimum amount of time that you want objects to stay in CloudFront caches.
    @@ -1160,9 +1048,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    @@ -1179,9 +1065,7 @@ Parameters - - - +
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    @@ -1202,9 +1086,7 @@ Parameters
  • yes
    • - - - +
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    @@ -1221,9 +1103,7 @@ Parameters - - - +
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    @@ -1245,9 +1125,7 @@ Parameters
  • yes
    • - - - +
    Whether you want to require viewers to use signed URLs to access the files specified by target_origin_id
    @@ -1265,9 +1143,7 @@ Parameters - - - +
    A list of trusted signers for this cache behavior.
    @@ -1285,9 +1161,7 @@ Parameters - - - +
    The protocol that viewers can use to access the files in the origin specified by target_origin_id.
    Valid values are allow-all, redirect-to-https and https-only.
    @@ -1305,9 +1179,7 @@ Parameters - - - +
    The ID of the origin that you want CloudFront to route requests to by default.
    @@ -1323,9 +1195,7 @@ Parameters - - - +
    The domain name to use for an origin if no origins have been specified.
    Should only be used on a first run of generating a distribution and not on subsequent runs.
    Should not be used in conjunction with distribution_id, caller_reference or alias.
    @@ -1342,9 +1212,7 @@ Parameters - - - +
    The default origin path to specify for an origin if no origins have been specified. Defaults to empty if not specified.
    @@ -1359,9 +1227,7 @@ Parameters - - - +
    A config element that specifies the path to request when the user requests the origin.
    e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user.
    This prevents the entire distribution origin from being exposed at the root.
    @@ -1378,9 +1244,7 @@ Parameters - - - +
    The ID of the CloudFront distribution.
    This parameter can be exchanged with alias or caller_reference and is used in conjunction with e_tag.
    @@ -1396,9 +1260,7 @@ Parameters - - - +
    A unique identifier of a modified or existing distribution. Used in conjunction with distribution_id.
    Is determined automatically if not specified.
    @@ -1414,9 +1276,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -1435,9 +1295,7 @@ Parameters
  • yes
    • - - - +
    A boolean value that specifies whether the distribution is enabled or disabled.
    @@ -1452,9 +1310,7 @@ Parameters - - - +
    The version of the http protocol to use for the distribution.
    AWS defaults this to http2.
    Valid values are http1.1 and http2
    @@ -1475,9 +1331,7 @@ Parameters
  • yes
    • - - - +
    Determines whether IPv6 support is enabled or not.
    @@ -1492,9 +1346,7 @@ Parameters - - - +
    A config element that is a complex object that defines logging for the distribution.
    @@ -1510,9 +1362,7 @@ Parameters - - - +
    The S3 bucket to store the log in.
    @@ -1532,9 +1382,7 @@ Parameters
  • yes
    • - - - +
    When enabled=true CloudFront will log access to an S3 bucket.
    @@ -1554,9 +1402,7 @@ Parameters
  • yes
    • - - - +
    When include_cookies=true CloudFront will include cookies in the logs.
    @@ -1572,9 +1418,7 @@ Parameters - - - +
    A prefix to include in the S3 object names.
    @@ -1590,9 +1434,7 @@ Parameters - - - +
    A config element that is a list of complex origin objects to be specified for the distribution. Used for creating and updating distributions.
    @@ -1608,9 +1450,7 @@ Parameters - - - +
    Custom headers you wish to add to the request before passing it to the origin.
    @@ -1628,9 +1468,7 @@ Parameters - - - +
    The name of a header that you want CloudFront to forward to your origin.
    @@ -1647,9 +1485,7 @@ Parameters - - - +
    The value for the header that you specified in the header_name field.
    @@ -1666,9 +1502,7 @@ Parameters - - - +
    Connection information about the origin.
    @@ -1685,9 +1519,7 @@ Parameters - - - +
    The HTTP port the custom origin listens on.
    @@ -1704,9 +1536,7 @@ Parameters - - - +
    The HTTPS port the custom origin listens on.
    @@ -1723,9 +1553,7 @@ Parameters - - - +
    A keep-alive timeout (in seconds).
    @@ -1742,9 +1570,7 @@ Parameters - - - +
    The origin protocol policy to apply to your origin.
    @@ -1761,9 +1587,7 @@ Parameters - - - +
    A timeout (in seconds) when reading from your origin.
    @@ -1780,9 +1604,7 @@ Parameters - - - +
    A list of SSL/TLS protocols that you want CloudFront to use when communicating to the origin over HTTPS.
    @@ -1799,9 +1621,7 @@ Parameters - - - +
    The domain name which CloudFront will query as the origin.
    @@ -1818,9 +1638,7 @@ Parameters - - - +
    A unique identifier for the origin or origin group. id must be unique within the distribution.
    @@ -1836,9 +1654,7 @@ Parameters - - - +
    Tells CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    @@ -1858,9 +1674,7 @@ Parameters
  • yes
    • - - - +
    Use an origin access identity to configure the origin so that viewers can only access objects in an Amazon S3 bucket through CloudFront.
    Will automatically create an Identity for you.
    @@ -1878,9 +1692,7 @@ Parameters - - - +
    A string that specifies the pricing class of the distribution. As per https://aws.amazon.com/cloudfront/pricing/
    price_class=PriceClass_100 consists of the areas United States, Canada and Europe.
    price_class=PriceClass_200 consists of the areas United States, Canada, Europe, Japan, India, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    @@ -1900,9 +1712,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -1921,9 +1731,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether existing aliases will be removed before adding new aliases.
    When purge_aliases=yes, existing aliases are removed and aliases are added.
    @@ -1943,9 +1751,7 @@ Parameters
  • yes
    • - - - +
    Whether to remove any cache behaviors that aren't listed in cache_behaviors.
    This switch also allows the reordering of cache_behaviors.
    @@ -1965,9 +1771,7 @@ Parameters
  • yes
    • - - - +
    Whether to remove any custom error responses that aren't listed in custom_error_responses.
    @@ -1986,9 +1790,7 @@ Parameters
  • yes
    • - - - +
    Whether to remove any origins that aren't listed in origins.
    @@ -2007,9 +1809,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether existing tags will be removed before adding new tags.
    When purge_tags=yes, existing tags are removed and tags are added, if specified. If no tags are specified, it removes all existing tags for the distribution.
    When purge_tags=no, existing tags are kept and tags are added, if specified.
    @@ -2026,9 +1826,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -2044,9 +1842,7 @@ Parameters - - - +
    A config element that is a complex object that describes how a distribution should restrict it's content.
    @@ -2062,9 +1858,7 @@ Parameters - - - +
    Apply a restriciton based on the location of the requester.
    @@ -2081,9 +1875,7 @@ Parameters - - - +
    A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
    @@ -2101,9 +1893,7 @@ Parameters - - - +
    The method that you want to use to restrict distribution of your content by country.
    Valid values are none, whitelist, blacklist
    @@ -2121,9 +1911,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -2143,9 +1931,7 @@ Parameters
  • absent
    • - - - +
    The desired state of the distribution.
    state=present creates a new distribution or updates an existing distribution.
    state=absent deletes an existing distribution.
    @@ -2162,9 +1948,7 @@ Parameters - - - +
    Should be input as a dict of key-value pairs.
    Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
    @@ -2184,9 +1968,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -2201,9 +1983,7 @@ Parameters - - - +
    A dict that specifies the encryption details of the distribution.
    @@ -2219,9 +1999,7 @@ Parameters - - - +
    The ID of a certificate stored in ACM to use for HTTPS connections.
    If acm_certificate_id is set then you must also specify ssl_support_method
    @@ -2242,9 +2020,7 @@ Parameters
  • yes
    • - - - +
    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
    If cloudfront_default_certificate=true do not set ssl_support_method.
    @@ -2261,9 +2037,7 @@ Parameters - - - +
    The ID of a certificate stored in IAM to use for HTTPS connections.
    If iam_certificate_id is set then you must also specify ssl_support_method
    @@ -2280,9 +2054,7 @@ Parameters - - - +
    The security policy that you want CloudFront to use for HTTPS connections.
    @@ -2299,9 +2071,7 @@ Parameters - - - +
    How CloudFront should serve SSL certificates.
    Valid values are sni-only for SNI, and vip if CloudFront is configured to use a dedicated IP for your content.
    @@ -2322,9 +2092,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether the module waits until the distribution has completed processing the creation or update.
    @@ -2340,9 +2108,7 @@ Parameters Default:
    1800
    - - - +
    Specifies the duration in seconds to wait for a timeout of a cloudfront create or update.
    @@ -2357,9 +2123,7 @@ Parameters - - - +
    The ID of a Web Application Firewall (WAF) Access Control List (ACL).
    @@ -2383,10 +2147,8 @@ Examples .. code-block:: yaml+jinja - - # create a basic distribution with defaults and tags - - - cloudfront_distribution: + - name: create a basic distribution with defaults and tags + community.aws.cloudfront_distribution: state: present default_origin_domain_name: www.my-cloudfront-origin.com tags: @@ -2394,31 +2156,27 @@ Examples Project: example project Priority: '1' - # update a distribution comment by distribution_id - - - cloudfront_distribution: + - name: update a distribution comment by distribution_id + community.aws.cloudfront_distribution: state: present distribution_id: E1RP5A2MJ8073O comment: modified by ansible cloudfront.py - # update a distribution comment by caller_reference - - - cloudfront_distribution: + - name: update a distribution comment by caller_reference + community.aws.cloudfront_distribution: state: present caller_reference: my cloudfront distribution 001 comment: modified by ansible cloudfront.py - # update a distribution's aliases and comment using the distribution_id as a reference - - - cloudfront_distribution: + - name: update a distribution's aliases and comment using the distribution_id as a reference + community.aws.cloudfront_distribution: state: present distribution_id: E1RP5A2MJ8073O comment: modified by cloudfront.py again aliases: [ 'www.my-distribution-source.com', 'zzz.aaa.io' ] - # update a distribution's aliases and comment using an alias as a reference - - - cloudfront_distribution: + - name: update a distribution's aliases and comment using an alias as a reference + community.aws.cloudfront_distribution: state: present caller_reference: my test distribution comment: modified by cloudfront.py again @@ -2426,9 +2184,8 @@ Examples - www.my-distribution-source.com - zzz.aaa.io - # update a distribution's comment and aliases and tags and remove existing tags - - - cloudfront_distribution: + - name: update a distribution's comment and aliases and tags and remove existing tags + community.aws.cloudfront_distribution: state: present distribution_id: E15BU8SDCGSG57 comment: modified by cloudfront.py again @@ -2438,9 +2195,8 @@ Examples Project: distribution 1.2 purge_tags: yes - # create a distribution with an origin, logging and default cache behavior - - - cloudfront_distribution: + - name: create a distribution with an origin, logging and default cache behavior + community.aws.cloudfront_distribution: state: present caller_reference: unique test distribution ID origins: @@ -2476,9 +2232,8 @@ Examples enabled: false comment: this is a CloudFront distribution with logging - # delete a distribution - - - cloudfront_distribution: + - name: delete a distribution + community.aws.cloudfront_distribution: state: absent caller_reference: replaceable distribution @@ -2487,7 +2242,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudfront_info.rst b/docs/community.aws.cloudfront_info.rst index c0eebe28220..a3282a26f2f 100644 --- a/docs/community.aws.cloudfront_info.rst +++ b/docs/community.aws.cloudfront_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudfront_info_: +.. _community.aws.cloudfront_info_module: ***************************** @@ -18,13 +19,13 @@ community.aws.cloudfront_info Synopsis -------- - Gets information about an AWS CloudFront distribution. -- This module was called ``cloudfront_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`cloudfront_info ` module no longer returns ``ansible_facts``! +- This module was called ``cloudfront_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.cloudfront_info ` module no longer returns ``ansible_facts``! Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.0.0 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -58,9 +58,7 @@ Parameters
  • yes
    • - - - +
    Get all CloudFront lists that do not require parameters.
    @@ -75,9 +73,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -93,9 +89,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -112,9 +106,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -134,9 +126,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -155,9 +145,7 @@ Parameters
  • yes
    • - - - +
    Get information about a distribution.
    Requires distribution_id or domain_name_alias to be specified.
    @@ -177,9 +165,7 @@ Parameters
  • yes
    • - - - +
    Get the configuration information about a distribution.
    Requires distribution_id or domain_name_alias to be specified.
    @@ -195,9 +181,7 @@ Parameters - - - +
    The id of the CloudFront distribution. Used with distribution, distribution_config, invalidation, streaming_distribution, streaming_distribution_config, list_invalidations.
    @@ -212,9 +196,7 @@ Parameters - - - +
    Can be used instead of distribution_id - uses the aliased CNAME for the CloudFront distribution to get the distribution id where required.
    @@ -229,9 +211,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -250,9 +230,7 @@ Parameters
  • yes
    • - - - +
    Get information about an invalidation.
    Requires invalidation_id to be specified.
    @@ -268,9 +246,7 @@ Parameters - - - +
    The id of the invalidation to get information about.
    Used with invalidation.
    @@ -290,9 +266,7 @@ Parameters
  • yes
    • - - - +
    Get a list of CloudFront distributions.
    @@ -311,9 +285,7 @@ Parameters
  • yes
    • - - - +
    Get a list of distributions using web acl id as a filter.
    Requires web_acl_id to be set.
    @@ -333,9 +305,7 @@ Parameters
  • yes
    • - - - +
    Get a list of invalidations.
    Requires distribution_id or domain_name_alias to be specified.
    @@ -355,9 +325,7 @@ Parameters
  • yes
    • - - - +
    Get a list of CloudFront origin access identities.
    Requires origin_access_identity_id to be set.
    @@ -377,9 +345,7 @@ Parameters
  • yes
    • - - - +
    Get a list of streaming distributions.
    @@ -398,9 +364,7 @@ Parameters
  • yes
    • - - - +
    Get information about an origin access identity.
    Requires origin_access_identity_id to be specified.
    @@ -420,9 +384,7 @@ Parameters
  • yes
    • - - - +
    Get the configuration information about an origin access identity.
    Requires origin_access_identity_id to be specified.
    @@ -438,9 +400,7 @@ Parameters - - - +
    The id of the CloudFront origin access identity to get information about.
    @@ -455,9 +415,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -472,9 +430,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -490,9 +446,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -512,9 +466,7 @@ Parameters
  • yes
    • - - - +
    Get information about a specified RTMP distribution.
    Requires distribution_id or domain_name_alias to be specified.
    @@ -534,9 +486,7 @@ Parameters
  • yes
    • - - - +
    Get the configuration information about a specified RTMP distribution.
    Requires distribution_id or domain_name_alias to be specified.
    @@ -556,9 +506,7 @@ Parameters
  • yes
    • - - - +
    Returns a summary of all distributions, streaming distributions and origin_access_identities.
    This is the default behaviour if no option is selected.
    @@ -578,9 +526,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -606,21 +552,21 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Get a summary of distributions - - cloudfront_info: + - name: Get a summary of distributions + community.aws.cloudfront_info: summary: true register: result - # Get information about a distribution - - cloudfront_info: + - name: Get information about a distribution + community.aws.cloudfront_info: distribution: true distribution_id: my-cloudfront-distribution-id register: result_did - debug: msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" - # Get information about a distribution using the CNAME of the cloudfront distribution. - - cloudfront_info: + - name: Get information about a distribution using the CNAME of the cloudfront distribution. + community.aws.cloudfront_info: distribution: true domain_name_alias: www.my-website.com register: result_website @@ -630,36 +576,37 @@ Examples # When the module is called as cloudfront_facts, return values are published # in ansible_facts['cloudfront'][] and can be used as follows. # Note that this is deprecated and will stop working in Ansible 2.13. - - cloudfront_facts: + - name: Gather facts + community.aws.cloudfront_facts: distribution: true distribution_id: my-cloudfront-distribution-id - debug: msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" - - cloudfront_facts: + - community.aws.cloudfront_facts: distribution: true domain_name_alias: www.my-website.com - debug: msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" - # Get all information about an invalidation for a distribution. - - cloudfront_facts: + - name: Get all information about an invalidation for a distribution. + community.aws.cloudfront_info: invalidation: true distribution_id: my-cloudfront-distribution-id invalidation_id: my-cloudfront-invalidation-id - # Get all information about a CloudFront origin access identity. - - cloudfront_facts: + - name: Get all information about a CloudFront origin access identity. + community.aws.cloudfront_info: origin_access_identity: true origin_access_identity_id: my-cloudfront-origin-access-identity-id - # Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) - - cloudfront_facts: + - name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + community.aws.cloudfront_info: origin_access_identity: true origin_access_identity_id: my-cloudfront-origin-access-identity-id - # Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) - - cloudfront_facts: + - name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + community.aws.cloudfront_info: all_lists: true @@ -667,7 +614,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudfront_invalidation.rst b/docs/community.aws.cloudfront_invalidation.rst index 03323cac566..00e8bc1e774 100644 --- a/docs/community.aws.cloudfront_invalidation.rst +++ b/docs/community.aws.cloudfront_invalidation.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudfront_invalidation_: +.. _community.aws.cloudfront_invalidation_module: ************************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.0.0 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    The alias of the CloudFront distribution to invalidate paths for. Can be specified instead of distribution_id.
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -126,9 +118,7 @@ Parameters Default:
    null
    - - - +
    A unique reference identifier for the invalidation paths.
    Defaults to current datetime stamp.
    @@ -148,9 +138,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The ID of the CloudFront distribution to invalidate paths for. Can be specified instead of the alias.
    @@ -182,9 +168,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -199,9 +183,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -216,9 +198,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -234,9 +214,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -252,9 +230,7 @@ Parameters - - - +
    A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*'
    @@ -273,9 +249,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -302,7 +276,7 @@ Examples - name: create a batch of invalidations using a distribution_id for a reference - cloudfront_invalidation: + community.aws.cloudfront_invalidation: distribution_id: E15BU8SDCGSG57 caller_reference: testing 123 target_paths: @@ -311,7 +285,7 @@ Examples - /testpaththree/test3.ss - name: create a batch of invalidations using an alias as a reference and one path using a wildcard match - cloudfront_invalidation: + community.aws.cloudfront_invalidation: alias: alias.test.com caller_reference: testing 123 target_paths: @@ -325,7 +299,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudfront_origin_access_identity.rst b/docs/community.aws.cloudfront_origin_access_identity.rst index 103b35992d1..a34b6629eec 100644 --- a/docs/community.aws.cloudfront_origin_access_identity.rst +++ b/docs/community.aws.cloudfront_origin_access_identity.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudfront_origin_access_identity_: +.. _community.aws.cloudfront_origin_access_identity_module: *********************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.0.0 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    A unique identifier to reference the origin access identity by.
    @@ -125,9 +117,7 @@ Parameters - - - +
    A comment to describe the CloudFront origin access identity.
    @@ -146,9 +136,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The origin_access_identity_id of the CloudFront distribution.
    @@ -197,9 +181,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -214,9 +196,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -232,9 +212,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -254,9 +232,7 @@ Parameters
  • absent
    • - - - +
    If the named resource should exist.
    @@ -275,9 +251,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -304,19 +278,19 @@ Examples - name: create an origin access identity - cloudfront_origin_access_identity: + community.aws.cloudfront_origin_access_identity: state: present caller_reference: this is an example reference comment: this is an example comment - name: update an existing origin access identity using caller_reference as an identifier - cloudfront_origin_access_identity: + community.aws.cloudfront_origin_access_identity: origin_access_identity_id: E17DRN9XUOAHZX caller_reference: this is an example reference comment: this is a new comment - name: delete an existing origin access identity using caller_reference as an identifier - cloudfront_origin_access_identity: + community.aws.cloudfront_origin_access_identity: state: absent caller_reference: this is an example reference comment: this is a new comment @@ -327,7 +301,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudtrail.rst b/docs/community.aws.cloudtrail.rst index 6810f74c84d..ae4563c0291 100644 --- a/docs/community.aws.cloudtrail.rst +++ b/docs/community.aws.cloudtrail.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudtrail_: +.. _community.aws.cloudtrail_module: ************************ @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.
    Required when cloudwatch_logs_role_arn.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.
    Required when cloudwatch_logs_log_group_arn.
    @@ -151,9 +141,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -168,9 +156,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -189,9 +175,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether log file integrity validation is enabled.
    CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.

    aliases: log_file_validation_enabled
    @@ -212,9 +196,7 @@ Parameters
  • yes ←
    • - - - +
    Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
    @@ -233,9 +215,7 @@ Parameters
  • yes ←
    • - - - +
    Record API calls from global services such as IAM and STS.

    aliases: include_global_service_events
    @@ -255,9 +235,7 @@ Parameters
  • yes
    • - - - +
    Specify whether the trail belongs only to one region or exists in all regions.
    @@ -272,9 +250,7 @@ Parameters - - - +
    Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.
    The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
    @@ -292,9 +268,7 @@ Parameters Default:
    "default"
    - - - +
    Name for the CloudTrail.
    Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
    @@ -310,9 +284,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -327,9 +299,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -345,9 +315,7 @@ Parameters - - - +
    An existing S3 bucket where CloudTrail will deliver log files.
    This bucket should exist and have the proper policy.
    @@ -365,9 +333,7 @@ Parameters - - - +
    S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
    @@ -382,9 +348,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -400,9 +364,7 @@ Parameters - - - +
    SNS Topic name to send notifications to when a log file is delivered.
    @@ -423,9 +385,7 @@ Parameters
  • disabled
    • - - - +
    Add or remove CloudTrail configuration.
    The following states have been preserved for backwards compatibility: state=enabled and state=disabled.
    state=enabled is equivalet to state=present.
    @@ -444,9 +404,7 @@ Parameters Default:
    {}
    - - - +
    A hash/dictionary of tags to be applied to the CloudTrail resource.
    Remove completely or specify an empty dictionary to remove all tags.
    @@ -466,9 +424,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -493,7 +449,7 @@ Examples - name: create single region cloudtrail - cloudtrail: + community.aws.cloudtrail: state: present name: default s3_bucket_name: mylogbucket @@ -501,7 +457,7 @@ Examples region: us-east-1 - name: create multi-region trail with validation and tags - cloudtrail: + community.aws.cloudtrail: state: present name: default s3_bucket_name: mylogbucket @@ -516,7 +472,7 @@ Examples Name: default - name: show another valid kms_key_id - cloudtrail: + community.aws.cloudtrail: state: present name: default s3_bucket_name: mylogbucket @@ -524,7 +480,7 @@ Examples # simply "12345678-1234-1234-1234-123456789012" would be valid too. - name: pause logging the trail we just created - cloudtrail: + community.aws.cloudtrail: state: present name: default enable_logging: false @@ -537,7 +493,7 @@ Examples Name: default - name: delete a trail - cloudtrail: + community.aws.cloudtrail: state: absent name: default @@ -546,7 +502,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudwatchevent_rule.rst b/docs/community.aws.cloudwatchevent_rule.rst index 4759769d22a..4757a689f54 100644 --- a/docs/community.aws.cloudwatchevent_rule.rst +++ b/docs/community.aws.cloudwatchevent_rule.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudwatchevent_rule_: +.. _community.aws.cloudwatchevent_rule_module: ********************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    A description of the rule.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match [\.\-_A-Za-z0-9]+).
    @@ -197,9 +181,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -214,9 +196,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -232,9 +212,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the IAM role associated with the rule.
    @@ -249,9 +227,7 @@ Parameters - - - +
    A cron or rate expression that defines the schedule the rule will trigger on. For example, cron(0 20 * * ? *), rate(5 minutes).
    @@ -266,9 +242,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -289,9 +263,7 @@ Parameters
  • absent
    • - - - +
    Whether the rule is present (and enabled), disabled, or absent.
    @@ -306,9 +278,7 @@ Parameters - - - +
    A list of targets to add to or update for the rule.
    @@ -324,9 +294,7 @@ Parameters - - - +
    The ARN associated with the target.
    @@ -342,9 +310,7 @@ Parameters - - - +
    Contains the ECS task definition and task count to be used, if the event target is an ECS task.
    @@ -361,9 +327,7 @@ Parameters - - - +
    The number of tasks to create based on task_definition.
    @@ -380,9 +344,7 @@ Parameters - - - +
    The full ARN of the task definition.
    @@ -399,9 +361,7 @@ Parameters - - - +
    The unique target assignment ID.
    @@ -417,9 +377,7 @@ Parameters - - - +
    A JSON object that will override the event data when passed to the target.
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    @@ -436,9 +394,7 @@ Parameters - - - +
    A JSONPath string (e.g. $.detail) that specifies the part of the event data to be passed to the target.
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    @@ -455,9 +411,7 @@ Parameters - - - +
    The ARN of the IAM role to be used for this target when the rule is triggered.
    @@ -477,9 +431,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -505,7 +457,7 @@ Examples .. code-block:: yaml+jinja - - cloudwatchevent_rule: + - community.aws.cloudwatchevent_rule: name: MyCronTask schedule_expression: "cron(0 20 * * ? *)" description: Run my scheduled task @@ -513,7 +465,7 @@ Examples - id: MyTargetId arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction - - cloudwatchevent_rule: + - community.aws.cloudwatchevent_rule: name: MyDisabledCronTask schedule_expression: "rate(5 minutes)" description: Run my disabled scheduled task @@ -523,7 +475,7 @@ Examples arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction input: '{"foo": "bar"}' - - cloudwatchevent_rule: + - community.aws.cloudwatchevent_rule: name: MyCronTask state: absent @@ -532,7 +484,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudwatchlogs_log_group.rst b/docs/community.aws.cloudwatchlogs_log_group.rst index b253c8bd054..3b6b2213b88 100644 --- a/docs/community.aws.cloudwatchlogs_log_group.rst +++ b/docs/community.aws.cloudwatchlogs_log_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudwatchlogs_log_group_: +.. _community.aws.cloudwatchlogs_log_group_module: ************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The name of the log group.
    @@ -186,9 +172,7 @@ Parameters
  • yes
    • - - - +
    Whether an existing log group should be overwritten on create.
    Mutually exclusive with purge_retention_policy.
    @@ -204,9 +188,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -225,9 +207,7 @@ Parameters
  • yes
    • - - - +
    Whether to purge the retention policy or not.
    Mutually exclusive with retention and overwrite.
    @@ -243,9 +223,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -261,9 +239,7 @@ Parameters - - - +
    The number of days to retain the log events in the specified log group.
    Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
    Mutually exclusive with purge_retention_policy.
    @@ -280,9 +256,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -302,9 +276,7 @@ Parameters
  • absent
    • - - - +
    Whether the rule is present or absent.
    @@ -319,9 +291,7 @@ Parameters - - - +
    The key-value pairs to use for the tags.
    @@ -340,9 +310,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -369,21 +337,21 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - - cloudwatchlogs_log_group: + - community.aws.cloudwatchlogs_log_group: log_group_name: test-log-group - - cloudwatchlogs_log_group: + - community.aws.cloudwatchlogs_log_group: state: present log_group_name: test-log-group tags: { "Name": "test-log-group", "Env" : "QA" } - - cloudwatchlogs_log_group: + - community.aws.cloudwatchlogs_log_group: state: present log_group_name: test-log-group tags: { "Name": "test-log-group", "Env" : "QA" } kms_key_id: arn:aws:kms:region:account-id:key/key-id - - cloudwatchlogs_log_group: + - community.aws.cloudwatchlogs_log_group: state: absent log_group_name: test-log-group @@ -393,7 +361,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudwatchlogs_log_group_info.rst b/docs/community.aws.cloudwatchlogs_log_group_info.rst index dcfdac3bf3c..8fcda96b250 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_info.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudwatchlogs_log_group_info_: +.. _community.aws.cloudwatchlogs_log_group_info_module: ******************************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The name or prefix of the log group to filter by.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -200,9 +184,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -222,9 +204,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -249,7 +229,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - - cloudwatchlogs_log_group_info: + - community.aws.cloudwatchlogs_log_group_info: log_group_name: test-log-group @@ -257,7 +237,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst index 496024dcecb..8add2e756e4 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.cloudwatchlogs_log_group_metric_filter_: +.. _community.aws.cloudwatchlogs_log_group_metric_filter_module: **************************************************** @@ -18,13 +19,13 @@ community.aws.cloudwatchlogs_log_group_metric_filter Synopsis -------- - Create, modify and delete CloudWatch log group metric filter. -- CloudWatch log group metric filter can be use with :ref:`ec2_metric_alarm `. +- CloudWatch log group metric filter can be use with :ref:`community.aws.ec2_metric_alarm `. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    A name for the metric filter you create.
    @@ -165,9 +153,7 @@ Parameters - - - +
    A filter pattern for extracting metric data out of ingested log events. Required when state=present.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The name of the log group where the metric filter is applied on.
    @@ -199,9 +183,7 @@ Parameters - - - +
    A collection of information that defines how metric data gets emitted. Required when state=present.
    @@ -217,9 +199,7 @@ Parameters - - - +
    The value to emit when a filter pattern does not match a log event.
    @@ -235,9 +215,7 @@ Parameters - - - +
    The name of the cloudWatch metric.
    @@ -253,9 +231,7 @@ Parameters - - - +
    The namespace of the cloudWatch metric.
    @@ -271,9 +247,7 @@ Parameters - - - +
    The value to publish to the cloudWatch metric when a filter pattern matches a log event.
    @@ -289,9 +263,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -306,9 +278,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -324,9 +294,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -346,9 +314,7 @@ Parameters
  • absent
    • - - - +
    Whether the rule is present or absent.
    @@ -367,9 +333,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -394,7 +358,7 @@ Examples - name: set metric filter on log group /fluentd/testcase - cloudwatchlogs_log_group_metric_filter: + community.aws.cloudwatchlogs_log_group_metric_filter: log_group_name: /fluentd/testcase filter_name: BoxFreeStorage filter_pattern: '{($.value = *) && ($.hostname = "box")}' @@ -405,7 +369,7 @@ Examples metric_value: "$.value" - name: delete metric filter on log group /fluentd/testcase - cloudwatchlogs_log_group_metric_filter: + community.aws.cloudwatchlogs_log_group_metric_filter: log_group_name: /fluentd/testcase filter_name: BoxFreeStorage state: absent @@ -415,7 +379,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.data_pipeline.rst b/docs/community.aws.data_pipeline.rst index 883e007bfeb..476f93b00dd 100644 --- a/docs/community.aws.data_pipeline.rst +++ b/docs/community.aws.data_pipeline.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.data_pipeline_: +.. _community.aws.data_pipeline_module: *************************** @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -132,9 +124,7 @@ Parameters Default:
    ""
    - - - +
    An optional description for the pipeline being created.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    The name of the Datapipeline to create/modify/delete.
    @@ -183,9 +169,7 @@ Parameters - - - +
    A list of pipeline object definitions, each of which is a dict that takes the keys id, name and fields.
    @@ -201,9 +185,7 @@ Parameters - - - +
    Key-value pairs that define the properties of the object.
    The value is specified as a reference to another object refValue or as a string value stringValue but not as both.
    @@ -221,9 +203,7 @@ Parameters - - - +
    The field identifier.
    @@ -240,9 +220,7 @@ Parameters - - - +
    The field value, expressed as the identifier of another object.
    Exactly one of stringValue and refValue may be specified.
    @@ -260,9 +238,7 @@ Parameters - - - +
    The field value.
    Exactly one of stringValue and refValue may be specified.
    @@ -280,9 +256,7 @@ Parameters - - - +
    The ID of the object.
    @@ -298,9 +272,7 @@ Parameters - - - +
    The name of the object.
    @@ -316,9 +288,7 @@ Parameters - - - +
    A list of parameter objects (dicts) in the pipeline definition.
    @@ -334,9 +304,7 @@ Parameters - - - +
    A list of attributes (dicts) of the parameter object.
    @@ -353,9 +321,7 @@ Parameters - - - +
    The field identifier.
    @@ -372,9 +338,7 @@ Parameters - - - +
    The field value.
    @@ -391,9 +355,7 @@ Parameters - - - +
    The ID of the parameter object.
    @@ -409,9 +371,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -426,9 +386,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -444,9 +402,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -468,9 +424,7 @@ Parameters
  • inactive
    • - - - +
    The requested state of the pipeline.
    @@ -485,9 +439,7 @@ Parameters - - - +
    A dict of key:value pair(s) to add to the pipeline.
    @@ -503,9 +455,7 @@ Parameters Default:
    300
    - - - +
    Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
    @@ -524,9 +474,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -541,9 +489,7 @@ Parameters - - - +
    A list of parameter values (dicts) in the pipeline definition.
    @@ -559,9 +505,7 @@ Parameters - - - +
    The ID of the parameter value
    @@ -577,9 +521,7 @@ Parameters - - - +
    The field value
    @@ -595,10 +537,8 @@ Parameters - - - -
    The version option has never had any effect and will be removed in Ansible 2.14
    + +
    The version option has never had any effect and will be removed after 2022-06-01.
    @@ -624,7 +564,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Create pipeline - - data_pipeline: + - community.aws.data_pipeline: name: test-dp region: us-west-2 objects: "{{pipelineObjects}}" @@ -636,7 +576,7 @@ Examples state: present # Example populating and activating a pipeline that demonstrates two ways of providing pipeline objects - - data_pipeline: + - community.aws.data_pipeline: name: test-dp objects: - "id": "DefaultSchedule" @@ -659,13 +599,13 @@ Examples state: active # Activate pipeline - - data_pipeline: + - community.aws.data_pipeline: name: test-dp region: us-west-2 state: active # Delete pipeline - - data_pipeline: + - community.aws.data_pipeline: name: test-dp region: us-west-2 state: absent @@ -676,7 +616,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.dms_endpoint.rst b/docs/community.aws.dms_endpoint.rst index c3095fe4a85..22f3e63fabf 100644 --- a/docs/community.aws.dms_endpoint.rst +++ b/docs/community.aws.dms_endpoint.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.dms_endpoint_: +.. _community.aws.dms_endpoint_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -107,9 +101,7 @@ Parameters - - - +
    Amazon Resource Name (ARN) for the certificate.
    @@ -124,9 +116,7 @@ Parameters - - - +
    Name for the database on the origin or target side.
    @@ -145,9 +135,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -162,9 +150,7 @@ Parameters - - - +
    The settings in JSON format for the DMS transfer type of source endpoint.
    @@ -179,9 +165,7 @@ Parameters - - - +
    Settings in JSON format for the target Amazon DynamoDB endpoint if source or target is dynamodb.
    @@ -196,9 +180,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -213,9 +195,7 @@ Parameters - - - +
    Settings in JSON format for the target Elasticsearch endpoint.
    @@ -230,9 +210,7 @@ Parameters - - - +
    An identifier name for the endpoint.
    @@ -251,9 +229,7 @@ Parameters
  • target
    • - - - +
    Type of endpoint we want to manage.
    @@ -283,9 +259,7 @@ Parameters
  • sqlserver
    • - - - +
    Database engine that we want to use, please refer to the AWS DMS for more information on the supported engines and their limitations.
    @@ -300,9 +274,7 @@ Parameters - - - +
    The external table definition.
    @@ -317,9 +289,7 @@ Parameters - - - +
    Extra attributes for the database connection, the AWS documentation states " For more information about extra connection attributes, see the documentation section for your data store."
    @@ -334,9 +304,7 @@ Parameters - - - +
    Settings in JSON format for the target Amazon Kinesis Data Streams endpoint.
    @@ -351,9 +319,7 @@ Parameters - - - +
    Encryption key to use to encrypt replication storage and connection information.
    @@ -368,9 +334,7 @@ Parameters - - - +
    Settings in JSON format for the source MongoDB endpoint.
    @@ -385,9 +349,7 @@ Parameters - - - +
    Password used to connect to the database this attribute can only be written the AWS API does not return this parameter.
    @@ -402,9 +364,7 @@ Parameters - - - +
    TCP port for access to the database.
    @@ -419,9 +379,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -436,9 +394,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -454,9 +410,7 @@ Parameters - - - +
    number of times we should retry when deleting a resource
    Required when wait=true.
    @@ -472,9 +426,7 @@ Parameters - - - +
    S3 buckets settings for the target Amazon S3 endpoint.
    @@ -489,9 +441,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -507,9 +457,7 @@ Parameters - - - +
    Servername that the endpoint will connect to.
    @@ -524,9 +472,7 @@ Parameters - - - +
    Amazon Resource Name (ARN) for the service access role that you want to use to create the endpoint.
    @@ -547,9 +493,7 @@ Parameters
  • verify-full
    • - - - +
    Mode used for the SSL connection.
    @@ -568,9 +512,7 @@ Parameters
  • absent
    • - - - +
    State of the endpoint.
    @@ -585,9 +527,7 @@ Parameters - - - +
    A list of tags to add to the endpoint.
    @@ -602,9 +542,7 @@ Parameters - - - +
    Time in seconds we should wait for when deleting a resource.
    Required when wait=true.
    @@ -620,9 +558,7 @@ Parameters - - - +
    Username our endpoint will use to connect to the database.
    @@ -641,9 +577,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -662,9 +596,7 @@ Parameters
  • yes
    • - - - +
    Whether Ansible should wait for the object to be deleted when state=absent.
    @@ -689,8 +621,8 @@ Examples # Note: These examples do not set authentication details - # Endpoint Creation - - dms_endpoint: + - name: Endpoint Creation + community.aws.dms_endpoint: state: absent endpointidentifier: 'testsource' endpointtype: source diff --git a/docs/community.aws.dms_replication_subnet_group.rst b/docs/community.aws.dms_replication_subnet_group.rst index 3dd33626847..1999c3f18ed 100644 --- a/docs/community.aws.dms_replication_subnet_group.rst +++ b/docs/community.aws.dms_replication_subnet_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.dms_replication_subnet_group_: +.. _community.aws.dms_replication_subnet_group_module: ****************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    The description for the subnet group.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -162,9 +150,7 @@ Parameters - - - +
    The name for the replication subnet group. This value is stored as a lowercase string. Must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens. Must not be "default".
    @@ -179,9 +165,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -196,9 +180,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -214,9 +196,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -236,9 +216,7 @@ Parameters
  • absent
    • - - - +
    State of the subnet group.
    @@ -253,9 +231,7 @@ Parameters - - - +
    A list containing the subnet ids for the replication subnet group, needs to be at least 2 items in the list.
    @@ -274,9 +250,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -300,7 +274,7 @@ Examples .. code-block:: yaml+jinja - - dms_replication_subnet_group: + - community.aws.dms_replication_subnet_group: state: present identifier: "dev-sngroup" description: "Development Subnet Group asdasdas" diff --git a/docs/community.aws.dynamodb_table.rst b/docs/community.aws.dynamodb_table.rst index 4ca9d625e86..ea16d293391 100644 --- a/docs/community.aws.dynamodb_table.rst +++ b/docs/community.aws.dynamodb_table.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.dynamodb_table_: +.. _community.aws.dynamodb_table_module: **************************** @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto >= 2.37.0 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -74,9 +72,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -93,9 +89,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -115,9 +109,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -132,9 +124,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Name of the hash key.
    Required when state=present.
    @@ -172,9 +160,7 @@ Parameters
  • BINARY
    • - - - +
    Type of the hash key.
    @@ -190,9 +176,7 @@ Parameters Default:
    []
    - - - +
    list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.
    required options: ['name', 'type', 'hash_key_name']
    other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
    @@ -210,9 +194,7 @@ Parameters - - - +
    The name of the hash-based key.
    @@ -228,9 +210,7 @@ Parameters - - - +
    The type of the hash-based key.
    @@ -246,9 +226,7 @@ Parameters - - - +
    A list of fields to include when using global_include or include indexes.
    @@ -264,9 +242,7 @@ Parameters - - - +
    The name of the index.
    @@ -282,9 +258,7 @@ Parameters - - - +
    The name of the range-based key.
    @@ -300,9 +274,7 @@ Parameters - - - +
    The type of the range-based key.
    @@ -318,9 +290,7 @@ Parameters - - - +
    Read throughput capacity (units) to provision for the index.
    @@ -336,9 +306,7 @@ Parameters - - - +
    The type of index.
    Valid types: all, global_all, global_include, global_keys_only, include, keys_only
    @@ -355,9 +323,7 @@ Parameters - - - +
    Write throughput capacity (units) to provision for the index.
    @@ -373,9 +339,7 @@ Parameters - - - +
    Name of the table.
    @@ -390,9 +354,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -407,9 +369,7 @@ Parameters - - - +
    Name of the range key.
    @@ -429,9 +389,7 @@ Parameters
  • BINARY
    • - - - +
    Type of the range key.
    @@ -447,9 +405,7 @@ Parameters Default:
    1
    - - - +
    Read throughput capacity (units) to provision.
    @@ -464,9 +420,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -482,9 +436,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -504,9 +456,7 @@ Parameters
  • absent
    • - - - +
    Create or delete the table.
    @@ -521,9 +471,7 @@ Parameters - - - +
    A hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag.
    For example: {"key":"value"} and {"key":"value","key2":"value2"}
    @@ -543,9 +491,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -561,9 +507,7 @@ Parameters Default:
    60
    - - - +
    how long before wait gives up, in seconds. only used when tags is set
    @@ -579,9 +523,7 @@ Parameters Default:
    1
    - - - +
    Write throughput capacity (units) to provision.
    @@ -605,8 +547,8 @@ Examples .. code-block:: yaml+jinja - # Create dynamo table with hash and range primary key - - dynamodb_table: + - name: Create dynamo table with hash and range primary key + community.aws.dynamodb_table: name: my-table region: us-east-1 hash_key_name: id @@ -618,15 +560,15 @@ Examples tags: tag_name: tag_value - # Update capacity on existing dynamo table - - dynamodb_table: + - name: Update capacity on existing dynamo table + community.aws.dynamodb_table: name: my-table region: us-east-1 read_capacity: 10 write_capacity: 10 - # set index on existing dynamo table - - dynamodb_table: + - name: set index on existing dynamo table + community.aws.dynamodb_table: name: my-table region: us-east-1 indexes: @@ -640,8 +582,8 @@ Examples read_capacity: 10 write_capacity: 10 - # Delete dynamo table - - dynamodb_table: + - name: Delete dynamo table + community.aws.dynamodb_table: name: my-table region: us-east-1 state: absent @@ -651,7 +593,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.dynamodb_ttl.rst b/docs/community.aws.dynamodb_ttl.rst index 2ca10b01a37..748632fa818 100644 --- a/docs/community.aws.dynamodb_ttl.rst +++ b/docs/community.aws.dynamodb_ttl.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.dynamodb_ttl_: +.. _community.aws.dynamodb_ttl_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    The name of the Time To Live attribute used to store the expiration time for items in the table.
    This appears to be required by the API even when disabling TTL.
    @@ -73,9 +71,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -91,9 +87,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -110,9 +104,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -201,9 +185,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -223,9 +205,7 @@ Parameters
  • disable
    • - - - +
    State to set DynamoDB table to.
    @@ -240,9 +220,7 @@ Parameters - - - +
    Name of the DynamoDB table to work on.
    @@ -261,9 +239,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -288,13 +264,13 @@ Examples - name: enable TTL on my cowfacts table - dynamodb_ttl: + community.aws.dynamodb_ttl: state: enable table_name: cowfacts attribute_name: cow_deleted_date - name: disable TTL on my cowfacts table - dynamodb_ttl: + community.aws.dynamodb_ttl: state: disable table_name: cowfacts attribute_name: cow_deleted_date @@ -304,7 +280,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_ami_copy.rst b/docs/community.aws.ec2_ami_copy.rst index 31960fe23e8..6d8861f4fab 100644 --- a/docs/community.aws.ec2_ami_copy.rst +++ b/docs/community.aws.ec2_ami_copy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_ami_copy_: +.. _community.aws.ec2_ami_copy_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    An optional human-readable string describing the contents and purpose of the new AMI.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -167,9 +155,7 @@ Parameters
  • yes
    • - - - +
    Whether or not the destination snapshots of the copied AMI should be encrypted.
    @@ -184,9 +170,7 @@ Parameters - - - +
    KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
    @@ -202,9 +186,7 @@ Parameters Default:
    "default"
    - - - +
    The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
    @@ -219,9 +201,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -236,9 +216,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -254,9 +232,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -272,9 +248,7 @@ Parameters - - - +
    The ID of the AMI in source region that should be copied.
    @@ -289,9 +263,7 @@ Parameters - - - +
    The source region the AMI should be copied from.
    @@ -310,9 +282,7 @@ Parameters
  • yes
    • - - - +
    Whether to use tags if the source AMI already exists in the target region. If this is set, and all tags match in an existing AMI, the AMI will not be copied again.
    @@ -327,9 +297,7 @@ Parameters - - - +
    A hash/dictionary of tags to add to the new copied AMI: {"key":"value"} and {"key":"value","key":"value"}
    @@ -348,9 +316,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -369,9 +335,7 @@ Parameters
  • yes
    • - - - +
    Wait for the copied AMI to be in state 'available' before returning.
    @@ -387,9 +351,7 @@ Parameters Default:
    600
    - - - +
    How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
    @@ -414,14 +376,14 @@ Examples .. code-block:: yaml+jinja - # Basic AMI Copy - - ec2_ami_copy: + - name: Basic AMI Copy + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx - # AMI copy wait until available - - ec2_ami_copy: + - name: AMI copy wait until available + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx @@ -429,16 +391,16 @@ Examples wait_timeout: 1200 # Default timeout is 600 register: image_id - # Named AMI copy - - ec2_ami_copy: + - name: Named AMI copy + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx name: My-Awesome-AMI description: latest patch - # Tagged AMI copy (will not copy the same AMI twice) - - ec2_ami_copy: + - name: Tagged AMI copy (will not copy the same AMI twice) + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx @@ -447,15 +409,15 @@ Examples Patch: 1.2.3 tag_equality: yes - # Encrypted AMI copy - - ec2_ami_copy: + - name: Encrypted AMI copy + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx encrypted: yes - # Encrypted AMI copy with specified key - - ec2_ami_copy: + - name: Encrypted AMI copy with specified key + community.aws.ec2_ami_copy: source_region: us-east-1 region: eu-west-1 source_image_id: ami-xxxxxxx @@ -467,7 +429,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_asg.rst b/docs/community.aws.ec2_asg.rst index 9ede5cba7f5..ef8eb7b9ac0 100644 --- a/docs/community.aws.ec2_asg.rst +++ b/docs/community.aws.ec2_asg.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_asg_: +.. _community.aws.ec2_asg_module: ********************* @@ -18,13 +19,13 @@ community.aws.ec2_asg Synopsis -------- - Can create or delete AWS AutoScaling Groups. -- Can be used with the :ref:`ec2_lc ` module to manage Launch Configurations. +- Can be used with the :ref:`community.aws.ec2_lc ` module to manage Launch Configurations. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    List of availability zone names in which to create the group.
    Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
    @@ -73,9 +71,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -91,9 +87,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -110,9 +104,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -150,9 +140,7 @@ Parameters Default:
    300
    - - - +
    The number of seconds after a scaling activity completes before another can begin.
    @@ -167,9 +155,7 @@ Parameters - - - +
    Desired number of instances in group, if unspecified then the current group value will be used.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -202,9 +186,7 @@ Parameters Default:
    300
    - - - +
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    @@ -223,9 +205,7 @@ Parameters
  • ELB
    • - - - +
    The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
    @@ -240,10 +220,8 @@ Parameters - - - -
    Name of the Launch configuration to use for the group. See the ec2_lc module for managing these.
    + +
    Name of the Launch configuration to use for the group. See the community.aws.ec2_lc) module for managing these.
    If unspecified then the current group value will be used. One of launch_config_name or launch_template must be provided.
    @@ -258,9 +236,7 @@ Parameters - - - +
    Dictionary describing the Launch Template to use
    @@ -276,9 +252,7 @@ Parameters - - - +
    The id of the launch template. Only one of launch_template_name or launch_template_id is required.
    @@ -294,9 +268,7 @@ Parameters - - - +
    The name of the launch template. Only one of launch_template_name or launch_template_id is required.
    @@ -312,9 +284,7 @@ Parameters - - - +
    The version number of the launch template to use.
    Defaults to latest version if not provided.
    @@ -335,9 +305,7 @@ Parameters
  • yes ←
    • - - - +
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
    @@ -352,9 +320,7 @@ Parameters - - - +
    List of ELB names to use for the group. Use for classic load balancers.
    @@ -373,9 +339,7 @@ Parameters
  • yes ←
    • - - - +
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_template or I(launch_template version.
    @@ -390,9 +354,7 @@ Parameters - - - +
    The maximum amount of time, in seconds, that an instance can be in service.
    Maximum instance lifetime must be equal to 0, between 604800 and 31536000 seconds (inclusive), or not specified.
    Value of 0 removes lifetime restriction.
    @@ -409,9 +371,7 @@ Parameters - - - +
    Maximum number of instances in group, if unspecified then the current group value will be used.
    @@ -430,9 +390,7 @@ Parameters
  • yes
    • - - - +
    Enable ASG metrics collection.
    @@ -448,9 +406,7 @@ Parameters Default:
    "1Minute"
    - - - +
    When metrics_collection=true this will determine the granularity of metrics collected by CloudWatch.
    @@ -466,9 +422,7 @@ Parameters Default:
    ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
    - - - +
    List of autoscaling metrics to collect when metrics_collection=true.
    @@ -483,9 +437,7 @@ Parameters - - - +
    Minimum number of instances in group, if unspecified then the current group value will be used.
    @@ -500,9 +452,7 @@ Parameters - - - +
    A mixed instance policy to use for the ASG.
    Only used when the ASG is configured to use a Launch Template (launch_template).
    @@ -520,9 +470,7 @@ Parameters - - - +
    A list of instance_types.
    @@ -538,9 +486,7 @@ Parameters - - - +
    Unique name for group to be created or deleted.
    @@ -555,9 +501,7 @@ Parameters - - - +
    A SNS topic ARN to send auto scaling notifications to.
    @@ -573,9 +517,7 @@ Parameters Default:
    ["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
    - - - +
    A list of auto scaling events to trigger notifications on.
    @@ -590,9 +532,7 @@ Parameters - - - +
    Physical location of your cluster placement group created in Amazon EC2.
    @@ -607,9 +547,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -624,9 +562,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -646,9 +582,7 @@ Parameters
  • yes
    • - - - +
    In a rolling fashion, replace all instances that used the old launch configuration with one from the new launch configuration. It increases the ASG size by replace_batch_size, waits for the new instances to be up and running. After that, it terminates a batch of old instances, waits for the replacements, and repeats, until all old instances are replaced. Once that's done the ASG size is reduced back to the expected size.
    @@ -664,9 +598,7 @@ Parameters Default:
    1
    - - - +
    Number of instances you'd like to replace at a time. Used with replace_all_instances.
    @@ -681,9 +613,7 @@ Parameters - - - +
    List of instance_ids belonging to the named AutoScalingGroup that you would like to terminate and be replaced with instances matching the current launch configuration.
    @@ -698,9 +628,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -720,9 +648,7 @@ Parameters
  • absent
    • - - - +
    Register or deregister the instance.
    @@ -738,9 +664,7 @@ Parameters Default:
    []
    - - - +
    A list of scaling processes to suspend.
    Valid values include:
    Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer
    @@ -759,9 +683,7 @@ Parameters - - - +
    A list of tags to add to the Auto Scale Group.
    Optional key is propagate_at_launch, which defaults to true.
    When propagate_at_launch is true the tags will be propagated to the Instances created.
    @@ -778,9 +700,7 @@ Parameters - - - +
    List of target group ARNs to use for the group. Use for application load balancers.
    @@ -796,9 +716,7 @@ Parameters Default:
    "Default"
    - - - +
    An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.
    Using termination_policies=Default when modifying an existing AutoScalingGroup will result in the existing policy being retained instead of changed to Default.
    Valid values include: Default, OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour
    @@ -821,9 +739,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -838,9 +754,7 @@ Parameters - - - +
    List of VPC subnets to use
    @@ -859,9 +773,7 @@ Parameters
  • yes ←
    • - - - +
    Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of "InService" and a health_status of "Healthy".
    @@ -877,9 +789,7 @@ Parameters Default:
    300
    - - - +
    How long to wait for instances to become viable when replaced. If you experience the error "Waited too long for ELB instances to be healthy", try increasing this value.
    @@ -905,7 +815,7 @@ Examples # Basic configuration with Launch Configuration - - ec2_asg: + - community.aws.ec2_asg: name: special load_balancers: [ 'lb1', 'lb2' ] availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] @@ -931,7 +841,7 @@ Examples # will have the current launch configuration. - name: create launch config - ec2_lc: + community.aws.ec2_lc: name: my_new_lc image_id: ami-lkajsf key_name: mykey @@ -940,7 +850,7 @@ Examples instance_type: m1.small assign_public_ip: yes - - ec2_asg: + - community.aws.ec2_asg: name: myasg launch_config_name: my_new_lc health_check_period: 60 @@ -954,7 +864,7 @@ Examples # To only replace a couple of instances instead of all of them, supply a list # to "replace_instances": - - ec2_asg: + - community.aws.ec2_asg: name: myasg launch_config_name: my_new_lc health_check_period: 60 @@ -969,7 +879,7 @@ Examples # Basic Configuration with Launch Template - - ec2_asg: + - community.aws.ec2_asg: name: special load_balancers: [ 'lb1', 'lb2' ] availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] @@ -987,7 +897,7 @@ Examples # Basic Configuration with Launch Template using mixed instance policy - - ec2_asg: + - community.aws.ec2_asg: name: special load_balancers: [ 'lb1', 'lb2' ] availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] @@ -1013,7 +923,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_asg_info.rst b/docs/community.aws.ec2_asg_info.rst index f22f0a0e3a4..f7ecdf32f6d 100644 --- a/docs/community.aws.ec2_asg_info.rst +++ b/docs/community.aws.ec2_asg_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_asg_info_: +.. _community.aws.ec2_asg_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The prefix or name of the auto scaling group(s) you are searching for.
    Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -200,9 +184,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -218,9 +200,7 @@ Parameters - - - +
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.
    @@ -239,9 +219,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -267,37 +245,37 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Find all groups - - ec2_asg_info: + - name: Find all groups + community.aws.ec2_asg_info: register: asgs - # Find a group with matching name/prefix - - ec2_asg_info: + - name: Find a group with matching name/prefix + community.aws.ec2_asg_info: name: public-webserver-asg register: asgs - # Find a group with matching tags - - ec2_asg_info: + - name: Find a group with matching tags + community.aws.ec2_asg_info: tags: project: webapp env: production register: asgs - # Find a group with matching name/prefix and tags - - ec2_asg_info: + - name: Find a group with matching name/prefix and tags + community.aws.ec2_asg_info: name: myproject tags: env: production register: asgs - # Fail if no groups are found - - ec2_asg_info: + - name: Fail if no groups are found + community.aws.ec2_asg_info: name: public-webserver-asg register: asgs failed_when: "{{ asgs.results | length == 0 }}" - # Fail if more than 1 group is found - - ec2_asg_info: + - name: Fail if more than 1 group is found + community.aws.ec2_asg_info: name: public-webserver-asg register: asgs failed_when: "{{ asgs.results | length > 1 }}" @@ -307,7 +285,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_asg_lifecycle_hook.rst b/docs/community.aws.ec2_asg_lifecycle_hook.rst index c903dabb80e..4f06c50104e 100644 --- a/docs/community.aws.ec2_asg_lifecycle_hook.rst +++ b/docs/community.aws.ec2_asg_lifecycle_hook.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_asg_lifecycle_hook_: +.. _community.aws.ec2_asg_lifecycle_hook_module: ************************************ @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3>=1.4.4 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    The name of the Auto Scaling group to which you want to assign the lifecycle hook.
    @@ -72,9 +70,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -90,9 +86,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -109,9 +103,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -131,9 +123,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -152,9 +142,7 @@ Parameters
  • CONTINUE
    • - - - +
    Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs.
    @@ -169,9 +157,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -186,9 +172,7 @@ Parameters - - - +
    The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
    By default Amazon AWS will use 3600 (1 hour)
    @@ -204,9 +188,7 @@ Parameters - - - +
    The name of the lifecycle hook.
    @@ -221,9 +203,7 @@ Parameters - - - +
    Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
    @@ -238,9 +218,7 @@ Parameters - - - +
    The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook.
    This target can be either an SQS queue or an SNS topic.
    If you specify an empty string, this overrides the current ARN.
    @@ -257,9 +235,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -274,9 +250,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -292,9 +266,7 @@ Parameters - - - +
    The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
    @@ -309,9 +281,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -331,9 +301,7 @@ Parameters
  • absent
    • - - - +
    Create or delete Lifecycle Hook.
    When state=present updates existing hook or creates a new hook if not found.
    @@ -353,9 +321,7 @@ Parameters
  • autoscaling:EC2_INSTANCE_LAUNCHING
    • - - - +
    The instance state to which you want to attach the lifecycle hook.
    Required when state=present.
    @@ -375,9 +341,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -401,8 +365,8 @@ Examples .. code-block:: yaml+jinja - # Create / Update lifecycle hook - - ec2_asg_lifecycle_hook: + - name: Create / Update lifecycle hook + community.aws.ec2_asg_lifecycle_hook: region: eu-central-1 state: present autoscaling_group_name: example @@ -411,8 +375,8 @@ Examples heartbeat_timeout: 7000 default_result: ABANDON - # Delete lifecycle hook - - ec2_asg_lifecycle_hook: + - name: Delete lifecycle hook + community.aws.ec2_asg_lifecycle_hook: region: eu-central-1 state: absent autoscaling_group_name: example diff --git a/docs/community.aws.ec2_customer_gateway.rst b/docs/community.aws.ec2_customer_gateway.rst index d59d1e5f522..dcc8dff0510 100644 --- a/docs/community.aws.ec2_customer_gateway.rst +++ b/docs/community.aws.ec2_customer_gateway.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_customer_gateway_: +.. _community.aws.ec2_customer_gateway_module: ********************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
    @@ -130,9 +122,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Internet-routable IP address for customers gateway, must be a static address.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Name of the customer gateway.
    @@ -198,9 +182,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -215,9 +197,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters
  • dynamic ←
    • - - - +
    The type of routing.
    @@ -254,9 +232,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -276,9 +252,7 @@ Parameters
  • absent
    • - - - +
    Create or terminate the Customer Gateway.
    @@ -297,9 +271,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -325,17 +297,16 @@ Examples .. code-block:: yaml+jinja - - # Create Customer Gateway - - ec2_customer_gateway: + - name: Create Customer Gateway + community.aws.ec2_customer_gateway: bgp_asn: 12345 ip_address: 1.2.3.4 name: IndianapolisOffice region: us-east-1 register: cgw - # Delete Customer Gateway - - ec2_customer_gateway: + - name: Delete Customer Gateway + community.aws.ec2_customer_gateway: ip_address: 1.2.3.4 name: IndianapolisOffice state: absent @@ -347,7 +318,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_customer_gateway_info.rst b/docs/community.aws.ec2_customer_gateway_info.rst index b594e1edc07..1caf6ef7338 100644 --- a/docs/community.aws.ec2_customer_gateway_info.rst +++ b/docs/community.aws.ec2_customer_gateway_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_customer_gateway_info_: +.. _community.aws.ec2_customer_gateway_info_module: *************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
    @@ -130,9 +122,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html for possible filters.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -216,9 +198,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -238,9 +218,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -267,10 +245,10 @@ Examples # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all customer gateways - ec2_customer_gateway_info: + community.aws.ec2_customer_gateway_info: - name: Gather information about a filtered list of customer gateways, based on tags - ec2_customer_gateway_info: + community.aws.ec2_customer_gateway_info: region: ap-southeast-2 filters: "tag:Name": test-customer-gateway @@ -278,7 +256,7 @@ Examples register: cust_gw_info - name: Gather information about a specific customer gateway by specifying customer gateway ID - ec2_customer_gateway_info: + community.aws.ec2_customer_gateway_info: region: ap-southeast-2 customer_gateway_ids: - 'cgw-48841a09' @@ -290,7 +268,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_eip.rst b/docs/community.aws.ec2_eip.rst index 85ade86aca4..4107f13c1e2 100644 --- a/docs/community.aws.ec2_eip.rst +++ b/docs/community.aws.ec2_eip.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_eip_: +.. _community.aws.ec2_eip_module: ********************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -57,9 +57,7 @@ Parameters
  • yes
    • - - - +
    Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
    @@ -74,9 +72,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -92,9 +88,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -111,9 +105,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -133,9 +125,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -150,9 +140,7 @@ Parameters - - - +
    The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.

    aliases: instance_id
    @@ -168,9 +156,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -189,9 +175,7 @@ Parameters
  • yes
    • - - - +
    Allocate an EIP inside a VPC or not.
    Required if specifying an ENI with device_id.
    @@ -207,9 +191,7 @@ Parameters - - - +
    The primary or secondary private IP address to associate with the Elastic IP address.
    @@ -224,9 +206,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -241,9 +221,7 @@ Parameters - - - +
    The IP address of a previously allocated EIP.
    When public_ip=present and device is specified, the EIP is associated with the device.
    When public_ip=absent and device is specified, the EIP is disassociated from the device.
    @@ -261,9 +239,7 @@ Parameters - - - +
    Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when reuse_existing_ip_allowed=true.
    @@ -278,9 +254,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -300,9 +274,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to automatically release the EIP when it is disassociated.
    @@ -321,9 +293,7 @@ Parameters
  • yes
    • - - - +
    Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
    @@ -338,9 +308,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -360,9 +328,7 @@ Parameters
  • absent
    • - - - +
    When state=present, allocate an EIP or associate an existing EIP with a device.
    When state=absent, disassociate the EIP from the device and optionally release it.
    @@ -378,9 +344,7 @@ Parameters - - - +
    When reuse_existing_ip_allowed=true, supplement with this option to only reuse an Elastic IP if it is tagged with tag_name.
    @@ -395,9 +359,7 @@ Parameters - - - +
    Supplements tag_name but also checks that the value of the tag provided in tag_name matches tag_value.
    @@ -416,9 +378,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -433,10 +393,8 @@ Parameters - - - -
    The wait_timeout option does nothing and will be removed in Ansible 2.14.
    + +
    The wait_timeout option does nothing and will be removed after 2022-06-01
    @@ -464,39 +422,39 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: associate an elastic IP with an instance - ec2_eip: + community.aws.ec2_eip: device_id: i-1212f003 ip: 93.184.216.119 - name: associate an elastic IP with a device - ec2_eip: + community.aws.ec2_eip: device_id: eni-c8ad70f3 ip: 93.184.216.119 - name: associate an elastic IP with a device and allow reassociation - ec2_eip: + community.aws.ec2_eip: device_id: eni-c8ad70f3 public_ip: 93.184.216.119 allow_reassociation: true - name: disassociate an elastic IP from an instance - ec2_eip: + community.aws.ec2_eip: device_id: i-1212f003 ip: 93.184.216.119 state: absent - name: disassociate an elastic IP with a device - ec2_eip: + community.aws.ec2_eip: device_id: eni-c8ad70f3 ip: 93.184.216.119 state: absent - name: allocate a new elastic IP and associate it with an instance - ec2_eip: + community.aws.ec2_eip: device_id: i-1212f003 - name: allocate a new elastic IP without associating it to anything - ec2_eip: + community.aws.ec2_eip: state: present register: eip @@ -505,7 +463,7 @@ Examples msg: "Allocated IP is {{ eip.public_ip }}" - name: provision new instances with ec2 - ec2: + amazon.aws.ec2: keypair: mykey instance_type: c1.medium image: ami-40603AD1 @@ -515,12 +473,12 @@ Examples register: ec2 - name: associate new elastic IPs with each of the instances - ec2_eip: + community.aws.ec2_eip: device_id: "{{ item }}" loop: "{{ ec2.instance_ids }}" - name: allocate a new elastic IP inside a VPC in us-west-2 - ec2_eip: + community.aws.ec2_eip: region: us-west-2 in_vpc: true register: eip @@ -530,14 +488,14 @@ Examples msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" - name: allocate eip - reuse unallocated ips (if found) with FREE tag - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true tag_name: FREE - - name: allocate eip - reuse unallocted ips if tag reserved is nope - ec2_eip: + - name: allocate eip - reuse unallocated ips if tag reserved is nope + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true @@ -545,13 +503,13 @@ Examples tag_value: nope - name: allocate new eip - from servers given ipv4 pool - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: allocate eip - from a given pool (if no free addresses where dev-servers tag is dynamic) - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true @@ -559,7 +517,7 @@ Examples public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - name: allocate eip from pool - check if tag reserved_for exists and value is our hostname - ec2_eip: + community.aws.ec2_eip: region: us-east-1 in_vpc: true reuse_existing_ip_allowed: true @@ -572,7 +530,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_eip_info.rst b/docs/community.aws.ec2_eip_info.rst index 898cb122e86..d01533a7504 100644 --- a/docs/community.aws.ec2_eip_info.rst +++ b/docs/community.aws.ec2_eip_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_eip_info_: +.. _community.aws.ec2_eip_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters Default:
    {}
    - - - +
    A dict of filters to apply. Each dict item consists of a filter key and filter value. See https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-addresses.html#options for possible filters. Filter names and values are case sensitive.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -221,9 +203,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -250,34 +230,35 @@ Examples # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. - # List all EIP addresses in the current region. - - ec2_eip_info: + - name: List all EIP addresses in the current region. + community.aws.ec2_eip_info: register: regional_eip_addresses - # List all EIP addresses for a VM. - - ec2_eip_info: + - name: List all EIP addresses for a VM. + community.aws.ec2_eip_info: filters: instance-id: i-123456789 register: my_vm_eips - - debug: msg="{{ my_vm_eips.addresses | json_query("[?private_ip_address=='10.0.0.5']") }}" + - debug: + msg: "{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" - # List all EIP addresses for several VMs. - - ec2_eip_info: + - name: List all EIP addresses for several VMs. + community.aws.ec2_eip_info: filters: instance-id: - i-123456789 - i-987654321 register: my_vms_eips - # List all EIP addresses using the 'Name' tag as a filter. - - ec2_eip_info: + - name: List all EIP addresses using the 'Name' tag as a filter. + community.aws.ec2_eip_info: filters: tag:Name: www.example.com register: my_vms_eips - # List all EIP addresses using the Allocation-id as a filter - - ec2_eip_info: + - name: List all EIP addresses using the Allocation-id as a filter + community.aws.ec2_eip_info: filters: allocation-id: eipalloc-64de1b01 register: my_vms_eips @@ -294,7 +275,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_elb.rst b/docs/community.aws.ec2_elb.rst index e84487f9581..a9ee12dd160 100644 --- a/docs/community.aws.ec2_elb.rst +++ b/docs/community.aws.ec2_elb.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_elb_: +.. _community.aws.ec2_elb_module: ********************* @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -168,9 +156,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    @@ -185,9 +171,7 @@ Parameters - - - +
    EC2 Instance ID
    @@ -202,9 +186,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -259,9 +237,7 @@ Parameters
  • absent
    • - - - +
    register or deregister the instance
    @@ -280,9 +256,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -301,9 +275,7 @@ Parameters
  • yes ←
    • - - - +
    Wait for instance registration or deregistration to complete successfully before returning.
    @@ -319,9 +291,7 @@ Parameters Default:
    0
    - - - +
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    @@ -347,19 +317,15 @@ Examples # basic pre_task and post_task example pre_tasks: - - name: Gathering ec2 facts - action: ec2_facts - name: Instance De-register - local_action: - module: ec2_elb + community.aws.ec2_elb: instance_id: "{{ ansible_ec2_instance_id }}" state: absent roles: - myrole post_tasks: - name: Instance Register - local_action: - module: ec2_elb + community.aws.ec2_elb: instance_id: "{{ ansible_ec2_instance_id }}" ec2_elbs: "{{ item }}" state: present diff --git a/docs/community.aws.ec2_elb_info.rst b/docs/community.aws.ec2_elb_info.rst index 7b5d7a5031a..48e49d55a56 100644 --- a/docs/community.aws.ec2_elb_info.rst +++ b/docs/community.aws.ec2_elb_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_elb_info_: +.. _community.aws.ec2_elb_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -198,9 +182,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -220,9 +202,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -247,38 +227,31 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Output format tries to match ec2_elb_lb module input parameters + # Output format tries to match amazon.aws.ec2_elb_lb module input parameters - # Gather information about all ELBs - - action: - module: ec2_elb_info + - name: Gather information about all ELBs + ec2_elb_info: register: elb_info - - - action: - module: debug + - debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" - # Gather information about a particular ELB - - action: - module: ec2_elb_info + - name: Gather information about a particular ELB + community.aws.ec2_elb_info: names: frontend-prod-elb register: elb_info - - action: - module: debug + - debug: msg: "{{ elb_info.elbs.0.dns_name }}" - # Gather information about a set of ELBs - - action: - module: ec2_elb_info + - name: Gather information about a set of ELBs + ec2_elb_info: names: - frontend-prod-elb - backend-prod-elb register: elb_info - - action: - module: debug + - debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" diff --git a/docs/community.aws.ec2_instance.rst b/docs/community.aws.ec2_instance.rst index 60a3aed4565..53d08ea60ed 100644 --- a/docs/community.aws.ec2_instance.rst +++ b/docs/community.aws.ec2_instance.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_instance_: +.. _community.aws.ec2_instance_module: ************************** @@ -18,14 +19,14 @@ community.aws.ec2_instance Synopsis -------- - Create and manage AWS EC2 instances. -- Note: This module does not support creating `EC2 Spot instances `_. The :ref:`ec2 ` module can create and manage spot instances. +- Note: This module does not support creating `EC2 Spot instances `_. The :ref:`amazon.aws.ec2 ` module can create and manage spot instances. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    Specify an availability zone to use the default subnet it. Useful if not specifying the vpc_subnet_id parameter.
    If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
    @@ -74,9 +72,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -92,9 +88,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -111,9 +105,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -133,9 +125,7 @@ Parameters
  • standard
    • - - - +
    For T series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.
    Choose unlimited to enable buying additional CPU credits.
    @@ -151,9 +141,7 @@ Parameters - - - +
    Reduce the number of vCPU exposed to the instance.
    Those parameters can only be set at instance launch. The two suboptions threads_per_core and core_count are mandatory.
    @@ -172,9 +160,7 @@ Parameters - - - +
    Set the number of core to enable.
    @@ -194,9 +180,7 @@ Parameters
  • 2
    • - - - +
    Select the number of threads per core to enable. Disable or Enable Intel HT.
    @@ -216,9 +200,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -237,9 +219,7 @@ Parameters
  • yes
    • - - - +
    Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
    @@ -258,9 +238,7 @@ Parameters
  • yes
    • - - - +
    Whether instance is should use optimized EBS volumes, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html.
    @@ -275,9 +253,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -292,9 +268,7 @@ Parameters - - - +
    A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html. for possible filters. Filter names and values are case sensitive.
    By default, instances are filtered for counting by their "Name" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
    @@ -310,10 +284,8 @@ Parameters - - - -
    An image to use for the instance. The ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
    + +
    An image to use for the instance. The amazon.aws.ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
    @@ -328,9 +300,7 @@ Parameters - - - +
    The AMI ID.
    @@ -346,9 +316,7 @@ Parameters - - - +
    a string AKI to override the AMI kernel.
    @@ -364,9 +332,7 @@ Parameters - - - +
    Overrides the AMI's default ramdisk ID.
    @@ -382,9 +348,7 @@ Parameters - - - +
    ami ID to use for the instance. One of image or image_id are required when instance is not already present.
    This is an alias for image.id.
    @@ -400,9 +364,7 @@ Parameters - - - +
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    @@ -421,9 +383,7 @@ Parameters
  • terminate
    • - - - +
    Whether to stop or terminate an instance upon shutdown.
    @@ -438,9 +398,7 @@ Parameters - - - +
    The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html If no full ARN is provided, the role with a matching name will be used from the active AWS account.
    @@ -456,9 +414,7 @@ Parameters Default:
    "t2.micro"
    - - - +
    Instance type to use for the instance, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html Only required when instance is not already present.
    @@ -473,9 +429,7 @@ Parameters - - - +
    Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
    @@ -490,9 +444,7 @@ Parameters - - - +
    The EC2 launch template to base instance configuration on.
    @@ -508,9 +460,7 @@ Parameters - - - +
    the ID of the launch template (optional if name is specified).
    @@ -526,9 +476,7 @@ Parameters - - - +
    the pretty name of the launch template (optional if id is specified).
    @@ -544,9 +492,7 @@ Parameters - - - +
    the specific version of the launch template to use. If unspecified, the template default is chosen.
    @@ -562,9 +508,7 @@ Parameters - - - +
    The Name tag for the instance.
    @@ -579,11 +523,9 @@ Parameters - - - +
    Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.
    -
    Use the ec2_eni module to create ENIs with special settings.
    +
    Use the amazon.aws.ec2_eni module to create ENIs with special settings.
    @@ -602,9 +544,7 @@ Parameters
  • yes
    • - - - +
    when true assigns a public IP address to the interface
    @@ -624,9 +564,7 @@ Parameters
  • yes
    • - - - +
    Delete the interface when the instance it is attached to is terminated.
    @@ -642,9 +580,7 @@ Parameters - - - +
    a description for the network interface
    @@ -660,9 +596,7 @@ Parameters - - - +
    The index of the interface to modify
    @@ -678,9 +612,7 @@ Parameters - - - +
    a list of security group IDs to attach to the interface
    @@ -696,9 +628,7 @@ Parameters - - - +
    a list of ENI IDs (strings) or a list of objects containing the key id.
    @@ -714,9 +644,7 @@ Parameters - - - +
    a list of IPv6 addresses to assign to the network interface
    @@ -732,9 +660,7 @@ Parameters - - - +
    an IPv4 address to assign to the interface
    @@ -750,9 +676,7 @@ Parameters - - - +
    a list of IPv4 addresses to assign to the network interface
    @@ -772,9 +696,7 @@ Parameters
  • yes
    • - - - +
    controls whether source/destination checking is enabled on the interface
    @@ -790,9 +712,7 @@ Parameters - - - +
    the subnet to connect the network interface to
    @@ -808,9 +728,7 @@ Parameters - - - +
    The placement group that needs to be assigned to the instance
    @@ -825,9 +743,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -846,9 +762,7 @@ Parameters
  • yes
    • - - - +
    Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
    @@ -863,9 +777,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -881,9 +793,7 @@ Parameters - - - +
    A security group ID or name. Mutually exclusive with security_groups.
    @@ -898,9 +808,7 @@ Parameters - - - +
    A list of security group IDs or names (strings). Mutually exclusive with security_group.
    @@ -915,9 +823,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -943,9 +849,7 @@ Parameters
  • absent
    • - - - +
    Goal state for the instances.
    @@ -960,9 +864,7 @@ Parameters - - - +
    A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
    @@ -981,9 +883,7 @@ Parameters
  • default
    • - - - +
    What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
    @@ -1002,9 +902,7 @@ Parameters
  • yes
    • - - - +
    Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
    @@ -1019,9 +917,7 @@ Parameters - - - +
    Preconfigured user-data to enable an instance to perform a Tower callback (Linux only).
    Mutually exclusive with user_data.
    For Windows instances, to enable remote access via Ansible set tower_callback.windows to true, and optionally set an admin password.
    @@ -1040,9 +936,7 @@ Parameters - - - +
    Host configuration secret key generated by the Tower job template.
    @@ -1058,9 +952,7 @@ Parameters - - - +
    Either the integer ID of the Tower Job Template, or the name (name supported only for Tower 3.2+).
    @@ -1076,9 +968,7 @@ Parameters - - - +
    IP address or DNS name of Tower server. Must be accessible via this address from the VPC that this instance will be launched in.
    @@ -1094,9 +984,7 @@ Parameters - - - +
    Opaque blob of data which is made available to the ec2 instance
    @@ -1115,9 +1003,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -1132,9 +1018,7 @@ Parameters - - - +
    A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.
    A mapping contains the (optional) keys device_name, virtual_name, ebs.volume_type, ebs.volume_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.
    @@ -1151,10 +1035,8 @@ Parameters - - - -
    The subnet ID in which to launch the instance (VPC) If none is provided, ec2_instance will chose the default zone of the default VPC.
    + +
    The subnet ID in which to launch the instance (VPC) If none is provided, community.aws.ec2_instance will chose the default zone of the default VPC.

    aliases: subnet_id
    @@ -1173,9 +1055,7 @@ Parameters
  • yes ←
    • - - - +
    Whether or not to wait for the desired state (use wait_timeout to customize this).
    @@ -1191,9 +1071,7 @@ Parameters Default:
    600
    - - - +
    How long to wait (in seconds) for the instance to finish booting/terminating.
    @@ -1219,20 +1097,20 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Terminate every running instance in a region. Use with EXTREME caution. - - ec2_instance: + - name: Terminate every running instance in a region. Use with EXTREME caution. + community.aws.ec2_instance: state: absent filters: instance-state-name: running - # restart a particular instance by its ID - - ec2_instance: + - name: restart a particular instance by its ID + community.aws.ec2_instance: state: restarted instance_ids: - i-12345678 - # start an instance with a public IP address - - ec2_instance: + - name: start an instance with a public IP address + community.aws.ec2_instance: name: "public-compute-instance" key_name: "prod-ssh-key" vpc_subnet_id: subnet-5ca1ab1e @@ -1244,8 +1122,8 @@ Examples tags: Environment: Testing - # start an instance and Add EBS - - ec2_instance: + - name: start an instance and Add EBS + community.aws.ec2_instance: name: "public-withebs-instance" vpc_subnet_id: subnet-5ca1ab1e instance_type: t2.micro @@ -1257,8 +1135,8 @@ Examples volume_size: 16 delete_on_termination: true - # start an instance with a cpu_options - - ec2_instance: + - name: start an instance with a cpu_options + community.aws.ec2_instance: name: "public-cpuoption-instance" vpc_subnet_id: subnet-5ca1ab1e tags: @@ -1272,8 +1150,8 @@ Examples core_count: 1 threads_per_core: 1 - # start an instance and have it begin a Tower callback on boot - - ec2_instance: + - name: start an instance and have it begin a Tower callback on boot + community.aws.ec2_instance: name: "tower-callback-test" key_name: "prod-ssh-key" vpc_subnet_id: subnet-5ca1ab1e @@ -1290,8 +1168,8 @@ Examples tags: SomeThing: "A value" - # start an instance with ENI (An existing ENI ID is required) - - ec2_instance: + - name: start an instance with ENI (An existing ENI ID is required) + community.aws.ec2_instance: name: "public-eni-instance" key_name: "prod-ssh-key" vpc_subnet_id: subnet-5ca1ab1e @@ -1307,8 +1185,8 @@ Examples instance_type: t2.micro image_id: ami-123456 - # add second ENI interface - - ec2_instance: + - name: add second ENI interface + community.aws.ec2_instance: name: "public-eni-instance" network: interfaces: @@ -1324,7 +1202,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_instance_info.rst b/docs/community.aws.ec2_instance_info.rst index f4d1e69c859..40fc70c319d 100644 --- a/docs/community.aws.ec2_instance_info.rst +++ b/docs/community.aws.ec2_instance_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_instance_info_: +.. _community.aws.ec2_instance_info_module: ******************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -149,9 +139,7 @@ Parameters Default:
    {}
    - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for possible filters. Filter names and values are case sensitive.
    @@ -166,9 +154,7 @@ Parameters - - - +
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -218,9 +200,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -240,9 +220,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -268,26 +246,26 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather information about all instances - - ec2_instance_info: + - name: Gather information about all instances + community.aws.ec2_instance_info: - # Gather information about all instances in AZ ap-southeast-2a - - ec2_instance_info: + - name: Gather information about all instances in AZ ap-southeast-2a + community.aws.ec2_instance_info: filters: availability-zone: ap-southeast-2a - # Gather information about a particular instance using ID - - ec2_instance_info: + - name: Gather information about a particular instance using ID + community.aws.ec2_instance_info: instance_ids: - i-12345678 - # Gather information about any instance with a tag key Name and value Example - - ec2_instance_info: + - name: Gather information about any instance with a tag key Name and value Example + community.aws.ec2_instance_info: filters: "tag:Name": Example - # Gather information about any instance in states "shutting-down", "stopping", "stopped" - - ec2_instance_info: + - name: Gather information about any instance in states "shutting-down", "stopping", "stopped" + community.aws.ec2_instance_info: filters: instance-state-name: [ "shutting-down", "stopping", "stopped" ] @@ -297,7 +275,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_launch_template.rst b/docs/community.aws.ec2_launch_template.rst index 68446d3d812..d821039be7b 100644 --- a/docs/community.aws.ec2_launch_template.rst +++ b/docs/community.aws.ec2_launch_template.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_launch_template_: +.. _community.aws.ec2_launch_template_module: ********************************* @@ -18,13 +19,13 @@ community.aws.ec2_launch_template Synopsis -------- - Create, modify, and delete EC2 Launch Templates, which can be used to create individual instances or with Autoscaling Groups. -- The *ec2_instance* and *ec2_asg* modules can, instead of specifying all parameters on those tasks, be passed a Launch Template which contains settings like instance size, disk type, subnet, and more. +- The :ref:`community.aws.ec2_instance ` and :ref:`community.aws.ec2_asg ` modules can, instead of specifying all parameters on those tasks, be passed a Launch Template which contains settings like instance size, disk type, subnet, and more. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.6.0 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    The block device mapping. Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.
    @@ -128,9 +120,7 @@ Parameters - - - +
    The device name (for example, /dev/sdh or xvdh).
    @@ -146,9 +136,7 @@ Parameters - - - +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    @@ -169,9 +157,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether the EBS volume is deleted on instance termination.
    @@ -192,9 +178,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
    @@ -211,9 +195,7 @@ Parameters - - - +
    The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide.
    Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.
    @@ -231,9 +213,7 @@ Parameters - - - +
    The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
    @@ -250,9 +230,7 @@ Parameters - - - +
    The ID of the snapshot to create the volume from.
    @@ -269,9 +247,7 @@ Parameters - - - +
    The size of the volume, in GiB.
    Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.
    @@ -289,9 +265,7 @@ Parameters - - - +
    The volume type
    @@ -308,9 +282,7 @@ Parameters - - - +
    Suppresses the specified device included in the block device mapping of the AMI.
    @@ -326,9 +298,7 @@ Parameters - - - +
    The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
    @@ -344,9 +314,7 @@ Parameters - - - +
    Choose CPU settings for the EC2 instances that will be created with this template.
    @@ -363,9 +331,7 @@ Parameters - - - +
    The number of CPU cores for the instance.
    @@ -381,9 +347,7 @@ Parameters - - - +
    The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.
    @@ -399,9 +363,7 @@ Parameters - - - +
    The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.
    @@ -417,9 +379,7 @@ Parameters - - - +
    The credit option for CPU usage of a T2 or T3 instance. Valid values are standard and unlimited.
    @@ -439,9 +399,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -457,9 +415,7 @@ Parameters Default:
    "latest"
    - - - +
    Which version should be the default when users spin up new instances based on this template? By default, the latest version will be made the default.
    @@ -478,9 +434,7 @@ Parameters
  • yes
    • - - - +
    This helps protect instances from accidental termination. If set to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute.
    @@ -499,9 +453,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
    @@ -516,9 +468,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -533,9 +483,7 @@ Parameters - - - +
    Settings for Elastic GPU attachments. See https://aws.amazon.com/ec2/elastic-gpus/ for details.
    @@ -551,9 +499,7 @@ Parameters - - - +
    The type of Elastic GPU to attach
    @@ -569,9 +515,7 @@ Parameters - - - +
    The name or ARN of an IAM instance profile. Requires permissions to describe existing instance roles to confirm ARN is properly formed.
    @@ -586,9 +530,7 @@ Parameters - - - +
    The AMI ID to use for new instances launched with this template. This value is region-dependent since AMIs are not global resources.
    @@ -607,9 +549,7 @@ Parameters
  • terminate
    • - - - +
    Indicates whether an instance stops or terminates when you initiate shutdown from the instance using the operating system shutdown command.
    @@ -624,9 +564,7 @@ Parameters - - - +
    Options for alternative instance markets, currently only the spot market is supported.
    @@ -642,9 +580,7 @@ Parameters - - - +
    The market type. This should always be 'spot'.
    @@ -660,9 +596,7 @@ Parameters - - - +
    Spot-market specific settings.
    @@ -679,9 +613,7 @@ Parameters - - - +
    The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
    @@ -703,9 +635,7 @@ Parameters
  • terminate
    • - - - +
    The behavior when a Spot Instance is interrupted. The default is terminate.
    @@ -722,9 +652,7 @@ Parameters - - - +
    The highest hourly price you're willing to pay for this Spot Instance.
    @@ -745,9 +673,7 @@ Parameters
  • persistent
    • - - - +
    The request type to send.
    @@ -764,9 +690,7 @@ Parameters - - - +
    The instance type, such as c5.2xlarge. For a full list of instance types, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html.
    @@ -781,9 +705,7 @@ Parameters - - - +
    The ID of the kernel. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    @@ -798,10 +720,8 @@ Parameters - - - -
    The name of the key pair. You can create a key pair using ec2_key.
    + +
    The name of the key pair. You can create a key pair using amazon.aws.ec2_key.
    If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
    @@ -816,9 +736,7 @@ Parameters - - - +
    Settings for instance monitoring.
    @@ -838,9 +756,7 @@ Parameters
  • yes
    • - - - +
    Whether to turn on detailed monitoring for new instances. This will incur extra charges.
    @@ -856,9 +772,7 @@ Parameters - - - +
    One or more network interfaces.
    @@ -878,9 +792,7 @@ Parameters
  • yes
    • - - - +
    Associates a public IPv4 address with eth0 for a new network interface.
    @@ -900,9 +812,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether the network interface is deleted when the instance is terminated.
    @@ -918,9 +828,7 @@ Parameters - - - +
    A description for the network interface.
    @@ -936,9 +844,7 @@ Parameters - - - +
    The device index for the network interface attachment.
    @@ -954,9 +860,7 @@ Parameters - - - +
    List of security group IDs to include on this instance.
    @@ -972,9 +876,7 @@ Parameters - - - +
    The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying the ipv6_addresses option.
    @@ -990,9 +892,7 @@ Parameters - - - +
    A list of one or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying the ipv6_address_count option.
    @@ -1008,9 +908,7 @@ Parameters - - - +
    The eni ID of a network interface to attach.
    @@ -1026,9 +924,7 @@ Parameters - - - +
    The primary private IPv4 address of the network interface.
    @@ -1044,9 +940,7 @@ Parameters - - - +
    The ID of the subnet for the network interface.
    @@ -1062,9 +956,7 @@ Parameters - - - +
    The placement group settings for the instance.
    @@ -1080,9 +972,7 @@ Parameters - - - +
    The affinity setting for an instance on a Dedicated Host.
    @@ -1098,9 +988,7 @@ Parameters - - - +
    The Availability Zone for the instance.
    @@ -1116,9 +1004,7 @@ Parameters - - - +
    The name of the placement group for the instance.
    @@ -1134,9 +1020,7 @@ Parameters - - - +
    The ID of the Dedicated Host for the instance.
    @@ -1152,9 +1036,7 @@ Parameters - - - +
    The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
    @@ -1170,9 +1052,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -1187,9 +1067,7 @@ Parameters - - - +
    The ID of the RAM disk to launch the instance with. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    @@ -1204,9 +1082,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -1222,9 +1098,7 @@ Parameters - - - +
    A list of security group IDs (VPC or EC2-Classic) that the new instances will be added to.
    @@ -1239,9 +1113,7 @@ Parameters - - - +
    A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
    @@ -1256,9 +1128,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -1278,9 +1148,7 @@ Parameters
  • absent
    • - - - +
    Whether the launch template should exist or not.
    Deleting specific versions of a launch template is not supported at this time.
    @@ -1296,9 +1164,7 @@ Parameters - - - +
    A set of key-value pairs to be applied to resources when this Launch Template is used.
    Tag key constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:
    Tag value constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
    @@ -1315,9 +1181,7 @@ Parameters - - - +
    The ID for the launch template, can be used for all cases except creating a new Launch Template.

    aliases: id
    @@ -1333,9 +1197,7 @@ Parameters - - - +
    The template name. This must be unique in the region-account combination you are using.

    aliases: name
    @@ -1351,9 +1213,7 @@ Parameters - - - +
    The Base64-encoded user data to make available to the instance. For more information, see the Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html and Windows http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data documentation on user-data.
    @@ -1372,9 +1232,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -1399,7 +1257,7 @@ Examples - name: Create an ec2 launch template - ec2_launch_template: + community.aws.ec2_launch_template: name: "my_template" image_id: "ami-04b762b4289fba92b" key_name: my_ssh_key @@ -1410,13 +1268,13 @@ Examples - name: > Create a new version of an existing ec2 launch template with a different instance type, while leaving an older version as the default version - ec2_launch_template: + community.aws.ec2_launch_template: name: "my_template" default_version: 1 instance_type: c5.4xlarge - name: Delete an ec2 launch template - ec2_launch_template: + community.aws.ec2_launch_template: name: "my_template" state: absent @@ -1427,7 +1285,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_lc.rst b/docs/community.aws.ec2_lc.rst index b926daede4d..7ff86b20144 100644 --- a/docs/community.aws.ec2_lc.rst +++ b/docs/community.aws.ec2_lc.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_lc_: +.. _community.aws.ec2_lc_module: ******************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.4.4 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -58,9 +58,7 @@ Parameters
  • yes
    • - - - +
    Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
    @@ -79,10 +77,8 @@ Parameters
  • yes
    • - - - -
    The associate_public_ip_address option does nothing and will be removed in Ansible 2.14.
    + +
    The associate_public_ip_address option does nothing and will be removed after 2022-06-01
    @@ -96,9 +92,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -114,9 +108,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -133,9 +125,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -151,9 +141,7 @@ Parameters - - - +
    Id of ClassicLink enabled VPC
    @@ -168,9 +156,7 @@ Parameters - - - +
    A list of security group IDs with which to associate the ClassicLink VPC instances.
    @@ -189,9 +175,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -210,9 +194,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether the instance is optimized for EBS I/O (true) or not (false).
    @@ -227,9 +209,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -244,9 +224,7 @@ Parameters - - - +
    The AMI unique identifier to be used for the group.
    @@ -261,9 +239,7 @@ Parameters - - - +
    The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
    @@ -282,9 +258,7 @@ Parameters
  • yes
    • - - - +
    Specifies whether instances are launched with detailed monitoring.
    @@ -299,9 +273,7 @@ Parameters - - - +
    The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
    @@ -316,9 +288,7 @@ Parameters - - - +
    Instance type to use for the instance.
    Required when creating a new Launch Configuration.
    @@ -334,9 +304,7 @@ Parameters - - - +
    Kernel id for the EC2 instance.
    @@ -351,9 +319,7 @@ Parameters - - - +
    The SSH key name to be used for access to managed instances.
    @@ -368,9 +334,7 @@ Parameters - - - +
    Unique name for configuration.
    @@ -389,9 +353,7 @@ Parameters
  • dedicated
    • - - - +
    Determines whether the instance runs on single-tenant hardware or not.
    When not set AWS will default to default.
    @@ -407,9 +369,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -424,9 +384,7 @@ Parameters - - - +
    A RAM disk id for the instances.
    @@ -441,9 +399,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -459,9 +415,7 @@ Parameters - - - +
    A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
    @@ -476,9 +430,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -494,9 +446,7 @@ Parameters - - - +
    The spot price you are bidding. Only applies for an autoscaling group with spot instances.
    @@ -515,9 +465,7 @@ Parameters
  • absent
    • - - - +
    Register or deregister the instance.
    @@ -532,9 +480,7 @@ Parameters - - - +
    Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with user_data_path.
    @@ -549,9 +495,7 @@ Parameters - - - +
    Path to the file that contains userdata for the ec2 instances. Mutually exclusive with user_data.
    @@ -570,9 +514,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -587,9 +529,7 @@ Parameters - - - +
    A list dictionaries defining the volumes to create.
    For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
    @@ -610,9 +550,7 @@ Parameters
  • yes
    • - - - +
    Whether the volume should be automatically deleted when the instance is terminated.
    @@ -628,9 +566,7 @@ Parameters - - - +
    The name for the volume (For example /dev/sda).
    @@ -650,9 +586,7 @@ Parameters
  • yes
    • - - - +
    Whether the volume should be encrypted using the 'aws/ebs' KMS CMK.
    @@ -668,9 +602,7 @@ Parameters - - - +
    Whether the volume should be ephemeral.
    Data on ephemeral volumes is lost when the instance is stopped.
    Mutually exclusive with the snapshot parameter.
    @@ -688,9 +620,7 @@ Parameters - - - +
    The number of IOPS per second to provision for the volume.
    Required when volume_type=io1.
    @@ -711,9 +641,7 @@ Parameters
  • yes
    • - - - +
    When no_device=true the device will not be created.
    @@ -729,9 +657,7 @@ Parameters - - - +
    The ID of an EBS snapshot to copy when creating the volume.
    Mutually exclusive with the ephemeral parameter.
    @@ -748,9 +674,7 @@ Parameters - - - +
    The size of the volume (in GiB).
    Required unless one of ephemeral, snapshot or no_device is set.
    @@ -767,9 +691,7 @@ Parameters - - - +
    The type of volume to create.
    See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html for more information on the available volume types.
    @@ -786,9 +708,7 @@ Parameters - - - +
    VPC ID, used when resolving security group names to IDs.
    @@ -818,7 +738,7 @@ Examples # create a launch configuration using an AMI image and instance type as a basis - name: note that encrypted volumes are only supported in >= Ansible 2.4 - ec2_lc: + community.aws.ec2_lc: name: special image_id: ami-XXX key_name: default @@ -834,9 +754,8 @@ Examples - device_name: /dev/sdb ephemeral: ephemeral0 - # create a launch configuration using a running instance id as a basis - - - ec2_lc: + - name: create a launch configuration using a running instance id as a basis + community.aws.ec2_lc: name: special instance_id: i-00a48b207ec59e948 key_name: default @@ -848,9 +767,8 @@ Examples iops: 3000 delete_on_termination: true - # create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image - - - ec2_lc: + - name: create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image + community.aws.ec2_lc: name: special image_id: ami-XXX key_name: default @@ -874,7 +792,7 @@ Examples encrypted: no - name: Create launch configuration - ec2_lc: + community.aws.ec2_lc: name: lc1 image_id: ami-xxxx assign_public_ip: yes @@ -889,7 +807,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_lc_find.rst b/docs/community.aws.ec2_lc_find.rst index 4f082732c88..f7c7f4883cb 100644 --- a/docs/community.aws.ec2_lc_find.rst +++ b/docs/community.aws.ec2_lc_find.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_lc_find_: +.. _community.aws.ec2_lc_find_module: ************************* @@ -26,7 +27,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -74,9 +72,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -93,9 +89,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -115,9 +109,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -132,9 +124,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    How many results to show.
    Corresponds to Python slice notation like list[:limit].
    @@ -167,9 +155,7 @@ Parameters - - - +
    A Launch Configuration to match.
    It'll be compiled as regex.
    @@ -185,9 +171,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -202,9 +186,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -220,9 +202,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -242,9 +222,7 @@ Parameters
  • descending
    • - - - +
    Order in which to sort results.
    @@ -263,9 +241,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -291,8 +267,8 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Search for the Launch Configurations that start with "app" - - ec2_lc_find: + - name: Search for the Launch Configurations that start with "app" + community.aws.ec2_lc_find: name_regex: app.* sort_order: descending limit: 2 @@ -302,7 +278,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_lc_info.rst b/docs/community.aws.ec2_lc_info.rst index 77b89a20c57..289f84dc214 100644 --- a/docs/community.aws.ec2_lc_info.rst +++ b/docs/community.aws.ec2_lc_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_lc_info_: +.. _community.aws.ec2_lc_info_module: ************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters Default:
    []
    - - - +
    A name or a list of name to match.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -200,9 +184,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -227,9 +209,7 @@ Parameters
  • key_name
    • - - - +
    Optional attribute which with to sort the results.
    @@ -244,9 +224,7 @@ Parameters - - - +
    Which result to end with (when sorting).
    Corresponds to Python slice notation.
    @@ -266,9 +244,7 @@ Parameters
  • descending
    • - - - +
    Order in which to sort results.
    Only used when the 'sort' parameter is specified.
    @@ -284,9 +260,7 @@ Parameters - - - +
    Which result to start with (when sorting).
    Corresponds to Python slice notation.
    @@ -306,9 +280,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -334,15 +306,15 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather information about all launch configurations - - ec2_lc_info: + - name: Gather information about all launch configurations + community.aws.ec2_lc_info: - # Gather information about launch configuration with name "example" - - ec2_lc_info: + - name: Gather information about launch configuration with name "example" + community.aws.ec2_lc_info: name: example - # Gather information sorted by created_time from most recent to least recent - - ec2_lc_info: + - name: Gather information sorted by created_time from most recent to least recent + community.aws.ec2_lc_info: sort: created_time sort_order: descending @@ -351,7 +323,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_metric_alarm.rst b/docs/community.aws.ec2_metric_alarm.rst index 2de2f91fe53..cd2cefa799c 100644 --- a/docs/community.aws.ec2_metric_alarm.rst +++ b/docs/community.aws.ec2_metric_alarm.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_metric_alarm_: +.. _community.aws.ec2_metric_alarm_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    A list of the names action(s) taken when the alarm is in the alarm status, denoted as Amazon Resource Name(s).
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -135,11 +127,9 @@ Parameters
  • >
    • - - - +
    Determines how the threshold value is compared
    -
    Symbolic comparison operators have been deprecated, and will be removed in 2.14
    +
    Symbolic comparison operators have been deprecated, and will be removed after 2022-06-22.
    @@ -157,9 +147,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -174,9 +162,7 @@ Parameters - - - +
    A longer description of the alarm.
    @@ -191,9 +177,7 @@ Parameters - - - +
    A dictionary describing which metric the alarm is applied to.
    For more information see the AWS documentation:
    @@ -210,9 +194,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -227,9 +209,7 @@ Parameters - - - +
    The number of times in which the metric is evaluated before final calculation.
    @@ -244,9 +224,7 @@ Parameters - - - +
    A list of the names of action(s) to take when the alarm is in the insufficient_data status.
    @@ -261,9 +239,7 @@ Parameters - - - +
    Name of the monitored metric (e.g. CPUUtilization).
    Metric must already exist.
    @@ -279,9 +255,7 @@ Parameters - - - +
    Unique name for the alarm.
    @@ -296,9 +270,7 @@ Parameters - - - +
    Name of the appropriate namespace (AWS/EC2, System/Linux, etc.), which determines the category it will appear under in cloudwatch.
    @@ -313,9 +285,7 @@ Parameters - - - +
    A list of the names of action(s) to take when the alarm is in the ok status, denoted as Amazon Resource Name(s).
    @@ -330,9 +300,7 @@ Parameters - - - +
    The time (in seconds) between metric evaluations.
    @@ -347,9 +315,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -364,9 +330,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -382,9 +346,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -404,9 +366,7 @@ Parameters
  • absent
    • - - - +
    Register or deregister the alarm.
    @@ -428,9 +388,7 @@ Parameters
  • Maximum
    • - - - +
    Operation applied to the metric.
    Works in conjunction with period and evaluation_periods to determine the comparison value.
    @@ -446,9 +404,7 @@ Parameters - - - +
    Sets the min/max bound for triggering the alarm.
    @@ -469,9 +425,7 @@ Parameters
  • missing ←
    • - - - +
    Sets how the alarm handles missing data points.
    @@ -515,9 +469,7 @@ Parameters
  • None
    • - - - +
    The threshold's unit of measurement.
    @@ -536,9 +488,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -563,7 +513,7 @@ Examples - name: create alarm - ec2_metric_alarm: + community.aws.ec2_metric_alarm: state: present region: ap-southeast-2 name: "cpu-low" @@ -580,7 +530,7 @@ Examples alarm_actions: ["action1","action2"] - name: Create an alarm to recover a failed instance - ec2_metric_alarm: + community.aws.ec2_metric_alarm: state: present region: us-west-1 name: "recover-instance" diff --git a/docs/community.aws.ec2_placement_group.rst b/docs/community.aws.ec2_placement_group.rst index b78a3fcb1a5..c6259a3d65c 100644 --- a/docs/community.aws.ec2_placement_group.rst +++ b/docs/community.aws.ec2_placement_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_placement_group_: +.. _community.aws.ec2_placement_group_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    The name for the placement group.
    @@ -162,9 +150,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -179,9 +165,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -197,9 +181,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -219,9 +201,7 @@ Parameters
  • absent
    • - - - +
    Create or delete placement group.
    @@ -240,9 +220,7 @@ Parameters
  • spread
    • - - - +
    Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
    @@ -261,9 +239,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -290,19 +266,19 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide # for details. - # Create a placement group. - - ec2_placement_group: + - name: Create a placement group. + community.aws.ec2_placement_group: name: my-cluster state: present - # Create a Spread placement group. - - ec2_placement_group: + - name: Create a Spread placement group. + community.aws.ec2_placement_group: name: my-cluster state: present strategy: spread - # Delete a placement group. - - ec2_placement_group: + - name: Delete a placement group. + community.aws.ec2_placement_group: name: my-cluster state: absent @@ -312,7 +288,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_placement_group_info.rst b/docs/community.aws.ec2_placement_group_info.rst index 26360862da3..64d9338dc2d 100644 --- a/docs/community.aws.ec2_placement_group_info.rst +++ b/docs/community.aws.ec2_placement_group_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_placement_group_info_: +.. _community.aws.ec2_placement_group_info_module: ************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters Default:
    []
    - - - +
    A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -221,9 +203,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -250,18 +230,19 @@ Examples # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. - # List all placement groups. - - ec2_placement_group_info: + - name: List all placement groups. + community.aws.ec2_placement_group_info: register: all_ec2_placement_groups - # List two placement groups. - - ec2_placement_group_info: + - name: List two placement groups. + community.aws.ec2_placement_group_info: names: - my-cluster - my-other-cluster register: specific_ec2_placement_groups - - debug: msg="{{ specific_ec2_placement_groups | json_query("[?name=='my-cluster']") }}" + - debug: + msg: "{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" @@ -269,7 +250,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_scaling_policy.rst b/docs/community.aws.ec2_scaling_policy.rst index 524ac755d29..9e58b97bdbc 100644 --- a/docs/community.aws.ec2_scaling_policy.rst +++ b/docs/community.aws.ec2_scaling_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_scaling_policy_: +.. _community.aws.ec2_scaling_policy_module: ******************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -58,9 +58,7 @@ Parameters
  • PercentChangeInCapacity
    • - - - +
    The type of change in capacity of the autoscaling group.
    @@ -75,9 +73,7 @@ Parameters - - - +
    Name of the associated autoscaling group.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -129,9 +121,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -147,9 +137,7 @@ Parameters - - - +
    The minimum period of time (in seconds) between which autoscaling actions can take place.
    @@ -168,9 +156,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -185,9 +171,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -202,9 +186,7 @@ Parameters - - - +
    Minimum amount of adjustment when policy is triggered.
    @@ -219,9 +201,7 @@ Parameters - - - +
    Unique name for the scaling policy.
    @@ -236,9 +216,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -253,9 +231,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -271,9 +247,7 @@ Parameters - - - +
    The amount by which the autoscaling group is adjusted by the policy.
    @@ -288,9 +262,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -310,9 +282,7 @@ Parameters
  • absent
    • - - - +
    Register or deregister the policy.
    @@ -331,9 +301,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -357,7 +325,7 @@ Examples .. code-block:: yaml+jinja - - ec2_scaling_policy: + - community.aws.ec2_scaling_policy: state: present region: US-XXX name: "scaledown-policy" diff --git a/docs/community.aws.ec2_snapshot_copy.rst b/docs/community.aws.ec2_snapshot_copy.rst index c24ccff0567..5d7b94bb55e 100644 --- a/docs/community.aws.ec2_snapshot_copy.rst +++ b/docs/community.aws.ec2_snapshot_copy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_snapshot_copy_: +.. _community.aws.ec2_snapshot_copy_module: ******************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    An optional human-readable string describing purpose of the new Snapshot.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -167,9 +155,7 @@ Parameters
  • yes
    • - - - +
    Whether or not the destination Snapshot should be encrypted.
    @@ -184,9 +170,7 @@ Parameters - - - +
    KMS key id used to encrypt snapshot. If not specified, AWS defaults to alias/aws/ebs.
    @@ -201,9 +185,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -218,9 +200,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -236,9 +216,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -254,9 +232,7 @@ Parameters - - - +
    The source region the Snapshot should be copied from.
    @@ -271,9 +247,7 @@ Parameters - - - +
    The ID of the Snapshot in source region that should be copied.
    @@ -288,9 +262,7 @@ Parameters - - - +
    A hash/dictionary of tags to add to the new Snapshot; '{"key":"value"}' and '{"key":"value","key":"value"}'
    @@ -309,9 +281,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -330,9 +300,7 @@ Parameters
  • yes
    • - - - +
    Wait for the copied Snapshot to be in 'Available' state before returning.
    @@ -348,9 +316,7 @@ Parameters Default:
    600
    - - - +
    How long before wait gives up, in seconds.
    @@ -374,14 +340,14 @@ Examples .. code-block:: yaml+jinja - # Basic Snapshot Copy - - ec2_snapshot_copy: + - name: Basic Snapshot Copy + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx - # Copy Snapshot and wait until available - - ec2_snapshot_copy: + - name: Copy Snapshot and wait until available + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx @@ -389,23 +355,23 @@ Examples wait_timeout: 1200 # Default timeout is 600 register: snapshot_id - # Tagged Snapshot copy - - ec2_snapshot_copy: + - name: Tagged Snapshot copy + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx tags: Name: Snapshot-Name - # Encrypted Snapshot copy - - ec2_snapshot_copy: + - name: Encrypted Snapshot copy + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx encrypted: yes - # Encrypted Snapshot copy with specified key - - ec2_snapshot_copy: + - name: Encrypted Snapshot copy with specified key + community.aws.ec2_snapshot_copy: source_region: eu-central-1 region: eu-west-1 source_snapshot_id: snap-xxxxxxx @@ -417,7 +383,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_transit_gateway.rst b/docs/community.aws.ec2_transit_gateway.rst index 3fbd6071386..8058b6e05f9 100644 --- a/docs/community.aws.ec2_transit_gateway.rst +++ b/docs/community.aws.ec2_transit_gateway.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_transit_gateway_: +.. _community.aws.ec2_transit_gateway_module: ********************************* @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
    The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    @@ -78,9 +76,7 @@ Parameters
  • yes ←
    • - - - +
    Enable or disable automatic association with the default association route table.
    @@ -99,9 +95,7 @@ Parameters
  • yes
    • - - - +
    Enable or disable automatic acceptance of attachment requests.
    @@ -120,9 +114,7 @@ Parameters
  • yes ←
    • - - - +
    Enable or disable automatic propagation of routes to the default propagation route table.
    @@ -137,9 +129,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -155,9 +145,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -174,9 +162,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -196,9 +182,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -213,9 +197,7 @@ Parameters - - - +
    The description of the transit gateway.
    @@ -234,9 +216,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to enable AWS DNS support.
    @@ -251,9 +231,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -268,9 +246,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -289,9 +265,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to purge existing tags not included with tags argument.
    @@ -306,9 +280,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -324,9 +296,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -346,9 +316,7 @@ Parameters
  • absent
    • - - - +
    present to ensure resource is created.
    absent to remove resource.
    @@ -364,9 +332,7 @@ Parameters - - - +
    A dictionary of resource tags
    @@ -381,9 +347,7 @@ Parameters - - - +
    The ID of the transit gateway.
    @@ -402,9 +366,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -423,9 +385,7 @@ Parameters
  • yes ←
    • - - - +
    Enable or disable Equal Cost Multipath Protocol support.
    @@ -444,9 +404,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to wait for status
    @@ -462,9 +420,7 @@ Parameters Default:
    300
    - - - +
    number of seconds to wait for status
    @@ -489,14 +445,14 @@ Examples - name: Create a new transit gateway using defaults - ec2_transit_gateway: + community.aws.ec2_transit_gateway: state: present region: us-east-1 description: personal-testing register: created_tgw - name: Create a new transit gateway with options - ec2_transit_gateway: + community.aws.ec2_transit_gateway: asn: 64514 auto_associate: no auto_propagate: no @@ -510,13 +466,13 @@ Examples status: testing - name: Remove a transit gateway by description - ec2_transit_gateway: + community.aws.ec2_transit_gateway: state: absent region: us-east-1 description: personal-testing - name: Remove a transit gateway by id - ec2_transit_gateway: + community.aws.ec2_transit_gateway: state: absent region: ap-southeast-2 transit_gateway_id: tgw-3a9aa123 @@ -527,7 +483,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_transit_gateway_info.rst b/docs/community.aws.ec2_transit_gateway_info.rst index 027c1120619..1cb197c78a7 100644 --- a/docs/community.aws.ec2_transit_gateway_info.rst +++ b/docs/community.aws.ec2_transit_gateway_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_transit_gateway_info_: +.. _community.aws.ec2_transit_gateway_info_module: ************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html for filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -217,9 +199,7 @@ Parameters - - - +
    A list of transit gateway IDs to gather information for.

    aliases: transit_gateway_id
    @@ -239,9 +219,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -267,22 +245,22 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather info about all transit gateways - - ec2_transit_gateway_info: + - name: Gather info about all transit gateways + community.aws.ec2_transit_gateway_info: - # Gather info about a particular transit gateway using filter transit gateway ID - - ec2_transit_gateway_info: + - name: Gather info about a particular transit gateway using filter transit gateway ID + community.aws.ec2_transit_gateway_info: filters: transit-gateway-id: tgw-02c42332e6b7da829 - # Gather info about a particular transit gateway using multiple option filters - - ec2_transit_gateway_info: + - name: Gather info about a particular transit gateway using multiple option filters + community.aws.ec2_transit_gateway_info: filters: options.dns-support: enable options.vpn-ecmp-support: enable - # Gather info about multiple transit gateways using module param - - ec2_transit_gateway_info: + - name: Gather info about multiple transit gateways using module param + community.aws.ec2_transit_gateway_info: transit_gateway_ids: - tgw-02c42332e6b7da829 - tgw-03c53443d5a8cb716 @@ -292,7 +270,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_egress_igw.rst b/docs/community.aws.ec2_vpc_egress_igw.rst index 24cddae895f..2519abe3800 100644 --- a/docs/community.aws.ec2_vpc_egress_igw.rst +++ b/docs/community.aws.ec2_vpc_egress_igw.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_egress_igw_: +.. _community.aws.ec2_vpc_egress_igw_module: ******************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -162,9 +150,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -180,9 +166,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -202,9 +186,7 @@ Parameters
  • absent
    • - - - +
    Create or delete the EIGW.
    @@ -223,9 +205,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -240,9 +220,7 @@ Parameters - - - +
    The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
    @@ -270,10 +248,10 @@ Examples # Ensure that the VPC has an Internet Gateway. # The Internet Gateway ID is can be accessed via {{eigw.gateway_id}} for use in setting up NATs etc. - ec2_vpc_egress_igw: - vpc_id: vpc-abcdefgh - state: present - register: eigw + - community.aws.ec2_vpc_egress_igw: + vpc_id: vpc-abcdefgh + state: present + register: eigw @@ -281,7 +259,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_endpoint.rst b/docs/community.aws.ec2_vpc_endpoint.rst index 088a49fdcf6..020d1362d27 100644 --- a/docs/community.aws.ec2_vpc_endpoint.rst +++ b/docs/community.aws.ec2_vpc_endpoint.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_endpoint_: +.. _community.aws.ec2_vpc_endpoint_module: ****************************** @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    Optional client token to ensure idempotency
    @@ -131,9 +123,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -165,9 +153,7 @@ Parameters - - - +
    A properly formatted json policy as string, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813. Cannot be used with policy_file.
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The path to the properly json formatted policy file, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly. Cannot be used with policy.
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.

    aliases: policy_path
    @@ -202,9 +186,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters - - - +
    List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
    @@ -254,9 +232,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -272,10 +248,8 @@ Parameters - - - -
    An AWS supported vpc endpoint service. Use the ec2_vpc_endpoint_info module to describe the supported endpoint services.
    + +
    An AWS supported vpc endpoint service. Use the community.aws.ec2_vpc_endpoint_info module to describe the supported endpoint services.
    Required when creating an endpoint.
    @@ -294,9 +268,7 @@ Parameters
  • absent
    • - - - +
    present to ensure resource is created.
    absent to remove resource
    @@ -316,9 +288,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -333,9 +303,7 @@ Parameters - - - +
    One or more vpc endpoint ids to remove from the AWS account
    @@ -350,9 +318,7 @@ Parameters - - - +
    Required when creating a VPC endpoint.
    @@ -371,9 +337,7 @@ Parameters
  • yes
    • - - - +
    When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    @@ -389,9 +353,7 @@ Parameters Default:
    320
    - - - +
    Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    @@ -418,7 +380,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new vpc endpoint with a json template for policy - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: present region: ap-southeast-2 vpc_id: vpc-12345678 @@ -430,7 +392,7 @@ Examples register: new_vpc_endpoint - name: Create new vpc endpoint with the default policy - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: present region: ap-southeast-2 vpc_id: vpc-12345678 @@ -441,7 +403,7 @@ Examples register: new_vpc_endpoint - name: Create new vpc endpoint with json file - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: present region: ap-southeast-2 vpc_id: vpc-12345678 @@ -453,7 +415,7 @@ Examples register: new_vpc_endpoint - name: Delete newly created vpc endpoint - ec2_vpc_endpoint: + community.aws.ec2_vpc_endpoint: state: absent vpc_endpoint_id: "{{ new_vpc_endpoint.result['VpcEndpointId'] }}" region: ap-southeast-2 @@ -463,7 +425,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_endpoint_info.rst b/docs/community.aws.ec2_vpc_endpoint_info.rst index 8f6ecb0a03a..02e5a72000b 100644 --- a/docs/community.aws.ec2_vpc_endpoint_info.rst +++ b/docs/community.aws.ec2_vpc_endpoint_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_endpoint_info_: +.. _community.aws.ec2_vpc_endpoint_info_module: *********************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html for possible filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -185,9 +171,7 @@ Parameters
  • endpoints
    • - - - +
    Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
    @@ -202,9 +186,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -220,9 +202,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -242,9 +222,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -259,9 +237,7 @@ Parameters - - - +
    Get details of specific endpoint IDs
    @@ -287,19 +263,19 @@ Examples # Simple example of listing all support AWS services for VPC endpoints - name: List supported AWS endpoint services - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: services region: ap-southeast-2 register: supported_endpoint_services - name: Get all endpoints in ap-southeast-2 region - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: endpoints region: ap-southeast-2 register: existing_endpoints - name: Get all endpoints with specific filters - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: endpoints region: ap-southeast-2 filters: @@ -312,7 +288,7 @@ Examples register: existing_endpoints - name: Get details on specific endpoint - ec2_vpc_endpoint_info: + community.aws.ec2_vpc_endpoint_info: query: endpoints region: ap-southeast-2 vpc_endpoint_ids: @@ -324,7 +300,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_igw.rst b/docs/community.aws.ec2_vpc_igw.rst index 64ad52a3a23..637824128f3 100644 --- a/docs/community.aws.ec2_vpc_igw.rst +++ b/docs/community.aws.ec2_vpc_igw.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_igw_: +.. _community.aws.ec2_vpc_igw_module: ************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -182,9 +168,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -204,9 +188,7 @@ Parameters
  • absent
    • - - - +
    Create or terminate the IGW
    @@ -221,9 +203,7 @@ Parameters - - - +
    A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.

    aliases: resource_tags
    @@ -243,9 +223,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -260,9 +238,7 @@ Parameters - - - +
    The VPC ID for the VPC in which to manage the Internet Gateway.
    @@ -290,10 +266,10 @@ Examples # Ensure that the VPC has an Internet Gateway. # The Internet Gateway ID is can be accessed via {{igw.gateway_id}} for use in setting up NATs etc. - ec2_vpc_igw: - vpc_id: vpc-abcdefgh - state: present - register: igw + - community.aws.ec2_vpc_igw: + vpc_id: vpc-abcdefgh + state: present + register: igw @@ -301,7 +277,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_igw_info.rst b/docs/community.aws.ec2_vpc_igw_info.rst index a5cda19dfd4..4734a81e1cc 100644 --- a/docs/community.aws.ec2_vpc_igw_info.rst +++ b/docs/community.aws.ec2_vpc_igw_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_igw_info_: +.. _community.aws.ec2_vpc_igw_info_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html for possible filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Get details of specific Internet Gateway ID. Provide this value as a list.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -216,9 +198,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -238,9 +218,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -267,13 +245,13 @@ Examples # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all Internet Gateways for an account or profile - ec2_vpc_igw_info: + community.aws.ec2_vpc_igw_info: region: ap-southeast-2 profile: production register: igw_info - name: Gather information about a filtered list of Internet Gateways - ec2_vpc_igw_info: + community.aws.ec2_vpc_igw_info: region: ap-southeast-2 profile: production filters: @@ -281,7 +259,7 @@ Examples register: igw_info - name: Gather information about a specific internet gateway by InternetGatewayId - ec2_vpc_igw_info: + community.aws.ec2_vpc_igw_info: region: ap-southeast-2 profile: production internet_gateway_ids: igw-c1231234 @@ -292,7 +270,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_nacl.rst b/docs/community.aws.ec2_vpc_nacl.rst index f8d5b459a5b..3cc3c58ff06 100644 --- a/docs/community.aws.ec2_vpc_nacl.rst +++ b/docs/community.aws.ec2_vpc_nacl.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_nacl_: +.. _community.aws.ec2_vpc_nacl_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -149,9 +139,7 @@ Parameters Default:
    []
    - - - +
    A list of rules for outgoing traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    @@ -167,9 +155,7 @@ Parameters Default:
    []
    - - - +
    List of rules for incoming traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    @@ -184,9 +170,7 @@ Parameters - - - +
    NACL id identifying a network ACL.
    One and only one of the name or nacl_id is required.
    @@ -202,9 +186,7 @@ Parameters - - - +
    Tagged name identifying a network ACL.
    One and only one of the name or nacl_id is required.
    @@ -220,9 +202,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -237,9 +217,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -255,9 +233,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -277,9 +253,7 @@ Parameters
  • absent
    • - - - +
    Creates or modifies an existing NACL
    Deletes a NACL and reassociates subnets to the default NACL
    @@ -295,9 +269,7 @@ Parameters - - - +
    The list of subnets that should be associated with the network ACL.
    Must be specified as a list
    Each subnet can be specified as subnet ID, or its tagged name.
    @@ -314,9 +286,7 @@ Parameters - - - +
    Dictionary of tags to look for and apply when creating a network ACL.
    @@ -335,9 +305,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -352,9 +320,7 @@ Parameters - - - +
    VPC id of the requesting VPC.
    Required when state present.
    @@ -383,7 +349,7 @@ Examples # Complete example to create and delete a network ACL # that allows SSH, HTTP and ICMP in, and all traffic out. - name: "Create and associate production DMZ network ACL with DMZ subnets" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: vpc-12345678 name: prod-dmz-nacl region: ap-southeast-2 @@ -403,7 +369,7 @@ Examples state: 'present' - name: "Remove the ingress and egress rules - defaults to deny all" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: vpc-12345678 name: prod-dmz-nacl region: ap-southeast-2 @@ -417,20 +383,20 @@ Examples state: present - name: "Remove the NACL subnet associations and tags" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: 'vpc-12345678' name: prod-dmz-nacl region: ap-southeast-2 state: present - name: "Delete nacl and subnet associations" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: vpc_id: vpc-12345678 name: prod-dmz-nacl state: absent - name: "Delete nacl by its id" - ec2_vpc_nacl: + community.aws.ec2_vpc_nacl: nacl_id: acl-33b4ee5b state: absent @@ -439,7 +405,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_nacl_info.rst b/docs/community.aws.ec2_vpc_nacl_info.rst index 7a2602c070d..36f816b0e3b 100644 --- a/docs/community.aws.ec2_vpc_nacl_info.rst +++ b/docs/community.aws.ec2_vpc_nacl_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_nacl_info_: +.. _community.aws.ec2_vpc_nacl_info_module: ******************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters Default:
    {}
    - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html for possible filters. Filter names and values are case sensitive.
    @@ -166,9 +154,7 @@ Parameters Default:
    []
    - - - +
    A list of Network ACL IDs to retrieve information about.

    aliases: nacl_id
    @@ -184,9 +170,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -201,9 +185,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -219,9 +201,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -241,9 +221,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -272,24 +250,24 @@ Examples # Gather information about all Network ACLs: - name: Get All NACLs - register: all_nacls - ec2_vpc_nacl_info: + community.aws.ec2_vpc_nacl_info: region: us-west-2 + register: all_nacls # Retrieve default Network ACLs: - name: Get Default NACLs - register: default_nacls - ec2_vpc_nacl_info: + community.aws.ec2_vpc_nacl_info: region: us-west-2 filters: 'default': 'true' + register: default_nacls Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_nat_gateway.rst b/docs/community.aws.ec2_vpc_nat_gateway.rst index 9130496173d..c049e04b738 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_nat_gateway_: +.. _community.aws.ec2_vpc_nat_gateway_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
    @@ -71,9 +69,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -89,9 +85,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -108,9 +102,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -126,9 +118,7 @@ Parameters - - - +
    Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
    @@ -147,9 +137,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
    @@ -202,9 +186,7 @@ Parameters
  • yes
    • - - - +
    if a NAT Gateway exists already in the subnet_id, then do not create a new one.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
    @@ -236,9 +216,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -253,9 +231,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -275,9 +251,7 @@ Parameters
  • yes
    • - - - +
    Deallocate the EIP from the VPC.
    Option is only valid with the absent state.
    You should use this with the wait option. Since you can not release an address while a delete operation is happening.
    @@ -294,9 +268,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -316,9 +288,7 @@ Parameters
  • absent
    • - - - +
    Ensure NAT Gateway is present or absent.
    @@ -333,9 +303,7 @@ Parameters - - - +
    The id of the subnet to create the NAT Gateway in. This is required with the present option.
    @@ -354,9 +322,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -375,9 +341,7 @@ Parameters
  • yes
    • - - - +
    Wait for operation to complete before returning.
    @@ -393,9 +357,7 @@ Parameters Default:
    320
    - - - +
    How many seconds to wait for an operation to complete before timing out.
    @@ -422,7 +384,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new nat gateway with client token. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 eip_address: 52.1.1.1 @@ -431,7 +393,7 @@ Examples register: new_nat_gateway - name: Create new nat gateway using an allocation-id. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 allocation_id: eipalloc-12345678 @@ -439,7 +401,7 @@ Examples register: new_nat_gateway - name: Create new nat gateway, using an EIP address and wait for available status. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 eip_address: 52.1.1.1 @@ -448,7 +410,7 @@ Examples register: new_nat_gateway - name: Create new nat gateway and allocate new EIP. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 wait: true @@ -456,7 +418,7 @@ Examples register: new_nat_gateway - name: Create new nat gateway and allocate new EIP if a nat gateway does not yet exist in the subnet. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: present subnet_id: subnet-12345678 wait: true @@ -465,7 +427,7 @@ Examples register: new_nat_gateway - name: Delete nat gateway using discovered nat gateways from facts module. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: absent region: ap-southeast-2 wait: true @@ -475,7 +437,7 @@ Examples loop: "{{ gateways_to_remove.result }}" - name: Delete nat gateway and wait for deleted status. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: absent nat_gateway_id: nat-12345678 wait: true @@ -483,7 +445,7 @@ Examples region: ap-southeast-2 - name: Delete nat gateway and release EIP. - ec2_vpc_nat_gateway: + community.aws.ec2_vpc_nat_gateway: state: absent nat_gateway_id: nat-12345678 release_eip: true @@ -496,7 +458,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info.rst b/docs/community.aws.ec2_vpc_nat_gateway_info.rst index 46de42a2a8a..760c7227202 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_info.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_nat_gateway_info_: +.. _community.aws.ec2_vpc_nat_gateway_info_module: ************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html for possible filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    List of specific nat gateway IDs to fetch details for.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -216,9 +198,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -238,9 +218,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -266,7 +244,7 @@ Examples # Simple example of listing all nat gateways - name: List all managed nat gateways in ap-southeast-2 - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: region: ap-southeast-2 register: all_ngws @@ -275,7 +253,7 @@ Examples msg: "{{ all_ngws.result }}" - name: Get details on specific nat gateways - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: nat_gateway_ids: - nat-1234567891234567 - nat-7654321987654321 @@ -283,14 +261,14 @@ Examples register: specific_ngws - name: Get all nat gateways with specific filters - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: region: ap-southeast-2 filters: state: ['pending'] register: pending_ngws - name: Get nat gateways with specific filter - ec2_vpc_nat_gateway_info: + community.aws.ec2_vpc_nat_gateway_info: region: ap-southeast-2 filters: subnet-id: subnet-12345678 @@ -302,7 +280,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_peer.rst b/docs/community.aws.ec2_vpc_peer.rst index 748265d4c0a..1ecd146eb58 100644 --- a/docs/community.aws.ec2_vpc_peer.rst +++ b/docs/community.aws.ec2_vpc_peer.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_peer_: +.. _community.aws.ec2_vpc_peer_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The AWS account number for cross account peering.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Region of the accepting VPC.
    @@ -182,9 +168,7 @@ Parameters - - - +
    VPC id of the accepting VPC.
    @@ -199,9 +183,7 @@ Parameters - - - +
    Peering connection id.
    @@ -216,9 +198,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -233,9 +213,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -251,9 +229,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -275,9 +251,7 @@ Parameters
  • reject
    • - - - +
    Create, delete, accept, reject a peering connection.
    @@ -292,9 +266,7 @@ Parameters - - - +
    Dictionary of tags to look for and apply when creating a Peering Connection.
    @@ -313,9 +285,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -330,9 +300,7 @@ Parameters - - - +
    VPC id of the requesting VPC.
    @@ -358,7 +326,7 @@ Examples # Complete example to create and accept a local peering connection. - name: Create local account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -370,7 +338,7 @@ Examples register: vpc_peer - name: Accept local VPC peering request - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" state: accept @@ -378,7 +346,7 @@ Examples # Complete example to delete a local peering connection. - name: Create local account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -390,7 +358,7 @@ Examples register: vpc_peer - name: delete a local VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" state: absent @@ -398,7 +366,7 @@ Examples # Complete example to create and accept a cross account peering connection. - name: Create cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-12345678 @@ -411,7 +379,7 @@ Examples register: vpc_peer - name: Accept peering connection from remote account - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" profile: bot03_profile_for_cross_account @@ -420,7 +388,7 @@ Examples # Complete example to create and accept an intra-region peering connection. - name: Create intra-region VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: us-east-1 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -433,7 +401,7 @@ Examples register: vpc_peer - name: Accept peering connection from peer region - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: us-west-2 peering_id: "{{ vpc_peer.peering_id }}" state: accept @@ -441,7 +409,7 @@ Examples # Complete example to create and reject a local peering connection. - name: Create local account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-87654321 @@ -453,14 +421,14 @@ Examples register: vpc_peer - name: Reject a local VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" state: reject # Complete example to create and accept a cross account peering connection. - name: Create cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-12345678 @@ -473,7 +441,7 @@ Examples register: vpc_peer - name: Accept a cross account VPC peering connection request - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" profile: bot03_profile_for_cross_account @@ -485,7 +453,7 @@ Examples # Complete example to create and reject a cross account peering connection. - name: Create cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 vpc_id: vpc-12345678 peer_vpc_id: vpc-12345678 @@ -498,7 +466,7 @@ Examples register: vpc_peer - name: Reject a cross account VPC peering Connection - ec2_vpc_peer: + community.aws.ec2_vpc_peer: region: ap-southeast-2 peering_id: "{{ vpc_peer.peering_id }}" profile: bot03_profile_for_cross_account @@ -510,7 +478,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_peering_info.rst b/docs/community.aws.ec2_vpc_peering_info.rst index 58b9c7ad460..99fca05f714 100644 --- a/docs/community.aws.ec2_vpc_peering_info.rst +++ b/docs/community.aws.ec2_vpc_peering_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_peering_info_: +.. _community.aws.ec2_vpc_peering_info_module: ********************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html for possible filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    List of specific VPC peer IDs to get details for.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -216,9 +198,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -238,9 +218,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -266,7 +244,7 @@ Examples # Simple example of listing all VPC Peers - name: List all vpc peers - ec2_vpc_peering_info: + community.aws.ec2_vpc_peering_info: region: ap-southeast-2 register: all_vpc_peers @@ -275,7 +253,7 @@ Examples msg: "{{ all_vpc_peers.result }}" - name: Get details on specific VPC peer - ec2_vpc_peering_info: + community.aws.ec2_vpc_peering_info: peer_connection_ids: - pcx-12345678 - pcx-87654321 @@ -283,7 +261,7 @@ Examples register: all_vpc_peers - name: Get all vpc peers with specific filters - ec2_vpc_peering_info: + community.aws.ec2_vpc_peering_info: region: ap-southeast-2 filters: status-code: ['pending-acceptance'] @@ -294,7 +272,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_route_table.rst b/docs/community.aws.ec2_vpc_route_table.rst index cefb56f1459..af09fa00f12 100644 --- a/docs/community.aws.ec2_vpc_route_table.rst +++ b/docs/community.aws.ec2_vpc_route_table.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_route_table_: +.. _community.aws.ec2_vpc_route_table_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -149,9 +139,7 @@ Parameters
  • id
    • - - - +
    Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
    @@ -166,9 +154,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Enable route propagation from virtual gateways specified by ID.
    @@ -204,9 +188,7 @@ Parameters
  • yes ←
    • - - - +
    Purge existing routes that are not found in routes.
    @@ -226,9 +208,7 @@ Parameters Default:
    "true"
    - - - +
    Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
    @@ -247,9 +227,7 @@ Parameters
  • yes
    • - - - +
    Purge existing tags that are not found in route table.
    @@ -264,9 +242,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -282,9 +258,7 @@ Parameters - - - +
    The ID of the route table to update or delete.
    Required when lookup=id.
    @@ -300,9 +274,7 @@ Parameters - - - +
    List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
    @@ -317,9 +289,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -339,9 +309,7 @@ Parameters
  • absent
    • - - - +
    Create or destroy the VPC route table.
    @@ -356,9 +324,7 @@ Parameters - - - +
    An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
    @@ -373,9 +339,7 @@ Parameters - - - +
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.

    aliases: resource_tags
    @@ -395,9 +359,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -412,9 +374,7 @@ Parameters - - - +
    VPC ID of the VPC in which to create the route table.
    Required when state=present or lookup=tag.
    @@ -443,7 +403,7 @@ Examples # Basic creation example: - name: Set up public subnet route table - ec2_vpc_route_table: + community.aws.ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 tags: @@ -458,7 +418,7 @@ Examples register: public_route_table - name: Set up NAT-protected route table - ec2_vpc_route_table: + community.aws.ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 tags: @@ -473,7 +433,7 @@ Examples register: nat_route_table - name: delete route table - ec2_vpc_route_table: + community.aws.ec2_vpc_route_table: vpc_id: vpc-1245678 region: us-west-1 route_table_id: "{{ route_table.id }}" @@ -485,7 +445,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_route_table_info.rst b/docs/community.aws.ec2_vpc_route_table_info.rst index 79b4da3df18..47670f25bf3 100644 --- a/docs/community.aws.ec2_vpc_route_table_info.rst +++ b/docs/community.aws.ec2_vpc_route_table_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_route_table_info_: +.. _community.aws.ec2_vpc_route_table_info_module: ************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html for possible filters.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -198,9 +182,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -220,9 +202,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -248,21 +228,21 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather information about all VPC route tables - - ec2_vpc_route_table_info: + - name: Gather information about all VPC route tables + community.aws.ec2_vpc_route_table_info: - # Gather information about a particular VPC route table using route table ID - - ec2_vpc_route_table_info: + - name: Gather information about a particular VPC route table using route table ID + community.aws.ec2_vpc_route_table_info: filters: route-table-id: rtb-00112233 - # Gather information about any VPC route table with a tag key Name and value Example - - ec2_vpc_route_table_info: + - name: Gather information about any VPC route table with a tag key Name and value Example + community.aws.ec2_vpc_route_table_info: filters: "tag:Name": Example - # Gather information about any VPC route table within VPC with ID vpc-abcdef00 - - ec2_vpc_route_table_info: + - name: Gather information about any VPC route table within VPC with ID vpc-abcdef00 + community.aws.ec2_vpc_route_table_info: filters: vpc-id: vpc-abcdef00 diff --git a/docs/community.aws.ec2_vpc_vgw.rst b/docs/community.aws.ec2_vpc_vgw.rst index d68176c2c7c..3e8cdad632c 100644 --- a/docs/community.aws.ec2_vpc_vgw.rst +++ b/docs/community.aws.ec2_vpc_vgw.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_vgw_: +.. _community.aws.ec2_vpc_vgw_module: ************************* @@ -26,7 +27,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    the BGP ASN of the amazon side
    @@ -73,9 +71,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -91,9 +87,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -110,9 +104,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    name of the vgw to be created or deleted
    @@ -183,9 +169,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -218,9 +200,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -240,9 +220,7 @@ Parameters
  • absent
    • - - - +
    present to ensure resource is created.
    absent to remove resource
    @@ -258,9 +236,7 @@ Parameters - - - +
    dictionary of resource tags

    aliases: resource_tags
    @@ -279,9 +255,7 @@ Parameters
  • ipsec.1 ←
    • - - - +
    type of the virtual gateway to be created
    @@ -300,9 +274,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -317,9 +289,7 @@ Parameters - - - +
    the vpc-id of a vpc to attach or detach
    @@ -334,9 +304,7 @@ Parameters - - - +
    vpn gateway id of an existing virtual gateway
    @@ -352,9 +320,7 @@ Parameters Default:
    320
    - - - +
    number of seconds to wait for status during vpc attach and detach
    @@ -379,7 +345,7 @@ Examples - name: Create a new vgw attached to a specific VPC - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: present region: ap-southeast-2 profile: personal @@ -389,7 +355,7 @@ Examples register: created_vgw - name: Create a new unattached vgw - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: present region: ap-southeast-2 profile: personal @@ -401,7 +367,7 @@ Examples register: created_vgw - name: Remove a new vgw using the name - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: absent region: ap-southeast-2 profile: personal @@ -410,7 +376,7 @@ Examples register: deleted_vgw - name: Remove a new vgw using the vpn_gateway_id - ec2_vpc_vgw: + community.aws.ec2_vpc_vgw: state: absent region: ap-southeast-2 profile: personal @@ -422,7 +388,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_vgw_info.rst b/docs/community.aws.ec2_vpc_vgw_info.rst index bb46dd0cd17..5eb15889137 100644 --- a/docs/community.aws.ec2_vpc_vgw_info.rst +++ b/docs/community.aws.ec2_vpc_vgw_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_vgw_info_: +.. _community.aws.ec2_vpc_vgw_info_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html for possible filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -221,9 +203,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -238,9 +218,7 @@ Parameters - - - +
    Get details of a specific Virtual Gateway ID. This value should be provided as a list.
    @@ -267,13 +245,13 @@ Examples # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all virtual gateways for an account or profile - ec2_vpc_vgw_info: + community.aws.ec2_vpc_vgw_info: region: ap-southeast-2 profile: production register: vgw_info - name: Gather information about a filtered list of Virtual Gateways - ec2_vpc_vgw_info: + community.aws.ec2_vpc_vgw_info: region: ap-southeast-2 profile: production filters: @@ -281,7 +259,7 @@ Examples register: vgw_info - name: Gather information about a specific virtual gateway by VpnGatewayIds - ec2_vpc_vgw_info: + community.aws.ec2_vpc_vgw_info: region: ap-southeast-2 profile: production vpn_gateway_ids: vgw-c432f6a7 @@ -292,7 +270,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_vpn.rst b/docs/community.aws.ec2_vpc_vpn.rst index c87758b5f59..c145a56ade8 100644 --- a/docs/community.aws.ec2_vpc_vpn.rst +++ b/docs/community.aws.ec2_vpc_vpn.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_vpn_: +.. _community.aws.ec2_vpc_vpn_module: ************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters Default:
    "ipsec.1"
    - - - +
    The type of VPN connection.
    At this time only 'ipsec.1' is supported.
    @@ -128,9 +120,7 @@ Parameters - - - +
    The ID of the customer gateway.
    @@ -149,9 +139,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -167,9 +155,7 @@ Parameters Default:
    15
    - - - +
    The time to wait before checking operation again. in seconds.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -201,9 +185,7 @@ Parameters - - - +
    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
    @@ -237,9 +217,7 @@ Parameters - - - +
    The customer gateway id as a string or a list of those strings.
    @@ -255,9 +233,7 @@ Parameters - - - +
    The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
    @@ -273,9 +249,7 @@ Parameters - - - +
    The destination cidr of the VPN's route as a string or a list of those strings.
    @@ -291,9 +265,7 @@ Parameters - - - +
    The type of routing; true or false.
    @@ -309,9 +281,7 @@ Parameters - - - +
    The key of a tag as a string or a list of those strings.
    @@ -327,9 +297,7 @@ Parameters - - - +
    The value of a tag as a string or a list of those strings.
    @@ -345,9 +313,7 @@ Parameters - - - +
    A dict of key value pairs.
    @@ -363,9 +329,7 @@ Parameters - - - +
    The virtual private gateway as a string or a list of those strings.
    @@ -381,9 +345,7 @@ Parameters - - - +
    The VPN connection id as a string or a list of those strings.
    @@ -399,9 +361,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -420,9 +380,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to delete VPN connections routes that are not specified in the task.
    @@ -441,9 +399,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
    @@ -458,9 +414,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -476,9 +430,7 @@ Parameters - - - +
    Routes to add to the connection.
    @@ -493,9 +445,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -515,9 +465,7 @@ Parameters
  • absent
    • - - - +
    The desired state of the VPN connection.
    @@ -536,9 +484,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
    @@ -553,9 +499,7 @@ Parameters - - - +
    Tags to attach to the VPN connection.
    @@ -570,9 +514,7 @@ Parameters - - - +
    An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
    @@ -588,9 +530,7 @@ Parameters - - - +
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
    @@ -606,9 +546,7 @@ Parameters - - - +
    The range of inside IP addresses for the tunnel.
    @@ -628,9 +566,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -645,9 +581,7 @@ Parameters - - - +
    The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
    @@ -662,9 +596,7 @@ Parameters - - - +
    The ID of the virtual private gateway.
    @@ -680,9 +612,7 @@ Parameters Default:
    600
    - - - +
    How long before wait gives up, in seconds.
    @@ -710,13 +640,13 @@ Examples # It is assumed that their matching environment variables are set. - name: create a VPN connection - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present vpn_gateway_id: vgw-XXXXXXXX customer_gateway_id: cgw-XXXXXXXX - name: modify VPN connection tags - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present vpn_connection_id: vpn-XXXXXXXX tags: @@ -724,12 +654,12 @@ Examples Other: ansible-tag-2 - name: delete a connection - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: vpn_connection_id: vpn-XXXXXXXX state: absent - name: modify VPN tags (identifying VPN by filters) - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present filters: cidr: 194.168.1.0/24 @@ -742,7 +672,7 @@ Examples static_only: true - name: set up VPN with tunnel options utilizing 'TunnelInsideCidr' only - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present filters: vpn: vpn-XXXXXXXX @@ -754,7 +684,7 @@ Examples TunnelInsideCidr: '169.254.100.5/30' - name: add routes and remove any preexisting ones - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present filters: vpn: vpn-XXXXXXXX @@ -764,14 +694,14 @@ Examples purge_routes: true - name: remove all routes - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: present vpn_connection_id: vpn-XXXXXXXX routes: [] purge_routes: true - name: delete a VPN identified by filters - ec2_vpc_vpn: + community.aws.ec2_vpc_vpn: state: absent filters: tags: @@ -782,7 +712,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_vpc_vpn_info.rst b/docs/community.aws.ec2_vpc_vpn_info.rst index 348794fdb6d..741295496f5 100644 --- a/docs/community.aws.ec2_vpc_vpn_info.rst +++ b/docs/community.aws.ec2_vpc_vpn_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_vpc_vpn_info_: +.. _community.aws.ec2_vpc_vpn_info_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html for possible filters.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -199,9 +183,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -221,9 +203,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -238,9 +218,7 @@ Parameters - - - +
    Get details of a specific VPN connections using vpn connection ID/IDs. This value should be provided as a list.
    @@ -266,16 +244,16 @@ Examples # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all vpn connections - ec2_vpc_vpn_info: + community.aws.ec2_vpc_vpn_info: - name: Gather information about a filtered list of vpn connections, based on tags - ec2_vpc_vpn_info: + community.aws.ec2_vpc_vpn_info: filters: "tag:Name": test-connection register: vpn_conn_info - name: Gather information about vpn connections by specifying connection IDs. - ec2_vpc_vpn_info: + community.aws.ec2_vpc_vpn_info: filters: vpn-gateway-id: vgw-cbe66beb register: vpn_conn_info @@ -285,7 +263,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ec2_win_password.rst b/docs/community.aws.ec2_win_password.rst index 5e1ab3e103c..3bba8eafc9b 100644 --- a/docs/community.aws.ec2_win_password.rst +++ b/docs/community.aws.ec2_win_password.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ec2_win_password_: +.. _community.aws.ec2_win_password_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - cryptography @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The instance id to get the password data from.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The private key (usually stored in vault).
    Conflicts with key_file,
    @@ -182,9 +168,7 @@ Parameters - - - +
    Path to the file containing the key pair used on the instance.
    Conflicts with key_data.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) openssl rsa -in current_key -out new_key -des3.
    @@ -217,9 +199,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -234,9 +214,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -252,9 +230,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -274,9 +250,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -295,9 +269,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to wait for the password to be available before returning.
    @@ -313,9 +285,7 @@ Parameters Default:
    120
    - - - +
    Number of seconds to wait before giving up.
    @@ -342,7 +312,7 @@ Examples # Example of getting a password - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 @@ -350,7 +320,7 @@ Examples # Example of getting a password using a variable - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 @@ -358,7 +328,7 @@ Examples # Example of getting a password with a password protected key - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 @@ -367,7 +337,7 @@ Examples # Example of waiting for a password - name: get the Administrator password - ec2_win_password: + community.aws.ec2_win_password: profile: my-boto-profile instance_id: i-XXXXXX region: us-east-1 diff --git a/docs/community.aws.ecs_attribute.rst b/docs/community.aws.ecs_attribute.rst index 4ce16e5bff8..7d07aef6340 100644 --- a/docs/community.aws.ecs_attribute.rst +++ b/docs/community.aws.ecs_attribute.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_attribute_: +.. _community.aws.ecs_attribute_module: *************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    List of attributes.
    @@ -72,9 +70,7 @@ Parameters - - - +
    The name of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, and periods are allowed.
    @@ -90,9 +86,7 @@ Parameters - - - +
    The value of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, periods, at signs (@), forward slashes, colons, and spaces are allowed.
    @@ -108,9 +102,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -126,9 +118,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -145,9 +135,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -163,9 +151,7 @@ Parameters - - - +
    The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
    @@ -184,9 +170,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -201,9 +185,7 @@ Parameters - - - +
    EC2 instance ID of ECS cluster container instance.
    @@ -218,9 +200,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -235,9 +215,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -252,9 +230,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -270,9 +246,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -292,9 +266,7 @@ Parameters
  • absent
    • - - - +
    The desired state of the attributes.
    @@ -313,9 +285,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -341,8 +311,8 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Set attributes - - ecs_attribute: + - name: Set attributes + community.aws.ecs_attribute: state: present cluster: test-cluster ec2_instance_id: "{{ ec2_id }}" @@ -351,8 +321,8 @@ Examples - migrated delegate_to: localhost - # Delete attributes - - ecs_attribute: + - name: Delete attributes + community.aws.ecs_attribute: state: absent cluster: test-cluster ec2_instance_id: "{{ ec2_id }}" @@ -366,7 +336,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_cluster.rst b/docs/community.aws.ecs_cluster.rst index 4be505ddd10..66f2420f9db 100644 --- a/docs/community.aws.ecs_cluster.rst +++ b/docs/community.aws.ecs_cluster.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_cluster_: +.. _community.aws.ecs_cluster_module: ************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters Default:
    10
    - - - +
    Number of seconds to wait.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The cluster name.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -217,9 +199,7 @@ Parameters Default:
    10
    - - - +
    The number of times to wait for the cluster to have an instance.
    @@ -234,9 +214,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -257,9 +235,7 @@ Parameters
  • has_instances
    • - - - +
    The desired state of the cluster.
    @@ -278,9 +254,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -308,18 +282,18 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Cluster creation - - ecs_cluster: + - name: Cluster creation + community.aws.ecs_cluster: name: default state: present - # Cluster deletion - - ecs_cluster: + - name: Cluster deletion + community.aws.ecs_cluster: name: default state: absent - name: Wait for register - ecs_cluster: + community.aws.ecs_cluster: name: "{{ new_cluster }}" state: has_instances delay: 10 @@ -332,7 +306,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_ecr.rst b/docs/community.aws.ecs_ecr.rst index 7f62c640470..60ee57ef7fa 100644 --- a/docs/community.aws.ecs_ecr.rst +++ b/docs/community.aws.ecs_ecr.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_ecr_: +.. _community.aws.ecs_ecr_module: ********************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -150,9 +140,7 @@ Parameters
  • yes
    • - - - +
    If force_set_policy=false, it prevents setting a policy that would prevent you from setting another policy in the future.
    @@ -171,9 +159,7 @@ Parameters
  • immutable
    • - - - +
    Configure whether repository should be mutable (ie. an already existing tag can be overwritten) or not.
    @@ -188,9 +174,7 @@ Parameters - - - +
    JSON or dict that represents the new lifecycle policy
    @@ -205,9 +189,7 @@ Parameters - - - +
    The name of the repository.
    @@ -222,9 +204,7 @@ Parameters - - - +
    JSON or dict that represents the new policy.
    @@ -239,9 +219,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -260,9 +238,7 @@ Parameters
  • yes
    • - - - +
    if yes, remove the lifecycle policy from the repository
    @@ -281,11 +257,9 @@ Parameters
  • yes
    • - - - +
    If yes, remove the policy from the repository.
    -
    Alias delete_policy has been deprecated and will be removed in Ansible 2.14
    +
    Alias delete_policy has been deprecated and will be removed after 2022-06-01.

    aliases: delete_policy
    @@ -300,9 +274,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -318,9 +290,7 @@ Parameters - - - +
    AWS account id associated with the registry.
    If not specified, the default registry is assumed.
    @@ -336,9 +306,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -358,9 +326,7 @@ Parameters
  • absent
    • - - - +
    Create or destroy the repository.
    @@ -379,9 +345,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -408,16 +372,21 @@ Examples # If the repository does not exist, it is created. If it does exist, would not # affect any policies already on it. - name: ecr-repo - ecs_ecr: name=super/cool + community.aws.ecs_ecr: + name: super/cool - name: destroy-ecr-repo - ecs_ecr: name=old/busted state=absent + community.aws.ecs_ecr: + name: old/busted + state: absent - name: Cross account ecr-repo - ecs_ecr: registry_id=999999999999 name=cross/account + community.aws.ecs_ecr: + registry_id: 999999999999 + name: cross/account - name: set-policy as object - ecs_ecr: + community.aws.ecs_ecr: name: needs-policy-object policy: Version: '2008-10-17' @@ -432,22 +401,22 @@ Examples - ecr:BatchCheckLayerAvailability - name: set-policy as string - ecs_ecr: + community.aws.ecs_ecr: name: needs-policy-string policy: "{{ lookup('template', 'policy.json.j2') }}" - name: delete-policy - ecs_ecr: + community.aws.ecs_ecr: name: needs-no-policy purge_policy: yes - name: create immutable ecr-repo - ecs_ecr: + community.aws.ecs_ecr: name: super/cool image_tag_mutability: immutable - name: set-lifecycle-policy - ecs_ecr: + community.aws.ecs_ecr: name: needs-lifecycle-policy lifecycle_policy: rules: @@ -462,7 +431,7 @@ Examples type: expire - name: purge-lifecycle-policy - ecs_ecr: + community.aws.ecs_ecr: name: needs-no-lifecycle-policy purge_lifecycle_policy: true @@ -471,7 +440,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_service.rst b/docs/community.aws.ecs_service.rst index 4b9f8b9fa77..76d7dae0c66 100644 --- a/docs/community.aws.ecs_service.rst +++ b/docs/community.aws.ecs_service.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_service_: +.. _community.aws.ecs_service_module: ************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
    @@ -127,9 +119,7 @@ Parameters - - - +
    The name of the cluster in which the service exists.
    @@ -148,9 +138,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -166,9 +154,7 @@ Parameters Default:
    10
    - - - +
    The time to wait before checking that the service is available.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Optional parameters that control the deployment_configuration.
    Format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
    @@ -202,9 +186,7 @@ Parameters - - - +
    Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment.
    @@ -220,9 +202,7 @@ Parameters - - - +
    A lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment.
    @@ -238,9 +218,7 @@ Parameters - - - +
    The count of how many instances of the service.
    This parameter is required when state=present.
    @@ -256,9 +234,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -277,9 +253,7 @@ Parameters
  • yes
    • - - - +
    Force deployment of service even if there are no changes.
    @@ -294,9 +268,7 @@ Parameters - - - +
    Seconds to wait before health checking the freshly added/updated services.
    This option requires botocore >= 1.8.20.
    @@ -316,9 +288,7 @@ Parameters
  • FARGATE
    • - - - +
    The launch type on which to run your service.
    @@ -333,9 +303,7 @@ Parameters - - - +
    The list of ELBs defined for this service.
    @@ -350,9 +318,7 @@ Parameters - - - +
    The name of the service.
    @@ -367,9 +333,7 @@ Parameters - - - +
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    assign_public_ip requires botocore >= 1.8.4
    @@ -390,9 +354,7 @@ Parameters
  • yes
    • - - - +
    Whether the task's elastic network interface receives a public IP address.
    This option requires botocore >= 1.8.4.
    @@ -409,9 +371,7 @@ Parameters - - - +
    A list of security group names or group IDs to associate with the task
    @@ -427,9 +387,7 @@ Parameters - - - +
    A list of subnet IDs to associate with the task
    @@ -445,9 +403,7 @@ Parameters - - - +
    The placement constraints for the tasks in the service.
    @@ -464,9 +420,7 @@ Parameters - - - +
    A cluster query language expression to apply to the constraint.
    @@ -482,9 +436,7 @@ Parameters - - - +
    The type of constraint.
    @@ -500,9 +452,7 @@ Parameters - - - +
    The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service.
    @@ -518,9 +468,7 @@ Parameters - - - +
    The field to apply the placement strategy against.
    @@ -536,9 +484,7 @@ Parameters - - - +
    The type of placement strategy.
    @@ -554,9 +500,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -571,9 +515,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -590,9 +532,7 @@ Parameters Default:
    10
    - - - +
    The number of times to check that the service is available.
    @@ -607,9 +547,7 @@ Parameters - - - +
    The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf.
    This parameter is only required if you are using a load balancer with your service in a network mode other than awsvpc.
    @@ -629,9 +567,7 @@ Parameters
  • REPLICA
    • - - - +
    The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
    @@ -646,9 +582,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -664,9 +598,7 @@ Parameters - - - +
    Describes service discovery registries this service will register with.
    @@ -682,9 +614,7 @@ Parameters - - - +
    Service discovery registry ARN
    @@ -700,9 +630,7 @@ Parameters - - - +
    container name for service discovery registration
    @@ -718,9 +646,7 @@ Parameters - - - +
    container port for service discovery registration
    @@ -741,9 +667,7 @@ Parameters
  • deleting
    • - - - +
    The desired state of the service.
    @@ -758,9 +682,7 @@ Parameters - - - +
    The task definition the service will run.
    This parameter is required when state=present.
    @@ -780,9 +702,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -812,7 +732,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic provisioning example - - ecs_service: + - community.aws.ecs_service: state: present name: console-test-service cluster: new_cluster @@ -820,7 +740,7 @@ Examples desired_count: 0 - name: create ECS service on VPC network - ecs_service: + community.aws.ecs_service: state: present name: console-test-service cluster: new_cluster @@ -834,13 +754,13 @@ Examples - my_security_group # Simple example to delete - - ecs_service: + - community.aws.ecs_service: name: default state: absent cluster: new_cluster # With custom deployment configuration (added in version 2.3), placement constraints and strategy (added in version 2.4) - - ecs_service: + - community.aws.ecs_service: state: present name: test-service cluster: test-cluster @@ -1297,7 +1217,7 @@ Facts returned by this module are added/updated in the ``hostvars`` host facts a Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_service_info.rst b/docs/community.aws.ecs_service_info.rst index 7d2bdc31177..c9f67c08bf6 100644 --- a/docs/community.aws.ecs_service_info.rst +++ b/docs/community.aws.ecs_service_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_service_info_: +.. _community.aws.ecs_service_info_module: ****************************** @@ -18,13 +19,13 @@ community.aws.ecs_service_info Synopsis -------- - Lists or describes services in ECS. -- This module was called ``ecs_service_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`ecs_service_info ` module no longer returns ``ansible_facts``! +- This module was called ``ecs_service_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.ecs_service_info ` module no longer returns ``ansible_facts``! Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -74,9 +72,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -93,9 +89,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters - - - +
    The cluster ARNS in which to list the services.
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -153,9 +143,7 @@ Parameters
  • yes
    • - - - +
    Set this to true if you want detailed information about the services.
    @@ -170,9 +158,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -191,9 +177,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to return ECS service events. Only has an effect if details=true.
    @@ -208,9 +192,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -225,9 +207,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -243,9 +223,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -261,9 +239,7 @@ Parameters - - - +
    One or more services to get details for
    @@ -282,9 +258,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -311,14 +285,14 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic listing example - - ecs_service_info: + - community.aws.ecs_service_info: cluster: test-cluster service: console-test-service details: true register: output # Basic listing example - - ecs_service_info: + - community.aws.ecs_service_info: cluster: test-cluster register: output @@ -327,7 +301,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_tag.rst b/docs/community.aws.ecs_tag.rst index 1ee18808698..fb7d1d7a5a8 100644 --- a/docs/community.aws.ecs_tag.rst +++ b/docs/community.aws.ecs_tag.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_tag_: +.. _community.aws.ecs_tag_module: ********************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    The name of the cluster whose resources we are tagging.
    @@ -131,9 +123,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -186,9 +172,7 @@ Parameters
  • yes
    • - - - +
    Whether unspecified tags should be removed from the resource.
    Note that when combined with state=absent, specified tags with non-matching values are not purged.
    @@ -204,9 +188,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -222,9 +204,7 @@ Parameters - - - +
    The ECS resource name.
    Required unless resource_type=cluster.
    @@ -247,9 +227,7 @@ Parameters
  • container
    • - - - +
    The type of resource.
    @@ -264,9 +242,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -286,9 +262,7 @@ Parameters
  • absent
    • - - - +
    Whether the tags should be present or absent on the resource.
    @@ -303,9 +277,7 @@ Parameters - - - +
    A dictionary of tags to add or remove from the resource.
    If the value provided for a tag is null and state=absent, the tag will be removed regardless of its current value.
    @@ -325,9 +297,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -353,7 +323,7 @@ Examples - name: Ensure tags are present on a resource - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster state: present @@ -362,7 +332,7 @@ Examples env: prod - name: Remove the Env tag - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster tags: @@ -370,7 +340,7 @@ Examples state: absent - name: Remove the Env tag if it's currently 'development' - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster tags: @@ -378,7 +348,7 @@ Examples state: absent - name: Remove all tags except for Name from a cluster - ecs_tag: + community.aws.ecs_tag: cluster_name: mycluster resource_type: cluster tags: @@ -391,7 +361,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_task.rst b/docs/community.aws.ecs_task.rst index aef79a72482..2bc839d2e78 100644 --- a/docs/community.aws.ecs_task.rst +++ b/docs/community.aws.ecs_task.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_task_: +.. _community.aws.ecs_task_module: ********************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    The name of the cluster to run the task on.
    @@ -127,9 +119,7 @@ Parameters - - - +
    The list of container instances on which to deploy the task.
    @@ -144,9 +134,7 @@ Parameters - - - +
    How many new instances to start.
    @@ -165,9 +153,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -182,9 +168,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -203,9 +187,7 @@ Parameters
  • FARGATE
    • - - - +
    The launch type on which to run your service.
    @@ -220,9 +202,7 @@ Parameters - - - +
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    @@ -238,9 +218,7 @@ Parameters - - - +
    A list of group names or group IDs for the task.
    @@ -256,9 +234,7 @@ Parameters - - - +
    A list of subnet IDs to which the task is attached.
    @@ -279,9 +255,7 @@ Parameters
  • stop
    • - - - +
    Which task operation to execute.
    @@ -296,9 +270,7 @@ Parameters - - - +
    A dictionary of values to pass to the new instances.
    @@ -313,9 +285,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -330,9 +300,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -348,9 +316,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -366,9 +332,7 @@ Parameters - - - +
    A value showing who or what started the task (for informational purposes).
    @@ -383,9 +347,7 @@ Parameters - - - +
    Tags that will be added to ecs tasks on start and run
    @@ -400,9 +362,7 @@ Parameters - - - +
    The task to stop.
    @@ -417,9 +377,7 @@ Parameters - - - +
    The task definition to start or run.
    @@ -438,9 +396,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -466,7 +422,7 @@ Examples # Simple example of run task - name: Run task - ecs_task: + community.aws.ecs_task: operation: run cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -477,7 +433,7 @@ Examples # Simple example of start task - name: Start a task - ecs_task: + community.aws.ecs_task: operation: start cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -499,7 +455,7 @@ Examples register: task_output - name: RUN a task on Fargate - ecs_task: + community.aws.ecs_task: operation: run cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -515,7 +471,7 @@ Examples register: task_output - name: Stop a task - ecs_task: + community.aws.ecs_task: operation: stop cluster: console-sample-app-static-cluster task_definition: console-sample-app-static-taskdef @@ -526,7 +482,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_taskdefinition.rst b/docs/community.aws.ecs_taskdefinition.rst index 9794ec712bc..fe8eb2a125a 100644 --- a/docs/community.aws.ecs_taskdefinition.rst +++ b/docs/community.aws.ecs_taskdefinition.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_taskdefinition_: +.. _community.aws.ecs_taskdefinition_module: ******************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    The ARN of the task description to delete.
    @@ -72,9 +70,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -90,9 +86,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -109,9 +103,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -127,9 +119,7 @@ Parameters - - - +
    A list of containers definitions.
    @@ -144,9 +134,7 @@ Parameters - - - +
    The number of cpu units used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    If using the Fargate launch type, this field is required and you must use one of 256, 512, 1024, 2048, 4096.
    @@ -166,9 +154,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.
    @@ -217,9 +199,7 @@ Parameters - - - +
    A Name that would be given to the task definition.
    @@ -238,9 +218,7 @@ Parameters
  • yes
    • - - - +
    Always create new task definition.
    @@ -259,9 +237,7 @@ Parameters
  • FARGATE
    • - - - +
    The launch type on which to run your task.
    @@ -276,9 +252,7 @@ Parameters - - - +
    The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    If using the Fargate launch type, this field is required and is limited by the cpu.
    @@ -301,9 +275,7 @@ Parameters
  • awsvpc
    • - - - +
    The Docker networking mode to use for the containers in the task.
    awsvpc mode was added in Ansible 2.5
    Windows containers must use network_mode=default, which will utilize docker NAT networking.
    @@ -321,9 +293,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -338,9 +308,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -356,9 +324,7 @@ Parameters - - - +
    A revision number for the task definition.
    @@ -373,9 +339,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -395,9 +359,7 @@ Parameters
  • absent
    • - - - +
    State whether the task definition should exist or be deleted.
    @@ -412,9 +374,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
    @@ -433,9 +393,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -450,9 +408,7 @@ Parameters - - - +
    A list of names of volumes to be attached.
    @@ -468,9 +424,7 @@ Parameters - - - +
    The name of the volume.
    @@ -496,7 +450,7 @@ Examples - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: containers: - name: simple-app cpu: 10 @@ -537,7 +491,7 @@ Examples register: task_output - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: family: nginx containers: - name: nginx @@ -551,7 +505,7 @@ Examples state: present - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: family: nginx containers: - name: nginx @@ -568,7 +522,7 @@ Examples # Create Task Definition with Environment Variables and Secrets - name: Create task definition - ecs_taskdefinition: + community.aws.ecs_taskdefinition: family: nginx containers: - name: nginx @@ -595,7 +549,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.ecs_taskdefinition_info.rst b/docs/community.aws.ecs_taskdefinition_info.rst index 2610291e4e7..12b4085cb91 100644 --- a/docs/community.aws.ecs_taskdefinition_info.rst +++ b/docs/community.aws.ecs_taskdefinition_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.ecs_taskdefinition_info_: +.. _community.aws.ecs_taskdefinition_info_module: ************************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -183,9 +169,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -201,9 +185,7 @@ Parameters - - - +
    The name of the task definition to get details for
    @@ -222,9 +204,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -252,7 +232,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - - ecs_taskdefinition_info: + - community.aws.ecs_taskdefinition_info: task_definition: test-td @@ -260,7 +240,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.efs.rst b/docs/community.aws.efs.rst index ba10b219668..0fb7ed9e5ca 100644 --- a/docs/community.aws.efs.rst +++ b/docs/community.aws.efs.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.efs_: +.. _community.aws.efs_module: ***************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -150,9 +140,7 @@ Parameters
  • yes
    • - - - +
    If encrypt=true creates an encrypted file system. This can not be modified after the file system is created.
    @@ -167,9 +155,7 @@ Parameters - - - +
    ID of Amazon EFS. Either name or ID required for delete.
    @@ -184,9 +170,7 @@ Parameters - - - +
    The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
    @@ -201,9 +185,7 @@ Parameters - - - +
    Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
    @@ -222,9 +204,7 @@ Parameters
  • max_io
    • - - - +
    File system's performance mode to use. Only takes effect during creation.
    @@ -239,9 +219,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -256,9 +234,7 @@ Parameters - - - +
    If the throughput_mode is provisioned, select the amount of throughput to provisioned in Mibps.
    Requires botocore >= 1.10.57
    @@ -278,9 +254,7 @@ Parameters
  • yes ←
    • - - - +
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    @@ -295,9 +269,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -313,9 +285,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -335,9 +305,7 @@ Parameters
  • absent
    • - - - +
    Allows to create, search and destroy Amazon EFS file system.
    @@ -352,9 +320,7 @@ Parameters - - - +
    List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
    @@ -369,9 +335,7 @@ Parameters - - - +
    List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: This data may be modified for existing EFS using state 'present' and new list of mount targets.
    @@ -387,9 +351,7 @@ Parameters - - - +
    A valid IPv4 address within the address range of the specified subnet.
    @@ -405,9 +367,7 @@ Parameters - - - +
    List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified
    @@ -423,9 +383,7 @@ Parameters - - - +
    The ID of the subnet to add the mount target in.
    @@ -445,9 +403,7 @@ Parameters
  • provisioned
    • - - - +
    The throughput_mode for the file system to be created.
    Requires botocore >= 1.10.57
    @@ -467,9 +423,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -488,9 +442,7 @@ Parameters
  • yes
    • - - - +
    In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
    @@ -506,9 +458,7 @@ Parameters Default:
    0
    - - - +
    How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
    @@ -532,8 +482,8 @@ Examples .. code-block:: yaml+jinja - # EFS provisioning - - efs: + - name: EFS provisioning + community.aws.efs: state: present name: myTestEFS tags: @@ -543,8 +493,8 @@ Examples - subnet_id: subnet-748c5d03 security_groups: [ "sg-1a2b3c4d" ] - # Modifying EFS data - - efs: + - name: Modifying EFS data + community.aws.efs: state: present name: myTestEFS tags: @@ -553,8 +503,8 @@ Examples - subnet_id: subnet-7654fdca security_groups: [ "sg-4c5d6f7a" ] - # Deleting EFS - - efs: + - name: Deleting EFS + community.aws.efs: state: absent name: myTestEFS @@ -563,7 +513,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.efs_info.rst b/docs/community.aws.efs_info.rst index 223a71327a9..683e88a7800 100644 --- a/docs/community.aws.efs_info.rst +++ b/docs/community.aws.efs_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.efs_info_: +.. _community.aws.efs_info_module: ********************** @@ -18,13 +19,13 @@ community.aws.efs_info Synopsis -------- - This module can be used to search Amazon EFS file systems. -- This module was called ``efs_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`efs_info ` module no longer returns ``ansible_facts``! +- This module was called ``efs_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.efs_info ` module no longer returns ``ansible_facts``! Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    ID of Amazon EFS.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Creation Token of Amazon EFS file system.

    aliases: creation_token
    @@ -182,9 +168,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -199,9 +183,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -217,9 +199,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -235,9 +215,7 @@ Parameters - - - +
    List of tags of Amazon EFS. Should be defined as dictionary.
    @@ -252,9 +230,7 @@ Parameters - - - +
    List of targets on which to filter the returned results.
    Result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address.
    @@ -274,9 +250,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -301,16 +275,16 @@ Examples - name: Find all existing efs - efs_info: + community.aws.efs_info: register: result - name: Find efs using id - efs_info: + community.aws.efs_info: id: fs-1234abcd register: result - name: Searching all EFS instances with tag Name = 'myTestNameTag', in subnet 'subnet-1a2b3c4d' and with security group 'sg-4d3c2b1a' - efs_info: + community.aws.efs_info: tags: Name: myTestNameTag targets: @@ -326,7 +300,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elasticache.rst b/docs/community.aws.elasticache.rst index efb72b46ece..b6257d3afbc 100644 --- a/docs/community.aws.elasticache.rst +++ b/docs/community.aws.elasticache.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elasticache_: +.. _community.aws.elasticache_module: ************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    The version number of the cache engine.
    @@ -126,9 +118,7 @@ Parameters - - - +
    The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.

    aliases: parameter_group
    @@ -144,9 +134,7 @@ Parameters - - - +
    The port number on which each of the cache nodes will accept connections.
    @@ -161,9 +149,7 @@ Parameters - - - +
    A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
    @@ -178,9 +164,7 @@ Parameters - - - +
    The subnet group name to associate with. Only use if inside a vpc.
    Required if inside a vpc
    @@ -200,9 +184,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -217,9 +199,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -235,9 +215,7 @@ Parameters Default:
    "memcached"
    - - - +
    Name of the cache engine to be used.
    Supported values are redis and memcached.
    @@ -257,9 +235,7 @@ Parameters
  • yes
    • - - - +
    Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
    @@ -274,9 +250,7 @@ Parameters - - - +
    The cache cluster identifier.
    @@ -292,9 +266,7 @@ Parameters Default:
    "cache.t2.small"
    - - - +
    The compute and memory capacity of the nodes in the cache cluster.
    @@ -310,9 +282,7 @@ Parameters Default:
    1
    - - - +
    The initial number of cache nodes that the cache cluster will have.
    Required when state=present.
    @@ -328,9 +298,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -345,9 +313,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -363,9 +329,7 @@ Parameters - - - +
    A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
    @@ -380,9 +344,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -403,9 +365,7 @@ Parameters
  • rebooted
    • - - - +
    absent or present are idempotent actions that will create or destroy a cache cluster as needed.
    rebooted will reboot the cluster, resulting in a momentary outage.
    @@ -425,9 +385,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -446,9 +404,7 @@ Parameters
  • yes ←
    • - - - +
    Wait for cache cluster result before returning.
    @@ -463,9 +419,7 @@ Parameters - - - +
    The EC2 Availability Zone in which the cache cluster will be created.
    @@ -492,8 +446,8 @@ Examples # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. - # Basic example - - elasticache: + - name: Basic example + community.aws.elasticache: name: "test-please-delete" state: present engine: memcached @@ -506,13 +460,13 @@ Examples zone: us-east-1d - # Ensure cache cluster is gone - - elasticache: + - name: Ensure cache cluster is gone + community.aws.elasticache: name: "test-please-delete" state: absent - # Reboot cache cluster - - elasticache: + - name: Reboot cache cluster + community.aws.elasticache: name: "test-please-delete" state: rebooted diff --git a/docs/community.aws.elasticache_info.rst b/docs/community.aws.elasticache_info.rst index b7a1053cc43..deedb563a8d 100644 --- a/docs/community.aws.elasticache_info.rst +++ b/docs/community.aws.elasticache_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elasticache_info_: +.. _community.aws.elasticache_info_module: ****************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    The name of an ElastiCache cluster.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -198,9 +182,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -220,9 +202,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -247,10 +227,10 @@ Examples - name: obtain all ElastiCache information - elasticache_info: + community.aws.elasticache_info: - name: obtain all information for a single ElastiCache cluster - elasticache_info: + community.aws.elasticache_info: name: test_elasticache @@ -258,7 +238,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elasticache_parameter_group.rst b/docs/community.aws.elasticache_parameter_group.rst index 8be993fa929..d00d127345f 100644 --- a/docs/community.aws.elasticache_parameter_group.rst +++ b/docs/community.aws.elasticache_parameter_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elasticache_parameter_group_: +.. _community.aws.elasticache_parameter_group_module: ***************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    A user-specified description for the cache parameter group.
    @@ -148,9 +138,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -174,9 +162,7 @@ Parameters
  • redis5.0
    • - - - +
    The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
    @@ -191,9 +177,7 @@ Parameters - - - +
    A user-specified name for the cache parameter group.
    @@ -208,9 +192,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -225,9 +207,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -243,9 +223,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -266,9 +244,7 @@ Parameters
  • reset
    • - - - +
    Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
    @@ -287,9 +263,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -304,9 +278,7 @@ Parameters - - - +
    A user-specified dictionary of parameters to reset or modify for the cache parameter group.
    @@ -337,24 +309,24 @@ Examples connection: local tasks: - name: 'Create a test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' group_family: 'redis3.2' description: 'This is a cache parameter group' state: 'present' - name: 'Modify a test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' values: activerehashing: yes client-output-buffer-limit-normal-hard-limit: 4 state: 'present' - name: 'Reset all modifiable parameters for the test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' state: reset - name: 'Delete a test parameter group' - elasticache_parameter_group: + community.aws.elasticache_parameter_group: name: 'test-param-group' state: 'absent' @@ -363,7 +335,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elasticache_snapshot.rst b/docs/community.aws.elasticache_snapshot.rst index 18b33deab08..ddbf3210d4a 100644 --- a/docs/community.aws.elasticache_snapshot.rst +++ b/docs/community.aws.elasticache_snapshot.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elasticache_snapshot_: +.. _community.aws.elasticache_snapshot_module: ********************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    The s3 bucket to which the snapshot is exported.
    @@ -127,9 +119,7 @@ Parameters - - - +
    The name of an existing cache cluster in the replication group to make the snapshot.
    @@ -148,9 +138,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The name of the snapshot we want to create, copy, delete.
    @@ -199,9 +183,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -216,9 +198,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -234,9 +214,7 @@ Parameters - - - +
    The name of the existing replication group to make the snapshot.
    @@ -251,9 +229,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -274,9 +250,7 @@ Parameters
  • copy
    • - - - +
    Actions that will create, destroy, or copy a snapshot.
    @@ -291,9 +265,7 @@ Parameters - - - +
    The name of a snapshot copy.
    @@ -312,9 +284,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -340,23 +310,20 @@ Examples # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. - --- - - hosts: localhost - connection: local - tasks: - - name: 'Create a snapshot' - elasticache_snapshot: - name: 'test-snapshot' - state: 'present' - cluster_id: '{{ cluster }}' - replication_id: '{{ replication }}' + + - name: 'Create a snapshot' + community.aws.elasticache_snapshot: + name: 'test-snapshot' + state: 'present' + cluster_id: '{{ cluster }}' + replication_id: '{{ replication }}' Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elasticache_subnet_group.rst b/docs/community.aws.elasticache_subnet_group.rst index 853c98d14ea..4167a2f63c8 100644 --- a/docs/community.aws.elasticache_subnet_group.rst +++ b/docs/community.aws.elasticache_subnet_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elasticache_subnet_group_: +.. _community.aws.elasticache_subnet_group_module: ************************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    ElastiCache subnet group description. Only set when a new group is added.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -162,9 +150,7 @@ Parameters - - - +
    Database subnet group identifier.
    @@ -179,9 +165,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -196,9 +180,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -214,9 +196,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -236,9 +216,7 @@ Parameters
  • absent
    • - - - +
    Specifies whether the subnet should be present or absent.
    @@ -253,9 +231,7 @@ Parameters - - - +
    List of subnet IDs that make up the ElastiCache subnet group.
    @@ -274,9 +250,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -300,8 +274,8 @@ Examples .. code-block:: yaml+jinja - # Add or change a subnet group - - elasticache_subnet_group: + - name: Add or change a subnet group + community.aws.elasticache_subnet_group: state: present name: norwegian-blue description: My Fancy Ex Parrot Subnet Group @@ -309,8 +283,8 @@ Examples - subnet-aaaaaaaa - subnet-bbbbbbbb - # Remove a subnet group - - elasticache_subnet_group: + - name: Remove a subnet group + community.aws.elasticache_subnet_group: state: absent name: norwegian-blue diff --git a/docs/community.aws.elb_application_lb.rst b/docs/community.aws.elb_application_lb.rst index 3dc1b32956c..f46ea59efc2 100644 --- a/docs/community.aws.elb_application_lb.rst +++ b/docs/community.aws.elb_application_lb.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_application_lb_: +.. _community.aws.elb_application_lb_module: ******************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -57,9 +57,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to enable access logs.
    When set, access_logs_s3_bucket must also be set.
    @@ -75,9 +73,7 @@ Parameters - - - +
    The name of the S3 bucket for the access logs.
    The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
    Required if access logs in Amazon S3 are enabled.
    @@ -95,9 +91,7 @@ Parameters - - - +
    The prefix for the log location in the S3 bucket.
    If you don't specify a prefix, the access logs are stored in the root of the bucket.
    Cannot begin or end with a slash.
    @@ -114,9 +108,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -132,9 +124,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -151,9 +141,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -173,9 +161,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -194,9 +180,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether deletion protection for the ELB is enabled.
    @@ -211,9 +195,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -232,9 +214,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether to enable HTTP2 routing.
    @@ -249,9 +229,7 @@ Parameters - - - +
    The number of seconds to wait before an idle connection is closed.
    @@ -266,9 +244,7 @@ Parameters - - - +
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    @@ -284,9 +260,7 @@ Parameters - - - +
    The SSL server certificate.
    @@ -303,9 +277,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the certificate.
    @@ -322,9 +294,7 @@ Parameters - - - +
    The default actions for the listener.
    @@ -341,9 +311,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the target group.
    @@ -360,9 +328,7 @@ Parameters - - - +
    The type of action.
    @@ -379,9 +345,7 @@ Parameters - - - +
    The port on which the load balancer is listening.
    @@ -397,9 +361,7 @@ Parameters - - - +
    The protocol for connections from clients to the load balancer.
    @@ -415,9 +377,7 @@ Parameters - - - +
    A list of ALB Listener Rules.
    For the complete documentation of possible Conditions and Actions please see the boto3 documentation:
    https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_rule
    @@ -436,9 +396,7 @@ Parameters - - - +
    Actions to apply if all of the rule's conditions are met.
    @@ -455,9 +413,7 @@ Parameters - - - +
    Conditions which must be met for the actions to be applied.
    @@ -474,9 +430,7 @@ Parameters - - - +
    The rule priority.
    @@ -493,9 +447,7 @@ Parameters - - - +
    The security policy that defines which ciphers and protocols are supported.
    @@ -511,9 +463,7 @@ Parameters - - - +
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    @@ -528,9 +478,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -549,9 +497,7 @@ Parameters
  • yes ←
    • - - - +
    If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
    @@ -570,9 +516,7 @@ Parameters
  • yes ←
    • - - - +
    When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
    @@ -591,9 +535,7 @@ Parameters
  • yes ←
    • - - - +
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    @@ -608,9 +550,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -630,9 +570,7 @@ Parameters
  • internal
    • - - - +
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    @@ -648,9 +586,7 @@ Parameters Default:
    []
    - - - +
    A list of the names or IDs of the security groups to assign to the load balancer.
    Required if state=present.
    @@ -666,9 +602,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -688,9 +622,7 @@ Parameters
  • absent
    • - - - +
    Create or destroy the load balancer.
    @@ -705,9 +637,7 @@ Parameters - - - +
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    Required if state=present.
    @@ -723,9 +653,7 @@ Parameters - - - +
    A dictionary of one or more tags to assign to the load balancer.
    @@ -744,9 +672,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -765,9 +691,7 @@ Parameters
  • yes
    • - - - +
    Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks.
    @@ -782,9 +706,7 @@ Parameters - - - +
    The time in seconds to use in conjunction with wait.
    @@ -813,7 +735,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an ELB and attach a listener - - elb_application_lb: + - community.aws.elb_application_lb: name: myelb security_groups: - sg-12345678 @@ -834,7 +756,7 @@ Examples state: present # Create an ELB and attach a listener with logging enabled - - elb_application_lb: + - community.aws.elb_application_lb: access_logs_enabled: yes access_logs_s3_bucket: mybucket access_logs_s3_prefix: "logs" @@ -858,7 +780,7 @@ Examples state: present # Create an ALB with listeners and rules - - elb_application_lb: + - community.aws.elb_application_lb: name: test-alb subnets: - subnet-12345678 @@ -921,7 +843,7 @@ Examples state: present # Remove an ELB - - elb_application_lb: + - community.aws.elb_application_lb: name: myelb state: absent @@ -931,7 +853,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elb_application_lb_info.rst b/docs/community.aws.elb_application_lb_info.rst index b7d55e7155b..df6e86ba520 100644 --- a/docs/community.aws.elb_application_lb_info.rst +++ b/docs/community.aws.elb_application_lb_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_application_lb_info_: +.. _community.aws.elb_application_lb_info_module: ************************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The names of the load balancers.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -216,9 +198,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -238,9 +218,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -266,22 +244,22 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather information about all target groups - - elb_application_lb_info: + - name: Gather information about all target groups + community.aws.elb_application_lb_info: - # Gather information about the target group attached to a particular ELB - - elb_application_lb_info: + - name: Gather information about the target group attached to a particular ELB + community.aws.elb_application_lb_info: load_balancer_arns: - "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" - # Gather information about a target groups named 'tg1' and 'tg2' - - elb_application_lb_info: + - name: Gather information about a target groups named 'tg1' and 'tg2' + community.aws.elb_application_lb_info: names: - elb1 - elb2 - # Gather information about specific ALB - - elb_application_lb_info: + - name: Gather information about specific ALB + community.aws.elb_application_lb_info: names: "alb-name" region: "aws-region" register: alb_info @@ -293,7 +271,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elb_classic_lb.rst b/docs/community.aws.elb_classic_lb.rst index 8182c4f7f6a..af9cb4e1cfc 100644 --- a/docs/community.aws.elb_classic_lb.rst +++ b/docs/community.aws.elb_classic_lb.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_classic_lb_: +.. _community.aws.elb_classic_lb_module: **************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    An associative array of access logs configuration settings (see example)
    @@ -70,9 +68,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -88,9 +84,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -107,9 +101,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -125,9 +117,7 @@ Parameters - - - +
    Wait a specified timeout allowing connections to drain before terminating an instance
    @@ -146,9 +136,7 @@ Parameters
  • yes
    • - - - +
    Distribute load across all configured Availability Zones
    @@ -167,9 +155,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -201,9 +185,7 @@ Parameters - - - +
    An associative array of health check configuration settings (see example)
    @@ -218,9 +200,7 @@ Parameters - - - +
    ELB connections from clients and to servers are timed out after this amount of time
    @@ -235,9 +215,7 @@ Parameters - - - +
    List of instance ids to attach to this ELB
    @@ -252,9 +230,7 @@ Parameters - - - +
    List of ports/protocols for this ELB to listen on (see example)
    @@ -269,9 +245,7 @@ Parameters - - - +
    The name of the ELB
    @@ -286,9 +260,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -307,9 +279,7 @@ Parameters
  • yes
    • - - - +
    Purge existing instance ids on ELB that are not found in instance_ids
    @@ -328,9 +298,7 @@ Parameters
  • yes ←
    • - - - +
    Purge existing listeners on ELB that are not found in listeners
    @@ -349,9 +317,7 @@ Parameters
  • yes
    • - - - +
    Purge existing subnet on ELB that are not found in subnets
    @@ -370,9 +336,7 @@ Parameters
  • yes
    • - - - +
    Purge existing availability zones on ELB that are not found in zones
    @@ -387,9 +351,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -409,9 +371,7 @@ Parameters
  • internet-facing ←
    • - - - +
    The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
    @@ -426,9 +386,7 @@ Parameters - - - +
    A list of security groups to apply to the elb
    @@ -443,9 +401,7 @@ Parameters - - - +
    A list of security group names to apply to the elb
    @@ -460,9 +416,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -482,9 +436,7 @@ Parameters
  • absent
    • - - - +
    Create or destroy the ELB
    @@ -499,9 +451,7 @@ Parameters - - - +
    An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
    @@ -516,9 +466,7 @@ Parameters - - - +
    A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
    @@ -533,9 +481,7 @@ Parameters - - - +
    An associative array of tags. To delete all tags, supply an empty dict.
    @@ -554,9 +500,7 @@ Parameters
  • yes ←
    • - - - +
    When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -575,9 +519,7 @@ Parameters
  • yes
    • - - - +
    When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
    @@ -593,9 +535,7 @@ Parameters Default:
    60
    - - - +
    Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
    @@ -610,9 +550,7 @@ Parameters - - - +
    List of availability zones to enable on this ELB
    @@ -641,7 +579,7 @@ Examples # Basic provisioning example (non-VPC) - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -662,7 +600,7 @@ Examples # Internal ELB example - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-vpc" scheme: internal state: present @@ -679,7 +617,7 @@ Examples delegate_to: localhost # Configure a health check and the access logs - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -703,20 +641,20 @@ Examples delegate_to: localhost # Ensure ELB is gone - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: absent delegate_to: localhost # Ensure ELB is gone and wait for check (for default timeout) - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: absent wait: yes delegate_to: localhost # Ensure ELB is gone and wait for check with timeout value - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: absent wait: yes @@ -726,7 +664,7 @@ Examples # Normally, this module will purge any listeners that exist on the ELB # but aren't specified in the listeners parameter. If purge_listeners is # false it leaves them alone - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -742,7 +680,7 @@ Examples # Normally, this module will leave availability zones that are enabled # on the ELB alone. If purge_zones is true, then any extraneous zones # will be removed - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "test-please-delete" state: present zones: @@ -756,7 +694,7 @@ Examples delegate_to: localhost # Creates a ELB and assigns a list of subnets to it. - - elb_classic_lb: + - community.aws.elb_classic_lb: state: present name: 'New ELB' security_group_ids: 'sg-123456, sg-67890' @@ -771,7 +709,7 @@ Examples # Create an ELB with connection draining, increased idle timeout and cross availability # zone load balancing - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "New ELB" state: present connection_draining_timeout: 60 @@ -788,7 +726,7 @@ Examples delegate_to: localhost # Create an ELB with load balancer stickiness enabled - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 @@ -806,7 +744,7 @@ Examples delegate_to: localhost # Create an ELB with application stickiness enabled - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 @@ -824,7 +762,7 @@ Examples delegate_to: localhost # Create an ELB and add tags - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 @@ -842,7 +780,7 @@ Examples delegate_to: localhost # Delete all tags from an ELB - - elb_classic_lb: + - community.aws.elb_classic_lb: name: "New ELB" state: present region: us-east-1 diff --git a/docs/community.aws.elb_classic_lb_info.rst b/docs/community.aws.elb_classic_lb_info.rst index f084d4c9b9a..1a8b292150a 100644 --- a/docs/community.aws.elb_classic_lb_info.rst +++ b/docs/community.aws.elb_classic_lb_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_classic_lb_info_: +.. _community.aws.elb_classic_lb_info_module: ********************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -200,9 +184,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -222,9 +204,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -249,10 +229,10 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Output format tries to match ec2_elb_lb module input parameters + # Output format tries to match amazon.aws.ec2_elb_lb module input parameters # Gather information about all ELBs - - elb_classic_lb_info: + - community.aws.elb_classic_lb_info: register: elb_info - debug: @@ -260,7 +240,7 @@ Examples loop: "{{ elb_info.elbs }}" # Gather information about a particular ELB - - elb_classic_lb_info: + - community.aws.elb_classic_lb_info: names: frontend-prod-elb register: elb_info @@ -268,7 +248,7 @@ Examples msg: "{{ elb_info.elbs.0.dns_name }}" # Gather information about a set of ELBs - - elb_classic_lb_info: + - community.aws.elb_classic_lb_info: names: - frontend-prod-elb - backend-prod-elb @@ -284,7 +264,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elb_instance.rst b/docs/community.aws.elb_instance.rst index 1ff60e0719c..872568d8bbe 100644 --- a/docs/community.aws.elb_instance.rst +++ b/docs/community.aws.elb_instance.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_instance_: +.. _community.aws.elb_instance_module: ************************** @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -168,9 +156,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    @@ -185,9 +171,7 @@ Parameters - - - +
    EC2 Instance ID
    @@ -202,9 +186,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -259,9 +237,7 @@ Parameters
  • absent
    • - - - +
    register or deregister the instance
    @@ -280,9 +256,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -301,9 +275,7 @@ Parameters
  • yes ←
    • - - - +
    Wait for instance registration or deregistration to complete successfully before returning.
    @@ -319,9 +291,7 @@ Parameters Default:
    0
    - - - +
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    @@ -347,10 +317,8 @@ Examples # basic pre_task and post_task example pre_tasks: - - name: Gathering ec2 facts - action: ec2_facts - name: Instance De-register - elb_instance: + community.aws.elb_instance: instance_id: "{{ ansible_ec2_instance_id }}" state: absent delegate_to: localhost @@ -358,7 +326,7 @@ Examples - myrole post_tasks: - name: Instance Register - elb_instance: + community.aws.elb_instance: instance_id: "{{ ansible_ec2_instance_id }}" ec2_elbs: "{{ item }}" state: present diff --git a/docs/community.aws.elb_network_lb.rst b/docs/community.aws.elb_network_lb.rst index f9b1da0e7bd..7e9b7535bde 100644 --- a/docs/community.aws.elb_network_lb.rst +++ b/docs/community.aws.elb_network_lb.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_network_lb_: +.. _community.aws.elb_network_lb_module: **************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether cross-zone load balancing is enabled.
    @@ -133,9 +125,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -154,9 +144,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether deletion protection for the ELB is enabled.
    @@ -171,9 +159,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -188,9 +174,7 @@ Parameters - - - +
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    @@ -206,9 +190,7 @@ Parameters - - - +
    The SSL server certificate.
    @@ -225,9 +207,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the certificate.
    @@ -244,9 +224,7 @@ Parameters - - - +
    The default actions for the listener.
    @@ -263,9 +241,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the target group.
    @@ -282,9 +258,7 @@ Parameters - - - +
    The type of action.
    @@ -301,9 +275,7 @@ Parameters - - - +
    The port on which the load balancer is listening.
    @@ -319,9 +291,7 @@ Parameters - - - +
    The protocol for connections from clients to the load balancer.
    @@ -337,9 +307,7 @@ Parameters - - - +
    The security policy that defines which ciphers and protocols are supported.
    @@ -355,9 +323,7 @@ Parameters - - - +
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    @@ -372,9 +338,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -393,9 +357,7 @@ Parameters
  • yes ←
    • - - - +
    If purge_listeners=true, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
    If the listeners parameter is not set then listeners will not be modified.
    @@ -415,9 +377,7 @@ Parameters
  • yes ←
    • - - - +
    If purge_tags=true, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
    If the tags parameter is not set then tags will not be modified.
    @@ -433,9 +393,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -455,9 +413,7 @@ Parameters
  • internal
    • - - - +
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    @@ -472,9 +428,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -494,9 +448,7 @@ Parameters
  • absent
    • - - - +
    Create or destroy the load balancer.
    The current default is absent. However, this behavior is inconsistent with other modules and as such the default will change to present in 2.14. To maintain the existing behavior explicitly set state=absent.
    @@ -512,9 +464,7 @@ Parameters - - - +
    A list of dicts containing the IDs of the subnets to attach to the load balancer. You can also specify the allocation ID of an Elastic IP to attach to the load balancer. You can specify one Elastic IP address per subnet.
    This parameter is mutually exclusive with subnets.
    @@ -530,9 +480,7 @@ Parameters - - - +
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    Required when state=present.
    This parameter is mutually exclusive with subnet_mappings.
    @@ -549,9 +497,7 @@ Parameters - - - +
    A dictionary of one or more tags to assign to the load balancer.
    @@ -570,9 +516,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -591,9 +535,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to wait for the network load balancer to reach the desired state.
    @@ -608,9 +550,7 @@ Parameters - - - +
    The duration in seconds to wait, used in conjunction with wait.
    @@ -638,8 +578,8 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Create an ELB and attach a listener - - elb_network_lb: + - name: Create an ELB and attach a listener + community.aws.elb_network_lb: name: myelb subnets: - subnet-012345678 @@ -652,8 +592,8 @@ Examples TargetGroupName: mytargetgroup # Required. The name of the target group state: present - # Create an ELB with an attached Elastic IP address - - elb_network_lb: + - name: Create an ELB with an attached Elastic IP address + community.aws.elb_network_lb: name: myelb subnet_mappings: - SubnetId: subnet-012345678 @@ -666,8 +606,8 @@ Examples TargetGroupName: mytargetgroup # Required. The name of the target group state: present - # Remove an ELB - - elb_network_lb: + - name: Remove an ELB + community.aws.elb_network_lb: name: myelb state: absent @@ -677,7 +617,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elb_target.rst b/docs/community.aws.elb_target.rst index ff0cb6d8b22..4e878b68337 100644 --- a/docs/community.aws.elb_target.rst +++ b/docs/community.aws.elb_target.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_target_: +.. _community.aws.elb_target_module: ************************ @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -201,9 +185,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -223,9 +205,7 @@ Parameters
  • absent
    • - - - +
    Register or deregister the target.
    @@ -240,9 +220,7 @@ Parameters - - - +
    An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
    @@ -257,9 +235,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
    @@ -274,9 +250,7 @@ Parameters - - - +
    The name of the target group. Mutually exclusive of target_group_arn.
    @@ -291,9 +265,7 @@ Parameters - - - +
    The ID of the target.
    @@ -308,9 +280,7 @@ Parameters - - - +
    The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
    The default port for a target is the port for the target group.
    @@ -334,9 +304,7 @@ Parameters
  • unavailable
    • - - - +
    Blocks and waits for the target status to equal given value. For more detail on target status see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states
    @@ -352,9 +320,7 @@ Parameters Default:
    60
    - - - +
    Maximum time in seconds to wait for target_status change
    @@ -373,9 +339,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -402,27 +366,27 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Register an IP address target to a target group - - elb_target: + - name: Register an IP address target to a target group + community.aws.elb_target: target_group_name: myiptargetgroup target_id: i-1234567 state: present - # Register an instance target to a target group - - elb_target: + - name: Register an instance target to a target group + community.aws.elb_target: target_group_name: mytargetgroup target_id: i-1234567 state: present - # Deregister a target from a target group - - elb_target: + - name: Deregister a target from a target group + community.aws.elb_target: target_group_name: mytargetgroup target_id: i-1234567 state: absent # Modify a target to use a different port - # Register a target to a target group - - elb_target: + - name: Register a target to a target group + community.aws.elb_target: target_group_name: mytargetgroup target_id: i-1234567 target_port: 8080 diff --git a/docs/community.aws.elb_target_group.rst b/docs/community.aws.elb_target_group.rst index 6a130724a6c..147d3911c44 100644 --- a/docs/community.aws.elb_target_group.rst +++ b/docs/community.aws.elb_target_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_target_group_: +.. _community.aws.elb_target_group_module: ****************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    The approximate amount of time, in seconds, between health checks of an individual target.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
    Requires the health_check_protocol parameter to be set.
    @@ -198,9 +182,7 @@ Parameters - - - +
    The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
    When not defined will default to the port on which each target receives traffic from the load balancer.
    @@ -230,9 +212,7 @@ Parameters
  • TCP_UDP
    • - - - +
    The protocol the load balancer uses when performing health checks on targets.
    @@ -247,9 +227,7 @@ Parameters - - - +
    The amount of time, in seconds, during which no response from a target means a failed health check.
    @@ -264,9 +242,7 @@ Parameters - - - +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    @@ -285,9 +261,7 @@ Parameters
  • yes ←
    • - - - +
    Whether or not to alter existing targets in the group to match what is passed with the module
    @@ -302,9 +276,7 @@ Parameters - - - +
    The name of the target group.
    @@ -319,9 +291,7 @@ Parameters - - - +
    The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if state is present.
    @@ -336,9 +306,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -367,9 +335,7 @@ Parameters
  • TCP_UDP
    • - - - +
    The protocol to use for routing traffic to the targets. Required when state is present.
    @@ -388,9 +354,7 @@ Parameters
  • yes ←
    • - - - +
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tag parameter is not set then tags will not be modified.
    @@ -405,9 +369,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -423,9 +385,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -445,9 +405,7 @@ Parameters
  • absent
    • - - - +
    Create or destroy the target group.
    @@ -466,9 +424,7 @@ Parameters
  • yes
    • - - - +
    Indicates whether sticky sessions are enabled.
    @@ -483,9 +439,7 @@ Parameters - - - +
    The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
    @@ -500,9 +454,7 @@ Parameters - - - +
    The type of sticky sessions.
    If not set AWS will default to lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
    @@ -518,9 +470,7 @@ Parameters - - - +
    The HTTP codes to use when checking for a successful response from a target.
    Accepts multiple values (for example, "200,202") or a range of values (for example, "200-299").
    Requires the health_check_protocol parameter to be set.
    @@ -537,9 +487,7 @@ Parameters - - - +
    A dictionary of one or more tags to assign to the target group.
    @@ -559,9 +507,7 @@ Parameters
  • lambda
    • - - - +
    The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID), ip (targets are specified by IP address) or lambda (target is specified by ARN). Note that you can't specify targets for a target group using more than one type. Target type lambda only accept one target. When more than one target is specified, only the first one is used. All additional targets are ignored. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
    The default behavior is instance.
    @@ -577,9 +523,7 @@ Parameters - - - +
    A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
    @@ -594,9 +538,7 @@ Parameters - - - +
    The number of consecutive health check failures required before considering a target unhealthy.
    @@ -615,9 +557,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -632,9 +572,7 @@ Parameters - - - +
    The identifier of the virtual private cloud (VPC). Required when state is present.
    @@ -653,9 +591,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to wait for the target group.
    @@ -671,9 +607,7 @@ Parameters Default:
    200
    - - - +
    The time to wait for the target group.
    @@ -700,16 +634,16 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Create a target group with a default health check - - elb_target_group: + - name: Create a target group with a default health check + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 80 vpc_id: vpc-01234567 state: present - # Modify the target group with a custom health check - - elb_target_group: + - name: Modify the target group with a custom health check + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 80 @@ -724,13 +658,13 @@ Examples unhealthy_threshold_count: 3 state: present - # Delete a target group - - elb_target_group: + - name: Delete a target group + community.aws.elb_target_group: name: mytargetgroup state: absent - # Create a target group with instance targets - - elb_target_group: + - name: Create a target group with instance targets + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 81 @@ -747,8 +681,8 @@ Examples wait_timeout: 200 wait: True - # Create a target group with IP address targets - - elb_target_group: + - name: Create a target group with IP address targets + community.aws.elb_target_group: name: mytargetgroup protocol: http port: 81 @@ -771,10 +705,10 @@ Examples # itself is allow to invoke the lambda function. # therefore you need first to create an empty target group # to receive its arn, second, allow the target group - # to invoke the lamba function and third, add the target + # to invoke the lambda function and third, add the target # to the target group - name: first, create empty target group - elb_target_group: + community.aws.elb_target_group: name: my-lambda-targetgroup target_type: lambda state: present @@ -782,7 +716,7 @@ Examples register: out - name: second, allow invoke of the lambda - lambda_policy: + community.aws.lambda_policy: state: "{{ state | default('present') }}" function_name: my-lambda-function statement_id: someID @@ -791,7 +725,7 @@ Examples source_arn: "{{ out.target_group_arn }}" - name: third, add target - elb_target_group: + community.aws.elb_target_group: name: my-lambda-targetgroup target_type: lambda state: present @@ -804,7 +738,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elb_target_group_info.rst b/docs/community.aws.elb_target_group_info.rst index 35baa60ee9d..0d941faeac4 100644 --- a/docs/community.aws.elb_target_group_info.rst +++ b/docs/community.aws.elb_target_group_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_target_group_info_: +.. _community.aws.elb_target_group_info_module: *********************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    When set to "yes", output contains targets health description
    @@ -134,9 +126,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -151,9 +141,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -168,9 +156,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the load balancer.
    @@ -185,9 +171,7 @@ Parameters - - - +
    The names of the target groups.
    @@ -202,9 +186,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -219,9 +201,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -237,9 +217,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -255,9 +233,7 @@ Parameters - - - +
    The Amazon Resource Names (ARN) of the target groups.
    @@ -276,9 +252,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -304,15 +278,15 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather information about all target groups - - elb_target_group_info: + - name: Gather information about all target groups + community.aws.elb_target_group_info: - # Gather information about the target group attached to a particular ELB - - elb_target_group_info: + - name: Gather information about the target group attached to a particular ELB + community.aws.elb_target_group_info: load_balancer_arn: "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" - # Gather information about a target groups named 'tg1' and 'tg2' - - elb_target_group_info: + - name: Gather information about a target groups named 'tg1' and 'tg2' + community.aws.elb_target_group_info: names: - tg1 - tg2 @@ -323,7 +297,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.elb_target_info.rst b/docs/community.aws.elb_target_info.rst index 3055ec55e06..7177a7ea2d8 100644 --- a/docs/community.aws.elb_target_info.rst +++ b/docs/community.aws.elb_target_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.elb_target_info_: +.. _community.aws.elb_target_info_module: ***************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -152,9 +142,7 @@ Parameters
  • yes ←
    • - - - +
    Whether or not to get target groups not used by any load balancers.
    @@ -169,9 +157,7 @@ Parameters - - - +
    What instance ID to get information for.
    @@ -186,9 +172,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -203,9 +187,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -221,9 +203,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -243,9 +223,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -269,14 +247,14 @@ Examples .. code-block:: yaml+jinja - # practical use case - dynamically deregistering and reregistering nodes + # practical use case - dynamically de-registering and re-registering nodes - name: Get EC2 Metadata - action: ec2_metadata_facts + amazon.aws.ec2_metadata_facts: - name: Get initial list of target groups delegate_to: localhost - elb_target_info: + community.aws.elb_target_info: instance_id: "{{ ansible_ec2_instance_id }}" region: "{{ ansible_ec2_placement_region }}" register: target_info @@ -287,7 +265,7 @@ Examples - name: Deregister instance from all target groups delegate_to: localhost - elb_target: + community.aws.elb_target: target_group_arn: "{{ item.0.target_group_arn }}" target_port: "{{ item.1.target_port }}" target_az: "{{ item.1.target_az }}" @@ -305,7 +283,7 @@ Examples - name: wait for all targets to deregister simultaneously delegate_to: localhost - elb_target_info: + community.aws.elb_target_info: get_unused_target_groups: false instance_id: "{{ ansible_ec2_instance_id }}" region: "{{ ansible_ec2_placement_region }}" @@ -315,7 +293,7 @@ Examples delay: 10 - name: reregister in elbv2s - elb_target: + community.aws.elb_target: region: "{{ ansible_ec2_placement_region }}" target_group_arn: "{{ item.0.target_group_arn }}" target_port: "{{ item.1.target_port }}" @@ -330,7 +308,7 @@ Examples # wait until all groups associated with this instance are 'healthy' or # 'unused' - name: wait for registration - elb_target_info: + community.aws.elb_target_info: get_unused_target_groups: false instance_id: "{{ ansible_ec2_instance_id }}" region: "{{ ansible_ec2_placement_region }}" @@ -367,7 +345,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.execute_lambda.rst b/docs/community.aws.execute_lambda.rst index e51cebce457..f277aa9c789 100644 --- a/docs/community.aws.execute_lambda.rst +++ b/docs/community.aws.execute_lambda.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.execute_lambda_: +.. _community.aws.execute_lambda_module: **************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -133,9 +125,7 @@ Parameters
  • yes
    • - - - +
    Do not *actually* invoke the function. A DryRun call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
    @@ -150,9 +140,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -167,9 +155,7 @@ Parameters - - - +
    The name of the function to be invoked
    @@ -184,9 +170,7 @@ Parameters - - - +
    The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use function_arn to specify the full ARN.
    @@ -202,9 +186,7 @@ Parameters Default:
    {}
    - - - +
    A dictionary in any form to be provided as input to the Lambda function.
    @@ -219,9 +201,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -236,9 +216,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -254,9 +232,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -276,9 +252,7 @@ Parameters
  • yes
    • - - - +
    If tail_log=yes, the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation wait=yes. This is usually used for development or testing Lambdas.
    @@ -297,9 +271,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -314,9 +286,7 @@ Parameters - - - +
    Which version/alias of the function to run. This defaults to the LATEST revision, but can be set to any existing version or alias. See https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
    @@ -335,9 +305,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to wait for the function results or not. If wait=no the task will not return any results. To wait for the Lambda function to complete, set wait=yes and the result will be available in the output key.
    @@ -363,7 +331,7 @@ Examples .. code-block:: yaml+jinja - - execute_lambda: + - community.aws.execute_lambda: name: test-function # the payload is automatically serialized and sent to the function payload: @@ -373,11 +341,11 @@ Examples # Test that you have sufficient permissions to execute a Lambda function in # another account - - execute_lambda: + - community.aws.execute_lambda: function_arn: arn:aws:lambda:us-east-1:123456789012:function/some-function dry_run: true - - execute_lambda: + - community.aws.execute_lambda: name: test-function payload: foo: bar @@ -388,12 +356,12 @@ Examples # the response will have a `logs` key that will contain a log (up to 4KB) of the function execution in Lambda # Pass the Lambda event payload as a json file. - - execute_lambda: + - community.aws.execute_lambda: name: test-function payload: "{{ lookup('file','lambda_event.json') }}" register: response - - execute_lambda: + - community.aws.execute_lambda: name: test-function version_qualifier: PRODUCTION @@ -402,7 +370,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam.rst b/docs/community.aws.iam.rst index 78b6029adf4..fd71bc0ffe7 100644 --- a/docs/community.aws.iam.rst +++ b/docs/community.aws.iam.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_: +.. _community.aws.iam_module: ***************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    A list of the keys that you want affected by the access_key_state parameter.
    @@ -79,9 +77,7 @@ Parameters
  • Inactive
    • - - - +
    When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
    @@ -96,9 +92,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -114,9 +108,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -133,9 +125,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -155,9 +145,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -172,9 +160,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -189,9 +175,7 @@ Parameters - - - +
    A list of groups the user should belong to. When state=update, will gracefully remove groups not listed.
    @@ -211,9 +195,7 @@ Parameters
  • role
    • - - - +
    Type of IAM resource.
    @@ -229,9 +211,7 @@ Parameters Default:
    1
    - - - +
    When access_key_state=create it will ensure this quantity of keys are present.
    @@ -246,9 +226,7 @@ Parameters - - - +
    Name of IAM resource to create or identify.
    @@ -263,9 +241,7 @@ Parameters - - - +
    When state=update, will replace name with new_name on IAM resource.
    @@ -280,9 +256,7 @@ Parameters - - - +
    When state=update, will replace the path with new_path on the IAM resource.
    @@ -297,9 +271,7 @@ Parameters - - - +
    When type=user and either state=present or state=update, define the users login password.
    Note that this will always return 'changed'.
    @@ -316,9 +288,7 @@ Parameters Default:
    "/"
    - - - +
    When creating or updating, specify the desired path of the resource.
    If state=present, it will replace the current path to match what is passed in when they do not match.
    @@ -334,9 +304,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -351,9 +319,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -369,9 +335,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -392,9 +356,7 @@ Parameters
  • update
    • - - - +
    Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
    @@ -409,9 +371,7 @@ Parameters - - - +
    The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role.
    Mutually exclusive with trust_policy_filepath.
    @@ -427,9 +387,7 @@ Parameters - - - +
    The path to the trust policy document that grants an entity permission to assume the role.
    Mutually exclusive with trust_policy.
    @@ -449,9 +407,7 @@ Parameters
  • on_create
    • - - - +
    When to update user passwords.
    update_password=always will ensure the password is set to password.
    update_password=on_create will only set the password for newly created users.
    @@ -472,9 +428,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -500,9 +454,8 @@ Examples # Basic user creation example - tasks: - name: Create two new IAM users with API keys - iam: + community.aws.iam: iam_type: user name: "{{ item }}" state: present @@ -514,9 +467,8 @@ Examples # Advanced example, create two new groups and add the pre-existing user # jdavila to both groups. - task: - name: Create Two Groups, Mario and Luigi - iam: + community.aws.iam: iam_type: group name: "{{ item }}" state: present @@ -525,8 +477,8 @@ Examples - Luigi register: new_groups - - name: - iam: + - name: Update user + community.aws.iam: iam_type: user name: jdavila state: update @@ -535,7 +487,7 @@ Examples # Example of role with custom trust policy for Lambda service - name: Create IAM role with custom trust relationship - iam: + community.aws.iam: iam_type: role name: AAALambdaTestRole state: present @@ -553,7 +505,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_cert.rst b/docs/community.aws.iam_cert.rst index d2073436b4b..6bb711c9382 100644 --- a/docs/community.aws.iam_cert.rst +++ b/docs/community.aws.iam_cert.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_cert_: +.. _community.aws.iam_cert_module: ********************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - python >= 2.6 @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -107,9 +101,7 @@ Parameters - - - +
    The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    @@ -124,9 +116,7 @@ Parameters - - - +
    The path to, or content of, the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    @@ -145,9 +135,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -166,9 +154,7 @@ Parameters
  • yes
    • - - - +
    By default the module will not upload a certificate that is already uploaded into AWS.
    If dup_ok=True, it will upload the certificate as long as the name is unique.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -201,9 +185,7 @@ Parameters - - - +
    The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    @@ -218,9 +200,7 @@ Parameters - - - +
    Name of certificate to add, update or remove.
    @@ -235,9 +215,7 @@ Parameters - - - +
    When state is present, this will update the name of the cert.
    The cert, key and cert_chain parameters will be ignored if this is defined.
    @@ -253,9 +231,7 @@ Parameters - - - +
    When state is present, this will update the path of the cert.
    The cert, key and cert_chain parameters will be ignored if this is defined.
    @@ -272,9 +248,7 @@ Parameters Default:
    "/"
    - - - +
    When creating or updating, specify the desired path of the certificate.
    @@ -289,9 +263,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -306,9 +278,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -324,9 +294,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -346,9 +314,7 @@ Parameters
  • absent
    • - - - +
    Whether to create(or update) or delete the certificate.
    If new_path or new_name is defined, specifying present will attempt to make an update these.
    @@ -368,9 +334,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -394,24 +358,24 @@ Examples .. code-block:: yaml+jinja - # Basic server certificate upload from local file - - iam_cert: + - name: Basic server certificate upload from local file + community.aws.iam_cert: name: very_ssl state: present cert: "{{ lookup('file', 'path/to/cert') }}" key: "{{ lookup('file', 'path/to/key') }}" cert_chain: "{{ lookup('file', 'path/to/certchain') }}" - # Basic server certificate upload - - iam_cert: + - name: Basic server certificate upload + community.aws.iam_cert: name: very_ssl state: present cert: path/to/cert key: path/to/key cert_chain: path/to/certchain - # Server certificate upload using key string - - iam_cert: + - name: Server certificate upload using key string + community.aws.iam_cert: name: very_ssl state: present path: "/a/cert/path/" @@ -419,8 +383,8 @@ Examples key: vault_body_of_privcertkey cert_chain: body_of_myverytrustedchain - # Basic rename of existing certificate - - iam_cert: + - name: Basic rename of existing certificate + community.aws.iam_cert: name: very_ssl new_name: new_very_ssl state: present diff --git a/docs/community.aws.iam_group.rst b/docs/community.aws.iam_group.rst index 0d7c2680ba0..5c93f298cca 100644 --- a/docs/community.aws.iam_group.rst +++ b/docs/community.aws.iam_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_group_: +.. _community.aws.iam_group_module: *********************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,11 +137,9 @@ Parameters - - - +
    A list of managed policy ARNs or friendly names to attach to the role.
    -
    To embed an inline policy, use iam_policy.
    +
    To embed an inline policy, use community.aws.iam_policy.

    aliases: managed_policy
    @@ -166,9 +154,7 @@ Parameters - - - +
    The name of the group to create.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -204,9 +188,7 @@ Parameters
  • yes
    • - - - +
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.

    aliases: purge_policy, purge_managed_policies
    @@ -226,9 +208,7 @@ Parameters
  • yes
    • - - - +
    When purge_users=true users which are not included in users will be detached.
    @@ -243,9 +223,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -261,9 +239,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -283,9 +259,7 @@ Parameters
  • absent
    • - - - +
    Create or remove the IAM group.
    @@ -300,9 +274,7 @@ Parameters - - - +
    A list of existing users to add as members of the group.
    @@ -321,9 +293,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -349,20 +319,20 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Create a group - - iam_group: + - name: Create a group + community.aws.iam_group: name: testgroup1 state: present - # Create a group and attach a managed policy using its ARN - - iam_group: + - name: Create a group and attach a managed policy using its ARN + community.aws.iam_group: name: testgroup1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess state: present - # Create a group with users as members and attach a managed policy using its ARN - - iam_group: + - name: Create a group with users as members and attach a managed policy using its ARN + community.aws.iam_group: name: testgroup1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess @@ -371,23 +341,22 @@ Examples - test_user2 state: present - # Remove all managed policies from an existing group with an empty list - - iam_group: + - name: Remove all managed policies from an existing group with an empty list + community.aws.iam_group: name: testgroup1 state: present purge_policies: true - # Remove all group members from an existing group - - iam_group: + - name: Remove all group members from an existing group + community.aws.iam_group: name: testgroup1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess purge_users: true state: present - - # Delete the group - - iam_group: + - name: Delete the group + community.aws.iam_group: name: testgroup1 state: absent @@ -397,7 +366,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_managed_policy.rst b/docs/community.aws.iam_managed_policy.rst index 3e84add10eb..fe3a0002147 100644 --- a/docs/community.aws.iam_managed_policy.rst +++ b/docs/community.aws.iam_managed_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_managed_policy_: +.. _community.aws.iam_managed_policy_module: ******************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -151,10 +141,8 @@ Parameters
  • yes
    • - - - -
    The fail_on_delete option does nothing and will be removed in Ansible 2.14.
    + +
    The fail_on_delete option does nothing and will be removed after 2022-06-01
    @@ -172,9 +160,7 @@ Parameters
  • yes ←
    • - - - +
    Make this revision the default revision.
    @@ -193,9 +179,7 @@ Parameters
  • yes
    • - - - +
    Remove all other non default revisions, if this is used with make_default it will result in all other versions of this policy being deleted.
    @@ -210,9 +194,7 @@ Parameters - - - +
    A properly json formatted policy
    @@ -228,9 +210,7 @@ Parameters Default:
    ""
    - - - +
    A helpful description of this policy, this value is immutable and only set when creating a new policy.
    @@ -245,9 +225,7 @@ Parameters - - - +
    The name of the managed policy.
    @@ -262,9 +240,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -279,9 +255,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -297,9 +271,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -319,9 +291,7 @@ Parameters
  • absent
    • - - - +
    Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
    @@ -340,9 +310,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -368,7 +336,7 @@ Examples # Create Policy ex nihilo - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy_description: "A Helpful managed policy" policy: "{{ lookup('template', 'managed_policy.json.j2') }}" @@ -376,14 +344,14 @@ Examples # Update a policy with a new default version - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy: "{{ lookup('file', 'managed_policy_update.json') }}" state: present # Update a policy with a new non default version - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy: "{{ lookup('file', 'managed_policy_update.json') }}" make_default: false @@ -391,7 +359,7 @@ Examples # Update a policy and make it the only version and the default version - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" only_version: true @@ -399,7 +367,7 @@ Examples # Remove a policy - name: Create IAM Managed Policy - iam_managed_policy: + community.aws.iam_managed_policy: policy_name: "ManagedPolicy" state: absent @@ -408,7 +376,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_mfa_device_info.rst b/docs/community.aws.iam_mfa_device_info.rst index 8488c41b42e..bb838d5d866 100644 --- a/docs/community.aws.iam_mfa_device_info.rst +++ b/docs/community.aws.iam_mfa_device_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_mfa_device_info_: +.. _community.aws.iam_mfa_device_info_module: ********************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -183,9 +169,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -201,9 +185,7 @@ Parameters - - - +
    The name of the user whose MFA devices will be listed
    @@ -222,9 +204,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -250,12 +230,14 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # List MFA devices (more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html) - - iam_mfa_device_info: + # more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html + - name: List MFA devices + community.aws.iam_mfa_device_info: register: mfa_devices - # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) - - sts_assume_role: + # more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html + - name: Assume an existing role + community.aws.sts_assume_role: mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" role_arn: "arn:aws:iam::123456789012:role/someRole" role_session_name: "someRoleSession" @@ -266,7 +248,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_password_policy.rst b/docs/community.aws.iam_password_policy.rst index fe5e56eaaaf..68c4238d9dc 100644 --- a/docs/community.aws.iam_password_policy.rst +++ b/docs/community.aws.iam_password_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_password_policy_: +.. _community.aws.iam_password_policy_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -58,9 +58,7 @@ Parameters
  • yes
    • - - - +
    Allow users to change their password.

    aliases: allow_password_change
    @@ -76,9 +74,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -94,9 +90,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -113,9 +107,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -135,9 +127,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -152,9 +142,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -170,9 +158,7 @@ Parameters Default:
    6
    - - - +
    Minimum password length.

    aliases: minimum_password_length
    @@ -188,9 +174,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -209,9 +193,7 @@ Parameters
  • yes
    • - - - +
    Prevents users from change an expired password.

    aliases: password_expire, expire
    @@ -228,9 +210,7 @@ Parameters Default:
    0
    - - - +
    Maximum age for a password in days. When this option is 0 then passwords do not expire automatically.

    aliases: password_max_age
    @@ -247,9 +227,7 @@ Parameters Default:
    0
    - - - +
    Prevent re-use of passwords.

    aliases: password_reuse_prevent, prevent_reuse
    @@ -265,9 +243,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -287,9 +263,7 @@ Parameters
  • yes
    • - - - +
    Require lowercase letters in password.
    @@ -308,9 +282,7 @@ Parameters
  • yes
    • - - - +
    Require numbers in password.
    @@ -329,9 +301,7 @@ Parameters
  • yes
    • - - - +
    Require symbols in password.
    @@ -350,9 +320,7 @@ Parameters
  • yes
    • - - - +
    Require uppercase letters in password.
    @@ -367,9 +335,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -389,9 +355,7 @@ Parameters
  • absent
    • - - - +
    Specifies the overall state of the password policy.
    @@ -410,9 +374,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -437,7 +399,7 @@ Examples - name: Password policy for AWS account - iam_password_policy: + community.aws.iam_password_policy: state: present min_pw_length: 8 require_symbols: false diff --git a/docs/community.aws.iam_policy.rst b/docs/community.aws.iam_policy.rst index 2d507d5c790..2a70eab5c83 100644 --- a/docs/community.aws.iam_policy.rst +++ b/docs/community.aws.iam_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_policy_: +.. _community.aws.iam_policy_module: ************************ @@ -18,13 +19,13 @@ community.aws.iam_policy Synopsis -------- - Allows uploading or removing inline IAM policies for IAM users, groups or roles. -- To administer managed policies please see :ref:`iam_user `, :ref:`iam_role `, :ref:`iam_group ` and :ref:`iam_managed_policy ` +- To administer managed policies please see :ref:`community.aws.iam_user `, :ref:`community.aws.iam_role `, :ref:`community.aws.iam_group ` and :ref:`community.aws.iam_managed_policy ` Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
    @@ -168,9 +156,7 @@ Parameters
  • role
    • - - - +
    Type of IAM resource.
    @@ -185,9 +171,7 @@ Parameters - - - +
    The path to the properly json formatted policy file.
    Mutually exclusive with policy_json.
    This option has been deprecated and will be removed in 2.14. The existing behavior can be reproduced by using the policy_json option and reading the file using the lookup plugin.
    @@ -204,9 +188,7 @@ Parameters - - - +
    A properly json formatted policy as string.
    Mutually exclusive with policy_document.
    @@ -223,9 +205,7 @@ Parameters - - - +
    The name label for the policy to create or remove.
    @@ -240,9 +220,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -257,9 +235,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -275,9 +251,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -297,9 +271,7 @@ Parameters
  • yes
    • - - - +
    When skip_duplicates=true the module looks for any policies that match the document you pass in. If there is a match it will not make a new policy object with the same rules.
    The current default is true. However, this behavior can be confusing and as such the default will change to false in 2.14. To maintain the existing behavior explicitly set skip_duplicates=true.
    @@ -319,9 +291,7 @@ Parameters
  • absent
    • - - - +
    Whether to create or delete the IAM policy.
    @@ -340,9 +310,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -368,7 +336,7 @@ Examples # Create a policy with the name of 'Admin' to the group 'administrators' - name: Assign a policy called Admin to the administrators group - iam_policy: + community.aws.iam_policy: iam_type: group iam_name: administrators policy_name: Admin @@ -378,7 +346,7 @@ Examples # Advanced example, create two new groups and add a READ-ONLY policy to both # groups. - name: Create Two Groups, Mario and Luigi - iam: + community.aws.iam: iam_type: group name: "{{ item }}" state: present @@ -388,7 +356,7 @@ Examples register: new_groups - name: Apply READ-ONLY policy to new groups that have been recently created - iam_policy: + community.aws.iam_policy: iam_type: group iam_name: "{{ item.created_group.group_name }}" policy_name: "READ-ONLY" @@ -398,7 +366,7 @@ Examples # Create a new S3 policy with prefix per user - name: Create S3 policy from template - iam_policy: + community.aws.iam_policy: iam_type: user iam_name: "{{ item.user }}" policy_name: "s3_limited_access_{{ item.prefix }}" diff --git a/docs/community.aws.iam_policy_info.rst b/docs/community.aws.iam_policy_info.rst index eeab1bf3fcf..1a073988b5f 100644 --- a/docs/community.aws.iam_policy_info.rst +++ b/docs/community.aws.iam_policy_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_policy_info_: +.. _community.aws.iam_policy_info_module: ***************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name.
    @@ -167,9 +155,7 @@ Parameters
  • role
    • - - - +
    Type of IAM resource you wish to retrieve inline policies for.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Name of a specific IAM inline policy you with to retrieve.
    @@ -201,9 +185,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -218,9 +200,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -236,9 +216,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -258,9 +236,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -284,13 +260,13 @@ Examples .. code-block:: yaml+jinja - # Describe all inline IAM policies on an IAM User - - iam_policy_info: + - name: Describe all inline IAM policies on an IAM User + community.aws.iam_policy_info: iam_type: user iam_name: example_user - # Describe a specific inline policy on an IAM Role - - iam_policy_info: + - name: Describe a specific inline policy on an IAM Role + community.aws.iam_policy_info: iam_type: role iam_name: example_role policy_name: example_policy @@ -301,7 +277,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_role.rst b/docs/community.aws.iam_role.rst index 28bfd73043d..fc40c6cdefd 100644 --- a/docs/community.aws.iam_role.rst +++ b/docs/community.aws.iam_role.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_role_: +.. _community.aws.iam_role_module: ********************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    The trust relationship policy document that grants an entity permission to assume the role.
    This parameter is required when state=present.
    @@ -72,9 +70,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -90,9 +86,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -109,9 +103,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -127,9 +119,7 @@ Parameters - - - +
    The ARN of an IAM managed policy to use to restrict the permissions this role can pass on to IAM roles/users that it creates.
    Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
    This is intended for roles/users that have permissions to create new IAM objects.
    @@ -153,9 +143,7 @@ Parameters
  • yes ←
    • - - - +
    Creates an IAM instance profile along with the role.
    @@ -174,9 +162,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -195,9 +181,7 @@ Parameters
  • yes
    • - - - +
    When delete_instance_profile=true and state=absent deleting a role will also delete the instance profile created with the same name as the role.
    Only applies when state=absent.
    @@ -213,9 +197,7 @@ Parameters - - - +
    Provides a description of the role.
    @@ -230,9 +212,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -247,12 +227,10 @@ Parameters - - - +
    A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
    To remove all policies set purge_polices=true and managed_policies=[None].
    -
    To embed an inline policy, use iam_policy.
    +
    To embed an inline policy, use community.aws.iam_policy.

    aliases: managed_policy
    @@ -267,9 +245,7 @@ Parameters - - - +
    The maximum duration (in seconds) of a session when assuming the role.
    Valid values are between 1 and 12 hours (3600 and 43200 seconds).
    @@ -285,9 +261,7 @@ Parameters - - - +
    The name of the role to create.
    @@ -303,9 +277,7 @@ Parameters Default:
    "/"
    - - - +
    The path to the role. For more information about paths, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html.
    @@ -320,9 +292,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -341,9 +311,7 @@ Parameters
  • yes
    • - - - +
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    By default purge_policies=true. In Ansible 2.14 this will be changed to purge_policies=false.

    aliases: purge_policy, purge_managed_policies
    @@ -364,9 +332,7 @@ Parameters
  • yes ←
    • - - - +
    Remove tags not listed in tags when tags is specified.
    @@ -381,9 +347,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -399,9 +363,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -421,9 +383,7 @@ Parameters
  • absent
    • - - - +
    Create or remove the IAM role.
    @@ -438,9 +398,7 @@ Parameters - - - +
    Tag dict to apply to the queue.
    Requires botocore 1.12.46 or above.
    @@ -460,9 +418,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -489,7 +445,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a role with description and tags - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" description: This is My New Role @@ -497,20 +453,20 @@ Examples env: dev - name: "Create a role and attach a managed policy called 'PowerUserAccess'" - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" managed_policies: - arn:aws:iam::aws:policy/PowerUserAccess - name: Keep the role created above but remove all managed policies - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" managed_policies: [] - name: Delete the role - iam_role: + community.aws.iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file', 'policy.json') }}" state: absent @@ -521,7 +477,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_role_info.rst b/docs/community.aws.iam_role_info.rst index 557c5696399..aa131328e84 100644 --- a/docs/community.aws.iam_role_info.rst +++ b/docs/community.aws.iam_role_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_role_info_: +.. _community.aws.iam_role_info_module: *************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Name of a role to search for.
    Mutually exclusive with path_prefix.

    aliases: role_name
    @@ -166,9 +154,7 @@ Parameters - - - +
    Prefix of role to restrict IAM role search for.
    Mutually exclusive with name.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -201,9 +185,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -219,9 +201,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -241,9 +221,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -267,16 +245,16 @@ Examples .. code-block:: yaml+jinja - # find all existing IAM roles - - iam_role_info: + - name: find all existing IAM roles + community.aws.iam_role_info: register: result - # describe a single role - - iam_role_info: + - name: describe a single role + community.aws.iam_role_info: name: MyIAMRole - # describe all roles matching a path prefix - - iam_role_info: + - name: describe all roles matching a path prefix + community.aws.iam_role_info: path_prefix: /application/path @@ -284,7 +262,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_saml_federation.rst b/docs/community.aws.iam_saml_federation.rst index d2b4feabbd1..1533912e7cf 100644 --- a/docs/community.aws.iam_saml_federation.rst +++ b/docs/community.aws.iam_saml_federation.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_saml_federation_: +.. _community.aws.iam_saml_federation_module: ********************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    The name of the provider to create.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -198,9 +182,7 @@ Parameters - - - +
    The XML document generated by an identity provider (IdP) that supports SAML 2.0.
    @@ -215,9 +197,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -237,9 +217,7 @@ Parameters
  • absent
    • - - - +
    Whether to create or delete identity provider. If 'present' is specified it will attempt to update the identity provider matching the name field.
    @@ -258,9 +236,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -288,7 +264,7 @@ Examples # It is assumed that their matching environment variables are set. # Creates a new iam saml identity provider if not present - name: saml provider - iam_saml_federation: + community.aws.iam_saml_federation: name: example1 # the > below opens an indented block, so no escaping/quoting is needed when in the indentation level under this key saml_metadata_document: > @@ -296,13 +272,13 @@ Examples `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_server_certificate_info.rst b/docs/community.aws.iam_server_certificate_info.rst index 15b12cbe680..09500a81ca3 100644 --- a/docs/community.aws.iam_server_certificate_info.rst +++ b/docs/community.aws.iam_server_certificate_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_server_certificate_info_: +.. _community.aws.iam_server_certificate_info_module: ***************************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -114,9 +108,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -131,9 +123,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The name of the server certificate you are retrieving attributes for.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -200,9 +184,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -222,9 +204,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -248,13 +228,13 @@ Examples .. code-block:: yaml+jinja - # Retrieve server certificate - - iam_server_certificate_info: + - name: Retrieve server certificate + community.aws.iam_server_certificate_info: name: production-cert register: server_cert - # Fail if the server certificate name was not found - - iam_server_certificate_info: + - name: Fail if the server certificate name was not found + community.aws.iam_server_certificate_info: name: production-cert register: server_cert failed_when: "{{ server_cert.results | length == 0 }}" @@ -264,7 +244,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_user.rst b/docs/community.aws.iam_user.rst index 350e6b85d6b..ff064875f06 100644 --- a/docs/community.aws.iam_user.rst +++ b/docs/community.aws.iam_user.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_user_: +.. _community.aws.iam_user_module: ********************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,11 +137,9 @@ Parameters - - - +
    A list of managed policy ARNs or friendly names to attach to the user.
    -
    To embed an inline policy, use iam_policy.
    +
    To embed an inline policy, use community.aws.iam_policy.

    aliases: managed_policy
    @@ -166,9 +154,7 @@ Parameters - - - +
    The name of the user to create.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -204,9 +188,7 @@ Parameters
  • yes
    • - - - +
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.

    aliases: purge_policy, purge_managed_policies
    @@ -222,9 +204,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -240,9 +220,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -262,9 +240,7 @@ Parameters
  • absent
    • - - - +
    Create or remove the IAM user.
    @@ -283,9 +259,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -314,26 +288,26 @@ Examples # Groups should manage their membership directly using `iam_group`, # as users belong to them. - # Create a user - - iam_user: + - name: Create a user + community.aws.iam_user: name: testuser1 state: present - # Create a user and attach a managed policy using its ARN - - iam_user: + - name: Create a user and attach a managed policy using its ARN + community.aws.iam_user: name: testuser1 managed_policies: - arn:aws:iam::aws:policy/AmazonSNSFullAccess state: present - # Remove all managed policies from an existing user with an empty list - - iam_user: + - name: Remove all managed policies from an existing user with an empty list + community.aws.iam_user: name: testuser1 state: present purge_policies: true - # Delete the user - - iam_user: + - name: Delete the user + community.aws.iam_user: name: testuser1 state: absent @@ -343,7 +317,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.iam_user_info.rst b/docs/community.aws.iam_user_info.rst index 93b74db510d..7502298b913 100644 --- a/docs/community.aws.iam_user_info.rst +++ b/docs/community.aws.iam_user_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.iam_user_info_: +.. _community.aws.iam_user_info_module: *************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The group name name of the IAM user to look for. Mutually exclusive with path.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The name of the IAM user to look for.
    @@ -182,9 +168,7 @@ Parameters Default:
    "/"
    - - - +
    The path to the IAM user. Mutually exclusive with group.
    If specified, then would get all user names whose path starts with user provided value.
    @@ -200,9 +184,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -217,9 +199,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -235,9 +215,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -257,9 +235,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -286,17 +262,17 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather facts about "test" user. - name: Get IAM user facts - iam_user_info: + community.aws.iam_user_info: name: "test" # Gather facts about all users in the "dev" group. - name: Get IAM user facts - iam_user_info: + community.aws.iam_user_info: group: "dev" # Gather facts about all users with "/division_abc/subdivision_xyz/" path. - name: Get IAM user facts - iam_user_info: + community.aws.iam_user_info: path: "/division_abc/subdivision_xyz/" @@ -304,7 +280,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.kinesis_stream.rst b/docs/community.aws.kinesis_stream.rst index d2822df4212..288a44936f2 100644 --- a/docs/community.aws.kinesis_stream.rst +++ b/docs/community.aws.kinesis_stream.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.kinesis_stream_: +.. _community.aws.kinesis_stream_module: **************************** @@ -26,7 +27,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -74,9 +72,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -93,9 +89,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -115,9 +109,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -132,9 +124,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -153,9 +143,7 @@ Parameters
  • disabled
    • - - - +
    Enable or Disable encryption on the Kinesis Stream.
    @@ -174,9 +162,7 @@ Parameters
  • NONE
    • - - - +
    The type of encryption.
    Defaults to KMS
    @@ -192,9 +178,7 @@ Parameters - - - +
    The GUID or alias for the KMS key.
    @@ -209,9 +193,7 @@ Parameters - - - +
    The name of the Kinesis Stream you are managing.
    @@ -226,9 +208,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -243,9 +223,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -261,9 +239,7 @@ Parameters - - - +
    The length of time (in hours) data records are accessible after they are added to the stream.
    The default retention period is 24 hours and can not be less than 24 hours.
    The maximum retention period is 168 hours.
    @@ -281,9 +257,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -299,9 +273,7 @@ Parameters - - - +
    The number of shards you want to have with this stream.
    This is required when state=present
    @@ -321,9 +293,7 @@ Parameters
  • absent
    • - - - +
    Create or Delete the Kinesis Stream.
    @@ -338,9 +308,7 @@ Parameters - - - +
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.

    aliases: resource_tags
    @@ -360,9 +328,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -381,9 +347,7 @@ Parameters
  • yes ←
    • - - - +
    Wait for operation to complete before returning.
    @@ -399,9 +363,7 @@ Parameters Default:
    300
    - - - +
    How many seconds to wait for an operation to complete before timing out.
    @@ -429,7 +391,7 @@ Examples # Basic creation example: - name: Set up Kinesis Stream with 10 shards and wait for the stream to become ACTIVE - kinesis_stream: + community.aws.kinesis_stream: name: test-stream shards: 10 wait: yes @@ -438,7 +400,7 @@ Examples # Basic creation example with tags: - name: Set up Kinesis Stream with 10 shards, tag the environment, and wait for the stream to become ACTIVE - kinesis_stream: + community.aws.kinesis_stream: name: test-stream shards: 10 tags: @@ -449,7 +411,7 @@ Examples # Basic creation example with tags and increase the retention period from the default 24 hours to 48 hours: - name: Set up Kinesis Stream with 10 shards, tag the environment, increase the retention period and wait for the stream to become ACTIVE - kinesis_stream: + community.aws.kinesis_stream: name: test-stream retention_period: 48 shards: 10 @@ -461,7 +423,7 @@ Examples # Basic delete example: - name: Delete Kinesis Stream test-stream and wait for it to finish deleting. - kinesis_stream: + community.aws.kinesis_stream: name: test-stream state: absent wait: yes @@ -470,7 +432,7 @@ Examples # Basic enable encryption example: - name: Encrypt Kinesis Stream test-stream. - kinesis_stream: + community.aws.kinesis_stream: name: test-stream state: present encryption_state: enabled @@ -482,7 +444,7 @@ Examples # Basic disable encryption example: - name: Encrypt Kinesis Stream test-stream. - kinesis_stream: + community.aws.kinesis_stream: name: test-stream state: present encryption_state: disabled @@ -497,7 +459,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.lambda.rst b/docs/community.aws.lambda.rst index 53b46757dba..70d91ee084f 100644 --- a/docs/community.aws.lambda.rst +++ b/docs/community.aws.lambda.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lambda_: +.. _community.aws.lambda_module: ******************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
    @@ -129,9 +121,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -180,9 +166,7 @@ Parameters - - - +
    A dictionary of environment variables the Lambda function is given.
    @@ -197,9 +181,7 @@ Parameters - - - +
    The function within your code that Lambda calls to begin execution.
    @@ -215,9 +197,7 @@ Parameters Default:
    128
    - - - +
    The amount of memory, in MB, your Lambda function is given.
    @@ -232,9 +212,7 @@ Parameters - - - +
    The name you want to assign to the function you are uploading. Cannot be changed.
    @@ -249,9 +227,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -266,9 +242,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -284,9 +258,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.
    Required when state=present.
    @@ -302,9 +274,7 @@ Parameters - - - +
    The runtime environment for the Lambda function you are uploading.
    Required when creating a function. Uses parameters as described in boto3 docs.
    Required when state=present.
    @@ -322,9 +292,7 @@ Parameters - - - +
    Amazon S3 bucket name where the .zip file containing your deployment package is stored.
    If state=present then either zip_file or s3_bucket must be present.
    s3_bucket and s3_key are required together.
    @@ -341,9 +309,7 @@ Parameters - - - +
    The Amazon S3 object (the deployment package) key name you want to upload.
    s3_bucket and s3_key are required together.
    @@ -359,9 +325,7 @@ Parameters - - - +
    The Amazon S3 object (the deployment package) version you want to upload.
    @@ -376,9 +340,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -398,9 +360,7 @@ Parameters
  • absent
    • - - - +
    Create or delete Lambda function.
    @@ -415,9 +375,7 @@ Parameters - - - +
    tag dict to apply to the function (requires botocore 1.5.40 or above).
    @@ -433,9 +391,7 @@ Parameters Default:
    3
    - - - +
    The function maximum execution time in seconds after which Lambda should terminate the function.
    @@ -454,9 +410,7 @@ Parameters
  • PassThrough
    • - - - +
    Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
    @@ -475,9 +429,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -492,9 +444,7 @@ Parameters - - - +
    List of VPC security group IDs to associate with the Lambda function.
    Required when vpc_subnet_ids is used.
    @@ -510,9 +460,7 @@ Parameters - - - +
    List of subnet IDs to run Lambda function in.
    Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
    If set, vpc_security_group_ids must also be set.
    @@ -529,9 +477,7 @@ Parameters - - - +
    A .zip file containing your deployment package
    If state=present then either zip_file or s3_bucket must be present.

    aliases: src
    @@ -559,7 +505,7 @@ Examples # Create Lambda functions - name: looped creation - lambda: + community.aws.lambda: name: '{{ item.name }}' state: present zip_file: '{{ item.zip_file }}' @@ -589,7 +535,7 @@ Examples # To remove previously added tags pass an empty dict - name: remove tags - lambda: + community.aws.lambda: name: 'Lambda function' state: present zip_file: 'code.zip' @@ -600,7 +546,7 @@ Examples # Basic Lambda function deletion - name: Delete Lambda functions HelloWorld and ByeBye - lambda: + community.aws.lambda: name: '{{ item }}' state: absent loop: @@ -612,7 +558,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.lambda_alias.rst b/docs/community.aws.lambda_alias.rst index cf152fb538a..1eadc88000c 100644 --- a/docs/community.aws.lambda_alias.rst +++ b/docs/community.aws.lambda_alias.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lambda_alias_: +.. _community.aws.lambda_alias_module: ************************** @@ -17,13 +18,13 @@ community.aws.lambda_alias Synopsis -------- -- This module allows the management of AWS Lambda functions aliases via the Ansible framework. It is idempotent and supports "Check" mode. Use module :ref:`lambda ` to manage the lambda function itself and :ref:`lambda_event ` to manage event source mappings. +- This module allows the management of AWS Lambda functions aliases via the Ansible framework. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.lambda ` to manage the lambda function itself and :ref:`community.aws.lambda_event ` to manage event source mappings. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    A short, user-defined function alias description.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    The name of the function alias.
    @@ -180,9 +166,7 @@ Parameters - - - +
    Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.

    aliases: version
    @@ -198,9 +182,7 @@ Parameters - - - +
    Name of the function alias.

    aliases: alias_name
    @@ -216,9 +198,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -233,9 +213,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -251,9 +229,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -273,9 +249,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -294,9 +268,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -356,7 +328,7 @@ Examples # The following will set the Dev alias to the latest version ($LATEST) since version is omitted (or = 0) - name: "alias 'Dev' for function {{ lambda_info.lambda_facts.FunctionName }} " - lambda_alias: + community.aws.lambda_alias: state: "{{ state | default('present') }}" function_name: "{{ lambda_info.lambda_facts.FunctionName }}" name: Dev @@ -364,7 +336,7 @@ Examples # The QA alias will only be created when a new version is published (i.e. not = '$LATEST') - name: "alias 'QA' for function {{ lambda_info.lambda_facts.FunctionName }} " - lambda_alias: + community.aws.lambda_alias: state: "{{ state | default('present') }}" function_name: "{{ lambda_info.lambda_facts.FunctionName }}" name: QA @@ -374,7 +346,7 @@ Examples # The Prod alias will have a fixed version based on a variable - name: "alias 'Prod' for function {{ lambda_info.lambda_facts.FunctionName }} " - lambda_alias: + community.aws.lambda_alias: state: "{{ state | default('present') }}" function_name: "{{ lambda_info.lambda_facts.FunctionName }}" name: Prod @@ -386,7 +358,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.lambda_event.rst b/docs/community.aws.lambda_event.rst index 9e30161e6bf..fb2bb7cda88 100644 --- a/docs/community.aws.lambda_event.rst +++ b/docs/community.aws.lambda_event.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lambda_event_: +.. _community.aws.lambda_event_module: ************************** @@ -17,13 +18,13 @@ community.aws.lambda_event Synopsis -------- -- This module allows the management of AWS Lambda function event source mappings such as DynamoDB and Kinesis stream events via the Ansible framework. These event source mappings are relevant only in the AWS Lambda pull model, where AWS Lambda invokes the function. It is idempotent and supports "Check" mode. Use module :ref:`lambda ` to manage the lambda function itself and :ref:`lambda_alias ` to manage function aliases. +- This module allows the management of AWS Lambda function event source mappings such as DynamoDB and Kinesis stream events via the Ansible framework. These event source mappings are relevant only in the AWS Lambda pull model, where AWS Lambda invokes the function. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.lambda ` to manage the lambda function itself and :ref:`community.aws.lambda_alias ` to manage function aliases. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    Name of the function alias.
    Mutually exclusive with version.
    @@ -71,9 +69,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -89,9 +85,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -108,9 +102,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -130,9 +122,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -168,9 +156,7 @@ Parameters
  • sqs
    • - - - +
    Source of the event that triggers the lambda function.
    For DynamoDB and Kinesis events, select stream
    For SQS queues, select sqs
    @@ -187,9 +173,7 @@ Parameters - - - +
    The name or ARN of the lambda function.

    aliases: function_name, function_arn
    @@ -205,9 +189,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -222,9 +204,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -240,9 +220,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -258,9 +236,7 @@ Parameters - - - +
    Sub-parameters required for event source.
    @@ -277,9 +253,7 @@ Parameters Default:
    100
    - - - +
    The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
    @@ -300,9 +274,7 @@ Parameters Default:
    "true."
    - - - +
    Indicates whether AWS Lambda should begin polling or readin from the event source.
    @@ -318,9 +290,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
    @@ -340,9 +310,7 @@ Parameters
  • LATEST
    • - - - +
    The position in the stream where AWS Lambda should start reading.
    Required when event_source=stream.
    @@ -363,9 +331,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -384,9 +350,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -401,9 +365,7 @@ Parameters - - - +
    Version of the Lambda function.
    Mutually exclusive with alias.
    @@ -428,35 +390,30 @@ Examples .. code-block:: yaml+jinja - --- # Example that creates a lambda event notification for a DynamoDB stream - - hosts: localhost - gather_facts: no - vars: + - name: DynamoDB stream event mapping + community.aws.lambda_event: state: present - tasks: - - name: DynamoDB stream event mapping - lambda_event: - state: "{{ state | default('present') }}" - event_source: stream - function_name: "{{ function_name }}" - alias: Dev - source_params: - source_arn: arn:aws:dynamodb:us-east-1:123456789012:table/tableName/stream/2016-03-19T19:51:37.457 - enabled: True - batch_size: 100 - starting_position: TRIM_HORIZON + event_source: stream + function_name: "{{ function_name }}" + alias: Dev + source_params: + source_arn: arn:aws:dynamodb:us-east-1:123456789012:table/tableName/stream/2016-03-19T19:51:37.457 + enabled: True + batch_size: 100 + starting_position: TRIM_HORIZON + register: event - - name: Show source event - debug: - var: lambda_stream_events + - name: Show source event + debug: + var: event.lambda_stream_events Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.lambda_facts.rst b/docs/community.aws.lambda_facts.rst index 3c2e155bc82..5549a6799ea 100644 --- a/docs/community.aws.lambda_facts.rst +++ b/docs/community.aws.lambda_facts.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lambda_facts_: +.. _community.aws.lambda_facts_module: ************************** @@ -16,21 +17,21 @@ community.aws.lambda_facts DEPRECATED ---------- -:Removed in Ansible: version: 2.13 +:Removed in collection release after 2021-12-01 :Why: Deprecated in favour of ``_info`` module. -:Alternative: Use :ref:`lambda_info ` instead. +:Alternative: Use :ref:`community.aws.lambda_info ` instead. Synopsis -------- -- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases and :ref:`lambda_event ` to manage lambda event source mappings. +- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_event ` to manage lambda event source mappings. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -46,7 +47,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -60,9 +60,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -78,9 +76,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -97,9 +93,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -119,9 +113,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -136,9 +128,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -153,9 +143,7 @@ Parameters - - - +
    For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    @@ -170,9 +158,7 @@ Parameters - - - +
    The name of the lambda function for which facts are requested.

    aliases: function, name
    @@ -188,9 +174,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -213,9 +197,7 @@ Parameters
  • versions
    • - - - +
    Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
    @@ -230,9 +212,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -248,9 +228,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -270,9 +248,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -299,19 +275,21 @@ Examples --- # Simple example of listing all info for a function - name: List all for a specific function - lambda_facts: + community.aws.lambda_facts: query: all function_name: myFunction register: my_function_details + # List all versions of a function - name: List function versions - lambda_facts: + community.aws.lambda_facts: query: versions function_name: myFunction register: my_function_versions + # List all lambda function versions - name: List all function - lambda_facts: + community.aws.lambda_facts: query: all max_items: 20 - name: show Lambda facts @@ -323,7 +301,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html @@ -386,7 +364,7 @@ Status ------ -- This will be removed in version 2.13. *[deprecated]* +- This module will be removed in version . *[deprecated]* - For more information see `DEPRECATED`_. diff --git a/docs/community.aws.lambda_info.rst b/docs/community.aws.lambda_info.rst index f93ec6a6141..17fc6e9f302 100644 --- a/docs/community.aws.lambda_info.rst +++ b/docs/community.aws.lambda_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lambda_info_: +.. _community.aws.lambda_info_module: ************************* @@ -18,13 +19,13 @@ community.aws.lambda_info Synopsis -------- - Gathers various details related to Lambda functions, including aliases, versions and event source mappings. -- Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases and :ref:`lambda_event ` to manage lambda event source mappings. +- Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_event ` to manage lambda event source mappings. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    When query=mappings, this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The name of the lambda function for which information is requested.

    aliases: function, name
    @@ -182,9 +168,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -207,9 +191,7 @@ Parameters
  • versions
    • - - - +
    Specifies the resource type for which to gather information. Leave blank to retrieve all information.
    @@ -224,9 +206,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -242,9 +222,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -264,9 +242,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -293,19 +269,19 @@ Examples --- # Simple example of listing all info for a function - name: List all for a specific function - lambda_info: + community.aws.lambda_info: query: all function_name: myFunction register: my_function_details # List all versions of a function - name: List function versions - lambda_info: + community.aws.lambda_info: query: versions function_name: myFunction register: my_function_versions # List all lambda function versions - name: List all function - lambda_info: + community.aws.lambda_info: query: all max_items: 20 register: output @@ -318,7 +294,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.lambda_policy.rst b/docs/community.aws.lambda_policy.rst index 060f37fbb1e..f534779edc4 100644 --- a/docs/community.aws.lambda_policy.rst +++ b/docs/community.aws.lambda_policy.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lambda_policy_: +.. _community.aws.lambda_policy_module: *************************** @@ -19,13 +20,13 @@ Synopsis -------- - This module allows the management of AWS Lambda policy statements. - It is idempotent and supports "Check" mode. -- Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases, :ref:`lambda_event ` to manage event source mappings such as Kinesis streams, :ref:`execute_lambda ` to execute a lambda function and :ref:`lambda_info ` to gather information relating to one or more lambda functions. +- Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases, :ref:`community.aws.lambda_event ` to manage event source mappings such as Kinesis streams, :ref:`community.aws.execute_lambda ` to execute a lambda function and :ref:`community.aws.lambda_info ` to gather information relating to one or more lambda functions. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:*) to grant permission for all AWS Lambda actions.
    @@ -72,9 +70,7 @@ Parameters - - - +
    Name of the function alias. Mutually exclusive with version.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -107,9 +101,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -126,9 +118,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -148,9 +138,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -182,9 +168,7 @@ Parameters - - - +
    Token string representing source ARN or account. Mutually exclusive with source_arn or source_account.
    @@ -199,9 +183,7 @@ Parameters - - - +
    Name of the Lambda function whose resource policy you are updating by adding a new permission.
    You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the
    function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to
    @@ -221,9 +203,7 @@ Parameters - - - +
    The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
    @@ -238,9 +218,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -255,9 +233,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -273,9 +249,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -291,9 +265,7 @@ Parameters - - - +
    The AWS account ID (without a hyphen) of the source owner. For example, if source_arn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the source_arn ) owned by a specific account.
    @@ -308,9 +280,7 @@ Parameters - - - +
    This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
    @@ -329,9 +299,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -346,9 +314,7 @@ Parameters - - - +
    A unique statement identifier.

    aliases: sid
    @@ -368,9 +334,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -385,9 +349,7 @@ Parameters - - - +
    Version of the Lambda function. Mutually exclusive with alias.
    @@ -411,35 +373,29 @@ Examples .. code-block:: yaml+jinja - --- - - hosts: localhost - gather_facts: no - vars: - state: present - tasks: - - name: Lambda S3 event notification - lambda_policy: - state: "{{ state | default('present') }}" - function_name: functionName - alias: Dev - statement_id: lambda-s3-myBucket-create-data-log - action: lambda:InvokeFunction - principal: s3.amazonaws.com - source_arn: arn:aws:s3:eu-central-1:123456789012:bucketName - source_account: 123456789012 - register: lambda_policy_action - - name: show results - debug: - var: lambda_policy_action + - name: Lambda S3 event notification + community.aws.lambda_policy: + state: present + function_name: functionName + alias: Dev + statement_id: lambda-s3-myBucket-create-data-log + action: lambda:InvokeFunction + principal: s3.amazonaws.com + source_arn: arn:aws:s3:eu-central-1:123456789012:bucketName + source_account: 123456789012 + register: lambda_policy_action + - name: show results + debug: + var: lambda_policy_action Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.lightsail.rst b/docs/community.aws.lightsail.rst index 594672d4f68..efcff58e801 100644 --- a/docs/community.aws.lightsail.rst +++ b/docs/community.aws.lightsail.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.lightsail_: +.. _community.aws.lightsail_module: *********************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    ID of the instance blueprint image.
    Required when state=present
    @@ -127,9 +119,7 @@ Parameters - - - +
    Bundle of specification info for the instance.
    Required when state=present.
    @@ -149,9 +139,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -183,9 +169,7 @@ Parameters - - - +
    Name of the key pair to use with the instance.
    If state=present and a key_pair_name is not provided, the default keypair from the region will be used.
    @@ -201,9 +185,7 @@ Parameters - - - +
    Name of the instance.
    @@ -218,9 +200,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -235,9 +215,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -253,9 +231,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -279,9 +255,7 @@ Parameters
  • stopped
    • - - - +
    Indicate desired state of the target.
    rebooted and restarted are aliases.
    @@ -297,9 +271,7 @@ Parameters - - - +
    Launch script that can configure the instance with additional data.
    @@ -318,9 +290,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -339,9 +309,7 @@ Parameters
  • yes ←
    • - - - +
    Wait for the instance to be in state 'running' before returning.
    If wait=false an ip_address may not be returned.
    Has no effect when state=rebooted or state=absent.
    @@ -359,9 +327,7 @@ Parameters Default:
    300
    - - - +
    How long before wait gives up, in seconds.
    @@ -376,9 +342,7 @@ Parameters - - - +
    AWS availability zone in which to launch the instance.
    Required when state=present
    @@ -403,8 +367,8 @@ Examples .. code-block:: yaml+jinja - # Create a new Lightsail instance - - lightsail: + - name: Create a new Lightsail instance + community.aws.lightsail: state: present name: my_instance region: us-east-1 @@ -415,8 +379,8 @@ Examples user_data: " echo 'hello world' > /home/ubuntu/test.txt" register: my_instance - # Delete an instance - - lightsail: + - name: Delete an instance + community.aws.lightsail: state: absent region: us-east-1 name: my_instance @@ -427,7 +391,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds.rst b/docs/community.aws.rds.rst index 565be0c9e91..97f2528550e 100644 --- a/docs/community.aws.rds.rst +++ b/docs/community.aws.rds.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_: +.. _community.aws.rds_module: ***************** @@ -21,13 +22,13 @@ Synopsis - When creating an instance it can be either a new instance or a read-only replica of an existing instance. - This module has a dependency on python-boto >= 2.5 and will soon be deprecated. - The 'promote' command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0). -- Please use boto3 based :ref:`rds_instance ` instead. +- Please use boto3 based :ref:`community.aws.rds_instance ` instead. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - python >= 2.6 @@ -42,7 +43,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -60,9 +60,7 @@ Parameters
  • yes
    • - - - +
    When apply_immediately=trye, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
    Used only when command=modify.
    @@ -78,9 +76,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -96,9 +92,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -115,9 +109,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -133,9 +125,7 @@ Parameters - - - +
    Number of days backups are retained.
    Set to 0 to disable backups.
    Default is 1 day.
    @@ -154,9 +144,7 @@ Parameters - - - +
    Backup window in format of hh24:mi-hh24:mi. (Example: 18:00-20:30)
    Times are specified in UTC.
    If not specified then a random backup window is assigned.
    @@ -174,9 +162,7 @@ Parameters - - - +
    Associate the DB instance with a specified character set.
    Used with command=create.
    @@ -203,9 +189,7 @@ Parameters
  • restore
    • - - - +
    Specifies the action to take. The 'reboot' option is available starting at version 2.0.
    @@ -234,9 +218,7 @@ Parameters
  • aurora
    • - - - +
    The type of database.
    Used only when command=create.
    mariadb was added in version 2.2.
    @@ -253,9 +235,7 @@ Parameters - - - +
    Name of a database to create within the instance.
    If not specified then no database is created.
    Used only when command=create.
    @@ -276,9 +256,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -293,9 +271,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -310,9 +286,7 @@ Parameters - - - +
    Version number of the database engine to use.
    If not specified then the current Amazon RDS default engine version is used
    Used only when command=create.
    @@ -333,9 +307,7 @@ Parameters
  • yes
    • - - - +
    If enabled, the reboot is done using a MultiAZ failover.
    Used only when command=reboot.
    @@ -351,9 +323,7 @@ Parameters - - - +
    Database instance identifier.
    Required except when using command=facts or command=delete on just a snapshot.
    @@ -369,9 +339,7 @@ Parameters - - - +
    The instance type of the database.
    If not specified then the replica inherits the same instance type as the source instance.
    Required when command=create.
    @@ -390,9 +358,7 @@ Parameters - - - +
    Specifies the number of IOPS for the instance.
    Used only when command=create or command=modify.
    Must be an integer greater than 1000.
    @@ -415,9 +381,7 @@ Parameters
  • postgresql-license
    • - - - +
    The license model for this DB instance.
    Used only when command=create or command=restore.
    @@ -433,9 +397,7 @@ Parameters - - - +
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    Times are specified in UTC.
    If not specified then a random maintenance window is assigned.
    @@ -457,9 +419,7 @@ Parameters
  • yes
    • - - - +
    Specifies if this is a Multi-availability-zone deployment.
    Can not be used in conjunction with zone parameter.
    Used only when command=create or command=modify.
    @@ -476,9 +436,7 @@ Parameters - - - +
    Name to rename an instance to.
    Used only when command=modify.
    @@ -494,9 +452,7 @@ Parameters - - - +
    The name of the option group to use.
    If not specified then the default option group is used.
    Used only when command=create.
    @@ -513,9 +469,7 @@ Parameters - - - +
    Name of the DB parameter group to associate with this instance.
    If omitted then the RDS default DBParameterGroup will be used.
    Used only when command=create or command=modify.
    @@ -532,9 +486,7 @@ Parameters - - - +
    Password for the master database username.
    Used only when command=create or command=modify.
    @@ -550,9 +502,7 @@ Parameters - - - +
    Port number that the DB instance uses for connections.
    Used only when command=create or command=replicate.
    Defaults to the standard ports for each db_engine: 3306 for MySQL and MariaDB, 1521 for Oracle 1433 for SQL Server, 5432 for PostgreSQL.
    @@ -569,9 +519,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -586,9 +534,7 @@ Parameters - - - +
    Explicitly set whether the resource should be publicly accessible or not.
    Used with command=create, command=replicate.
    Requires boto >= 2.26.0
    @@ -605,9 +551,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -623,9 +567,7 @@ Parameters - - - +
    Comma separated list of one or more security groups.
    Used only when command=create or command=modify.
    @@ -641,9 +583,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -659,9 +599,7 @@ Parameters - - - +
    Size in gigabytes of the initial storage for the DB instance.
    Used only when command=create or command=modify.
    @@ -677,9 +615,7 @@ Parameters - - - +
    Name of snapshot to take.
    When command=delete, if no snapshot name is provided then no snapshot is taken.
    When command=delete, if no instance_name is provided the snapshot is deleted.
    @@ -697,9 +633,7 @@ Parameters - - - +
    Name of the database to replicate.
    Used only when command=replicate.
    @@ -715,9 +649,7 @@ Parameters - - - +
    VPC subnet group.
    If specified then a VPC instance is created.
    Used only when command=create.
    @@ -734,9 +666,7 @@ Parameters - - - +
    tags dict to apply to a resource.
    Used with command=create, command=replicate, command=restore.
    Requires boto >= 2.26.0
    @@ -757,9 +687,7 @@ Parameters
  • yes
    • - - - +
    Indicates that minor version upgrades should be applied automatically.
    Used only when command=create or command=modify or command=restore or command=replicate.
    @@ -775,9 +703,7 @@ Parameters - - - +
    Master database username.
    Used only when command=create.
    @@ -797,9 +723,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -814,9 +738,7 @@ Parameters - - - +
    Comma separated list of one or more vpc security group ids.
    Also requires subnet to be specified.
    Used only when command=create or command=modify.
    @@ -837,9 +759,7 @@ Parameters
  • yes
    • - - - +
    When command=create, replicate, modify or restore then wait for the database to enter the 'available' state.
    When command=delete, wait for the database to be terminated.
    @@ -856,9 +776,7 @@ Parameters Default:
    300
    - - - +
    How long before wait gives up, in seconds.
    Used when wait=true.
    @@ -874,9 +792,7 @@ Parameters - - - +
    availability zone in which to launch the instance.
    Used only when command=create, command=replicate or command=restore.
    Can not be used in conjunction with multi_zone parameter.
    @@ -903,8 +819,8 @@ Examples .. code-block:: yaml+jinja - # Basic mysql provisioning example - - rds: + - name: Basic mysql provisioning example + community.aws.rds: command: create instance_name: new-database db_engine: MySQL @@ -916,35 +832,35 @@ Examples Environment: testing Application: cms - # Create a read-only replica and wait for it to become available - - rds: + - name: Create a read-only replica and wait for it to become available + community.aws.rds: command: replicate instance_name: new-database-replica source_instance: new_database wait: yes wait_timeout: 600 - # Delete an instance, but create a snapshot before doing so - - rds: + - name: Delete an instance, but create a snapshot before doing so + community.aws.rds: command: delete instance_name: new-database snapshot: new_database_snapshot - # Get facts about an instance - - rds: + - name: Get facts about an instance + community.aws.rds: command: facts instance_name: new-database register: new_database_facts - # Rename an instance and wait for the change to take effect - - rds: + - name: Rename an instance and wait for the change to take effect + community.aws.rds: command: modify instance_name: new-database new_instance_name: renamed-database wait: yes - # Reboot an instance and wait for it to become available again - - rds: + - name: Reboot an instance and wait for it to become available again + community.aws.rds: command: reboot instance_name: database wait: yes @@ -952,27 +868,25 @@ Examples # Restore a Postgres db instance from a snapshot, wait for it to become available again, and # then modify it to add your security group. Also, display the new endpoint. # Note that the "publicly_accessible" option is allowed here just as it is in the AWS CLI - - local_action: - module: rds - command: restore - snapshot: mypostgres-snapshot - instance_name: MyNewInstanceName - region: us-west-2 - zone: us-west-2b - subnet: default-vpc-xx441xxx - publicly_accessible: yes - wait: yes - wait_timeout: 600 - tags: - Name: pg1_test_name_tag + - community.aws.rds: + command: restore + snapshot: mypostgres-snapshot + instance_name: MyNewInstanceName + region: us-west-2 + zone: us-west-2b + subnet: default-vpc-xx441xxx + publicly_accessible: yes + wait: yes + wait_timeout: 600 + tags: + Name: pg1_test_name_tag register: rds - - local_action: - module: rds - command: modify - instance_name: MyNewInstanceName - region: us-west-2 - vpc_security_groups: sg-xxx945xx + - community.aws.rds: + command: modify + instance_name: MyNewInstanceName + region: us-west-2 + vpc_security_groups: sg-xxx945xx - debug: msg: "The new db endpoint is {{ rds.instance.endpoint }}" @@ -982,7 +896,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds_instance.rst b/docs/community.aws.rds_instance.rst index 5f271079667..4909d1bb915 100644 --- a/docs/community.aws.rds_instance.rst +++ b/docs/community.aws.rds_instance.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_instance_: +.. _community.aws.rds_instance_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.5.0 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    The amount of storage (in gibibytes) to allocate for the DB instance.
    @@ -75,9 +73,7 @@ Parameters
  • yes
    • - - - +
    Whether to allow major version upgrades.
    @@ -96,9 +92,7 @@ Parameters
  • yes
    • - - - +
    A value that specifies whether modifying a cluster with new_db_instance_identifier and master_user_password should be applied as soon as possible, regardless of the preferred_maintenance_window setting. If false, changes are applied during the next maintenance window.
    @@ -117,9 +111,7 @@ Parameters
  • yes
    • - - - +
    Whether minor version upgrades are applied automatically to the DB instance during the maintenance window.
    @@ -134,9 +126,7 @@ Parameters - - - +
    A list of EC2 Availability Zones that instances in the DB cluster can be created in. May be used when creating a cluster or when restoring from S3 or a snapshot. Mutually exclusive with multi_az.

    aliases: az, zone
    @@ -152,9 +142,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -170,9 +158,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -189,9 +175,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -207,9 +191,7 @@ Parameters - - - +
    The number of days for which automated backups are retained (must be greater or equal to 1). May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    @@ -224,9 +206,7 @@ Parameters - - - +
    The identifier of the CA certificate for the DB instance.
    @@ -241,9 +221,7 @@ Parameters - - - +
    The character set to associate with the DB cluster.
    @@ -262,9 +240,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to copy all tags from the DB instance to snapshots of the instance. When initially creating a DB instance the RDS API defaults this to false if unspecified.
    @@ -284,9 +260,7 @@ Parameters
  • instance
    • - - - +
    Which source to use if restoring from a template (an existing instance, S3 bucket, or snapshot).
    @@ -301,9 +275,7 @@ Parameters - - - +
    The DB cluster (lowercase) identifier to add the aurora DB instance to. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.

    aliases: cluster_id
    @@ -319,9 +291,7 @@ Parameters - - - +
    The compute and memory capacity of the DB instance, for example db.t2.micro.

    aliases: class, instance_type
    @@ -337,9 +307,7 @@ Parameters - - - +
    The DB instance (lowercase) identifier. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.

    aliases: instance_id, id
    @@ -355,9 +323,7 @@ Parameters - - - +
    The name for your database. If a name is not provided Amazon RDS will not create a database.
    @@ -372,9 +338,7 @@ Parameters - - - +
    The name of the DB parameter group to associate with this DB instance. When creating the DB instance if this argument is omitted the default DBParameterGroup for the specified engine is used.
    @@ -389,9 +353,7 @@ Parameters - - - +
    (EC2-Classic platform) A list of DB security groups to associate with this DB instance.
    @@ -406,9 +368,7 @@ Parameters - - - +
    The identifier for the DB snapshot to restore from if using creation_source=snapshot.
    @@ -423,9 +383,7 @@ Parameters - - - +
    The DB subnet group name to use for the DB instance.

    aliases: subnet_group
    @@ -445,9 +403,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -462,9 +418,7 @@ Parameters - - - +
    The Active Directory Domain to restore the instance in.
    @@ -479,9 +433,7 @@ Parameters - - - +
    The name of the IAM role to be used when making API calls to the Directory Service.
    @@ -496,9 +448,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -513,9 +463,7 @@ Parameters - - - +
    A list of log types that need to be enabled for exporting to CloudWatch Logs.

    aliases: cloudwatch_log_exports
    @@ -535,9 +483,7 @@ Parameters
  • yes
    • - - - +
    Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. If this option is omitted when creating the cluster, Amazon RDS sets this to False.
    @@ -556,9 +502,7 @@ Parameters
  • yes
    • - - - +
    Whether to enable Performance Insights for the DB instance.
    @@ -573,9 +517,7 @@ Parameters - - - +
    The name of the database engine to be used for this DB instance. This is required to create an instance. Valid choices are aurora | aurora-mysql | aurora-postgresql | mariadb | mysql | oracle-ee | oracle-se | oracle-se1 | oracle-se2 | postgres | sqlserver-ee | sqlserver-ex | sqlserver-se | sqlserver-web
    @@ -590,9 +532,7 @@ Parameters - - - +
    The version number of the database engine to use. For Aurora MySQL that could be 5.6.10a , 5.7.12. Aurora PostgreSQL example, 9.6.3
    @@ -607,9 +547,7 @@ Parameters - - - +
    The DB instance snapshot identifier of the new DB instance snapshot created when skip_final_snapshot is false.

    aliases: final_snapshot_identifier
    @@ -629,9 +567,7 @@ Parameters
  • yes
    • - - - +
    Set to true to conduct the reboot through a MultiAZ failover.
    @@ -650,9 +586,7 @@ Parameters
  • yes
    • - - - +
    Set to True to update your cluster password with master_user_password. Since comparing passwords to determine if it needs to be updated is not possible this is set to False by default to allow idempotence.
    @@ -667,9 +601,7 @@ Parameters - - - +
    The Provisioned IOPS (I/O operations per second) value. Is only set when using storage_type is set to io1.
    @@ -684,9 +616,7 @@ Parameters - - - +
    The ARN of the AWS KMS key identifier for an encrypted DB instance. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
    If storage_encrypted is true and and this option is not provided, the default encryption key is used.
    @@ -702,9 +632,7 @@ Parameters - - - +
    The license model for the DB instance.
    Several options are license-included, bring-your-own-license, and general-public-license.
    This option can also be omitted to default to an accepted value.
    @@ -721,9 +649,7 @@ Parameters - - - +
    An 8-41 character password for the master database user. The password can contain any printable ASCII character except "/", """, or "@". To modify the password use force_password_update. Use apply immediately to change the password immediately, otherwise it is updated during the next maintenance window.

    aliases: password
    @@ -739,9 +665,7 @@ Parameters - - - +
    The name of the master user for the DB cluster. Must be 1-16 letters or numbers and begin with a letter.

    aliases: username
    @@ -757,9 +681,7 @@ Parameters - - - +
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    @@ -774,9 +696,7 @@ Parameters - - - +
    The interval, in seconds, when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting metrics, specify 0. Amazon RDS defaults this to 0 if omitted when initially creating a DB instance.
    @@ -791,9 +711,7 @@ Parameters - - - +
    The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
    @@ -812,9 +730,7 @@ Parameters
  • yes
    • - - - +
    Specifies if the DB instance is a Multi-AZ deployment. Mutually exclusive with availability_zone.
    @@ -829,9 +745,7 @@ Parameters - - - +
    The new DB cluster (lowercase) identifier for the DB cluster when renaming a DB instance. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens. Use apply_immediately to rename immediately, otherwise it is updated during the next maintenance window.

    aliases: new_instance_id, new_id
    @@ -847,9 +761,7 @@ Parameters - - - +
    The option group to associate with the DB instance.
    @@ -864,9 +776,7 @@ Parameters - - - +
    The AWS KMS key identifier (ARN, name, or alias) for encryption of Performance Insights data.
    @@ -881,9 +791,7 @@ Parameters - - - +
    The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731.
    @@ -898,9 +806,7 @@ Parameters - - - +
    The port number on which the instances accept connections.
    @@ -915,9 +821,7 @@ Parameters - - - +
    The daily time range (in UTC) of at least 30 minutes, during which automated backups are created if automated backups are enabled using backup_retention_period. The option must be in the format of "hh24:mi-hh24:mi" and not conflict with preferred_maintenance_window.

    aliases: backup_window
    @@ -933,9 +837,7 @@ Parameters - - - +
    The weekly time range (in UTC) of at least 30 minutes, during which system maintenance can occur. The option must be in the format "ddd:hh24:mi-ddd:hh24:mi" where ddd is one of Mon, Tue, Wed, Thu, Fri, Sat, Sun.

    aliases: maintenance_window
    @@ -951,9 +853,7 @@ Parameters - - - +
    A dictionary of Name, Value pairs to indicate the number of CPU cores and the number of threads per core for the DB instance class of the DB instance. Names are threadsPerCore and coreCount. Set this option to an empty dictionary to use the default processor features.
    @@ -969,9 +869,7 @@ Parameters - - - +
    The number of CPU cores
    @@ -987,9 +885,7 @@ Parameters - - - +
    The number of threads per core
    @@ -1005,9 +901,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -1022,9 +916,7 @@ Parameters - - - +
    An integer that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
    @@ -1043,9 +935,7 @@ Parameters
  • yes
    • - - - +
    Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
    @@ -1064,9 +954,7 @@ Parameters
  • yes ←
    • - - - +
    Set to False to retain any enabled cloudwatch logs that aren't specified in the task and are associated with the instance.
    @@ -1085,9 +973,7 @@ Parameters
  • yes ←
    • - - - +
    Set to False to retain any tags that aren't specified in task and are associated with the instance.
    @@ -1106,9 +992,7 @@ Parameters
  • yes
    • - - - +
    Set to False to promote a read replica cluster or true to create one. When creating a read replica creation_source should be set to 'instance' or not provided. source_db_instance_identifier must be provided with this option.
    @@ -1123,9 +1007,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -1141,9 +1023,7 @@ Parameters - - - +
    If using creation_source=instance this indicates the UTC date and time to restore from the source instance. For example, "2009-09-07T23:45:00Z".
    May alternatively set use_latest_restore_time=True.
    Only one of use_latest_restorable_time and restore_time may be provided.
    @@ -1160,9 +1040,7 @@ Parameters - - - +
    The name of the Amazon S3 bucket that contains the data used to create the Amazon DB instance.
    @@ -1177,9 +1055,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.
    @@ -1194,9 +1070,7 @@ Parameters - - - +
    The prefix for all of the file names that contain the data used to create the Amazon DB instance. If you do not specify a SourceS3Prefix value, then the Amazon DB instance is created by using all of the files in the Amazon S3 bucket.
    @@ -1211,9 +1085,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -1233,9 +1105,7 @@ Parameters
  • yes
    • - - - +
    Whether a final DB cluster snapshot is created before the DB cluster is deleted. If this is false final_db_snapshot_identifier must be provided.
    @@ -1250,9 +1120,7 @@ Parameters - - - +
    The ARN of the DB snapshot to restore from when using creation_source=snapshot.
    @@ -1267,9 +1135,7 @@ Parameters - - - +
    The identifier or ARN of the source DB instance from which to restore when creating a read replica or spinning up a point-in-time DB instance using creation_source=instance. If the source DB is not in the same region this should be an ARN.
    @@ -1287,9 +1153,7 @@ Parameters
  • mysql
    • - - - +
    The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.
    @@ -1304,9 +1168,7 @@ Parameters - - - +
    The version of the database that the backup files were created from.
    @@ -1321,9 +1183,7 @@ Parameters - - - +
    The region of the DB instance from which the replica is created.
    @@ -1348,9 +1208,7 @@ Parameters
  • restarted
    • - - - +
    Whether the snapshot should exist or not. rebooted is not idempotent and will leave the DB instance in a running state and start it prior to rebooting if it was stopped. present will leave the DB instance in the current running/stopped state, (running if creating the DB instance).
    state=running and state=started are synonyms, as are state=rebooted and state=restarted. Note - rebooting the instance is not idempotent.
    @@ -1370,9 +1228,7 @@ Parameters
  • yes
    • - - - +
    Whether the DB instance is encrypted.
    @@ -1392,9 +1248,7 @@ Parameters
  • io1
    • - - - +
    The storage type to be associated with the DB instance. storage_type does not apply to Aurora DB instances.
    @@ -1409,9 +1263,7 @@ Parameters - - - +
    A dictionary of key value pairs to assign the DB cluster.
    @@ -1426,9 +1278,7 @@ Parameters - - - +
    The ARN from the key store with which to associate the instance for Transparent Data Encryption. This is supported by Oracle or SQL Server DB instances and may be used in conjunction with storage_encrypted though it might slightly affect the performance of your database.

    aliases: transparent_data_encryption_arn
    @@ -1444,9 +1294,7 @@ Parameters - - - +
    The password for the given ARN from the key store in order to access the device.

    aliases: transparent_data_encryption_password
    @@ -1462,9 +1310,7 @@ Parameters - - - +
    The time zone of the DB instance.
    @@ -1483,9 +1329,7 @@ Parameters
  • yes
    • - - - +
    Whether to restore the DB instance to the latest restorable backup time.
    Only one of use_latest_restorable_time and restore_time may be provided.

    aliases: restore_from_latest
    @@ -1506,9 +1350,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -1523,9 +1365,7 @@ Parameters - - - +
    A list of EC2 VPC security groups to associate with the DB cluster.
    @@ -1544,9 +1384,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to wait for the cluster to be available, stopped, or deleted. At a later time a wait_timeout option may be added. Following each API call to create/modify/delete the instance a waiter is used with a 60 second delay 30 times until the instance reaches the expected state (available/stopped/deleted). The total task time may also be influenced by AWSRetry which helps stabilize if the instance is in an invalid state to operate on to begin with (such as if you try to stop it when it is in the process of rebooting). If setting this to False task retries and delays may make your playbook execution better handle timeouts for major modifications.
    @@ -1572,7 +1410,7 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: create minimal aurora instance in default VPC and default subnet group - rds_instance: + community.aws.rds_instance: engine: aurora db_instance_identifier: ansible-test-aurora-db-instance instance_type: db.t2.small @@ -1581,7 +1419,7 @@ Examples cluster_id: ansible-test-cluster # This cluster must exist - see rds_cluster to manage it - name: Create a DB instance using the default AWS KMS encryption key - rds_instance: + community.aws.rds_instance: id: test-encrypted-db state: present engine: mariadb @@ -1592,13 +1430,13 @@ Examples allocated_storage: "{{ allocated_storage }}" - name: remove the DB instance without a final snapshot - rds_instance: + community.aws.rds_instance: id: "{{ instance_id }}" state: absent skip_final_snapshot: True - name: remove the DB instance with a final snapshot - rds_instance: + community.aws.rds_instance: id: "{{ instance_id }}" state: absent final_snapshot_identifier: "{{ snapshot_id }}" @@ -1608,7 +1446,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds_instance_info.rst b/docs/community.aws.rds_instance_info.rst index b1e2e83f531..d71a43b5181 100644 --- a/docs/community.aws.rds_instance_info.rst +++ b/docs/community.aws.rds_instance_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_instance_info_: +.. _community.aws.rds_instance_info_module: ******************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    The RDS instance's unique identifier.

    aliases: id
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    A filter that specifies one or more DB instances to describe. See https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
    @@ -183,9 +169,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -218,9 +200,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -240,9 +220,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -266,20 +244,20 @@ Examples .. code-block:: yaml+jinja - # Get information about an instance - - rds_instance_info: + - name: Get information about an instance + community.aws.rds_instance_info: db_instance_identifier: new-database register: new_database_info - # Get all RDS instances - - rds_instance_info: + - name: Get all RDS instances + community.aws.rds_instance_info: Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds_param_group.rst b/docs/community.aws.rds_param_group.rst index ec8acedf04b..beac7a784ff 100644 --- a/docs/community.aws.rds_param_group.rst +++ b/docs/community.aws.rds_param_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_param_group_: +.. _community.aws.rds_param_group_module: ***************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Database parameter group description. Only set when a new group is added.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    The type of database for this group.
    Please use following command to get list of all supported db engines and their respective versions.
    # aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
    @@ -187,9 +173,7 @@ Parameters
  • yes
    • - - - +
    Whether to apply the changes immediately, or after the next reboot of any associated instances.

    aliases: apply_immediately
    @@ -205,9 +189,7 @@ Parameters - - - +
    Database parameter group identifier.
    @@ -222,9 +204,7 @@ Parameters - - - +
    Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.

    aliases: parameters
    @@ -240,9 +220,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -261,9 +239,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to remove tags that do not appear in the tags list.
    @@ -278,9 +254,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -296,9 +270,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -318,9 +290,7 @@ Parameters
  • absent
    • - - - +
    Specifies whether the group should be present or absent.
    @@ -335,9 +305,7 @@ Parameters - - - +
    Dictionary of tags to attach to the parameter group.
    @@ -356,9 +324,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -382,8 +348,8 @@ Examples .. code-block:: yaml+jinja - # Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 - - rds_param_group: + - name: Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 + community.aws.rds_param_group: state: present name: norwegian-blue description: 'My Fancy Ex Parrot Group' @@ -394,8 +360,8 @@ Examples Environment: production Application: parrot - # Remove a parameter group - - rds_param_group: + - name: Remove a parameter group + community.aws.rds_param_group: state: absent name: norwegian-blue @@ -404,7 +370,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds_snapshot.rst b/docs/community.aws.rds_snapshot.rst index 720e807469e..3ef5c5e15dc 100644 --- a/docs/community.aws.rds_snapshot.rst +++ b/docs/community.aws.rds_snapshot.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_snapshot_: +.. _community.aws.rds_snapshot_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    Database instance identifier. Required when state is present.

    aliases: instance_id
    @@ -126,9 +118,7 @@ Parameters - - - +
    The snapshot to manage.

    aliases: id, snapshot_id
    @@ -148,9 +138,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -182,9 +168,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -203,9 +187,7 @@ Parameters
  • yes ←
    • - - - +
    whether to remove tags not present in the tags parameter.
    @@ -220,9 +202,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -238,9 +218,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -260,9 +238,7 @@ Parameters
  • absent
    • - - - +
    Specify the desired state of the snapshot.
    @@ -277,9 +253,7 @@ Parameters - - - +
    tags dict to apply to a snapshot.
    @@ -298,9 +272,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -319,9 +291,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to wait for snapshot creation or deletion.
    @@ -337,9 +307,7 @@ Parameters Default:
    300
    - - - +
    how long before wait gives up, in seconds.
    @@ -363,13 +331,13 @@ Examples .. code-block:: yaml+jinja - # Create snapshot - - rds_snapshot: + - name: Create snapshot + community.aws.rds_snapshot: db_instance_identifier: new-database db_snapshot_identifier: new-database-snapshot - # Delete snapshot - - rds_snapshot: + - name: Delete snapshot + community.aws.rds_snapshot: db_snapshot_identifier: new-database-snapshot state: absent @@ -378,7 +346,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds_snapshot_info.rst b/docs/community.aws.rds_snapshot_info.rst index 81ffae3f73b..5b0f598c789 100644 --- a/docs/community.aws.rds_snapshot_info.rst +++ b/docs/community.aws.rds_snapshot_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_snapshot_info_: +.. _community.aws.rds_snapshot_info_module: ******************************* @@ -25,7 +26,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    RDS cluster name for which to find snapshots.
    Mutually exclusive with db_snapshot_identifier, db_instance_identifier, db_cluster_snapshot_identifier
    @@ -128,9 +120,7 @@ Parameters - - - +
    Name of an RDS cluster snapshot.
    Mutually exclusive with db_instance_identifier, db_snapshot_identifier, db_cluster_identifier
    @@ -146,9 +136,7 @@ Parameters - - - +
    RDS instance name for which to find snapshots.
    Mutually exclusive with db_snapshot_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    @@ -164,9 +152,7 @@ Parameters - - - +
    Name of an RDS (unclustered) snapshot.
    Mutually exclusive with db_instance_identifier, db_cluster_identifier, db_cluster_snapshot_identifier

    aliases: snapshot_name
    @@ -187,9 +173,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -204,9 +188,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -221,9 +203,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -238,9 +218,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -256,9 +234,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -280,9 +256,7 @@ Parameters
  • public
    • - - - +
    Type of snapshot to find.
    By default both automated and manual snapshots will be returned.
    @@ -302,9 +276,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -328,13 +300,13 @@ Examples .. code-block:: yaml+jinja - # Get information about an snapshot - - rds_snapshot_info: + - name: Get information about an snapshot + community.aws.rds_snapshot_info: db_snapshot_identifier: snapshot_name register: new_database_info - # Get all RDS snapshots for an RDS instance - - rds_snapshot_info: + - name: Get all RDS snapshots for an RDS instance + community.aws.rds_snapshot_info: db_instance_identifier: helloworld-rds-master @@ -342,7 +314,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.rds_subnet_group.rst b/docs/community.aws.rds_subnet_group.rst index 19c76a946bc..487bddf87c8 100644 --- a/docs/community.aws.rds_subnet_group.rst +++ b/docs/community.aws.rds_subnet_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.rds_subnet_group_: +.. _community.aws.rds_subnet_group_module: ****************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Database subnet group description.
    Required when state=present.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Database subnet group identifier.
    @@ -180,9 +166,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -197,9 +181,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -215,9 +197,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -237,9 +217,7 @@ Parameters
  • absent
    • - - - +
    Specifies whether the subnet should be present or absent.
    @@ -254,9 +232,7 @@ Parameters - - - +
    List of subnet IDs that make up the database subnet group.
    Required when state=present.
    @@ -276,9 +252,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -302,8 +276,8 @@ Examples .. code-block:: yaml+jinja - # Add or change a subnet group - - rds_subnet_group: + - name: Add or change a subnet group + community.aws.rds_subnet_group: state: present name: norwegian-blue description: My Fancy Ex Parrot Subnet Group @@ -311,8 +285,8 @@ Examples - subnet-aaaaaaaa - subnet-bbbbbbbb - # Remove a subnet group - - rds_subnet_group: + - name: Remove a subnet group + community.aws.rds_subnet_group: state: absent name: norwegian-blue @@ -321,7 +295,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.redshift.rst b/docs/community.aws.redshift.rst index fa89fb8bced..f26b3ba96c8 100644 --- a/docs/community.aws.redshift.rst +++ b/docs/community.aws.redshift.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.redshift_: +.. _community.aws.redshift_module: ********************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -57,9 +57,7 @@ Parameters
  • yes ←
    • - - - +
    When allow_version_upgrade=true the cluster may be automatically upgraded during the maintenance window.

    aliases: version_upgrade
    @@ -75,9 +73,7 @@ Parameters - - - +
    The number of days that automated snapshots are retained.

    aliases: retention_period
    @@ -93,9 +89,7 @@ Parameters - - - +
    Availability zone in which to launch cluster.

    aliases: zone, aws_zone
    @@ -111,9 +105,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -129,9 +121,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -148,9 +138,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -166,9 +154,7 @@ Parameters - - - +
    Name of the cluster parameter group.

    aliases: param_group_name
    @@ -184,9 +170,7 @@ Parameters - - - +
    In which security group the cluster belongs.

    aliases: security_groups
    @@ -202,9 +186,7 @@ Parameters - - - +
    Which subnet to place the cluster.

    aliases: subnet
    @@ -224,9 +206,7 @@ Parameters
  • single-node ←
    • - - - +
    The type of cluster.
    @@ -244,9 +224,7 @@ Parameters
  • 1.0
    • - - - +
    Which version the cluster should have.

    aliases: version
    @@ -268,9 +246,7 @@ Parameters
  • modify
    • - - - +
    Specifies the action to take.
    @@ -285,9 +261,7 @@ Parameters - - - +
    Name of the database.
    @@ -306,9 +280,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -323,9 +295,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -340,9 +310,7 @@ Parameters - - - +
    An Elastic IP to use for the cluster.
    @@ -361,9 +329,7 @@ Parameters
  • yes
    • - - - +
    If the cluster is encrypted or not.
    @@ -382,9 +348,7 @@ Parameters
  • yes
    • - - - +
    Whether the cluster should have enhanced VPC routing enabled.
    @@ -399,9 +363,7 @@ Parameters - - - +
    Identifier of the final snapshot to be created before deleting the cluster.
    If this parameter is provided, skip_final_cluster_snapshot must be false.
    Used only when command=delete.
    @@ -419,9 +381,7 @@ Parameters - - - +
    Redshift cluster identifier.
    @@ -436,9 +396,7 @@ Parameters - - - +
    Only used when command=modify.

    aliases: new_identifier
    @@ -467,9 +425,7 @@ Parameters
  • dw2.8xlarge
    • - - - +
    The node type of the cluster.
    Require when command=create.
    @@ -485,9 +441,7 @@ Parameters - - - +
    Number of nodes.
    Only used when cluster_type=multi-node.
    @@ -503,9 +457,7 @@ Parameters - - - +
    Master database password.
    Used only when command=create.
    @@ -521,9 +473,7 @@ Parameters - - - +
    Which port the cluster is listening on.
    @@ -538,9 +488,7 @@ Parameters - - - +
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    Times are specified in UTC.
    If not specified then a random 30 minute maintenance window is assigned.
    @@ -558,9 +506,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -579,9 +525,7 @@ Parameters
  • yes
    • - - - +
    If the cluster is accessible publicly or not.
    @@ -596,9 +540,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -614,9 +556,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -636,9 +576,7 @@ Parameters
  • yes
    • - - - +
    Skip a final snapshot before deleting the cluster.
    Used only when command=delete.

    aliases: skip_final_snapshot
    @@ -655,9 +593,7 @@ Parameters - - - +
    Master database username.
    Used only when command=create.
    @@ -677,9 +613,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -694,9 +628,7 @@ Parameters - - - +
    VPC security group

    aliases: vpc_security_groups
    @@ -716,9 +648,7 @@ Parameters
  • yes
    • - - - +
    When command=create, command=modify or command=restore then wait for the database to enter the 'available' state.
    When command=delete wait for the database to be terminated.
    @@ -735,9 +665,7 @@ Parameters Default:
    300
    - - - +
    When wait=true defines how long in seconds before giving up.
    @@ -761,16 +689,16 @@ Examples .. code-block:: yaml+jinja - # Basic cluster provisioning example - - redshift: > - command=create - node_type=ds1.xlarge - identifier=new_cluster - username=cluster_admin - password=1nsecure - - # Cluster delete example - - redshift: + - name: Basic cluster provisioning example + community.aws.redshift: + command: create + node_type: ds1.xlarge + identifier: new_cluster + username: cluster_admin + password: 1nsecure + + - name: Cluster delete example + community.aws.redshift: command: delete identifier: new_cluster skip_final_cluster_snapshot: true @@ -781,7 +709,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.redshift_cross_region_snapshots.rst b/docs/community.aws.redshift_cross_region_snapshots.rst index 10df01c3550..44ad28008e2 100644 --- a/docs/community.aws.redshift_cross_region_snapshots.rst +++ b/docs/community.aws.redshift_cross_region_snapshots.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.redshift_cross_region_snapshots_: +.. _community.aws.redshift_cross_region_snapshots_module: ********************************************* @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    The name of the cluster to configure cross-region snapshots for.

    aliases: cluster
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    The region to copy snapshots to.

    aliases: destination
    @@ -167,9 +155,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -184,9 +170,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -201,9 +185,7 @@ Parameters - - - +
    The cluster's region.

    aliases: source
    @@ -219,9 +201,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -237,9 +217,7 @@ Parameters - - - +
    A grant for Amazon Redshift to use a master key in the destination_region.

    aliases: copy_grant
    @@ -256,9 +234,7 @@ Parameters - - - +
    The number of days to keep cross-region snapshots for.

    aliases: retention_period
    @@ -278,9 +254,7 @@ Parameters
  • absent
    • - - - +
    Create or remove the cross-region snapshot configuration.
    @@ -299,9 +273,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -326,7 +298,7 @@ Examples - name: configure cross-region snapshot on cluster `johniscool` - redshift_cross_region_snapshots: + community.aws.redshift_cross_region_snapshots: cluster_name: johniscool state: present region: us-east-1 @@ -334,7 +306,7 @@ Examples retention_period: 1 - name: configure cross-region snapshot on kms-encrypted cluster - redshift_cross_region_snapshots: + community.aws.redshift_cross_region_snapshots: cluster_name: whatever state: present region: us-east-1 @@ -343,7 +315,7 @@ Examples retention_period: 10 - name: disable cross-region snapshots, necessary before most cluster modifications (rename, resize) - redshift_cross_region_snapshots: + community.aws.redshift_cross_region_snapshots: cluster_name: whatever state: absent region: us-east-1 diff --git a/docs/community.aws.redshift_info.rst b/docs/community.aws.redshift_info.rst index cf2524b4bf6..8e5b96afa4e 100644 --- a/docs/community.aws.redshift_info.rst +++ b/docs/community.aws.redshift_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.redshift_info_: +.. _community.aws.redshift_info_module: *************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters - - - +
    The prefix of cluster identifier of the Redshift cluster you are searching for.
    This is a regular expression match with implicit '^'. Append '$' for a complete match.

    aliases: name, identifier
    @@ -132,9 +124,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -201,9 +185,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -219,9 +201,7 @@ Parameters - - - +
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
    @@ -240,9 +220,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -268,27 +246,27 @@ Examples # Note: These examples do net set authentication details, see the AWS guide for details. - # Find all clusters - - redshift_info: + - name: Find all clusters + community.aws.redshift_info: register: redshift - # Find cluster(s) with matching tags - - redshift_info: + - name: Find cluster(s) with matching tags + community.aws.redshift_info: tags: env: prd stack: monitoring register: redshift_tags - # Find cluster(s) with matching name/prefix and tags - - redshift_info: + - name: Find cluster(s) with matching name/prefix and tags + community.aws.redshift_info: tags: env: dev stack: web name: user- register: redshift_web - # Fail if no cluster(s) is/are found - - redshift_info: + - name: Fail if no cluster(s) is/are found + community.aws.redshift_info: tags: env: stg stack: db @@ -300,7 +278,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.redshift_subnet_group.rst b/docs/community.aws.redshift_subnet_group.rst index 0ab43b10fd0..e53a5117fd0 100644 --- a/docs/community.aws.redshift_subnet_group.rst +++ b/docs/community.aws.redshift_subnet_group.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.redshift_subnet_group_: +.. _community.aws.redshift_subnet_group_module: *********************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - python >= 2.6 @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Database subnet group description.

    aliases: description
    @@ -163,9 +151,7 @@ Parameters - - - +
    Cluster subnet group name.

    aliases: name
    @@ -181,9 +167,7 @@ Parameters - - - +
    List of subnet IDs that make up the cluster subnet group.

    aliases: subnets
    @@ -199,9 +183,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -216,9 +198,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -234,9 +214,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -256,9 +234,7 @@ Parameters
  • absent
    • - - - +
    Specifies whether the subnet should be present or absent.
    @@ -277,9 +253,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -303,9 +277,8 @@ Examples .. code-block:: yaml+jinja - # Create a Redshift subnet group - - local_action: - module: redshift_subnet_group + - name: Create a Redshift subnet group + community.aws.redshift_subnet_group: state: present group_name: redshift-subnet group_description: Redshift subnet @@ -313,8 +286,8 @@ Examples - 'subnet-aaaaa' - 'subnet-bbbbb' - # Remove subnet group - - redshift_subnet_group: + - name: Remove subnet group + community.aws.redshift_subnet_group: state: absent group_name: redshift-subnet @@ -323,7 +296,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.route53.rst b/docs/community.aws.route53.rst index 074aae43bf8..f59997c108f 100644 --- a/docs/community.aws.route53.rst +++ b/docs/community.aws.route53.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.route53_: +.. _community.aws.route53_module: ********************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -56,9 +56,7 @@ Parameters
  • yes
    • - - - +
    Indicates if this is an alias record.
    @@ -77,9 +75,7 @@ Parameters
  • yes
    • - - - +
    Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
    @@ -94,9 +90,7 @@ Parameters - - - +
    The hosted zone identifier.
    @@ -111,9 +105,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -129,9 +121,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -148,9 +138,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -170,9 +158,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -187,9 +173,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -208,9 +192,7 @@ Parameters
  • PRIMARY
    • - - - +
    Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
    @@ -225,9 +207,7 @@ Parameters - - - +
    Health check to associate with this record
    @@ -242,9 +222,7 @@ Parameters - - - +
    The Hosted Zone ID of the DNS zone to modify.
    This is a required parameter, if parameter zone is not supplied.
    @@ -260,9 +238,7 @@ Parameters - - - +
    Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    @@ -281,9 +257,7 @@ Parameters
  • yes
    • - - - +
    Whether an existing record should be overwritten on create if values do not match.
    @@ -302,9 +276,7 @@ Parameters
  • yes
    • - - - +
    If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
    @@ -319,9 +291,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -336,9 +306,7 @@ Parameters - - - +
    The full DNS record to create or delete.
    @@ -353,9 +321,7 @@ Parameters - - - +
    Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
    @@ -371,9 +337,7 @@ Parameters Default:
    500
    - - - +
    In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
    @@ -388,9 +352,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -413,9 +375,7 @@ Parameters
  • delete
    • - - - +
    Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.

    aliases: command
    @@ -432,9 +392,7 @@ Parameters Default:
    3600
    - - - +
    The TTL, in second, to give the new record.
    @@ -462,9 +420,7 @@ Parameters
  • SOA
    • - - - +
    The type of DNS record to create.
    @@ -483,9 +439,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -500,9 +454,7 @@ Parameters - - - +
    The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
    When deleting a record all values for the record must be specified or Route53 will not delete it.
    @@ -518,9 +470,7 @@ Parameters - - - +
    When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.
    This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
    @@ -540,9 +490,7 @@ Parameters
  • yes
    • - - - +
    Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
    @@ -558,9 +506,7 @@ Parameters Default:
    300
    - - - +
    How long to wait for the changes to be replicated, in seconds.
    @@ -575,9 +521,7 @@ Parameters - - - +
    Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
    @@ -592,9 +536,7 @@ Parameters - - - +
    The DNS zone to modify.
    This is a required parameter, if parameter hosted_zone_id is not supplied.
    @@ -619,107 +561,109 @@ Examples .. code-block:: yaml+jinja - # Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated - - route53: - state: present - zone: foo.com - record: new.foo.com - type: A - ttl: 7200 - value: 1.1.1.1,2.2.2.2,3.3.3.3 - wait: yes - - # Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated - - route53: - state: present - zone: foo.com - record: new.foo.com - type: A - ttl: 7200 - value: - - 1.1.1.1 - - 2.2.2.2 - - 3.3.3.3 - wait: yes + - name: Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated + community.aws.route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: 1.1.1.1,2.2.2.2,3.3.3.3 + wait: yes - # Retrieve the details for new.foo.com - - route53: - state: get - zone: foo.com - record: new.foo.com - type: A + - name: Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated + community.aws.route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: + - 1.1.1.1 + - 2.2.2.2 + - 3.3.3.3 + wait: yes + + - name: Retrieve the details for new.foo.com + community.aws.route53: + state: get + zone: foo.com + record: new.foo.com + type: A register: rec - # Delete new.foo.com A record using the results from the get command - - route53: - state: absent - zone: foo.com - record: "{{ rec.set.record }}" - ttl: "{{ rec.set.ttl }}" - type: "{{ rec.set.type }}" - value: "{{ rec.set.value }}" + - name: Delete new.foo.com A record using the results from the get command + community.aws.route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" # Add an AAAA record. Note that because there are colons in the value # that the IPv6 address must be quoted. Also shows using the old form command=create. - - route53: - command: create - zone: foo.com - record: localhost.foo.com - type: AAAA - ttl: 7200 - value: "::1" + - name: Add an AAAA record + community.aws.route53: + command: create + zone: foo.com + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" - # Add a SRV record with multiple fields for a service on port 22222 # For more information on SRV records see: # https://en.wikipedia.org/wiki/SRV_record - - route53: - state: present - zone: foo.com - record: "_example-service._tcp.foo.com" - type: SRV - value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" + - name: Add a SRV record with multiple fields for a service on port 22222 + community.aws.route53: + state: present + zone: foo.com + record: "_example-service._tcp.foo.com" + type: SRV + value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" - # Add a TXT record. Note that TXT and SPF records must be surrounded + # Note that TXT and SPF records must be surrounded # by quotes when sent to Route 53: - - route53: - state: present - zone: foo.com - record: localhost.foo.com - type: TXT - ttl: 7200 - value: '"bar"' + - name: Add a TXT record. + community.aws.route53: + state: present + zone: foo.com + record: localhost.foo.com + type: TXT + ttl: 7200 + value: '"bar"' - # Add an alias record that points to an Amazon ELB: - - route53: - state: present - zone: foo.com - record: elb.foo.com - type: A - value: "{{ elb_dns_name }}" - alias: True - alias_hosted_zone_id: "{{ elb_zone_id }}" + - name: Add an alias record that points to an Amazon ELB + community.aws.route53: + state: present + zone: foo.com + record: elb.foo.com + type: A + value: "{{ elb_dns_name }}" + alias: True + alias_hosted_zone_id: "{{ elb_zone_id }}" - # Retrieve the details for elb.foo.com - - route53: - state: get - zone: foo.com - record: elb.foo.com - type: A + - name: Retrieve the details for elb.foo.com + community.aws.route53: + state: get + zone: foo.com + record: elb.foo.com + type: A register: rec - # Delete an alias record using the results from the get command - - route53: - state: absent - zone: foo.com - record: "{{ rec.set.record }}" - ttl: "{{ rec.set.ttl }}" - type: "{{ rec.set.type }}" - value: "{{ rec.set.value }}" - alias: True - alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" + - name: Delete an alias record using the results from the get command + community.aws.route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" + alias: True + alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" - # Add an alias record that points to an Amazon ELB and evaluates it health: - - route53: + - name: Add an alias record that points to an Amazon ELB and evaluates it health + community.aws.route53: state: present zone: foo.com record: elb.foo.com @@ -729,39 +673,39 @@ Examples alias_hosted_zone_id: "{{ elb_zone_id }}" alias_evaluate_target_health: True - # Add an AAAA record with Hosted Zone ID. - - route53: - state: present - zone: foo.com - hosted_zone_id: Z2AABBCCDDEEFF - record: localhost.foo.com - type: AAAA - ttl: 7200 - value: "::1" - - # Use a routing policy to distribute traffic: - - route53: - state: present - zone: foo.com - record: www.foo.com - type: CNAME - value: host1.foo.com - ttl: 30 - # Routing policy - identifier: "host1@www" - weight: 100 - health_check: "d994b780-3150-49fd-9205-356abdd42e75" - - # Add a CAA record (RFC 6844): - - route53: - state: present - zone: example.com - record: example.com - type: CAA - value: - - 0 issue "ca.example.net" - - 0 issuewild ";" - - 0 iodef "mailto:security@example.com" + - name: Add an AAAA record with Hosted Zone ID + community.aws.route53: + state: present + zone: foo.com + hosted_zone_id: Z2AABBCCDDEEFF + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + + - name: Use a routing policy to distribute traffic + community.aws.route53: + state: present + zone: foo.com + record: www.foo.com + type: CNAME + value: host1.foo.com + ttl: 30 + # Routing policy + identifier: "host1@www" + weight: 100 + health_check: "d994b780-3150-49fd-9205-356abdd42e75" + + - name: Add a CAA record (RFC 6844) + community.aws.route53: + state: present + zone: example.com + record: example.com + type: CAA + value: + - 0 issue "ca.example.net" + - 0 issuewild ";" + - 0 iodef "mailto:security@example.com" @@ -769,7 +713,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.route53_health_check.rst b/docs/community.aws.route53_health_check.rst index 87656616e1e..d2c7ced3b07 100644 --- a/docs/community.aws.route53_health_check.rst +++ b/docs/community.aws.route53_health_check.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.route53_health_check_: +.. _community.aws.route53_health_check_module: ********************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -158,9 +148,7 @@ Parameters
  • 10
    • - - - +
    The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
    @@ -175,9 +163,7 @@ Parameters - - - +
    Domain name of the endpoint to check. Either this or ip_address has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
    @@ -192,9 +178,7 @@ Parameters - - - +
    IP address of the end-point to check. Either this or fqdn has to be provided.
    @@ -209,9 +193,7 @@ Parameters - - - +
    The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
    @@ -226,9 +208,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -243,9 +223,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -265,9 +243,7 @@ Parameters
  • 30 ←
    • - - - +
    The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
    @@ -282,9 +258,7 @@ Parameters - - - +
    The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.
    Required for all checks except TCP.
    The path must begin with a /
    @@ -302,9 +276,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -324,9 +296,7 @@ Parameters
  • absent
    • - - - +
    Specifies the action to take.
    @@ -341,9 +311,7 @@ Parameters - - - +
    If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
    @@ -365,9 +333,7 @@ Parameters
  • TCP
    • - - - +
    The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
    @@ -386,9 +352,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -412,8 +376,8 @@ Examples .. code-block:: yaml+jinja - # Create a health-check for host1.example.com and use it in record - - route53_health_check: + - name: Create a health-check for host1.example.com and use it in record + community.aws.route53_health_check: state: present fqdn: host1.example.com type: HTTP_STR_MATCH @@ -423,7 +387,7 @@ Examples failure_threshold: 2 register: my_health_check - - route53: + - community.aws.route53: action: create zone: "example.com" type: CNAME @@ -435,8 +399,8 @@ Examples weight: 100 health_check: "{{ my_health_check.health_check.id }}" - # Delete health-check - - route53_health_check: + - name: Delete health-check + community.aws.route53_health_check: state: absent fqdn: host1.example.com diff --git a/docs/community.aws.route53_info.rst b/docs/community.aws.route53_info.rst index 12f54987ac3..e9d71c3f34c 100644 --- a/docs/community.aws.route53_info.rst +++ b/docs/community.aws.route53_info.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.route53_info_: +.. _community.aws.route53_info_module: ************************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    The ID of the change batch request.
    The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
    Required if query=change.
    @@ -131,9 +123,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -148,9 +138,7 @@ Parameters - - - +
    The DNS Zone delegation set ID.
    @@ -165,9 +153,7 @@ Parameters - - - +
    The first name in the lexicographic ordering of domain names that you want the list_command to start listing from.
    @@ -182,9 +168,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -199,9 +183,7 @@ Parameters - - - +
    The ID of the health check.
    Required if query is set to health_check and health_check_method is set to details or status or failure_reason.
    @@ -225,9 +207,7 @@ Parameters
  • tags
    • - - - +
    This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
    @@ -242,9 +222,7 @@ Parameters - - - +
    The Hosted Zone ID of the DNS zone.
    Required if query is set to hosted_zone and hosted_zone_method is set to details.
    Required if query is set to record_sets.
    @@ -268,9 +246,7 @@ Parameters
  • tags
    • - - - +
    This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
    @@ -285,9 +261,7 @@ Parameters - - - +
    Maximum number of items to return for various get/list requests.
    @@ -302,9 +276,7 @@ Parameters - - - +
    Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results.
    @@ -319,9 +291,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -344,9 +314,7 @@ Parameters
  • reusable_delegation_set
    • - - - +
    Specifies the query action to take.
    @@ -361,9 +329,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -379,9 +345,7 @@ Parameters - - - +
    The ID/s of the specified resource/s.
    Required if query=health_check and health_check_method=tags.
    Required if query=hosted_zone and hosted_zone_method=tags.
    @@ -399,9 +363,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -417,9 +379,7 @@ Parameters - - - +
    The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from.
    @@ -446,9 +406,7 @@ Parameters
  • NS
    • - - - +
    The type of DNS record.
    @@ -467,9 +425,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -495,19 +451,19 @@ Examples # Simple example of listing all hosted zones - name: List all hosted zones - route53_info: + community.aws.route53_info: query: hosted_zone register: hosted_zones # Getting a count of hosted zones - name: Return a count of all hosted zones - route53_info: + community.aws.route53_info: query: hosted_zone hosted_zone_method: count register: hosted_zone_count - name: List the first 20 resource record sets in a given hosted zone - route53_info: + community.aws.route53_info: profile: account_name query: record_sets hosted_zone_id: ZZZ1111112222 @@ -515,33 +471,33 @@ Examples register: record_sets - name: List first 20 health checks - route53_info: + community.aws.route53_info: query: health_check health_check_method: list max_items: 20 register: health_checks - name: Get health check last failure_reason - route53_info: + community.aws.route53_info: query: health_check health_check_method: failure_reason health_check_id: 00000000-1111-2222-3333-12345678abcd register: health_check_failure_reason - name: Retrieve reusable delegation set details - route53_info: + community.aws.route53_info: query: reusable_delegation_set delegation_set_id: delegation id register: delegation_sets - name: setup of example for using next_marker - route53_info: + community.aws.route53_info: query: hosted_zone max_items: 1 register: first_info - name: example for using next_marker - route53_info: + community.aws.route53_info: query: hosted_zone next_marker: "{{ first_info.NextMarker }}" max_items: 1 @@ -550,12 +506,12 @@ Examples - name: retrieve host entries starting with host1.workshop.test.io block: - name: grab zone id - route53_zone: + community.aws.route53_zone: zone: "test.io" register: AWSINFO - name: grab Route53 record information - route53_info: + community.aws.route53_info: type: A query: record_sets hosted_zone_id: "{{ AWSINFO.zone_id }}" diff --git a/docs/community.aws.route53_zone.rst b/docs/community.aws.route53_zone.rst index 4cab82c7544..cc7aea34529 100644 --- a/docs/community.aws.route53_zone.rst +++ b/docs/community.aws.route53_zone.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.route53_zone_: +.. _community.aws.route53_zone_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -109,9 +103,7 @@ Parameters Default:
    ""
    - - - +
    Comment associated with the zone.
    @@ -130,9 +122,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    The reusable delegation set ID to be associated with the zone.
    Note that you can't associate a reusable delegation set with a private hosted zone.
    @@ -165,9 +153,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -182,9 +168,7 @@ Parameters - - - +
    The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
    Required if there are multiple zones identified with the above options.
    @@ -200,9 +184,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -217,9 +199,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -235,9 +215,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -257,9 +235,7 @@ Parameters
  • absent
    • - - - +
    Whether or not the zone should exist or not.
    @@ -278,9 +254,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -295,9 +269,7 @@ Parameters - - - +
    The VPC ID the zone should be a part of (if this is going to be a private zone).
    @@ -312,9 +284,7 @@ Parameters - - - +
    The VPC Region the zone should be a part of (if this is going to be a private zone).
    @@ -329,9 +299,7 @@ Parameters - - - +
    The DNS zone record (eg: foo.com.)
    @@ -356,24 +324,24 @@ Examples - name: create a public zone - route53_zone: + community.aws.route53_zone: zone: example.com comment: this is an example - name: delete a public zone - route53_zone: + community.aws.route53_zone: zone: example.com state: absent - name: create a private zone - route53_zone: + community.aws.route53_zone: zone: devel.example.com vpc_id: '{{ myvpc_id }}' vpc_region: us-west-2 comment: developer domain - name: create a public zone associated with a specific reusable delegation set - route53_zone: + community.aws.route53_zone: zone: example.com comment: reusable delegation set example delegation_set_id: A1BCDEF2GHIJKL @@ -383,7 +351,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.s3_bucket_notification.rst b/docs/community.aws.s3_bucket_notification.rst index 3b9835f82cb..7107ff5fd62 100644 --- a/docs/community.aws.s3_bucket_notification.rst +++ b/docs/community.aws.s3_bucket_notification.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.s3_bucket_notification_: +.. _community.aws.s3_bucket_notification_module: ************************************ @@ -17,13 +18,13 @@ community.aws.s3_bucket_notification Synopsis -------- -- This module allows the management of AWS Lambda function bucket event mappings via the Ansible framework. Use module :ref:`lambda ` to manage the lambda function itself, :ref:`lambda_alias ` to manage function aliases and :ref:`lambda_policy ` to modify lambda permissions. +- This module allows the management of AWS Lambda function bucket event mappings via the Ansible framework. Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_policy ` to modify lambda permissions. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -108,9 +102,7 @@ Parameters - - - +
    S3 bucket name.
    @@ -129,9 +121,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Unique name for event notification on bucket.
    @@ -193,9 +179,7 @@ Parameters
  • s3:ReducedRedundancyLostObject
    • - - - +
    Events that you want to be triggering notifications. You can select multiple events to send to the same destination, you can set up different events to send to different destinations, and you can set up a prefix or suffix for an event. However, for each bucket, individual events cannot have multiple configurations with overlapping prefixes or suffixes that could match the same object key.
    Required when state=present.
    @@ -211,9 +195,7 @@ Parameters - - - +
    Name of the Lambda function alias.
    Mutually exclusive with lambda_version.
    @@ -229,9 +211,7 @@ Parameters - - - +
    The ARN of the lambda function.

    aliases: function_arn
    @@ -247,9 +227,7 @@ Parameters - - - +
    Version of the Lambda function.
    Mutually exclusive with lambda_alias.
    @@ -265,9 +243,7 @@ Parameters - - - +
    Optional prefix to limit the notifications to objects with keys that start with matching characters.
    @@ -282,9 +258,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -299,9 +273,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -317,9 +289,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -339,9 +309,7 @@ Parameters
  • absent
    • - - - +
    Describes the desired state.
    @@ -356,9 +324,7 @@ Parameters - - - +
    Optional suffix to limit the notifications to objects with keys that end with matching characters.
    @@ -377,9 +343,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -391,7 +355,7 @@ Notes ----- .. note:: - - This module heavily depends on :ref:`lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. + - This module heavily depends on :ref:`community.aws.lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -406,25 +370,22 @@ Examples --- # Example that creates a lambda event notification for a bucket - - hosts: localhost - gather_facts: no - tasks: - - name: Process jpg image - s3_bucket_notification: - state: present - event_name: on_file_add_or_remove - bucket_name: test-bucket - function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda - events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] - prefix: images/ - suffix: .jpg + - name: Process jpg image + community.aws.s3_bucket_notification: + state: present + event_name: on_file_add_or_remove + bucket_name: test-bucket + function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda + events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] + prefix: images/ + suffix: .jpg Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.s3_lifecycle.rst b/docs/community.aws.s3_lifecycle.rst index 9a65b8bf803..d686f7eebb5 100644 --- a/docs/community.aws.s3_lifecycle.rst +++ b/docs/community.aws.s3_lifecycle.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.s3_lifecycle_: +.. _community.aws.s3_lifecycle_module: ************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - python >= 2.6 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
    @@ -180,9 +166,7 @@ Parameters - - - +
    Name of the s3 bucket
    @@ -197,9 +181,7 @@ Parameters - - - +
    Delete noncurrent versions this many days after they become noncurrent
    @@ -219,9 +201,7 @@ Parameters
  • standard_ia
    • - - - +
    Transition noncurrent versions to this storage class
    @@ -236,9 +216,7 @@ Parameters - - - +
    Transition noncurrent versions this many days after they become noncurrent
    @@ -253,9 +231,7 @@ Parameters - - - +
    A list of transition behaviors to be applied to noncurrent versions for the rule. Each storage class may be used only once. Each transition behavior contains these elements transition_days storage_class
    @@ -272,9 +248,7 @@ Parameters - - - +
    Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
    @@ -289,9 +263,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -310,9 +282,7 @@ Parameters
  • yes ←
    • - - - +
    "Whether to replace all the current transition(s) with the new transition(s). When false, the provided transition(s) will be added, replacing transitions with the same storage_class. When true, existing transitions will be removed and replaced with the new transition(s)
    @@ -327,9 +297,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -349,10 +317,8 @@ Parameters
  • yes
    • - - - -
    The requester_pays option does nothing and will be removed in Ansible 2.14.
    + +
    The requester_pays option does nothing and will be removed after 2022-06-01
    @@ -366,9 +332,7 @@ Parameters - - - +
    Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
    @@ -383,9 +347,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -405,9 +367,7 @@ Parameters
  • absent
    • - - - +
    Create or remove the lifecycle rule
    @@ -426,9 +386,7 @@ Parameters
  • disabled
    • - - - +
    If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
    @@ -448,9 +406,7 @@ Parameters
  • standard_ia
    • - - - +
    The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
    The 'standard_ia' class is only being available from Ansible version 2.2.
    @@ -466,9 +422,7 @@ Parameters - - - +
    Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required."
    @@ -483,9 +437,7 @@ Parameters - - - +
    Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
    @@ -500,9 +452,7 @@ Parameters - - - +
    A list of transition behaviors to be applied to the rule. Each storage class may be used only once. Each transition behavior may contain these elements transition_days transition_date storage_class
    @@ -521,9 +471,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -551,16 +499,16 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days - - s3_lifecycle: + - name: Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days + community.aws.s3_lifecycle: name: mybucket expiration_days: 30 prefix: logs/ status: enabled state: present - # Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days - - s3_lifecycle: + - name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days + community.aws.s3_lifecycle: name: mybucket transition_days: 7 expiration_days: 90 @@ -568,10 +516,10 @@ Examples status: enabled state: present - # Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. # Note that midnight GMT must be specified. # Be sure to quote your date strings - - s3_lifecycle: + - name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. + community.aws.s3_lifecycle: name: mybucket transition_date: "2020-12-30T00:00:00.000Z" expiration_date: "2030-12-30T00:00:00.000Z" @@ -579,21 +527,21 @@ Examples status: enabled state: present - # Disable the rule created above - - s3_lifecycle: + - name: Disable the rule created above + community.aws.s3_lifecycle: name: mybucket prefix: logs/ status: disabled state: present - # Delete the lifecycle rule created above - - s3_lifecycle: + - name: Delete the lifecycle rule created above + community.aws.s3_lifecycle: name: mybucket prefix: logs/ state: absent - # Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. - - s3_lifecycle: + - name: Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. + community.aws.s3_lifecycle: name: mybucket prefix: backups/ storage_class: standard_ia @@ -601,8 +549,8 @@ Examples state: present status: enabled - # Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 - - s3_lifecycle: + - name: Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 + community.aws.s3_lifecycle: name: mybucket prefix: logs/ state: present diff --git a/docs/community.aws.s3_logging.rst b/docs/community.aws.s3_logging.rst index 2b166197801..f9e897ae21a 100644 --- a/docs/community.aws.s3_logging.rst +++ b/docs/community.aws.s3_logging.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.s3_logging_: +.. _community.aws.s3_logging_module: ************************ @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - python >= 2.6 - boto @@ -38,7 +39,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -52,9 +52,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -70,9 +68,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -89,9 +85,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -111,9 +105,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -128,9 +120,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -145,9 +135,7 @@ Parameters - - - +
    Name of the s3 bucket.
    @@ -162,9 +150,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -179,9 +165,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -197,9 +181,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -219,9 +201,7 @@ Parameters
  • absent
    • - - - +
    Enable or disable logging.
    @@ -236,9 +216,7 @@ Parameters - - - +
    The bucket to log to. Required when state=present.
    @@ -254,9 +232,7 @@ Parameters Default:
    ""
    - - - +
    The prefix that should be prepended to the generated log files written to the target_bucket.
    @@ -275,9 +251,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -304,14 +278,14 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Enable logging of s3 bucket mywebsite.com to s3 bucket mylogs - s3_logging: + community.aws.s3_logging: name: mywebsite.com target_bucket: mylogs target_prefix: logs/mywebsite.com state: present - name: Remove logging on an s3 bucket - s3_logging: + community.aws.s3_logging: name: mywebsite.com state: absent diff --git a/docs/community.aws.s3_sync.rst b/docs/community.aws.s3_sync.rst index 20c33e9b6b2..48065f84c1c 100644 --- a/docs/community.aws.s3_sync.rst +++ b/docs/community.aws.s3_sync.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.s3_sync_: +.. _community.aws.s3_sync_module: ********************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 >= 1.4.4 @@ -41,7 +42,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -55,9 +55,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -73,9 +71,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -92,9 +88,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -110,9 +104,7 @@ Parameters - - - +
    Bucket name.
    @@ -127,9 +119,7 @@ Parameters - - - +
    Cache-Control header set on uploaded objects.
    Directives are separated by commas.
    @@ -149,9 +139,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -170,9 +158,7 @@ Parameters
  • yes
    • - - - +
    Remove remote files that exist in bucket but are not present in the file root.
    @@ -187,9 +173,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -205,9 +189,7 @@ Parameters Default:
    ".*"
    - - - +
    Shell pattern-style file matching.
    Used after include to remove files (for instance, skip "*.txt")
    For multiple patterns, comma-separate them.
    @@ -229,9 +211,7 @@ Parameters
  • date_size ←
    • - - - +
    Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.
    date_size will upload if file sizes don't match or if local file modified date is newer than s3's version
    checksum will compare etag values based on s3's implementation of chunked md5s.
    @@ -249,9 +229,7 @@ Parameters - - - +
    File/directory path for synchronization. This is a local path.
    This root path is scrubbed from the key name, so subdirectories will remain as keys.
    @@ -268,9 +246,7 @@ Parameters Default:
    "*"
    - - - +
    Shell pattern-style file matching.
    Used before exclude to determine eligible files (for instance, only "*.gif")
    For multiple patterns, comma-separate them.
    @@ -287,9 +263,7 @@ Parameters - - - +
    In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
    @@ -304,9 +278,7 @@ Parameters - - - +
    Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example {".txt": "application/text", ".yml": "application/text"}
    @@ -324,9 +296,7 @@ Parameters
  • push ←
    • - - - +
    sync direction.
    @@ -350,9 +320,7 @@ Parameters
  • bucket-owner-full-control
    • - - - +
    Canned ACL to apply to synced files.
    Changing this ACL only changes newly synced files, it does not trigger a full reupload.
    @@ -368,9 +336,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -385,9 +351,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -403,10 +367,8 @@ Parameters - - - -
    The retries option does nothing and will be removed in Ansible 2.14.
    + +
    The retries option does nothing and will be removed after 2022-06-01
    @@ -420,9 +382,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -442,9 +402,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -469,12 +427,12 @@ Examples - name: basic upload - s3_sync: + community.aws.s3_sync: bucket: tedder file_root: roles/s3/files/ - name: all the options - s3_sync: + community.aws.s3_sync: bucket: tedder file_root: roles/s3/files mime_map: @@ -492,7 +450,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.s3_website.rst b/docs/community.aws.s3_website.rst index c462eab5318..af8606e2b26 100644 --- a/docs/community.aws.s3_website.rst +++ b/docs/community.aws.s3_website.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.s3_website_: +.. _community.aws.s3_website_module: ************************ @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -146,9 +136,7 @@ Parameters - - - +
    The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Name of the s3 bucket
    @@ -180,9 +166,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -197,9 +181,7 @@ Parameters - - - +
    Describes the redirect behavior for every request to this s3 bucket website endpoint
    @@ -214,9 +196,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -232,9 +212,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -254,9 +232,7 @@ Parameters
  • absent
    • - - - +
    Add or remove s3 website configuration
    @@ -272,9 +248,7 @@ Parameters Default:
    "index.html"
    - - - +
    Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.
    @@ -293,9 +267,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -321,19 +293,19 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Configure an s3 bucket to redirect all requests to example.com - - s3_website: + - name: Configure an s3 bucket to redirect all requests to example.com + community.aws.s3_website: name: mybucket.com redirect_all_requests: example.com state: present - # Remove website configuration from an s3 bucket - - s3_website: + - name: Remove website configuration from an s3 bucket + community.aws.s3_website: name: mybucket.com state: absent - # Configure an s3 bucket as a website with index and error pages - - s3_website: + - name: Configure an s3 bucket as a website with index and error pages + community.aws.s3_website: name: mybucket.com suffix: home.htm error_key: errors/404.htm @@ -345,7 +317,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.sns.rst b/docs/community.aws.sns.rst index 58481f03c7a..8f1a2d98661 100644 --- a/docs/community.aws.sns.rst +++ b/docs/community.aws.sns.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.sns_: +.. _community.aws.sns_module: ***************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    Message to send to application subscriptions.
    @@ -71,9 +69,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -89,9 +85,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -108,9 +102,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -130,9 +122,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    Message to send to email subscriptions.
    @@ -181,9 +167,7 @@ Parameters - - - +
    Message to send to email-json subscriptions.
    @@ -198,9 +182,7 @@ Parameters - - - +
    Message to send to HTTP subscriptions.
    @@ -215,9 +197,7 @@ Parameters - - - +
    Message to send to HTTPS subscriptions.
    @@ -232,9 +212,7 @@ Parameters - - - +
    Message to send to Lambda subscriptions.
    @@ -249,9 +227,7 @@ Parameters - - - +
    Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
    This is in AWS's distinct Name/Type/Value format; see example below.
    @@ -271,9 +247,7 @@ Parameters
  • string
    • - - - +
    The payload format to use for the message.
    This must be 'json' to support protocol-specific messages (http, https, email, sms, sqs).
    It must be 'string' to support message_attributes.
    @@ -290,9 +264,7 @@ Parameters - - - +
    Default message for subscriptions without a more specific message.

    aliases: default
    @@ -308,9 +280,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -325,9 +295,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -343,9 +311,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -361,9 +327,7 @@ Parameters - - - +
    Message to send to SMS subscriptions.
    @@ -378,9 +342,7 @@ Parameters - - - +
    Message to send to SQS subscriptions.
    @@ -395,9 +357,7 @@ Parameters - - - +
    Message subject
    @@ -412,9 +372,7 @@ Parameters - - - +
    The name or ARN of the topic to publish to.
    @@ -433,9 +391,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -460,14 +416,14 @@ Examples - name: Send default notification message via SNS - sns: + community.aws.sns: msg: '{{ inventory_hostname }} has completed the play.' subject: Deploy complete! topic: deploy delegate_to: localhost - name: Send notification messages via SNS with short message for SMS - sns: + community.aws.sns: msg: '{{ inventory_hostname }} has completed the play.' sms: deployed! subject: Deploy complete! @@ -475,7 +431,7 @@ Examples delegate_to: localhost - name: Send message with message_attributes - sns: + community.aws.sns: topic: "deploy" msg: "message with extra details!" message_attributes: @@ -492,7 +448,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.sns_topic.rst b/docs/community.aws.sns_topic.rst index fb3aaac7c34..3a7b464ce7e 100644 --- a/docs/community.aws.sns_topic.rst +++ b/docs/community.aws.sns_topic.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.sns_topic_: +.. _community.aws.sns_topic_module: *********************** @@ -17,14 +18,14 @@ community.aws.sns_topic Synopsis -------- -- The :ref:`sns_topic ` module allows you to create, delete, and manage subscriptions for AWS SNS topics. +- The :ref:`community.aws.sns_topic ` module allows you to create, delete, and manage subscriptions for AWS SNS topics. - As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account. Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - python >= 2.6 @@ -39,7 +40,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -53,9 +53,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -71,9 +69,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -90,9 +86,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -112,9 +106,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -129,9 +121,7 @@ Parameters - - - +
    Delivery policy to apply to the SNS topic.
    @@ -146,9 +136,7 @@ Parameters - - - +
    Display name of the topic.
    @@ -163,9 +151,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -180,9 +166,7 @@ Parameters - - - +
    The name or ARN of the SNS topic to manage.
    @@ -197,9 +181,7 @@ Parameters - - - +
    Policy to apply to the SNS topic.
    @@ -214,9 +196,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -235,9 +215,7 @@ Parameters
  • yes ←
    • - - - +
    Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
    @@ -252,9 +230,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -270,9 +246,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -292,9 +266,7 @@ Parameters
  • present ←
    • - - - +
    Whether to create or destroy an SNS topic.
    @@ -310,9 +282,7 @@ Parameters Default:
    []
    - - - +
    List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
    @@ -328,9 +298,7 @@ Parameters - - - +
    Endpoint of subscription.
    @@ -346,9 +314,7 @@ Parameters - - - +
    Protocol of subscription.
    @@ -368,9 +334,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -396,7 +360,7 @@ Examples - name: Create alarm SNS topic - sns_topic: + community.aws.sns_topic: name: "alarms" state: present display_name: "alarm SNS topic" @@ -423,7 +387,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html @@ -436,24 +400,7 @@ Common return values are documented `here
    - sns_arn - -
    - string -
    - - always - -
    The ARN of the topic you are modifying
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-2:111111111111:my_topic_name
    - - - - -
    - sns_topic + community.aws.sns_topic
    complex @@ -792,7 +739,24 @@ Common return values are documented `here - + + +
    + sns_arn + +
    + string +
    + + always + +
    The ARN of the topic you are modifying
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-2:111111111111:my_topic_name
    + + +

    diff --git a/docs/community.aws.sqs_queue.rst b/docs/community.aws.sqs_queue.rst index 3f968332221..5116099ba41 100644 --- a/docs/community.aws.sqs_queue.rst +++ b/docs/community.aws.sqs_queue.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.sqs_queue_: +.. _community.aws.sqs_queue_module: *********************** @@ -24,7 +25,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Enables content-based deduplication. Used for FIFOs only.
    @@ -134,9 +126,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -151,9 +141,7 @@ Parameters - - - +
    The delivery delay in seconds.

    aliases: delivery_delay
    @@ -169,9 +157,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -186,9 +172,7 @@ Parameters - - - +
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.

    aliases: kms_data_key_reuse_period
    @@ -204,9 +188,7 @@ Parameters - - - +
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    @@ -221,9 +203,7 @@ Parameters - - - +
    The maximum message size in bytes.
    @@ -238,9 +218,7 @@ Parameters - - - +
    The message retention period in seconds.
    @@ -255,9 +233,7 @@ Parameters - - - +
    Name of the queue.
    @@ -272,9 +248,7 @@ Parameters - - - +
    The JSON dict policy to attach to queue.
    @@ -289,9 +263,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -310,9 +282,7 @@ Parameters
  • yes
    • - - - +
    Remove tags not listed in tags.
    @@ -331,9 +301,7 @@ Parameters
  • fifo
    • - - - +
    Standard or FIFO queue.
    queue_type can only be set at queue creation and will otherwise be ignored.
    @@ -349,9 +317,7 @@ Parameters - - - +
    The receive message wait time in seconds.

    aliases: receive_message_wait_time
    @@ -367,9 +333,7 @@ Parameters - - - +
    JSON dict with the redrive_policy (see example).
    @@ -384,9 +348,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -402,9 +364,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -424,9 +384,7 @@ Parameters
  • absent
    • - - - +
    Create or delete the queue.
    @@ -441,9 +399,7 @@ Parameters - - - +
    Tag dict to apply to the queue (requires botocore 1.5.40 or above).
    To remove all tags set tags={} and purge_tags=true.
    @@ -463,9 +419,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -480,9 +434,7 @@ Parameters - - - +
    The default visibility timeout in seconds.

    aliases: default_visibility_timeout
    @@ -507,8 +459,8 @@ Examples .. code-block:: yaml+jinja - # Create SQS queue with redrive policy - - sqs_queue: + - name: Create SQS queue with redrive policy + community.aws.sqs_queue: name: my-queue region: ap-southeast-2 default_visibility_timeout: 120 @@ -521,35 +473,35 @@ Examples maxReceiveCount: 5 deadLetterTargetArn: arn:aws:sqs:eu-west-1:123456789012:my-dead-queue - # Drop redrive policy - - sqs_queue: + - name: Drop redrive policy + community.aws.sqs_queue: name: my-queue region: ap-southeast-2 redrive_policy: {} - # Create FIFO queue - - sqs_queue: + - name: Create FIFO queue + community.aws.sqs_queue: name: fifo-queue region: ap-southeast-2 queue_type: fifo content_based_deduplication: yes - # Tag queue - - sqs_queue: + - name: Tag queue + community.aws.sqs_queue: name: fifo-queue region: ap-southeast-2 tags: example: SomeValue - # Configure Encryption, automatically uses a new data key every hour - - sqs_queue: + - name: Configure Encryption, automatically uses a new data key every hour + community.aws.sqs_queue: name: fifo-queue region: ap-southeast-2 kms_master_key_id: alias/MyQueueKey kms_data_key_reuse_period_seconds: 3600 - # Delete SQS queue - - sqs_queue: + - name: Delete SQS queue + community.aws.sqs_queue: name: my-queue region: ap-southeast-2 state: absent @@ -559,7 +511,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.sts_assume_role.rst b/docs/community.aws.sts_assume_role.rst index 1c63e2f4b8a..5228395856b 100644 --- a/docs/community.aws.sts_assume_role.rst +++ b/docs/community.aws.sts_assume_role.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.sts_assume_role_: +.. _community.aws.sts_assume_role_module: ***************************** @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
    The max depends on the IAM role's sessions duration setting.
    By default, the value is set to 3600 seconds.
    @@ -149,9 +139,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -166,9 +154,7 @@ Parameters - - - +
    A unique identifier that is used by third parties to assume a role in their customers' accounts.
    @@ -183,9 +169,7 @@ Parameters - - - +
    The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
    @@ -200,9 +184,7 @@ Parameters - - - +
    The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
    @@ -217,9 +199,7 @@ Parameters - - - +
    Supplemental policy to use in addition to assumed role's policies.
    @@ -234,9 +214,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -251,9 +229,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -269,9 +245,7 @@ Parameters - - - +
    The Amazon Resource Name (ARN) of the role that the caller is assuming https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs.
    @@ -286,9 +260,7 @@ Parameters - - - +
    Name of the role's session - will be used by CloudTrail.
    @@ -303,9 +275,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -325,9 +295,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -355,13 +323,13 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) - - sts_assume_role: + - community.aws.sts_assume_role: role_arn: "arn:aws:iam::123456789012:role/someRole" role_session_name: "someRoleSession" register: assumed_role # Use the assumed role above to tag an instance in account 123456789012 - - ec2_tag: + - amazon.aws.ec2_tag: aws_access_key: "{{ assumed_role.sts_creds.access_key }}" aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}" security_token: "{{ assumed_role.sts_creds.session_token }}" @@ -376,7 +344,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/docs/community.aws.sts_session_token.rst b/docs/community.aws.sts_session_token.rst index 2ef04ffa0ec..29f1c51e932 100644 --- a/docs/community.aws.sts_session_token.rst +++ b/docs/community.aws.sts_session_token.rst @@ -1,5 +1,6 @@ +:orphan: -.. _community.aws.sts_session_token_: +.. _community.aws.sts_session_token_module: ******************************* @@ -23,7 +24,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this . +The below requirements are needed on the host that executes this module. - boto - boto3 @@ -40,7 +41,6 @@ Parameters Parameter Choices/Defaults - Configuration Comments @@ -54,9 +54,7 @@ Parameters - - - +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

    aliases: ec2_access_key, access_key
    @@ -72,9 +70,7 @@ Parameters - - - +
    A dictionary to modify the botocore configuration.
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    @@ -91,9 +87,7 @@ Parameters - - - +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

    aliases: ec2_secret_key, secret_key
    @@ -113,9 +107,7 @@ Parameters
  • yes
    • - - - +
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    @@ -130,9 +122,7 @@ Parameters - - - +
    The duration, in seconds, of the session token. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
    @@ -147,9 +137,7 @@ Parameters - - - +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    @@ -164,9 +152,7 @@ Parameters - - - +
    The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
    @@ -181,9 +167,7 @@ Parameters - - - +
    The value provided by the MFA device, if the trust policy of the user requires MFA.
    @@ -198,9 +182,7 @@ Parameters - - - +
    Uses a boto profile. Only works with boto >= 2.24.0.
    @@ -215,9 +197,7 @@ Parameters - - - +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region

    aliases: aws_region, ec2_region
    @@ -233,9 +213,7 @@ Parameters - - - +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

    aliases: access_token
    @@ -255,9 +233,7 @@ Parameters
  • yes ←
    • - - - +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    @@ -284,20 +260,21 @@ Examples # Note: These examples do not set authentication details, see the AWS Guide for details. - # Get a session token (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) - sts_session_token: - duration_seconds: 3600 - register: session_credentials + # (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) + - name: Get a session token + community.aws.sts_session_token: + duration_seconds: 3600 + register: session_credentials - # Use the session token obtained above to tag an instance in account 123456789012 - ec2_tag: - aws_access_key: "{{ session_credentials.sts_creds.access_key }}" - aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" - security_token: "{{ session_credentials.sts_creds.session_token }}" - resource: i-xyzxyz01 - state: present - tags: - MyNewTag: value + - name: Use the session token obtained above to tag an instance in account 123456789012 + amazon.aws.ec2_tag: + aws_access_key: "{{ session_credentials.sts_creds.access_key }}" + aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" + security_token: "{{ session_credentials.sts_creds.session_token }}" + resource: i-xyzxyz01 + state: present + tags: + MyNewTag: value @@ -305,7 +282,7 @@ Examples Return Values ------------- -Common return values are documented `here `_, the following are the fields unique to this : +Common return values are documented `here `_, the following are the fields unique to this module: .. raw:: html diff --git a/galaxy.yml b/galaxy.yml index d7ec90280c4..9fe26378c3e 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -2,13 +2,14 @@ namespace: community name: aws version: 0.1.0 readme: README.md -authors: null +authors: + - Ansible (https://github.com/ansible) description: null license_file: COPYING tags: [community, aws, cloud, amazon] dependencies: amazon.aws: '>=0.1.0' -repository: https://github.com/ansible-collections/community.aws.git +repository: https://github.com/ansible-collections/community.aws documentation: https://github.com/ansible-collections/community.aws/tree/master/docs homepage: https://github.com/ansible-collections/community.aws issues: https://github.com/ansible-collections/community.aws/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc diff --git a/plugins/modules/aws_acm.py b/plugins/modules/aws_acm.py index 5da9ab617e1..b57618b1ac5 100644 --- a/plugins/modules/aws_acm.py +++ b/plugins/modules/aws_acm.py @@ -28,6 +28,7 @@ DOCUMENTATION = ''' module: aws_acm short_description: Upload and delete certificates in the AWS Certificate Manager service +version_added: 1.0.0 description: - Import and delete certificates in Amazon Web Service's Certificate Manager (AWS ACM). - > diff --git a/plugins/modules/aws_acm_info.py b/plugins/modules/aws_acm_info.py index d23fe502ea7..16656021f36 100644 --- a/plugins/modules/aws_acm_info.py +++ b/plugins/modules/aws_acm_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: aws_acm_info short_description: Retrieve certificate information from AWS Certificate Manager service +version_added: 1.0.0 description: - Retrieve information for ACM certificates - This module was called C(aws_acm_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index 380745a4408..f67bae92808 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: aws_api_gateway +version_added: 1.0.0 short_description: Manage AWS API Gateway APIs description: - Allows for the management of API Gateway APIs diff --git a/plugins/modules/aws_application_scaling_policy.py b/plugins/modules/aws_application_scaling_policy.py index 5a2441c5a02..468705b1938 100644 --- a/plugins/modules/aws_application_scaling_policy.py +++ b/plugins/modules/aws_application_scaling_policy.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_application_scaling_policy +version_added: 1.0.0 short_description: Manage Application Auto Scaling Scaling Policies notes: - for details of the parameters and returns see diff --git a/plugins/modules/aws_batch_compute_environment.py b/plugins/modules/aws_batch_compute_environment.py index dd7ce4cb9f2..3ead4a8512b 100644 --- a/plugins/modules/aws_batch_compute_environment.py +++ b/plugins/modules/aws_batch_compute_environment.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_batch_compute_environment +version_added: 1.0.0 short_description: Manage AWS Batch Compute Environments description: - This module allows the management of AWS Batch Compute Environments. diff --git a/plugins/modules/aws_batch_job_definition.py b/plugins/modules/aws_batch_job_definition.py index 347af23ee4e..b93ff5febe7 100644 --- a/plugins/modules/aws_batch_job_definition.py +++ b/plugins/modules/aws_batch_job_definition.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_batch_job_definition +version_added: 1.0.0 short_description: Manage AWS Batch Job Definitions description: - This module allows the management of AWS Batch Job Definitions. diff --git a/plugins/modules/aws_batch_job_queue.py b/plugins/modules/aws_batch_job_queue.py index 59cc0b3a24c..afc49015397 100644 --- a/plugins/modules/aws_batch_job_queue.py +++ b/plugins/modules/aws_batch_job_queue.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_batch_job_queue +version_added: 1.0.0 short_description: Manage AWS Batch Job Queues description: - This module allows the management of AWS Batch Job Queues. diff --git a/plugins/modules/aws_codebuild.py b/plugins/modules/aws_codebuild.py index 5ad56103123..22011422229 100644 --- a/plugins/modules/aws_codebuild.py +++ b/plugins/modules/aws_codebuild.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_codebuild +version_added: 1.0.0 short_description: Create or delete an AWS CodeBuild project notes: - For details of the parameters and returns see U(http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html). diff --git a/plugins/modules/aws_codecommit.py b/plugins/modules/aws_codecommit.py index 8b929454e9d..5fe907cc37d 100644 --- a/plugins/modules/aws_codecommit.py +++ b/plugins/modules/aws_codecommit.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_codecommit +version_added: 1.0.0 short_description: Manage repositories in AWS CodeCommit description: - Supports creation and deletion of CodeCommit repositories. diff --git a/plugins/modules/aws_codepipeline.py b/plugins/modules/aws_codepipeline.py index ff38319ac7b..5406389a129 100644 --- a/plugins/modules/aws_codepipeline.py +++ b/plugins/modules/aws_codepipeline.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_codepipeline +version_added: 1.0.0 short_description: Create or delete AWS CodePipelines notes: - for details of the parameters and returns see U(http://boto3.readthedocs.io/en/latest/reference/services/codepipeline.html) diff --git a/plugins/modules/aws_config_aggregation_authorization.py b/plugins/modules/aws_config_aggregation_authorization.py index 7bd95fc3b0b..5a4ee38bf81 100644 --- a/plugins/modules/aws_config_aggregation_authorization.py +++ b/plugins/modules/aws_config_aggregation_authorization.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_config_aggregation_authorization +version_added: 1.0.0 short_description: Manage cross-account AWS Config authorizations description: - Module manages AWS Config resources. diff --git a/plugins/modules/aws_config_aggregator.py b/plugins/modules/aws_config_aggregator.py index c750edae99b..fac17574c4b 100644 --- a/plugins/modules/aws_config_aggregator.py +++ b/plugins/modules/aws_config_aggregator.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_config_aggregator +version_added: 1.0.0 short_description: Manage AWS Config aggregations across multiple accounts description: - Module manages AWS Config resources diff --git a/plugins/modules/aws_config_delivery_channel.py b/plugins/modules/aws_config_delivery_channel.py index a50de66a3a9..6e7fe5b2fa9 100644 --- a/plugins/modules/aws_config_delivery_channel.py +++ b/plugins/modules/aws_config_delivery_channel.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_config_delivery_channel +version_added: 1.0.0 short_description: Manage AWS Config delivery channels description: - This module manages AWS Config delivery locations for rule checks and configuration info. diff --git a/plugins/modules/aws_config_recorder.py b/plugins/modules/aws_config_recorder.py index b769e6278ff..2d3bf003d3b 100644 --- a/plugins/modules/aws_config_recorder.py +++ b/plugins/modules/aws_config_recorder.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_config_recorder +version_added: 1.0.0 short_description: Manage AWS Config Recorders description: - Module manages AWS Config configuration recorder settings. diff --git a/plugins/modules/aws_config_rule.py b/plugins/modules/aws_config_rule.py index 08675f9a514..80550586aa8 100644 --- a/plugins/modules/aws_config_rule.py +++ b/plugins/modules/aws_config_rule.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_config_rule +version_added: 1.0.0 short_description: Manage AWS Config resources description: - Module manages AWS Config rules diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index 9975206e050..2fbda9124bb 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_direct_connect_connection +version_added: 1.0.0 short_description: Creates, deletes, modifies a DirectConnect connection description: - Create, update, or delete a Direct Connect connection between a network and a specific AWS Direct Connect location. diff --git a/plugins/modules/aws_direct_connect_gateway.py b/plugins/modules/aws_direct_connect_gateway.py index 1524e17fd7a..a7084faaeb7 100644 --- a/plugins/modules/aws_direct_connect_gateway.py +++ b/plugins/modules/aws_direct_connect_gateway.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: aws_direct_connect_gateway author: Gobin Sougrakpam (@gobins) +version_added: 1.0.0 short_description: Manage AWS Direct Connect gateway description: - Creates AWS Direct Connect Gateway. diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index 557be09929f..28af9bc103c 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_direct_connect_link_aggregation_group +version_added: 1.0.0 short_description: Manage Direct Connect LAG bundles description: - Create, delete, or modify a Direct Connect link aggregation group. diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index 4139e5fd7f1..3c4cd886a81 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_direct_connect_virtual_interface +version_added: 1.0.0 short_description: Manage Direct Connect virtual interfaces description: - Create, delete, or modify a Direct Connect public or private virtual interface. diff --git a/plugins/modules/aws_eks_cluster.py b/plugins/modules/aws_eks_cluster.py index 5851b52661c..c39f8464bec 100644 --- a/plugins/modules/aws_eks_cluster.py +++ b/plugins/modules/aws_eks_cluster.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_eks_cluster +version_added: 1.0.0 short_description: Manage Elastic Kubernetes Service Clusters description: - Manage Elastic Kubernetes Service Clusters diff --git a/plugins/modules/aws_elasticbeanstalk_app.py b/plugins/modules/aws_elasticbeanstalk_app.py index cb610a29f82..bab889f0b07 100644 --- a/plugins/modules/aws_elasticbeanstalk_app.py +++ b/plugins/modules/aws_elasticbeanstalk_app.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_elasticbeanstalk_app +version_added: 1.0.0 short_description: Create, update, and delete an elastic beanstalk application diff --git a/plugins/modules/aws_glue_connection.py b/plugins/modules/aws_glue_connection.py index 9aafb4c1d8a..7502af6f9e6 100644 --- a/plugins/modules/aws_glue_connection.py +++ b/plugins/modules/aws_glue_connection.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_glue_connection +version_added: 1.0.0 short_description: Manage an AWS Glue connection description: - Manage an AWS Glue connection. See U(https://aws.amazon.com/glue/) for details. diff --git a/plugins/modules/aws_glue_job.py b/plugins/modules/aws_glue_job.py index f3c7513fdda..c0edd59328c 100644 --- a/plugins/modules/aws_glue_job.py +++ b/plugins/modules/aws_glue_job.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_glue_job +version_added: 1.0.0 short_description: Manage an AWS Glue job description: - Manage an AWS Glue job. See U(https://aws.amazon.com/glue/) for details. diff --git a/plugins/modules/aws_inspector_target.py b/plugins/modules/aws_inspector_target.py index 3d7af6b6c4a..b71fbf61c0d 100644 --- a/plugins/modules/aws_inspector_target.py +++ b/plugins/modules/aws_inspector_target.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_inspector_target +version_added: 1.0.0 short_description: Create, Update and Delete Amazon Inspector Assessment Targets description: Creates, updates, or deletes Amazon Inspector Assessment Targets diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index e83fd9657e2..be4394f2caf 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_kms +version_added: 1.0.0 short_description: Perform various KMS management tasks. description: - Manage role/user access to a KMS key. Not designed for encrypting/decrypting. diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index 1f6f9f394e3..defccf70342 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_kms_info +version_added: 1.0.0 short_description: Gather information about AWS KMS keys description: - Gather information about AWS KMS keys including tags and grants diff --git a/plugins/modules/aws_region_info.py b/plugins/modules/aws_region_info.py index dfe7892164b..09a548b54a7 100644 --- a/plugins/modules/aws_region_info.py +++ b/plugins/modules/aws_region_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: aws_region_info short_description: Gather information about AWS regions. +version_added: 1.0.0 description: - Gather information about AWS regions. - This module was called C(aws_region_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index 7b250f89ed6..90e07a1b62b 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_s3_bucket_info +version_added: 1.0.0 short_description: Lists S3 buckets in AWS requirements: - boto3 >= 1.4.4 diff --git a/plugins/modules/aws_s3_cors.py b/plugins/modules/aws_s3_cors.py index d9a13e302fe..f56f9ce06b5 100644 --- a/plugins/modules/aws_s3_cors.py +++ b/plugins/modules/aws_s3_cors.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_s3_cors +version_added: 1.0.0 short_description: Manage CORS for S3 buckets in AWS description: - Manage CORS for S3 buckets in AWS diff --git a/plugins/modules/aws_secret.py b/plugins/modules/aws_secret.py index 4ee846f1bb6..962501d5d02 100644 --- a/plugins/modules/aws_secret.py +++ b/plugins/modules/aws_secret.py @@ -10,6 +10,7 @@ DOCUMENTATION = r''' --- module: aws_secret +version_added: 1.0.0 short_description: Manage secrets stored in AWS Secrets Manager. description: - Create, update, and delete secrets stored in AWS Secrets Manager. diff --git a/plugins/modules/aws_ses_identity.py b/plugins/modules/aws_ses_identity.py index 5f649873ab3..710ec01817e 100644 --- a/plugins/modules/aws_ses_identity.py +++ b/plugins/modules/aws_ses_identity.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_ses_identity +version_added: 1.0.0 short_description: Manages SES email and domain identity description: - This module allows the user to manage verified email and domain identity for SES. diff --git a/plugins/modules/aws_ses_identity_policy.py b/plugins/modules/aws_ses_identity_policy.py index 4be04d8ecfd..bb743c6b14e 100644 --- a/plugins/modules/aws_ses_identity_policy.py +++ b/plugins/modules/aws_ses_identity_policy.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_ses_identity_policy +version_added: 1.0.0 short_description: Manages SES sending authorization policies description: - This module allows the user to manage sending authorization policies associated with an SES identity (email or domain). diff --git a/plugins/modules/aws_ses_rule_set.py b/plugins/modules/aws_ses_rule_set.py index 86b5f9bf2b5..0996497c5ca 100644 --- a/plugins/modules/aws_ses_rule_set.py +++ b/plugins/modules/aws_ses_rule_set.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_ses_rule_set +version_added: 1.0.0 short_description: Manages SES inbound receipt rule sets description: - The M(community.aws.aws_ses_rule_set) module allows you to create, delete, and manage SES receipt rule sets diff --git a/plugins/modules/aws_sgw_info.py b/plugins/modules/aws_sgw_info.py index 409eeb8126b..adf7dde86aa 100644 --- a/plugins/modules/aws_sgw_info.py +++ b/plugins/modules/aws_sgw_info.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: aws_sgw_info +version_added: 1.0.0 short_description: Fetch AWS Storage Gateway information description: - Fetch AWS Storage Gateway information diff --git a/plugins/modules/aws_ssm_parameter_store.py b/plugins/modules/aws_ssm_parameter_store.py index 2c397ab5326..82138868760 100644 --- a/plugins/modules/aws_ssm_parameter_store.py +++ b/plugins/modules/aws_ssm_parameter_store.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: aws_ssm_parameter_store +version_added: 1.0.0 short_description: Manage key-value pairs in aws parameter store. description: - Manage key-value pairs in aws parameter store. diff --git a/plugins/modules/aws_step_functions_state_machine.py b/plugins/modules/aws_step_functions_state_machine.py index 1220f69f42a..5ab13baa76c 100644 --- a/plugins/modules/aws_step_functions_state_machine.py +++ b/plugins/modules/aws_step_functions_state_machine.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_step_functions_state_machine +version_added: 1.0.0 short_description: Manage AWS Step Functions state machines diff --git a/plugins/modules/aws_step_functions_state_machine_execution.py b/plugins/modules/aws_step_functions_state_machine_execution.py index a3a1d13d6c4..f9e1d3fa44c 100644 --- a/plugins/modules/aws_step_functions_state_machine_execution.py +++ b/plugins/modules/aws_step_functions_state_machine_execution.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: aws_step_functions_state_machine_execution +version_added: 1.0.0 short_description: Start or stop execution of an AWS Step Functions state machine. diff --git a/plugins/modules/aws_waf_condition.py b/plugins/modules/aws_waf_condition.py index 7774d13f06f..e0f4dea2cc5 100644 --- a/plugins/modules/aws_waf_condition.py +++ b/plugins/modules/aws_waf_condition.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' module: aws_waf_condition short_description: Create and delete WAF Conditions +version_added: 1.0.0 description: - Read the AWS documentation for WAF U(https://aws.amazon.com/documentation/waf/) diff --git a/plugins/modules/aws_waf_info.py b/plugins/modules/aws_waf_info.py index 15c1ef98f81..98840668656 100644 --- a/plugins/modules/aws_waf_info.py +++ b/plugins/modules/aws_waf_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: aws_waf_info short_description: Retrieve information for WAF ACLs, Rule , Conditions and Filters. +version_added: 1.0.0 description: - Retrieve information for WAF ACLs, Rule , Conditions and Filters. - This module was called C(aws_waf_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/aws_waf_rule.py b/plugins/modules/aws_waf_rule.py index d2a9ad395ae..3ce660a3cbe 100644 --- a/plugins/modules/aws_waf_rule.py +++ b/plugins/modules/aws_waf_rule.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' module: aws_waf_rule short_description: Create and delete WAF Rules +version_added: 1.0.0 description: - Read the AWS documentation for WAF U(https://aws.amazon.com/documentation/waf/). diff --git a/plugins/modules/aws_waf_web_acl.py b/plugins/modules/aws_waf_web_acl.py index 57ff9ea3515..da7b378a55c 100644 --- a/plugins/modules/aws_waf_web_acl.py +++ b/plugins/modules/aws_waf_web_acl.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: aws_waf_web_acl short_description: Create and delete WAF Web ACLs. +version_added: 1.0.0 description: - Read the AWS documentation for WAF U(https://aws.amazon.com/documentation/waf/). diff --git a/plugins/modules/cloudformation_exports_info.py b/plugins/modules/cloudformation_exports_info.py index 2308eb8e02e..d53d83bd027 100644 --- a/plugins/modules/cloudformation_exports_info.py +++ b/plugins/modules/cloudformation_exports_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: cloudformation_exports_info short_description: Read a value from CloudFormation Exports +version_added: 1.0.0 description: - Module retrieves a value from CloudFormation Exports requirements: ['boto3 >= 1.11.15'] diff --git a/plugins/modules/cloudformation_stack_set.py b/plugins/modules/cloudformation_stack_set.py index 986db8dac3a..990dfdc33c8 100644 --- a/plugins/modules/cloudformation_stack_set.py +++ b/plugins/modules/cloudformation_stack_set.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: cloudformation_stack_set +version_added: 1.0.0 short_description: Manage groups of CloudFormation stacks description: - Launches/updates/deletes AWS CloudFormation Stack Sets. diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 80be45e1268..f5abb2a0d8e 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- +version_added: 1.0.0 module: cloudfront_distribution short_description: Create, update and delete AWS CloudFront distributions. diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index a5bcb4ca572..cc6f9472bb0 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: cloudfront_info +version_added: 1.0.0 short_description: Obtain facts about an AWS CloudFront distribution description: - Gets information about an AWS CloudFront distribution. diff --git a/plugins/modules/cloudfront_invalidation.py b/plugins/modules/cloudfront_invalidation.py index b1da91c1c66..1f3e50331ca 100644 --- a/plugins/modules/cloudfront_invalidation.py +++ b/plugins/modules/cloudfront_invalidation.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- +version_added: 1.0.0 module: cloudfront_invalidation short_description: create invalidations for AWS CloudFront distributions diff --git a/plugins/modules/cloudfront_origin_access_identity.py b/plugins/modules/cloudfront_origin_access_identity.py index af1ea4964b1..00f188222c5 100644 --- a/plugins/modules/cloudfront_origin_access_identity.py +++ b/plugins/modules/cloudfront_origin_access_identity.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- +version_added: 1.0.0 module: cloudfront_origin_access_identity short_description: Create, update and delete origin access identities for a diff --git a/plugins/modules/cloudtrail.py b/plugins/modules/cloudtrail.py index fe8d500a4c3..c0bf3f4db07 100644 --- a/plugins/modules/cloudtrail.py +++ b/plugins/modules/cloudtrail.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: cloudtrail +version_added: 1.0.0 short_description: manage CloudTrail create, delete, update description: - Creates, deletes, or updates CloudTrail configuration. Ensures logging is also enabled. diff --git a/plugins/modules/cloudwatchevent_rule.py b/plugins/modules/cloudwatchevent_rule.py index 00a1908145a..b90b7feca6c 100644 --- a/plugins/modules/cloudwatchevent_rule.py +++ b/plugins/modules/cloudwatchevent_rule.py @@ -9,6 +9,7 @@ DOCUMENTATION = r''' --- module: cloudwatchevent_rule +version_added: 1.0.0 short_description: Manage CloudWatch Event rules and targets description: - This module creates and manages CloudWatch event rules and targets. diff --git a/plugins/modules/cloudwatchlogs_log_group.py b/plugins/modules/cloudwatchlogs_log_group.py index c2f10956f34..cd1e94cfb53 100644 --- a/plugins/modules/cloudwatchlogs_log_group.py +++ b/plugins/modules/cloudwatchlogs_log_group.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: cloudwatchlogs_log_group +version_added: 1.0.0 short_description: create or delete log_group in CloudWatchLogs notes: - For details of the parameters and returns see U(http://boto3.readthedocs.io/en/latest/reference/services/logs.html). diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index f1b87c8d52d..eae18b97c37 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: cloudwatchlogs_log_group_info +version_added: 1.0.0 short_description: Get information about log_group in CloudWatchLogs description: - Lists the specified log groups. You can list all your log groups or filter the results by prefix. diff --git a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py index 852d7900e3a..a05c7fe2029 100644 --- a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py +++ b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py @@ -8,6 +8,7 @@ DOCUMENTATION = ''' --- module: cloudwatchlogs_log_group_metric_filter +version_added: 1.0.0 author: - "Markus Bergholz (@markuman)" short_description: Manage CloudWatch log group metric filter diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index f52cf3f842e..d25563e45ac 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: data_pipeline +version_added: 1.0.0 author: - Raghu Udiyar (@raags) - Sloane Hertel (@s-hertel) diff --git a/plugins/modules/dms_endpoint.py b/plugins/modules/dms_endpoint.py index 438a9a57271..829aae2773d 100644 --- a/plugins/modules/dms_endpoint.py +++ b/plugins/modules/dms_endpoint.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: dms_endpoint +version_added: 1.0.0 short_description: Creates or destroys a data migration services endpoint description: - Creates or destroys a data migration services endpoint, diff --git a/plugins/modules/dms_replication_subnet_group.py b/plugins/modules/dms_replication_subnet_group.py index 0c4a37d5b1f..5aa633b44f3 100644 --- a/plugins/modules/dms_replication_subnet_group.py +++ b/plugins/modules/dms_replication_subnet_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: dms_replication_subnet_group +version_added: 1.0.0 short_description: creates or destroys a data migration services subnet group description: - Creates or destroys a data migration services subnet group. diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py index ee5cd8470c0..d528e460078 100644 --- a/plugins/modules/dynamodb_table.py +++ b/plugins/modules/dynamodb_table.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: dynamodb_table +version_added: 1.0.0 short_description: Create, update or delete AWS Dynamo DB tables description: - Create or delete AWS Dynamo DB tables. diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index dbf7bcfc53c..330bf30f14e 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: dynamodb_ttl +version_added: 1.0.0 short_description: Set TTL for a given DynamoDB table description: - Uses boto3 to set TTL. diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index 2430d04cbb7..638db1c3404 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: ec2_ami_copy +version_added: 1.0.0 short_description: copies AMI between AWS regions, return new image id description: - Copies AMI from a source region to a destination region. B(Since version 2.3 this module depends on boto3.) diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index 323120035f8..43afa725385 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_asg +version_added: 1.0.0 short_description: Create or delete AWS AutoScaling Groups (ASGs) description: - Can create or delete AWS AutoScaling Groups. diff --git a/plugins/modules/ec2_asg_info.py b/plugins/modules/ec2_asg_info.py index d3fb1e101bb..07df498968a 100644 --- a/plugins/modules/ec2_asg_info.py +++ b/plugins/modules/ec2_asg_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_asg_info +version_added: 1.0.0 short_description: Gather information about ec2 Auto Scaling Groups (ASGs) in AWS description: - Gather information about ec2 Auto Scaling Groups (ASGs) in AWS diff --git a/plugins/modules/ec2_asg_lifecycle_hook.py b/plugins/modules/ec2_asg_lifecycle_hook.py index 0127ac9137c..bab1ef37f32 100644 --- a/plugins/modules/ec2_asg_lifecycle_hook.py +++ b/plugins/modules/ec2_asg_lifecycle_hook.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: ec2_asg_lifecycle_hook +version_added: 1.0.0 short_description: Create, delete or update AWS ASG Lifecycle Hooks. description: - Will create a new hook when I(state=present) and no given Hook is found. diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index 8ac3f73d46a..bda1626640b 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_customer_gateway +version_added: 1.0.0 short_description: Manage an AWS customer gateway description: - Manage an AWS customer gateway. diff --git a/plugins/modules/ec2_customer_gateway_info.py b/plugins/modules/ec2_customer_gateway_info.py index d4a10d23cd0..1526cb639d9 100644 --- a/plugins/modules/ec2_customer_gateway_info.py +++ b/plugins/modules/ec2_customer_gateway_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_customer_gateway_info +version_added: 1.0.0 short_description: Gather information about customer gateways in AWS description: - Gather information about customer gateways in AWS. diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index 16ce4ddf70f..c43363e3b6d 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: ec2_eip +version_added: 1.0.0 short_description: manages EC2 elastic IP (EIP) addresses. description: - This module can allocate or release an EIP. diff --git a/plugins/modules/ec2_eip_info.py b/plugins/modules/ec2_eip_info.py index 33899dd648c..c31ec738f09 100644 --- a/plugins/modules/ec2_eip_info.py +++ b/plugins/modules/ec2_eip_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_eip_info +version_added: 1.0.0 short_description: List EC2 EIP details description: - List details of EC2 Elastic IP addresses. diff --git a/plugins/modules/ec2_elb.py b/plugins/modules/ec2_elb.py index 9ae1dc08b58..06fcc9601e2 100644 --- a/plugins/modules/ec2_elb.py +++ b/plugins/modules/ec2_elb.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_elb +version_added: 1.0.0 short_description: De-registers or registers instances from EC2 ELBs description: - This module de-registers or registers an AWS EC2 instance from the ELBs diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index bf753c2cbf6..57cd296d262 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -20,6 +20,7 @@ DOCUMENTATION = ''' --- module: ec2_elb_info +version_added: 1.0.0 short_description: Gather information about EC2 Elastic Load Balancers in AWS description: - Gather information about EC2 Elastic Load Balancers in AWS diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index 912fa7cbe72..9382659f71b 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_instance +version_added: 1.0.0 short_description: Create & manage EC2 instances description: - Create and manage AWS EC2 instances. diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index e94aaa74b21..8883be6923d 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_instance_info +version_added: 1.0.0 short_description: Gather information about ec2 instances in AWS description: - Gather information about ec2 instances in AWS diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index 3605b0a2db5..6ac54a1fee3 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -8,6 +8,7 @@ DOCUMENTATION = ''' --- module: ec2_launch_template +version_added: 1.0.0 short_description: Manage EC2 launch templates description: - Create, modify, and delete EC2 Launch Templates, which can be used to diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index a8e6d87378a..46e125a19ce 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: ec2_lc +version_added: 1.0.0 short_description: Create or delete AWS Autoscaling Launch Configurations diff --git a/plugins/modules/ec2_lc_find.py b/plugins/modules/ec2_lc_find.py index b1c457b945a..700c84610c5 100644 --- a/plugins/modules/ec2_lc_find.py +++ b/plugins/modules/ec2_lc_find.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: ec2_lc_find +version_added: 1.0.0 short_description: Find AWS Autoscaling Launch Configurations description: - Returns list of matching Launch Configurations for a given name, along with other useful information. diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 8e1cf258851..899db903fd9 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: ec2_lc_info +version_added: 1.0.0 short_description: Gather information about AWS Autoscaling Launch Configurations. description: - Gather information about AWS Autoscaling Launch Configurations. diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index a07639aa387..3aef6799b23 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -21,6 +21,7 @@ DOCUMENTATION = ''' module: ec2_metric_alarm short_description: "Create/update or delete AWS Cloudwatch 'metric alarms'" +version_added: 1.0.0 description: - Can create or delete AWS metric alarms. - Metrics you wish to alarm on must already exist. diff --git a/plugins/modules/ec2_placement_group.py b/plugins/modules/ec2_placement_group.py index 5d4b0087086..7d9a8004544 100644 --- a/plugins/modules/ec2_placement_group.py +++ b/plugins/modules/ec2_placement_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_placement_group +version_added: 1.0.0 short_description: Create or delete an EC2 Placement Group description: - Create an EC2 Placement Group; if the placement group already exists, diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index 3559debfe60..96451d69ce5 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_placement_group_info +version_added: 1.0.0 short_description: List EC2 Placement Group(s) details description: - List details of EC2 Placement Group(s). diff --git a/plugins/modules/ec2_scaling_policy.py b/plugins/modules/ec2_scaling_policy.py index 540b70527df..141731199d9 100644 --- a/plugins/modules/ec2_scaling_policy.py +++ b/plugins/modules/ec2_scaling_policy.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_scaling_policy short_description: Create or delete AWS scaling policies for Autoscaling groups +version_added: 1.0.0 description: - Can create or delete scaling policies for autoscaling groups. - Referenced autoscaling groups must already exist. diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 68378d3b9c3..65ee1c980f5 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: ec2_snapshot_copy +version_added: 1.0.0 short_description: Copies an EC2 snapshot and returns the new Snapshot ID. description: - Copies an EC2 Snapshot from a source region to a destination region. diff --git a/plugins/modules/ec2_transit_gateway.py b/plugins/modules/ec2_transit_gateway.py index b4eca57de97..5a7ea4b248c 100644 --- a/plugins/modules/ec2_transit_gateway.py +++ b/plugins/modules/ec2_transit_gateway.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_transit_gateway short_description: Create and delete AWS Transit Gateways +version_added: 1.0.0 description: - Creates AWS Transit Gateways. - Deletes AWS Transit Gateways. diff --git a/plugins/modules/ec2_transit_gateway_info.py b/plugins/modules/ec2_transit_gateway_info.py index 42f180ab97f..ddae796cf47 100644 --- a/plugins/modules/ec2_transit_gateway_info.py +++ b/plugins/modules/ec2_transit_gateway_info.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' module: ec2_transit_gateway_info short_description: Gather information about ec2 transit gateways in AWS +version_added: 1.0.0 description: - Gather information about ec2 transit gateways in AWS author: "Bob Boldin (@BobBoldin)" diff --git a/plugins/modules/ec2_vpc_egress_igw.py b/plugins/modules/ec2_vpc_egress_igw.py index 2981d194ef9..b2f481b86dd 100644 --- a/plugins/modules/ec2_vpc_egress_igw.py +++ b/plugins/modules/ec2_vpc_egress_igw.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_egress_igw +version_added: 1.0.0 short_description: Manage an AWS VPC Egress Only Internet gateway description: - Manage an AWS VPC Egress Only Internet gateway diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 7978c48dfde..920cf45ca6e 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_vpc_endpoint short_description: Create and delete AWS VPC Endpoints. +version_added: 1.0.0 description: - Creates AWS VPC endpoints. - Deletes AWS VPC endpoints. diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index 0f23ca53217..a1f3ff0a901 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -8,6 +8,7 @@ DOCUMENTATION = ''' module: ec2_vpc_endpoint_info short_description: Retrieves AWS VPC endpoints details using AWS methods. +version_added: 1.0.0 description: - Gets various details related to AWS VPC Endpoints. - This module was called C(ec2_vpc_endpoint_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/ec2_vpc_igw.py b/plugins/modules/ec2_vpc_igw.py index c1960c14bbb..b920682b76c 100644 --- a/plugins/modules/ec2_vpc_igw.py +++ b/plugins/modules/ec2_vpc_igw.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_igw +version_added: 1.0.0 short_description: Manage an AWS VPC Internet gateway description: - Manage an AWS VPC Internet gateway diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index dcc07a4349b..f33020e0c24 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_igw_info +version_added: 1.0.0 short_description: Gather information about internet gateways in AWS description: - Gather information about internet gateways in AWS. diff --git a/plugins/modules/ec2_vpc_nacl.py b/plugins/modules/ec2_vpc_nacl.py index 14853edf767..f2ca5cda6f6 100644 --- a/plugins/modules/ec2_vpc_nacl.py +++ b/plugins/modules/ec2_vpc_nacl.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_vpc_nacl short_description: create and delete Network ACLs. +version_added: 1.0.0 description: - Read the AWS documentation for Network ACLS U(https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index 2cc4f012d58..337a91d1c93 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -8,6 +8,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_nacl_info +version_added: 1.0.0 short_description: Gather information about Network ACLs in an AWS VPC description: - Gather information about Network ACLs in an AWS VPC diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 306c8ac49c4..4272dc648c4 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_nat_gateway +version_added: 1.0.0 short_description: Manage AWS VPC NAT Gateways. description: - Ensure the state of AWS VPC NAT Gateways based on their id, allocation and subnet ids. diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index 83fb9b0f182..b734721b5ea 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_vpc_nat_gateway_info short_description: Retrieves AWS VPC Managed Nat Gateway details using AWS methods. +version_added: 1.0.0 description: - Gets various details related to AWS VPC Managed Nat Gateways - This module was called C(ec2_vpc_nat_gateway_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 5c94d4e399b..2a08618a73f 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_vpc_peer short_description: create, delete, accept, and reject VPC peering connections between two VPCs. +version_added: 1.0.0 description: - Read the AWS documentation for VPC Peering Connections U(https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-peering.html). diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index 8472fc4f58c..f552358e362 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_vpc_peering_info short_description: Retrieves AWS VPC Peering details using AWS methods. +version_added: 1.0.0 description: - Gets various details related to AWS VPC Peers - This module was called C(ec2_vpc_peering_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/ec2_vpc_route_table.py b/plugins/modules/ec2_vpc_route_table.py index fbbae5c5a00..39f0ffc42bf 100644 --- a/plugins/modules/ec2_vpc_route_table.py +++ b/plugins/modules/ec2_vpc_route_table.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_route_table +version_added: 1.0.0 short_description: Manage route tables for AWS virtual private clouds description: - Manage route tables for AWS virtual private clouds diff --git a/plugins/modules/ec2_vpc_route_table_info.py b/plugins/modules/ec2_vpc_route_table_info.py index 4823f2db49e..8af3935bd36 100644 --- a/plugins/modules/ec2_vpc_route_table_info.py +++ b/plugins/modules/ec2_vpc_route_table_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_route_table_info +version_added: 1.0.0 short_description: Gather information about ec2 VPC route tables in AWS description: - Gather information about ec2 VPC route tables in AWS diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index 511616a0838..1ce3df5672e 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: ec2_vpc_vgw short_description: Create and delete AWS VPN Virtual Gateways. +version_added: 1.0.0 description: - Creates AWS VPN Virtual Gateways - Deletes AWS VPN Virtual Gateways diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index d526b54a372..5c7b866c7d6 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_vgw_info +version_added: 1.0.0 short_description: Gather information about virtual gateways in AWS description: - Gather information about virtual gateways in AWS. diff --git a/plugins/modules/ec2_vpc_vpn.py b/plugins/modules/ec2_vpc_vpn.py index 72a3b9a3eb1..1ac818485bb 100644 --- a/plugins/modules/ec2_vpc_vpn.py +++ b/plugins/modules/ec2_vpc_vpn.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_vpn +version_added: 1.0.0 short_description: Create, modify, and delete EC2 VPN connections. description: - This module creates, modifies, and deletes VPN connections. Idempotence is achieved by using the filters diff --git a/plugins/modules/ec2_vpc_vpn_info.py b/plugins/modules/ec2_vpc_vpn_info.py index b9830d7d31e..1ba8210a722 100644 --- a/plugins/modules/ec2_vpc_vpn_info.py +++ b/plugins/modules/ec2_vpc_vpn_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_vpc_vpn_info +version_added: 1.0.0 short_description: Gather information about VPN Connections in AWS. description: - Gather information about VPN Connections in AWS. diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index 9ae8cd52dc8..7c7716b8a44 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ec2_win_password +version_added: 1.0.0 short_description: Gets the default administrator password for ec2 windows instances description: - Gets the default administrator password from any EC2 Windows instance. The instance is referenced by its id (e.g. C(i-XXXXXXX)). diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index 37faa28ac03..24e71a29bdb 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_attribute +version_added: 1.0.0 short_description: manage ecs attributes description: - Create, update or delete ECS container instance attributes. diff --git a/plugins/modules/ecs_cluster.py b/plugins/modules/ecs_cluster.py index 3610dcc6a6e..12d453f6ae9 100644 --- a/plugins/modules/ecs_cluster.py +++ b/plugins/modules/ecs_cluster.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_cluster +version_added: 1.0.0 short_description: Create or terminate ECS clusters. notes: - When deleting a cluster, the information returned is the state of the cluster prior to deletion. diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index f0b0df8b7f1..533792877eb 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -12,6 +12,7 @@ DOCUMENTATION = ''' --- module: ecs_ecr +version_added: 1.0.0 short_description: Manage Elastic Container Registry repositories description: - Manage Elastic Container Registry repositories. diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index 27ee4b8fc39..b3995f7e8c9 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_service +version_added: 1.0.0 short_description: Create, terminate, start or stop a service in ECS description: - Creates or terminates ECS. services. diff --git a/plugins/modules/ecs_service_info.py b/plugins/modules/ecs_service_info.py index eb7f6215ef4..4d04fdf4986 100644 --- a/plugins/modules/ecs_service_info.py +++ b/plugins/modules/ecs_service_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_service_info +version_added: 1.0.0 short_description: List or describe services in ECS description: - Lists or describes services in ECS. diff --git a/plugins/modules/ecs_tag.py b/plugins/modules/ecs_tag.py index 364546a4bee..9e4f97989f8 100644 --- a/plugins/modules/ecs_tag.py +++ b/plugins/modules/ecs_tag.py @@ -8,6 +8,7 @@ DOCUMENTATION = r''' --- module: ecs_tag +version_added: 1.0.0 short_description: create and remove tags on Amazon ECS resources notes: - none diff --git a/plugins/modules/ecs_task.py b/plugins/modules/ecs_task.py index 0c926954023..2039b8c69d0 100644 --- a/plugins/modules/ecs_task.py +++ b/plugins/modules/ecs_task.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_task +version_added: 1.0.0 short_description: Run, start or stop a task in ecs description: - Creates or deletes instances of task definitions. diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index f61595fcd77..f48a442ab1f 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_taskdefinition +version_added: 1.0.0 short_description: register a task definition in ecs description: - Registers or deregisters task definitions in the Amazon Web Services (AWS) EC2 Container Service (ECS). diff --git a/plugins/modules/ecs_taskdefinition_info.py b/plugins/modules/ecs_taskdefinition_info.py index 82a9bc968c7..ef5b20c4602 100644 --- a/plugins/modules/ecs_taskdefinition_info.py +++ b/plugins/modules/ecs_taskdefinition_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: ecs_taskdefinition_info +version_added: 1.0.0 short_description: Describe a task definition in ECS notes: - For details of the parameters and returns see diff --git a/plugins/modules/efs.py b/plugins/modules/efs.py index b5174777ff4..43c81d9d0d1 100644 --- a/plugins/modules/efs.py +++ b/plugins/modules/efs.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: efs +version_added: 1.0.0 short_description: create and maintain EFS file systems description: - Module allows create, search and destroy Amazon EFS file systems. diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index edc8e0daac6..95e82926486 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: efs_info +version_added: 1.0.0 short_description: Get information about Amazon EFS file systems description: - This module can be used to search Amazon EFS file systems. diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index f649ea8010c..b6b52302baa 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: elasticache +version_added: 1.0.0 short_description: Manage cache clusters in Amazon ElastiCache description: - Manage cache clusters in Amazon ElastiCache. diff --git a/plugins/modules/elasticache_info.py b/plugins/modules/elasticache_info.py index 93e8ae8d43d..8f3850ddf96 100644 --- a/plugins/modules/elasticache_info.py +++ b/plugins/modules/elasticache_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: elasticache_info short_description: Retrieve information for AWS ElastiCache clusters +version_added: 1.0.0 description: - Retrieve information from AWS ElastiCache clusters - This module was called C(elasticache_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index c866fa9c83c..95dacf52b23 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elasticache_parameter_group +version_added: 1.0.0 short_description: Manage cache parameter groups in Amazon ElastiCache. description: - Manage cache security groups in Amazon ElastiCache. diff --git a/plugins/modules/elasticache_snapshot.py b/plugins/modules/elasticache_snapshot.py index 4784dd53a29..9f65d6081f0 100644 --- a/plugins/modules/elasticache_snapshot.py +++ b/plugins/modules/elasticache_snapshot.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elasticache_snapshot +version_added: 1.0.0 short_description: Manage cache snapshots in Amazon ElastiCache description: - Manage cache snapshots in Amazon ElastiCache. diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py index 3048f0a7baa..7a874f3b1ae 100644 --- a/plugins/modules/elasticache_subnet_group.py +++ b/plugins/modules/elasticache_subnet_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elasticache_subnet_group +version_added: 1.0.0 short_description: manage ElastiCache subnet groups description: - Creates, modifies, and deletes ElastiCache subnet groups. This module has a dependency on python-boto >= 2.5. diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index 6daaad7a49c..3f8c44c9f36 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -21,6 +21,7 @@ DOCUMENTATION = ''' --- module: elb_application_lb +version_added: 1.0.0 short_description: Manage an Application load balancer description: - Manage an AWS Application Elastic Load Balancer. See U(https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/) for details. diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index e1711dbef45..c9300f5ed01 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elb_application_lb_info +version_added: 1.0.0 short_description: Gather information about application ELBs in AWS description: - Gather information about application ELBs in AWS diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index 0ae1bc7dda5..1f8679b30d2 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elb_classic_lb +version_added: 1.0.0 description: - Returns information about the load balancer. - Will be marked changed when called only if state is changed. diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index 4b2a2db64bb..da8f6c5af11 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -20,6 +20,7 @@ DOCUMENTATION = ''' --- module: elb_classic_lb_info +version_added: 1.0.0 short_description: Gather information about EC2 Elastic Load Balancers in AWS description: - Gather information about EC2 Elastic Load Balancers in AWS diff --git a/plugins/modules/elb_instance.py b/plugins/modules/elb_instance.py index 20992459f57..dd541ef2e58 100644 --- a/plugins/modules/elb_instance.py +++ b/plugins/modules/elb_instance.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elb_instance +version_added: 1.0.0 short_description: De-registers or registers instances from EC2 ELBs description: - This module de-registers or registers an AWS EC2 instance from the ELBs diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index 5e1b52213cc..2f824c09b59 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: elb_network_lb +version_added: 1.0.0 short_description: Manage a Network Load Balancer description: - Manage an AWS Network Elastic Load Balancer. See diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index 53d715578b8..b47de9f457d 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elb_target +version_added: 1.0.0 short_description: Manage a target in a target group description: - Used to register or deregister a target in a target group diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index f3c0723ac27..e0c8e57bfac 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elb_target_group +version_added: 1.0.0 short_description: Manage a target group for an Application or Network load balancer description: - Manage an AWS Elastic Load Balancer target group. See diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 5c4fa2f1f64..78ce88613bc 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: elb_target_group_info +version_added: 1.0.0 short_description: Gather information about ELB target groups in AWS description: - Gather information about ELB target groups in AWS diff --git a/plugins/modules/elb_target_info.py b/plugins/modules/elb_target_info.py index f6b0f104032..dda76f08c24 100644 --- a/plugins/modules/elb_target_info.py +++ b/plugins/modules/elb_target_info.py @@ -7,6 +7,7 @@ DOCUMENTATION = ''' --- module: elb_target_info +version_added: 1.0.0 short_description: Gathers which target groups a target is associated with. description: - This module will search through every target group in a region to find diff --git a/plugins/modules/execute_lambda.py b/plugins/modules/execute_lambda.py index 846cf47d22a..5e789e009ba 100644 --- a/plugins/modules/execute_lambda.py +++ b/plugins/modules/execute_lambda.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: execute_lambda +version_added: 1.0.0 short_description: Execute an AWS Lambda function description: - This module executes AWS Lambda functions, allowing synchronous and asynchronous diff --git a/plugins/modules/iam.py b/plugins/modules/iam.py index 57d7ca653e3..74cf77d3c7f 100644 --- a/plugins/modules/iam.py +++ b/plugins/modules/iam.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam +version_added: 1.0.0 short_description: Manage IAM users, groups, roles and keys description: - Allows for the management of IAM users, user API keys, groups, roles. diff --git a/plugins/modules/iam_cert.py b/plugins/modules/iam_cert.py index 1ea54c859d3..2aad121ea77 100644 --- a/plugins/modules/iam_cert.py +++ b/plugins/modules/iam_cert.py @@ -21,6 +21,7 @@ DOCUMENTATION = ''' --- module: iam_cert +version_added: 1.0.0 short_description: Manage server certificates for use on ELBs and CloudFront description: - Allows for the management of server certificates. diff --git a/plugins/modules/iam_group.py b/plugins/modules/iam_group.py index 4a53a870833..7a9da3e6f57 100644 --- a/plugins/modules/iam_group.py +++ b/plugins/modules/iam_group.py @@ -21,6 +21,7 @@ DOCUMENTATION = ''' --- module: iam_group +version_added: 1.0.0 short_description: Manage AWS IAM groups description: - Manage AWS IAM groups. diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 0abe10faf5d..3e5f14a7ddb 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_managed_policy +version_added: 1.0.0 short_description: Manage User Managed IAM policies description: - Allows creating and removing managed IAM policies diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 07e98d6851c..f8c37a91acf 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_mfa_device_info +version_added: 1.0.0 short_description: List the MFA (Multi-Factor Authentication) devices registered for a user description: - List the MFA (Multi-Factor Authentication) devices registered for a user diff --git a/plugins/modules/iam_password_policy.py b/plugins/modules/iam_password_policy.py index fda220c0097..d654a846cfd 100644 --- a/plugins/modules/iam_password_policy.py +++ b/plugins/modules/iam_password_policy.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: iam_password_policy +version_added: 1.0.0 short_description: Update an IAM Password Policy description: - Module updates an IAM Password Policy on a given AWS account diff --git a/plugins/modules/iam_policy.py b/plugins/modules/iam_policy.py index 1775a7a749e..e4debd7f1ce 100644 --- a/plugins/modules/iam_policy.py +++ b/plugins/modules/iam_policy.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_policy +version_added: 1.0.0 short_description: Manage inline IAM policies for users, groups, and roles description: - Allows uploading or removing inline IAM policies for IAM users, groups or roles. diff --git a/plugins/modules/iam_policy_info.py b/plugins/modules/iam_policy_info.py index 9f250e37b8d..f9ea30b8cc4 100644 --- a/plugins/modules/iam_policy_info.py +++ b/plugins/modules/iam_policy_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_policy_info +version_added: 1.0.0 short_description: Retrieve inline IAM policies for users, groups, and roles description: - Supports fetching of inline IAM policies for IAM users, groups and roles. diff --git a/plugins/modules/iam_role.py b/plugins/modules/iam_role.py index 09db6ed9643..b20c564734a 100644 --- a/plugins/modules/iam_role.py +++ b/plugins/modules/iam_role.py @@ -8,6 +8,7 @@ DOCUMENTATION = ''' --- module: iam_role +version_added: 1.0.0 short_description: Manage AWS IAM roles description: - Manage AWS IAM roles. diff --git a/plugins/modules/iam_role_info.py b/plugins/modules/iam_role_info.py index 6b15c186360..95eabdb95ab 100644 --- a/plugins/modules/iam_role_info.py +++ b/plugins/modules/iam_role_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_role_info +version_added: 1.0.0 short_description: Gather information on IAM roles description: - Gathers information about IAM roles. diff --git a/plugins/modules/iam_saml_federation.py b/plugins/modules/iam_saml_federation.py index 27310083802..214cbe74179 100644 --- a/plugins/modules/iam_saml_federation.py +++ b/plugins/modules/iam_saml_federation.py @@ -22,6 +22,7 @@ DOCUMENTATION = ''' --- module: iam_saml_federation +version_added: 1.0.0 short_description: Maintain IAM SAML federation configuration. requirements: - boto3 diff --git a/plugins/modules/iam_server_certificate_info.py b/plugins/modules/iam_server_certificate_info.py index 7ec6dca4c38..d57ef77ca86 100644 --- a/plugins/modules/iam_server_certificate_info.py +++ b/plugins/modules/iam_server_certificate_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_server_certificate_info +version_added: 1.0.0 short_description: Retrieve the information of a server certificate description: - Retrieve the attributes of a server certificate. diff --git a/plugins/modules/iam_user.py b/plugins/modules/iam_user.py index 15a972ebc09..9dc9eb45eca 100644 --- a/plugins/modules/iam_user.py +++ b/plugins/modules/iam_user.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: iam_user +version_added: 1.0.0 short_description: Manage AWS IAM users description: - Manage AWS IAM users. diff --git a/plugins/modules/iam_user_info.py b/plugins/modules/iam_user_info.py index 97a01ca142f..8e1856b1763 100644 --- a/plugins/modules/iam_user_info.py +++ b/plugins/modules/iam_user_info.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: iam_user_info +version_added: 1.0.0 short_description: Gather IAM user(s) facts in AWS description: - This module can be used to gather IAM user(s) facts in AWS. diff --git a/plugins/modules/kinesis_stream.py b/plugins/modules/kinesis_stream.py index c9d9fe266cb..c3142137c1b 100644 --- a/plugins/modules/kinesis_stream.py +++ b/plugins/modules/kinesis_stream.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: kinesis_stream +version_added: 1.0.0 short_description: Manage a Kinesis Stream. description: - Create or Delete a Kinesis Stream. diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py index 705344ab9f6..2f417469c15 100644 --- a/plugins/modules/lambda.py +++ b/plugins/modules/lambda.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: lambda +version_added: 1.0.0 short_description: Manage AWS Lambda functions description: - Allows for the management of Lambda functions. diff --git a/plugins/modules/lambda_alias.py b/plugins/modules/lambda_alias.py index 9c78b8dc575..2b74cdb6352 100644 --- a/plugins/modules/lambda_alias.py +++ b/plugins/modules/lambda_alias.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: lambda_alias +version_added: 1.0.0 short_description: Creates, updates or deletes AWS Lambda function aliases description: - This module allows the management of AWS Lambda functions aliases via the Ansible diff --git a/plugins/modules/lambda_event.py b/plugins/modules/lambda_event.py index 8aaf22ab2c2..e1a35220b74 100644 --- a/plugins/modules/lambda_event.py +++ b/plugins/modules/lambda_event.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: lambda_event +version_added: 1.0.0 short_description: Creates, updates or deletes AWS Lambda function event mappings description: - This module allows the management of AWS Lambda function event source mappings such as DynamoDB and Kinesis stream diff --git a/plugins/modules/lambda_facts.py b/plugins/modules/lambda_facts.py index ad56e9c70a5..0d102fd7340 100644 --- a/plugins/modules/lambda_facts.py +++ b/plugins/modules/lambda_facts.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: lambda_facts +version_added: 1.0.0 deprecated: removed_at_date: '2021-12-01' removed_from_collection: 'community.aws' diff --git a/plugins/modules/lambda_info.py b/plugins/modules/lambda_info.py index 568d1f72d2a..b81f8521013 100644 --- a/plugins/modules/lambda_info.py +++ b/plugins/modules/lambda_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: lambda_info +version_added: 1.0.0 short_description: Gathers AWS Lambda function details description: - Gathers various details related to Lambda functions, including aliases, versions and event source mappings. diff --git a/plugins/modules/lambda_policy.py b/plugins/modules/lambda_policy.py index 81bd7ec9200..09c74423a0d 100644 --- a/plugins/modules/lambda_policy.py +++ b/plugins/modules/lambda_policy.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: lambda_policy +version_added: 1.0.0 short_description: Creates, updates or deletes AWS Lambda policy statements. description: - This module allows the management of AWS Lambda policy statements. diff --git a/plugins/modules/lightsail.py b/plugins/modules/lightsail.py index f65c39ea0c8..4be2fc3f458 100644 --- a/plugins/modules/lightsail.py +++ b/plugins/modules/lightsail.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: lightsail +version_added: 1.0.0 short_description: Manage instances in AWS Lightsail description: - Manage instances in AWS Lightsail. diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index 2f4728bbbad..5b15934fc03 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: rds +version_added: 1.0.0 short_description: create, delete, or modify Amazon rds instances, rds snapshots, and related facts description: - Creates, deletes, or modifies rds resources. diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index f626d114dee..f4018a3d6c1 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: rds_instance +version_added: 1.0.0 short_description: Manage RDS instances description: - Create, modify, and delete RDS instances. diff --git a/plugins/modules/rds_instance_info.py b/plugins/modules/rds_instance_info.py index 9cc95e378ad..cccd2b3f271 100644 --- a/plugins/modules/rds_instance_info.py +++ b/plugins/modules/rds_instance_info.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: rds_instance_info +version_added: 1.0.0 short_description: obtain information about one or more RDS instances description: - Obtain information about one or more RDS instances. diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index e5cd2457458..ce271712211 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: rds_param_group +version_added: 1.0.0 short_description: manage RDS parameter groups description: - Creates, modifies, and deletes RDS parameter groups. diff --git a/plugins/modules/rds_snapshot.py b/plugins/modules/rds_snapshot.py index fe6b827f6c7..dd9f502886a 100644 --- a/plugins/modules/rds_snapshot.py +++ b/plugins/modules/rds_snapshot.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: rds_snapshot +version_added: 1.0.0 short_description: manage Amazon RDS snapshots. description: - Creates or deletes RDS snapshots. diff --git a/plugins/modules/rds_snapshot_info.py b/plugins/modules/rds_snapshot_info.py index 470ed0e2c6d..1d7003ae55c 100644 --- a/plugins/modules/rds_snapshot_info.py +++ b/plugins/modules/rds_snapshot_info.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: rds_snapshot_info +version_added: 1.0.0 short_description: obtain information about one or more RDS snapshots description: - Obtain information about one or more RDS snapshots. These can be for unclustered snapshots or snapshots of clustered DBs (Aurora). diff --git a/plugins/modules/rds_subnet_group.py b/plugins/modules/rds_subnet_group.py index f913d41f296..3e207468e8e 100644 --- a/plugins/modules/rds_subnet_group.py +++ b/plugins/modules/rds_subnet_group.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: rds_subnet_group +version_added: 1.0.0 short_description: manage RDS database subnet groups description: - Creates, modifies, and deletes RDS database subnet groups. This module has a dependency on python-boto >= 2.5. diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 8c3b5ccdfac..01e604ff30f 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- author: +version_added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." - "Rafael Driutti (@rafaeldriutti)" module: redshift diff --git a/plugins/modules/redshift_cross_region_snapshots.py b/plugins/modules/redshift_cross_region_snapshots.py index b022aaafbba..fbcf5543aee 100644 --- a/plugins/modules/redshift_cross_region_snapshots.py +++ b/plugins/modules/redshift_cross_region_snapshots.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: redshift_cross_region_snapshots +version_added: 1.0.0 short_description: Manage Redshift Cross Region Snapshots description: - Manage Redshift Cross Region Snapshots. Supports KMS-Encrypted Snapshots. diff --git a/plugins/modules/redshift_info.py b/plugins/modules/redshift_info.py index b1fbe802b5f..679f53c58d2 100644 --- a/plugins/modules/redshift_info.py +++ b/plugins/modules/redshift_info.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: redshift_info +version_added: 1.0.0 author: "Jens Carl (@j-carl)" short_description: Gather information about Redshift cluster(s) description: diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py index 4351ac9e717..eded969cb76 100644 --- a/plugins/modules/redshift_subnet_group.py +++ b/plugins/modules/redshift_subnet_group.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- author: +version_added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." module: redshift_subnet_group short_description: manage Redshift cluster subnet groups diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py index 385a1d10ec4..72ca73faeb1 100644 --- a/plugins/modules/route53.py +++ b/plugins/modules/route53.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' --- module: route53 +version_added: 1.0.0 short_description: add or delete entries in Amazons Route53 DNS service description: - Creates and deletes DNS records in Amazons Route53 service diff --git a/plugins/modules/route53_health_check.py b/plugins/modules/route53_health_check.py index 80f6691407a..77fcf912e08 100644 --- a/plugins/modules/route53_health_check.py +++ b/plugins/modules/route53_health_check.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: route53_health_check +version_added: 1.0.0 short_description: Add or delete health-checks in Amazons Route53 DNS service description: - Creates and deletes DNS Health checks in Amazons Route53 service. diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index 466e39bd79f..77d72603ffe 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: route53_info short_description: Retrieves route53 details using AWS methods +version_added: 1.0.0 description: - Gets various details related to Route53 zone, record set or health check details. - This module was called C(route53_facts) before Ansible 2.9. The usage did not change. diff --git a/plugins/modules/route53_zone.py b/plugins/modules/route53_zone.py index bcab3b2e167..6467dd04527 100644 --- a/plugins/modules/route53_zone.py +++ b/plugins/modules/route53_zone.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' module: route53_zone short_description: add or delete Route53 zones +version_added: 1.0.0 description: - Creates and deletes Route53 private and public zones. requirements: [ boto3 ] diff --git a/plugins/modules/s3_bucket_notification.py b/plugins/modules/s3_bucket_notification.py index f61e5607a66..854f3cadd84 100644 --- a/plugins/modules/s3_bucket_notification.py +++ b/plugins/modules/s3_bucket_notification.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' --- module: s3_bucket_notification +version_added: 1.0.0 short_description: Creates, updates or deletes S3 Bucket notification for lambda description: - This module allows the management of AWS Lambda function bucket event mappings via the diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index 5bdf65ab1e3..72fe1616818 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: s3_lifecycle +version_added: 1.0.0 short_description: Manage s3 bucket lifecycle rules in AWS description: - Manage s3 bucket lifecycle rules in AWS diff --git a/plugins/modules/s3_logging.py b/plugins/modules/s3_logging.py index b672562131e..1bb585acd55 100644 --- a/plugins/modules/s3_logging.py +++ b/plugins/modules/s3_logging.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: s3_logging +version_added: 1.0.0 short_description: Manage logging facility of an s3 bucket in AWS description: - Manage logging facility of an s3 bucket in AWS diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 879452af057..3d6de33074b 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -21,6 +21,7 @@ DOCUMENTATION = ''' --- module: s3_sync +version_added: 1.0.0 short_description: Efficiently upload multiple files to S3 description: - The S3 module is great, but it is very slow for a large volume of files- even a dozen will be noticeable. In addition to speed, it handles globbing, diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index 08d786cf0f1..f2196836537 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: s3_website +version_added: 1.0.0 short_description: Configure an s3 bucket as a website description: - Configure an s3 bucket as a website diff --git a/plugins/modules/sns.py b/plugins/modules/sns.py index e1edfb99660..49b73aa68f4 100644 --- a/plugins/modules/sns.py +++ b/plugins/modules/sns.py @@ -11,6 +11,7 @@ DOCUMENTATION = ''' module: sns short_description: Send Amazon Simple Notification Service messages +version_added: 1.0.0 description: - Sends a notification to a topic on your Amazon SNS account. author: diff --git a/plugins/modules/sns_topic.py b/plugins/modules/sns_topic.py index ae3b960b7d8..4240a746754 100644 --- a/plugins/modules/sns_topic.py +++ b/plugins/modules/sns_topic.py @@ -10,6 +10,7 @@ DOCUMENTATION = ''' module: sns_topic short_description: Manages AWS SNS topics and subscriptions +version_added: 1.0.0 description: - The M(community.aws.sns_topic) module allows you to create, delete, and manage subscriptions for AWS SNS topics. - As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account. diff --git a/plugins/modules/sqs_queue.py b/plugins/modules/sqs_queue.py index 1756a6e33b4..40eda404b46 100644 --- a/plugins/modules/sqs_queue.py +++ b/plugins/modules/sqs_queue.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: sqs_queue +version_added: 1.0.0 short_description: Creates or deletes AWS SQS queues. description: - Create or delete AWS SQS queues. diff --git a/plugins/modules/sts_assume_role.py b/plugins/modules/sts_assume_role.py index fca345ad4ac..378eb0031f8 100644 --- a/plugins/modules/sts_assume_role.py +++ b/plugins/modules/sts_assume_role.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: sts_assume_role +version_added: 1.0.0 short_description: Assume a role using AWS Security Token Service and obtain temporary credentials description: - Assume a role using AWS Security Token Service and obtain temporary credentials. diff --git a/plugins/modules/sts_session_token.py b/plugins/modules/sts_session_token.py index 50c537623f6..aa4792e94d8 100644 --- a/plugins/modules/sts_session_token.py +++ b/plugins/modules/sts_session_token.py @@ -9,6 +9,7 @@ DOCUMENTATION = ''' --- module: sts_session_token +version_added: 1.0.0 short_description: Obtain a session token from the AWS Security Token Service description: - Obtain a session token from the AWS Security Token Service. From cb13de9209e7270e4bb31c358b409a29131eb644 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 17 Jun 2020 11:14:06 -0700 Subject: [PATCH 021/129] Use git tags for version number instead of galaxy.yml (#104) --- galaxy.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/galaxy.yml b/galaxy.yml index 9fe26378c3e..cdf99c52240 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,9 @@ namespace: community name: aws -version: 0.1.0 +# the version key is generated during the release by Zuul +# https://github.com/ansible-network/releases/tree/master/ansible_releases/cmd +# A script based on https://pypi.org/project/pbr/ will generate the version +# key. The version value depends on the tag or the last git tag. readme: README.md authors: - Ansible (https://github.com/ansible) From 80c397b1d71a4f100a3b9574e739c0b41403eb97 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 17 Jun 2020 12:09:47 -0700 Subject: [PATCH 022/129] Revert "Use git tags for version number instead of galaxy.yml (#104)" (#105) This reverts commit cb13de9209e7270e4bb31c358b409a29131eb644. --- galaxy.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/galaxy.yml b/galaxy.yml index cdf99c52240..9fe26378c3e 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,9 +1,6 @@ namespace: community name: aws -# the version key is generated during the release by Zuul -# https://github.com/ansible-network/releases/tree/master/ansible_releases/cmd -# A script based on https://pypi.org/project/pbr/ will generate the version -# key. The version value depends on the tag or the last git tag. +version: 0.1.0 readme: README.md authors: - Ansible (https://github.com/ansible) From ffc05d2caea2a085dd7bc3dbf8ab28364e0d661b Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 17 Jun 2020 13:08:14 -0700 Subject: [PATCH 023/129] Add support for shippable testing on different releases of ansible (#86) * Add support for nightlies on different releases of ansible * Install latest 2.9 from pip if envvar is passed * change test logic --- tests/utils/shippable/shippable.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/utils/shippable/shippable.sh b/tests/utils/shippable/shippable.sh index 75baeb7dd38..e22dd9fff35 100755 --- a/tests/utils/shippable/shippable.sh +++ b/tests/utils/shippable/shippable.sh @@ -74,7 +74,12 @@ set +ux set -ux pip install setuptools==44.1.0 -pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check + +if [ -n "${ANSIBLE_BASE_REV:-}" ]; then + pip install "ansible~=${ANSIBLE_BASE_REV}" +else + pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check +fi #ansible-galaxy collection install community.general mkdir -p "${HOME}/.ansible/collections/ansible_collections/community" From 831c5c5577e44f02470b38fa5fab3fb808bd84c3 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 17 Jun 2020 15:10:26 -0700 Subject: [PATCH 024/129] Ignore ansible-deprecated-no-version in 2.9 (#106) * Ignore ansible-deprecated-no-version in 2.9 Until 2.9.10 is released with #70078 * 2.10 is branched, need a 2.11 sanity-ignores as well. --- tests/sanity/ignore-2.11.txt | 154 +++++++++++++++++++++++++++++++++++ tests/sanity/ignore-2.9.txt | 50 ++++++++++++ 2 files changed, 204 insertions(+) create mode 100644 tests/sanity/ignore-2.11.txt diff --git a/tests/sanity/ignore-2.11.txt b/tests/sanity/ignore-2.11.txt new file mode 100644 index 00000000000..124e45a250a --- /dev/null +++ b/tests/sanity/ignore-2.11.txt @@ -0,0 +1,154 @@ +scripts/inventory/ec2.py future-import-boilerplate +scripts/inventory/ec2.py metaclass-boilerplate +plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch +plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements +plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch +plugins/modules/aws_batch_compute_environment.py validate-modules:parameter-list-no-elements +plugins/modules/aws_batch_job_definition.py validate-modules:doc-elements-mismatch +plugins/modules/aws_batch_job_definition.py validate-modules:parameter-list-no-elements +plugins/modules/aws_batch_job_queue.py validate-modules:doc-elements-mismatch +plugins/modules/aws_batch_job_queue.py validate-modules:parameter-list-no-elements +plugins/modules/aws_codebuild.py validate-modules:doc-elements-mismatch +plugins/modules/aws_codebuild.py validate-modules:parameter-list-no-elements +plugins/modules/aws_codepipeline.py validate-modules:doc-elements-mismatch +plugins/modules/aws_codepipeline.py validate-modules:parameter-list-no-elements +plugins/modules/aws_config_aggregator.py validate-modules:doc-elements-mismatch +plugins/modules/aws_config_aggregator.py validate-modules:parameter-list-no-elements +plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:doc-elements-mismatch +plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:parameter-list-no-elements +plugins/modules/aws_eks_cluster.py validate-modules:doc-elements-mismatch +plugins/modules/aws_eks_cluster.py validate-modules:parameter-list-no-elements +plugins/modules/aws_glue_connection.py validate-modules:doc-elements-mismatch +plugins/modules/aws_glue_connection.py validate-modules:parameter-list-no-elements +plugins/modules/aws_glue_job.py validate-modules:doc-elements-mismatch +plugins/modules/aws_glue_job.py validate-modules:parameter-list-no-elements +plugins/modules/aws_kms.py validate-modules:doc-elements-mismatch +plugins/modules/aws_kms.py validate-modules:parameter-list-no-elements +plugins/modules/aws_s3_cors.py validate-modules:parameter-list-no-elements +plugins/modules/aws_waf_condition.py validate-modules:doc-elements-mismatch +plugins/modules/aws_waf_condition.py validate-modules:parameter-list-no-elements +plugins/modules/aws_waf_rule.py validate-modules:doc-elements-mismatch +plugins/modules/aws_waf_rule.py validate-modules:parameter-list-no-elements +plugins/modules/aws_waf_web_acl.py validate-modules:doc-elements-mismatch +plugins/modules/aws_waf_web_acl.py validate-modules:parameter-list-no-elements +plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch +plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements +plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch +plugins/modules/cloudfront_distribution.py validate-modules:parameter-list-no-elements +plugins/modules/cloudfront_invalidation.py validate-modules:doc-elements-mismatch +plugins/modules/cloudfront_invalidation.py validate-modules:parameter-list-no-elements +plugins/modules/cloudwatchevent_rule.py validate-modules:doc-elements-mismatch +plugins/modules/cloudwatchevent_rule.py validate-modules:parameter-list-no-elements +plugins/modules/data_pipeline.py validate-modules:doc-elements-mismatch +plugins/modules/data_pipeline.py validate-modules:parameter-list-no-elements +plugins/modules/dynamodb_table.py validate-modules:doc-elements-mismatch +plugins/modules/dynamodb_table.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_asg.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_asg.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_customer_gateway_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_customer_gateway_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_elb.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_elb_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_instance.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_instance_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_launch_template.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_launch_template.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_lc.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_lc.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_lc_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_lc_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_metric_alarm.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_metric_alarm.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_placement_group_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_placement_group_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_transit_gateway_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_endpoint.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_endpoint.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_endpoint_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_endpoint_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_igw_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_igw_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_nacl.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_nacl_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_peering_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_peering_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_route_table.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_route_table.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_vgw_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_vgw_info.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_vpn.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_vpn.py validate-modules:parameter-list-no-elements +plugins/modules/ec2_vpc_vpn_info.py validate-modules:doc-elements-mismatch +plugins/modules/ec2_vpc_vpn_info.py validate-modules:parameter-list-no-elements +plugins/modules/ecs_attribute.py validate-modules:doc-elements-mismatch +plugins/modules/ecs_attribute.py validate-modules:parameter-list-no-elements +plugins/modules/ecs_service.py validate-modules:doc-elements-mismatch +plugins/modules/ecs_service.py validate-modules:parameter-list-no-elements +plugins/modules/ecs_service_info.py validate-modules:doc-elements-mismatch +plugins/modules/ecs_service_info.py validate-modules:parameter-list-no-elements +plugins/modules/ecs_task.py validate-modules:doc-elements-mismatch +plugins/modules/ecs_task.py validate-modules:parameter-list-no-elements +plugins/modules/ecs_taskdefinition.py validate-modules:doc-elements-mismatch +plugins/modules/ecs_taskdefinition.py validate-modules:parameter-list-no-elements +plugins/modules/efs.py validate-modules:doc-elements-mismatch +plugins/modules/efs.py validate-modules:parameter-list-no-elements +plugins/modules/efs_info.py validate-modules:doc-elements-mismatch +plugins/modules/efs_info.py validate-modules:parameter-list-no-elements +plugins/modules/elasticache.py validate-modules:doc-elements-mismatch +plugins/modules/elasticache.py validate-modules:parameter-list-no-elements +plugins/modules/elasticache_subnet_group.py validate-modules:doc-elements-mismatch +plugins/modules/elasticache_subnet_group.py validate-modules:parameter-list-no-elements +plugins/modules/elb_application_lb.py validate-modules:doc-elements-mismatch +plugins/modules/elb_application_lb.py validate-modules:parameter-list-no-elements +plugins/modules/elb_application_lb_info.py validate-modules:parameter-list-no-elements +plugins/modules/elb_classic_lb.py validate-modules:parameter-list-no-elements +plugins/modules/elb_classic_lb_info.py validate-modules:parameter-list-no-elements +plugins/modules/elb_instance.py validate-modules:parameter-list-no-elements +plugins/modules/elb_network_lb.py validate-modules:doc-elements-mismatch +plugins/modules/elb_network_lb.py validate-modules:parameter-list-no-elements +plugins/modules/elb_target_group.py validate-modules:parameter-list-no-elements +plugins/modules/elb_target_group_info.py validate-modules:parameter-list-no-elements +plugins/modules/iam.py validate-modules:parameter-list-no-elements +plugins/modules/iam_group.py validate-modules:doc-elements-mismatch +plugins/modules/iam_group.py validate-modules:parameter-list-no-elements +plugins/modules/iam_role.py validate-modules:parameter-list-no-elements +plugins/modules/iam_user.py validate-modules:parameter-list-no-elements +plugins/modules/lambda.py validate-modules:doc-elements-mismatch +plugins/modules/lambda.py validate-modules:parameter-list-no-elements +plugins/modules/rds.py validate-modules:doc-elements-mismatch +plugins/modules/rds.py validate-modules:parameter-list-no-elements +plugins/modules/rds_instance.py validate-modules:parameter-list-no-elements +plugins/modules/rds_subnet_group.py validate-modules:parameter-list-no-elements +plugins/modules/redshift.py validate-modules:doc-elements-mismatch +plugins/modules/redshift.py validate-modules:parameter-list-no-elements +plugins/modules/redshift_subnet_group.py validate-modules:doc-elements-mismatch +plugins/modules/redshift_subnet_group.py validate-modules:parameter-list-no-elements +plugins/modules/route53.py validate-modules:parameter-list-no-elements +plugins/modules/route53.py validate-modules:parameter-state-invalid-choice +plugins/modules/route53_info.py validate-modules:doc-elements-mismatch +plugins/modules/route53_info.py validate-modules:parameter-list-no-elements +plugins/modules/s3_bucket_notification.py validate-modules:doc-elements-mismatch +plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-elements +plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements +plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch +plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements +tests/integration/targets/aws_lambda/files/mini_lambda.py future-import-boilerplate +tests/integration/targets/aws_lambda/files/mini_lambda.py metaclass-boilerplate +tests/integration/targets/lambda_policy/files/mini_http_lambda.py future-import-boilerplate +tests/integration/targets/lambda_policy/files/mini_http_lambda.py metaclass-boilerplate +tests/integration/targets/s3_bucket_notification/files/mini_lambda.py future-import-boilerplate +tests/integration/targets/s3_bucket_notification/files/mini_lambda.py metaclass-boilerplate +tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py future-import-boilerplate +tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py metaclass-boilerplate +tests/unit/mock/path.py future-import-boilerplate +tests/unit/mock/path.py metaclass-boilerplate +tests/unit/mock/yaml_helper.py future-import-boilerplate +tests/unit/mock/yaml_helper.py metaclass-boilerplate +tests/unit/modules/conftest.py future-import-boilerplate +tests/unit/modules/conftest.py metaclass-boilerplate +tests/unit/modules/utils.py future-import-boilerplate +tests/unit/modules/utils.py metaclass-boilerplate +tests/utils/shippable/check_matrix.py replace-urlopen +tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index fcbbf316b77..1b0be587e01 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -148,3 +148,53 @@ tests/unit/modules/conftest.py future-import-boilerplate tests/unit/modules/conftest.py metaclass-boilerplate tests/unit/modules/utils.py future-import-boilerplate tests/unit/modules/utils.py metaclass-boilerplate +tests/utils/shippable/check_matrix.py replace-urlopen +tests/utils/shippable/timing.py shebang +plugins/modules/aws_acm_info.py ansible-deprecated-no-version +plugins/modules/aws_kms_info.py ansible-deprecated-no-version +plugins/modules/aws_kms.py ansible-deprecated-no-version +plugins/modules/aws_region_info.py ansible-deprecated-no-version +plugins/modules/aws_s3_bucket_info.py ansible-deprecated-no-version +plugins/modules/aws_sgw_info.py ansible-deprecated-no-version +plugins/modules/aws_waf_info.py ansible-deprecated-no-version +plugins/modules/cloudfront_info.py ansible-deprecated-no-version +plugins/modules/cloudwatchlogs_log_group_info.py ansible-deprecated-no-version +plugins/modules/ec2_ami_copy.py ansible-deprecated-no-version +plugins/modules/ec2_asg_info.py ansible-deprecated-no-version +plugins/modules/ec2_customer_gateway_info.py ansible-deprecated-no-version +plugins/modules/ec2_eip_info.py ansible-deprecated-no-version +plugins/modules/ec2_elb_info.py ansible-deprecated-no-version +plugins/modules/ec2_instance_info.py ansible-deprecated-no-version +plugins/modules/ec2_lc_info.py ansible-deprecated-no-version +plugins/modules/ec2_metric_alarm.py ansible-deprecated-no-version +plugins/modules/ec2_placement_group_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_endpoint_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_igw_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_nacl_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_nat_gateway_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_peering_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_route_table_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_vgw_info.py ansible-deprecated-no-version +plugins/modules/ec2_vpc_vpn_info.py ansible-deprecated-no-version +plugins/modules/ecs_ecr.py ansible-deprecated-no-version +plugins/modules/ecs_service_info.py ansible-deprecated-no-version +plugins/modules/ecs_taskdefinition_info.py ansible-deprecated-no-version +plugins/modules/efs_info.py ansible-deprecated-no-version +plugins/modules/elasticache_info.py ansible-deprecated-no-version +plugins/modules/elb_application_lb_info.py ansible-deprecated-no-version +plugins/modules/elb_classic_lb_info.py ansible-deprecated-no-version +plugins/modules/elb_network_lb.py ansible-deprecated-no-version +plugins/modules/elb_target_group_info.py ansible-deprecated-no-version +plugins/modules/elb_target_info.py ansible-deprecated-no-version +plugins/modules/iam_mfa_device_info.py ansible-deprecated-no-version +plugins/modules/iam_policy.py ansible-deprecated-no-version +plugins/modules/iam_role_info.py ansible-deprecated-no-version +plugins/modules/iam_role.py ansible-deprecated-no-version +plugins/modules/iam_server_certificate_info.py ansible-deprecated-no-version +plugins/modules/lambda_facts.py ansible-deprecated-no-version +plugins/modules/rds_instance_info.py ansible-deprecated-no-version +plugins/modules/rds.py ansible-deprecated-no-version +plugins/modules/rds_snapshot_info.py ansible-deprecated-no-version +plugins/modules/redshift_info.py ansible-deprecated-no-version +plugins/modules/route53_info.py ansible-deprecated-no-version + From 02ad8561d78a3f1b01011ad9ea6ec8f7dc8d7c7b Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 18 Jun 2020 16:49:17 -0700 Subject: [PATCH 025/129] Don't run code coverage analyze on 2.9 (#108) This wasn't added until 2.10; #67141 --- tests/utils/shippable/shippable.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/utils/shippable/shippable.sh b/tests/utils/shippable/shippable.sh index e22dd9fff35..27ecda57f09 100755 --- a/tests/utils/shippable/shippable.sh +++ b/tests/utils/shippable/shippable.sh @@ -119,8 +119,11 @@ function cleanup ansible-test coverage xml --color --requirements --group-by command --group-by version ${stub:+"$stub"} cp -a tests/output/reports/coverage=*.xml "$SHIPPABLE_RESULT_DIR/codecoverage/" - # analyze and capture code coverage aggregated by integration test target - ansible-test coverage analyze targets generate -v "$SHIPPABLE_RESULT_DIR/testresults/coverage-analyze-targets.json" + # analyze and capture code coverage aggregated by integration test target if not on 2.9, defaults to devel if unset + if [ -n "${ANSIBLE_BASE_REV:-}" ] || [ "${ANSIBLE_BASE_REV:-}" != "2.9" ]; then + ansible-test coverage analyze targets generate -v "$SHIPPABLE_RESULT_DIR/testresults/coverage-analyze-targets.json" + fi + # upload coverage report to codecov.io only when using complete on-demand coverage if [ "${COVERAGE}" == "--coverage" ] && [ "${CHANGED}" == "" ]; then From 1d46d10b20958dd86e2ddb5f76bf9ffe087ed3d2 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Fri, 19 Jun 2020 18:01:38 -0700 Subject: [PATCH 026/129] Rerun add_docs for 1.0.0 release (#116) --- README.md | 358 +- docs/community.aws.aws_acm_info_module.rst | 960 ++++ docs/community.aws.aws_acm_module.rst | 498 ++ docs/community.aws.aws_api_gateway_module.rst | 575 ++ ....aws_application_scaling_policy_module.rst | 1014 ++++ ...s.aws_batch_compute_environment_module.rst | 580 ++ ...ty.aws.aws_batch_job_definition_module.rst | 724 +++ ...mmunity.aws.aws_batch_job_queue_module.rst | 398 ++ docs/community.aws.aws_codebuild_module.rst | 1134 ++++ docs/community.aws.aws_codecommit_module.rst | 567 ++ .../community.aws.aws_codepipeline_module.rst | 628 +++ ...onfig_aggregation_authorization_module.rst | 284 + ...unity.aws.aws_config_aggregator_module.rst | 408 ++ ...aws.aws_config_delivery_channel_module.rst | 336 ++ ...mmunity.aws.aws_config_recorder_module.rst | 357 ++ docs/community.aws.aws_config_rule_module.rst | 474 ++ ...s.aws_direct_connect_connection_module.rst | 573 ++ ....aws.aws_direct_connect_gateway_module.rst | 454 ++ ..._connect_link_aggregation_group_module.rst | 642 +++ ...irect_connect_virtual_interface_module.rst | 907 ++++ docs/community.aws.aws_eks_cluster_module.rst | 612 +++ ...ty.aws.aws_elasticbeanstalk_app_module.rst | 356 ++ ...mmunity.aws.aws_glue_connection_module.rst | 536 ++ docs/community.aws.aws_glue_job_module.rst | 716 +++ ...munity.aws.aws_inspector_target_module.rst | 412 ++ docs/community.aws.aws_kms_info_module.rst | 724 +++ docs/community.aws.aws_kms_module.rst | 1085 ++++ docs/community.aws.aws_region_info_module.rst | 286 + ...ommunity.aws.aws_s3_bucket_info_module.rst | 271 + docs/community.aws.aws_s3_cors_module.rst | 364 ++ docs/community.aws.aws_secret_module.rst | 541 ++ .../community.aws.aws_ses_identity_module.rst | 738 +++ ...ity.aws.aws_ses_identity_policy_module.rst | 354 ++ .../community.aws.aws_ses_rule_set_module.rst | 383 ++ docs/community.aws.aws_sgw_info_module.rst | 731 +++ docs/community.aws.aws_ssm_connection.rst | 275 + ...ity.aws.aws_ssm_parameter_store_module.rst | 453 ++ ...nctions_state_machine_execution_module.rst | 416 ++ ...ws_step_functions_state_machine_module.rst | 380 ++ ...community.aws.aws_waf_condition_module.rst | 1437 +++++ docs/community.aws.aws_waf_info_module.rst | 452 ++ docs/community.aws.aws_waf_rule_module.rst | 570 ++ docs/community.aws.aws_waf_web_acl_module.rst | 632 +++ ...aws.cloudformation_exports_info_module.rst | 264 + ...ty.aws.cloudformation_stack_set_module.rst | 714 +++ ...ity.aws.cloudfront_distribution_module.rst | 4698 +++++++++++++++++ docs/community.aws.cloudfront_info_module.rst | 774 +++ ...ity.aws.cloudfront_invalidation_module.rst | 505 ++ ...oudfront_origin_access_identity_module.rst | 455 ++ docs/community.aws.cloudtrail_module.rst | 850 +++ ...munity.aws.cloudwatchevent_rule_module.rst | 543 ++ ...s.cloudwatchlogs_log_group_info_module.rst | 390 ++ ...tchlogs_log_group_metric_filter_module.rst | 421 ++ ...ty.aws.cloudwatchlogs_log_group_module.rst | 514 ++ docs/community.aws.data_pipeline_module.rst | 674 +++ docs/community.aws.dms_endpoint_module.rst | 650 +++ ...ws.dms_replication_subnet_group_module.rst | 295 ++ docs/community.aws.dynamodb_table_module.rst | 635 +++ docs/community.aws.dynamodb_ttl_module.rst | 322 ++ docs/community.aws.ec2_ami_copy_module.rst | 472 ++ docs/community.aws.ec2_asg_info_module.rst | 667 +++ ...nity.aws.ec2_asg_lifecycle_hook_module.rst | 398 ++ docs/community.aws.ec2_asg_module.rst | 1405 +++++ ...y.aws.ec2_customer_gateway_info_module.rst | 310 ++ ...munity.aws.ec2_customer_gateway_module.rst | 465 ++ docs/community.aws.ec2_eip_info_module.rst | 317 ++ docs/community.aws.ec2_eip_module.rst | 589 +++ docs/community.aws.ec2_elb_info_module.rst | 272 + docs/community.aws.ec2_elb_module.rst | 346 ++ ...community.aws.ec2_instance_info_module.rst | 1834 +++++++ docs/community.aws.ec2_instance_module.rst | 2705 ++++++++++ ...mmunity.aws.ec2_launch_template_module.rst | 1340 +++++ docs/community.aws.ec2_lc_find_module.rst | 546 ++ docs/community.aws.ec2_lc_info_module.rst | 578 ++ docs/community.aws.ec2_lc_module.rst | 1469 ++++++ .../community.aws.ec2_metric_alarm_module.rst | 562 ++ ...ty.aws.ec2_placement_group_info_module.rst | 345 ++ ...mmunity.aws.ec2_placement_group_module.rst | 383 ++ ...ommunity.aws.ec2_scaling_policy_module.rst | 350 ++ ...community.aws.ec2_snapshot_copy_module.rst | 425 ++ ...ty.aws.ec2_transit_gateway_info_module.rst | 606 +++ ...mmunity.aws.ec2_transit_gateway_module.rst | 819 +++ ...ommunity.aws.ec2_vpc_egress_igw_module.rst | 318 ++ ...unity.aws.ec2_vpc_endpoint_info_module.rst | 359 ++ .../community.aws.ec2_vpc_endpoint_module.rst | 467 ++ .../community.aws.ec2_vpc_igw_info_module.rst | 329 ++ docs/community.aws.ec2_vpc_igw_module.rst | 370 ++ ...community.aws.ec2_vpc_nacl_info_module.rst | 426 ++ docs/community.aws.ec2_vpc_nacl_module.rst | 462 ++ ...ty.aws.ec2_vpc_nat_gateway_info_module.rst | 320 ++ ...mmunity.aws.ec2_vpc_nat_gateway_module.rst | 587 ++ docs/community.aws.ec2_vpc_peer_module.rst | 518 ++ ...munity.aws.ec2_vpc_peering_info_module.rst | 312 ++ ...ty.aws.ec2_vpc_route_table_info_module.rst | 262 + ...mmunity.aws.ec2_vpc_route_table_module.rst | 817 +++ .../community.aws.ec2_vpc_vgw_info_module.rst | 329 ++ docs/community.aws.ec2_vpc_vgw_module.rst | 428 ++ .../community.aws.ec2_vpc_vpn_info_module.rst | 648 +++ docs/community.aws.ec2_vpc_vpn_module.rst | 939 ++++ .../community.aws.ec2_win_password_module.rst | 360 ++ docs/community.aws.ecs_attribute_module.rst | 460 ++ docs/community.aws.ecs_cluster_module.rst | 442 ++ docs/community.aws.ecs_ecr_module.rst | 527 ++ .../community.aws.ecs_service_info_module.rst | 571 ++ docs/community.aws.ecs_service_module.rst | 1642 ++++++ docs/community.aws.ecs_tag_module.rst | 431 ++ docs/community.aws.ecs_task_module.rst | 747 +++ ...ity.aws.ecs_taskdefinition_info_module.rst | 1242 +++++ ...ommunity.aws.ecs_taskdefinition_module.rst | 589 +++ docs/community.aws.efs_info_module.rst | 580 ++ docs/community.aws.efs_module.rst | 760 +++ .../community.aws.elasticache_info_module.rst | 917 ++++ docs/community.aws.elasticache_module.rst | 486 ++ ...aws.elasticache_parameter_group_module.rst | 394 ++ ...munity.aws.elasticache_snapshot_module.rst | 399 ++ ...ty.aws.elasticache_subnet_group_module.rst | 303 ++ ...ity.aws.elb_application_lb_info_module.rst | 636 +++ ...ommunity.aws.elb_application_lb_module.rst | 1386 +++++ ...mmunity.aws.elb_classic_lb_info_module.rst | 307 ++ docs/community.aws.elb_classic_lb_module.rst | 809 +++ docs/community.aws.elb_instance_module.rst | 348 ++ docs/community.aws.elb_network_lb_module.rst | 1082 ++++ ...unity.aws.elb_target_group_info_module.rst | 810 +++ .../community.aws.elb_target_group_module.rst | 1084 ++++ docs/community.aws.elb_target_info_module.rst | 575 ++ docs/community.aws.elb_target_module.rst | 408 ++ docs/community.aws.execute_lambda_module.rst | 444 ++ docs/community.aws.iam_cert_module.rst | 405 ++ docs/community.aws.iam_group_module.rst | 632 +++ ...ommunity.aws.iam_managed_policy_module.rst | 418 ++ ...mmunity.aws.iam_mfa_device_info_module.rst | 290 + docs/community.aws.iam_module.rst | 565 ++ ...mmunity.aws.iam_password_policy_module.rst | 426 ++ docs/community.aws.iam_policy_info_module.rst | 380 ++ docs/community.aws.iam_policy_module.rst | 393 ++ docs/community.aws.iam_role_info_module.rst | 627 +++ docs/community.aws.iam_role_module.rst | 662 +++ ...mmunity.aws.iam_saml_federation_module.rst | 399 ++ ...aws.iam_server_certificate_info_module.rst | 388 ++ docs/community.aws.iam_user_info_module.rst | 430 ++ docs/community.aws.iam_user_module.rst | 448 ++ docs/community.aws.kinesis_stream_module.rst | 569 ++ docs/community.aws.lambda_alias_module.rst | 451 ++ docs/community.aws.lambda_event_module.rst | 453 ++ docs/community.aws.lambda_facts_module.rst | 375 ++ docs/community.aws.lambda_info_module.rst | 349 ++ docs/community.aws.lambda_module.rst | 617 +++ docs/community.aws.lambda_policy_module.rst | 436 ++ docs/community.aws.lightsail_module.rst | 451 ++ ...community.aws.rds_instance_info_module.rst | 1317 +++++ docs/community.aws.rds_instance_module.rst | 2432 +++++++++ docs/community.aws.rds_module.rst | 1681 ++++++ docs/community.aws.rds_param_group_module.rst | 486 ++ ...community.aws.rds_snapshot_info_module.rst | 1097 ++++ docs/community.aws.rds_snapshot_module.rst | 755 +++ .../community.aws.rds_subnet_group_module.rst | 416 ++ ...redshift_cross_region_snapshots_module.rst | 336 ++ docs/community.aws.redshift_info_module.rst | 844 +++ docs/community.aws.redshift_module.rst | 946 ++++ ...unity.aws.redshift_subnet_group_module.rst | 373 ++ ...munity.aws.route53_health_check_module.rst | 420 ++ docs/community.aws.route53_info_module.rst | 533 ++ docs/community.aws.route53_module.rst | 982 ++++ docs/community.aws.route53_zone_module.rst | 495 ++ ...nity.aws.s3_bucket_notification_module.rst | 427 ++ docs/community.aws.s3_lifecycle_module.rst | 576 ++ docs/community.aws.s3_logging_module.rst | 305 ++ docs/community.aws.s3_sync_module.rst | 577 ++ docs/community.aws.s3_website_module.rst | 641 +++ docs/community.aws.sns_module.rst | 508 ++ docs/community.aws.sns_topic_module.rst | 773 +++ docs/community.aws.sqs_queue_module.rst | 756 +++ docs/community.aws.sts_assume_role_module.rst | 419 ++ ...community.aws.sts_session_token_module.rst | 339 ++ galaxy.yml | 2 +- 175 files changed, 109558 insertions(+), 174 deletions(-) create mode 100644 docs/community.aws.aws_acm_info_module.rst create mode 100644 docs/community.aws.aws_acm_module.rst create mode 100644 docs/community.aws.aws_api_gateway_module.rst create mode 100644 docs/community.aws.aws_application_scaling_policy_module.rst create mode 100644 docs/community.aws.aws_batch_compute_environment_module.rst create mode 100644 docs/community.aws.aws_batch_job_definition_module.rst create mode 100644 docs/community.aws.aws_batch_job_queue_module.rst create mode 100644 docs/community.aws.aws_codebuild_module.rst create mode 100644 docs/community.aws.aws_codecommit_module.rst create mode 100644 docs/community.aws.aws_codepipeline_module.rst create mode 100644 docs/community.aws.aws_config_aggregation_authorization_module.rst create mode 100644 docs/community.aws.aws_config_aggregator_module.rst create mode 100644 docs/community.aws.aws_config_delivery_channel_module.rst create mode 100644 docs/community.aws.aws_config_recorder_module.rst create mode 100644 docs/community.aws.aws_config_rule_module.rst create mode 100644 docs/community.aws.aws_direct_connect_connection_module.rst create mode 100644 docs/community.aws.aws_direct_connect_gateway_module.rst create mode 100644 docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst create mode 100644 docs/community.aws.aws_direct_connect_virtual_interface_module.rst create mode 100644 docs/community.aws.aws_eks_cluster_module.rst create mode 100644 docs/community.aws.aws_elasticbeanstalk_app_module.rst create mode 100644 docs/community.aws.aws_glue_connection_module.rst create mode 100644 docs/community.aws.aws_glue_job_module.rst create mode 100644 docs/community.aws.aws_inspector_target_module.rst create mode 100644 docs/community.aws.aws_kms_info_module.rst create mode 100644 docs/community.aws.aws_kms_module.rst create mode 100644 docs/community.aws.aws_region_info_module.rst create mode 100644 docs/community.aws.aws_s3_bucket_info_module.rst create mode 100644 docs/community.aws.aws_s3_cors_module.rst create mode 100644 docs/community.aws.aws_secret_module.rst create mode 100644 docs/community.aws.aws_ses_identity_module.rst create mode 100644 docs/community.aws.aws_ses_identity_policy_module.rst create mode 100644 docs/community.aws.aws_ses_rule_set_module.rst create mode 100644 docs/community.aws.aws_sgw_info_module.rst create mode 100644 docs/community.aws.aws_ssm_connection.rst create mode 100644 docs/community.aws.aws_ssm_parameter_store_module.rst create mode 100644 docs/community.aws.aws_step_functions_state_machine_execution_module.rst create mode 100644 docs/community.aws.aws_step_functions_state_machine_module.rst create mode 100644 docs/community.aws.aws_waf_condition_module.rst create mode 100644 docs/community.aws.aws_waf_info_module.rst create mode 100644 docs/community.aws.aws_waf_rule_module.rst create mode 100644 docs/community.aws.aws_waf_web_acl_module.rst create mode 100644 docs/community.aws.cloudformation_exports_info_module.rst create mode 100644 docs/community.aws.cloudformation_stack_set_module.rst create mode 100644 docs/community.aws.cloudfront_distribution_module.rst create mode 100644 docs/community.aws.cloudfront_info_module.rst create mode 100644 docs/community.aws.cloudfront_invalidation_module.rst create mode 100644 docs/community.aws.cloudfront_origin_access_identity_module.rst create mode 100644 docs/community.aws.cloudtrail_module.rst create mode 100644 docs/community.aws.cloudwatchevent_rule_module.rst create mode 100644 docs/community.aws.cloudwatchlogs_log_group_info_module.rst create mode 100644 docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst create mode 100644 docs/community.aws.cloudwatchlogs_log_group_module.rst create mode 100644 docs/community.aws.data_pipeline_module.rst create mode 100644 docs/community.aws.dms_endpoint_module.rst create mode 100644 docs/community.aws.dms_replication_subnet_group_module.rst create mode 100644 docs/community.aws.dynamodb_table_module.rst create mode 100644 docs/community.aws.dynamodb_ttl_module.rst create mode 100644 docs/community.aws.ec2_ami_copy_module.rst create mode 100644 docs/community.aws.ec2_asg_info_module.rst create mode 100644 docs/community.aws.ec2_asg_lifecycle_hook_module.rst create mode 100644 docs/community.aws.ec2_asg_module.rst create mode 100644 docs/community.aws.ec2_customer_gateway_info_module.rst create mode 100644 docs/community.aws.ec2_customer_gateway_module.rst create mode 100644 docs/community.aws.ec2_eip_info_module.rst create mode 100644 docs/community.aws.ec2_eip_module.rst create mode 100644 docs/community.aws.ec2_elb_info_module.rst create mode 100644 docs/community.aws.ec2_elb_module.rst create mode 100644 docs/community.aws.ec2_instance_info_module.rst create mode 100644 docs/community.aws.ec2_instance_module.rst create mode 100644 docs/community.aws.ec2_launch_template_module.rst create mode 100644 docs/community.aws.ec2_lc_find_module.rst create mode 100644 docs/community.aws.ec2_lc_info_module.rst create mode 100644 docs/community.aws.ec2_lc_module.rst create mode 100644 docs/community.aws.ec2_metric_alarm_module.rst create mode 100644 docs/community.aws.ec2_placement_group_info_module.rst create mode 100644 docs/community.aws.ec2_placement_group_module.rst create mode 100644 docs/community.aws.ec2_scaling_policy_module.rst create mode 100644 docs/community.aws.ec2_snapshot_copy_module.rst create mode 100644 docs/community.aws.ec2_transit_gateway_info_module.rst create mode 100644 docs/community.aws.ec2_transit_gateway_module.rst create mode 100644 docs/community.aws.ec2_vpc_egress_igw_module.rst create mode 100644 docs/community.aws.ec2_vpc_endpoint_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_endpoint_module.rst create mode 100644 docs/community.aws.ec2_vpc_igw_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_igw_module.rst create mode 100644 docs/community.aws.ec2_vpc_nacl_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_nacl_module.rst create mode 100644 docs/community.aws.ec2_vpc_nat_gateway_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_nat_gateway_module.rst create mode 100644 docs/community.aws.ec2_vpc_peer_module.rst create mode 100644 docs/community.aws.ec2_vpc_peering_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_route_table_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_route_table_module.rst create mode 100644 docs/community.aws.ec2_vpc_vgw_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_vgw_module.rst create mode 100644 docs/community.aws.ec2_vpc_vpn_info_module.rst create mode 100644 docs/community.aws.ec2_vpc_vpn_module.rst create mode 100644 docs/community.aws.ec2_win_password_module.rst create mode 100644 docs/community.aws.ecs_attribute_module.rst create mode 100644 docs/community.aws.ecs_cluster_module.rst create mode 100644 docs/community.aws.ecs_ecr_module.rst create mode 100644 docs/community.aws.ecs_service_info_module.rst create mode 100644 docs/community.aws.ecs_service_module.rst create mode 100644 docs/community.aws.ecs_tag_module.rst create mode 100644 docs/community.aws.ecs_task_module.rst create mode 100644 docs/community.aws.ecs_taskdefinition_info_module.rst create mode 100644 docs/community.aws.ecs_taskdefinition_module.rst create mode 100644 docs/community.aws.efs_info_module.rst create mode 100644 docs/community.aws.efs_module.rst create mode 100644 docs/community.aws.elasticache_info_module.rst create mode 100644 docs/community.aws.elasticache_module.rst create mode 100644 docs/community.aws.elasticache_parameter_group_module.rst create mode 100644 docs/community.aws.elasticache_snapshot_module.rst create mode 100644 docs/community.aws.elasticache_subnet_group_module.rst create mode 100644 docs/community.aws.elb_application_lb_info_module.rst create mode 100644 docs/community.aws.elb_application_lb_module.rst create mode 100644 docs/community.aws.elb_classic_lb_info_module.rst create mode 100644 docs/community.aws.elb_classic_lb_module.rst create mode 100644 docs/community.aws.elb_instance_module.rst create mode 100644 docs/community.aws.elb_network_lb_module.rst create mode 100644 docs/community.aws.elb_target_group_info_module.rst create mode 100644 docs/community.aws.elb_target_group_module.rst create mode 100644 docs/community.aws.elb_target_info_module.rst create mode 100644 docs/community.aws.elb_target_module.rst create mode 100644 docs/community.aws.execute_lambda_module.rst create mode 100644 docs/community.aws.iam_cert_module.rst create mode 100644 docs/community.aws.iam_group_module.rst create mode 100644 docs/community.aws.iam_managed_policy_module.rst create mode 100644 docs/community.aws.iam_mfa_device_info_module.rst create mode 100644 docs/community.aws.iam_module.rst create mode 100644 docs/community.aws.iam_password_policy_module.rst create mode 100644 docs/community.aws.iam_policy_info_module.rst create mode 100644 docs/community.aws.iam_policy_module.rst create mode 100644 docs/community.aws.iam_role_info_module.rst create mode 100644 docs/community.aws.iam_role_module.rst create mode 100644 docs/community.aws.iam_saml_federation_module.rst create mode 100644 docs/community.aws.iam_server_certificate_info_module.rst create mode 100644 docs/community.aws.iam_user_info_module.rst create mode 100644 docs/community.aws.iam_user_module.rst create mode 100644 docs/community.aws.kinesis_stream_module.rst create mode 100644 docs/community.aws.lambda_alias_module.rst create mode 100644 docs/community.aws.lambda_event_module.rst create mode 100644 docs/community.aws.lambda_facts_module.rst create mode 100644 docs/community.aws.lambda_info_module.rst create mode 100644 docs/community.aws.lambda_module.rst create mode 100644 docs/community.aws.lambda_policy_module.rst create mode 100644 docs/community.aws.lightsail_module.rst create mode 100644 docs/community.aws.rds_instance_info_module.rst create mode 100644 docs/community.aws.rds_instance_module.rst create mode 100644 docs/community.aws.rds_module.rst create mode 100644 docs/community.aws.rds_param_group_module.rst create mode 100644 docs/community.aws.rds_snapshot_info_module.rst create mode 100644 docs/community.aws.rds_snapshot_module.rst create mode 100644 docs/community.aws.rds_subnet_group_module.rst create mode 100644 docs/community.aws.redshift_cross_region_snapshots_module.rst create mode 100644 docs/community.aws.redshift_info_module.rst create mode 100644 docs/community.aws.redshift_module.rst create mode 100644 docs/community.aws.redshift_subnet_group_module.rst create mode 100644 docs/community.aws.route53_health_check_module.rst create mode 100644 docs/community.aws.route53_info_module.rst create mode 100644 docs/community.aws.route53_module.rst create mode 100644 docs/community.aws.route53_zone_module.rst create mode 100644 docs/community.aws.s3_bucket_notification_module.rst create mode 100644 docs/community.aws.s3_lifecycle_module.rst create mode 100644 docs/community.aws.s3_logging_module.rst create mode 100644 docs/community.aws.s3_sync_module.rst create mode 100644 docs/community.aws.s3_website_module.rst create mode 100644 docs/community.aws.sns_module.rst create mode 100644 docs/community.aws.sns_topic_module.rst create mode 100644 docs/community.aws.sqs_queue_module.rst create mode 100644 docs/community.aws.sts_assume_role_module.rst create mode 100644 docs/community.aws.sts_session_token_module.rst diff --git a/README.md b/README.md index 58b56eca5ba..783bbe19e1d 100644 --- a/README.md +++ b/README.md @@ -4,187 +4,199 @@ The Ansible Community AWS collection includes a variety of Ansible content to help automate the management of AWS instances. This collection is maintained by the Ansible community. + +## Ansible version compatibility + +This collection has been tested against following Ansible versions: **>=2.9,<2.11**. + +Plugins and modules within a collection may be tested with only specific Ansible versions. +A collection may contain metadata that identifies these versions. +PEP440 is the schema used to describe the versions of Ansible. + + ## Included content ### Connection plugins Name | Description --- | --- -[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm.rst)|execute via AWS Systems Manager +[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm_connection.rst)|execute via AWS Systems Manager + ### Modules Name | Description --- | --- -[community.aws.aws_acm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm.rst)|Upload and delete certificates in the AWS Certificate Manager service -[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm_info.rst)|Retrieve certificate information from AWS Certificate Manager service -[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_api_gateway.rst)|Manage AWS API Gateway APIs -[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_application_scaling_policy.rst)|Manage Application Auto Scaling Scaling Policies -[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_compute_environment.rst)|Manage AWS Batch Compute Environments -[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_definition.rst)|Manage AWS Batch Job Definitions -[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_queue.rst)|Manage AWS Batch Job Queues -[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codebuild.rst)|Create or delete an AWS CodeBuild project -[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codecommit.rst)|Manage repositories in AWS CodeCommit -[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codepipeline.rst)|Create or delete AWS CodePipelines -[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregation_authorization.rst)|Manage cross-account AWS Config authorizations -[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregator.rst)|Manage AWS Config aggregations across multiple accounts -[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_delivery_channel.rst)|Manage AWS Config delivery channels -[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_recorder.rst)|Manage AWS Config Recorders -[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_rule.rst)|Manage AWS Config resources -[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_connection.rst)|Creates, deletes, modifies a DirectConnect connection -[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_gateway.rst)|Manage AWS Direct Connect gateway -[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_link_aggregation_group.rst)|Manage Direct Connect LAG bundles -[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_virtual_interface.rst)|Manage Direct Connect virtual interfaces -[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_eks_cluster.rst)|Manage Elastic Kubernetes Service Clusters -[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_elasticbeanstalk_app.rst)|Create, update, and delete an elastic beanstalk application -[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_connection.rst)|Manage an AWS Glue connection -[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_job.rst)|Manage an AWS Glue job -[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_inspector_target.rst)|Create, Update and Delete Amazon Inspector Assessment Targets -[community.aws.aws_kms](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms.rst)|Perform various KMS management tasks. -[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms_info.rst)|Gather information about AWS KMS keys -[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_region_info.rst)|Gather information about AWS regions. -[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_bucket_info.rst)|Lists S3 buckets in AWS -[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_cors.rst)|Manage CORS for S3 buckets in AWS -[community.aws.aws_secret](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_secret.rst)|Manage secrets stored in AWS Secrets Manager. -[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity.rst)|Manages SES email and domain identity -[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity_policy.rst)|Manages SES sending authorization policies -[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_rule_set.rst)|Manages SES inbound receipt rule sets -[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_sgw_info.rst)|Fetch AWS Storage Gateway information -[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm_parameter_store.rst)|Manage key-value pairs in aws parameter store. -[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine.rst)|Manage AWS Step Functions state machines -[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine_execution.rst)|Start or stop execution of an AWS Step Functions state machine. -[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_condition.rst)|Create and delete WAF Conditions -[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_info.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. -[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_rule.rst)|Create and delete WAF Rules -[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_web_acl.rst)|Create and delete WAF Web ACLs. -[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_exports_info.rst)|Read a value from CloudFormation Exports -[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_stack_set.rst)|Manage groups of CloudFormation stacks -[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_distribution.rst)|Create, update and delete AWS CloudFront distributions. -[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_info.rst)|Obtain facts about an AWS CloudFront distribution -[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_invalidation.rst)|create invalidations for AWS CloudFront distributions -[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_origin_access_identity.rst)|Create, update and delete origin access identities for a CloudFront distribution -[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudtrail.rst)|manage CloudTrail create, delete, update -[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchevent_rule.rst)|Manage CloudWatch Event rules and targets -[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group.rst)|create or delete log_group in CloudWatchLogs -[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_info.rst)|Get information about log_group in CloudWatchLogs -[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst)|Manage CloudWatch log group metric filter -[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.data_pipeline.rst)|Create and manage AWS Datapipelines -[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_endpoint.rst)|Creates or destroys a data migration services endpoint -[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_replication_subnet_group.rst)|creates or destroys a data migration services subnet group -[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_table.rst)|Create, update or delete AWS Dynamo DB tables -[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_ttl.rst)|Set TTL for a given DynamoDB table -[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_ami_copy.rst)|copies AMI between AWS regions, return new image id -[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg.rst)|Create or delete AWS AutoScaling Groups (ASGs) -[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_info.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS -[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_lifecycle_hook.rst)|Create, delete or update AWS ASG Lifecycle Hooks. -[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway.rst)|Manage an AWS customer gateway -[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway_info.rst)|Gather information about customer gateways in AWS -[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip.rst)|manages EC2 elastic IP (EIP) addresses. -[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip_info.rst)|List EC2 EIP details -[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb.rst)|De-registers or registers instances from EC2 ELBs -[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS -[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance.rst)|Create & manage EC2 instances -[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance_info.rst)|Gather information about ec2 instances in AWS -[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_launch_template.rst)|Manage EC2 launch templates -[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc.rst)|Create or delete AWS Autoscaling Launch Configurations -[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_find.rst)|Find AWS Autoscaling Launch Configurations -[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_info.rst)|Gather information about AWS Autoscaling Launch Configurations. -[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_metric_alarm.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' -[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group.rst)|Create or delete an EC2 Placement Group -[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group_info.rst)|List EC2 Placement Group(s) details -[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_scaling_policy.rst)|Create or delete AWS scaling policies for Autoscaling groups -[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_snapshot_copy.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. -[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway.rst)|Create and delete AWS Transit Gateways -[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway_info.rst)|Gather information about ec2 transit gateways in AWS -[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_egress_igw.rst)|Manage an AWS VPC Egress Only Internet gateway -[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint.rst)|Create and delete AWS VPC Endpoints. -[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint_info.rst)|Retrieves AWS VPC endpoints details using AWS methods. -[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw.rst)|Manage an AWS VPC Internet gateway -[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw_info.rst)|Gather information about internet gateways in AWS -[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl.rst)|create and delete Network ACLs. -[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl_info.rst)|Gather information about Network ACLs in an AWS VPC -[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway.rst)|Manage AWS VPC NAT Gateways. -[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway_info.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. -[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peer.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. -[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peering_info.rst)|Retrieves AWS VPC Peering details using AWS methods. -[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table.rst)|Manage route tables for AWS virtual private clouds -[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table_info.rst)|Gather information about ec2 VPC route tables in AWS -[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw.rst)|Create and delete AWS VPN Virtual Gateways. -[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw_info.rst)|Gather information about virtual gateways in AWS -[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn.rst)|Create, modify, and delete EC2 VPN connections. -[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn_info.rst)|Gather information about VPN Connections in AWS. -[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_win_password.rst)|Gets the default administrator password for ec2 windows instances -[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_attribute.rst)|manage ecs attributes -[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_cluster.rst)|Create or terminate ECS clusters. -[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_ecr.rst)|Manage Elastic Container Registry repositories -[community.aws.ecs_service](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service.rst)|Create, terminate, start or stop a service in ECS -[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service_info.rst)|List or describe services in ECS -[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_tag.rst)|create and remove tags on Amazon ECS resources -[community.aws.ecs_task](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_task.rst)|Run, start or stop a task in ecs -[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition.rst)|register a task definition in ecs -[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition_info.rst)|Describe a task definition in ECS -[community.aws.efs](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs.rst)|create and maintain EFS file systems -[community.aws.efs_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs_info.rst)|Get information about Amazon EFS file systems -[community.aws.elasticache](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache.rst)|Manage cache clusters in Amazon ElastiCache -[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_info.rst)|Retrieve information for AWS ElastiCache clusters -[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_parameter_group.rst)|Manage cache parameter groups in Amazon ElastiCache. -[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_snapshot.rst)|Manage cache snapshots in Amazon ElastiCache -[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_subnet_group.rst)|manage ElastiCache subnet groups -[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb.rst)|Manage an Application load balancer -[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb_info.rst)|Gather information about application ELBs in AWS -[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb.rst)|Creates or destroys Amazon ELB. -[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb_info.rst)|Gather information about EC2 Elastic Load Balancers in AWS -[community.aws.elb_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_instance.rst)|De-registers or registers instances from EC2 ELBs -[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_network_lb.rst)|Manage a Network Load Balancer -[community.aws.elb_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target.rst)|Manage a target in a target group -[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group.rst)|Manage a target group for an Application or Network load balancer -[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group_info.rst)|Gather information about ELB target groups in AWS -[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_info.rst)|Gathers which target groups a target is associated with. -[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.execute_lambda.rst)|Execute an AWS Lambda function -[community.aws.iam](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam.rst)|Manage IAM users, groups, roles and keys -[community.aws.iam_cert](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_cert.rst)|Manage server certificates for use on ELBs and CloudFront -[community.aws.iam_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_group.rst)|Manage AWS IAM groups -[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_managed_policy.rst)|Manage User Managed IAM policies -[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_mfa_device_info.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user -[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_password_policy.rst)|Update an IAM Password Policy -[community.aws.iam_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy.rst)|Manage inline IAM policies for users, groups, and roles -[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy_info.rst)|Retrieve inline IAM policies for users, groups, and roles -[community.aws.iam_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role.rst)|Manage AWS IAM roles -[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role_info.rst)|Gather information on IAM roles -[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_saml_federation.rst)|Maintain IAM SAML federation configuration. -[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_server_certificate_info.rst)|Retrieve the information of a server certificate -[community.aws.iam_user](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user.rst)|Manage AWS IAM users -[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user_info.rst)|Gather IAM user(s) facts in AWS -[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.kinesis_stream.rst)|Manage a Kinesis Stream. -[community.aws.lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda.rst)|Manage AWS Lambda functions -[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_alias.rst)|Creates, updates or deletes AWS Lambda function aliases -[community.aws.lambda_event](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_event.rst)|Creates, updates or deletes AWS Lambda function event mappings -[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_facts.rst)|Gathers AWS Lambda function details as Ansible facts -[community.aws.lambda_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_info.rst)|Gathers AWS Lambda function details -[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_policy.rst)|Creates, updates or deletes AWS Lambda policy statements. -[community.aws.lightsail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lightsail.rst)|Manage instances in AWS Lightsail -[community.aws.rds](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts -[community.aws.rds_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance.rst)|Manage RDS instances -[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance_info.rst)|obtain information about one or more RDS instances -[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_param_group.rst)|manage RDS parameter groups -[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot.rst)|manage Amazon RDS snapshots. -[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot_info.rst)|obtain information about one or more RDS snapshots -[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_subnet_group.rst)|manage RDS database subnet groups -[community.aws.redshift](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift.rst)|create, delete, or modify an Amazon Redshift instance -[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_cross_region_snapshots.rst)|Manage Redshift Cross Region Snapshots -[community.aws.redshift_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_info.rst)|Gather information about Redshift cluster(s) -[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_subnet_group.rst)|manage Redshift cluster subnet groups -[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53.rst)|add or delete entries in Amazons Route53 DNS service -[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_health_check.rst)|Add or delete health-checks in Amazons Route53 DNS service -[community.aws.route53_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_info.rst)|Retrieves route53 details using AWS methods -[community.aws.route53_zone](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_zone.rst)|add or delete Route53 zones -[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_bucket_notification.rst)|Creates, updates or deletes S3 Bucket notification for lambda -[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_lifecycle.rst)|Manage s3 bucket lifecycle rules in AWS -[community.aws.s3_logging](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_logging.rst)|Manage logging facility of an s3 bucket in AWS -[community.aws.s3_sync](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_sync.rst)|Efficiently upload multiple files to S3 -[community.aws.s3_website](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_website.rst)|Configure an s3 bucket as a website -[community.aws.sns](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns.rst)|Send Amazon Simple Notification Service messages -[community.aws.sns_topic](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns_topic.rst)|Manages AWS SNS topics and subscriptions -[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sqs_queue.rst)|Creates or deletes AWS SQS queues. -[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_assume_role.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials -[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_session_token.rst)|Obtain a session token from the AWS Security Token Service +[community.aws.aws_acm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm_module.rst)|Upload and delete certificates in the AWS Certificate Manager service +[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm_info_module.rst)|Retrieve certificate information from AWS Certificate Manager service +[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_api_gateway_module.rst)|Manage AWS API Gateway APIs +[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_application_scaling_policy_module.rst)|Manage Application Auto Scaling Scaling Policies +[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_compute_environment_module.rst)|Manage AWS Batch Compute Environments +[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_definition_module.rst)|Manage AWS Batch Job Definitions +[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_queue_module.rst)|Manage AWS Batch Job Queues +[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codebuild_module.rst)|Create or delete an AWS CodeBuild project +[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codecommit_module.rst)|Manage repositories in AWS CodeCommit +[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codepipeline_module.rst)|Create or delete AWS CodePipelines +[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregation_authorization_module.rst)|Manage cross-account AWS Config authorizations +[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregator_module.rst)|Manage AWS Config aggregations across multiple accounts +[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_delivery_channel_module.rst)|Manage AWS Config delivery channels +[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_recorder_module.rst)|Manage AWS Config Recorders +[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_rule_module.rst)|Manage AWS Config resources +[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_connection_module.rst)|Creates, deletes, modifies a DirectConnect connection +[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_gateway_module.rst)|Manage AWS Direct Connect gateway +[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst)|Manage Direct Connect LAG bundles +[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_virtual_interface_module.rst)|Manage Direct Connect virtual interfaces +[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_eks_cluster_module.rst)|Manage Elastic Kubernetes Service Clusters +[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_elasticbeanstalk_app_module.rst)|Create, update, and delete an elastic beanstalk application +[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_connection_module.rst)|Manage an AWS Glue connection +[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_job_module.rst)|Manage an AWS Glue job +[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_inspector_target_module.rst)|Create, Update and Delete Amazon Inspector Assessment Targets +[community.aws.aws_kms](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms_module.rst)|Perform various KMS management tasks. +[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms_info_module.rst)|Gather information about AWS KMS keys +[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_region_info_module.rst)|Gather information about AWS regions. +[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_bucket_info_module.rst)|Lists S3 buckets in AWS +[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_cors_module.rst)|Manage CORS for S3 buckets in AWS +[community.aws.aws_secret](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_secret_module.rst)|Manage secrets stored in AWS Secrets Manager. +[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity_module.rst)|Manages SES email and domain identity +[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity_policy_module.rst)|Manages SES sending authorization policies +[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_rule_set_module.rst)|Manages SES inbound receipt rule sets +[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_sgw_info_module.rst)|Fetch AWS Storage Gateway information +[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm_parameter_store_module.rst)|Manage key-value pairs in aws parameter store. +[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine_module.rst)|Manage AWS Step Functions state machines +[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine_execution_module.rst)|Start or stop execution of an AWS Step Functions state machine. +[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_condition_module.rst)|Create and delete WAF Conditions +[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_info_module.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. +[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_rule_module.rst)|Create and delete WAF Rules +[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_web_acl_module.rst)|Create and delete WAF Web ACLs. +[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_exports_info_module.rst)|Read a value from CloudFormation Exports +[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_stack_set_module.rst)|Manage groups of CloudFormation stacks +[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_distribution_module.rst)|Create, update and delete AWS CloudFront distributions. +[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_info_module.rst)|Obtain facts about an AWS CloudFront distribution +[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_invalidation_module.rst)|create invalidations for AWS CloudFront distributions +[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_origin_access_identity_module.rst)|Create, update and delete origin access identities for a CloudFront distribution +[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudtrail_module.rst)|manage CloudTrail create, delete, update +[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchevent_rule_module.rst)|Manage CloudWatch Event rules and targets +[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_module.rst)|create or delete log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_info_module.rst)|Get information about log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst)|Manage CloudWatch log group metric filter +[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.data_pipeline_module.rst)|Create and manage AWS Datapipelines +[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_endpoint_module.rst)|Creates or destroys a data migration services endpoint +[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_replication_subnet_group_module.rst)|creates or destroys a data migration services subnet group +[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_table_module.rst)|Create, update or delete AWS Dynamo DB tables +[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_ttl_module.rst)|Set TTL for a given DynamoDB table +[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_ami_copy_module.rst)|copies AMI between AWS regions, return new image id +[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_module.rst)|Create or delete AWS AutoScaling Groups (ASGs) +[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_info_module.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_lifecycle_hook_module.rst)|Create, delete or update AWS ASG Lifecycle Hooks. +[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway_module.rst)|Manage an AWS customer gateway +[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway_info_module.rst)|Gather information about customer gateways in AWS +[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip_module.rst)|manages EC2 elastic IP (EIP) addresses. +[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip_info_module.rst)|List EC2 EIP details +[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb_module.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance_module.rst)|Create & manage EC2 instances +[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance_info_module.rst)|Gather information about ec2 instances in AWS +[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_launch_template_module.rst)|Manage EC2 launch templates +[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_module.rst)|Create or delete AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_find_module.rst)|Find AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_info_module.rst)|Gather information about AWS Autoscaling Launch Configurations. +[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_metric_alarm_module.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' +[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group_module.rst)|Create or delete an EC2 Placement Group +[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group_info_module.rst)|List EC2 Placement Group(s) details +[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_scaling_policy_module.rst)|Create or delete AWS scaling policies for Autoscaling groups +[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_snapshot_copy_module.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. +[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway_module.rst)|Create and delete AWS Transit Gateways +[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway_info_module.rst)|Gather information about ec2 transit gateways in AWS +[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_egress_igw_module.rst)|Manage an AWS VPC Egress Only Internet gateway +[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint_module.rst)|Create and delete AWS VPC Endpoints. +[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint_info_module.rst)|Retrieves AWS VPC endpoints details using AWS methods. +[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw_module.rst)|Manage an AWS VPC Internet gateway +[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw_info_module.rst)|Gather information about internet gateways in AWS +[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl_module.rst)|create and delete Network ACLs. +[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl_info_module.rst)|Gather information about Network ACLs in an AWS VPC +[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway_module.rst)|Manage AWS VPC NAT Gateways. +[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. +[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peer_module.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. +[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peering_info_module.rst)|Retrieves AWS VPC Peering details using AWS methods. +[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table_module.rst)|Manage route tables for AWS virtual private clouds +[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table_info_module.rst)|Gather information about ec2 VPC route tables in AWS +[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw_module.rst)|Create and delete AWS VPN Virtual Gateways. +[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw_info_module.rst)|Gather information about virtual gateways in AWS +[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn_module.rst)|Create, modify, and delete EC2 VPN connections. +[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn_info_module.rst)|Gather information about VPN Connections in AWS. +[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_win_password_module.rst)|Gets the default administrator password for ec2 windows instances +[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_attribute_module.rst)|manage ecs attributes +[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_cluster_module.rst)|Create or terminate ECS clusters. +[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_ecr_module.rst)|Manage Elastic Container Registry repositories +[community.aws.ecs_service](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service_module.rst)|Create, terminate, start or stop a service in ECS +[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service_info_module.rst)|List or describe services in ECS +[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_tag_module.rst)|create and remove tags on Amazon ECS resources +[community.aws.ecs_task](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_task_module.rst)|Run, start or stop a task in ecs +[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition_module.rst)|register a task definition in ecs +[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition_info_module.rst)|Describe a task definition in ECS +[community.aws.efs](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs_module.rst)|create and maintain EFS file systems +[community.aws.efs_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs_info_module.rst)|Get information about Amazon EFS file systems +[community.aws.elasticache](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_module.rst)|Manage cache clusters in Amazon ElastiCache +[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_info_module.rst)|Retrieve information for AWS ElastiCache clusters +[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_parameter_group_module.rst)|Manage cache parameter groups in Amazon ElastiCache. +[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_snapshot_module.rst)|Manage cache snapshots in Amazon ElastiCache +[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_subnet_group_module.rst)|manage ElastiCache subnet groups +[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb_module.rst)|Manage an Application load balancer +[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb_info_module.rst)|Gather information about application ELBs in AWS +[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb_module.rst)|Creates or destroys Amazon ELB. +[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.elb_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_instance_module.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_network_lb_module.rst)|Manage a Network Load Balancer +[community.aws.elb_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_module.rst)|Manage a target in a target group +[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group_module.rst)|Manage a target group for an Application or Network load balancer +[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group_info_module.rst)|Gather information about ELB target groups in AWS +[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_info_module.rst)|Gathers which target groups a target is associated with. +[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.execute_lambda_module.rst)|Execute an AWS Lambda function +[community.aws.iam](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_module.rst)|Manage IAM users, groups, roles and keys +[community.aws.iam_cert](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_cert_module.rst)|Manage server certificates for use on ELBs and CloudFront +[community.aws.iam_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_group_module.rst)|Manage AWS IAM groups +[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_managed_policy_module.rst)|Manage User Managed IAM policies +[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_mfa_device_info_module.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user +[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_password_policy_module.rst)|Update an IAM Password Policy +[community.aws.iam_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy_module.rst)|Manage inline IAM policies for users, groups, and roles +[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy_info_module.rst)|Retrieve inline IAM policies for users, groups, and roles +[community.aws.iam_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role_module.rst)|Manage AWS IAM roles +[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role_info_module.rst)|Gather information on IAM roles +[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_saml_federation_module.rst)|Maintain IAM SAML federation configuration. +[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_server_certificate_info_module.rst)|Retrieve the information of a server certificate +[community.aws.iam_user](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user_module.rst)|Manage AWS IAM users +[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user_info_module.rst)|Gather IAM user(s) facts in AWS +[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.kinesis_stream_module.rst)|Manage a Kinesis Stream. +[community.aws.lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_module.rst)|Manage AWS Lambda functions +[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_alias_module.rst)|Creates, updates or deletes AWS Lambda function aliases +[community.aws.lambda_event](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_event_module.rst)|Creates, updates or deletes AWS Lambda function event mappings +[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_facts_module.rst)|Gathers AWS Lambda function details as Ansible facts +[community.aws.lambda_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_info_module.rst)|Gathers AWS Lambda function details +[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_policy_module.rst)|Creates, updates or deletes AWS Lambda policy statements. +[community.aws.lightsail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lightsail_module.rst)|Manage instances in AWS Lightsail +[community.aws.rds](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_module.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts +[community.aws.rds_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance_module.rst)|Manage RDS instances +[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance_info_module.rst)|obtain information about one or more RDS instances +[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_param_group_module.rst)|manage RDS parameter groups +[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot_module.rst)|manage Amazon RDS snapshots. +[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot_info_module.rst)|obtain information about one or more RDS snapshots +[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_subnet_group_module.rst)|manage RDS database subnet groups +[community.aws.redshift](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_module.rst)|create, delete, or modify an Amazon Redshift instance +[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_cross_region_snapshots_module.rst)|Manage Redshift Cross Region Snapshots +[community.aws.redshift_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_info_module.rst)|Gather information about Redshift cluster(s) +[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_subnet_group_module.rst)|manage Redshift cluster subnet groups +[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_module.rst)|add or delete entries in Amazons Route53 DNS service +[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_health_check_module.rst)|Add or delete health-checks in Amazons Route53 DNS service +[community.aws.route53_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_info_module.rst)|Retrieves route53 details using AWS methods +[community.aws.route53_zone](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_zone_module.rst)|add or delete Route53 zones +[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_bucket_notification_module.rst)|Creates, updates or deletes S3 Bucket notification for lambda +[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_lifecycle_module.rst)|Manage s3 bucket lifecycle rules in AWS +[community.aws.s3_logging](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_logging_module.rst)|Manage logging facility of an s3 bucket in AWS +[community.aws.s3_sync](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_sync_module.rst)|Efficiently upload multiple files to S3 +[community.aws.s3_website](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_website_module.rst)|Configure an s3 bucket as a website +[community.aws.sns](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns_module.rst)|Send Amazon Simple Notification Service messages +[community.aws.sns_topic](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns_topic_module.rst)|Manages AWS SNS topics and subscriptions +[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sqs_queue_module.rst)|Creates or deletes AWS SQS queues. +[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_assume_role_module.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials +[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_session_token_module.rst)|Obtain a session token from the AWS Security Token Service + ## Installing this collection diff --git a/docs/community.aws.aws_acm_info_module.rst b/docs/community.aws.aws_acm_info_module.rst new file mode 100644 index 00000000000..793d00fd7d7 --- /dev/null +++ b/docs/community.aws.aws_acm_info_module.rst @@ -0,0 +1,960 @@ +.. _community.aws.aws_acm_info_module: + + +************************** +community.aws.aws_acm_info +************************** + +**Retrieve certificate information from AWS Certificate Manager service** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve information for ACM certificates +- This module was called ``aws_acm_facts`` before Ansible 2.9. The usage did not change. +- Note that this will not return information about uploaded keys of size 4096 bits, due to a limitation of the ACM API. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + certificate_arn + +
    + string +
    +     		+ +
    If provided, the results will be filtered to show only the certificate with this ARN.
    +
    If no certificate with this ARN exists, this task will fail.
    +
    If a certificate with this ARN exists in a different region, this task will fail
    +

    aliases: arn
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + domain_name + +
    + string +
    +     		+ +
    The domain name of an ACM certificate to limit the search to
    +

    aliases: name
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + statuses + +
    + list + / elements=string
    +     		+
      Choices: +
    • PENDING_VALIDATION
      • +
    • ISSUED
      • +
    • INACTIVE
      • +
    • EXPIRED
      • +
    • VALIDATION_TIMED_OUT
      • +
    • REVOKED
      • +
    • FAILED
      • +
    +     		+
    Status to filter the certificate results
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Filter results to show only certificates with tags that match all the tags specified here.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: obtain all ACM certificates + community.aws.aws_acm_info: + + - name: obtain all information for a single ACM certificate + community.aws.aws_acm_info: + domain_name: "*.example_com" + + - name: obtain all certificates pending validation + community.aws.aws_acm_info: + statuses: + - PENDING_VALIDATION + + - name: obtain all certificates with tag Name=foo and myTag=bar + community.aws.aws_acm_info: + tags: + Name: foo + myTag: bar + + + # The output is still a list of certificates, just one item long. + - name: obtain information about a certificate with a particular ARN + community.aws.aws_acm_info: + certificate_arn: "arn:aws:acm:ap-southeast-2:123456789876:certificate/abcdeabc-abcd-1234-4321-abcdeabcde12" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + certificates + +
    + complex +
    +     		always +
    A list of certificates
    +
    +
      +
    + certificate + +
    + string +
    +     		when certificate creation is complete +
    The ACM Certificate body
    +
    +
    Sample:
    +
    -----BEGIN CERTIFICATE-----\nMII.....-----END CERTIFICATE-----\n
    +
      +
    + certificate_arn + +
    + string +
    +     		always +
    Certificate ARN
    +
    +
    Sample:
    +
    arn:aws:acm:ap-southeast-2:123456789012:certificate/abcd1234-abcd-1234-abcd-123456789abc
    +
      +
    + certificate_chain + +
    + string +
    +     		when certificate creation is complete +
    Full certificate chain for the certificate
    +
    +
    Sample:
    +
    -----BEGIN CERTIFICATE-----\nMII...\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n...
    +
      +
    + created_at + +
    + string +
    +     		always +
    Date certificate was created
    +
    +
    Sample:
    +
    2017-08-15T10:31:19+10:00
    +
      +
    + domain_name + +
    + string +
    +     		always +
    Domain name for the certificate
    +
    +
    Sample:
    +
    *.example.com
    +
      +
    + domain_validation_options + +
    + complex +
    +     		when certificate type is AMAZON_ISSUED +
    Options used by ACM to validate the certificate
    +
    +
       +
    + domain_name + +
    + string +
    +     		always +
    Fully qualified domain name of the certificate
    +
    +
    Sample:
    +
    example.com
    +
       +
    + validation_domain + +
    + string +
    +     		always +
    The domain name ACM used to send validation emails
    +
    +
    Sample:
    +
    example.com
    +
       +
    + validation_emails + +
    + list + / elements=string
    +     		always +
    A list of email addresses that ACM used to send domain validation emails
    +
    +
    Sample:
    +
    ['admin@example.com', 'postmaster@example.com']
    +
       +
    + validation_status + +
    + string +
    +     		always +
    Validation status of the domain
    +
    +
    Sample:
    +
    SUCCESS
    +
      +
    + failure_reason + +
    + string +
    +     		only when certificate issuing failed +
    Reason certificate request failed
    +
    +
    Sample:
    +
    NO_AVAILABLE_CONTACTS
    +
      +
    + in_use_by + +
    + list + / elements=string
    +     		always +
    A list of ARNs for the AWS resources that are using the certificate.
    +
    +
      +
    + issued_at + +
    + string +
    +     		always +
    Date certificate was issued
    +
    +
    Sample:
    +
    2017-01-01T00:00:00+10:00
    +
      +
    + issuer + +
    + string +
    +     		always +
    Issuer of the certificate
    +
    +
    Sample:
    +
    Amazon
    +
      +
    + key_algorithm + +
    + string +
    +     		always +
    Algorithm used to generate the certificate
    +
    +
    Sample:
    +
    RSA-2048
    +
      +
    + not_after + +
    + string +
    +     		always +
    Date after which the certificate is not valid
    +
    +
    Sample:
    +
    2019-01-01T00:00:00+10:00
    +
      +
    + not_before + +
    + string +
    +     		always +
    Date before which the certificate is not valid
    +
    +
    Sample:
    +
    2017-01-01T00:00:00+10:00
    +
      +
    + renewal_summary + +
    + complex +
    +     		when certificate is issued by Amazon and a renewal has been started +
    Information about managed renewal process
    +
    +
       +
    + domain_validation_options + +
    + complex +
    +     		when certificate type is AMAZON_ISSUED +
    Options used by ACM to validate the certificate
    +
    +
        +
    + domain_name + +
    + string +
    +     		always +
    Fully qualified domain name of the certificate
    +
    +
    Sample:
    +
    example.com
    +
        +
    + validation_domain + +
    + string +
    +     		always +
    The domain name ACM used to send validation emails
    +
    +
    Sample:
    +
    example.com
    +
        +
    + validation_emails + +
    + list + / elements=string
    +     		always +
    A list of email addresses that ACM used to send domain validation emails
    +
    +
    Sample:
    +
    ['admin@example.com', 'postmaster@example.com']
    +
        +
    + validation_status + +
    + string +
    +     		always +
    Validation status of the domain
    +
    +
    Sample:
    +
    SUCCESS
    +
       +
    + renewal_status + +
    + string +
    +     		always +
    Status of the domain renewal
    +
    +
    Sample:
    +
    PENDING_AUTO_RENEWAL
    +
      +
    + revocation_reason + +
    + string +
    +     		when the certificate has been revoked +
    Reason for certificate revocation
    +
    +
    Sample:
    +
    SUPERCEDED
    +
      +
    + revoked_at + +
    + string +
    +     		when the certificate has been revoked +
    Date certificate was revoked
    +
    +
    Sample:
    +
    2017-09-01T10:00:00+10:00
    +
      +
    + serial + +
    + string +
    +     		always +
    The serial number of the certificate
    +
    +
    Sample:
    +
    00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f
    +
      +
    + signature_algorithm + +
    + string +
    +     		always +
    Algorithm used to sign the certificate
    +
    +
    Sample:
    +
    SHA256WITHRSA
    +
      +
    + status + +
    + string +
    +     		always +
    Status of the certificate in ACM
    +
    +
    Sample:
    +
    ISSUED
    +
      +
    + subject + +
    + string +
    +     		always +
    The name of the entity that is associated with the public key contained in the certificate
    +
    +
    Sample:
    +
    CN=*.example.com
    +
      +
    + subject_alternative_names + +
    + list + / elements=string
    +     		always +
    Subject Alternative Names for the certificate
    +
    +
    Sample:
    +
    ['*.example.com']
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    Tags associated with the certificate
    +
    +
    Sample:
    +
    {'Application': 'helloworld', 'Environment': 'test'}
    +
      +
    + type + +
    + string +
    +     		always +
    The source of the certificate
    +
    +
    Sample:
    +
    AMAZON_ISSUED
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + diff --git a/docs/community.aws.aws_acm_module.rst b/docs/community.aws.aws_acm_module.rst new file mode 100644 index 00000000000..40189ba6f08 --- /dev/null +++ b/docs/community.aws.aws_acm_module.rst @@ -0,0 +1,498 @@ +.. _community.aws.aws_acm_module: + + +********************* +community.aws.aws_acm +********************* + +**Upload and delete certificates in the AWS Certificate Manager service** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Import and delete certificates in Amazon Web Service's Certificate Manager (AWS ACM). +- This module does not currently interact with AWS-provided certificates. It currently only manages certificates provided to AWS by the user. + +- The ACM API allows users to upload multiple certificates for the same domain name, and even multiple identical certificates. This module attempts to restrict such freedoms, to be idempotent, as per the Ansible philosophy. It does this through applying AWS resource "Name" tags to ACM certificates. +- When *state=present*, if there is one certificate in ACM with a ``Name`` tag equal to the ``name_tag`` parameter, and an identical body and chain, this task will succeed without effect. + +- When *state=present*, if there is one certificate in ACM a *Name* tag equal to the *name_tag* parameter, and a different body, this task will overwrite that certificate. + +- When *state=present*, if there are multiple certificates in ACM with a *Name* tag equal to the *name_tag* parameter, this task will fail. + +- When *state=absent* and *certificate_arn* is defined, this module will delete the ACM resource with that ARN if it exists in this region, and succeed without effect if it doesn't exist. + +- When *state=absent* and *domain_name* is defined, this module will delete all ACM resources in this AWS region with a corresponding domain name. If there are none, it will succeed without effect. + +- When *state=absent* and *certificate_arn* is not defined, and *domain_name* is not defined, this module will delete all ACM resources in this AWS region with a corresponding *Name* tag. If there are none, it will succeed without effect. + +- Note that this may not work properly with keys of size 4096 bits, due to a limitation of the ACM API. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + certificate + +
    + string +
    +     		+ +
    The body of the PEM encoded public certificate.
    +
    Required when state is not absent.
    +
    If your certificate is in a file, use lookup('file', 'path/to/cert.pem').
    +
    +
    + certificate_arn + +
    + string +
    +     		+ +
    The ARN of a certificate in ACM to delete
    +
    Ignored when state=present.
    +
    If state=absent, you must provide one of certificate_arn, domain_name or name_tag.
    +
    If state=absent and no resource exists with this ARN in this region, the task will succeed with no effect.
    +
    If state=absent and the corresponding resource exists in a different region, this task may report success without deleting that resource.
    +

    aliases: arn
    +
    +
    + certificate_chain + +
    + string +
    +     		+ +
    The body of the PEM encoded chain for your certificate.
    +
    If your certificate chain is in a file, use lookup('file', 'path/to/chain.pem').
    +
    Ignored when state=absent
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + domain_name + +
    + string +
    +     		+ +
    The domain name of the certificate.
    +
    If state=absent and domain_name is specified, this task will delete all ACM certificates with this domain.
    +
    Exactly one of domain_name, name_tag and certificate_arn must be provided.
    +
    If state=present this must not be specified. (Since the domain name is encoded within the public certificate's body.)
    +

    aliases: domain
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name_tag + +
    + string +
    +     		+ +
    The unique identifier for tagging resources using AWS tags, with key Name.
    +
    This can be any set of characters accepted by AWS for tag values.
    +
    This is to ensure Ansible can treat certificates idempotently, even though the ACM API allows duplicate certificates.
    +
    If state=preset, this must be specified.
    +
    If state=absent, you must provide exactly one of certificate_arn, domain_name or name_tag.
    +

    aliases: name
    +
    +
    + private_key + +
    + string +
    +     		+ +
    The body of the PEM encoded private key.
    +
    Required when state=present.
    +
    Ignored when state=absent.
    +
    If your private key is in a file, use lookup('file', 'path/to/key.pem').
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    If state=present, the specified public certificate and private key will be uploaded, with Name tag equal to name_tag.
    +
    If state=absent, any certificates in this region with a corresponding domain_name, name_tag or certificate_arn will be deleted.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: upload a self-signed certificate + community.aws.aws_acm: + certificate: "{{ lookup('file', 'cert.pem' ) }}" + privateKey: "{{ lookup('file', 'key.pem' ) }}" + name_tag: my_cert # to be applied through an AWS tag as "Name":"my_cert" + region: ap-southeast-2 # AWS region + + - name: create/update a certificate with a chain + community.aws.aws_acm: + certificate: "{{ lookup('file', 'cert.pem' ) }}" + privateKey: "{{ lookup('file', 'key.pem' ) }}" + name_tag: my_cert + certificate_chain: "{{ lookup('file', 'chain.pem' ) }}" + state: present + region: ap-southeast-2 + register: cert_create + + - name: print ARN of cert we just created + debug: + var: cert_create.certificate.arn + + - name: delete the cert we just created + community.aws.aws_acm: + name_tag: my_cert + state: absent + region: ap-southeast-2 + + - name: delete a certificate with a particular ARN + community.aws.aws_acm: + certificate_arn: "arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901" + state: absent + region: ap-southeast-2 + + - name: delete all certificates with a particular domain name + community.aws.aws_acm: + domain_name: acm.ansible.com + state: absent + region: ap-southeast-2 + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + arns + +
    + list + / elements=string
    +     		when state=absent +
    A list of the ARNs of the certificates in ACM which were deleted
    +
    +
    Sample:
    +
    ['arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901']
    +
    +
    + certificate + +
    + complex +
    +     		when state=present +
    Information about the certificate which was uploaded
    +
    +
      +
    + arn + +
    + string +
    +     		when state=present +
    The ARN of the certificate in ACM
    +
    +
    Sample:
    +
    arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901
    +
      +
    + domain_name + +
    + string +
    +     		when state=present +
    The domain name encoded within the public certificate
    +
    +
    Sample:
    +
    acm.ansible.com
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Matthew Davis (@matt-telstra) on behalf of Telstra Corporation Limited + + diff --git a/docs/community.aws.aws_api_gateway_module.rst b/docs/community.aws.aws_api_gateway_module.rst new file mode 100644 index 00000000000..d623936fc68 --- /dev/null +++ b/docs/community.aws.aws_api_gateway_module.rst @@ -0,0 +1,575 @@ +.. _community.aws.aws_api_gateway_module: + + +***************************** +community.aws.aws_api_gateway +***************************** + +**Manage AWS API Gateway APIs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of API Gateway APIs +- Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do not give api_id then a new API will be create each time this is run. +- Beware that there are very hard limits on the rate that you can call API Gateway's REST API. You may need to patch your boto. See https://github.com/boto/boto3/issues/876 and discuss with your AWS rep. +- swagger_file and swagger_text are passed directly on to AWS transparently whilst swagger_dict is an ansible dict which is converted to JSON before the API definitions are uploaded. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + api_id + +
    + string +
    +     		+ +
    The ID of the API you want to manage.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cache_enabled + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enable API GW caching of backend responses. Defaults to false.
    +
    +
    + cache_size + +
    + string +
    +     		+
      Choices: +
    • 0.5 ←
      • +
    • 1.6
      • +
    • 6.1
      • +
    • 13.5
      • +
    • 28.4
      • +
    • 58.2
      • +
    • 118
      • +
    • 237
      • +
    +     		+
    Size in GB of the API GW cache, becomes effective when cache_enabled is true.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + deploy_desc + +
    + string +
    +     		+ Default:
    "Automatic deployment by Ansible."
    +     		+
    Description of the deployment - recorded and visible in the AWS console.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + endpoint_type + +
    + string +
    +     		+
      Choices: +
    • EDGE ←
      • +
    • REGIONAL
      • +
    • PRIVATE
      • +
    +     		+
    Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
    +
    REGIONAL for just a regional deploy or PRIVATE for a private API.
    +
    This will flag will only be used when creating a new API Gateway setup, not for updates.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + stage + +
    + string +
    +     		+ +
    The name of the stage the API should be deployed to.
    +
    +
    + stage_canary_settings + +
    + dictionary +
    +     		+ +
    Canary settings for the deployment of the stage.
    +
    Dict with following settings:
    +
    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
    +
    deploymentId: The ID of the canary deployment.
    +
    stageVariableOverrides: Stage variables overridden for a canary release deployment.
    +
    useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
    + +
    +
    + stage_variables + +
    + dictionary +
    +     		+ +
    ENV variables for the stage. Define a dict of key values pairs for variables.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete API Gateway.
    +
    +
    + swagger_dict + +
    + json +
    +     		+ +
    Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
    +
    +
    + swagger_file + +
    + path +
    +     		+ +
    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
    +

    aliases: src, api_file
    +
    +
    + swagger_text + +
    + string +
    +     		+ +
    Swagger definitions for API in JSON or YAML as a string direct from playbook.
    +
    +
    + tracing_enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies whether active tracing with X-ray is enabled for the API GW stage.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - A future version of this module will probably use tags or another ID so that an API can be create only once. + - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Setup AWS API Gateway setup on AWS and deploy API definition + community.aws.aws_api_gateway: + swagger_file: my_api.yml + stage: production + cache_enabled: true + cache_size: '1.6' + tracing_enabled: true + endpoint_type: EDGE + state: present + + - name: Update API definition to deploy new version + community.aws.aws_api_gateway: + api_id: 'abc123321cba' + swagger_file: my_api.yml + deploy_desc: Make auth fix available. + cache_enabled: true + cache_size: '1.6' + endpoint_type: EDGE + state: present + + - name: Update API definitions and settings and deploy as canary + community.aws.aws_api_gateway: + api_id: 'abc123321cba' + swagger_file: my_api.yml + cache_enabled: true + cache_size: '6.1' + canary_settings: { percentTraffic: 50.0, deploymentId: '123', useStageCache: True } + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + api_id + +
    + string +
    +     		success +
    API id of the API endpoint created
    +
    +
    Sample:
    +
    0ln4zq7p86
    +
    +
    + configure_response + +
    + dictionary +
    +     		success +
    AWS response from the API configure call
    +
    +
    Sample:
    +
    {'api_key_source': 'HEADER', 'created_at': '2020-01-01T11:37:59+00:00', 'id': '0ln4zq7p86'}
    +
    +
    + deploy_response + +
    + dictionary +
    +     		success +
    AWS response from the API deploy call
    +
    +
    Sample:
    +
    {'created_date': '2020-01-01T11:36:59+00:00', 'id': 'rptv4b', 'description': 'Automatic deployment by Ansible.'}
    +
    +
    + resource_actions + +
    + list +
    +     		always +
    Actions performed against AWS API
    +
    +
    Sample:
    +
    ['apigateway:CreateRestApi', 'apigateway:CreateDeployment', 'apigateway:PutRestApi']
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael De La Rue (@mikedlr) + + diff --git a/docs/community.aws.aws_application_scaling_policy_module.rst b/docs/community.aws.aws_application_scaling_policy_module.rst new file mode 100644 index 00000000000..7f76effd9aa --- /dev/null +++ b/docs/community.aws.aws_application_scaling_policy_module.rst @@ -0,0 +1,1014 @@ +.. _community.aws.aws_application_scaling_policy_module: + + +******************************************** +community.aws.aws_application_scaling_policy +******************************************** + +**Manage Application Auto Scaling Scaling Policies** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, updates or removes a Scaling Policy + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + maximum_tasks + +
    + integer +
    +     		+ +
    The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service.
    +
    +
    + minimum_tasks + +
    + integer +
    +     		+ +
    The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service.
    +
    +
    + override_task_capacity + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to override values of minimum and/or maximum tasks if it's already set.
    +
    +
    + policy_name + +
    + string + / required
    +     		+ +
    The name of the scaling policy.
    +
    +
    + policy_type + +
    + string + / required
    +     		+
      Choices: +
    • StepScaling
      • +
    • TargetTrackingScaling
      • +
    +     		+
    The policy type.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + resource_id + +
    + string + / required
    +     		+ +
    The identifier of the resource associated with the scalable target.
    +
    +
    + scalable_dimension + +
    + string + / required
    +     		+
      Choices: +
    • ecs:service:DesiredCount
      • +
    • ec2:spot-fleet-request:TargetCapacity
      • +
    • elasticmapreduce:instancegroup:InstanceCount
      • +
    • appstream:fleet:DesiredCapacity
      • +
    • dynamodb:table:ReadCapacityUnits
      • +
    • dynamodb:table:WriteCapacityUnits
      • +
    • dynamodb:index:ReadCapacityUnits
      • +
    • dynamodb:index:WriteCapacityUnits
      • +
    +     		+
    The scalable dimension associated with the scalable target.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + service_namespace + +
    + string + / required
    +     		+
      Choices: +
    • ecs
      • +
    • elasticmapreduce
      • +
    • ec2
      • +
    • appstream
      • +
    • dynamodb
      • +
    +     		+
    The namespace of the AWS service.
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • absent
      • +
    • present
      • +
    +     		+
    Whether a policy should be present or absent
    +
    +
    + step_scaling_policy_configuration + +
    + dictionary +
    +     		+ +
    A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
    +
    +
    + target_tracking_scaling_policy_configuration + +
    + dictionary +
    +     		+ +
    A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
    +
    Full documentation of the suboptions can be found in the API documentation:
    + +
    +
    + CustomizedMetricSpecification + +
    + dictionary +
    +     		+ +
    The metric to use if using a customized metric.
    +
    +
    + DisableScaleIn + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether scaling-in should be disabled.
    +
    +
    + PredefinedMetricSpecification + +
    + dictionary +
    +     		+ +
    The metric to use if using a predefined metric.
    +
    +
    + ScaleInCooldown + +
    + integer +
    +     		+ +
    The time (in seconds) to wait after scaling-in before another scaling action can occur.
    +
    +
    + ScaleOutCooldown + +
    + integer +
    +     		+ +
    The time (in seconds) to wait after scaling-out before another scaling action can occur.
    +
    +
    + TargetValue + +
    + float +
    +     		+ +
    The target value for the metric
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/application-autoscaling.html#ApplicationAutoScaling.Client.put_scaling_policy + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create step scaling policy for ECS Service + - name: scaling_policy + community.aws.aws_application_scaling_policy: + state: present + policy_name: test_policy + service_namespace: ecs + resource_id: service/poc-pricing/test-as + scalable_dimension: ecs:service:DesiredCount + policy_type: StepScaling + minimum_tasks: 1 + maximum_tasks: 6 + step_scaling_policy_configuration: + AdjustmentType: ChangeInCapacity + StepAdjustments: + - MetricIntervalUpperBound: 123 + ScalingAdjustment: 2 + - MetricIntervalLowerBound: 123 + ScalingAdjustment: -2 + Cooldown: 123 + MetricAggregationType: Average + + # Create target tracking scaling policy for ECS Service + - name: scaling_policy + community.aws.aws_application_scaling_policy: + state: present + policy_name: test_policy + service_namespace: ecs + resource_id: service/poc-pricing/test-as + scalable_dimension: ecs:service:DesiredCount + policy_type: TargetTrackingScaling + minimum_tasks: 1 + maximum_tasks: 6 + target_tracking_scaling_policy_configuration: + TargetValue: 60 + PredefinedMetricSpecification: + PredefinedMetricType: ECSServiceAverageCPUUtilization + ScaleOutCooldown: 60 + ScaleInCooldown: 60 + + # Remove scalable target for ECS Service + - name: scaling_policy + community.aws.aws_application_scaling_policy: + state: absent + policy_name: test_policy + policy_type: StepScaling + service_namespace: ecs + resource_id: service/cluster-name/service-name + scalable_dimension: ecs:service:DesiredCount + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + alarms + +
    + complex +
    +     		when state present +
    List of the CloudWatch alarms associated with the scaling policy
    +
    +
      +
    + alarm_arn + +
    + string +
    +     		when state present +
    The Amazon Resource Name (ARN) of the alarm
    +
    +
      +
    + alarm_name + +
    + string +
    +     		when state present +
    The name of the alarm
    +
    +
    +
    + creation_time + +
    + string +
    +     		when state present +
    The Unix timestamp for when the scalable target was created.
    +
    +
    Sample:
    +
    2017-09-28T08:22:51.881000-03:00
    +
    +
    + max_capacity + +
    + integer +
    +     		when state present +
    The maximum value to scale to in response to a scale out event. Required if state is present.
    +
    +
    Sample:
    +
    2
    +
    +
    + min_capacity + +
    + integer +
    +     		when state present +
    The minimum value to scale to in response to a scale in event. Required if state is present.
    +
    +
    Sample:
    +
    1
    +
    +
    + policy_arn + +
    + string +
    +     		when state present +
    The Amazon Resource Name (ARN) of the scaling policy..
    +
    +
    +
    + policy_name + +
    + string +
    +     		when state present +
    The name of the scaling policy.
    +
    +
    +
    + policy_type + +
    + string +
    +     		when state present +
    The policy type.
    +
    +
    +
    + resource_id + +
    + string +
    +     		when state present +
    The identifier of the resource associated with the scalable target.
    +
    +
    Sample:
    +
    service/cluster-name/service-name
    +
    +
    + role_arn + +
    + string +
    +     		when state present +
    The ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf. Required if state is present.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789123:role/roleName
    +
    +
    + scalable_dimension + +
    + string +
    +     		when state present +
    The scalable dimension associated with the scalable target.
    +
    +
    Sample:
    +
    ecs:service:DesiredCount
    +
    +
    + service_namespace + +
    + string +
    +     		when state present +
    The namespace of the AWS service.
    +
    +
    Sample:
    +
    ecs
    +
    +
    + step_scaling_policy_configuration + +
    + complex +
    +     		when state present and the policy type is StepScaling +
    The step scaling policy.
    +
    +
      +
    + adjustment_type + +
    + string +
    +     		when state present and the policy type is StepScaling +
    The adjustment type
    +
    +
    Sample:
    +
    ChangeInCapacity, PercentChangeInCapacity, ExactCapacity
    +
      +
    + cooldown + +
    + integer +
    +     		when state present and the policy type is StepScaling +
    The amount of time, in seconds, after a scaling activity completes where previous trigger-related scaling activities can influence future scaling events
    +
    +
    Sample:
    +
    60
    +
      +
    + metric_aggregation_type + +
    + string +
    +     		when state present and the policy type is StepScaling +
    The aggregation type for the CloudWatch metrics
    +
    +
    Sample:
    +
    Average, Minimum, Maximum
    +
      +
    + step_adjustments + +
    + list + / elements=dictionary
    +     		when state present and the policy type is StepScaling +
    A set of adjustments that enable you to scale based on the size of the alarm breach
    +
    +
    +
    + target_tracking_scaling_policy_configuration + +
    + complex +
    +     		when state present and the policy type is TargetTrackingScaling +
    The target tracking policy.
    +
    +
      +
    + predefined_metric_specification + +
    + complex +
    +     		when state present and the policy type is TargetTrackingScaling +
    A predefined metric
    +
    +
       +
    + predefined_metric_type + +
    + string +
    +     		when state present and the policy type is TargetTrackingScaling +
    The metric type
    +
    +
    Sample:
    +
    ECSServiceAverageCPUUtilization, ECSServiceAverageMemoryUtilization
    +
       +
    + resource_label + +
    + string +
    +     		when metric type is ALBRequestCountPerTarget +
    Identifies the resource associated with the metric type
    +
    +
      +
    + scale_in_cooldown + +
    + integer +
    +     		when state present and the policy type is TargetTrackingScaling +
    The amount of time, in seconds, after a scale in activity completes before another scale in activity can start
    +
    +
    Sample:
    +
    60
    +
      +
    + scale_out_cooldown + +
    + integer +
    +     		when state present and the policy type is TargetTrackingScaling +
    The amount of time, in seconds, after a scale out activity completes before another scale out activity can start
    +
    +
    Sample:
    +
    60
    +
      +
    + target_value + +
    + integer +
    +     		when state present and the policy type is TargetTrackingScaling +
    The target value for the metric
    +
    +
    Sample:
    +
    70
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Gustavo Maia (@gurumaia) +- Chen Leibovich (@chenl87) + + diff --git a/docs/community.aws.aws_batch_compute_environment_module.rst b/docs/community.aws.aws_batch_compute_environment_module.rst new file mode 100644 index 00000000000..223d746be03 --- /dev/null +++ b/docs/community.aws.aws_batch_compute_environment_module.rst @@ -0,0 +1,580 @@ +.. _community.aws.aws_batch_compute_environment_module: + + +******************************************* +community.aws.aws_batch_compute_environment +******************************************* + +**Manage AWS Batch Compute Environments** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Batch Compute Environments. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bid_percentage + +
    + integer +
    +     		+ +
    The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
    +
    +
    + compute_environment_name + +
    + string + / required
    +     		+ +
    The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
    +
    +
    + compute_environment_state + +
    + string +
    +     		+
      Choices: +
    • ENABLED ←
      • +
    • DISABLED
      • +
    +     		+
    The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
    +
    +
    + compute_resource_type + +
    + string + / required
    +     		+
      Choices: +
    • EC2
      • +
    • SPOT
      • +
    +     		+
    The type of compute resource.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + desiredv_cpus + +
    + integer +
    +     		+ +
    The desired number of EC2 vCPUS in the compute environment.
    +
    +
    + ec2_key_pair + +
    + string +
    +     		+ +
    The EC2 key pair that is used for instances launched in the compute environment.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + image_id + +
    + string +
    +     		+ +
    The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
    +
    +
    + instance_role + +
    + string + / required
    +     		+ +
    The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
    +
    +
    + instance_types + +
    + list + / elements=string / required
    +     		+ +
    The instance types that may be launched.
    +
    +
    + maxv_cpus + +
    + integer + / required
    +     		+ +
    The maximum number of EC2 vCPUs that an environment can reach.
    +
    +
    + minv_cpus + +
    + integer + / required
    +     		+ +
    The minimum number of EC2 vCPUs that an environment should maintain.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_group_ids + +
    + list + / elements=string / required
    +     		+ +
    The EC2 security groups that are associated with instances launched in the compute environment.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + service_role + +
    + string + / required
    +     		+ +
    The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
    +
    +
    + spot_iam_fleet_role + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + subnets + +
    + list + / elements=string / required
    +     		+ +
    The VPC subnets into which the compute resources are launched.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Key-value pair tags to be applied to resources that are launched in the compute environment.
    +
    +
    + type + +
    + string + / required
    +     		+
      Choices: +
    • MANAGED
      • +
    • UNMANAGED
      • +
    +     		+
    The type of the compute environment.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: My Batch Compute Environment + community.aws.aws_batch_compute_environment: + compute_environment_name: computeEnvironmentName + state: present + region: us-east-1 + compute_environment_state: ENABLED + type: MANAGED + compute_resource_type: EC2 + minv_cpus: 0 + maxv_cpus: 2 + desiredv_cpus: 1 + instance_types: + - optimal + subnets: + - my-subnet1 + - my-subnet2 + security_group_ids: + - my-sg1 + - my-sg2 + instance_role: arn:aws:iam:::instance-profile/ + tags: + tag1: value1 + tag2: value2 + service_role: arn:aws:iam:::role/service-role/ + register: aws_batch_compute_environment_action + + - name: show results + debug: + var: aws_batch_compute_environment_action + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + output + +
    + dictionary +
    +     		always +
    returns what action was taken, whether something was changed, invocation and response
    +
    +
    Sample:
    +
    {'batch_compute_environment_action': 'none', 'changed': False, 'invocation': {'module_args': {'aws_access_key': None, 'aws_secret_key': None, 'bid_percentage': None, 'compute_environment_name': '<name>', 'compute_environment_state': 'ENABLED', 'compute_resource_type': 'EC2', 'desiredv_cpus': 0, 'ec2_key_pair': None, 'ec2_url': None, 'image_id': None, 'instance_role': 'arn:aws:iam::...', 'instance_types': ['optimal'], 'maxv_cpus': 8, 'minv_cpus': 0, 'profile': None, 'region': 'us-east-1', 'security_group_ids': ['*******'], 'security_token': None, 'service_role': 'arn:aws:iam::....', 'spot_iam_fleet_role': None, 'state': 'present', 'subnets': ['******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'MANAGED', 'validate_certs': True}}, 'response': {'computeEnvironmentArn': 'arn:aws:batch:....', 'computeEnvironmentName': '<name>', 'computeResources': {'desiredvCpus': 0, 'instanceRole': 'arn:aws:iam::...', 'instanceTypes': ['optimal'], 'maxvCpus': 8, 'minvCpus': 0, 'securityGroupIds': ['******'], 'subnets': ['*******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'EC2'}, 'ecsClusterArn': 'arn:aws:ecs:.....', 'serviceRole': 'arn:aws:iam::...', 'state': 'ENABLED', 'status': 'VALID', 'statusReason': 'ComputeEnvironment Healthy', 'type': 'MANAGED'}}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jon Meran (@jonmer85) + + diff --git a/docs/community.aws.aws_batch_job_definition_module.rst b/docs/community.aws.aws_batch_job_definition_module.rst new file mode 100644 index 00000000000..241bab98d91 --- /dev/null +++ b/docs/community.aws.aws_batch_job_definition_module.rst @@ -0,0 +1,724 @@ +.. _community.aws.aws_batch_job_definition_module: + + +************************************** +community.aws.aws_batch_job_definition +************************************** + +**Manage AWS Batch Job Definitions** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Batch Job Definitions. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + attempts + +
    + integer +
    +     		+ +
    Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + command + +
    + list + / elements=string
    +     		+ +
    The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + environment + +
    + list + / elements=dictionary
    +     		+ +
    The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run.
    +
    +
    + name + +
    + - +
    +     		+ +
    The name of the key value pair. For environment variables, this is the name of the environment variable.
    +
    +
    + value + +
    + - +
    +     		+ +
    The value of the key value pair. For environment variables, this is the value of the environment variable.
    +
    +
    + image + +
    + string + / required
    +     		+ +
    The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
    +
    +
    + job_definition_arn + +
    + string +
    +     		+ +
    The ARN for the job definition.
    +
    +
    + job_definition_name + +
    + string + / required
    +     		+ +
    The name for the job definition.
    +
    +
    + job_role_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
    +
    +
    + memory + +
    + integer + / required
    +     		+ +
    The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
    +
    +
    + mount_points + +
    + list + / elements=dictionary
    +     		+ +
    The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
    +
    +
    + containerPath + +
    + - +
    +     		+ +
    The path on the container at which to mount the host volume.
    +
    +
    + readOnly + +
    + - +
    +     		+ +
    If this value is true , the container has read-only access to the volume; otherwise, the container can write to the volume. The default value is false.
    +
    +
    + sourceVolume + +
    + - +
    +     		+ +
    The name of the volume to mount.
    +
    +
    + parameters + +
    + dictionary +
    +     		+ +
    Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
    +
    +
    + privileged + +
    + string +
    +     		+ +
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + readonly_root_filesystem + +
    + string +
    +     		+ +
    When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + type + +
    + string + / required
    +     		+ +
    The type of job definition.
    +
    +
    + ulimits + +
    + list + / elements=dictionary
    +     		+ +
    A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run.
    +
    +
    + hardLimit + +
    + - +
    +     		+ +
    The hard limit for the ulimit type.
    +
    +
    + name + +
    + - +
    +     		+ +
    The type of the ulimit.
    +
    +
    + softLimit + +
    + - +
    +     		+ +
    The soft limit for the ulimit type.
    +
    +
    + user + +
    + string +
    +     		+ +
    The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vcpus + +
    + integer + / required
    +     		+ +
    The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
    +
    +
    + volumes + +
    + list + / elements=dictionary
    +     		+ +
    A list of data volumes used in a job.
    +
    +
    + host + +
    + - +
    +     		+ +
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume, but the data is not guaranteed to persist after the containers associated with it stop running. This is a dictionary with one property, sourcePath - The path on the host container instance that is presented to the container. If this parameter is empty,then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value does not exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
    +
    +
    + name + +
    + - +
    +     		+ +
    The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: My Batch Job Definition + community.aws.aws_batch_job_definition: + job_definition_name: My Batch Job Definition + state: present + type: container + parameters: + Param1: Val1 + Param2: Val2 + image: + vcpus: 1 + memory: 512 + command: + - python + - run_my_script.py + - arg1 + job_role_arn: + attempts: 3 + register: job_definition_create_result + + - name: show results + debug: var=job_definition_create_result + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + output + +
    + dictionary +
    +     		always +
    returns what action was taken, whether something was changed, invocation and response
    +
    +
    Sample:
    +
    {'aws_batch_job_definition_action': 'none', 'changed': False, 'response': {'job_definition_arn': 'arn:aws:batch:....', 'job_definition_name': '<name>', 'status': 'INACTIVE', 'type': 'container'}}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jon Meran (@jonmer85) + + diff --git a/docs/community.aws.aws_batch_job_queue_module.rst b/docs/community.aws.aws_batch_job_queue_module.rst new file mode 100644 index 00000000000..0173794f19e --- /dev/null +++ b/docs/community.aws.aws_batch_job_queue_module.rst @@ -0,0 +1,398 @@ +.. _community.aws.aws_batch_job_queue_module: + + +********************************* +community.aws.aws_batch_job_queue +********************************* + +**Manage AWS Batch Job Queues** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Batch Job Queues. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + compute_environment_order + +
    + list + / elements=dictionary / required
    +     		+ +
    The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
    +
    +
    + compute_environment + +
    + string +
    +     		+ +
    The name of the compute environment.
    +
    +
    + order + +
    + integer +
    +     		+ +
    The relative priority of the environment.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + job_queue_name + +
    + string + / required
    +     		+ +
    The name for the job queue
    +
    +
    + job_queue_state + +
    + string +
    +     		+
      Choices: +
    • ENABLED ←
      • +
    • DISABLED
      • +
    +     		+
    The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
    +
    +
    + priority + +
    + integer + / required
    +     		+ +
    The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - hosts: localhost + gather_facts: no + vars: + state: present + tasks: + - name: My Batch Job Queue + community.aws.aws_batch_job_queue: + job_queue_name: jobQueueName + state: present + region: us-east-1 + job_queue_state: ENABLED + priority: 1 + compute_environment_order: + - order: 1 + compute_environment: my_compute_env1 + - order: 2 + compute_environment: my_compute_env2 + register: batch_job_queue_action + + - name: show results + debug: + var: batch_job_queue_action + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + output + +
    + dictionary +
    +     		always +
    returns what action was taken, whether something was changed, invocation and response
    +
    +
    Sample:
    +
    {'batch_job_queue_action': 'updated', 'changed': False, 'response': {'job_queue_arn': 'arn:aws:batch:....', 'job_queue_name': '<name>', 'priority': 1, 'state': 'DISABLED', 'status': 'UPDATING', 'status_reason': 'JobQueue Healthy'}}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jon Meran (@jonmer85) + + diff --git a/docs/community.aws.aws_codebuild_module.rst b/docs/community.aws.aws_codebuild_module.rst new file mode 100644 index 00000000000..6e1313d128b --- /dev/null +++ b/docs/community.aws.aws_codebuild_module.rst @@ -0,0 +1,1134 @@ +.. _community.aws.aws_codebuild_module: + + +*************************** +community.aws.aws_codebuild +*************************** + +**Create or delete an AWS CodeBuild project** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete a CodeBuild projects on AWS, used for building code artifacts from source code. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + artifacts + +
    + dictionary + / required
    +     		+ +
    Information about the build output artifacts for the build project.
    +
    +
    + location + +
    + - +
    +     		+ +
    Information about the build output artifact location. When choosing type S3, set the bucket name here.
    +
    +
    + name + +
    + - +
    +     		+ +
    Along with path and namespace_type, the pattern that AWS CodeBuild will use to name and store the output artifact.
    +
    +
    + namespace_type + +
    + - +
    +     		+ +
    Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts.
    +
    Accepts BUILD_ID and NONE.
    + +
    +
    + packaging + +
    + - +
    +     		+ +
    The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file.
    +
    +
    + path + +
    + - +
    +     		+ +
    Along with namespace_type and name, the pattern that AWS CodeBuild will use to name and store the output artifacts.
    +
    Used for path in S3 bucket when type is S3.
    +
    +
    + type + +
    + - + / required
    +     		+ +
    The type of build output for artifacts. Can be one of the following: CODEPIPELINE, NO_ARTIFACTS, S3.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cache + +
    + dictionary +
    +     		+ +
    Caching params to speed up following builds.
    +
    +
    + location + +
    + - + / required
    +     		+ +
    Caching location on S3.
    +
    +
    + type + +
    + - + / required
    +     		+ +
    Cache type. Can be NO_CACHE or S3.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    Descriptive text of the CodeBuild project.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + encryption_key + +
    + string +
    +     		+ +
    The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
    +
    +
    + environment + +
    + dictionary +
    +     		+ +
    Information about the build environment for the build project.
    +
    +
    + compute_type + +
    + - + / required
    +     		+ +
    Information about the compute resources the build project will use.
    +
    Available values include: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE.
    +
    +
    + environment_variables + +
    + - +
    +     		+ +
    A set of environment variables to make available to builds for the build project. List of dictionaries with name and value fields.
    +
    Example: { name: 'MY_ENV_VARIABLE', value: 'test' }
    +
    +
    + image + +
    + - + / required
    +     		+ +
    The ID of the Docker image to use for this build project.
    +
    +
    + privileged_mode + +
    + - +
    +     		+ +
    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
    +
    +
    + type + +
    + - + / required
    +     		+ +
    The type of build environment to use for the project. Usually LINUX_CONTAINER.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the CodeBuild project.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + service_role + +
    + string +
    +     		+ +
    The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
    +
    +
    + source + +
    + dictionary + / required
    +     		+ +
    Configure service and location for the build input source.
    +
    +
    + buildspec + +
    + string +
    +     		+ +
    The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
    +
    +
    + git_clone_depth + +
    + integer +
    +     		+ +
    When using git you can specify the clone depth as an integer here.
    +
    +
    + insecure_ssl + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Enable this flag to ignore SSL warnings while connecting to the project source code.
    +
    +
    + location + +
    + string +
    +     		+ +
    Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
    +
    +
    + type + +
    + string + / required
    +     		+ +
    The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove code build project.
    +
    +
    + tags + +
    + list + / elements=dictionary
    +     		+ +
    A set of tags for the build project.
    +
    +
    + key + +
    + string +
    +     		+ +
    The name of the Tag.
    +
    +
    + value + +
    + string +
    +     		+ +
    The value of the Tag.
    +
    +
    + timeout_in_minutes + +
    + integer +
    +     		+ Default:
    60
    +     		+
    How long CodeBuild should wait until timing out any build that has not been marked as completed.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_config + +
    + dictionary +
    +     		+ +
    The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
    +
    +
    + + +Notes +----- + +.. note:: + - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - community.aws.aws_codebuild: + name: my_project + description: My nice little project + service_role: "arn:aws:iam::123123:role/service-role/code-build-service-role" + source: + # Possible values: BITBUCKET, CODECOMMIT, CODEPIPELINE, GITHUB, S3 + type: CODEPIPELINE + buildspec: '' + artifacts: + namespaceType: NONE + packaging: NONE + type: CODEPIPELINE + name: my_project + environment: + computeType: BUILD_GENERAL1_SMALL + privilegedMode: "true" + image: "aws/codebuild/docker:17.09.0" + type: LINUX_CONTAINER + environmentVariables: + - { name: 'PROFILE', value: 'staging' } + encryption_key: "arn:aws:kms:us-east-1:123123:alias/aws/s3" + region: us-east-1 + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + project + +
    + complex +
    +     		success +
    Returns the dictionary describing the code project configuration.
    +
    +
      +
    + arn + +
    + string +
    +     		always +
    ARN of the CodeBuild project
    +
    +
    Sample:
    +
    arn:aws:codebuild:us-east-1:123123123:project/vod-api-app-builder
    +
      +
    + artifacts + +
    + complex +
    +     		always +
    Information about the output of build artifacts
    +
    +
       +
    + location + +
    + string +
    +     		when configured +
    Output location for build artifacts
    +
    +
       +
    + type + +
    + string +
    +     		always +
    The type of build artifact.
    +
    +
    Sample:
    +
    CODEPIPELINE
    +
      +
    + cache + +
    + dictionary +
    +     		when configured +
    Cache settings for the build project.
    +
    +
      +
    + created + +
    + string +
    +     		always +
    Timestamp of the create time of the project
    +
    +
    Sample:
    +
    2018-04-17T16:56:03.245000+02:00
    +
      +
    + description + +
    + string +
    +     		always +
    A description of the build project
    +
    +
    Sample:
    +
    My nice little project
    +
      +
    + environment + +
    + dictionary +
    +     		always +
    Environment settings for the build
    +
    +
      +
    + name + +
    + string +
    +     		always +
    Name of the CodeBuild project
    +
    +
    Sample:
    +
    my_project
    +
      +
    + service_role + +
    + string +
    +     		always +
    IAM role to be used during build to access other AWS services.
    +
    +
    Sample:
    +
    arn:aws:iam::123123123:role/codebuild-service-role
    +
      +
    + source + +
    + complex +
    +     		always +
    Information about the build input source code.
    +
    +
       +
    + auth + +
    + complex +
    +     		when configured +
    Information about the authorization settings for AWS CodeBuild to access the source code to be built.
    +
    +
       +
    + build_spec + +
    + string +
    +     		always +
    The build spec declaration to use for the builds in this build project.
    +
    +
       +
    + git_clone_depth + +
    + integer +
    +     		when configured +
    The git clone depth
    +
    +
       +
    + insecure_ssl + +
    + boolean +
    +     		when configured +
    True if set to ignore SSL warnings.
    +
    +
       +
    + location + +
    + string +
    +     		when configured +
    Location identifier, depending on the source type.
    +
    +
       +
    + type + +
    + string +
    +     		always +
    The type of the repository
    +
    +
    Sample:
    +
    CODEPIPELINE
    +
      +
    + tags + +
    + list +
    +     		when configured +
    Tags added to the project
    +
    +
      +
    + timeout_in_minutes + +
    + integer +
    +     		always +
    The timeout of a build in minutes
    +
    +
    Sample:
    +
    60
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Stefan Horning (@stefanhorning) + + diff --git a/docs/community.aws.aws_codecommit_module.rst b/docs/community.aws.aws_codecommit_module.rst new file mode 100644 index 00000000000..c58d960ff2a --- /dev/null +++ b/docs/community.aws.aws_codecommit_module.rst @@ -0,0 +1,567 @@ +.. _community.aws.aws_codecommit_module: + + +**************************** +community.aws.aws_codecommit +**************************** + +**Manage repositories in AWS CodeCommit** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Supports creation and deletion of CodeCommit repositories. +- See https://aws.amazon.com/codecommit/ for more information about CodeCommit. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    description or comment of repository.
    +

    aliases: comment
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    name of repository.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies the state of repository.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a new repository + - community.aws.aws_codecommit: + name: repo + state: present + + # Delete a repository + - community.aws.aws_codecommit: + name: repo + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + repository_metadata + +
    + complex +
    +     		always +
    Information about the repository.
    +
    +
      +
    + account_id + +
    + string +
    +     		when state is present +
    The ID of the AWS account associated with the repository.
    +
    +
    Sample:
    +
    268342293637
    +
      +
    + arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the repository.
    +
    +
    Sample:
    +
    arn:aws:codecommit:ap-northeast-1:268342293637:username
    +
      +
    + clone_url_http + +
    + string +
    +     		when state is present +
    The URL to use for cloning the repository over HTTPS.
    +
    +
    Sample:
    +
    https://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    +
      +
    + clone_url_ssh + +
    + string +
    +     		when state is present +
    The URL to use for cloning the repository over SSH.
    +
    +
    Sample:
    +
    ssh://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    +
      +
    + creation_date + +
    + string +
    +     		when state is present +
    The date and time the repository was created, in timestamp format.
    +
    +
    Sample:
    +
    2018-10-16T13:21:41.261000+09:00
    +
      +
    + last_modified_date + +
    + string +
    +     		when state is present +
    The date and time the repository was last modified, in timestamp format.
    +
    +
    Sample:
    +
    2018-10-16T13:21:41.261000+09:00
    +
      +
    + repository_description + +
    + string +
    +     		when state is present +
    A comment or description about the repository.
    +
    +
    Sample:
    +
    test from ptux
    +
      +
    + repository_id + +
    + string +
    +     		always +
    The ID of the repository that was created or deleted
    +
    +
    Sample:
    +
    e62a5c54-i879-497b-b62f-9f99e4ebfk8e
    +
      +
    + repository_name + +
    + string +
    +     		when state is present +
    The repository's name.
    +
    +
    Sample:
    +
    reponame
    +
    +
    + response_metadata + +
    + complex +
    +     		always +
    Information about the response.
    +
    +
      +
    + http_headers + +
    + dictionary +
    +     		always +
    http headers of http response
    +
    +
      +
    + http_status_code + +
    + string +
    +     		always +
    http status code of http response
    +
    +
    Sample:
    +
    200
    +
      +
    + request_id + +
    + string +
    +     		always +
    http request id
    +
    +
    Sample:
    +
    fb49cfca-d0fa-11e8-85cb-b3cc4b5045ef
    +
      +
    + retry_attempts + +
    + string +
    +     		always +
    numbers of retry attempts
    +
    +
    Sample:
    +
    0
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Shuang Wang (@ptux) + + diff --git a/docs/community.aws.aws_codepipeline_module.rst b/docs/community.aws.aws_codepipeline_module.rst new file mode 100644 index 00000000000..d43d409a3d2 --- /dev/null +++ b/docs/community.aws.aws_codepipeline_module.rst @@ -0,0 +1,628 @@ +.. _community.aws.aws_codepipeline_module: + + +****************************** +community.aws.aws_codepipeline +****************************** + +**Create or delete AWS CodePipelines** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete a CodePipeline on AWS. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + artifact_store + +
    + dictionary + / required
    +     		+ +
    Location information where artifacts are stored (on S3). Dictionary with fields type and location.
    +
    +
    + location + +
    + string +
    +     		+ +
    Bucket name for artifacts.
    +
    +
    + type + +
    + string +
    +     		+ +
    Type of the artifacts storage (only 'S3' is currently supported).
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the pipeline
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string + / required
    +     		+ +
    ARN of the IAM role to use when executing the pipeline
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + stages + +
    + list + / elements=dictionary / required
    +     		+ +
    List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
    +
    +
    + actions + +
    + list + / elements=dictionary
    +     		+ +
    List of action configurations for that stage.
    +
    See the boto3 documentation for full documentation of suboptions:
    + +
    +
    + name + +
    + string +
    +     		+ +
    Name of the stage (step) in the codepipeline
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove code pipeline
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + version + +
    + integer +
    +     		+ +
    Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
    +
    +
    + + +Notes +----- + +.. note:: + - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codepipeline.html + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) + - community.aws.aws_codepipeline: + name: my_deploy_pipeline + role_arn: arn:aws:iam::123456:role/AWS-CodePipeline-Service + artifact_store: + type: S3 + location: my_s3_codepipline_bucket + stages: + - name: Get_source + actions: + - + name: Git_pull + actionTypeId: + category: Source + owner: ThirdParty + provider: GitHub + version: '1' + outputArtifacts: + - { name: my-app-source } + configuration: + Owner: mediapeers + Repo: my_gh_repo + PollForSourceChanges: 'true' + Branch: master + # Generate token like this: + # https://docs.aws.amazon.com/codepipeline/latest/userguide/GitHub-rotate-personal-token-CLI.html + # GH Link: https://github.com/settings/tokens + OAuthToken: 'abc123def456' + runOrder: 1 + - name: Build + actions: + - + name: CodeBuild + actionTypeId: + category: Build + owner: AWS + provider: CodeBuild + version: '1' + inputArtifacts: + - { name: my-app-source } + outputArtifacts: + - { name: my-app-build } + configuration: + # A project with that name needs to be setup on AWS CodeBuild already (use code_build module). + ProjectName: codebuild-project-name + runOrder: 1 + - name: ECS_deploy + actions: + - + name: ECS_deploy + actionTypeId: + category: Deploy + owner: AWS + provider: ECS + version: '1' + inputArtifacts: + - { name: vod-api-app-build } + configuration: + # an ECS cluster with that name needs to be setup on AWS ECS already (use ecs_cluster and ecs_service module) + ClusterName: ecs-cluster-name + ServiceName: ecs-cluster-service-name + FileName: imagedefinitions.json + region: us-east-1 + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + pipeline + +
    + complex +
    +     		success +
    Returns the dictionary describing the code pipeline configuration.
    +
    +
      +
    + artifact_store + +
    + complex +
    +     		always +
    Information about where the build artifacts are stored
    +
    +
       +
    + encryption_key + +
    + string +
    +     		when configured +
    The encryption key used to encrypt the artifacts store, such as an AWS KMS key.
    +
    +
       +
    + location + +
    + string +
    +     		always +
    The location of the artifacts storage (s3 bucket name)
    +
    +
    Sample:
    +
    my_s3_codepipline_bucket
    +
       +
    + type + +
    + string +
    +     		always +
    The type of the artifacts store, such as S3
    +
    +
    Sample:
    +
    S3
    +
      +
    + name + +
    + string +
    +     		always +
    Name of the CodePipeline
    +
    +
    Sample:
    +
    my_deploy_pipeline
    +
      +
    + role_arn + +
    + string +
    +     		always +
    ARN of the IAM role attached to the code pipeline
    +
    +
    Sample:
    +
    arn:aws:iam::123123123:role/codepipeline-service-role
    +
      +
    + stages + +
    + list +
    +     		always +
    List of stages configured for this pipeline
    +
    +
      +
    + version + +
    + integer +
    +     		always +
    The version number of the pipeline. This number is auto incremented when pipeline params are changed.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Stefan Horning (@stefanhorning) + + diff --git a/docs/community.aws.aws_config_aggregation_authorization_module.rst b/docs/community.aws.aws_config_aggregation_authorization_module.rst new file mode 100644 index 00000000000..2e128d5c014 --- /dev/null +++ b/docs/community.aws.aws_config_aggregation_authorization_module.rst @@ -0,0 +1,284 @@ +.. _community.aws.aws_config_aggregation_authorization_module: + + +************************************************** +community.aws.aws_config_aggregation_authorization +************************************************** + +**Manage cross-account AWS Config authorizations** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config resources. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + authorized_account_id + +
    + string + / required
    +     		+ +
    The 12-digit account ID of the account authorized to aggregate data.
    +
    +
    + authorized_aws_region + +
    + string + / required
    +     		+ +
    The region authorized to collect aggregated data.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Get current account ID + community.aws.aws_caller_info: + register: whoami + - community.aws.aws_config_aggregation_authorization: + state: present + authorized_account_id: '{{ whoami.account }}' + authorized_aws_region: us-east-1 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + diff --git a/docs/community.aws.aws_config_aggregator_module.rst b/docs/community.aws.aws_config_aggregator_module.rst new file mode 100644 index 00000000000..8aaca905c39 --- /dev/null +++ b/docs/community.aws.aws_config_aggregator_module.rst @@ -0,0 +1,408 @@ +.. _community.aws.aws_config_aggregator_module: + + +*********************************** +community.aws.aws_config_aggregator +*********************************** + +**Manage AWS Config aggregations across multiple accounts** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config resources + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + account_sources + +
    + list + / elements=dictionary / required
    +     		+ +
    Provides a list of source accounts and regions to be aggregated.
    +
    +
    + account_ids + +
    + list + / elements=string
    +     		+ +
    A list of 12-digit account IDs of accounts being aggregated.
    +
    +
    + all_aws_regions + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    If true, aggregate existing AWS Config regions and future regions.
    +
    +
    + aws_regions + +
    + list + / elements=string
    +     		+ +
    A list of source regions being aggregated.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the AWS Config resource.
    +
    +
    + organization_source + +
    + dictionary + / required
    +     		+ +
    The region authorized to collect aggregated data.
    +
    +
    + all_aws_regions + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    If true, aggregate existing AWS Config regions and future regions.
    +
    +
    + aws_regions + +
    + list + / elements=string
    +     		+ +
    The source regions being aggregated.
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create cross-account aggregator + community.aws.aws_config_aggregator: + name: test_config_rule + state: present + account_sources: + account_ids: + - 1234567890 + - 0123456789 + - 9012345678 + all_aws_regions: yes + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + diff --git a/docs/community.aws.aws_config_delivery_channel_module.rst b/docs/community.aws.aws_config_delivery_channel_module.rst new file mode 100644 index 00000000000..ca5149c3b28 --- /dev/null +++ b/docs/community.aws.aws_config_delivery_channel_module.rst @@ -0,0 +1,336 @@ +.. _community.aws.aws_config_delivery_channel_module: + + +***************************************** +community.aws.aws_config_delivery_channel +***************************************** + +**Manage AWS Config delivery channels** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages AWS Config delivery locations for rule checks and configuration info. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delivery_frequency + +
    + string +
    +     		+
      Choices: +
    • One_Hour
      • +
    • Three_Hours
      • +
    • Six_Hours
      • +
    • Twelve_Hours
      • +
    • TwentyFour_Hours
      • +
    +     		+
    The frequency with which AWS Config delivers configuration snapshots.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the AWS Config resource.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + s3_bucket + +
    + string + / required
    +     		+ +
    The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
    +
    +
    + s3_prefix + +
    + string +
    +     		+ +
    The prefix for the specified Amazon S3 bucket.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + sns_topic_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Delivery Channel for AWS Config + community.aws.aws_config_delivery_channel: + name: test_delivery_channel + state: present + s3_bucket: 'test_aws_config_bucket' + sns_topic_arn: 'arn:aws:sns:us-east-1:123456789012:aws_config_topic:1234ab56-cdef-7g89-01hi-2jk34l5m67no' + delivery_frequency: 'Twelve_Hours' + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + diff --git a/docs/community.aws.aws_config_recorder_module.rst b/docs/community.aws.aws_config_recorder_module.rst new file mode 100644 index 00000000000..24570ab033f --- /dev/null +++ b/docs/community.aws.aws_config_recorder_module.rst @@ -0,0 +1,357 @@ +.. _community.aws.aws_config_recorder_module: + + +********************************* +community.aws.aws_config_recorder +********************************* + +**Manage AWS Config Recorders** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config configuration recorder settings. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the AWS Config resource.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + recording_group + +
    + dictionary +
    +     		+ +
    Specifies the types of AWS resources for which AWS Config records configuration changes.
    +
    Required when state=present
    +
    +
    + all_supported + +
    + - +
    +     		+ +
    Specifies whether AWS Config records configuration changes for every supported type of regional resource.
    +
    If all_supported=true, when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
    +
    If all_supported=true, you cannot enumerate a list of resource_types.
    +
    +
    + include_global_types + +
    + - +
    +     		+ +
    Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
    +
    The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
    +
    If you set include_global_types=true, you must also set all_supported=true.
    +
    If you set include_global_types=true, when AWS Config adds support for a new type of global resource, it starts recording resources of that type automatically.
    +
    +
    + resource_types + +
    + - +
    +     		+ +
    A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
    +
    Before you can set this option, you must set all_supported=false.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
    +
    Required when state=present.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Configuration Recorder for AWS Config + community.aws.aws_config_recorder: + name: test_configuration_recorder + state: present + role_arn: 'arn:aws:iam::123456789012:role/AwsConfigRecorder' + recording_group: + all_supported: true + include_global_types: true + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + diff --git a/docs/community.aws.aws_config_rule_module.rst b/docs/community.aws.aws_config_rule_module.rst new file mode 100644 index 00000000000..56e5dcdd542 --- /dev/null +++ b/docs/community.aws.aws_config_rule_module.rst @@ -0,0 +1,474 @@ +.. _community.aws.aws_config_rule_module: + + +***************************** +community.aws.aws_config_rule +***************************** + +**Manage AWS Config resources** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module manages AWS Config rules + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    The description that you provide for the AWS Config rule.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + execution_frequency + +
    + string +
    +     		+
      Choices: +
    • One_Hour
      • +
    • Three_Hours
      • +
    • Six_Hours
      • +
    • Twelve_Hours
      • +
    • TwentyFour_Hours
      • +
    +     		+
    The maximum frequency with which AWS Config runs evaluations for a rule.
    +
    +
    + input_parameters + +
    + string +
    +     		+ +
    A string, in JSON format, that is passed to the AWS Config rule Lambda function.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the AWS Config resource.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + scope + +
    + dictionary +
    +     		+ +
    Defines which resources can trigger an evaluation for the rule.
    +
    +
    + compliance_id + +
    + - +
    +     		+ +
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    +
    +
    + compliance_types + +
    + - +
    +     		+ +
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    +
    +
    + tag_key + +
    + - +
    +     		+ +
    The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
    +
    +
    + tag_value + +
    + - +
    +     		+ +
    The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for tag_value, you must also specify a value for tag_key.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + source + +
    + dictionary + / required
    +     		+ +
    Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
    +
    +
    + details + +
    + - +
    +     		+ +
    Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
    +
    This parameter expects a list of dictionaries. Each dictionary expects the following key/value pairs.
    +
    Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
    +
    Key `MessageType` The type of notification that triggers AWS Config to run an evaluation for a rule.
    +
    Key `MaximumExecutionFrequency` The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
    +
    +
    + identifier + +
    + - +
    +     		+ +
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    +
    +
    + owner + +
    + - +
    +     		+ +
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Config Rule for AWS Config + community.aws.aws_config_rule: + name: test_config_rule + state: present + description: 'This AWS Config rule checks for public write access on S3 buckets' + scope: + compliance_types: + - 'AWS::S3::Bucket' + source: + owner: AWS + identifier: 'S3_BUCKET_PUBLIC_WRITE_PROHIBITED' + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + diff --git a/docs/community.aws.aws_direct_connect_connection_module.rst b/docs/community.aws.aws_direct_connect_connection_module.rst new file mode 100644 index 00000000000..fcec8fd5e11 --- /dev/null +++ b/docs/community.aws.aws_direct_connect_connection_module.rst @@ -0,0 +1,573 @@ +.. _community.aws.aws_direct_connect_connection_module: + + +******************************************* +community.aws.aws_direct_connect_connection +******************************************* + +**Creates, deletes, modifies a DirectConnect connection** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update, or delete a Direct Connect connection between a network and a specific AWS Direct Connect location. Upon creation the connection may be added to a link aggregation group or established as a standalone connection. The connection may later be associated or disassociated with a link aggregation group. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bandwidth + +
    + string +
    +     		+
      Choices: +
    • 1Gbps
      • +
    • 10Gbps
      • +
    +     		+
    The bandwidth of the Direct Connect connection.
    +
    Required when state=present.
    +
    +
    + connection_id + +
    + string +
    +     		+ +
    The ID of the Direct Connect connection.
    +
    Modifying attributes of a connection with forced_update will result in a new Direct Connect connection ID.
    +
    One of connection_id or name must be specified.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + forced_update + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
    +
    +
    + link_aggregation_group + +
    + string +
    +     		+ +
    The ID of the link aggregation group you want to associate with the connection.
    +
    This is optional when a stand-alone connection is desired.
    +
    +
    + location + +
    + string +
    +     		+ +
    Where the Direct Connect connection is located.
    +
    Required when state=present.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the Direct Connect connection. This is required to create a new connection.
    +
    One of connection_id or name must be specified.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    The state of the Direct Connect connection.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a Direct Connect connection + - community.aws.aws_direct_connect_connection: + name: ansible-test-connection + state: present + location: EqDC2 + link_aggregation_group: dxlag-xxxxxxxx + bandwidth: 1Gbps + register: dc + + # disassociate the LAG from the connection + - community.aws.aws_direct_connect_connection: + state: present + connection_id: dc.connection.connection_id + location: EqDC2 + bandwidth: 1Gbps + + # replace the connection with one with more bandwidth + - community.aws.aws_direct_connect_connection: + state: present + name: ansible-test-connection + location: EqDC2 + bandwidth: 10Gbps + forced_update: True + + # delete the connection + - community.aws.aws_direct_connect_connection: + state: absent + name: ansible-test-connection + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + connection + +
    + complex +
    +     		state=present +
    The attributes of the direct connect connection.
    +
    +
      +
    + aws_device + +
    + string +
    +     		when the requested state is no longer 'requested' +
    The endpoint which the physical connection terminates on.
    +
    +
    Sample:
    +
    EqDC2-12pmo7hemtz1z
    +
      +
    + bandwidth + +
    + string +
    +     		always +
    The bandwidth of the connection.
    +
    +
    Sample:
    +
    1Gbps
    +
      +
    + connection_id + +
    + string +
    +     		always +
    The ID of the connection.
    +
    +
    Sample:
    +
    dxcon-ffy9ywed
    +
      +
    + connection_name + +
    + string +
    +     		always +
    The name of the connection.
    +
    +
    Sample:
    +
    ansible-test-connection
    +
      +
    + connection_state + +
    + string +
    +     		always +
    The state of the connection.
    +
    +
    Sample:
    +
    pending
    +
      +
    + loa_issue_time + +
    + string +
    +     		when the LOA-CFA has been issued (the connection state will no longer be 'requested') +
    The issue time of the connection's Letter of Authorization - Connecting Facility Assignment.
    +
    +
    Sample:
    +
    2018-03-20T17:36:26-04:00
    +
      +
    + location + +
    + string +
    +     		always +
    The location of the connection.
    +
    +
    Sample:
    +
    EqDC2
    +
      +
    + owner_account + +
    + string +
    +     		always +
    The account that owns the direct connect connection.
    +
    +
    Sample:
    +
    123456789012
    +
      +
    + region + +
    + string +
    +     		always +
    The region in which the connection exists.
    +
    +
    Sample:
    +
    us-east-1
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.aws_direct_connect_gateway_module.rst b/docs/community.aws.aws_direct_connect_gateway_module.rst new file mode 100644 index 00000000000..2281c1fb090 --- /dev/null +++ b/docs/community.aws.aws_direct_connect_gateway_module.rst @@ -0,0 +1,454 @@ +.. _community.aws.aws_direct_connect_gateway_module: + + +**************************************** +community.aws.aws_direct_connect_gateway +**************************************** + +**Manage AWS Direct Connect gateway** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS Direct Connect Gateway. +- Deletes AWS Direct Connect Gateway. +- Attaches Virtual Gateways to Direct Connect Gateway. +- Detaches Virtual Gateways to Direct Connect Gateway. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + amazon_asn + +
    + string +
    +     		+ +
    The Amazon side ASN.
    +
    Required when state=present.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + direct_connect_gateway_id + +
    + string +
    +     		+ +
    The ID of an existing Direct Connect Gateway.
    +
    Required when state=absent.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    Name of the Direct Connect Gateway to be created or deleted.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Set state=present to ensure a resource is created.
    +
    Set state=absent to remove a resource.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + virtual_gateway_id + +
    + string +
    +     		+ +
    The VPN gateway ID of an existing virtual gateway.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    320
    +     		+
    How long to wait for the association to be deleted.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new direct connect gateway attached to virtual private gateway + community.aws.aws_direct_connect_gateway: + state: present + name: my-dx-gateway + amazon_asn: 7224 + virtual_gateway_id: vpg-12345 + register: created_dxgw + + - name: Create a new unattached dxgw + community.aws.aws_direct_connect_gateway: + state: present + name: my-dx-gateway + amazon_asn: 7224 + register: created_dxgw + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + result + +
    + complex +
    +     		state=present +
    The attributes of the Direct Connect Gateway
    +
    +
      +
    + amazon_side_asn + +
    + string +
    +     		+
    ASN on the amazon side.
    +
    +
      +
    + direct_connect_gateway_id + +
    + string +
    +     		+
    The ID of the direct connect gateway.
    +
    +
      +
    + direct_connect_gateway_name + +
    + string +
    +     		+
    The name of the direct connect gateway.
    +
    +
      +
    + direct_connect_gateway_state + +
    + string +
    +     		+
    The state of the direct connect gateway.
    +
    +
      +
    + owner_account + +
    + string +
    +     		+
    The AWS account ID of the owner of the direct connect gateway.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Gobin Sougrakpam (@gobins) + + diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst new file mode 100644 index 00000000000..ce309c8e9b9 --- /dev/null +++ b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst @@ -0,0 +1,642 @@ +.. _community.aws.aws_direct_connect_link_aggregation_group_module: + + +******************************************************* +community.aws.aws_direct_connect_link_aggregation_group +******************************************************* + +**Manage Direct Connect LAG bundles** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, delete, or modify a Direct Connect link aggregation group. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bandwidth + +
    + string +
    +     		+ +
    The bandwidth of the link aggregation group.
    +
    +
    + connection_id + +
    + string +
    +     		+ +
    A connection ID to link with the link aggregation group upon creation.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delete_with_disassociation + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    To be used with state=absent to delete connections after disassociating them with the LAG.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + force_delete + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
    +
    +
    + link_aggregation_group_id + +
    + string +
    +     		+ +
    The ID of the Direct Connect link aggregation group.
    +
    +
    + location + +
    + string +
    +     		+ +
    The location of the link aggregation group.
    +
    +
    + min_links + +
    + integer +
    +     		+ +
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the Direct Connect link aggregation group.
    +
    +
    + num_connections + +
    + integer +
    +     		+ +
    The number of connections with which to initialize the link aggregation group.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    The state of the Direct Connect link aggregation group.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the operation to complete.
    +
    May be useful when waiting for virtual interfaces to be deleted.
    +
    The time to wait can be controlled by setting wait_timeout.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    120
    +     		+
    The duration in seconds to wait if wait=true.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a Direct Connect connection + - community.aws.aws_direct_connect_link_aggregation_group: + state: present + location: EqDC2 + lag_id: dxlag-xxxxxxxx + bandwidth: 1Gbps + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + aws_device + +
    + string +
    +     		when state=present +
    The AWS Direct Connection endpoint that hosts the LAG.
    +
    +
    Sample:
    +
    EqSe2-1bwfvazist2k0
    +
    +
    + changed + +
    + string +
    +     		always +
    Whether or not the LAG has changed.
    +
    +
    +
    + connections + +
    + list +
    +     		when state=present +
    A list of connections bundled by this LAG.
    +
    +
    Sample:
    +
    {'connections': [{'aws_device': 'EqSe2-1bwfvazist2k0', 'bandwidth': '1Gbps', 'connection_id': 'dxcon-fgzjah5a', 'connection_name': 'Requested Connection 1 for Lag dxlag-fgtoh97h', 'connection_state': 'down', 'lag_id': 'dxlag-fgnsp4rq', 'location': 'EqSe2', 'owner_account': '448830907657', 'region': 'us-west-2'}]}
    +
    +
    + connections_bandwidth + +
    + string +
    +     		when state=present +
    The individual bandwidth of the physical connections bundled by the LAG.
    +
    +
    Sample:
    +
    1Gbps
    +
    +
    + lag_id + +
    + string +
    +     		when state=present +
    Unique identifier for the link aggregation group.
    +
    +
    Sample:
    +
    dxlag-fgnsp4rq
    +
    +
    + lag_name + +
    + string +
    +     		when state=present +
    User-provided name for the link aggregation group.
    +
    +
    +
    + lag_state + +
    + string +
    +     		when state=present +
    State of the LAG.
    +
    +
    Sample:
    +
    pending
    +
    +
    + location + +
    + string +
    +     		when state=present +
    Where the connection is located.
    +
    +
    Sample:
    +
    EqSe2
    +
    +
    + minimum_links + +
    + integer +
    +     		when state=present +
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    +
    +
    +
    + number_of_connections + +
    + integer +
    +     		when state=present +
    The number of physical connections bundled by the LAG.
    +
    +
    +
    + owner_account + +
    + string +
    +     		when state=present +
    Owner account ID of the LAG.
    +
    +
    +
    + region + +
    + string +
    +     		when state=present +
    The region in which the LAG exists.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst new file mode 100644 index 00000000000..be650a3a736 --- /dev/null +++ b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst @@ -0,0 +1,907 @@ +.. _community.aws.aws_direct_connect_virtual_interface_module: + + +************************************************** +community.aws.aws_direct_connect_virtual_interface +************************************************** + +**Manage Direct Connect virtual interfaces** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, delete, or modify a Direct Connect public or private virtual interface. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + address_type + +
    + string +
    +     		+ +
    The type of IP address for the BGP peer.
    +
    +
    + amazon_address + +
    + string +
    +     		+ +
    The amazon address CIDR with which to create the virtual interface.
    +
    +
    + authentication_key + +
    + string +
    +     		+ +
    The authentication key for BGP configuration.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bgp_asn + +
    + integer +
    +     		+ Default:
    65000
    +     		+
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    +
    +
    + cidr + +
    + list + / elements=string
    +     		+ +
    A list of route filter prefix CIDRs with which to create the public virtual interface.
    +
    +
    + customer_address + +
    + string +
    +     		+ +
    The customer address CIDR with which to create the virtual interface.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + id_to_associate + +
    + string + / required
    +     		+ +
    The ID of the link aggregation group or connection to associate with the virtual interface.
    +

    aliases: link_aggregation_group_id, connection_id
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the virtual interface.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + public + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The type of virtual interface.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    The desired state of the Direct Connect virtual interface.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + virtual_gateway_id + +
    + string +
    +     		+ +
    The virtual gateway ID required for creating a private virtual interface.
    +
    +
    + virtual_interface_id + +
    + string +
    +     		+ +
    The virtual interface ID.
    +
    +
    + vlan + +
    + integer +
    +     		+ Default:
    100
    +     		+
    The VLAN ID.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + - name: create an association between a LAG and connection + community.aws.aws_direct_connect_virtual_interface: + state: present + name: "{{ name }}" + link_aggregation_group_id: LAG-XXXXXXXX + connection_id: dxcon-XXXXXXXX + + - name: remove an association between a connection and virtual interface + community.aws.aws_direct_connect_virtual_interface: + state: absent + connection_id: dxcon-XXXXXXXX + virtual_interface_id: dxv-XXXXXXXX + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + address_family + +
    + string +
    +     		always +
    The address family for the BGP peer.
    +
    +
    Sample:
    +
    ipv4
    +
    +
    + amazon_address + +
    + string +
    +     		always +
    IP address assigned to the Amazon interface.
    +
    +
    Sample:
    +
    169.254.255.1/30
    +
    +
    + asn + +
    + integer +
    +     		always +
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    +
    +
    Sample:
    +
    65000
    +
    +
    + auth_key + +
    + string +
    +     		always +
    The authentication key for BGP configuration.
    +
    +
    Sample:
    +
    0xZ59Y1JZ2oDOSh6YriIlyRE
    +
    +
    + bgp_peers + +
    + complex +
    +     		always +
    A list of the BGP peers configured on this virtual interface.
    +
    +
      +
    + address_family + +
    + string +
    +     		always +
    The address family for the BGP peer.
    +
    +
    Sample:
    +
    ipv4
    +
      +
    + amazon_address + +
    + string +
    +     		always +
    IP address assigned to the Amazon interface.
    +
    +
    Sample:
    +
    169.254.255.1/30
    +
      +
    + asn + +
    + integer +
    +     		always +
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    +
    +
    Sample:
    +
    65000
    +
      +
    + auth_key + +
    + string +
    +     		always +
    The authentication key for BGP configuration.
    +
    +
    Sample:
    +
    0xZ59Y1JZ2oDOSh6YriIlyRE
    +
      +
    + bgp_peer_state + +
    + string +
    +     		always +
    The state of the BGP peer (verifying, pending, available)
    +
    +
    Sample:
    +
    available
    +
      +
    + bgp_status + +
    + string +
    +     		always +
    The up/down state of the BGP peer.
    +
    +
    Sample:
    +
    up
    +
      +
    + customer_address + +
    + string +
    +     		always +
    IP address assigned to the customer interface.
    +
    +
    Sample:
    +
    169.254.255.2/30
    +
    +
    + changed + +
    + boolean +
    +     		always +
    Indicated if the virtual interface has been created/modified/deleted
    +
    +
    +
    + connection_id + +
    + string +
    +     		always +
    The ID of the connection. This field is also used as the ID type for operations that use multiple connection types (LAG, interconnect, and/or connection).
    +
    +
    Sample:
    +
    dxcon-fgb175av
    +
    +
    + customer_address + +
    + string +
    +     		always +
    IP address assigned to the customer interface.
    +
    +
    Sample:
    +
    169.254.255.2/30
    +
    +
    + customer_router_config + +
    + string +
    +     		always +
    Information for generating the customer router configuration.
    +
    +
    +
    + location + +
    + string +
    +     		always +
    Where the connection is located.
    +
    +
    Sample:
    +
    EqDC2
    +
    +
    + owner_account + +
    + string +
    +     		always +
    The AWS account that will own the new virtual interface.
    +
    +
    Sample:
    +
    123456789012
    +
    +
    + route_filter_prefixes + +
    + complex +
    +     		always +
    A list of routes to be advertised to the AWS network in this region (public virtual interface).
    +
    +
      +
    + cidr + +
    + string +
    +     		always +
    A routes to be advertised to the AWS network in this region.
    +
    +
    Sample:
    +
    54.227.92.216/30
    +
    +
    + virtual_gateway_id + +
    + string +
    +     		when public=False +
    The ID of the virtual private gateway to a VPC. This only applies to private virtual interfaces.
    +
    +
    Sample:
    +
    vgw-f3ce259a
    +
    +
    + virtual_interface_id + +
    + string +
    +     		always +
    The ID of the virtual interface.
    +
    +
    Sample:
    +
    dxvif-fh0w7cex
    +
    +
    + virtual_interface_name + +
    + string +
    +     		always +
    The name of the virtual interface assigned by the customer.
    +
    +
    Sample:
    +
    test_virtual_interface
    +
    +
    + virtual_interface_state + +
    + string +
    +     		always +
    State of the virtual interface (confirming, verifying, pending, available, down, rejected).
    +
    +
    Sample:
    +
    available
    +
    +
    + virtual_interface_type + +
    + string +
    +     		always +
    The type of virtual interface (private, public).
    +
    +
    Sample:
    +
    private
    +
    +
    + vlan + +
    + integer +
    +     		always +
    The VLAN ID.
    +
    +
    Sample:
    +
    100
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.aws_eks_cluster_module.rst b/docs/community.aws.aws_eks_cluster_module.rst new file mode 100644 index 00000000000..d6eb39c06c9 --- /dev/null +++ b/docs/community.aws.aws_eks_cluster_module.rst @@ -0,0 +1,612 @@ +.. _community.aws.aws_eks_cluster_module: + + +***************************** +community.aws.aws_eks_cluster +***************************** + +**Manage Elastic Kubernetes Service Clusters** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage Elastic Kubernetes Service Clusters + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of EKS cluster
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    ARN of IAM role used by the EKS cluster
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    list of security group names or IDs
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    desired state of the EKS cluster
    +
    +
    + subnets + +
    + list + / elements=string
    +     		+ +
    list of subnet IDs for the Kubernetes cluster
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + version + +
    + string +
    +     		+ +
    Kubernetes version - defaults to latest
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether the module waits until the cluster is active or deleted before moving on. It takes "usually less than 10 minutes" per AWS documentation.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    1200
    +     		+
    The duration in seconds to wait for the cluster to become active. Defaults to 1200 seconds (20 minutes).
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create an EKS cluster + community.aws.aws_eks_cluster: + name: my_cluster + version: 1.14 + role_arn: my_eks_role + subnets: + - subnet-aaaa1111 + security_groups: + - my_eks_sg + - sg-abcd1234 + register: caller_facts + + - name: Remove an EKS cluster + community.aws.aws_eks_cluster: + name: my_cluster + wait: yes + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + arn + +
    + string +
    +     		when state is present +
    ARN of the EKS cluster
    +
    +
    Sample:
    +
    arn:aws:eks:us-west-2:111111111111:cluster/my-eks-cluster
    +
    +
    + certificate_authority + +
    + complex +
    +     		after creation +
    Dictionary containing Certificate Authority Data for cluster
    +
    +
      +
    + data + +
    + string +
    +     		when the cluster has been created and is active +
    Base-64 encoded Certificate Authority Data for cluster
    +
    +
    +
    + created_at + +
    + string +
    +     		when state is present +
    Cluster creation date and time
    +
    +
    Sample:
    +
    2018-06-06T11:56:56.242000+00:00
    +
    +
    + endpoint + +
    + string +
    +     		when the cluster has been created and is active +
    Kubernetes API server endpoint
    +
    +
    Sample:
    +
    https://API_SERVER_ENDPOINT.yl4.us-west-2.eks.amazonaws.com
    +
    +
    + name + +
    + string +
    +     		when state is present +
    EKS cluster name
    +
    +
    Sample:
    +
    my-eks-cluster
    +
    +
    + resources_vpc_config + +
    + complex +
    +     		when state is present +
    VPC configuration of the cluster
    +
    +
      +
    + security_group_ids + +
    + list +
    +     		always +
    List of security group IDs
    +
    +
    Sample:
    +
    ['sg-abcd1234', 'sg-aaaa1111']
    +
      +
    + subnet_ids + +
    + list +
    +     		always +
    List of subnet IDs
    +
    +
    Sample:
    +
    ['subnet-abcdef12', 'subnet-345678ab', 'subnet-cdef1234']
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    VPC id
    +
    +
    Sample:
    +
    vpc-a1b2c3d4
    +
    +
    + role_arn + +
    + string +
    +     		when state is present +
    ARN of the IAM role used by the cluster
    +
    +
    Sample:
    +
    arn:aws:iam::111111111111:role/aws_eks_cluster_role
    +
    +
    + status + +
    + string +
    +     		when state is present +
    status of the EKS cluster
    +
    +
    Sample:
    +
    ['CREATING', 'ACTIVE']
    +
    +
    + version + +
    + string +
    +     		when state is present +
    Kubernetes version of the cluster
    +
    +
    Sample:
    +
    1.10
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + diff --git a/docs/community.aws.aws_elasticbeanstalk_app_module.rst b/docs/community.aws.aws_elasticbeanstalk_app_module.rst new file mode 100644 index 00000000000..f912ecc7cd1 --- /dev/null +++ b/docs/community.aws.aws_elasticbeanstalk_app_module.rst @@ -0,0 +1,356 @@ +.. _community.aws.aws_elasticbeanstalk_app_module: + + +************************************** +community.aws.aws_elasticbeanstalk_app +************************************** + +**Create, update, and delete an elastic beanstalk application** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, updates, deletes beanstalk applications if app_name is provided. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + app_name + +
    + string +
    +     		+ +
    Name of the beanstalk application you wish to manage.
    +

    aliases: name
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    The description of the application.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    Whether to ensure the application is present or absent.
    +
    +
    + terminate_by_force + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When terminate_by_force=true, running environments will be terminated before deleting the application.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create or update an application + - community.aws.aws_elasticbeanstalk_app: + app_name: Sample_App + description: "Hello World App" + state: present + + # Delete application + - community.aws.aws_elasticbeanstalk_app: + app_name: Sample_App + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + app + +
    + dictionary +
    +     		always +
    Beanstalk application.
    +
    +
    Sample:
    +
    {'ApplicationName': 'app-name', 'ConfigurationTemplates': [], 'DateCreated': '2016-12-28T14:50:03.185000+00:00', 'DateUpdated': '2016-12-28T14:50:03.185000+00:00', 'Description': 'description', 'Versions': ['1.0.0', '1.0.1']}
    +
    +
    + output + +
    + string +
    +     		in check mode +
    Message indicating what change will occur.
    +
    +
    Sample:
    +
    App is up-to-date
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Harpreet Singh (@hsingh) +- Stephen Granger (@viper233) + + diff --git a/docs/community.aws.aws_glue_connection_module.rst b/docs/community.aws.aws_glue_connection_module.rst new file mode 100644 index 00000000000..e679965bd0d --- /dev/null +++ b/docs/community.aws.aws_glue_connection_module.rst @@ -0,0 +1,536 @@ +.. _community.aws.aws_glue_connection_module: + + +********************************* +community.aws.aws_glue_connection +********************************* + +**Manage an AWS Glue connection** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Glue connection. See https://aws.amazon.com/glue/ for details. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + catalog_id + +
    + string +
    +     		+ +
    The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.
    +
    +
    + connection_properties + +
    + dictionary +
    +     		+ +
    A dict of key-value pairs used as parameters for this connection.
    +
    Required when state=present.
    +
    +
    + connection_type + +
    + string +
    +     		+
      Choices: +
    • JDBC ←
      • +
    • SFTP
      • +
    +     		+
    The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    The description of the connection.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + match_criteria + +
    + list + / elements=string
    +     		+ +
    A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the connection.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    A list of security groups to be used by the connection. Use either security group name or ID.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or delete the AWS Glue connection.
    +
    +
    + subnet_id + +
    + string +
    +     		+ +
    The subnet ID used by the connection.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an AWS Glue connection + - community.aws.aws_glue_connection: + name: my-glue-connection + connection_properties: + JDBC_CONNECTION_URL: jdbc:mysql://mydb:3306/databasename + USERNAME: my-username + PASSWORD: my-password + state: present + + # Delete an AWS Glue connection + - community.aws.aws_glue_connection: + name: my-glue-connection + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + connection_properties + +
    + dictionary +
    +     		when state is present +
    A dict of key-value pairs used as parameters for this connection.
    +
    +
    Sample:
    +
    {'JDBC_CONNECTION_URL': 'jdbc:mysql://mydb:3306/databasename', 'USERNAME': 'x', 'PASSWORD': 'y'}
    +
    +
    + connection_type + +
    + string +
    +     		when state is present +
    The type of the connection.
    +
    +
    Sample:
    +
    JDBC
    +
    +
    + creation_time + +
    + string +
    +     		when state is present +
    The time this connection definition was created.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    +
    +
    + description + +
    + string +
    +     		when state is present +
    Description of the job being defined.
    +
    +
    Sample:
    +
    My first Glue job
    +
    +
    + last_updated_time + +
    + string +
    +     		when state is present +
    The last time this connection definition was updated.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    +
    +
    + match_criteria + +
    + list +
    +     		when state is present +
    A list of criteria that can be used in selecting this connection.
    +
    +
    +
    + name + +
    + string +
    +     		when state is present +
    The name of the connection definition.
    +
    +
    Sample:
    +
    my-glue-connection
    +
    +
    + physical_connection_requirements + +
    + dictionary +
    +     		when state is present +
    A dict of physical connection requirements, such as VPC and SecurityGroup, needed for making this connection successfully.
    +
    +
    Sample:
    +
    {'subnet-id': 'subnet-aabbccddee'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.aws_glue_job_module.rst b/docs/community.aws.aws_glue_job_module.rst new file mode 100644 index 00000000000..8a5a4c4870b --- /dev/null +++ b/docs/community.aws.aws_glue_job_module.rst @@ -0,0 +1,716 @@ +.. _community.aws.aws_glue_job_module: + + +************************** +community.aws.aws_glue_job +************************** + +**Manage an AWS Glue job** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Glue job. See https://aws.amazon.com/glue/ for details. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + allocated_capacity + +
    + integer +
    +     		+ +
    The number of AWS Glue data processing units (DPUs) to allocate to this Job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + command_name + +
    + string +
    +     		+ Default:
    "glueetl"
    +     		+
    The name of the job command. This must be 'glueetl'.
    +
    +
    + command_script_location + +
    + string +
    +     		+ +
    The S3 path to a script that executes a job.
    +
    Required when state=present.
    +
    +
    + connections + +
    + list + / elements=string
    +     		+ +
    A list of Glue connections used for this job.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + default_arguments + +
    + dictionary +
    +     		+ +
    A dict of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.
    +
    +
    + description + +
    + string +
    +     		+ +
    Description of the job being defined.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + max_concurrent_runs + +
    + integer +
    +     		+ +
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    +
    +
    + max_retries + +
    + integer +
    +     		+ +
    The maximum number of times to retry this job if it fails.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name you assign to this job definition. It must be unique in your account.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role + +
    + string +
    +     		+ +
    The name or ARN of the IAM role associated with this job.
    +
    Required when state=present.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or delete the AWS Glue job.
    +
    +
    + timeout + +
    + integer +
    +     		+ +
    The job timeout in minutes.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an AWS Glue job + - community.aws.aws_glue_job: + command_script_location: s3bucket/script.py + name: my-glue-job + role: my-iam-role + state: present + + # Delete an AWS Glue job + - community.aws.aws_glue_job: + name: my-glue-job + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + allocated_capacity + +
    + integer +
    +     		when state is present +
    The number of AWS Glue data processing units (DPUs) allocated to runs of this job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    +
    +
    Sample:
    +
    10
    +
    +
    + command + +
    + complex +
    +     		when state is present +
    The JobCommand that executes this job.
    +
    +
      +
    + name + +
    + string +
    +     		when state is present +
    The name of the job command.
    +
    +
    Sample:
    +
    glueetl
    +
      +
    + script_location + +
    + string +
    +     		when state is present +
    Specifies the S3 path to a script that executes a job.
    +
    +
    Sample:
    +
    mybucket/myscript.py
    +
    +
    + connections + +
    + dictionary +
    +     		when state is present +
    The connections used for this job.
    +
    +
    Sample:
    +
    { Connections: [ 'list', 'of', 'connections' ] }
    +
    +
    + created_on + +
    + string +
    +     		when state is present +
    The time and date that this job definition was created.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    +
    +
    + default_arguments + +
    + dictionary +
    +     		when state is present +
    The default arguments for this job, specified as name-value pairs.
    +
    +
    Sample:
    +
    { 'mykey1': 'myvalue1' }
    +
    +
    + description + +
    + string +
    +     		when state is present +
    Description of the job being defined.
    +
    +
    Sample:
    +
    My first Glue job
    +
    +
    + execution_property + +
    + complex +
    +     		always +
    An ExecutionProperty specifying the maximum number of concurrent runs allowed for this job.
    +
    +
      +
    + max_concurrent_runs + +
    + integer +
    +     		when state is present +
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    +
    +
    Sample:
    +
    1
    +
    +
    + job_name + +
    + string +
    +     		always +
    The name of the AWS Glue job.
    +
    +
    Sample:
    +
    my-glue-job
    +
    +
    + last_modified_on + +
    + string +
    +     		when state is present +
    The last point in time when this job definition was modified.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    +
    +
    + max_retries + +
    + integer +
    +     		when state is present +
    The maximum number of times to retry this job after a JobRun fails.
    +
    +
    Sample:
    +
    5
    +
    +
    + name + +
    + string +
    +     		when state is present +
    The name assigned to this job definition.
    +
    +
    Sample:
    +
    my-glue-job
    +
    +
    + role + +
    + string +
    +     		when state is present +
    The name or ARN of the IAM role associated with this job.
    +
    +
    Sample:
    +
    my-iam-role
    +
    +
    + timeout + +
    + integer +
    +     		when state is present +
    The job timeout in minutes.
    +
    +
    Sample:
    +
    300
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.aws_inspector_target_module.rst b/docs/community.aws.aws_inspector_target_module.rst new file mode 100644 index 00000000000..4ebc10da0c7 --- /dev/null +++ b/docs/community.aws.aws_inspector_target_module.rst @@ -0,0 +1,412 @@ +.. _community.aws.aws_inspector_target_module: + + +********************************** +community.aws.aws_inspector_target +********************************** + +**Create, Update and Delete Amazon Inspector Assessment Targets** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, updates, or deletes Amazon Inspector Assessment Targets and manages the required Resource Groups. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The user-defined name that identifies the assessment target. The name must be unique within the AWS account.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    The state of the assessment target.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Tags of the EC2 instances to be added to the assessment target.
    +
    Required if state=present.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create my_target Assessment Target + community.aws.aws_inspector_target: + name: my_target + tags: + role: scan_target + + - name: Update Existing my_target Assessment Target with Additional Tags + community.aws.aws_inspector_target: + name: my_target + tags: + env: dev + role: scan_target + + - name: Delete my_target Assessment Target + community.aws.aws_inspector_target: + name: my_target + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + arn + +
    + string +
    +     		success +
    The ARN that specifies the Amazon Inspector assessment target.
    +
    +
    Sample:
    +
    arn:aws:inspector:eu-west-1:123456789012:target/0-O4LnL7n1
    +
    +
    + created_at + +
    + string +
    +     		success +
    The time at which the assessment target was created.
    +
    +
    Sample:
    +
    2018-01-29T13:48:51.958000+00:00
    +
    +
    + name + +
    + string +
    +     		success +
    The name of the Amazon Inspector assessment target.
    +
    +
    Sample:
    +
    my_target
    +
    +
    + resource_group_arn + +
    + string +
    +     		success +
    The ARN that specifies the resource group that is associated with the assessment target.
    +
    +
    Sample:
    +
    arn:aws:inspector:eu-west-1:123456789012:resourcegroup/0-qY4gDel8
    +
    +
    + tags + +
    + list +
    +     		success +
    The tags of the resource group that is associated with the assessment target.
    +
    +
    Sample:
    +
    {'role': 'scan_target', 'env': 'dev'}
    +
    +
    + updated_at + +
    + string +
    +     		success +
    The time at which the assessment target was last updated.
    +
    +
    Sample:
    +
    2018-01-29T13:48:51.958000+00:00
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Dennis Conrad (@dennisconrad) + + diff --git a/docs/community.aws.aws_kms_info_module.rst b/docs/community.aws.aws_kms_info_module.rst new file mode 100644 index 00000000000..dfd111a404b --- /dev/null +++ b/docs/community.aws.aws_kms_info_module.rst @@ -0,0 +1,724 @@ +.. _community.aws.aws_kms_info_module: + + +************************** +community.aws.aws_kms_info +************************** + +**Gather information about AWS KMS keys** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about AWS KMS keys including tags and grants +- This module was called ``aws_kms_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (tag-key, tag-value and tag:tagName) are available, as are key-id and alias
    +
    +
    + pending_deletion + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to get full details (tags, grants etc.) of keys pending deletion
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all KMS keys + - community.aws.aws_kms_info: + + # Gather information about all keys with a Name tag + - community.aws.aws_kms_info: + filters: + tag-key: Name + + # Gather information about all keys with a specific name + - community.aws.aws_kms_info: + filters: + "tag:Name": Example + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + keys + +
    + complex +
    +     		always +
    list of keys
    +
    +
      +
    + aliases + +
    + list +
    +     		always +
    list of aliases associated with the key
    +
    +
    Sample:
    +
    ['aws/acm', 'aws/ebs']
    +
      +
    + aws_account_id + +
    + string +
    +     		always +
    The AWS Account ID that the key belongs to
    +
    +
    Sample:
    +
    1234567890123
    +
      +
    + creation_date + +
    + string +
    +     		always +
    Date of creation of the key
    +
    +
    Sample:
    +
    2017-04-18T15:12:08.551000+10:00
    +
      +
    + description + +
    + string +
    +     		always +
    Description of the key
    +
    +
    Sample:
    +
    My Key for Protecting important stuff
    +
      +
    + enable_key_rotation + +
    + boolean +
    +     		always +
    Whether the automatically key rotation every year is enabled.
    +
    +
      +
    + enabled + +
    + string +
    +     		always +
    Whether the key is enabled. True if KeyState is true.
    +
    +
      +
    + grants + +
    + complex +
    +     		always +
    list of grants associated with a key
    +
    +
       +
    + constraints + +
    + dictionary +
    +     		always +
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    +
    +
    Sample:
    +
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    +
       +
    + creation_date + +
    + string +
    +     		always +
    Date of creation of the grant
    +
    +
    Sample:
    +
    2017-04-18T15:12:08+10:00
    +
       +
    + grant_id + +
    + string +
    +     		always +
    The unique ID for the grant
    +
    +
    Sample:
    +
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    +
       +
    + grantee_principal + +
    + string +
    +     		always +
    The principal that receives the grant's permissions
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    +
       +
    + issuing_account + +
    + string +
    +     		always +
    The AWS account under which the grant was issued
    +
    +
    Sample:
    +
    arn:aws:iam::01234567890:root
    +
       +
    + key_id + +
    + string +
    +     		always +
    The key ARN to which the grant applies.
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    +
       +
    + name + +
    + string +
    +     		always +
    The friendly name that identifies the grant
    +
    +
    Sample:
    +
    xyz
    +
       +
    + operations + +
    + list +
    +     		always +
    The list of operations permitted by the grant
    +
    +
    Sample:
    +
    ['Decrypt', 'RetireGrant']
    +
       +
    + retiring_principal + +
    + string +
    +     		always +
    The principal that can retire the grant
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    +
      +
    + key_arn + +
    + string +
    +     		always +
    ARN of key
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    +
      +
    + key_id + +
    + string +
    +     		always +
    ID of key
    +
    +
    Sample:
    +
    abcd1234-abcd-1234-5678-ef1234567890
    +
      +
    + key_state + +
    + string +
    +     		always +
    The state of the key
    +
    +
    Sample:
    +
    PendingDeletion
    +
      +
    + key_usage + +
    + string +
    +     		always +
    The cryptographic operations for which you can use the key.
    +
    +
    Sample:
    +
    ENCRYPT_DECRYPT
    +
      +
    + origin + +
    + string +
    +     		always +
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    +
    +
    Sample:
    +
    AWS_KMS
    +
      +
    + policies + +
    + list +
    +     		always +
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    +
    +
    Sample:
    +
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    dictionary of tags applied to the key. Empty when access is denied even if there are tags.
    +
    +
    Sample:
    +
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + diff --git a/docs/community.aws.aws_kms_module.rst b/docs/community.aws.aws_kms_module.rst new file mode 100644 index 00000000000..e308878fd56 --- /dev/null +++ b/docs/community.aws.aws_kms_module.rst @@ -0,0 +1,1085 @@ +.. _community.aws.aws_kms_module: + + +********************* +community.aws.aws_kms +********************* + +**Perform various KMS management tasks.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage role/user access to a KMS key. Not designed for encrypting/decrypting. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + alias + +
    + string +
    +     		+ +
    An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use community.aws.aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.
    +

    aliases: key_alias
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + enable_key_rotation + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the key should be automatically rotated every year.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not a key is enabled
    +
    +
    + grants + +
    + list + / elements=dictionary
    +     		+ +
    A list of grants to apply to the key. Each item must contain grantee_principal. Each item can optionally contain retiring_principal, operations, constraints, name.
    +
    grantee_principal and retiring_principal must be ARNs
    +
    For full documentation of suboptions see the boto3 documentation:
    + +
    +
    + constraints + +
    + dictionary +
    +     		+ +
    Constraints is a dict containing encryption_context_subset or encryption_context_equals, either or both being a dict specifying an encryption context match. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html or https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant
    +
    +
    + grantee_principal + +
    + string + / required
    +     		+ +
    The full ARN of the principal being granted permissions.
    +
    +
    + operations + +
    + list + / elements=string
    +     		+
      Choices: +
    • Decrypt
      • +
    • Encrypt
      • +
    • GenerateDataKey
      • +
    • GenerateDataKeyWithoutPlaintext
      • +
    • ReEncryptFrom
      • +
    • ReEncryptTo
      • +
    • CreateGrant
      • +
    • RetireGrant
      • +
    • DescribeKey
      • +
    • Verify
      • +
    • Sign
      • +
    +     		+
    A list of operations that the grantee may perform using the CMK.
    +
    +
    + retiring_principal + +
    + string +
    +     		+ +
    The full ARN of the principal permitted to revoke/retire the grant.
    +
    +
    + key_id + +
    + string +
    +     		+ +
    Key ID or ARN of the key.
    +
    One of alias or key_id are required.
    +

    aliases: key_arn
    +
    +
    + policy + +
    + json +
    +     		+ +
    policy to apply to the KMS key.
    + +
    +
    + policy_clean_invalid_entries + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    (deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
    +
    Only cleans if changes are being made.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: clean_invalid_entries
    +
    +
    + policy_grant_types + +
    + list + / elements=string
    +     		+ +
    (deprecated) List of grants to give to user/role. Likely "role,role grant" or "role,role grant,admin".
    +
    Required when policy_mode=grant.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: grant_types
    +
    +
    + policy_mode + +
    + string +
    +     		+
      Choices: +
    • grant ←
      • +
    • deny
      • +
    +     		+
    (deprecated) Grant or deny access.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: mode
    +
    +
    + policy_role_arn + +
    + string +
    +     		+ +
    (deprecated) ARN of role to allow/deny access.
    +
    One of policy_role_name or policy_role_arn are required.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: role_arn
    +
    +
    + policy_role_name + +
    + string +
    +     		+ +
    (deprecated) Role to allow/deny access.
    +
    One of policy_role_name or policy_role_arn are required.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: role_name
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_grants + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the grants argument should cause grants not in the list to be removed
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the tags argument should cause tags not in the list to be removed
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether a key should be present or absent. Note that making an existing key absent only schedules a key for deletion. Passing a key that is scheduled for deletion with state present will cancel key deletion.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of tags to apply to a key.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile + # and has been deprecated in favour of the policy option. + - name: grant user-style access to production secrets + community.aws.aws_kms: + args: + alias: "alias/my_production_secrets" + policy_mode: grant + policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" + policy_grant_types: "role,role grant" + - name: remove access to production secrets from role + community.aws.aws_kms: + args: + alias: "alias/my_production_secrets" + policy_mode: deny + policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" + + # Create a new KMS key + - community.aws.aws_kms: + alias: mykey + tags: + Name: myKey + Purpose: protect_stuff + + # Update previous key with more tags + - community.aws.aws_kms: + alias: mykey + tags: + Name: myKey + Purpose: protect_stuff + Owner: security_team + + # Update a known key with grants allowing an instance with the billing-prod IAM profile + # to decrypt data encrypted with the environment: production, application: billing + # encryption context + - community.aws.aws_kms: + key_id: abcd1234-abcd-1234-5678-ef1234567890 + grants: + - name: billing_prod + grantee_principal: arn:aws:iam::1234567890123:role/billing_prod + constraints: + encryption_context_equals: + environment: production + application: billing + operations: + - Decrypt + - RetireGrant + + - name: Update IAM policy on an existing KMS key + community.aws.aws_kms: + alias: my-kms-key + policy: '{"Version": "2012-10-17", "Id": "my-kms-key-permissions", "Statement": [ { } ]}' + state: present + + - name: Example using lookup for policy json + community.aws.aws_kms: + alias: my-kms-key + policy: "{{ lookup('template', 'kms_iam_policy_template.json.j2') }}" + state: present + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + aliases + +
    + list +
    +     		always +
    list of aliases associated with the key
    +
    +
    Sample:
    +
    ['aws/acm', 'aws/ebs']
    +
    +
    + aws_account_id + +
    + string +
    +     		always +
    The AWS Account ID that the key belongs to
    +
    +
    Sample:
    +
    1234567890123
    +
    +
    + changes_needed + +
    + dictionary +
    +     		always +
    grant types that would be changed/were changed.
    +
    +
    Sample:
    +
    {'role': 'add', 'role grant': 'add'}
    +
    +
    + creation_date + +
    + string +
    +     		always +
    Date of creation of the key
    +
    +
    Sample:
    +
    2017-04-18T15:12:08.551000+10:00
    +
    +
    + description + +
    + string +
    +     		always +
    Description of the key
    +
    +
    Sample:
    +
    My Key for Protecting important stuff
    +
    +
    + enabled + +
    + string +
    +     		always +
    Whether the key is enabled. True if KeyState is true.
    +
    +
    +
    + grants + +
    + complex +
    +     		always +
    list of grants associated with a key
    +
    +
      +
    + constraints + +
    + dictionary +
    +     		always +
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    +
    +
    Sample:
    +
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    +
      +
    + creation_date + +
    + string +
    +     		always +
    Date of creation of the grant
    +
    +
    Sample:
    +
    2017-04-18T15:12:08+10:00
    +
      +
    + grant_id + +
    + string +
    +     		always +
    The unique ID for the grant
    +
    +
    Sample:
    +
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    +
      +
    + grantee_principal + +
    + string +
    +     		always +
    The principal that receives the grant's permissions
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    +
      +
    + issuing_account + +
    + string +
    +     		always +
    The AWS account under which the grant was issued
    +
    +
    Sample:
    +
    arn:aws:iam::01234567890:root
    +
      +
    + key_id + +
    + string +
    +     		always +
    The key ARN to which the grant applies.
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    +
      +
    + name + +
    + string +
    +     		always +
    The friendly name that identifies the grant
    +
    +
    Sample:
    +
    xyz
    +
      +
    + operations + +
    + list +
    +     		always +
    The list of operations permitted by the grant
    +
    +
    Sample:
    +
    ['Decrypt', 'RetireGrant']
    +
      +
    + retiring_principal + +
    + string +
    +     		always +
    The principal that can retire the grant
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    +
    +
    + had_invalid_entries + +
    + boolean +
    +     		always +
    there are invalid (non-ARN) entries in the KMS entry. These don't count as a change, but will be removed if any changes are being made.
    +
    +
    +
    + key_arn + +
    + string +
    +     		always +
    ARN of key
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    +
    +
    + key_id + +
    + string +
    +     		always +
    ID of key
    +
    +
    Sample:
    +
    abcd1234-abcd-1234-5678-ef1234567890
    +
    +
    + key_state + +
    + string +
    +     		always +
    The state of the key
    +
    +
    Sample:
    +
    PendingDeletion
    +
    +
    + key_usage + +
    + string +
    +     		always +
    The cryptographic operations for which you can use the key.
    +
    +
    Sample:
    +
    ENCRYPT_DECRYPT
    +
    +
    + origin + +
    + string +
    +     		always +
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    +
    +
    Sample:
    +
    AWS_KMS
    +
    +
    + policies + +
    + list +
    +     		always +
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    +
    +
    Sample:
    +
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    +
    +
    + tags + +
    + dictionary +
    +     		always +
    dictionary of tags applied to the key
    +
    +
    Sample:
    +
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ted Timmons (@tedder) +- Will Thames (@willthames) +- Mark Chappell (@tremble) + + diff --git a/docs/community.aws.aws_region_info_module.rst b/docs/community.aws.aws_region_info_module.rst new file mode 100644 index 00000000000..0b64ff2eb9e --- /dev/null +++ b/docs/community.aws.aws_region_info_module.rst @@ -0,0 +1,286 @@ +.. _community.aws.aws_region_info_module: + + +***************************** +community.aws.aws_region_info +***************************** + +**Gather information about AWS regions.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about AWS regions. +- This module was called ``aws_region_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all regions + - community.aws.aws_region_info: + + # Gather information about a single region + - community.aws.aws_region_info: + filters: + region-name: eu-west-1 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + regions + +
    + list +
    +     		on success +
    Regions that match the provided filters. Each element consists of a dict with all the information related to that region.
    +
    +
    Sample:
    +
    [{ 'endpoint': 'ec2.us-west-1.amazonaws.com', 'region_name': 'us-west-1' }]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Henrique Rodrigues (@Sodki) + + diff --git a/docs/community.aws.aws_s3_bucket_info_module.rst b/docs/community.aws.aws_s3_bucket_info_module.rst new file mode 100644 index 00000000000..33a71bf5035 --- /dev/null +++ b/docs/community.aws.aws_s3_bucket_info_module.rst @@ -0,0 +1,271 @@ +.. _community.aws.aws_s3_bucket_info_module: + + +******************************** +community.aws.aws_s3_bucket_info +******************************** + +**Lists S3 buckets in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Lists S3 buckets in AWS +- This module was called ``aws_s3_bucket_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.aws_s3_bucket_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.4.4 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Note: Only AWS S3 is currently supported + + # Lists all s3 buckets + - community.aws.aws_s3_bucket_info: + register: result + + - name: List buckets + debug: + msg: "{{ result['buckets'] }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + buckets + +
    + list +
    +     		always +
    List of buckets
    +
    +
    Sample:
    +
    [{'creation_date': '2017-07-06 15:05:12 +00:00', 'name': 'my_bucket'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Gerben Geijteman (@hyperized) + + diff --git a/docs/community.aws.aws_s3_cors_module.rst b/docs/community.aws.aws_s3_cors_module.rst new file mode 100644 index 00000000000..317bfbd5157 --- /dev/null +++ b/docs/community.aws.aws_s3_cors_module.rst @@ -0,0 +1,364 @@ +.. _community.aws.aws_s3_cors_module: + + +************************* +community.aws.aws_s3_cors +************************* + +**Manage CORS for S3 buckets in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage CORS for S3 buckets in AWS + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the s3 bucket
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + rules + +
    + list +
    +     		+ +
    Cors rules to put on the s3 bucket
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or remove cors on the s3 bucket
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create a simple cors for s3 bucket + - community.aws.aws_s3_cors: + name: mys3bucket + state: present + rules: + - allowed_origins: + - http://www.example.com/ + allowed_methods: + - GET + - POST + allowed_headers: + - Authorization + expose_headers: + - x-amz-server-side-encryption + - x-amz-request-id + max_age_seconds: 30000 + + # Remove cors for s3 bucket + - community.aws.aws_s3_cors: + name: mys3bucket + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    check to see if a change was made to the rules
    +
    +
    Sample:
    +
    True
    +
    +
    + name + +
    + string +
    +     		always +
    name of bucket
    +
    +
    Sample:
    +
    bucket-name
    +
    +
    + rules + +
    + list +
    +     		always +
    list of current rules
    +
    +
    Sample:
    +
    [{'allowed_headers': ['Authorization'], 'allowed_methods': ['GET'], 'allowed_origins': ['*'], 'max_age_seconds': 30000}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Oyvind Saltvik (@fivethreeo) + + diff --git a/docs/community.aws.aws_secret_module.rst b/docs/community.aws.aws_secret_module.rst new file mode 100644 index 00000000000..3cacd552a63 --- /dev/null +++ b/docs/community.aws.aws_secret_module.rst @@ -0,0 +1,541 @@ +.. _community.aws.aws_secret_module: + + +************************ +community.aws.aws_secret +************************ + +**Manage secrets stored in AWS Secrets Manager.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update, and delete secrets stored in AWS Secrets Manager. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore>=1.10.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    Specifies a user-provided description of the secret.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Friendly name for the secret you are creating.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + recovery_window + +
    + integer +
    +     		+ Default:
    30
    +     		+
    Only used if state is absent.
    +
    Specifies the number of days that Secrets Manager waits before it can delete the secret.
    +
    If set to 0, the deletion is forced without recovery.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + rotation_interval + +
    + integer +
    +     		+ Default:
    30
    +     		+
    Specifies the number of days between automatic scheduled rotations of the secret.
    +
    +
    + rotation_lambda + +
    + string +
    +     		+ +
    Specifies the ARN of the Lambda function that can rotate the secret.
    +
    +
    + secret + +
    + string +
    +     		+ Default:
    ""
    +     		+
    Specifies string or binary data that you want to encrypt and store in the new version of the secret.
    +
    +
    + secret_type + +
    + string +
    +     		+
      Choices: +
    • binary
      • +
    • string ←
      • +
    +     		+
    Specifies the type of data that you want to encrypt.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the secret should be exist or not.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Specifies a list of user-defined tags that are attached to the secret.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Add string to AWS Secrets Manager + community.aws.aws_secret: + name: 'test_secret_string' + state: present + secret_type: 'string' + secret: "{{ super_secret_string }}" + + - name: remove string from AWS Secrets Manager + community.aws.aws_secret: + name: 'test_secret_string' + state: absent + secret_type: 'string' + secret: "{{ super_secret_string }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + secret + +
    + complex +
    +     		always +
    The secret information
    +
    +
      +
    + arn + +
    + string +
    +     		always +
    The ARN of the secret
    +
    +
    Sample:
    +
    arn:aws:secretsmanager:eu-west-1:xxxxxxxxxx:secret:xxxxxxxxxxx
    +
      +
    + last_accessed_date + +
    + string +
    +     		always +
    The date the secret was last accessed
    +
    +
    Sample:
    +
    2018-11-20T01:00:00+01:00
    +
      +
    + last_changed_date + +
    + string +
    +     		always +
    The date the secret was last modified.
    +
    +
    Sample:
    +
    2018-11-20T12:16:38.433000+01:00
    +
      +
    + name + +
    + string +
    +     		always +
    The secret name.
    +
    +
    Sample:
    +
    my_secret
    +
      +
    + rotation_enabled + +
    + boolean +
    +     		always +
    The secret rotation status.
    +
    +
      +
    + version_ids_to_stages + +
    + dictionary +
    +     		always +
    Provide the secret version ids and the associated secret stage.
    +
    +
    Sample:
    +
    {'dc1ed59b-6d8e-4450-8b41-536dfe4600a9': ['AWSCURRENT']}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- REY Remi (@rrey) + + diff --git a/docs/community.aws.aws_ses_identity_module.rst b/docs/community.aws.aws_ses_identity_module.rst new file mode 100644 index 00000000000..23d2cad13f2 --- /dev/null +++ b/docs/community.aws.aws_ses_identity_module.rst @@ -0,0 +1,738 @@ +.. _community.aws.aws_ses_identity_module: + + +****************************** +community.aws.aws_ses_identity +****************************** + +**Manages SES email and domain identity** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the user to manage verified email and domain identity for SES. +- This covers verifying and removing identities as well as setting up complaint, bounce and delivery notification settings. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bounce_notifications + +
    + dictionary +
    +     		+ +
    Setup the SNS topic used to report bounce notifications.
    +
    If omitted, bounce notifications will not be delivered to a SNS topic.
    +
    If bounce notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    +
    +
    + include_headers + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to include headers when delivering to the SNS topic.
    +
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    +
    +
    + topic + +
    + - +
    +     		+ +
    The ARN of the topic to send notifications to.
    +
    If omitted, notifications will not be delivered to a SNS topic.
    +
    +
    + complaint_notifications + +
    + dictionary +
    +     		+ +
    Setup the SNS topic used to report complaint notifications.
    +
    If omitted, complaint notifications will not be delivered to a SNS topic.
    +
    If complaint notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    +
    +
    + include_headers + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to include headers when delivering to the SNS topic.
    +
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    +
    +
    + topic + +
    + - +
    +     		+ +
    The ARN of the topic to send notifications to.
    +
    If omitted, notifications will not be delivered to a SNS topic.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delivery_notifications + +
    + dictionary +
    +     		+ +
    Setup the SNS topic used to report delivery notifications.
    +
    If omitted, delivery notifications will not be delivered to a SNS topic.
    +
    +
    + include_headers + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to include headers when delivering to the SNS topic.
    +
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    +
    +
    + topic + +
    + - +
    +     		+ +
    The ARN of the topic to send notifications to.
    +
    If omitted, notifications will not be delivered to a SNS topic.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + feedback_forwarding + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to enable feedback forwarding.
    +
    This can only be false if both bounce_notifications and complaint_notifications specify SNS topics.
    +
    +
    + identity + +
    + string + / required
    +     		+ +
    This is the email address or domain to verify / delete.
    +
    If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create(or update) or delete the identity.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Ensure example@example.com email identity exists + community.aws.aws_ses_identity: + identity: example@example.com + state: present + + - name: Delete example@example.com email identity + community.aws.aws_ses_identity: + email: example@example.com + state: absent + + - name: Ensure example.com domain identity exists + community.aws.aws_ses_identity: + identity: example.com + state: present + + # Create an SNS topic and send bounce and complaint notifications to it + # instead of emailing the identity owner + - name: Ensure complaints-topic exists + community.aws.sns_topic: + name: "complaints-topic" + state: present + purge_subscriptions: False + register: topic_info + + - name: Deliver feedback to topic instead of owner email + community.aws.aws_ses_identity: + identity: example@example.com + state: present + complaint_notifications: + topic: "{{ topic_info.sns_arn }}" + include_headers: True + bounce_notifications: + topic: "{{ topic_info.sns_arn }}" + include_headers: False + feedback_forwarding: False + + # Create an SNS topic for delivery notifications and leave complaints + # Being forwarded to the identity owner email + - name: Ensure delivery-notifications-topic exists + community.aws.sns_topic: + name: "delivery-notifications-topic" + state: present + purge_subscriptions: False + register: topic_info + + - name: Delivery notifications to topic + community.aws.aws_ses_identity: + identity: example@example.com + state: present + delivery_notifications: + topic: "{{ topic_info.sns_arn }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + identity + +
    + string +
    +     		success +
    The identity being modified.
    +
    +
    Sample:
    +
    example@example.com
    +
    +
    + identity_arn + +
    + string +
    +     		success +
    The arn of the identity being modified.
    +
    +
    Sample:
    +
    arn:aws:ses:us-east-1:12345678:identity/example@example.com
    +
    +
    + notification_attributes + +
    + complex +
    +     		success +
    The notification setup for the identity.
    +
    +
    Sample:
    +
    {'bounce_topic': 'arn:aws:sns:....', 'complaint_topic': 'arn:aws:sns:....', 'delivery_topic': 'arn:aws:sns:....', 'forwarding_enabled': False, 'headers_in_bounce_notifications_enabled': True, 'headers_in_complaint_notifications_enabled': True, 'headers_in_delivery_notifications_enabled': True}
    +
      +
    + bounce_topic + +
    + string +
    +     		+
    The ARN of the topic bounce notifications are delivered to.
    +
    Omitted if bounce notifications are not delivered to a topic.
    +
    +
      +
    + complaint_topic + +
    + string +
    +     		+
    The ARN of the topic complaint notifications are delivered to.
    +
    Omitted if complaint notifications are not delivered to a topic.
    +
    +
      +
    + delivery_topic + +
    + string +
    +     		+
    The ARN of the topic delivery notifications are delivered to.
    +
    Omitted if delivery notifications are not delivered to a topic.
    +
    +
      +
    + forwarding_enabled + +
    + boolean +
    +     		+
    Whether or not feedback forwarding is enabled.
    +
    +
      +
    + headers_in_bounce_notifications_enabled + +
    + boolean +
    +     		+
    Whether or not headers are included in messages delivered to the bounce topic.
    +
    +
      +
    + headers_in_complaint_notifications_enabled + +
    + boolean +
    +     		+
    Whether or not headers are included in messages delivered to the complaint topic.
    +
    +
      +
    + headers_in_delivery_notifications_enabled + +
    + boolean +
    +     		+
    Whether or not headers are included in messages delivered to the delivery topic.
    +
    +
    +
    + verification_attributes + +
    + complex +
    +     		success +
    The verification information for the identity.
    +
    +
    Sample:
    +
    {'verification_status': 'Pending', 'verification_token': '....'}
    +
      +
    + verification_status + +
    + string +
    +     		+
    The verification status of the identity.
    +
    +
    Sample:
    +
    Pending
    +
      +
    + verification_token + +
    + string +
    +     		+
    The verification token for a domain identity.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ed Costello (@orthanc) + + diff --git a/docs/community.aws.aws_ses_identity_policy_module.rst b/docs/community.aws.aws_ses_identity_policy_module.rst new file mode 100644 index 00000000000..042a9fd97d8 --- /dev/null +++ b/docs/community.aws.aws_ses_identity_policy_module.rst @@ -0,0 +1,354 @@ +.. _community.aws.aws_ses_identity_policy_module: + + +************************************* +community.aws.aws_ses_identity_policy +************************************* + +**Manages SES sending authorization policies** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the user to manage sending authorization policies associated with an SES identity (email or domain). +- SES authorization sending policies can be used to control what actors are able to send email on behalf of the validated identity and what conditions must be met by the sent emails. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + identity + +
    + string + / required
    +     		+ +
    The SES identity to attach or remove a policy from. This can be either the full ARN or just + the verified email or domain.
    +
    +
    + policy + +
    + json +
    +     		+ +
    A properly formatted JSON sending authorization policy. Required when state=present.
    +
    +
    + policy_name + +
    + string + / required
    +     		+ +
    The name used to identify the policy within the scope of the identity it's attached to.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create(or update) or delete the authorization policy on the identity.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: add sending authorization policy to domain identity + community.aws.aws_ses_identity_policy: + identity: example.com + policy_name: ExamplePolicy + policy: "{{ lookup('template', 'policy.json.j2') }}" + state: present + + - name: add sending authorization policy to email identity + community.aws.aws_ses_identity_policy: + identity: example@example.com + policy_name: ExamplePolicy + policy: "{{ lookup('template', 'policy.json.j2') }}" + state: present + + - name: add sending authorization policy to identity using ARN + community.aws.aws_ses_identity_policy: + identity: "arn:aws:ses:us-east-1:12345678:identity/example.com" + policy_name: ExamplePolicy + policy: "{{ lookup('template', 'policy.json.j2') }}" + state: present + + - name: remove sending authorization policy + community.aws.aws_ses_identity_policy: + identity: example.com + policy_name: ExamplePolicy + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + policies + +
    + list +
    +     		success +
    A list of all policies present on the identity after the operation.
    +
    +
    Sample:
    +
    ['ExamplePolicy']
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ed Costello (@orthanc) + + diff --git a/docs/community.aws.aws_ses_rule_set_module.rst b/docs/community.aws.aws_ses_rule_set_module.rst new file mode 100644 index 00000000000..cfc2787d270 --- /dev/null +++ b/docs/community.aws.aws_ses_rule_set_module.rst @@ -0,0 +1,383 @@ +.. _community.aws.aws_ses_rule_set_module: + + +****************************** +community.aws.aws_ses_rule_set +****************************** + +**Manages SES inbound receipt rule sets** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The :ref:`community.aws.aws_ses_rule_set ` module allows you to create, delete, and manage SES receipt rule sets + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + active + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not this rule set should be the active rule set. Only has an impact if state is present.
    +
    If omitted, the active rule set will not be changed.
    +
    If True then this rule set will be made active and all others inactive.
    +
    if False then this rule set will be deactivated. Be careful with this as you can end up with no active rule set.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + force + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When deleting a rule set, deactivate it first (AWS prevents deletion of the active rule set).
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the receipt rule set.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    Whether to create (or update) or destroy the receipt rule set.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + --- + - name: Create default rule set and activate it if not already + community.aws.aws_ses_rule_set: + name: default-rule-set + state: present + active: yes + + - name: Create some arbitrary rule set but do not activate it + community.aws.aws_ses_rule_set: + name: arbitrary-rule-set + state: present + + - name: Explicitly deactivate the default rule set leaving no active rule set + community.aws.aws_ses_rule_set: + name: default-rule-set + state: present + active: no + + - name: Remove an arbitrary inactive rule set + community.aws.aws_ses_rule_set: + name: arbitrary-rule-set + state: absent + + - name: Remove an ruleset even if we have to first deactivate it to remove it + community.aws.aws_ses_rule_set: + name: default-rule-set + state: absent + force: yes + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + active + +
    + boolean +
    +     		success if state is present +
    if the SES rule set is active
    +
    +
    Sample:
    +
    True
    +
    +
    + rule_sets + +
    + list +
    +     		success +
    The list of SES receipt rule sets that exist after any changes.
    +
    +
    Sample:
    +
    [{'created_timestamp': '2018-02-25T01:20:32.690000+00:00', 'name': 'default-rule-set'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ben Tomasik (@tomislacker) +- Ed Costello (@orthanc) + + diff --git a/docs/community.aws.aws_sgw_info_module.rst b/docs/community.aws.aws_sgw_info_module.rst new file mode 100644 index 00000000000..c3bdc5d002f --- /dev/null +++ b/docs/community.aws.aws_sgw_info_module.rst @@ -0,0 +1,731 @@ +.. _community.aws.aws_sgw_info_module: + + +************************** +community.aws.aws_sgw_info +************************** + +**Fetch AWS Storage Gateway information** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Fetch AWS Storage Gateway information +- This module was called ``aws_sgw_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + gather_file_shares + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather file share information for storage gateways in s3 mode.
    +
    +
    + gather_local_disks + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather local disks attached to the storage gateway.
    +
    +
    + gather_tapes + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather tape information for storage gateways in tape mode.
    +
    +
    + gather_volumes + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather volume information for storage gateways in iSCSI (cached & stored) modes.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: "Get AWS storage gateway information" + community.aws.aws_sgw_info: + + - name: "Get AWS storage gateway information for region eu-west-3" + community.aws.aws_sgw_info: + region: eu-west-3 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + gateways + +
    + complex +
    +     		always +
    list of gateway objects
    +
    +
      +
    + file_shares + +
    + complex +
    +     		when gateway_type == "FILE_S3" +
    Storage gateway file shares
    +
    +
       +
    + file_share_arn + +
    + string +
    +     		always +
    File share ARN
    +
    +
    Sample:
    +
    arn:aws:storagegateway:eu-west-1:399805793479:share/share-AF999C88
    +
       +
    + file_share_id + +
    + string +
    +     		always +
    File share ID
    +
    +
    Sample:
    +
    share-AF999C88
    +
       +
    + file_share_status + +
    + string +
    +     		always +
    File share status
    +
    +
    Sample:
    +
    AVAILABLE
    +
      +
    + gateway_arn + +
    + string +
    +     		always +
    Storage Gateway ARN
    +
    +
    Sample:
    +
    arn:aws:storagegateway:eu-west-1:367709993819:gateway/sgw-9999F888
    +
      +
    + gateway_id + +
    + string +
    +     		always +
    Storage Gateway ID
    +
    +
    Sample:
    +
    sgw-9999F888
    +
      +
    + gateway_name + +
    + string +
    +     		always +
    Storage Gateway friendly name
    +
    +
    Sample:
    +
    my-sgw-01
    +
      +
    + gateway_operational_state + +
    + string +
    +     		always +
    Storage Gateway operational state
    +
    +
    Sample:
    +
    ACTIVE
    +
      +
    + gateway_type + +
    + string +
    +     		always +
    Storage Gateway type
    +
    +
    Sample:
    +
    FILE_S3
    +
      +
    + local_disks + +
    + complex +
    +     		always +
    Storage gateway local disks
    +
    +
       +
    + disk_allocation_type + +
    + string +
    +     		always +
    Disk allocation type
    +
    +
    Sample:
    +
    CACHE STORAGE
    +
       +
    + disk_id + +
    + string +
    +     		always +
    Disk ID on the system
    +
    +
    Sample:
    +
    pci-0000:00:1f.0
    +
       +
    + disk_node + +
    + string +
    +     		always +
    Disk parent block device
    +
    +
    Sample:
    +
    /dev/sdb
    +
       +
    + disk_path + +
    + string +
    +     		always +
    Disk path used for the cache
    +
    +
    Sample:
    +
    /dev/nvme1n1
    +
       +
    + disk_size_in_bytes + +
    + integer +
    +     		always +
    Disk size in bytes
    +
    +
    Sample:
    +
    107374182400
    +
       +
    + disk_status + +
    + string +
    +     		always +
    Disk status
    +
    +
    Sample:
    +
    present
    +
      +
    + tapes + +
    + complex +
    +     		when gateway_type == "VTL" +
    Storage Gateway tapes
    +
    +
       +
    + tape_arn + +
    + string +
    +     		always +
    Tape ARN
    +
    +
    Sample:
    +
    arn:aws:storagegateway:eu-west-1:399805793479:tape/tape-AF999C88
    +
       +
    + tape_barcode + +
    + string +
    +     		always +
    Tape ARN
    +
    +
    Sample:
    +
    tape-AF999C88
    +
       +
    + tape_size_in_bytes + +
    + integer +
    +     		always +
    Tape ARN
    +
    +
    Sample:
    +
    555887569
    +
       +
    + tape_status + +
    + string +
    +     		always +
    Tape ARN
    +
    +
    Sample:
    +
    AVAILABLE
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Loic Blot (@nerzhul) + + diff --git a/docs/community.aws.aws_ssm_connection.rst b/docs/community.aws.aws_ssm_connection.rst new file mode 100644 index 00000000000..0b49d10c44f --- /dev/null +++ b/docs/community.aws.aws_ssm_connection.rst @@ -0,0 +1,275 @@ +.. _community.aws.aws_ssm_connection: + + +********************* +community.aws.aws_ssm +********************* + +**execute via AWS Systems Manager** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This connection plugin allows ansible to execute tasks on an EC2 instance via the aws ssm CLI. + + + +Requirements +------------ +The below requirements are needed on the local master node that executes this connection. + +- The remote EC2 instance must be running the AWS Systems Manager Agent (SSM Agent). +- The control machine must have the aws session manager plugin installed. +- The remote EC2 linux instance must have the curl installed. + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsConfigurationComments
    +
    + bucket_name + +
    + - +
    +     		+ +
    var: ansible_aws_ssm_bucket_name
    +     		+
    The name of the S3 bucket used for file transfers.
    +
    +
    + instance_id + +
    + - +
    +     		+ +
    var: ansible_aws_ssm_instance_id
    +     		+
    The EC2 instance ID.
    +
    +
    + plugin + +
    + - +
    +     		+ Default:
    "/usr/local/bin/session-manager-plugin"
    +     		+
    var: ansible_aws_ssm_plugin
    +     		+
    This defines the location of the session-manager-plugin binary.
    +
    +
    + region + +
    + - +
    +     		+ Default:
    "us-east-1"
    +     		+
    var: ansible_aws_ssm_region
    +     		+
    The region the EC2 instance is located.
    +
    +
    + retries + +
    + integer +
    +     		+ Default:
    3
    +     		+
    var: ansible_aws_ssm_retries
    +     		+
    Number of attempts to connect.
    +
    +
    + timeout + +
    + integer +
    +     		+ Default:
    60
    +     		+
    var: ansible_aws_ssm_timeout
    +     		+
    Connection timeout seconds.
    +
    +
    + + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # Stop Spooler Process on Windows Instances + - name: Stop Spooler Service on Windows Instances + vars: + ansible_connection: aws_ssm + ansible_shell_type: powershell + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: Stop spooler service + win_service: + name: spooler + state: stopped + + # Install a Nginx Package on Linux Instance + - name: Install a Nginx Package + vars: + ansible_connection: aws_ssm + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-west-2 + tasks: + - name: Install a Nginx Package + yum: + name: nginx + state: present + + # Create a directory in Windows Instances + - name: Create a directory in Windows Instance + vars: + ansible_connection: aws_ssm + ansible_shell_type: powershell + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: Create a Directory + win_file: + path: C:\Windows\temp + state: directory + + # Making use of Dynamic Inventory Plugin + # ======================================= + # aws_ec2.yml (Dynamic Inventory - Linux) + # This will return the Instance IDs matching the filter + #plugin: aws_ec2 + #regions: + # - us-east-1 + #hostnames: + # - instance-id + #filters: + # tag:SSMTag: ssmlinux + # ----------------------- + - name: install aws-cli + hosts: all + gather_facts: false + vars: + ansible_connection: aws_ssm + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: aws-cli + raw: yum install -y awscli + tags: aws-cli + # Execution: ansible-playbook linux.yaml -i aws_ec2.yml + # The playbook tasks will get executed on the instance ids returned from the dynamic inventory plugin using ssm connection. + # ===================================================== + # aws_ec2.yml (Dynamic Inventory - Windows) + #plugin: aws_ec2 + #regions: + # - us-east-1 + #hostnames: + # - instance-id + #filters: + # tag:SSMTag: ssmwindows + # ----------------------- + - name: Create a dir. + hosts: all + gather_facts: false + vars: + ansible_connection: aws_ssm + ansible_shell_type: powershell + ansible_aws_ssm_bucket_name: nameofthebucket + ansible_aws_ssm_region: us-east-1 + tasks: + - name: Create the directory + win_file: + path: C:\Temp\SSM_Testing5 + state: directory + # Execution: ansible-playbook win_file.yaml -i aws_ec2.yml + # The playbook tasks will get executed on the instance ids returned from the dynamic inventory plugin using ssm connection. + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Pat Sharkey (@psharkey) +- HanumanthaRao MVL (@hanumantharaomvl) +- Gaurav Ashtikar (@gau1991 ) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ssm_parameter_store_module.rst b/docs/community.aws.aws_ssm_parameter_store_module.rst new file mode 100644 index 00000000000..11ce603445f --- /dev/null +++ b/docs/community.aws.aws_ssm_parameter_store_module.rst @@ -0,0 +1,453 @@ +.. _community.aws.aws_ssm_parameter_store_module: + + +************************************* +community.aws.aws_ssm_parameter_store +************************************* + +**Manage key-value pairs in aws parameter store.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage key-value pairs in aws parameter store. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + decryption + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Work with SecureString type to get plain text secrets
    +
    +
    + description + +
    + string +
    +     		+ +
    Parameter key description.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + key_id + +
    + string +
    +     		+ Default:
    "alias/aws/ssm"
    +     		+
    AWS KMS key to decrypt the secrets.
    +
    The default key (alias/aws/ssm) is automatically generated the first time it's requested.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Parameter key name.
    +
    +
    + overwrite_value + +
    + string +
    +     		+
      Choices: +
    • never
      • +
    • changed ←
      • +
    • always
      • +
    +     		+
    Option to overwrite an existing value if it already exists.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Creates or modifies an existing parameter.
    +
    Deletes a parameter.
    +
    +
    + string_type + +
    + string +
    +     		+
      Choices: +
    • String ←
      • +
    • StringList
      • +
    • SecureString
      • +
    +     		+
    Parameter String type.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + value + +
    + string +
    +     		+ +
    Parameter value.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create or update key/value pair in aws parameter store + community.aws.aws_ssm_parameter_store: + name: "Hello" + description: "This is your first key" + value: "World" + + - name: Delete the key + community.aws.aws_ssm_parameter_store: + name: "Hello" + state: absent + + - name: Create or update secure key/value pair with default kms key (aws/ssm) + community.aws.aws_ssm_parameter_store: + name: "Hello" + description: "This is your first key" + string_type: "SecureString" + value: "World" + + - name: Create or update secure key/value pair with nominated kms key + community.aws.aws_ssm_parameter_store: + name: "Hello" + description: "This is your first key" + string_type: "SecureString" + key_id: "alias/demo" + value: "World" + + - name: Always update a parameter store value and create a new version + community.aws.aws_ssm_parameter_store: + name: "overwrite_example" + description: "This example will always overwrite the value" + string_type: "String" + value: "Test1234" + overwrite_value: "always" + + - name: recommend to use with aws_ssm lookup plugin + debug: + msg: "{{ lookup('amazon.aws.aws_ssm', 'hello') }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + delete_parameter + +
    + dictionary +
    +     		success +
    Delete a parameter from the system.
    +
    +
    +
    + put_parameter + +
    + dictionary +
    +     		success +
    Add one or more parameters to the system.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Nathan Webster (@nathanwebsterdotme) +- Bill Wang (@ozbillwang) +- Michael De La Rue (@mikedlr) + + diff --git a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst new file mode 100644 index 00000000000..05c37eeceeb --- /dev/null +++ b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst @@ -0,0 +1,416 @@ +.. _community.aws.aws_step_functions_state_machine_execution_module: + + +******************************************************** +community.aws.aws_step_functions_state_machine_execution +******************************************************** + +**Start or stop execution of an AWS Step Functions state machine.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Start or stop execution of a state machine in AWS Step Functions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + action + +
    + string +
    +     		+
      Choices: +
    • start ←
      • +
    • stop
      • +
    +     		+
    Desired action (start or stop) for a state machine execution.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cause + +
    + string +
    +     		+ Default:
    ""
    +     		+
    A detailed explanation of the cause for stopping the execution.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + error + +
    + string +
    +     		+ Default:
    ""
    +     		+
    The error code of the failure to pass in when stopping the execution.
    +
    +
    + execution_arn + +
    + string +
    +     		+ +
    The ARN of the execution you wish to stop.
    +
    +
    + execution_input + +
    + json +
    +     		+ Default:
    {}
    +     		+
    The JSON input data for the execution.
    +
    +
    + name + +
    + string +
    +     		+ +
    Name of the execution.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state_machine_arn + +
    + string +
    +     		+ +
    The ARN of the state machine that will be executed.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Start an execution of a state machine + community.aws.aws_step_functions_state_machine_execution: + name: an_execution_name + execution_input: '{ "IsHelloWorldExample": true }' + state_machine_arn: "arn:aws:states:us-west-2:682285639423:stateMachine:HelloWorldStateMachine" + + - name: Stop an execution of a state machine + community.aws.aws_step_functions_state_machine_execution: + action: stop + execution_arn: "arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8" + cause: "cause of task failure" + error: "error code of the failure" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + execution_arn + +
    + string +
    +     		if action == start and changed == True +
    ARN of the AWS Step Functions state machine execution.
    +
    +
    Sample:
    +
    arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8
    +
    +
    + start_date + +
    + string +
    +     		if action == start and changed == True +
    The date the execution is started.
    +
    +
    Sample:
    +
    2019-11-02T22:39:49.071000-07:00
    +
    +
    + stop_date + +
    + string +
    +     		if action == stop +
    The date the execution is stopped.
    +
    +
    Sample:
    +
    2019-11-02T22:39:49.071000-07:00
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Prasad Katti (@prasadkatti) + + diff --git a/docs/community.aws.aws_step_functions_state_machine_module.rst b/docs/community.aws.aws_step_functions_state_machine_module.rst new file mode 100644 index 00000000000..2d328f29b1a --- /dev/null +++ b/docs/community.aws.aws_step_functions_state_machine_module.rst @@ -0,0 +1,380 @@ +.. _community.aws.aws_step_functions_state_machine_module: + + +********************************************** +community.aws.aws_step_functions_state_machine +********************************************** + +**Manage AWS Step Functions state machines** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update and delete state machines in AWS Step Functions. +- Calling the module in ``state=present`` for an existing AWS Step Functions state machine will attempt to update the state machine definition, IAM Role, or tags with the provided data. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + definition + +
    + json +
    +     		+ +
    The Amazon States Language definition of the state machine. See https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information on the Amazon States Language.
    +
    This parameter is required when state=present.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the state machine
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    The ARN of the IAM Role that will be used by the state machine for its executions.
    +
    This parameter is required when state=present.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Desired state for the state machine
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A hash/dictionary of tags to add to the new state machine or to add/remove from an existing one.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a new AWS Step Functions state machine + - name: Setup HelloWorld state machine + community.aws.aws_step_functions_state_machine: + name: "HelloWorldStateMachine" + definition: "{{ lookup('file','state_machine.json') }}" + role_arn: arn:aws:iam::987654321012:role/service-role/invokeLambdaStepFunctionsRole + tags: + project: helloWorld + + # Update an existing state machine + - name: Change IAM Role and tags of HelloWorld state machine + community.aws.aws_step_functions_state_machine: + name: HelloWorldStateMachine + definition: "{{ lookup('file','state_machine.json') }}" + role_arn: arn:aws:iam::987654321012:role/service-role/anotherStepFunctionsRole + tags: + otherTag: aDifferentTag + + # Remove the AWS Step Functions state machine + - name: Delete HelloWorld state machine + community.aws.aws_step_functions_state_machine: + name: HelloWorldStateMachine + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + state_machine_arn + +
    + string +
    +     		always +
    ARN of the AWS Step Functions state machine
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Tom De Keyser (@tdekeyser) + + diff --git a/docs/community.aws.aws_waf_condition_module.rst b/docs/community.aws.aws_waf_condition_module.rst new file mode 100644 index 00000000000..daad2ff6c8f --- /dev/null +++ b/docs/community.aws.aws_waf_condition_module.rst @@ -0,0 +1,1437 @@ +.. _community.aws.aws_waf_condition_module: + + +******************************* +community.aws.aws_waf_condition +******************************* + +**Create and delete WAF Conditions** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/ + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + list + / elements=dictionary
    +     		+ +
    A list of the filters against which to match.
    +
    For type=byte, valid keys are field_to_match, position, header, transformation and target_string.
    +
    For type=geo, the only valid key is country.
    +
    For type=ip, the only valid key is ip_address.
    +
    For type=regex, valid keys are field_to_match, transformation and regex_pattern.
    +
    For type=size, valid keys are field_to_match, transformation, comparison and size.
    +
    For type=sql, valid keys are field_to_match and transformation.
    +
    For type=xss, valid keys are field_to_match and transformation.
    +
    Required when state=present.
    +
    +
    + comparison + +
    + string +
    +     		+
      Choices: +
    • EQ
      • +
    • NE
      • +
    • LE
      • +
    • LT
      • +
    • GE
      • +
    • GT
      • +
    +     		+
    What type of comparison to perform.
    +
    Only valid key when type=size.
    +
    +
    + country + +
    + string +
    +     		+ +
    Value of geo constraint (typically a two letter country code).
    +
    The only valid key when type=geo.
    +
    +
    + field_to_match + +
    + string +
    +     		+
      Choices: +
    • uri
      • +
    • query_string
      • +
    • header
      • +
    • method
      • +
    • body
      • +
    +     		+
    The field upon which to perform the match.
    +
    Valid when type=byte, type=regex, type=sql or type=xss.
    +
    +
    + header + +
    + string +
    +     		+ +
    Which specific header should be matched.
    +
    Required when field_to_match=header.
    +
    Valid when type=byte.
    +
    +
    + ip_address + +
    + string +
    +     		+ +
    An IP Address or CIDR to match.
    +
    The only valid key when type=ip.
    +
    +
    + position + +
    + string +
    +     		+
      Choices: +
    • exactly
      • +
    • starts_with
      • +
    • ends_with
      • +
    • contains
      • +
    • contains_word
      • +
    +     		+
    Where in the field the match needs to occur.
    +
    Only valid when type=byte.
    +
    +
    + regex_pattern + +
    + dictionary +
    +     		+ +
    A dict describing the regular expressions used to perform the match.
    +
    Only valid when type=regex.
    +
    +
    + name + +
    + string +
    +     		+ +
    A name to describe the set of patterns.
    +
    +
    + regex_strings + +
    + list + / elements=string
    +     		+ +
    A list of regular expressions to match.
    +
    +
    + size + +
    + integer +
    +     		+ +
    The size of the field (in bytes).
    +
    Only valid key when type=size.
    +
    +
    + target_string + +
    + string +
    +     		+ +
    The string to search for.
    +
    May be up to 50 bytes.
    +
    Valid when type=byte.
    +
    +
    + transformation + +
    + string +
    +     		+
      Choices: +
    • none
      • +
    • compress_white_space
      • +
    • html_entity_decode
      • +
    • lowercase
      • +
    • cmd_line
      • +
    • url_decode
      • +
    +     		+
    A transform to apply on the field prior to performing the match.
    +
    Valid when type=byte, type=regex, type=sql or type=xss.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the Web Application Firewall condition to manage.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_filters + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove existing filters from a condition if not passed in filters.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the condition should be present or absent.
    +
    +
    + type + +
    + string + / required
    +     		+
      Choices: +
    • byte
      • +
    • geo
      • +
    • ip
      • +
    • regex
      • +
    • size
      • +
    • sql
      • +
    • xss
      • +
    +     		+
    The type of matching to perform.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + waf_regional + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use waf-regional module.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create WAF byte condition + community.aws.aws_waf_condition: + name: my_byte_condition + filters: + - field_to_match: header + position: STARTS_WITH + target_string: Hello + header: Content-type + type: byte + + - name: create WAF geo condition + community.aws.aws_waf_condition: + name: my_geo_condition + filters: + - country: US + - country: AU + - country: AT + type: geo + + - name: create IP address condition + community.aws.aws_waf_condition: + name: "{{ resource_prefix }}_ip_condition" + filters: + - ip_address: "10.0.0.0/8" + - ip_address: "192.168.0.0/24" + type: ip + + - name: create WAF regex condition + community.aws.aws_waf_condition: + name: my_regex_condition + filters: + - field_to_match: query_string + regex_pattern: + name: greetings + regex_strings: + - '[hH]ello' + - '^Hi there' + - '.*Good Day to You' + type: regex + + - name: create WAF size condition + community.aws.aws_waf_condition: + name: my_size_condition + filters: + - field_to_match: query_string + size: 300 + comparison: GT + type: size + + - name: create WAF sql injection condition + community.aws.aws_waf_condition: + name: my_sql_condition + filters: + - field_to_match: query_string + transformation: url_decode + type: sql + + - name: create WAF xss condition + community.aws.aws_waf_condition: + name: my_xss_condition + filters: + - field_to_match: query_string + transformation: url_decode + type: xss + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + condition + +
    + complex +
    +     		always +
    Condition returned by operation.
    +
    +
      +
    + byte_match_set_id + +
    + string +
    +     		always +
    ID for byte match set.
    +
    +
    Sample:
    +
    c4882c96-837b-44a2-a762-4ea87dbf812b
    +
      +
    + byte_match_tuples + +
    + complex +
    +     		always +
    List of byte match tuples.
    +
    +
       +
    + field_to_match + +
    + complex +
    +     		always +
    Field to match.
    +
    +
        +
    + data + +
    + string +
    +     		+
    Which specific header (if type is header).
    +
    +
    Sample:
    +
    content-type
    +
        +
    + type + +
    + string +
    +     		+
    Type of field
    +
    +
    Sample:
    +
    HEADER
    +
       +
    + positional_constraint + +
    + string +
    +     		+
    Position in the field to match.
    +
    +
    Sample:
    +
    STARTS_WITH
    +
       +
    + target_string + +
    + string +
    +     		+
    String to look for.
    +
    +
    Sample:
    +
    Hello
    +
       +
    + text_transformation + +
    + string +
    +     		+
    Transformation to apply to the field before matching.
    +
    +
    Sample:
    +
    NONE
    +
      +
    + condition_id + +
    + string +
    +     		when state is present +
    Type-agnostic ID for the condition.
    +
    +
    Sample:
    +
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    +
      +
    + geo_match_constraints + +
    + complex +
    +     		when type is geo and state is present +
    List of geographical constraints.
    +
    +
       +
    + type + +
    + string +
    +     		+
    Type of geo constraint.
    +
    +
    Sample:
    +
    Country
    +
       +
    + value + +
    + string +
    +     		+
    Value of geo constraint (typically a country code).
    +
    +
    Sample:
    +
    AT
    +
      +
    + geo_match_set_id + +
    + string +
    +     		when type is geo and state is present +
    ID of the geo match set.
    +
    +
    Sample:
    +
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    +
      +
    + ip_set_descriptors + +
    + complex +
    +     		when type is ip and state is present +
    list of IP address filters
    +
    +
       +
    + type + +
    + string +
    +     		always +
    Type of IP address (IPV4 or IPV6).
    +
    +
    Sample:
    +
    IPV4
    +
       +
    + value + +
    + string +
    +     		always +
    IP address.
    +
    +
    Sample:
    +
    10.0.0.0/8
    +
      +
    + ip_set_id + +
    + string +
    +     		when type is ip and state is present +
    ID of condition.
    +
    +
    Sample:
    +
    78ad334a-3535-4036-85e6-8e11e745217b
    +
      +
    + name + +
    + string +
    +     		when state is present +
    Name of condition.
    +
    +
    Sample:
    +
    my_waf_condition
    +
      +
    + regex_match_set_id + +
    + string +
    +     		when type is regex and state is present +
    ID of the regex match set.
    +
    +
    Sample:
    +
    5ea3f6a8-3cd3-488b-b637-17b79ce7089c
    +
      +
    + regex_match_tuples + +
    + complex +
    +     		when type is regex and state is present +
    List of regex matches.
    +
    +
       +
    + field_to_match + +
    + complex +
    +     		+
    Field on which the regex match is applied.
    +
    +
        +
    + type + +
    + string +
    +     		when type is regex and state is present +
    The field name.
    +
    +
    Sample:
    +
    QUERY_STRING
    +
       +
    + regex_pattern_set_id + +
    + string +
    +     		+
    ID of the regex pattern.
    +
    +
    Sample:
    +
    6fdf7f2d-9091-445c-aef2-98f3c051ac9e
    +
       +
    + text_transformation + +
    + string +
    +     		+
    transformation applied to the text before matching
    +
    +
    Sample:
    +
    NONE
    +
      +
    + size_constraint_set_id + +
    + string +
    +     		when type is size and state is present +
    ID of the size constraint set.
    +
    +
    Sample:
    +
    de84b4b3-578b-447e-a9a0-0db35c995656
    +
      +
    + size_constraints + +
    + complex +
    +     		when type is size and state is present +
    List of size constraints to apply.
    +
    +
       +
    + comparison_operator + +
    + string +
    +     		+
    Comparison operator to apply.
    +
    +
    Sample:
    +
    GT
    +
       +
    + field_to_match + +
    + complex +
    +     		+
    Field on which the size constraint is applied.
    +
    +
        +
    + type + +
    + string +
    +     		+
    Field name.
    +
    +
    Sample:
    +
    QUERY_STRING
    +
       +
    + size + +
    + integer +
    +     		+
    Size to compare against the field.
    +
    +
    Sample:
    +
    300
    +
       +
    + text_transformation + +
    + string +
    +     		+
    Transformation applied to the text before matching.
    +
    +
    Sample:
    +
    NONE
    +
      +
    + sql_injection_match_set_id + +
    + string +
    +     		when type is sql and state is present +
    ID of the SQL injection match set.
    +
    +
    Sample:
    +
    de84b4b3-578b-447e-a9a0-0db35c995656
    +
      +
    + sql_injection_match_tuples + +
    + complex +
    +     		when type is sql and state is present +
    List of SQL injection match sets.
    +
    +
       +
    + field_to_match + +
    + complex +
    +     		+
    Field on which the SQL injection match is applied.
    +
    +
        +
    + type + +
    + string +
    +     		+
    Field name.
    +
    +
    Sample:
    +
    QUERY_STRING
    +
       +
    + text_transformation + +
    + string +
    +     		+
    Transformation applied to the text before matching.
    +
    +
    Sample:
    +
    URL_DECODE
    +
      +
    + xss_match_set_id + +
    + string +
    +     		when type is xss and state is present +
    ID of the XSS match set.
    +
    +
    Sample:
    +
    de84b4b3-578b-447e-a9a0-0db35c995656
    +
      +
    + xss_match_tuples + +
    + complex +
    +     		when type is xss and state is present +
    List of XSS match sets.
    +
    +
       +
    + field_to_match + +
    + complex +
    +     		+
    Field on which the XSS match is applied.
    +
    +
        +
    + type + +
    + string +
    +     		+
    Field name
    +
    +
    Sample:
    +
    QUERY_STRING
    +
       +
    + text_transformation + +
    + string +
    +     		+
    transformation applied to the text before matching.
    +
    +
    Sample:
    +
    URL_DECODE
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) +- Mike Mochan (@mmochan) + + diff --git a/docs/community.aws.aws_waf_info_module.rst b/docs/community.aws.aws_waf_info_module.rst new file mode 100644 index 00000000000..3965f03e249 --- /dev/null +++ b/docs/community.aws.aws_waf_info_module.rst @@ -0,0 +1,452 @@ +.. _community.aws.aws_waf_info_module: + + +************************** +community.aws.aws_waf_info +************************** + +**Retrieve information for WAF ACLs, Rule , Conditions and Filters.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve information for WAF ACLs, Rule , Conditions and Filters. +- This module was called ``aws_waf_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of a Web Application Firewall.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + waf_regional + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use the waf-regional module.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: obtain all WAF information + community.aws.aws_waf_info: + + - name: obtain all information for a single WAF + community.aws.aws_waf_info: + name: test_waf + + - name: obtain all information for a single WAF Regional + community.aws.aws_waf_info: + name: test_waf + waf_regional: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + wafs + +
    + complex +
    +     		success +
    The WAFs that match the passed arguments.
    +
    +
      +
    + default_action + +
    + integer +
    +     		always +
    The action to perform if none of the Rules contained in the WebACL match.
    +
    +
    Sample:
    +
    BLOCK
    +
      +
    + metric_name + +
    + string +
    +     		always +
    A friendly name or description for the metrics for this WebACL.
    +
    +
    Sample:
    +
    test_waf_metric
    +
      +
    + name + +
    + string +
    +     		always +
    A friendly name or description of the WebACL.
    +
    +
    Sample:
    +
    test_waf
    +
      +
    + rules + +
    + complex +
    +     		always +
    An array that contains the action for each Rule in a WebACL , the priority of the Rule.
    +
    +
       +
    + action + +
    + string +
    +     		always +
    The action to perform if the Rule matches.
    +
    +
    Sample:
    +
    BLOCK
    +
       +
    + metric_name + +
    + string +
    +     		always +
    A friendly name or description for the metrics for this Rule.
    +
    +
    Sample:
    +
    ipblockrule
    +
       +
    + name + +
    + string +
    +     		always +
    A friendly name or description of the Rule.
    +
    +
    Sample:
    +
    ip_block_rule
    +
       +
    + predicates + +
    + list +
    +     		always +
    The Predicates list contains a Predicate for each ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet or XssMatchSet object in a Rule.
    +
    +
    Sample:
    +
    [{'byte_match_set_id': '47b822b5-abcd-1234-faaf-1234567890', 'byte_match_tuples': [{'field_to_match': {'type': 'QUERY_STRING'}, 'positional_constraint': 'STARTS_WITH', 'target_string': 'bobbins', 'text_transformation': 'NONE'}], 'name': 'bobbins', 'negated': False, 'type': 'ByteMatch'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.aws_waf_rule_module.rst b/docs/community.aws.aws_waf_rule_module.rst new file mode 100644 index 00000000000..d81a277862b --- /dev/null +++ b/docs/community.aws.aws_waf_rule_module.rst @@ -0,0 +1,570 @@ +.. _community.aws.aws_waf_rule_module: + + +************************** +community.aws.aws_waf_rule +************************** + +**Create and delete WAF Rules** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + conditions + +
    + list + / elements=dictionary
    +     		+ +
    List of conditions used in the rule. community.aws.aws_waf_condition can be used to create new conditions.
    +
    +
    + condition + +
    + string + / required
    +     		+ +
    The name of the condition. The condition must already exist.
    +
    +
    + negated + +
    + boolean + / required
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the condition should be negated.
    +
    +
    + type + +
    + string + / required
    +     		+
      Choices: +
    • byte
      • +
    • geo
      • +
    • ip
      • +
    • size
      • +
    • sql
      • +
    • xss
      • +
    +     		+
    The type of rule to match.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + metric_name + +
    + string +
    +     		+ +
    A friendly name or description for the metrics for the rule.
    +
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    +
    You can't change metric_name after you create the rule.
    +
    Defaults to the same as name with disallowed characters removed.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the Web Application Firewall rule.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_conditions + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to remove conditions that are not passed when updating `conditions`.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the rule should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + waf_regional + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use waf-regional module.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: create WAF rule + community.aws.aws_waf_rule: + name: my_waf_rule + conditions: + - name: my_regex_condition + type: regex + negated: no + - name: my_geo_condition + type: geo + negated: no + - name: my_byte_condition + type: byte + negated: yes + + - name: remove WAF rule + community.aws.aws_waf_rule: + name: "my_waf_rule" + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + rule + +
    + complex +
    +     		always +
    WAF rule contents
    +
    +
      +
    + metric_name + +
    + string +
    +     		always +
    Metric name for the rule.
    +
    +
    Sample:
    +
    ansibletest1234rule
    +
      +
    + name + +
    + string +
    +     		always +
    Friendly name for the rule.
    +
    +
    Sample:
    +
    ansible-test-1234_rule
    +
      +
    + predicates + +
    + complex +
    +     		always +
    List of conditions used in the rule.
    +
    +
       +
    + data_id + +
    + string +
    +     		always +
    ID of the condition.
    +
    +
    Sample:
    +
    8251acdb-526c-42a8-92bc-d3d13e584166
    +
       +
    + negated + +
    + boolean +
    +     		always +
    Whether the sense of the condition is negated.
    +
    +
       +
    + type + +
    + string +
    +     		always +
    type of the condition.
    +
    +
    Sample:
    +
    ByteMatch
    +
      +
    + rule_id + +
    + string +
    +     		always +
    ID of the WAF rule.
    +
    +
    Sample:
    +
    15de0cbc-9204-4e1f-90e6-69b2f415c261
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.aws_waf_web_acl_module.rst b/docs/community.aws.aws_waf_web_acl_module.rst new file mode 100644 index 00000000000..3412fb29f51 --- /dev/null +++ b/docs/community.aws.aws_waf_web_acl_module.rst @@ -0,0 +1,632 @@ +.. _community.aws.aws_waf_web_acl_module: + + +***************************** +community.aws.aws_waf_web_acl +***************************** + +**Create and delete WAF Web ACLs.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + default_action + +
    + string +
    +     		+
      Choices: +
    • block
      • +
    • allow
      • +
    • count
      • +
    +     		+
    The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + metric_name + +
    + string +
    +     		+ +
    A friendly name or description for the metrics for this WebACL.
    +
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    +
    You can't change metric_name after you create the WebACL.
    +
    Metric name will default to name with disallowed characters stripped out.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the Web Application Firewall ACL to manage.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_rules + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove rules that aren't passed with rules.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + rules + +
    + list + / elements=dictionary
    +     		+ +
    A list of rules that the Web ACL will enforce.
    +
    +
    + action + +
    + string + / required
    +     		+ +
    The action to perform.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the rule.
    +
    +
    + priority + +
    + integer + / required
    +     		+ +
    The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
    +
    +
    + type + +
    + string +
    +     		+
      Choices: +
    • rate_based
      • +
    • regular
      • +
    +     		+
    The type of rule.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Web ACL should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + waf_regional + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use waf-regional module.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create web ACL + community.aws.aws_waf_web_acl: + name: my_web_acl + rules: + - name: my_rule + priority: 1 + action: block + default_action: block + purge_rules: yes + state: present + + - name: delete the web acl + community.aws.aws_waf_web_acl: + name: my_web_acl + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + web_acl + +
    + complex +
    +     		always +
    contents of the Web ACL.
    +
    +
      +
    + default_action + +
    + dictionary +
    +     		always +
    Default action taken by the Web ACL if no rules match.
    +
    +
    Sample:
    +
    {'type': 'BLOCK'}
    +
      +
    + metric_name + +
    + string +
    +     		always +
    Metric name used as an identifier.
    +
    +
    Sample:
    +
    mywebacl
    +
      +
    + name + +
    + string +
    +     		always +
    Friendly name of the Web ACL.
    +
    +
    Sample:
    +
    my web acl
    +
      +
    + rules + +
    + complex +
    +     		always +
    List of rules.
    +
    +
       +
    + action + +
    + complex +
    +     		always +
    Action taken by the WAF when the rule matches.
    +
    +
    Sample:
    +
    {'type': 'ALLOW'}
    +
       +
    + priority + +
    + integer +
    +     		always +
    priority number of the rule (lower numbers are run first).
    +
    +
    Sample:
    +
    2
    +
       +
    + rule_id + +
    + string +
    +     		always +
    Rule ID.
    +
    +
    Sample:
    +
    a6fc7ab5-287b-479f-8004-7fd0399daf75
    +
       +
    + type + +
    + string +
    +     		always +
    Type of rule (either REGULAR or RATE_BASED).
    +
    +
    Sample:
    +
    REGULAR
    +
      +
    + web_acl_id + +
    + string +
    +     		always +
    Unique identifier of Web ACL.
    +
    +
    Sample:
    +
    10fff965-4b6b-46e2-9d78-24f6d2e2d21c
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.cloudformation_exports_info_module.rst b/docs/community.aws.cloudformation_exports_info_module.rst new file mode 100644 index 00000000000..474a5e4b682 --- /dev/null +++ b/docs/community.aws.cloudformation_exports_info_module.rst @@ -0,0 +1,264 @@ +.. _community.aws.cloudformation_exports_info_module: + + +***************************************** +community.aws.cloudformation_exports_info +***************************************** + +**Read a value from CloudFormation Exports** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module retrieves a value from CloudFormation Exports + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.11.15 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Get Exports + community.aws.cloudformation_exports_info: + profile: 'my_aws_profile' + region: 'my_region' + register: cf_exports + - debug: + msg: "{{ cf_exports }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + export_items + +
    + dictionary +
    +     		Always +
    A dictionary of Exports items names and values.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Moyle (@mmoyle) + + diff --git a/docs/community.aws.cloudformation_stack_set_module.rst b/docs/community.aws.cloudformation_stack_set_module.rst new file mode 100644 index 00000000000..1e689c49184 --- /dev/null +++ b/docs/community.aws.cloudformation_stack_set_module.rst @@ -0,0 +1,714 @@ +.. _community.aws.cloudformation_stack_set_module: + + +************************************** +community.aws.cloudformation_stack_set +************************************** + +**Manage groups of CloudFormation stacks** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Launches/updates/deletes AWS CloudFormation Stack Sets. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3>=1.6 +- botocore>=1.10.26 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + accounts + +
    + list + / elements=string
    +     		+ +
    A list of AWS accounts in which to create instance of CloudFormation stacks.
    +
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    +
    +
    + administration_role_arn + +
    + string +
    +     		+ +
    ARN of the administration role, meaning the role that CloudFormation Stack Sets use to assume the roles in your child accounts.
    +
    This defaults to arn:aws:iam::{{ account ID }}:role/AWSCloudFormationStackSetAdministrationRole where {{ account ID }} is replaced with the account number of the current IAM role/user/STS credentials.
    +

    aliases: admin_role_arn, admin_role, administration_role
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + capabilities + +
    + list + / elements=string
    +     		+
      Choices: +
    • CAPABILITY_IAM
      • +
    • CAPABILITY_NAMED_IAM
      • +
    +     		+
    Capabilities allow stacks to create and modify IAM resources, which may include adding users or roles.
    +
    Currently the only available values are 'CAPABILITY_IAM' and 'CAPABILITY_NAMED_IAM'. Either or both may be provided.
    +
    The following resources require that one or both of these parameters is specified: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::IAM::UserToGroupAddition
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A description of what this stack set creates.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + execution_role_name + +
    + string +
    +     		+ +
    ARN of the execution role, meaning the role that CloudFormation Stack Sets assumes in your child accounts.
    +
    This MUST NOT be an ARN, and the roles must exist in each child account specified.
    +
    The default name for the execution role is AWSCloudFormationStackSetExecutionRole
    +

    aliases: exec_role_name, exec_role, execution_role
    +
    +
    + failure_tolerance + +
    + dictionary +
    +     		+ +
    Settings to change what is considered "failed" when running stack instance updates, and how many to do at a time.
    +
    +
    + fail_count + +
    + integer +
    +     		+ +
    The number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region.
    +
    You must specify one of fail_count and fail_percentage.
    +
    +
    + fail_percentage + +
    + integer +
    +     		+ +
    The percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region.
    +
    You must specify one of fail_count and fail_percentage.
    +
    +
    + parallel_count + +
    + integer +
    +     		+ +
    The maximum number of accounts in which to perform this operation at one time.
    +
    parallel_count may be at most one more than the fail_count.
    +
    You must specify one of parallel_count and parallel_percentage.
    +
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual count may be lower.
    +
    +
    + parallel_percentage + +
    + integer +
    +     		+ +
    The maximum percentage of accounts in which to perform this operation at one time.
    +
    You must specify one of parallel_count and parallel_percentage.
    +
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual percentage may be lower.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the CloudFormation stack set.
    +
    +
    + parameters + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A list of hashes of all the template variables for the stack. The value can be a string or a dict.
    +
    Dict can be used to set additional template parameter attributes like UsePreviousValue (see example).
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_stacks + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Only applicable when state=absent. Sets whether, when deleting a stack set, the stack instances should also be deleted.
    +
    By default, instances will be deleted. To keep stacks when stack set is deleted set purge_stacks=false.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + regions + +
    + list + / elements=string
    +     		+ +
    A list of AWS regions to create instances of a stack in. The region parameter chooses where the Stack Set is created, and regions specifies the region for stack instances.
    +
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    If state=present, stack will be created. If state=present and if stack exists and template has changed, it will be updated. If state=absent, stack will be removed.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Dictionary of tags to associate with stack and its resources during stack creation.
    +
    Can be updated later, updating tags removes previous entries.
    +
    +
    + template + +
    + path +
    +     		+ +
    The local path of the CloudFormation template.
    +
    This must be the full path to the file, relative to the working directory. If using roles this may look like roles/cloudformation/files/cloudformation-example.json.
    +
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    +
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    +
    +
    + template_body + +
    + string +
    +     		+ +
    Template body. Use this to pass in the actual body of the CloudFormation template.
    +
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    +
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    +
    +
    + template_url + +
    + string +
    +     		+ +
    Location of file containing the template body.
    +
    The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.
    +
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    +
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for stack operation to complete. This includes waiting for stack instances to reach UPDATE_COMPLETE status.
    +
    If you choose not to wait, this module will not notify when stack operations fail because it will not wait for them to finish.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    900
    +     		+
    How long to wait (in seconds) for stacks to complete create/update/delete operations.
    +
    +
    + + +Notes +----- + +.. note:: + - To make an individual stack, you want the :ref:`amazon.aws.cloudformation ` module. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a stack set with instances in two accounts + community.aws.cloudformation_stack_set: + name: my-stack + description: Test stack in two accounts + state: present + template_url: https://s3.amazonaws.com/my-bucket/cloudformation.template + accounts: [1234567890, 2345678901] + regions: + - us-east-1 + + - name: on subsequent calls, templates are optional but parameters and tags can be altered + community.aws.cloudformation_stack_set: + name: my-stack + state: present + parameters: + InstanceName: my_stacked_instance + tags: + foo: bar + test: stack + accounts: [1234567890, 2345678901] + regions: + - us-east-1 + + - name: The same type of update, but wait for the update to complete in all stacks + community.aws.cloudformation_stack_set: + name: my-stack + state: present + wait: true + parameters: + InstanceName: my_restacked_instance + tags: + foo: bar + test: stack + accounts: [1234567890, 2345678901] + regions: + - us-east-1 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + operations + +
    + list +
    +     		always +
    All operations initiated by this run of the cloudformation_stack_set module
    +
    +
    Sample:
    +
    [{'action': 'CREATE', 'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'operation_preferences': {'region_order': ['us-east-1', 'us-east-2']}, 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'FAILED'}]
    +
    +
    + operations_log + +
    + list +
    +     		always +
    Most recent events in CloudFormation's event log. This may be from a previous run in some cases.
    +
    +
    Sample:
    +
    [{'action': 'CREATE', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'status': 'FAILED', 'stack_instances': [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service."}]}]
    +
    +
    + stack_instances + +
    + list +
    +     		state == present +
    CloudFormation stack instances that are members of this stack set. This will also include their region and account ID.
    +
    +
    Sample:
    +
    [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service.\n"}, {'account': '1234567890', 'region': 'us-east-2', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': 'Cancelled since failure tolerance has exceeded'}]
    +
    +
    + stack_set + +
    + dictionary +
    +     		state == present +
    Facts about the currently deployed stack set, its parameters, and its tags
    +
    +
    Sample:
    +
    {'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'capabilities': [], 'description': 'test stack PRIME', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'parameters': [], 'stack_set_arn': 'arn:aws:cloudformation:us-east-1:1234567890:stackset/TestStackPrime:19f3f684-aae9-467-ba36-e09f92cf5929', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'stack_set_name': 'TestStackPrime', 'status': 'ACTIVE', 'tags': {'Some': 'Thing', 'an': 'other'}, 'template_body': 'AWSTemplateFormatVersion: "2010-09-09"\nParameters: {}\nResources:\n Bukkit:\n Type: "AWS::S3::Bucket"\n Properties: {}\n other:\n Type: "AWS::SNS::Topic"\n Properties: {}\n'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + diff --git a/docs/community.aws.cloudfront_distribution_module.rst b/docs/community.aws.cloudfront_distribution_module.rst new file mode 100644 index 00000000000..c0bd98ada89 --- /dev/null +++ b/docs/community.aws.cloudfront_distribution_module.rst @@ -0,0 +1,4698 @@ +.. _community.aws.cloudfront_distribution_module: + + +************************************* +community.aws.cloudfront_distribution +************************************* + +**Create, update and delete AWS CloudFront distributions.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for easy creation, updating and deletion of CloudFront distributions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + alias + +
    + string +
    +     		+ +
    The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the distribution_id as well as the e_tag, or caller_reference of an existing distribution.
    +
    +
    + aliases + +
    + list + / elements=string
    +     		+ +
    A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
    +
    Each alias must be unique across all distribution for the AWS account.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cache_behaviors + +
    + list + / elements=dictionary
    +     		+ +
    A list of dictionaries describing the cache behaviors for the distribution.
    +
    The order of the list is preserved across runs unless purge_cache_behaviors is enabled.
    +
    +
    + forwarded_values + +
    + dictionary +
    +     		+ +
    A dict that specifies how CloudFront handles query strings and cookies.
    +
    +
    + allowed_methods + +
    + dictionary +
    +     		+ +
    A dict that controls which HTTP methods CloudFront processes and forwards.
    +
    +
    + cached_methods + +
    + list + / elements=string
    +     		+ +
    A list of HTTP methods that you want CloudFront to apply caching to.
    +
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    +
    +
    + items + +
    + list + / elements=string
    +     		+ +
    A list of HTTP methods that you want CloudFront to process and forward.
    +
    +
    + compress + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want CloudFront to automatically compress files.
    +
    +
    + cookies + +
    + dictionary +
    +     		+ +
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    +
    +
    + forward + +
    + string +
    +     		+ +
    Specifies which cookies to forward to the origin for this cache behavior.
    +
    Valid values are all, none, or whitelist.
    +
    +
    + whitelisted_names + +
    + list + / elements=string
    +     		+ +
    A list of coockies to forward to the origin for this cache behavior.
    +
    +
    + default_ttl + +
    + integer +
    +     		+ +
    The default amount of time that you want objects to stay in CloudFront caches.
    +
    +
    + field_level_encryption_id + +
    + string +
    +     		+ +
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    +
    +
    + headers + +
    + list + / elements=string
    +     		+ +
    A list of headers to forward to the origin for this cache behavior.
    +
    To forward all headers use a list containing a single element '*' (['*'])
    +
    +
    + lambda_function_associations + +
    + list + / elements=dictionary
    +     		+ +
    A list of Lambda function associations to use for this cache behavior.
    +
    +
    + event_type + +
    + string +
    +     		+ +
    Specifies the event type that triggers a Lambda function invocation.
    +
    This can be viewer-request, origin-request, origin-response or viewer-response.
    +
    +
    + lambda_function_arn + +
    + string +
    +     		+ +
    The ARN of the Lambda function.
    +
    +
    + max_ttl + +
    + integer +
    +     		+ +
    The maximum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    + min_ttl + +
    + integer +
    +     		+ +
    The minimum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    + query_string + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    +
    +
    + query_string_cache_keys + +
    + list + / elements=string
    +     		+ +
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    +
    +
    + smooth_streaming + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    +
    +
    + trusted_signers + +
    + dictionary +
    +     		+ +
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to require viewers to use signed URLs to access the files specified by path_pattern and target_origin_id
    +
    +
    + items + +
    + list + / elements=string
    +     		+ +
    A list of trusted signers for this cache behavior.
    +
    +
    + viewer_protocol_policy + +
    + string +
    +     		+ +
    The protocol that viewers can use to access the files in the origin specified by target_origin_id when a request matches path_pattern.
    +
    Valid values are allow-all, redirect-to-https and https-only.
    +
    +
    + path_pattern + +
    + string +
    +     		+ +
    The pattern that specifies which requests to apply the behavior to.
    +
    +
    + target_origin_id + +
    + string +
    +     		+ +
    The ID of the origin that you want CloudFront to route requests to by default.
    +
    +
    + caller_reference + +
    + string +
    +     		+ +
    A unique identifier for creating and updating CloudFront distributions.
    +
    Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of distribution_id to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format YYYY-MM-DDTHH:MM:SS.ffffff.
    +
    +
    + comment + +
    + string +
    +     		+ +
    A comment that describes the CloudFront distribution.
    +
    If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
    +
    +
    + custom_error_responses + +
    + list + / elements=dictionary
    +     		+ +
    A config element that is a list[] of complex custom error responses to be specified for the distribution.
    +
    This attribute configures custom http error messages returned to the user.
    +
    +
    + error_caching_min_ttl + +
    + integer +
    +     		+ +
    The length of time (in seconds) that CloudFront will cache status codes for.
    +
    +
    + error_code + +
    + integer +
    +     		+ +
    The error code the custom error page is for.
    +
    +
    + response_code + +
    + integer +
    +     		+ +
    The HTTP status code that CloudFront should return to a user when the origin returns the HTTP status code specified by error_code.
    +
    +
    + response_page_path + +
    + string +
    +     		+ +
    The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by error_code.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + default_cache_behavior + +
    + dictionary +
    +     		+ +
    A dict specifying the default cache behavior of the distribution.
    +
    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
    +
    +
    + forwarded_values + +
    + dictionary +
    +     		+ +
    A dict that specifies how CloudFront handles query strings and cookies.
    +
    +
    + allowed_methods + +
    + dictionary +
    +     		+ +
    A dict that controls which HTTP methods CloudFront processes and forwards.
    +
    +
    + cached_methods + +
    + list + / elements=string
    +     		+ +
    A list of HTTP methods that you want CloudFront to apply caching to.
    +
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    +
    +
    + items + +
    + list + / elements=string
    +     		+ +
    A list of HTTP methods that you want CloudFront to process and forward.
    +
    +
    + compress + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want CloudFront to automatically compress files.
    +
    +
    + cookies + +
    + dictionary +
    +     		+ +
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    +
    +
    + forward + +
    + string +
    +     		+ +
    Specifies which cookies to forward to the origin for this cache behavior.
    +
    Valid values are all, none, or whitelist.
    +
    +
    + whitelisted_names + +
    + list + / elements=string
    +     		+ +
    A list of coockies to forward to the origin for this cache behavior.
    +
    +
    + default_ttl + +
    + integer +
    +     		+ +
    The default amount of time that you want objects to stay in CloudFront caches.
    +
    +
    + field_level_encryption_id + +
    + string +
    +     		+ +
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    +
    +
    + headers + +
    + list + / elements=string
    +     		+ +
    A list of headers to forward to the origin for this cache behavior.
    +
    To forward all headers use a list containing a single element '*' (['*'])
    +
    +
    + lambda_function_associations + +
    + list + / elements=dictionary
    +     		+ +
    A list of Lambda function associations to use for this cache behavior.
    +
    +
    + event_type + +
    + string +
    +     		+ +
    Specifies the event type that triggers a Lambda function invocation.
    +
    This can be viewer-request, origin-request, origin-response or viewer-response.
    +
    +
    + lambda_function_arn + +
    + string +
    +     		+ +
    The ARN of the Lambda function.
    +
    +
    + max_ttl + +
    + integer +
    +     		+ +
    The maximum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    + min_ttl + +
    + integer +
    +     		+ +
    The minimum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    + query_string + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    +
    +
    + query_string_cache_keys + +
    + list + / elements=string
    +     		+ +
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    +
    +
    + smooth_streaming + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    +
    +
    + trusted_signers + +
    + dictionary +
    +     		+ +
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to require viewers to use signed URLs to access the files specified by target_origin_id
    +
    +
    + items + +
    + list + / elements=string
    +     		+ +
    A list of trusted signers for this cache behavior.
    +
    +
    + viewer_protocol_policy + +
    + string +
    +     		+ +
    The protocol that viewers can use to access the files in the origin specified by target_origin_id.
    +
    Valid values are allow-all, redirect-to-https and https-only.
    +
    +
    + target_origin_id + +
    + string +
    +     		+ +
    The ID of the origin that you want CloudFront to route requests to by default.
    +
    +
    + default_origin_domain_name + +
    + string +
    +     		+ +
    The domain name to use for an origin if no origins have been specified.
    +
    Should only be used on a first run of generating a distribution and not on subsequent runs.
    +
    Should not be used in conjunction with distribution_id, caller_reference or alias.
    +
    +
    + default_origin_path + +
    + string +
    +     		+ +
    The default origin path to specify for an origin if no origins have been specified. Defaults to empty if not specified.
    +
    +
    + default_root_object + +
    + string +
    +     		+ +
    A config element that specifies the path to request when the user requests the origin.
    +
    e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user.
    +
    This prevents the entire distribution origin from being exposed at the root.
    +
    +
    + distribution_id + +
    + string +
    +     		+ +
    The ID of the CloudFront distribution.
    +
    This parameter can be exchanged with alias or caller_reference and is used in conjunction with e_tag.
    +
    +
    + e_tag + +
    + string +
    +     		+ +
    A unique identifier of a modified or existing distribution. Used in conjunction with distribution_id.
    +
    Is determined automatically if not specified.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    A boolean value that specifies whether the distribution is enabled or disabled.
    +
    +
    + http_version + +
    + string +
    +     		+ +
    The version of the http protocol to use for the distribution.
    +
    AWS defaults this to http2.
    +
    Valid values are http1.1 and http2
    +
    +
    + ipv6_enabled + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Determines whether IPv6 support is enabled or not.
    +
    +
    + logging + +
    + dictionary +
    +     		+ +
    A config element that is a complex object that defines logging for the distribution.
    +
    +
    + bucket + +
    + string +
    +     		+ +
    The S3 bucket to store the log in.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When enabled=true CloudFront will log access to an S3 bucket.
    +
    +
    + include_cookies + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When include_cookies=true CloudFront will include cookies in the logs.
    +
    +
    + prefix + +
    + string +
    +     		+ +
    A prefix to include in the S3 object names.
    +
    +
    + origins + +
    + list + / elements=dictionary
    +     		+ +
    A config element that is a list of complex origin objects to be specified for the distribution. Used for creating and updating distributions.
    +
    +
    + custom_headers + +
    + list + / elements=dictionary
    +     		+ +
    Custom headers you wish to add to the request before passing it to the origin.
    + +
    +
    + header_name + +
    + string +
    +     		+ +
    The name of a header that you want CloudFront to forward to your origin.
    +
    +
    + header_value + +
    + string +
    +     		+ +
    The value for the header that you specified in the header_name field.
    +
    +
    + custom_origin_config + +
    + dictionary +
    +     		+ +
    Connection information about the origin.
    +
    +
    + http_port + +
    + integer +
    +     		+ +
    The HTTP port the custom origin listens on.
    +
    +
    + https_port + +
    + integer +
    +     		+ +
    The HTTPS port the custom origin listens on.
    +
    +
    + origin_keepalive_timeout + +
    + integer +
    +     		+ +
    A keep-alive timeout (in seconds).
    +
    +
    + origin_protocol_policy + +
    + string +
    +     		+ +
    The origin protocol policy to apply to your origin.
    +
    +
    + origin_read_timeout + +
    + integer +
    +     		+ +
    A timeout (in seconds) when reading from your origin.
    +
    +
    + origin_ssl_protocols + +
    + list + / elements=string
    +     		+ +
    A list of SSL/TLS protocols that you want CloudFront to use when communicating to the origin over HTTPS.
    +
    +
    + domain_name + +
    + string +
    +     		+ +
    The domain name which CloudFront will query as the origin.
    + +
    +
    + id + +
    + string +
    +     		+ +
    A unique identifier for the origin or origin group. id must be unique within the distribution.
    +
    +
    + origin_path + +
    + string +
    +     		+ +
    Tells CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    +
    +
    + s3_origin_access_identity_enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Use an origin access identity to configure the origin so that viewers can only access objects in an Amazon S3 bucket through CloudFront.
    +
    Will automatically create an Identity for you.
    + +
    +
    + price_class + +
    + string +
    +     		+ +
    A string that specifies the pricing class of the distribution. As per https://aws.amazon.com/cloudfront/pricing/
    +
    price_class=PriceClass_100 consists of the areas United States, Canada and Europe.
    +
    price_class=PriceClass_200 consists of the areas United States, Canada, Europe, Japan, India, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    +
    price_class=PriceClass_All consists of the areas United States, Canada, Europe, Japan, India, South America, Australia, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    +
    AWS defaults this to PriceClass_All.
    +
    Valid values are PriceClass_100, PriceClass_200 and PriceClass_All
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_aliases + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether existing aliases will be removed before adding new aliases.
    +
    When purge_aliases=yes, existing aliases are removed and aliases are added.
    +
    +
    + purge_cache_behaviors + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove any cache behaviors that aren't listed in cache_behaviors.
    +
    This switch also allows the reordering of cache_behaviors.
    +
    +
    + purge_custom_error_responses + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove any custom error responses that aren't listed in custom_error_responses.
    +
    +
    + purge_origins + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove any origins that aren't listed in origins.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether existing tags will be removed before adding new tags.
    +
    When purge_tags=yes, existing tags are removed and tags are added, if specified. If no tags are specified, it removes all existing tags for the distribution.
    +
    When purge_tags=no, existing tags are kept and tags are added, if specified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + restrictions + +
    + dictionary +
    +     		+ +
    A config element that is a complex object that describes how a distribution should restrict it's content.
    +
    +
    + geo_restriction + +
    + dictionary +
    +     		+ +
    Apply a restriciton based on the location of the requester.
    +
    +
    + items + +
    + list +
    +     		+ +
    A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
    +
    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
    +
    +
    + restriction_type + +
    + string +
    +     		+ +
    The method that you want to use to restrict distribution of your content by country.
    +
    Valid values are none, whitelist, blacklist
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    The desired state of the distribution.
    +
    state=present creates a new distribution or updates an existing distribution.
    +
    state=absent deletes an existing distribution.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Should be input as a dict of key-value pairs.
    +
    Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + viewer_certificate + +
    + dictionary +
    +     		+ +
    A dict that specifies the encryption details of the distribution.
    +
    +
    + acm_certificate_arn + +
    + string +
    +     		+ +
    The ID of a certificate stored in ACM to use for HTTPS connections.
    +
    If acm_certificate_id is set then you must also specify ssl_support_method
    +
    +
    + cloudfront_default_certificate + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
    +
    If cloudfront_default_certificate=true do not set ssl_support_method.
    +
    +
    + iam_certificate_id + +
    + string +
    +     		+ +
    The ID of a certificate stored in IAM to use for HTTPS connections.
    +
    If iam_certificate_id is set then you must also specify ssl_support_method
    +
    +
    + minimum_protocol_version + +
    + string +
    +     		+ +
    The security policy that you want CloudFront to use for HTTPS connections.
    + +
    +
    + ssl_support_method + +
    + string +
    +     		+ +
    How CloudFront should serve SSL certificates.
    +
    Valid values are sni-only for SNI, and vip if CloudFront is configured to use a dedicated IP for your content.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether the module waits until the distribution has completed processing the creation or update.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    1800
    +     		+
    Specifies the duration in seconds to wait for a timeout of a cloudfront create or update.
    +
    +
    + web_acl_id + +
    + string +
    +     		+ +
    The ID of a Web Application Firewall (WAF) Access Control List (ACL).
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create a basic distribution with defaults and tags + community.aws.cloudfront_distribution: + state: present + default_origin_domain_name: www.my-cloudfront-origin.com + tags: + Name: example distribution + Project: example project + Priority: '1' + + - name: update a distribution comment by distribution_id + community.aws.cloudfront_distribution: + state: present + distribution_id: E1RP5A2MJ8073O + comment: modified by ansible cloudfront.py + + - name: update a distribution comment by caller_reference + community.aws.cloudfront_distribution: + state: present + caller_reference: my cloudfront distribution 001 + comment: modified by ansible cloudfront.py + + - name: update a distribution's aliases and comment using the distribution_id as a reference + community.aws.cloudfront_distribution: + state: present + distribution_id: E1RP5A2MJ8073O + comment: modified by cloudfront.py again + aliases: [ 'www.my-distribution-source.com', 'zzz.aaa.io' ] + + - name: update a distribution's aliases and comment using an alias as a reference + community.aws.cloudfront_distribution: + state: present + caller_reference: my test distribution + comment: modified by cloudfront.py again + aliases: + - www.my-distribution-source.com + - zzz.aaa.io + + - name: update a distribution's comment and aliases and tags and remove existing tags + community.aws.cloudfront_distribution: + state: present + distribution_id: E15BU8SDCGSG57 + comment: modified by cloudfront.py again + aliases: + - tested.com + tags: + Project: distribution 1.2 + purge_tags: yes + + - name: create a distribution with an origin, logging and default cache behavior + community.aws.cloudfront_distribution: + state: present + caller_reference: unique test distribution ID + origins: + - id: 'my test origin-000111' + domain_name: www.example.com + origin_path: /production + custom_headers: + - header_name: MyCustomHeaderName + header_value: MyCustomHeaderValue + default_cache_behavior: + target_origin_id: 'my test origin-000111' + forwarded_values: + query_string: true + cookies: + forward: all + headers: + - '*' + viewer_protocol_policy: allow-all + smooth_streaming: true + compress: true + allowed_methods: + items: + - GET + - HEAD + cached_methods: + - GET + - HEAD + logging: + enabled: true + include_cookies: false + bucket: mylogbucket.s3.amazonaws.com + prefix: myprefix/ + enabled: false + comment: this is a CloudFront distribution with logging + + - name: delete a distribution + community.aws.cloudfront_distribution: + state: absent + caller_reference: replaceable distribution + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + active_trusted_signers + +
    + complex +
    +     		always +
    Key pair IDs that CloudFront is aware of for each trusted signer.
    +
    +
      +
    + enabled + +
    + boolean +
    +     		always +
    Whether trusted signers are in use.
    +
    +
      +
    + items + +
    + list +
    +     		when there are trusted signers +
    Number of trusted signers.
    +
    +
    Sample:
    +
    ['key_pair_id']
    +
      +
    + quantity + +
    + integer +
    +     		always +
    Number of trusted signers.
    +
    +
    Sample:
    +
    1
    +
    +
    + aliases + +
    + complex +
    +     		always +
    Aliases that refer to the distribution.
    +
    +
      +
    + items + +
    + list +
    +     		always +
    List of aliases.
    +
    +
    Sample:
    +
    ['test.example.com']
    +
      +
    + quantity + +
    + integer +
    +     		always +
    Number of aliases.
    +
    +
    Sample:
    +
    1
    +
    +
    + arn + +
    + string +
    +     		always +
    Amazon Resource Name of the distribution.
    +
    +
    Sample:
    +
    arn:aws:cloudfront::123456789012:distribution/E1234ABCDEFGHI
    +
    +
    + cache_behaviors + +
    + complex +
    +     		always +
    CloudFront cache behaviors.
    +
    +
      +
    + items + +
    + complex +
    +     		always +
    List of cache behaviors.
    +
    +
       +
    + allowed_methods + +
    + complex +
    +     		always +
    Methods allowed by the cache behavior.
    +
    +
        +
    + cached_methods + +
    + complex +
    +     		always +
    Methods cached by the cache behavior.
    +
    +
         +
    + items + +
    + list +
    +     		always +
    List of cached methods.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    +
         +
    + quantity + +
    + integer +
    +     		always +
    Count of cached methods.
    +
    +
    Sample:
    +
    2
    +
        +
    + items + +
    + list +
    +     		always +
    List of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    2
    +
       +
    + compress + +
    + boolean +
    +     		always +
    Whether compression is turned on for the cache behavior.
    +
    +
       +
    + default_ttl + +
    + integer +
    +     		always +
    Default Time to Live of the cache behavior.
    +
    +
    Sample:
    +
    86400
    +
       +
    + forwarded_values + +
    + complex +
    +     		always +
    Values forwarded to the origin for this cache behavior.
    +
    +
        +
    + cookies + +
    + complex +
    +     		always +
    Cookies to forward to the origin.
    +
    +
         +
    + forward + +
    + string +
    +     		always +
    Which cookies to forward to the origin for this cache behavior.
    +
    +
    Sample:
    +
    none
    +
         +
    + whitelisted_names + +
    + complex +
    +     		when forward=whitelist +
    The names of the cookies to forward to the origin for this cache behavior.
    +
    +
          +
    + items + +
    + list +
    +     		when list is not empty +
    List of cookies to forward.
    +
    +
    Sample:
    +
    my_cookie
    +
          +
    + quantity + +
    + integer +
    +     		always +
    Count of cookies to forward.
    +
    +
    Sample:
    +
    1
    +
        +
    + headers + +
    + complex +
    +     		always +
    Which headers are used to vary on cache retrievals.
    +
    +
         +
    + items + +
    + list +
    +     		when list is not empty +
    List of headers to vary on.
    +
    +
    Sample:
    +
    ['Host']
    +
         +
    + quantity + +
    + integer +
    +     		always +
    Count of headers to vary on.
    +
    +
    Sample:
    +
    1
    +
        +
    + query_string + +
    + boolean +
    +     		always +
    Whether the query string is used in cache lookups.
    +
    +
        +
    + query_string_cache_keys + +
    + complex +
    +     		always +
    Which query string keys to use in cache lookups.
    +
    +
         +
    + items + +
    + list +
    +     		when list is not empty +
    List of query string cache keys to use in cache lookups.
    +
    +
         +
    + quantity + +
    + integer +
    +     		always +
    Count of query string cache keys to use in cache lookups.
    +
    +
    Sample:
    +
    1
    +
       +
    + lambda_function_associations + +
    + complex +
    +     		always +
    Lambda function associations for a cache behavior.
    +
    +
        +
    + items + +
    + list +
    +     		when list is not empty +
    List of lambda function associations.
    +
    +
    Sample:
    +
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of lambda function associations.
    +
    +
    Sample:
    +
    1
    +
       +
    + max_ttl + +
    + integer +
    +     		always +
    Maximum Time to Live.
    +
    +
    Sample:
    +
    31536000
    +
       +
    + min_ttl + +
    + integer +
    +     		always +
    Minimum Time to Live.
    +
    +
       +
    + path_pattern + +
    + string +
    +     		always +
    Path pattern that determines this cache behavior.
    +
    +
    Sample:
    +
    /path/to/files/*
    +
       +
    + smooth_streaming + +
    + boolean +
    +     		always +
    Whether smooth streaming is enabled.
    +
    +
       +
    + target_origin_id + +
    + string +
    +     		always +
    ID of origin reference by this cache behavior.
    +
    +
    Sample:
    +
    origin_abcd
    +
       +
    + trusted_signers + +
    + complex +
    +     		always +
    Trusted signers.
    +
    +
        +
    + enabled + +
    + boolean +
    +     		always +
    Whether trusted signers are enabled for this cache behavior.
    +
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of trusted signers.
    +
    +
    Sample:
    +
    1
    +
       +
    + viewer_protocol_policy + +
    + string +
    +     		always +
    Policy of how to handle http/https.
    +
    +
    Sample:
    +
    redirect-to-https
    +
      +
    + quantity + +
    + integer +
    +     		always +
    Count of cache behaviors.
    +
    +
    Sample:
    +
    1
    +
    +
    + caller_reference + +
    + string +
    +     		always +
    Idempotency reference given when creating CloudFront distribution.
    +
    +
    Sample:
    +
    1484796016700
    +
    +
    + comment + +
    + string +
    +     		always +
    Any comments you want to include about the distribution.
    +
    +
    Sample:
    +
    my first CloudFront distribution
    +
    +
    + custom_error_responses + +
    + complex +
    +     		always +
    Custom error responses to use for error handling.
    +
    +
      +
    + items + +
    + complex +
    +     		always +
    List of custom error responses.
    +
    +
       +
    + error_caching_min_ttl + +
    + integer +
    +     		always +
    Minimum time to cache this error response.
    +
    +
    Sample:
    +
    300
    +
       +
    + error_code + +
    + integer +
    +     		always +
    Origin response code that triggers this error response.
    +
    +
    Sample:
    +
    500
    +
       +
    + response_code + +
    + string +
    +     		always +
    Response code to return to the requester.
    +
    +
    Sample:
    +
    500
    +
       +
    + response_page_path + +
    + string +
    +     		always +
    Path that contains the error page to display.
    +
    +
    Sample:
    +
    /errors/5xx.html
    +
      +
    + quantity + +
    + integer +
    +     		always +
    Count of custom error response items
    +
    +
    Sample:
    +
    1
    +
    +
    + default_cache_behavior + +
    + complex +
    +     		always +
    Default cache behavior.
    +
    +
      +
    + allowed_methods + +
    + complex +
    +     		always +
    Methods allowed by the cache behavior.
    +
    +
       +
    + cached_methods + +
    + complex +
    +     		always +
    Methods cached by the cache behavior.
    +
    +
        +
    + items + +
    + list +
    +     		always +
    List of cached methods.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of cached methods.
    +
    +
    Sample:
    +
    2
    +
       +
    + items + +
    + list +
    +     		always +
    List of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    +
       +
    + quantity + +
    + integer +
    +     		always +
    Count of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    2
    +
      +
    + compress + +
    + boolean +
    +     		always +
    Whether compression is turned on for the cache behavior.
    +
    +
      +
    + default_ttl + +
    + integer +
    +     		always +
    Default Time to Live of the cache behavior.
    +
    +
    Sample:
    +
    86400
    +
      +
    + forwarded_values + +
    + complex +
    +     		always +
    Values forwarded to the origin for this cache behavior.
    +
    +
       +
    + cookies + +
    + complex +
    +     		always +
    Cookies to forward to the origin.
    +
    +
        +
    + forward + +
    + string +
    +     		always +
    Which cookies to forward to the origin for this cache behavior.
    +
    +
    Sample:
    +
    none
    +
        +
    + whitelisted_names + +
    + complex +
    +     		when forward=whitelist +
    The names of the cookies to forward to the origin for this cache behavior.
    +
    +
         +
    + items + +
    + list +
    +     		when list is not empty +
    List of cookies to forward.
    +
    +
    Sample:
    +
    my_cookie
    +
         +
    + quantity + +
    + integer +
    +     		always +
    Count of cookies to forward.
    +
    +
    Sample:
    +
    1
    +
       +
    + headers + +
    + complex +
    +     		always +
    Which headers are used to vary on cache retrievals.
    +
    +
        +
    + items + +
    + list +
    +     		when list is not empty +
    List of headers to vary on.
    +
    +
    Sample:
    +
    ['Host']
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of headers to vary on.
    +
    +
    Sample:
    +
    1
    +
       +
    + query_string + +
    + boolean +
    +     		always +
    Whether the query string is used in cache lookups.
    +
    +
       +
    + query_string_cache_keys + +
    + complex +
    +     		always +
    Which query string keys to use in cache lookups.
    +
    +
        +
    + items + +
    + list +
    +     		when list is not empty +
    List of query string cache keys to use in cache lookups.
    +
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of query string cache keys to use in cache lookups.
    +
    +
    Sample:
    +
    1
    +
      +
    + lambda_function_associations + +
    + complex +
    +     		always +
    Lambda function associations for a cache behavior.
    +
    +
       +
    + items + +
    + list +
    +     		when list is not empty +
    List of lambda function associations.
    +
    +
    Sample:
    +
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    +
       +
    + quantity + +
    + integer +
    +     		always +
    Count of lambda function associations.
    +
    +
    Sample:
    +
    1
    +
      +
    + max_ttl + +
    + integer +
    +     		always +
    Maximum Time to Live.
    +
    +
    Sample:
    +
    31536000
    +
      +
    + min_ttl + +
    + integer +
    +     		always +
    Minimum Time to Live.
    +
    +
      +
    + path_pattern + +
    + string +
    +     		always +
    Path pattern that determines this cache behavior.
    +
    +
    Sample:
    +
    /path/to/files/*
    +
      +
    + smooth_streaming + +
    + boolean +
    +     		always +
    Whether smooth streaming is enabled.
    +
    +
      +
    + target_origin_id + +
    + string +
    +     		always +
    ID of origin reference by this cache behavior.
    +
    +
    Sample:
    +
    origin_abcd
    +
      +
    + trusted_signers + +
    + complex +
    +     		always +
    Trusted signers.
    +
    +
       +
    + enabled + +
    + boolean +
    +     		always +
    Whether trusted signers are enabled for this cache behavior.
    +
    +
       +
    + quantity + +
    + integer +
    +     		always +
    Count of trusted signers.
    +
    +
    Sample:
    +
    1
    +
      +
    + viewer_protocol_policy + +
    + string +
    +     		always +
    Policy of how to handle http/https.
    +
    +
    Sample:
    +
    redirect-to-https
    +
    +
    + default_root_object + +
    + string +
    +     		always +
    The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution.
    +
    +
    +
    + diff + +
    + dictionary +
    +     		always +
    Difference between previous configuration and new configuration.
    +
    +
    +
    + domain_name + +
    + string +
    +     		always +
    Domain name of CloudFront distribution.
    +
    +
    Sample:
    +
    d1vz8pzgurxosf.cloudfront.net
    +
    +
    + enabled + +
    + boolean +
    +     		always +
    Whether the CloudFront distribution is enabled or not.
    +
    +
    Sample:
    +
    True
    +
    +
    + http_version + +
    + string +
    +     		always +
    Version of HTTP supported by the distribution.
    +
    +
    Sample:
    +
    http2
    +
    +
    + id + +
    + string +
    +     		always +
    CloudFront distribution ID.
    +
    +
    Sample:
    +
    E123456ABCDEFG
    +
    +
    + in_progress_invalidation_batches + +
    + integer +
    +     		always +
    The number of invalidation batches currently in progress.
    +
    +
    +
    + is_ipv6_enabled + +
    + boolean +
    +     		always +
    Whether IPv6 is enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + last_modified_time + +
    + string +
    +     		always +
    Date and time distribution was last modified.
    +
    +
    Sample:
    +
    2017-10-13T01:51:12.656000+00:00
    +
    +
    + logging + +
    + complex +
    +     		always +
    Logging information.
    +
    +
      +
    + bucket + +
    + string +
    +     		always +
    S3 bucket logging destination.
    +
    +
    Sample:
    +
    logs-example-com.s3.amazonaws.com
    +
      +
    + enabled + +
    + boolean +
    +     		always +
    Whether logging is enabled.
    +
    +
    Sample:
    +
    True
    +
      +
    + include_cookies + +
    + boolean +
    +     		always +
    Whether to log cookies.
    +
    +
      +
    + prefix + +
    + string +
    +     		always +
    Prefix added to logging object names.
    +
    +
    Sample:
    +
    cloudfront/test
    +
    +
    + origins + +
    + complex +
    +     		always +
    Origins in the CloudFront distribution.
    +
    +
      +
    + items + +
    + complex +
    +     		always +
    List of origins.
    +
    +
       +
    + custom_headers + +
    + complex +
    +     		always +
    Custom headers passed to the origin.
    +
    +
        +
    + quantity + +
    + integer +
    +     		always +
    Count of headers.
    +
    +
    Sample:
    +
    1
    +
       +
    + custom_origin_config + +
    + complex +
    +     		always +
    Configuration of the origin.
    +
    +
        +
    + http_port + +
    + integer +
    +     		always +
    Port on which HTTP is listening.
    +
    +
    Sample:
    +
    80
    +
        +
    + https_port + +
    + integer +
    +     		always +
    Port on which HTTPS is listening.
    +
    +
    Sample:
    +
    443
    +
        +
    + origin_keepalive_timeout + +
    + integer +
    +     		always +
    Keep-alive timeout.
    +
    +
    Sample:
    +
    5
    +
        +
    + origin_protocol_policy + +
    + string +
    +     		always +
    Policy of which protocols are supported.
    +
    +
    Sample:
    +
    https-only
    +
        +
    + origin_read_timeout + +
    + integer +
    +     		always +
    Timeout for reads to the origin.
    +
    +
    Sample:
    +
    30
    +
        +
    + origin_ssl_protocols + +
    + complex +
    +     		always +
    SSL protocols allowed by the origin.
    +
    +
         +
    + items + +
    + list +
    +     		always +
    List of SSL protocols.
    +
    +
    Sample:
    +
    ['TLSv1', 'TLSv1.1', 'TLSv1.2']
    +
         +
    + quantity + +
    + integer +
    +     		always +
    Count of SSL protocols.
    +
    +
    Sample:
    +
    3
    +
       +
    + domain_name + +
    + string +
    +     		always +
    Domain name of the origin.
    +
    +
    Sample:
    +
    test-origin.example.com
    +
       +
    + id + +
    + string +
    +     		always +
    ID of the origin.
    +
    +
    Sample:
    +
    test-origin.example.com
    +
       +
    + origin_path + +
    + string +
    +     		always +
    Subdirectory to prefix the request from the S3 or HTTP origin.
    +
    +
      +
    + quantity + +
    + integer +
    +     		always +
    Count of origins.
    +
    +
    Sample:
    +
    1
    +
    +
    + price_class + +
    + string +
    +     		always +
    Price class of CloudFront distribution.
    +
    +
    Sample:
    +
    PriceClass_All
    +
    +
    + restrictions + +
    + complex +
    +     		always +
    Restrictions in use by CloudFront.
    +
    +
      +
    + geo_restriction + +
    + complex +
    +     		always +
    Controls the countries in which your content is distributed.
    +
    +
       +
    + items + +
    + list +
    +     		always +
    List of country codes allowed or disallowed.
    +
    +
    Sample:
    +
    xy
    +
       +
    + quantity + +
    + integer +
    +     		always +
    Count of restrictions.
    +
    +
    Sample:
    +
    1
    +
       +
    + restriction_type + +
    + string +
    +     		always +
    Type of restriction.
    +
    +
    Sample:
    +
    blacklist
    +
    +
    + status + +
    + string +
    +     		always +
    Status of the CloudFront distribution.
    +
    +
    Sample:
    +
    InProgress
    +
    +
    + tags + +
    + dictionary +
    +     		always +
    Distribution tags.
    +
    +
    Sample:
    +
    {'Hello': 'World'}
    +
    +
    + viewer_certificate + +
    + complex +
    +     		always +
    Certificate used by CloudFront distribution.
    +
    +
      +
    + acm_certificate_arn + +
    + string +
    +     		when certificate comes from ACM +
    ARN of ACM certificate.
    +
    +
    Sample:
    +
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    +
      +
    + certificate + +
    + string +
    +     		always +
    Reference to certificate.
    +
    +
    Sample:
    +
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    +
      +
    + certificate_source + +
    + string +
    +     		always +
    Where certificate comes from.
    +
    +
    Sample:
    +
    acm
    +
      +
    + minimum_protocol_version + +
    + string +
    +     		always +
    Minimum SSL/TLS protocol supported by this distribution.
    +
    +
    Sample:
    +
    TLSv1
    +
      +
    + ssl_support_method + +
    + string +
    +     		always +
    Support for pre-SNI browsers or not.
    +
    +
    Sample:
    +
    sni-only
    +
    +
    + web_acl_id + +
    + string +
    +     		always +
    ID of Web Access Control List (from WAF service).
    +
    +
    Sample:
    +
    abcd1234-1234-abcd-abcd-abcd12345678
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.cloudfront_info_module.rst b/docs/community.aws.cloudfront_info_module.rst new file mode 100644 index 00000000000..755189220fe --- /dev/null +++ b/docs/community.aws.cloudfront_info_module.rst @@ -0,0 +1,774 @@ +.. _community.aws.cloudfront_info_module: + + +***************************** +community.aws.cloudfront_info +***************************** + +**Obtain facts about an AWS CloudFront distribution** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets information about an AWS CloudFront distribution. +- This module was called ``cloudfront_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.cloudfront_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + all_lists + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get all CloudFront lists that do not require parameters.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + distribution + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about a distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    +
    + distribution_config + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get the configuration information about a distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    +
    + distribution_id + +
    + string +
    +     		+ +
    The id of the CloudFront distribution. Used with distribution, distribution_config, invalidation, streaming_distribution, streaming_distribution_config, list_invalidations.
    +
    +
    + domain_name_alias + +
    + string +
    +     		+ +
    Can be used instead of distribution_id - uses the aliased CNAME for the CloudFront distribution to get the distribution id where required.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + invalidation + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about an invalidation.
    +
    Requires invalidation_id to be specified.
    +
    +
    + invalidation_id + +
    + string +
    +     		+ +
    The id of the invalidation to get information about.
    +
    Used with invalidation.
    +
    +
    + list_distributions + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of CloudFront distributions.
    +
    +
    + list_distributions_by_web_acl_id + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of distributions using web acl id as a filter.
    +
    Requires web_acl_id to be set.
    +
    +
    + list_invalidations + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of invalidations.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    +
    + list_origin_access_identities + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of CloudFront origin access identities.
    +
    Requires origin_access_identity_id to be set.
    +
    +
    + list_streaming_distributions + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of streaming distributions.
    +
    +
    + origin_access_identity + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about an origin access identity.
    +
    Requires origin_access_identity_id to be specified.
    +
    +
    + origin_access_identity_config + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get the configuration information about an origin access identity.
    +
    Requires origin_access_identity_id to be specified.
    +
    +
    + origin_access_identity_id + +
    + string +
    +     		+ +
    The id of the CloudFront origin access identity to get information about.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + streaming_distribution + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about a specified RTMP distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    +
    + streaming_distribution_config + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get the configuration information about a specified RTMP distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    +
    + summary + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Returns a summary of all distributions, streaming distributions and origin_access_identities.
    +
    This is the default behaviour if no option is selected.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Get a summary of distributions + community.aws.cloudfront_info: + summary: true + register: result + + - name: Get information about a distribution + community.aws.cloudfront_info: + distribution: true + distribution_id: my-cloudfront-distribution-id + register: result_did + - debug: + msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" + + - name: Get information about a distribution using the CNAME of the cloudfront distribution. + community.aws.cloudfront_info: + distribution: true + domain_name_alias: www.my-website.com + register: result_website + - debug: + msg: "{{ result_website['cloudfront']['www.my-website.com'] }}" + + # When the module is called as cloudfront_facts, return values are published + # in ansible_facts['cloudfront'][] and can be used as follows. + # Note that this is deprecated and will stop working in Ansible 2.13. + - name: Gather facts + community.aws.cloudfront_facts: + distribution: true + distribution_id: my-cloudfront-distribution-id + - debug: + msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" + + - community.aws.cloudfront_facts: + distribution: true + domain_name_alias: www.my-website.com + - debug: + msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" + + - name: Get all information about an invalidation for a distribution. + community.aws.cloudfront_info: + invalidation: true + distribution_id: my-cloudfront-distribution-id + invalidation_id: my-cloudfront-invalidation-id + + - name: Get all information about a CloudFront origin access identity. + community.aws.cloudfront_info: + origin_access_identity: true + origin_access_identity_id: my-cloudfront-origin-access-identity-id + + - name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + community.aws.cloudfront_info: + origin_access_identity: true + origin_access_identity_id: my-cloudfront-origin-access-identity-id + + - name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) + community.aws.cloudfront_info: + all_lists: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + distribution + +
    + dictionary +
    +     		only if distribution is true +
    Facts about a CloudFront distribution. Requires distribution_id or domain_name_alias to be specified. Requires origin_access_identity_id to be set.
    +
    +
    +
    + distribution_config + +
    + dictionary +
    +     		only if distribution_config is true +
    Facts about a CloudFront distribution's config. Requires distribution_id or domain_name_alias to be specified.
    +
    +
    +
    + invalidation + +
    + dictionary +
    +     		only if invalidation is true +
    Describes the invalidation information for the distribution. Requires invalidation_id to be specified and either distribution_id or domain_name_alias.
    +
    +
    +
    + origin_access_identity + +
    + dictionary +
    +     		only if origin_access_identity is true +
    Describes the origin access identity information. Requires origin_access_identity_id to be set.
    +
    +
    +
    + origin_access_identity_configuration + +
    + dictionary +
    +     		only if origin_access_identity_configuration is true +
    Describes the origin access identity information configuration information. Requires origin_access_identity_id to be set.
    +
    +
    +
    + result + +
    + dictionary +
    +     		always +
    Result dict not nested under the CloudFront ID to access results of module without the knowledge of that id as figuring out the DistributionId is usually the reason one uses this module in the first place.
    +
    +
    +
    + streaming_distribution + +
    + dictionary +
    +     		only if streaming_distribution is true +
    Describes the streaming information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    +
    +
    +
    + streaming_distribution_config + +
    + dictionary +
    +     		only if streaming_distribution_config is true +
    Describes the streaming configuration information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    +
    +
    +
    + summary + +
    + dictionary +
    +     		as default or if summary is true +
    Gives a summary of distributions, streaming distributions and origin access identities.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) + + diff --git a/docs/community.aws.cloudfront_invalidation_module.rst b/docs/community.aws.cloudfront_invalidation_module.rst new file mode 100644 index 00000000000..4914417a929 --- /dev/null +++ b/docs/community.aws.cloudfront_invalidation_module.rst @@ -0,0 +1,505 @@ +.. _community.aws.cloudfront_invalidation_module: + + +************************************* +community.aws.cloudfront_invalidation +************************************* + +**create invalidations for AWS CloudFront distributions** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for invalidation of a batch of paths for a CloudFront distribution. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + alias + +
    + string +
    +     		+ +
    The alias of the CloudFront distribution to invalidate paths for. Can be specified instead of distribution_id.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + caller_reference + +
    + string +
    +     		+ Default:
    null
    +     		+
    A unique reference identifier for the invalidation paths.
    +
    Defaults to current datetime stamp.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + distribution_id + +
    + string +
    +     		+ +
    The ID of the CloudFront distribution to invalidate paths for. Can be specified instead of the alias.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + target_paths + +
    + list + / elements=string / required
    +     		+ +
    A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*'
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - does not support check mode + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: create a batch of invalidations using a distribution_id for a reference + community.aws.cloudfront_invalidation: + distribution_id: E15BU8SDCGSG57 + caller_reference: testing 123 + target_paths: + - /testpathone/test1.css + - /testpathtwo/test2.js + - /testpaththree/test3.ss + + - name: create a batch of invalidations using an alias as a reference and one path using a wildcard match + community.aws.cloudfront_invalidation: + alias: alias.test.com + caller_reference: testing 123 + target_paths: + - /testpathone/test4.css + - /testpathtwo/test5.js + - /testpaththree/* + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + invalidation + +
    + complex +
    +     		always +
    The invalidation's information.
    +
    +
      +
    + create_time + +
    + string +
    +     		always +
    The date and time the invalidation request was first made.
    +
    +
    Sample:
    +
    2018-02-01T15:50:41.159000+00:00
    +
      +
    + id + +
    + string +
    +     		always +
    The identifier for the invalidation request.
    +
    +
    Sample:
    +
    I2G9MOWJZFV612
    +
      +
    + invalidation_batch + +
    + complex +
    +     		always +
    The current invalidation information for the batch request.
    +
    +
       +
    + caller_reference + +
    + string +
    +     		always +
    The value used to uniquely identify an invalidation request.
    +
    +
    Sample:
    +
    testing 123
    +
       +
    + paths + +
    + complex +
    +     		always +
    A dict that contains information about the objects that you want to invalidate.
    +
    +
        +
    + items + +
    + list +
    +     		always +
    A list of the paths that you want to invalidate.
    +
    +
    Sample:
    +
    ['/testpathtwo/test2.js', '/testpathone/test1.css', '/testpaththree/test3.ss']
    +
        +
    + quantity + +
    + integer +
    +     		always +
    The number of objects that you want to invalidate.
    +
    +
    Sample:
    +
    3
    +
      +
    + status + +
    + string +
    +     		always +
    The status of the invalidation request.
    +
    +
    Sample:
    +
    Completed
    +
    +
    + location + +
    + string +
    +     		always +
    The fully qualified URI of the distribution and invalidation batch request.
    +
    +
    Sample:
    +
    https://cloudfront.amazonaws.com/2017-03-25/distribution/E1ZID6KZJECZY7/invalidation/I2G9MOWJZFV622
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) + + diff --git a/docs/community.aws.cloudfront_origin_access_identity_module.rst b/docs/community.aws.cloudfront_origin_access_identity_module.rst new file mode 100644 index 00000000000..505ae05d855 --- /dev/null +++ b/docs/community.aws.cloudfront_origin_access_identity_module.rst @@ -0,0 +1,455 @@ +.. _community.aws.cloudfront_origin_access_identity_module: + + +*********************************************** +community.aws.cloudfront_origin_access_identity +*********************************************** + +**Create, update and delete origin access identities for a CloudFront distribution** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for easy creation, updating and deletion of origin access identities. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.0.0 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + caller_reference + +
    + string +
    +     		+ +
    A unique identifier to reference the origin access identity by.
    +
    +
    + comment + +
    + string +
    +     		+ +
    A comment to describe the CloudFront origin access identity.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + origin_access_identity_id + +
    + string +
    +     		+ +
    The origin_access_identity_id of the CloudFront distribution.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    If the named resource should exist.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - Does not support check mode. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: create an origin access identity + community.aws.cloudfront_origin_access_identity: + state: present + caller_reference: this is an example reference + comment: this is an example comment + + - name: update an existing origin access identity using caller_reference as an identifier + community.aws.cloudfront_origin_access_identity: + origin_access_identity_id: E17DRN9XUOAHZX + caller_reference: this is an example reference + comment: this is a new comment + + - name: delete an existing origin access identity using caller_reference as an identifier + community.aws.cloudfront_origin_access_identity: + state: absent + caller_reference: this is an example reference + comment: this is a new comment + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + cloud_front_origin_access_identity + +
    + complex +
    +     		always +
    The origin access identity's information.
    +
    +
      +
    + cloud_front_origin_access_identity_config + +
    + complex +
    +     		always +
    describes a url specifying the origin access identity.
    +
    +
       +
    + caller_reference + +
    + string +
    +     		always +
    a caller reference for the oai
    +
    +
       +
    + comment + +
    + string +
    +     		always +
    a comment describing the oai
    +
    +
      +
    + id + +
    + string +
    +     		always +
    a unique identifier of the oai
    +
    +
      +
    + s3_canonical_user_id + +
    + string +
    +     		always +
    the canonical user ID of the user who created the oai
    +
    +
    +
    + e_tag + +
    + string +
    +     		always +
    The current version of the origin access identity created.
    +
    +
    +
    + location + +
    + string +
    +     		when initially created +
    The fully qualified URI of the new origin access identity just created.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Willem van Ketwich (@wilvk) + + diff --git a/docs/community.aws.cloudtrail_module.rst b/docs/community.aws.cloudtrail_module.rst new file mode 100644 index 00000000000..3d904ff00b2 --- /dev/null +++ b/docs/community.aws.cloudtrail_module.rst @@ -0,0 +1,850 @@ +.. _community.aws.cloudtrail_module: + + +************************ +community.aws.cloudtrail +************************ + +**manage CloudTrail create, delete, update** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, deletes, or updates CloudTrail configuration. Ensures logging is also enabled. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cloudwatch_logs_log_group_arn + +
    + string +
    +     		+ +
    A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.
    + +
    Required when cloudwatch_logs_role_arn.
    +
    +
    + cloudwatch_logs_role_arn + +
    + string +
    +     		+ +
    Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.
    + +
    Required when cloudwatch_logs_log_group_arn.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + enable_log_file_validation + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies whether log file integrity validation is enabled.
    +
    CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.
    +

    aliases: log_file_validation_enabled
    +
    +
    + enable_logging + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
    +
    +
    + include_global_events + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Record API calls from global services such as IAM and STS.
    +

    aliases: include_global_service_events
    +
    +
    + is_multi_region_trail + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specify whether the trail belongs only to one region or exists in all regions.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.
    +
    The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
    + +
    +
    + name + +
    + string +
    +     		+ Default:
    "default"
    +     		+
    Name for the CloudTrail.
    +
    Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + s3_bucket_name + +
    + string +
    +     		+ +
    An existing S3 bucket where CloudTrail will deliver log files.
    +
    This bucket should exist and have the proper policy.
    + +
    Required when state=present.
    +
    +
    + s3_key_prefix + +
    + string +
    +     		+ +
    S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + sns_topic_name + +
    + string +
    +     		+ +
    SNS Topic name to send notifications to when a log file is delivered.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • enabled
      • +
    • disabled
      • +
    +     		+
    Add or remove CloudTrail configuration.
    +
    The following states have been preserved for backwards compatibility: state=enabled and state=disabled.
    +
    state=enabled is equivalet to state=present.
    +
    state=disabled is equivalet to state=absent.
    +
    +
    + tags + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A hash/dictionary of tags to be applied to the CloudTrail resource.
    +
    Remove completely or specify an empty dictionary to remove all tags.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create single region cloudtrail + community.aws.cloudtrail: + state: present + name: default + s3_bucket_name: mylogbucket + s3_key_prefix: cloudtrail + region: us-east-1 + + - name: create multi-region trail with validation and tags + community.aws.cloudtrail: + state: present + name: default + s3_bucket_name: mylogbucket + region: us-east-1 + is_multi_region_trail: true + enable_log_file_validation: true + cloudwatch_logs_role_arn: "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role" + cloudwatch_logs_log_group_arn: "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*" + kms_key_id: "alias/MyAliasName" + tags: + environment: dev + Name: default + + - name: show another valid kms_key_id + community.aws.cloudtrail: + state: present + name: default + s3_bucket_name: mylogbucket + kms_key_id: "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012" + # simply "12345678-1234-1234-1234-123456789012" would be valid too. + + - name: pause logging the trail we just created + community.aws.cloudtrail: + state: present + name: default + enable_logging: false + s3_bucket_name: mylogbucket + region: us-east-1 + is_multi_region_trail: true + enable_log_file_validation: true + tags: + environment: dev + Name: default + + - name: delete a trail + community.aws.cloudtrail: + state: absent + name: default + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + exists + +
    + boolean +
    +     		always +
    whether the resource exists
    +
    +
    Sample:
    +
    True
    +
    +
    + trail + +
    + complex +
    +     		always +
    CloudTrail resource details
    +
    +
    Sample:
    +
    hash/dictionary of values
    +
      +
    + cloud_watch_logs_log_group_arn + +
    + string +
    +     		success when present +
    Full ARN of the CloudWatch Logs log group where events are delivered.
    +
    +
    Sample:
    +
    arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*
    +
      +
    + cloud_watch_logs_role_arn + +
    + string +
    +     		success when present +
    Full ARN of the IAM role that CloudTrail assumes to deliver events.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role
    +
      +
    + has_custom_event_selectors + +
    + boolean +
    +     		success +
    Whether any custom event selectors are used for this trail.
    +
    +
      +
    + home_region + +
    + string +
    +     		success +
    The home region where the trail was originally created and must be edited.
    +
    +
    Sample:
    +
    us-east-1
    +
      +
    + include_global_service_events + +
    + boolean +
    +     		success +
    Whether global services (IAM, STS) are logged with this trail
    +
    +
    Sample:
    +
    True
    +
      +
    + is_logging + +
    + boolean +
    +     		success +
    Whether logging is turned on or paused for the Trail
    +
    +
    Sample:
    +
    True
    +
      +
    + is_multi_region_trail + +
    + boolean +
    +     		success +
    Whether the trail applies to all regions or just one
    +
    +
    Sample:
    +
    True
    +
      +
    + kms_key_id + +
    + string +
    +     		success when present +
    Full ARN of the KMS Key used to encrypt log files.
    +
    +
    Sample:
    +
    arn:aws:kms::123456789012:key/12345678-1234-1234-1234-123456789012
    +
      +
    + log_file_validation_enabled + +
    + boolean +
    +     		success +
    Whether log file validation is enabled on the trail
    +
    +
    Sample:
    +
    True
    +
      +
    + name + +
    + string +
    +     		success +
    Name of the CloudTrail resource
    +
    +
    Sample:
    +
    default
    +
      +
    + s3_bucket_name + +
    + string +
    +     		success +
    S3 bucket name where log files are delivered
    +
    +
    Sample:
    +
    myBucket
    +
      +
    + s3_key_prefix + +
    + string +
    +     		success when present +
    Key prefix in bucket where log files are delivered (if any)
    +
    +
    Sample:
    +
    myKeyPrefix
    +
      +
    + sns_topic_arn + +
    + string +
    +     		success when present +
    Full ARN of the SNS topic where log delivery notifications are sent.
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-1:123456789012:topic/myTopic
    +
      +
    + sns_topic_name + +
    + string +
    +     		success when present +
    The SNS topic name where log delivery notifications are sent.
    +
    +
    Sample:
    +
    myTopic
    +
      +
    + tags + +
    + dictionary +
    +     		success +
    hash/dictionary of tags applied to this resource
    +
    +
    Sample:
    +
    {'environment': 'dev', 'Name': 'default'}
    +
      +
    + trail_arn + +
    + string +
    +     		success +
    Full ARN of the CloudTrail resource
    +
    +
    Sample:
    +
    arn:aws:cloudtrail:us-east-1:123456789012:trail/default
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ansible Core Team +- Ted Timmons (@tedder) +- Daniel Shepherd (@shepdelacreme) + + diff --git a/docs/community.aws.cloudwatchevent_rule_module.rst b/docs/community.aws.cloudwatchevent_rule_module.rst new file mode 100644 index 00000000000..a2916b54e84 --- /dev/null +++ b/docs/community.aws.cloudwatchevent_rule_module.rst @@ -0,0 +1,543 @@ +.. _community.aws.cloudwatchevent_rule_module: + + +********************************** +community.aws.cloudwatchevent_rule +********************************** + +**Manage CloudWatch Event rules and targets** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module creates and manages CloudWatch event rules and targets. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A description of the rule.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + event_pattern + +
    + string +
    +     		+ +
    A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match [\.\-_A-Za-z0-9]+).
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the IAM role associated with the rule.
    +
    +
    + schedule_expression + +
    + string +
    +     		+ +
    A cron or rate expression that defines the schedule the rule will trigger on. For example, cron(0 20 * * ? *), rate(5 minutes).
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • disabled
      • +
    • absent
      • +
    +     		+
    Whether the rule is present (and enabled), disabled, or absent.
    +
    +
    + targets + +
    + list + / elements=dictionary
    +     		+ +
    A list of targets to add to or update for the rule.
    +
    +
    + arn + +
    + string + / required
    +     		+ +
    The ARN associated with the target.
    +
    +
    + ecs_parameters + +
    + dictionary +
    +     		+ +
    Contains the ECS task definition and task count to be used, if the event target is an ECS task.
    +
    +
    + task_count + +
    + integer +
    +     		+ +
    The number of tasks to create based on task_definition.
    +
    +
    + task_definition_arn + +
    + string +
    +     		+ +
    The full ARN of the task definition.
    +
    +
    + id + +
    + string + / required
    +     		+ +
    The unique target assignment ID.
    +
    +
    + input + +
    + string +
    +     		+ +
    A JSON object that will override the event data when passed to the target.
    +
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    +
    +
    + input_path + +
    + string +
    +     		+ +
    A JSONPath string (e.g. $.detail) that specifies the part of the event data to be passed to the target.
    +
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    The ARN of the IAM role to be used for this target when the rule is triggered.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - A rule must contain at least an *event_pattern* or *schedule_expression*. A rule can have both an *event_pattern* and a *schedule_expression*, in which case the rule will trigger on matching events as well as on a schedule. + - When specifying targets, *input* and *input_path* are mutually-exclusive and optional parameters. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - community.aws.cloudwatchevent_rule: + name: MyCronTask + schedule_expression: "cron(0 20 * * ? *)" + description: Run my scheduled task + targets: + - id: MyTargetId + arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction + + - community.aws.cloudwatchevent_rule: + name: MyDisabledCronTask + schedule_expression: "rate(5 minutes)" + description: Run my disabled scheduled task + state: disabled + targets: + - id: MyOtherTargetId + arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction + input: '{"foo": "bar"}' + + - community.aws.cloudwatchevent_rule: + name: MyCronTask + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + rule + +
    + dictionary +
    +     		success +
    CloudWatch Event rule data.
    +
    +
    Sample:
    +
    {'arn': 'arn:aws:events:us-east-1:123456789012:rule/MyCronTask', 'description': 'Run my scheduled task', 'name': 'MyCronTask', 'schedule_expression': 'cron(0 20 * * ? *)', 'state': 'ENABLED'}
    +
    +
    + targets + +
    + list +
    +     		success +
    CloudWatch Event target(s) assigned to the rule.
    +
    +
    Sample:
    +
    [{ 'arn': 'arn:aws:lambda:us-east-1:123456789012:function:MyFunction', 'id': 'MyTargetId' }]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jim Dalton (@jsdalton) + + diff --git a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst new file mode 100644 index 00000000000..5208cf28a0c --- /dev/null +++ b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst @@ -0,0 +1,390 @@ +.. _community.aws.cloudwatchlogs_log_group_info_module: + + +******************************************* +community.aws.cloudwatchlogs_log_group_info +******************************************* + +**Get information about log_group in CloudWatchLogs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Lists the specified log groups. You can list all your log groups or filter the results by prefix. +- This module was called ``cloudwatchlogs_log_group_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + log_group_name + +
    + string +
    +     		+ +
    The name or prefix of the log group to filter by.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + - community.aws.cloudwatchlogs_log_group_info: + log_group_name: test-log-group + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + log_groups + +
    + complex +
    +     		success +
    Return the list of complex objects representing log groups
    +
    +
      +
    + arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the log group.
    +
    +
      +
    + creation_time + +
    + integer +
    +     		always +
    The creation time of the log group.
    +
    +
      +
    + kms_key_id + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    +
    +
      +
    + log_group_name + +
    + string +
    +     		always +
    The name of the log group.
    +
    +
      +
    + metric_filter_count + +
    + integer +
    +     		always +
    The number of metric filters.
    +
    +
      +
    + retention_in_days + +
    + integer +
    +     		always +
    The number of days to retain the log events in the specified log group.
    +
    +
      +
    + stored_bytes + +
    + string +
    +     		always +
    The number of bytes stored.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Willian Ricardo (@willricardo) + + diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst new file mode 100644 index 00000000000..b31b096d815 --- /dev/null +++ b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst @@ -0,0 +1,421 @@ +.. _community.aws.cloudwatchlogs_log_group_metric_filter_module: + + +**************************************************** +community.aws.cloudwatchlogs_log_group_metric_filter +**************************************************** + +**Manage CloudWatch log group metric filter** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modify and delete CloudWatch log group metric filter. +- CloudWatch log group metric filter can be use with :ref:`community.aws.ec2_metric_alarm `. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filter_name + +
    + string + / required
    +     		+ +
    A name for the metric filter you create.
    +
    +
    + filter_pattern + +
    + string +
    +     		+ +
    A filter pattern for extracting metric data out of ingested log events. Required when state=present.
    +
    +
    + log_group_name + +
    + string + / required
    +     		+ +
    The name of the log group where the metric filter is applied on.
    +
    +
    + metric_transformation + +
    + dictionary +
    +     		+ +
    A collection of information that defines how metric data gets emitted. Required when state=present.
    +
    +
    + default_value + +
    + float +
    +     		+ +
    The value to emit when a filter pattern does not match a log event.
    +
    +
    + metric_name + +
    + string +
    +     		+ +
    The name of the cloudWatch metric.
    +
    +
    + metric_namespace + +
    + string +
    +     		+ +
    The namespace of the cloudWatch metric.
    +
    +
    + metric_value + +
    + string +
    +     		+ +
    The value to publish to the cloudWatch metric when a filter pattern matches a log event.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Whether the rule is present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: set metric filter on log group /fluentd/testcase + community.aws.cloudwatchlogs_log_group_metric_filter: + log_group_name: /fluentd/testcase + filter_name: BoxFreeStorage + filter_pattern: '{($.value = *) && ($.hostname = "box")}' + state: present + metric_transformation: + metric_name: box_free_space + metric_namespace: fluentd_metrics + metric_value: "$.value" + + - name: delete metric filter on log group /fluentd/testcase + community.aws.cloudwatchlogs_log_group_metric_filter: + log_group_name: /fluentd/testcase + filter_name: BoxFreeStorage + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + metric_filters + +
    + list +
    +     		success +
    Return the origin response value
    +
    +
    Sample:
    +
    [{'default_value': 3.1415, 'metric_name': 'box_free_space', 'metric_namespace': 'made_with_ansible', 'metric_value': '$.value'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Markus Bergholz (@markuman) + + diff --git a/docs/community.aws.cloudwatchlogs_log_group_module.rst b/docs/community.aws.cloudwatchlogs_log_group_module.rst new file mode 100644 index 00000000000..dd4963ec230 --- /dev/null +++ b/docs/community.aws.cloudwatchlogs_log_group_module.rst @@ -0,0 +1,514 @@ +.. _community.aws.cloudwatchlogs_log_group_module: + + +************************************** +community.aws.cloudwatchlogs_log_group +************************************** + +**create or delete log_group in CloudWatchLogs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete log_group in CloudWatchLogs. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    +
    +
    + log_group_name + +
    + string + / required
    +     		+ +
    The name of the log group.
    +
    +
    + overwrite + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether an existing log group should be overwritten on create.
    +
    Mutually exclusive with purge_retention_policy.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_retention_policy + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to purge the retention policy or not.
    +
    Mutually exclusive with retention and overwrite.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + retention + +
    + integer +
    +     		+ +
    The number of days to retain the log events in the specified log group.
    +
    Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
    +
    Mutually exclusive with purge_retention_policy.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the rule is present or absent.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    The key-value pairs to use for the tags.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/logs.html. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - community.aws.cloudwatchlogs_log_group: + log_group_name: test-log-group + + - community.aws.cloudwatchlogs_log_group: + state: present + log_group_name: test-log-group + tags: { "Name": "test-log-group", "Env" : "QA" } + + - community.aws.cloudwatchlogs_log_group: + state: present + log_group_name: test-log-group + tags: { "Name": "test-log-group", "Env" : "QA" } + kms_key_id: arn:aws:kms:region:account-id:key/key-id + + - community.aws.cloudwatchlogs_log_group: + state: absent + log_group_name: test-log-group + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + log_groups + +
    + complex +
    +     		success +
    Return the list of complex objects representing log groups
    +
    +
      +
    + arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the log group.
    +
    +
      +
    + creation_time + +
    + integer +
    +     		always +
    The creation time of the log group.
    +
    +
      +
    + kms_key_id + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    +
    +
      +
    + log_group_name + +
    + string +
    +     		always +
    The name of the log group.
    +
    +
      +
    + metric_filter_count + +
    + integer +
    +     		always +
    The number of metric filters.
    +
    +
      +
    + retention_in_days + +
    + integer +
    +     		always +
    The number of days to retain the log events in the specified log group.
    +
    +
      +
    + stored_bytes + +
    + string +
    +     		always +
    The number of bytes stored.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Willian Ricardo (@willricardo) + + diff --git a/docs/community.aws.data_pipeline_module.rst b/docs/community.aws.data_pipeline_module.rst new file mode 100644 index 00000000000..46777ae9482 --- /dev/null +++ b/docs/community.aws.data_pipeline_module.rst @@ -0,0 +1,674 @@ +.. _community.aws.data_pipeline_module: + + +*************************** +community.aws.data_pipeline +*************************** + +**Create and manage AWS Datapipelines** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create and manage AWS Datapipelines. Creation is not idempotent in AWS, so the ``uniqueId`` is created by hashing the options (minus objects) given to the datapipeline. +- The pipeline definition must be in the format given here https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutPipelineDefinition.html#API_PutPipelineDefinition_RequestSyntax. +- Operations will wait for a configurable amount of time to ensure the pipeline is in the requested state. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ Default:
    ""
    +     		+
    An optional description for the pipeline being created.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the Datapipeline to create/modify/delete.
    +
    +
    + objects + +
    + list + / elements=dictionary
    +     		+ +
    A list of pipeline object definitions, each of which is a dict that takes the keys id, name and fields.
    +
    +
    + fields + +
    + list + / elements=dictionary
    +     		+ +
    Key-value pairs that define the properties of the object.
    +
    The value is specified as a reference to another object refValue or as a string value stringValue but not as both.
    +
    +
    + key + +
    + string +
    +     		+ +
    The field identifier.
    +
    +
    + refValue + +
    + string +
    +     		+ +
    The field value, expressed as the identifier of another object.
    +
    Exactly one of stringValue and refValue may be specified.
    +
    +
    + stringValue + +
    + string +
    +     		+ +
    The field value.
    +
    Exactly one of stringValue and refValue may be specified.
    +
    +
    + id + +
    + string +
    +     		+ +
    The ID of the object.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the object.
    +
    +
    + parameters + +
    + list + / elements=dictionary
    +     		+ +
    A list of parameter objects (dicts) in the pipeline definition.
    +
    +
    + attributes + +
    + list + / elements=dictionary
    +     		+ +
    A list of attributes (dicts) of the parameter object.
    +
    +
    + key + +
    + string +
    +     		+ +
    The field identifier.
    +
    +
    + stringValue + +
    + string +
    +     		+ +
    The field value.
    +
    +
    + id + +
    + - +
    +     		+ +
    The ID of the parameter object.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • active
      • +
    • inactive
      • +
    +     		+
    The requested state of the pipeline.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dict of key:value pair(s) to add to the pipeline.
    +
    +
    + timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + values + +
    + list + / elements=dictionary
    +     		+ +
    A list of parameter values (dicts) in the pipeline definition.
    +
    +
    + id + +
    + string +
    +     		+ +
    The ID of the parameter value
    +
    +
    + stringValue + +
    + string +
    +     		+ +
    The field value
    +
    +
    + version + +
    + string +
    +     		+ +
    The version option has never had any effect and will be removed after 2022-06-01.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create pipeline + - community.aws.data_pipeline: + name: test-dp + region: us-west-2 + objects: "{{pipelineObjects}}" + parameters: "{{pipelineParameters}}" + values: "{{pipelineValues}}" + tags: + key1: val1 + key2: val2 + state: present + + # Example populating and activating a pipeline that demonstrates two ways of providing pipeline objects + - community.aws.data_pipeline: + name: test-dp + objects: + - "id": "DefaultSchedule" + "name": "Every 1 day" + "fields": + - "key": "period" + "stringValue": "1 days" + - "key": "type" + "stringValue": "Schedule" + - "key": "startAt" + "stringValue": "FIRST_ACTIVATION_DATE_TIME" + - "id": "Default" + "name": "Default" + "fields": [ { "key": "resourceRole", "stringValue": "my_resource_role" }, + { "key": "role", "stringValue": "DataPipelineDefaultRole" }, + { "key": "pipelineLogUri", "stringValue": "s3://my_s3_log.txt" }, + { "key": "scheduleType", "stringValue": "cron" }, + { "key": "schedule", "refValue": "DefaultSchedule" }, + { "key": "failureAndRerunMode", "stringValue": "CASCADE" } ] + state: active + + # Activate pipeline + - community.aws.data_pipeline: + name: test-dp + region: us-west-2 + state: active + + # Delete pipeline + - community.aws.data_pipeline: + name: test-dp + region: us-west-2 + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    whether the data pipeline has been modified
    +
    +
    Sample:
    +
    {'changed': True}
    +
    +
    + result + +
    + dictionary +
    +     		always +
    Contains the data pipeline data (data_pipeline) and a return message (msg). If the data pipeline exists data_pipeline will contain the keys description, name, pipeline_id, state, tags, and unique_id. If the data pipeline does not exist then data_pipeline will be an empty dict. The msg describes the status of the operation.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Raghu Udiyar (@raags) +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.dms_endpoint_module.rst b/docs/community.aws.dms_endpoint_module.rst new file mode 100644 index 00000000000..553634a530a --- /dev/null +++ b/docs/community.aws.dms_endpoint_module.rst @@ -0,0 +1,650 @@ +.. _community.aws.dms_endpoint_module: + + +************************** +community.aws.dms_endpoint +************************** + +**Creates or destroys a data migration services endpoint** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or destroys a data migration services endpoint, that can be used to replicate data. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + certificatearn + +
    + string +
    +     		+ +
    Amazon Resource Name (ARN) for the certificate.
    +
    +
    + databasename + +
    + string +
    +     		+ +
    Name for the database on the origin or target side.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + dmstransfersettings + +
    + dictionary +
    +     		+ +
    The settings in JSON format for the DMS transfer type of source endpoint.
    +
    +
    + dynamodbsettings + +
    + dictionary +
    +     		+ +
    Settings in JSON format for the target Amazon DynamoDB endpoint if source or target is dynamodb.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + elasticsearchsettings + +
    + dictionary +
    +     		+ +
    Settings in JSON format for the target Elasticsearch endpoint.
    +
    +
    + endpointidentifier + +
    + string + / required
    +     		+ +
    An identifier name for the endpoint.
    +
    +
    + endpointtype + +
    + string + / required
    +     		+
      Choices: +
    • source
      • +
    • target
      • +
    +     		+
    Type of endpoint we want to manage.
    +
    +
    + enginename + +
    + string + / required
    +     		+
      Choices: +
    • mysql
      • +
    • oracle
      • +
    • postgres
      • +
    • mariadb
      • +
    • aurora
      • +
    • redshift
      • +
    • s3
      • +
    • db2
      • +
    • azuredb
      • +
    • sybase
      • +
    • dynamodb
      • +
    • mongodb
      • +
    • sqlserver
      • +
    +     		+
    Database engine that we want to use, please refer to the AWS DMS for more information on the supported engines and their limitations.
    +
    +
    + externaltabledefinition + +
    + string +
    +     		+ +
    The external table definition.
    +
    +
    + extraconnectionattributes + +
    + string +
    +     		+ +
    Extra attributes for the database connection, the AWS documentation states " For more information about extra connection attributes, see the documentation section for your data store."
    +
    +
    + kinesissettings + +
    + dictionary +
    +     		+ +
    Settings in JSON format for the target Amazon Kinesis Data Streams endpoint.
    +
    +
    + kmskeyid + +
    + string +
    +     		+ +
    Encryption key to use to encrypt replication storage and connection information.
    +
    +
    + mongodbsettings + +
    + dictionary +
    +     		+ +
    Settings in JSON format for the source MongoDB endpoint.
    +
    +
    + password + +
    + string +
    +     		+ +
    Password used to connect to the database this attribute can only be written the AWS API does not return this parameter.
    +
    +
    + port + +
    + integer +
    +     		+ +
    TCP port for access to the database.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + retries + +
    + integer +
    +     		+ +
    number of times we should retry when deleting a resource
    +
    Required when wait=true.
    +
    +
    + s3settings + +
    + dictionary +
    +     		+ +
    S3 buckets settings for the target Amazon S3 endpoint.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + servername + +
    + string +
    +     		+ +
    Servername that the endpoint will connect to.
    +
    +
    + serviceaccessrolearn + +
    + string +
    +     		+ +
    Amazon Resource Name (ARN) for the service access role that you want to use to create the endpoint.
    +
    +
    + sslmode + +
    + string +
    +     		+
      Choices: +
    • none ←
      • +
    • require
      • +
    • verify-ca
      • +
    • verify-full
      • +
    +     		+
    Mode used for the SSL connection.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    State of the endpoint.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A list of tags to add to the endpoint.
    +
    +
    + timeout + +
    + integer +
    +     		+ +
    Time in seconds we should wait for when deleting a resource.
    +
    Required when wait=true.
    +
    +
    + username + +
    + string +
    +     		+ +
    Username our endpoint will use to connect to the database.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether Ansible should wait for the object to be deleted when state=absent.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details + - name: Endpoint Creation + community.aws.dms_endpoint: + state: absent + endpointidentifier: 'testsource' + endpointtype: source + enginename: aurora + username: testing1 + password: testint1234 + servername: testing.domain.com + port: 3306 + databasename: 'testdb' + sslmode: none + wait: false + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rui Moreira (@ruimoreira) + + diff --git a/docs/community.aws.dms_replication_subnet_group_module.rst b/docs/community.aws.dms_replication_subnet_group_module.rst new file mode 100644 index 00000000000..20af60ff471 --- /dev/null +++ b/docs/community.aws.dms_replication_subnet_group_module.rst @@ -0,0 +1,295 @@ +.. _community.aws.dms_replication_subnet_group_module: + + +****************************************** +community.aws.dms_replication_subnet_group +****************************************** + +**creates or destroys a data migration services subnet group** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or destroys a data migration services subnet group. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string + / required
    +     		+ +
    The description for the subnet group.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + identifier + +
    + string + / required
    +     		+ +
    The name for the replication subnet group. This value is stored as a lowercase string. Must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens. Must not be "default".
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    State of the subnet group.
    +
    +
    + subnet_ids + +
    + list + / elements=string / required
    +     		+ +
    A list containing the subnet ids for the replication subnet group, needs to be at least 2 items in the list.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - community.aws.dms_replication_subnet_group: + state: present + identifier: "dev-sngroup" + description: "Development Subnet Group asdasdas" + subnet_ids: ['subnet-id1','subnet-id2'] + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rui Moreira (@ruimoreira) + + diff --git a/docs/community.aws.dynamodb_table_module.rst b/docs/community.aws.dynamodb_table_module.rst new file mode 100644 index 00000000000..065a4ccbbce --- /dev/null +++ b/docs/community.aws.dynamodb_table_module.rst @@ -0,0 +1,635 @@ +.. _community.aws.dynamodb_table_module: + + +**************************** +community.aws.dynamodb_table +**************************** + +**Create, update or delete AWS Dynamo DB tables** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete AWS Dynamo DB tables. +- Can update the provisioned throughput on existing tables. +- Returns the status of the specified table. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto >= 2.37.0 +- boto3 >= 1.4.4 (for tagging) +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + hash_key_name + +
    + string +
    +     		+ +
    Name of the hash key.
    +
    Required when state=present.
    +
    +
    + hash_key_type + +
    + string +
    +     		+
      Choices: +
    • STRING ←
      • +
    • NUMBER
      • +
    • BINARY
      • +
    +     		+
    Type of the hash key.
    +
    +
    + indexes + +
    + list + / elements=dictionary
    +     		+ Default:
    []
    +     		+
    list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.
    +
    required options: ['name', 'type', 'hash_key_name']
    +
    other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
    +
    +
    + hash_key_name + +
    + string + / required
    +     		+ +
    The name of the hash-based key.
    +
    +
    + hash_key_type + +
    + string +
    +     		+ +
    The type of the hash-based key.
    +
    +
    + includes + +
    + list +
    +     		+ +
    A list of fields to include when using global_include or include indexes.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the index.
    +
    +
    + range_key_name + +
    + string +
    +     		+ +
    The name of the range-based key.
    +
    +
    + range_key_type + +
    + string +
    +     		+ +
    The type of the range-based key.
    +
    +
    + read_capacity + +
    + integer +
    +     		+ +
    Read throughput capacity (units) to provision for the index.
    +
    +
    + type + +
    + string + / required
    +     		+ +
    The type of index.
    +
    Valid types: all, global_all, global_include, global_keys_only, include, keys_only
    +
    +
    + write_capacity + +
    + integer +
    +     		+ +
    Write throughput capacity (units) to provision for the index.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the table.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + range_key_name + +
    + string +
    +     		+ +
    Name of the range key.
    +
    +
    + range_key_type + +
    + string +
    +     		+
      Choices: +
    • STRING ←
      • +
    • NUMBER
      • +
    • BINARY
      • +
    +     		+
    Type of the range key.
    +
    +
    + read_capacity + +
    + integer +
    +     		+ Default:
    1
    +     		+
    Read throughput capacity (units) to provision.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete the table.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag.
    +
    For example: {"key":"value"} and {"key":"value","key2":"value2"}
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait_for_active_timeout + +
    + integer +
    +     		+ Default:
    60
    +     		+
    how long before wait gives up, in seconds. only used when tags is set
    +
    +
    + write_capacity + +
    + integer +
    +     		+ Default:
    1
    +     		+
    Write throughput capacity (units) to provision.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create dynamo table with hash and range primary key + community.aws.dynamodb_table: + name: my-table + region: us-east-1 + hash_key_name: id + hash_key_type: STRING + range_key_name: create_time + range_key_type: NUMBER + read_capacity: 2 + write_capacity: 2 + tags: + tag_name: tag_value + + - name: Update capacity on existing dynamo table + community.aws.dynamodb_table: + name: my-table + region: us-east-1 + read_capacity: 10 + write_capacity: 10 + + - name: set index on existing dynamo table + community.aws.dynamodb_table: + name: my-table + region: us-east-1 + indexes: + - name: NamedIndex + type: global_include + hash_key_name: id + range_key_name: create_time + includes: + - other_field + - other_field2 + read_capacity: 10 + write_capacity: 10 + + - name: Delete dynamo table + community.aws.dynamodb_table: + name: my-table + region: us-east-1 + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + table_status + +
    + string +
    +     		success +
    The current status of the table.
    +
    +
    Sample:
    +
    ACTIVE
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Alan Loi (@loia) + + diff --git a/docs/community.aws.dynamodb_ttl_module.rst b/docs/community.aws.dynamodb_ttl_module.rst new file mode 100644 index 00000000000..21ec3e97f24 --- /dev/null +++ b/docs/community.aws.dynamodb_ttl_module.rst @@ -0,0 +1,322 @@ +.. _community.aws.dynamodb_ttl_module: + + +************************** +community.aws.dynamodb_ttl +************************** + +**Set TTL for a given DynamoDB table** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Uses boto3 to set TTL. +- Requires botocore version 1.5.24 or higher. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore>=1.5.24 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + attribute_name + +
    + string + / required
    +     		+ +
    The name of the Time To Live attribute used to store the expiration time for items in the table.
    +
    This appears to be required by the API even when disabling TTL.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • enable
      • +
    • disable
      • +
    +     		+
    State to set DynamoDB table to.
    +
    +
    + table_name + +
    + string + / required
    +     		+ +
    Name of the DynamoDB table to work on.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: enable TTL on my cowfacts table + community.aws.dynamodb_ttl: + state: enable + table_name: cowfacts + attribute_name: cow_deleted_date + + - name: disable TTL on my cowfacts table + community.aws.dynamodb_ttl: + state: disable + table_name: cowfacts + attribute_name: cow_deleted_date + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + current_status + +
    + dictionary +
    +     		always +
    current or new TTL specification.
    +
    +
    Sample:
    +
    [{'AttributeName': 'deploy_timestamp', 'TimeToLiveStatus': 'ENABLED'}, {'AttributeName': 'deploy_timestamp', 'Enabled': True}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ted Timmons (@tedder) + + diff --git a/docs/community.aws.ec2_ami_copy_module.rst b/docs/community.aws.ec2_ami_copy_module.rst new file mode 100644 index 00000000000..b9a524a78e9 --- /dev/null +++ b/docs/community.aws.ec2_ami_copy_module.rst @@ -0,0 +1,472 @@ +.. _community.aws.ec2_ami_copy_module: + + +************************** +community.aws.ec2_ami_copy +************************** + +**copies AMI between AWS regions, return new image id** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Copies AMI from a source region to a destination region. **Since version 2.3 this module depends on boto3.** + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    An optional human-readable string describing the contents and purpose of the new AMI.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + encrypted + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not the destination snapshots of the copied AMI should be encrypted.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
    +
    +
    + name + +
    + string +
    +     		+ Default:
    "default"
    +     		+
    The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + source_image_id + +
    + string + / required
    +     		+ +
    The ID of the AMI in source region that should be copied.
    +
    +
    + source_region + +
    + string + / required
    +     		+ +
    The source region the AMI should be copied from.
    +
    +
    + tag_equality + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use tags if the source AMI already exists in the target region. If this is set, and all tags match in an existing AMI, the AMI will not be copied again.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A hash/dictionary of tags to add to the new copied AMI: {"key":"value"} and {"key":"value","key":"value"}
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for the copied AMI to be in state 'available' before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    600
    +     		+
    How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
    +
    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Basic AMI Copy + community.aws.ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + + - name: AMI copy wait until available + community.aws.ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + wait: yes + wait_timeout: 1200 # Default timeout is 600 + register: image_id + + - name: Named AMI copy + community.aws.ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + name: My-Awesome-AMI + description: latest patch + + - name: Tagged AMI copy (will not copy the same AMI twice) + community.aws.ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + tags: + Name: My-Super-AMI + Patch: 1.2.3 + tag_equality: yes + + - name: Encrypted AMI copy + community.aws.ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + encrypted: yes + + - name: Encrypted AMI copy with specified key + community.aws.ec2_ami_copy: + source_region: us-east-1 + region: eu-west-1 + source_image_id: ami-xxxxxxx + encrypted: yes + kms_key_id: arn:aws:kms:us-east-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + image_id + +
    + string +
    +     		always +
    AMI ID of the copied AMI
    +
    +
    Sample:
    +
    ami-e689729e
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Amir Moulavi (@amir343) +- Tim C (@defunctio) + + diff --git a/docs/community.aws.ec2_asg_info_module.rst b/docs/community.aws.ec2_asg_info_module.rst new file mode 100644 index 00000000000..aa6e6fdcda2 --- /dev/null +++ b/docs/community.aws.ec2_asg_info_module.rst @@ -0,0 +1,667 @@ +.. _community.aws.ec2_asg_info_module: + + +************************** +community.aws.ec2_asg_info +************************** + +**Gather information about ec2 Auto Scaling Groups (ASGs) in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +- This module was called ``ec2_asg_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    The prefix or name of the auto scaling group(s) you are searching for.
    +
    Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Find all groups + community.aws.ec2_asg_info: + register: asgs + + - name: Find a group with matching name/prefix + community.aws.ec2_asg_info: + name: public-webserver-asg + register: asgs + + - name: Find a group with matching tags + community.aws.ec2_asg_info: + tags: + project: webapp + env: production + register: asgs + + - name: Find a group with matching name/prefix and tags + community.aws.ec2_asg_info: + name: myproject + tags: + env: production + register: asgs + + - name: Fail if no groups are found + community.aws.ec2_asg_info: + name: public-webserver-asg + register: asgs + failed_when: "{{ asgs.results | length == 0 }}" + + - name: Fail if more than 1 group is found + community.aws.ec2_asg_info: + name: public-webserver-asg + register: asgs + failed_when: "{{ asgs.results | length > 1 }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + auto_scaling_group_arn + +
    + string +
    +     		success +
    The Amazon Resource Name of the ASG
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-west-2:1234567890:autoScalingGroup:10787c52-0bcb-427d-82ba-c8e4b008ed2e:autoScalingGroupName/public-webapp-production-1
    +
    +
    + auto_scaling_group_name + +
    + string +
    +     		success +
    Name of autoscaling group
    +
    +
    Sample:
    +
    public-webapp-production-1
    +
    +
    + availability_zones + +
    + list +
    +     		success +
    List of Availability Zones that are enabled for this ASG.
    +
    +
    Sample:
    +
    ['us-west-2a', 'us-west-2b', 'us-west-2a']
    +
    +
    + created_time + +
    + string +
    +     		success +
    The date and time this ASG was created, in ISO 8601 format.
    +
    +
    Sample:
    +
    2015-11-25T00:05:36.309Z
    +
    +
    + default_cooldown + +
    + integer +
    +     		success +
    The default cooldown time in seconds.
    +
    +
    Sample:
    +
    300
    +
    +
    + desired_capacity + +
    + integer +
    +     		success +
    The number of EC2 instances that should be running in this group.
    +
    +
    Sample:
    +
    3
    +
    +
    + health_check_period + +
    + integer +
    +     		success +
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    +
    +
    Sample:
    +
    30
    +
    +
    + health_check_type + +
    + string +
    +     		success +
    The service you want the health status from, one of "EC2" or "ELB".
    +
    +
    Sample:
    +
    ELB
    +
    +
    + instances + +
    + list +
    +     		success +
    List of EC2 instances and their status as it relates to the ASG.
    +
    +
    Sample:
    +
    [{'availability_zone': 'us-west-2a', 'health_status': 'Healthy', 'instance_id': 'i-es22ad25', 'launch_configuration_name': 'public-webapp-production-1', 'lifecycle_state': 'InService', 'protected_from_scale_in': 'false'}]
    +
    +
    + launch_config_name + +
    + string +
    +     		success +
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    +
    +
    Sample:
    +
    public-webapp-production-1
    +
    +
    + launch_configuration_name + +
    + string +
    +     		success +
    Name of launch configuration associated with the ASG.
    +
    +
    Sample:
    +
    public-webapp-production-1
    +
    +
    + load_balancer_names + +
    + list +
    +     		success +
    List of load balancers names attached to the ASG.
    +
    +
    Sample:
    +
    ['elb-webapp-prod']
    +
    +
    + max_size + +
    + integer +
    +     		success +
    Maximum size of group
    +
    +
    Sample:
    +
    3
    +
    +
    + min_size + +
    + integer +
    +     		success +
    Minimum size of group
    +
    +
    Sample:
    +
    1
    +
    +
    + new_instances_protected_from_scale_in + +
    + boolean +
    +     		success +
    Whether or not new instances a protected from automatic scaling in.
    +
    +
    Sample:
    +
    false
    +
    +
    + placement_group + +
    + string +
    +     		success +
    Placement group into which instances are launched, if any.
    +
    +
    Sample:
    +
    None
    +
    +
    + status + +
    + string +
    +     		success +
    The current state of the group when DeleteAutoScalingGroup is in progress.
    +
    +
    Sample:
    +
    None
    +
    +
    + tags + +
    + list +
    +     		success +
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    +
    +
    Sample:
    +
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    +
    +
    + target_group_arns + +
    + list +
    +     		success +
    List of ARNs of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    +
    +
    + target_group_names + +
    + list +
    +     		success +
    List of names of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['target-group-host-hello', 'target-group-path-world']
    +
    +
    + termination_policies + +
    + string +
    +     		success +
    A list of termination policies for the group.
    +
    +
    Sample:
    +
    ['Default']
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst new file mode 100644 index 00000000000..10cf6f9627c --- /dev/null +++ b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst @@ -0,0 +1,398 @@ +.. _community.aws.ec2_asg_lifecycle_hook_module: + + +************************************ +community.aws.ec2_asg_lifecycle_hook +************************************ + +**Create, delete or update AWS ASG Lifecycle Hooks.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Will create a new hook when *state=present* and no given Hook is found. +- Will update an existing hook when *state=present* and a Hook is found, but current and provided parameters differ. +- Will delete the hook when *state=absent* and a Hook is found. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3>=1.4.4 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + autoscaling_group_name + +
    + string + / required
    +     		+ +
    The name of the Auto Scaling group to which you want to assign the lifecycle hook.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + default_result + +
    + string +
    +     		+
      Choices: +
    • ABANDON ←
      • +
    • CONTINUE
      • +
    +     		+
    Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + heartbeat_timeout + +
    + integer +
    +     		+ +
    The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
    +
    By default Amazon AWS will use 3600 (1 hour)
    +
    +
    + lifecycle_hook_name + +
    + string + / required
    +     		+ +
    The name of the lifecycle hook.
    +
    +
    + notification_meta_data + +
    + string +
    +     		+ +
    Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
    +
    +
    + notification_target_arn + +
    + string +
    +     		+ +
    The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook.
    +
    This target can be either an SQS queue or an SNS topic.
    +
    If you specify an empty string, this overrides the current ARN.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string +
    +     		+ +
    The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete Lifecycle Hook.
    +
    When state=present updates existing hook or creates a new hook if not found.
    +
    +
    + transition + +
    + string +
    +     		+
      Choices: +
    • autoscaling:EC2_INSTANCE_TERMINATING
      • +
    • autoscaling:EC2_INSTANCE_LAUNCHING
      • +
    +     		+
    The instance state to which you want to attach the lifecycle hook.
    +
    Required when state=present.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create / Update lifecycle hook + community.aws.ec2_asg_lifecycle_hook: + region: eu-central-1 + state: present + autoscaling_group_name: example + lifecycle_hook_name: example + transition: autoscaling:EC2_INSTANCE_LAUNCHING + heartbeat_timeout: 7000 + default_result: ABANDON + + - name: Delete lifecycle hook + community.aws.ec2_asg_lifecycle_hook: + region: eu-central-1 + state: absent + autoscaling_group_name: example + lifecycle_hook_name: example + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Igor 'Tsigankov' Eyrich (@tsiganenok) + + diff --git a/docs/community.aws.ec2_asg_module.rst b/docs/community.aws.ec2_asg_module.rst new file mode 100644 index 00000000000..e33fccf0b46 --- /dev/null +++ b/docs/community.aws.ec2_asg_module.rst @@ -0,0 +1,1405 @@ +.. _community.aws.ec2_asg_module: + + +********************* +community.aws.ec2_asg +********************* + +**Create or delete AWS AutoScaling Groups (ASGs)** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete AWS AutoScaling Groups. +- Can be used with the :ref:`community.aws.ec2_lc ` module to manage Launch Configurations. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + availability_zones + +
    + list + / elements=string
    +     		+ +
    List of availability zone names in which to create the group.
    +
    Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + default_cooldown + +
    + integer +
    +     		+ Default:
    300
    +     		+
    The number of seconds after a scaling activity completes before another can begin.
    +
    +
    + desired_capacity + +
    + integer +
    +     		+ +
    Desired number of instances in group, if unspecified then the current group value will be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + health_check_period + +
    + integer +
    +     		+ Default:
    300
    +     		+
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    +
    +
    + health_check_type + +
    + string +
    +     		+
      Choices: +
    • EC2 ←
      • +
    • ELB
      • +
    +     		+
    The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
    +
    +
    + launch_config_name + +
    + string +
    +     		+ +
    Name of the Launch configuration to use for the group. See the community.aws.ec2_lc) module for managing these.
    +
    If unspecified then the current group value will be used. One of launch_config_name or launch_template must be provided.
    +
    +
    + launch_template + +
    + dictionary +
    +     		+ +
    Dictionary describing the Launch Template to use
    +
    +
    + launch_template_id + +
    + string +
    +     		+ +
    The id of the launch template. Only one of launch_template_name or launch_template_id is required.
    +
    +
    + launch_template_name + +
    + string +
    +     		+ +
    The name of the launch template. Only one of launch_template_name or launch_template_id is required.
    +
    +
    + version + +
    + string +
    +     		+ +
    The version number of the launch template to use.
    +
    Defaults to latest version if not provided.
    +
    +
    + lc_check + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
    +
    +
    + load_balancers + +
    + list + / elements=string
    +     		+ +
    List of ELB names to use for the group. Use for classic load balancers.
    +
    +
    + lt_check + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_template or I(launch_template version.
    +
    +
    + max_instance_lifetime + +
    + integer +
    +     		+ +
    The maximum amount of time, in seconds, that an instance can be in service.
    +
    Maximum instance lifetime must be equal to 0, between 604800 and 31536000 seconds (inclusive), or not specified.
    +
    Value of 0 removes lifetime restriction.
    +
    +
    + max_size + +
    + integer +
    +     		+ +
    Maximum number of instances in group, if unspecified then the current group value will be used.
    +
    +
    + metrics_collection + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enable ASG metrics collection.
    +
    +
    + metrics_granularity + +
    + string +
    +     		+ Default:
    "1Minute"
    +     		+
    When metrics_collection=true this will determine the granularity of metrics collected by CloudWatch.
    +
    +
    + metrics_list + +
    + list + / elements=string
    +     		+ Default:
    ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
    +     		+
    List of autoscaling metrics to collect when metrics_collection=true.
    +
    +
    + min_size + +
    + integer +
    +     		+ +
    Minimum number of instances in group, if unspecified then the current group value will be used.
    +
    +
    + mixed_instances_policy + +
    + dictionary +
    +     		+ +
    A mixed instance policy to use for the ASG.
    +
    Only used when the ASG is configured to use a Launch Template (launch_template).
    + +
    +
    + instance_types + +
    + list + / elements=string
    +     		+ +
    A list of instance_types.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Unique name for group to be created or deleted.
    +
    +
    + notification_topic + +
    + string +
    +     		+ +
    A SNS topic ARN to send auto scaling notifications to.
    +
    +
    + notification_types + +
    + list + / elements=string
    +     		+ Default:
    ["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
    +     		+
    A list of auto scaling events to trigger notifications on.
    +
    +
    + placement_group + +
    + string +
    +     		+ +
    Physical location of your cluster placement group created in Amazon EC2.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + replace_all_instances + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    In a rolling fashion, replace all instances that used the old launch configuration with one from the new launch configuration. It increases the ASG size by replace_batch_size, waits for the new instances to be up and running. After that, it terminates a batch of old instances, waits for the replacements, and repeats, until all old instances are replaced. Once that's done the ASG size is reduced back to the expected size.
    +
    +
    + replace_batch_size + +
    + integer +
    +     		+ Default:
    1
    +     		+
    Number of instances you'd like to replace at a time. Used with replace_all_instances.
    +
    +
    + replace_instances + +
    + list + / elements=string
    +     		+ +
    List of instance_ids belonging to the named AutoScalingGroup that you would like to terminate and be replaced with instances matching the current launch configuration.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the instance.
    +
    +
    + suspend_processes + +
    + list + / elements=string
    +     		+ Default:
    []
    +     		+
    A list of scaling processes to suspend.
    +
    Valid values include:
    +
    Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer
    +
    Full documentation of valid values can be found in the AWS documentation:
    + +
    +
    + tags + +
    + list + / elements=dictionary
    +     		+ +
    A list of tags to add to the Auto Scale Group.
    +
    Optional key is propagate_at_launch, which defaults to true.
    +
    When propagate_at_launch is true the tags will be propagated to the Instances created.
    +
    +
    + target_group_arns + +
    + list + / elements=string
    +     		+ +
    List of target group ARNs to use for the group. Use for application load balancers.
    +
    +
    + termination_policies + +
    + list + / elements=string
    +     		+ Default:
    "Default"
    +     		+
    An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.
    +
    Using termination_policies=Default when modifying an existing AutoScalingGroup will result in the existing policy being retained instead of changed to Default.
    +
    Valid values include: Default, OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour
    +
    Full documentation of valid values can be found in the AWS documentation:
    + +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_zone_identifier + +
    + list + / elements=string
    +     		+ +
    List of VPC subnets to use
    +
    +
    + wait_for_instances + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of "InService" and a health_status of "Healthy".
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    How long to wait for instances to become viable when replaced. If you experience the error "Waited too long for ELB instances to be healthy", try increasing this value.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic configuration with Launch Configuration + + - community.aws.ec2_asg: + name: special + load_balancers: [ 'lb1', 'lb2' ] + availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] + launch_config_name: 'lc-1' + min_size: 1 + max_size: 10 + desired_capacity: 5 + vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] + tags: + - environment: production + propagate_at_launch: no + + # Rolling ASG Updates + + # Below is an example of how to assign a new launch config to an ASG and terminate old instances. + # + # All instances in "myasg" that do not have the launch configuration named "my_new_lc" will be terminated in + # a rolling fashion with instances using the current launch configuration, "my_new_lc". + # + # This could also be considered a rolling deploy of a pre-baked AMI. + # + # If this is a newly created group, the instances will not be replaced since all instances + # will have the current launch configuration. + + - name: create launch config + community.aws.ec2_lc: + name: my_new_lc + image_id: ami-lkajsf + key_name: mykey + region: us-east-1 + security_groups: sg-23423 + instance_type: m1.small + assign_public_ip: yes + + - community.aws.ec2_asg: + name: myasg + launch_config_name: my_new_lc + health_check_period: 60 + health_check_type: ELB + replace_all_instances: yes + min_size: 5 + max_size: 5 + desired_capacity: 5 + region: us-east-1 + + # To only replace a couple of instances instead of all of them, supply a list + # to "replace_instances": + + - community.aws.ec2_asg: + name: myasg + launch_config_name: my_new_lc + health_check_period: 60 + health_check_type: ELB + replace_instances: + - i-b345231 + - i-24c2931 + min_size: 5 + max_size: 5 + desired_capacity: 5 + region: us-east-1 + + # Basic Configuration with Launch Template + + - community.aws.ec2_asg: + name: special + load_balancers: [ 'lb1', 'lb2' ] + availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] + launch_template: + version: '1' + launch_template_name: 'lt-example' + launch_template_id: 'lt-123456' + min_size: 1 + max_size: 10 + desired_capacity: 5 + vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] + tags: + - environment: production + propagate_at_launch: no + + # Basic Configuration with Launch Template using mixed instance policy + + - community.aws.ec2_asg: + name: special + load_balancers: [ 'lb1', 'lb2' ] + availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] + launch_template: + version: '1' + launch_template_name: 'lt-example' + launch_template_id: 'lt-123456' + mixed_instances_policy: + instance_types: + - t3a.large + - t3.large + - t2.large + min_size: 1 + max_size: 10 + desired_capacity: 5 + vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] + tags: + - environment: production + propagate_at_launch: no + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + auto_scaling_group_arn + +
    + string +
    +     		success +
    The unique ARN of the autoscaling group
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:123456789012:autoScalingGroup:6a09ad6d-eeee-1234-b987-ee123ced01ad:autoScalingGroupName/myasg
    +
    +
    + auto_scaling_group_name + +
    + string +
    +     		success +
    The unique name of the auto scaling group
    +
    +
    Sample:
    +
    myasg
    +
    +
    + availability_zones + +
    + list +
    +     		success +
    The availability zones for the auto scaling group
    +
    +
    Sample:
    +
    ['us-east-1d']
    +
    +
    + created_time + +
    + string +
    +     		success +
    Timestamp of create time of the auto scaling group
    +
    +
    Sample:
    +
    2017-11-08T14:41:48.272000+00:00
    +
    +
    + default_cooldown + +
    + integer +
    +     		success +
    The default cooldown time in seconds.
    +
    +
    Sample:
    +
    300
    +
    +
    + desired_capacity + +
    + integer +
    +     		success +
    The number of EC2 instances that should be running in this group.
    +
    +
    Sample:
    +
    3
    +
    +
    + healthcheck_period + +
    + integer +
    +     		success +
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    +
    +
    Sample:
    +
    30
    +
    +
    + healthcheck_type + +
    + string +
    +     		success +
    The service you want the health status from, one of "EC2" or "ELB".
    +
    +
    Sample:
    +
    ELB
    +
    +
    + healthy_instances + +
    + integer +
    +     		success +
    Number of instances in a healthy state
    +
    +
    Sample:
    +
    5
    +
    +
    + in_service_instances + +
    + integer +
    +     		success +
    Number of instances in service
    +
    +
    Sample:
    +
    3
    +
    +
    + instance_facts + +
    + dictionary +
    +     		success +
    Dictionary of EC2 instances and their status as it relates to the ASG.
    +
    +
    Sample:
    +
    {'i-0123456789012': {'health_status': 'Healthy', 'launch_config_name': 'public-webapp-production-1', 'lifecycle_state': 'InService'}}
    +
    +
    + instances + +
    + list +
    +     		success +
    list of instance IDs in the ASG
    +
    +
    Sample:
    +
    ['i-0123456789012']
    +
    +
    + launch_config_name + +
    + string +
    +     		success +
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    +
    +
    Sample:
    +
    public-webapp-production-1
    +
    +
    + load_balancers + +
    + list +
    +     		success +
    List of load balancers names attached to the ASG.
    +
    +
    Sample:
    +
    ['elb-webapp-prod']
    +
    +
    + max_instance_lifetime + +
    + integer +
    +     		success +
    The maximum amount of time, in seconds, that an instance can be in service.
    +
    +
    Sample:
    +
    604800
    +
    +
    + max_size + +
    + integer +
    +     		success +
    Maximum size of group
    +
    +
    Sample:
    +
    3
    +
    +
    + metrics_collection + +
    + list +
    +     		success +
    List of enabled AutosSalingGroup metrics
    +
    +
    Sample:
    +
    [{'Granularity': '1Minute', 'Metric': 'GroupInServiceInstances'}]
    +
    +
    + min_size + +
    + integer +
    +     		success +
    Minimum size of group
    +
    +
    Sample:
    +
    1
    +
    +
    + mixed_instance_policy + +
    + list +
    +     		success +
    Returns the list of instance types if a mixed instance policy is set.
    +
    +
    Sample:
    +
    ['t3.micro', 't3a.micro']
    +
    +
    + pending_instances + +
    + integer +
    +     		success +
    Number of instances in pending state
    +
    +
    Sample:
    +
    1
    +
    +
    + tags + +
    + list +
    +     		success +
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    +
    +
    Sample:
    +
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    +
    +
    + target_group_arns + +
    + list +
    +     		success +
    List of ARNs of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    +
    +
    + target_group_names + +
    + list +
    +     		success +
    List of names of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['target-group-host-hello', 'target-group-path-world']
    +
    +
    + termination_policies + +
    + list +
    +     		success +
    A list of termination policies for the group.
    +
    +
    Sample:
    +
    ['Default']
    +
    +
    + unhealthy_instances + +
    + integer +
    +     		success +
    Number of instances in an unhealthy state
    +
    +
    +
    + viable_instances + +
    + integer +
    +     		success +
    Number of instances in a viable state
    +
    +
    Sample:
    +
    1
    +
    +
    + vpc_zone_identifier + +
    + string +
    +     		success +
    VPC zone ID / subnet id for the auto scaling group
    +
    +
    Sample:
    +
    subnet-a31ef45f
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Gareth Rushgrove (@garethr) + + diff --git a/docs/community.aws.ec2_customer_gateway_info_module.rst b/docs/community.aws.ec2_customer_gateway_info_module.rst new file mode 100644 index 00000000000..11504a79ca3 --- /dev/null +++ b/docs/community.aws.ec2_customer_gateway_info_module.rst @@ -0,0 +1,310 @@ +.. _community.aws.ec2_customer_gateway_info_module: + + +*************************************** +community.aws.ec2_customer_gateway_info +*************************************** + +**Gather information about customer gateways in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about customer gateways in AWS. +- This module was called ``ec2_customer_gateway_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + customer_gateway_ids + +
    + list + / elements=string
    +     		+ +
    Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html for possible filters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all customer gateways + community.aws.ec2_customer_gateway_info: + + - name: Gather information about a filtered list of customer gateways, based on tags + community.aws.ec2_customer_gateway_info: + region: ap-southeast-2 + filters: + "tag:Name": test-customer-gateway + "tag:AltName": test-customer-gateway-alt + register: cust_gw_info + + - name: Gather information about a specific customer gateway by specifying customer gateway ID + community.aws.ec2_customer_gateway_info: + region: ap-southeast-2 + customer_gateway_ids: + - 'cgw-48841a09' + - 'cgw-fec021ce' + register: cust_gw_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + customer_gateways + +
    + list +
    +     		always +
    List of one or more customer gateways.
    +
    +
    Sample:
    +
    [{'bgp_asn': '65000', 'customer_gateway_id': 'cgw-fec844ce', 'customer_gateway_name': 'test-customer-gw', 'ip_address': '110.112.113.120', 'state': 'available', 'tags': [{'key': 'Name', 'value': 'test-customer-gw'}], 'type': 'ipsec.1'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Madhura Naniwadekar (@Madhura-CSI) + + diff --git a/docs/community.aws.ec2_customer_gateway_module.rst b/docs/community.aws.ec2_customer_gateway_module.rst new file mode 100644 index 00000000000..5d9fcaf5784 --- /dev/null +++ b/docs/community.aws.ec2_customer_gateway_module.rst @@ -0,0 +1,465 @@ +.. _community.aws.ec2_customer_gateway_module: + + +********************************** +community.aws.ec2_customer_gateway +********************************** + +**Manage an AWS customer gateway** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS customer gateway. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bgp_asn + +
    + integer +
    +     		+ +
    Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + ip_address + +
    + string + / required
    +     		+ +
    Internet-routable IP address for customers gateway, must be a static address.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the customer gateway.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + routing + +
    + string +
    +     		+
      Choices: +
    • static
      • +
    • dynamic ←
      • +
    +     		+
    The type of routing.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or terminate the Customer Gateway.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - You cannot create more than one customer gateway with the same IP address. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources. + - Return values contain customer_gateway and customer_gateways keys which are identical dicts. You should use customer_gateway. See https://github.com/ansible/ansible-modules-extras/issues/2773 for details. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create Customer Gateway + community.aws.ec2_customer_gateway: + bgp_asn: 12345 + ip_address: 1.2.3.4 + name: IndianapolisOffice + region: us-east-1 + register: cgw + + - name: Delete Customer Gateway + community.aws.ec2_customer_gateway: + ip_address: 1.2.3.4 + name: IndianapolisOffice + state: absent + region: us-east-1 + register: cgw + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + gateway.customer_gateways + +
    + complex +
    +     		success +
    details about the gateway that was created.
    +
    +
      +
    + bgp_asn + +
    + string +
    +     		when exists and gateway is available. +
    The Border Gateway Autonomous System Number.
    +
    +
    Sample:
    +
    65123
    +
      +
    + customer_gateway_id + +
    + string +
    +     		when exists and gateway is available. +
    gateway id assigned by amazon.
    +
    +
    Sample:
    +
    cgw-cb6386a2
    +
      +
    + ip_address + +
    + string +
    +     		when exists and gateway is available. +
    ip address of your gateway device.
    +
    +
    Sample:
    +
    1.2.3.4
    +
      +
    + state + +
    + string +
    +     		when gateway exists and is available. +
    state of gateway.
    +
    +
    Sample:
    +
    available
    +
      +
    + tags + +
    + list +
    +     		when gateway exists and is available, and when tags exist. +
    Any tags on the gateway.
    +
    +
      +
    + type + +
    + string +
    +     		when gateway exists and is available. +
    encryption type.
    +
    +
    Sample:
    +
    ipsec.1
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Baydoun (@MichaelBaydoun) + + diff --git a/docs/community.aws.ec2_eip_info_module.rst b/docs/community.aws.ec2_eip_info_module.rst new file mode 100644 index 00000000000..3a61c11d742 --- /dev/null +++ b/docs/community.aws.ec2_eip_info_module.rst @@ -0,0 +1,317 @@ +.. _community.aws.ec2_eip_info_module: + + +************************** +community.aws.ec2_eip_info +************************** + +**List EC2 EIP details** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- List details of EC2 Elastic IP addresses. +- This module was called ``ec2_eip_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and filter value. See https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-addresses.html#options for possible filters. Filter names and values are case sensitive.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details or the AWS region, + # see the AWS Guide for details. + + - name: List all EIP addresses in the current region. + community.aws.ec2_eip_info: + register: regional_eip_addresses + + - name: List all EIP addresses for a VM. + community.aws.ec2_eip_info: + filters: + instance-id: i-123456789 + register: my_vm_eips + + - debug: + msg: "{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" + + - name: List all EIP addresses for several VMs. + community.aws.ec2_eip_info: + filters: + instance-id: + - i-123456789 + - i-987654321 + register: my_vms_eips + + - name: List all EIP addresses using the 'Name' tag as a filter. + community.aws.ec2_eip_info: + filters: + tag:Name: www.example.com + register: my_vms_eips + + - name: List all EIP addresses using the Allocation-id as a filter + community.aws.ec2_eip_info: + filters: + allocation-id: eipalloc-64de1b01 + register: my_vms_eips + + # Set the variable eip_alloc to the value of the first allocation_id + # and set the variable my_pub_ip to the value of the first public_ip + - set_fact: + eip_alloc: my_vms_eips.addresses[0].allocation_id + my_pub_ip: my_vms_eips.addresses[0].public_ip + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + addresses + +
    + list +
    +     		on success +
    Properties of all Elastic IP addresses matching the provided filters. Each element is a dict with all the information related to an EIP.
    +
    +
    Sample:
    +
    [{'allocation_id': 'eipalloc-64de1b01', 'association_id': 'eipassoc-0fe9ce90d6e983e97', 'domain': 'vpc', 'instance_id': 'i-01020cfeb25b0c84f', 'network_interface_id': 'eni-02fdeadfd4beef9323b', 'network_interface_owner_id': '0123456789', 'private_ip_address': '10.0.0.1', 'public_ip': '54.81.104.1', 'tags': {'Name': 'test-vm-54.81.104.1'}}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Brad Macpherson (@iiibrad) + + diff --git a/docs/community.aws.ec2_eip_module.rst b/docs/community.aws.ec2_eip_module.rst new file mode 100644 index 00000000000..72e4aee7b6e --- /dev/null +++ b/docs/community.aws.ec2_eip_module.rst @@ -0,0 +1,589 @@ +.. _community.aws.ec2_eip_module: + + +********************* +community.aws.ec2_eip +********************* + +**manages EC2 elastic IP (EIP) addresses.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module can allocate or release an EIP. +- This module can associate/disassociate an EIP with instances or network interfaces. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + allow_reassociation + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + device_id + +
    + string +
    +     		+ +
    The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.
    +

    aliases: instance_id
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + in_vpc + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Allocate an EIP inside a VPC or not.
    +
    Required if specifying an ENI with device_id.
    +
    +
    + private_ip_address + +
    + string +
    +     		+ +
    The primary or secondary private IP address to associate with the Elastic IP address.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + public_ip + +
    + string +
    +     		+ +
    The IP address of a previously allocated EIP.
    +
    When public_ip=present and device is specified, the EIP is associated with the device.
    +
    When public_ip=absent and device is specified, the EIP is disassociated from the device.
    +

    aliases: ip
    +
    +
    + public_ipv4_pool + +
    + string +
    +     		+ +
    Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when reuse_existing_ip_allowed=true.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + release_on_disassociation + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to automatically release the EIP when it is disassociated.
    +
    +
    + reuse_existing_ip_allowed + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    When state=present, allocate an EIP or associate an existing EIP with a device.
    +
    When state=absent, disassociate the EIP from the device and optionally release it.
    +
    +
    + tag_name + +
    + string +
    +     		+ +
    When reuse_existing_ip_allowed=true, supplement with this option to only reuse an Elastic IP if it is tagged with tag_name.
    +
    +
    + tag_value + +
    + string +
    +     		+ +
    Supplements tag_name but also checks that the value of the tag provided in tag_name matches tag_value.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ +
    The wait_timeout option does nothing and will be removed after 2022-06-01
    +
    +
    + + +Notes +----- + +.. note:: + - There may be a delay between the time the EIP is assigned and when the cloud instance is reachable via the new address. Use wait_for and pause to delay further playbook execution until the instance is reachable, if necessary. + - This module returns multiple changed statuses on disassociation or release. It returns an overall status based on any changes occurring. It also returns individual changed statuses for disassociation and release. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: associate an elastic IP with an instance + community.aws.ec2_eip: + device_id: i-1212f003 + ip: 93.184.216.119 + + - name: associate an elastic IP with a device + community.aws.ec2_eip: + device_id: eni-c8ad70f3 + ip: 93.184.216.119 + + - name: associate an elastic IP with a device and allow reassociation + community.aws.ec2_eip: + device_id: eni-c8ad70f3 + public_ip: 93.184.216.119 + allow_reassociation: true + + - name: disassociate an elastic IP from an instance + community.aws.ec2_eip: + device_id: i-1212f003 + ip: 93.184.216.119 + state: absent + + - name: disassociate an elastic IP with a device + community.aws.ec2_eip: + device_id: eni-c8ad70f3 + ip: 93.184.216.119 + state: absent + + - name: allocate a new elastic IP and associate it with an instance + community.aws.ec2_eip: + device_id: i-1212f003 + + - name: allocate a new elastic IP without associating it to anything + community.aws.ec2_eip: + state: present + register: eip + + - name: output the IP + debug: + msg: "Allocated IP is {{ eip.public_ip }}" + + - name: provision new instances with ec2 + amazon.aws.ec2: + keypair: mykey + instance_type: c1.medium + image: ami-40603AD1 + wait: true + group: webserver + count: 3 + register: ec2 + + - name: associate new elastic IPs with each of the instances + community.aws.ec2_eip: + device_id: "{{ item }}" + loop: "{{ ec2.instance_ids }}" + + - name: allocate a new elastic IP inside a VPC in us-west-2 + community.aws.ec2_eip: + region: us-west-2 + in_vpc: true + register: eip + + - name: output the IP + debug: + msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" + + - name: allocate eip - reuse unallocated ips (if found) with FREE tag + community.aws.ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: FREE + + - name: allocate eip - reuse unallocated ips if tag reserved is nope + community.aws.ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: reserved + tag_value: nope + + - name: allocate new eip - from servers given ipv4 pool + community.aws.ec2_eip: + region: us-east-1 + in_vpc: true + public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 + + - name: allocate eip - from a given pool (if no free addresses where dev-servers tag is dynamic) + community.aws.ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: dev-servers + public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 + + - name: allocate eip from pool - check if tag reserved_for exists and value is our hostname + community.aws.ec2_eip: + region: us-east-1 + in_vpc: true + reuse_existing_ip_allowed: true + tag_name: reserved_for + tag_value: "{{ inventory_hostname }}" + public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + allocation_id + +
    + string +
    +     		on success +
    allocation_id of the elastic ip
    +
    +
    Sample:
    +
    eipalloc-51aa3a6c
    +
    +
    + public_ip + +
    + string +
    +     		on success +
    an elastic ip address
    +
    +
    Sample:
    +
    52.88.159.209
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rick Mendes (@rickmendes) + + diff --git a/docs/community.aws.ec2_elb_info_module.rst b/docs/community.aws.ec2_elb_info_module.rst new file mode 100644 index 00000000000..6d0839f7359 --- /dev/null +++ b/docs/community.aws.ec2_elb_info_module.rst @@ -0,0 +1,272 @@ +.. _community.aws.ec2_elb_info_module: + + +************************** +community.aws.ec2_elb_info +************************** + +**Gather information about EC2 Elastic Load Balancers in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about EC2 Elastic Load Balancers in AWS +- This module was called ``ec2_elb_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + names + +
    + list +
    +     		+ +
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Output format tries to match amazon.aws.ec2_elb_lb module input parameters + + - name: Gather information about all ELBs + ec2_elb_info: + register: elb_info + - debug: + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + - name: Gather information about a particular ELB + community.aws.ec2_elb_info: + names: frontend-prod-elb + register: elb_info + + - debug: + msg: "{{ elb_info.elbs.0.dns_name }}" + + - name: Gather information about a set of ELBs + ec2_elb_info: + names: + - frontend-prod-elb + - backend-prod-elb + register: elb_info + + - debug: + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Schultz (@mjschultz) +- Fernando Jose Pando (@nand0p) + + diff --git a/docs/community.aws.ec2_elb_module.rst b/docs/community.aws.ec2_elb_module.rst new file mode 100644 index 00000000000..b999dc525d0 --- /dev/null +++ b/docs/community.aws.ec2_elb_module.rst @@ -0,0 +1,346 @@ +.. _community.aws.ec2_elb_module: + + +********************* +community.aws.ec2_elb +********************* + +**De-registers or registers instances from EC2 ELBs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module de-registers or registers an AWS EC2 instance from the ELBs that it belongs to. +- Returns fact "ec2_elbs" which is a list of elbs attached to the instance if state=absent is passed as an argument. +- Will be marked changed when called only if there are ELBs found to operate on. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_elbs + +
    + list +
    +     		+ +
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + enable_availability_zone + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    +
    +
    + instance_id + +
    + string + / required
    +     		+ +
    EC2 Instance ID
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    register or deregister the instance
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for instance registration or deregistration to complete successfully before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    0
    +     		+
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # basic pre_task and post_task example + pre_tasks: + - name: Instance De-register + community.aws.ec2_elb: + instance_id: "{{ ansible_ec2_instance_id }}" + state: absent + roles: + - myrole + post_tasks: + - name: Instance Register + community.aws.ec2_elb: + instance_id: "{{ ansible_ec2_instance_id }}" + ec2_elbs: "{{ item }}" + state: present + loop: "{{ ec2_elbs }}" + + + + + +Status +------ + + +Authors +~~~~~~~ + +- John Jarvis (@jarv) + + diff --git a/docs/community.aws.ec2_instance_info_module.rst b/docs/community.aws.ec2_instance_info_module.rst new file mode 100644 index 00000000000..9ce9905549b --- /dev/null +++ b/docs/community.aws.ec2_instance_info_module.rst @@ -0,0 +1,1834 @@ +.. _community.aws.ec2_instance_info_module: + + +******************************* +community.aws.ec2_instance_info +******************************* + +**Gather information about ec2 instances in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 instances in AWS +- This module was called ``ec2_instance_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for possible filters. Filter names and values are case sensitive.
    +
    +
    + instance_ids + +
    + list +
    +     		+ +
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all instances + community.aws.ec2_instance_info: + + - name: Gather information about all instances in AZ ap-southeast-2a + community.aws.ec2_instance_info: + filters: + availability-zone: ap-southeast-2a + + - name: Gather information about a particular instance using ID + community.aws.ec2_instance_info: + instance_ids: + - i-12345678 + + - name: Gather information about any instance with a tag key Name and value Example + community.aws.ec2_instance_info: + filters: + "tag:Name": Example + + - name: Gather information about any instance in states "shutting-down", "stopping", "stopped" + community.aws.ec2_instance_info: + filters: + instance-state-name: [ "shutting-down", "stopping", "stopped" ] + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + instances + +
    + complex +
    +     		always +
    a list of ec2 instances
    +
    +
      +
    + ami_launch_index + +
    + integer +
    +     		always +
    The AMI launch index, which can be used to find this instance in the launch group.
    +
    +
      +
    + architecture + +
    + string +
    +     		always +
    The architecture of the image
    +
    +
    Sample:
    +
    x86_64
    +
      +
    + block_device_mappings + +
    + complex +
    +     		always +
    Any block device mapping entries for the instance.
    +
    +
       +
    + device_name + +
    + string +
    +     		always +
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    +
    +
    Sample:
    +
    /dev/sdh
    +
       +
    + ebs + +
    + complex +
    +     		always +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    +
    +
        +
    + attach_time + +
    + string +
    +     		always +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    +
        +
    + delete_on_termination + +
    + boolean +
    +     		always +
    Indicates whether the volume is deleted on instance termination.
    +
    +
    Sample:
    +
    True
    +
        +
    + status + +
    + string +
    +     		always +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    +
        +
    + volume_id + +
    + string +
    +     		always +
    The ID of the EBS volume
    +
    +
    Sample:
    +
    vol-12345678
    +
      +
    + client_token + +
    + string +
    +     		always +
    The idempotency token you provided when you launched the instance, if applicable.
    +
    +
    Sample:
    +
    mytoken
    +
      +
    + cpu_options + +
    + complex +
    +     		always if botocore version >= 1.10.16 +
    The CPU options set for the instance.
    +
    +
       +
    + core_count + +
    + integer +
    +     		always +
    The number of CPU cores for the instance.
    +
    +
    Sample:
    +
    1
    +
       +
    + threads_per_core + +
    + integer +
    +     		always +
    The number of threads per CPU core. On supported instance, a value of 1 means Intel Hyper-Threading Technology is disabled.
    +
    +
    Sample:
    +
    1
    +
      +
    + ebs_optimized + +
    + boolean +
    +     		always +
    Indicates whether the instance is optimized for EBS I/O.
    +
    +
      +
    + hypervisor + +
    + string +
    +     		always +
    The hypervisor type of the instance.
    +
    +
    Sample:
    +
    xen
    +
      +
    + iam_instance_profile + +
    + complex +
    +     		always +
    The IAM instance profile associated with the instance, if applicable.
    +
    +
       +
    + arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the instance profile.
    +
    +
    Sample:
    +
    arn:aws:iam::000012345678:instance-profile/myprofile
    +
       +
    + id + +
    + string +
    +     		always +
    The ID of the instance profile
    +
    +
    Sample:
    +
    JFJ397FDG400FG9FD1N
    +
      +
    + image_id + +
    + string +
    +     		always +
    The ID of the AMI used to launch the instance.
    +
    +
    Sample:
    +
    ami-0011223344
    +
      +
    + instance_id + +
    + string +
    +     		always +
    The ID of the instance.
    +
    +
    Sample:
    +
    i-012345678
    +
      +
    + instance_type + +
    + string +
    +     		always +
    The instance type size of the running instance.
    +
    +
    Sample:
    +
    t2.micro
    +
      +
    + key_name + +
    + string +
    +     		always +
    The name of the key pair, if this instance was launched with an associated key pair.
    +
    +
    Sample:
    +
    my-key
    +
      +
    + launch_time + +
    + string +
    +     		always +
    The time the instance was launched.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    +
      +
    + monitoring + +
    + complex +
    +     		always +
    The monitoring for the instance.
    +
    +
       +
    + state + +
    + string +
    +     		always +
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    +
    +
    Sample:
    +
    disabled
    +
      +
    + network_interfaces + +
    + complex +
    +     		always +
    One or more network interfaces for the instance.
    +
    +
       +
    + association + +
    + complex +
    +     		always +
    The association information for an Elastic IPv4 associated with the network interface.
    +
    +
        +
    + ip_owner_id + +
    + string +
    +     		always +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    +
        +
    + public_dns_name + +
    + string +
    +     		always +
    The public DNS name.
    +
    +
        +
    + public_ip + +
    + string +
    +     		always +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    +
       +
    + attachment + +
    + complex +
    +     		always +
    The network interface attachment.
    +
    +
        +
    + attach_time + +
    + string +
    +     		always +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    +
        +
    + attachment_id + +
    + string +
    +     		always +
    The ID of the network interface attachment.
    +
    +
    Sample:
    +
    eni-attach-3aff3f
    +
        +
    + delete_on_termination + +
    + boolean +
    +     		always +
    Indicates whether the network interface is deleted when the instance is terminated.
    +
    +
    Sample:
    +
    True
    +
        +
    + device_index + +
    + integer +
    +     		always +
    The index of the device on the instance for the network interface attachment.
    +
    +
        +
    + status + +
    + string +
    +     		always +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    +
       +
    + description + +
    + string +
    +     		always +
    The description.
    +
    +
    Sample:
    +
    My interface
    +
       +
    + groups + +
    + list + / elements=dictionary
    +     		always +
    One or more security groups.
    +
    +
        +
    + group_id + +
    + string +
    +     		always +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-abcdef12
    +
        +
    + group_name + +
    + string +
    +     		always +
    The name of the security group.
    +
    +
    Sample:
    +
    mygroup
    +
       +
    + ipv6_addresses + +
    + list + / elements=dictionary
    +     		always +
    One or more IPv6 addresses associated with the network interface.
    +
    +
        +
    + ipv6_address + +
    + string +
    +     		always +
    The IPv6 address.
    +
    +
    Sample:
    +
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    +
       +
    + mac_address + +
    + string +
    +     		always +
    The MAC address.
    +
    +
    Sample:
    +
    00:11:22:33:44:55
    +
       +
    + network_interface_id + +
    + string +
    +     		always +
    The ID of the network interface.
    +
    +
    Sample:
    +
    eni-01234567
    +
       +
    + owner_id + +
    + string +
    +     		always +
    The AWS account ID of the owner of the network interface.
    +
    +
    Sample:
    +
    01234567890
    +
       +
    + private_ip_address + +
    + string +
    +     		always +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    +
       +
    + private_ip_addresses + +
    + list + / elements=dictionary
    +     		always +
    The private IPv4 addresses associated with the network interface.
    +
    +
        +
    + association + +
    + complex +
    +     		always +
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    +
    +
         +
    + ip_owner_id + +
    + string +
    +     		always +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    +
         +
    + public_dns_name + +
    + string +
    +     		always +
    The public DNS name.
    +
    +
         +
    + public_ip + +
    + string +
    +     		always +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    +
        +
    + primary + +
    + boolean +
    +     		always +
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    +
    +
    Sample:
    +
    True
    +
        +
    + private_ip_address + +
    + string +
    +     		always +
    The private IPv4 address of the network interface.
    +
    +
    Sample:
    +
    10.0.0.1
    +
       +
    + source_dest_check + +
    + boolean +
    +     		always +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    +
       +
    + status + +
    + string +
    +     		always +
    The status of the network interface.
    +
    +
    Sample:
    +
    in-use
    +
       +
    + subnet_id + +
    + string +
    +     		always +
    The ID of the subnet for the network interface.
    +
    +
    Sample:
    +
    subnet-0123456
    +
       +
    + vpc_id + +
    + string +
    +     		always +
    The ID of the VPC for the network interface.
    +
    +
    Sample:
    +
    vpc-0123456
    +
      +
    + placement + +
    + complex +
    +     		always +
    The location where the instance launched, if applicable.
    +
    +
       +
    + availability_zone + +
    + string +
    +     		always +
    The Availability Zone of the instance.
    +
    +
    Sample:
    +
    ap-southeast-2a
    +
       +
    + group_name + +
    + string +
    +     		always +
    The name of the placement group the instance is in (for cluster compute instances).
    +
    +
       +
    + tenancy + +
    + string +
    +     		always +
    The tenancy of the instance (if the instance is running in a VPC).
    +
    +
    Sample:
    +
    default
    +
      +
    + private_dns_name + +
    + string +
    +     		always +
    The private DNS name.
    +
    +
    Sample:
    +
    ip-10-0-0-1.ap-southeast-2.compute.internal
    +
      +
    + private_ip_address + +
    + string +
    +     		always +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    +
      +
    + product_codes + +
    + list + / elements=dictionary
    +     		always +
    One or more product codes.
    +
    +
       +
    + product_code_id + +
    + string +
    +     		always +
    The product code.
    +
    +
    Sample:
    +
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    +
       +
    + product_code_type + +
    + string +
    +     		always +
    The type of product code.
    +
    +
    Sample:
    +
    marketplace
    +
      +
    + public_dns_name + +
    + string +
    +     		always +
    The public DNS name assigned to the instance.
    +
    +
      +
    + public_ip_address + +
    + string +
    +     		always +
    The public IPv4 address assigned to the instance
    +
    +
    Sample:
    +
    52.0.0.1
    +
      +
    + root_device_name + +
    + string +
    +     		always +
    The device name of the root device
    +
    +
    Sample:
    +
    /dev/sda1
    +
      +
    + root_device_type + +
    + string +
    +     		always +
    The type of root device used by the AMI.
    +
    +
    Sample:
    +
    ebs
    +
      +
    + security_groups + +
    + list + / elements=dictionary
    +     		always +
    One or more security groups for the instance.
    +
    +
       +
    + group_id + +
    + string +
    +     		always +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-0123456
    +
       +
    + group_name + +
    + string +
    +     		always +
    The name of the security group.
    +
    +
    Sample:
    +
    my-security-group
    +
      +
    + source_dest_check + +
    + boolean +
    +     		always +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    +
      +
    + state + +
    + complex +
    +     		always +
    The current state of the instance.
    +
    +
       +
    + code + +
    + integer +
    +     		always +
    The low byte represents the state.
    +
    +
    Sample:
    +
    16
    +
       +
    + name + +
    + string +
    +     		always +
    The name of the state.
    +
    +
    Sample:
    +
    running
    +
      +
    + state_transition_reason + +
    + string +
    +     		always +
    The reason for the most recent state transition.
    +
    +
      +
    + subnet_id + +
    + string +
    +     		always +
    The ID of the subnet in which the instance is running.
    +
    +
    Sample:
    +
    subnet-00abcdef
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    Any tags assigned to the instance.
    +
    +
      +
    + virtualization_type + +
    + string +
    +     		always +
    The type of virtualization of the AMI.
    +
    +
    Sample:
    +
    hvm
    +
      +
    + vpc_id + +
    + dictionary +
    +     		always +
    The ID of the VPC the instance is in.
    +
    +
    Sample:
    +
    vpc-0011223344
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Schuett (@michaeljs1990) +- Rob White (@wimnat) + + diff --git a/docs/community.aws.ec2_instance_module.rst b/docs/community.aws.ec2_instance_module.rst new file mode 100644 index 00000000000..746cdc53581 --- /dev/null +++ b/docs/community.aws.ec2_instance_module.rst @@ -0,0 +1,2705 @@ +.. _community.aws.ec2_instance_module: + + +************************** +community.aws.ec2_instance +************************** + +**Create & manage EC2 instances** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create and manage AWS EC2 instances. +- Note: This module does not support creating `EC2 Spot instances `_. The :ref:`amazon.aws.ec2 ` module can create and manage spot instances. + + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + availability_zone + +
    + string +
    +     		+ +
    Specify an availability zone to use the default subnet it. Useful if not specifying the vpc_subnet_id parameter.
    +
    If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cpu_credit_specification + +
    + string +
    +     		+
      Choices: +
    • unlimited
      • +
    • standard
      • +
    +     		+
    For T series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.
    +
    Choose unlimited to enable buying additional CPU credits.
    +
    +
    + cpu_options + +
    + dictionary +
    +     		+ +
    Reduce the number of vCPU exposed to the instance.
    +
    Those parameters can only be set at instance launch. The two suboptions threads_per_core and core_count are mandatory.
    + +
    Requires botocore >= 1.10.16
    +
    +
    + core_count + +
    + integer + / required
    +     		+ +
    Set the number of core to enable.
    +
    +
    + threads_per_core + +
    + integer + / required
    +     		+
      Choices: +
    • 1
      • +
    • 2
      • +
    +     		+
    Select the number of threads per core to enable. Disable or Enable Intel HT.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + detailed_monitoring + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
    +
    +
    + ebs_optimized + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether instance is should use optimized EBS volumes, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html. for possible filters. Filter names and values are case sensitive.
    +
    By default, instances are filtered for counting by their "Name" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
    +
    +
    + image + +
    + dictionary +
    +     		+ +
    An image to use for the instance. The amazon.aws.ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
    +
    +
    + id + +
    + string +
    +     		+ +
    The AMI ID.
    +
    +
    + kernel + +
    + - +
    +     		+ +
    a string AKI to override the AMI kernel.
    +
    +
    + ramdisk + +
    + string +
    +     		+ +
    Overrides the AMI's default ramdisk ID.
    +
    +
    + image_id + +
    + string +
    +     		+ +
    ami ID to use for the instance. One of image or image_id are required when instance is not already present.
    +
    This is an alias for image.id.
    +
    +
    + instance_ids + +
    + list +
    +     		+ +
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    +
    +
    + instance_initiated_shutdown_behavior + +
    + string +
    +     		+
      Choices: +
    • stop
      • +
    • terminate
      • +
    +     		+
    Whether to stop or terminate an instance upon shutdown.
    +
    +
    + instance_role + +
    + string +
    +     		+ +
    The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html If no full ARN is provided, the role with a matching name will be used from the active AWS account.
    +
    +
    + instance_type + +
    + string +
    +     		+ Default:
    "t2.micro"
    +     		+
    Instance type to use for the instance, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html Only required when instance is not already present.
    +
    +
    + key_name + +
    + string +
    +     		+ +
    Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
    +
    +
    + launch_template + +
    + dictionary +
    +     		+ +
    The EC2 launch template to base instance configuration on.
    +
    +
    + id + +
    + string +
    +     		+ +
    the ID of the launch template (optional if name is specified).
    +
    +
    + name + +
    + string +
    +     		+ +
    the pretty name of the launch template (optional if id is specified).
    +
    +
    + version + +
    + - +
    +     		+ +
    the specific version of the launch template to use. If unspecified, the template default is chosen.
    +
    +
    + name + +
    + string +
    +     		+ +
    The Name tag for the instance.
    +
    +
    + network + +
    + dictionary +
    +     		+ +
    Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.
    +
    Use the amazon.aws.ec2_eni module to create ENIs with special settings.
    +
    +
    + assign_public_ip + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    when true assigns a public IP address to the interface
    +
    +
    + delete_on_termination + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Delete the interface when the instance it is attached to is terminated.
    +
    +
    + description + +
    + string +
    +     		+ +
    a description for the network interface
    +
    +
    + device_index + +
    + integer +
    +     		+ +
    The index of the interface to modify
    +
    +
    + groups + +
    + list +
    +     		+ +
    a list of security group IDs to attach to the interface
    +
    +
    + interfaces + +
    + list +
    +     		+ +
    a list of ENI IDs (strings) or a list of objects containing the key id.
    +
    +
    + ipv6_addresses + +
    + list +
    +     		+ +
    a list of IPv6 addresses to assign to the network interface
    +
    +
    + private_ip_address + +
    + string +
    +     		+ +
    an IPv4 address to assign to the interface
    +
    +
    + private_ip_addresses + +
    + list +
    +     		+ +
    a list of IPv4 addresses to assign to the network interface
    +
    +
    + source_dest_check + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    controls whether source/destination checking is enabled on the interface
    +
    +
    + subnet_id + +
    + string +
    +     		+ +
    the subnet to connect the network interface to
    +
    +
    + placement_group + +
    + string +
    +     		+ +
    The placement group that needs to be assigned to the instance
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_group + +
    + string +
    +     		+ +
    A security group ID or name. Mutually exclusive with security_groups.
    +
    +
    + security_groups + +
    + list +
    +     		+ +
    A list of security group IDs or names (strings). Mutually exclusive with security_group.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • terminated
      • +
    • running
      • +
    • started
      • +
    • stopped
      • +
    • restarted
      • +
    • rebooted
      • +
    • absent
      • +
    +     		+
    Goal state for the instances.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
    +
    +
    + tenancy + +
    + string +
    +     		+
      Choices: +
    • dedicated
      • +
    • default
      • +
    +     		+
    What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
    +
    +
    + termination_protection + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
    +
    +
    + tower_callback + +
    + dictionary +
    +     		+ +
    Preconfigured user-data to enable an instance to perform a Tower callback (Linux only).
    +
    Mutually exclusive with user_data.
    +
    For Windows instances, to enable remote access via Ansible set tower_callback.windows to true, and optionally set an admin password.
    +
    If using 'windows' and 'set_password', callback to Tower will not be performed but the instance will be ready to receive winrm connections from Ansible.
    +
    +
    + host_config_key + +
    + string +
    +     		+ +
    Host configuration secret key generated by the Tower job template.
    +
    +
    + job_template_id + +
    + string +
    +     		+ +
    Either the integer ID of the Tower Job Template, or the name (name supported only for Tower 3.2+).
    +
    +
    + tower_address + +
    + string +
    +     		+ +
    IP address or DNS name of Tower server. Must be accessible via this address from the VPC that this instance will be launched in.
    +
    +
    + user_data + +
    + string +
    +     		+ +
    Opaque blob of data which is made available to the ec2 instance
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + volumes + +
    + list +
    +     		+ +
    A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.
    +
    A mapping contains the (optional) keys device_name, virtual_name, ebs.volume_type, ebs.volume_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.
    + +
    +
    + vpc_subnet_id + +
    + string +
    +     		+ +
    The subnet ID in which to launch the instance (VPC) If none is provided, community.aws.ec2_instance will chose the default zone of the default VPC.
    +

    aliases: subnet_id
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to wait for the desired state (use wait_timeout to customize this).
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    600
    +     		+
    How long to wait (in seconds) for the instance to finish booting/terminating.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Terminate every running instance in a region. Use with EXTREME caution. + community.aws.ec2_instance: + state: absent + filters: + instance-state-name: running + + - name: restart a particular instance by its ID + community.aws.ec2_instance: + state: restarted + instance_ids: + - i-12345678 + + - name: start an instance with a public IP address + community.aws.ec2_instance: + name: "public-compute-instance" + key_name: "prod-ssh-key" + vpc_subnet_id: subnet-5ca1ab1e + instance_type: c5.large + security_group: default + network: + assign_public_ip: true + image_id: ami-123456 + tags: + Environment: Testing + + - name: start an instance and Add EBS + community.aws.ec2_instance: + name: "public-withebs-instance" + vpc_subnet_id: subnet-5ca1ab1e + instance_type: t2.micro + key_name: "prod-ssh-key" + security_group: default + volumes: + - device_name: /dev/sda1 + ebs: + volume_size: 16 + delete_on_termination: true + + - name: start an instance with a cpu_options + community.aws.ec2_instance: + name: "public-cpuoption-instance" + vpc_subnet_id: subnet-5ca1ab1e + tags: + Environment: Testing + instance_type: c4.large + volumes: + - device_name: /dev/sda1 + ebs: + delete_on_termination: true + cpu_options: + core_count: 1 + threads_per_core: 1 + + - name: start an instance and have it begin a Tower callback on boot + community.aws.ec2_instance: + name: "tower-callback-test" + key_name: "prod-ssh-key" + vpc_subnet_id: subnet-5ca1ab1e + security_group: default + tower_callback: + # IP or hostname of tower server + tower_address: 1.2.3.4 + job_template_id: 876 + host_config_key: '[secret config key goes here]' + network: + assign_public_ip: true + image_id: ami-123456 + cpu_credit_specification: unlimited + tags: + SomeThing: "A value" + + - name: start an instance with ENI (An existing ENI ID is required) + community.aws.ec2_instance: + name: "public-eni-instance" + key_name: "prod-ssh-key" + vpc_subnet_id: subnet-5ca1ab1e + network: + interfaces: + - id: "eni-12345" + tags: + Env: "eni_on" + volumes: + - device_name: /dev/sda1 + ebs: + delete_on_termination: true + instance_type: t2.micro + image_id: ami-123456 + + - name: add second ENI interface + community.aws.ec2_instance: + name: "public-eni-instance" + network: + interfaces: + - id: "eni-12345" + - id: "eni-67890" + image_id: ami-123456 + tags: + Env: "eni_on" + instance_type: t2.micro + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + instances + +
    + complex +
    +     		when wait == true +
    a list of ec2 instances
    +
    +
      +
    + ami_launch_index + +
    + integer +
    +     		always +
    The AMI launch index, which can be used to find this instance in the launch group.
    +
    +
      +
    + architecture + +
    + string +
    +     		always +
    The architecture of the image
    +
    +
    Sample:
    +
    x86_64
    +
      +
    + block_device_mappings + +
    + complex +
    +     		always +
    Any block device mapping entries for the instance.
    +
    +
       +
    + device_name + +
    + string +
    +     		always +
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    +
    +
    Sample:
    +
    /dev/sdh
    +
       +
    + ebs + +
    + complex +
    +     		always +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    +
    +
        +
    + attach_time + +
    + string +
    +     		always +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    +
        +
    + delete_on_termination + +
    + boolean +
    +     		always +
    Indicates whether the volume is deleted on instance termination.
    +
    +
    Sample:
    +
    True
    +
        +
    + status + +
    + string +
    +     		always +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    +
        +
    + volume_id + +
    + string +
    +     		always +
    The ID of the EBS volume
    +
    +
    Sample:
    +
    vol-12345678
    +
      +
    + client_token + +
    + string +
    +     		always +
    The idempotency token you provided when you launched the instance, if applicable.
    +
    +
    Sample:
    +
    mytoken
    +
      +
    + ebs_optimized + +
    + boolean +
    +     		always +
    Indicates whether the instance is optimized for EBS I/O.
    +
    +
      +
    + hypervisor + +
    + string +
    +     		always +
    The hypervisor type of the instance.
    +
    +
    Sample:
    +
    xen
    +
      +
    + iam_instance_profile + +
    + complex +
    +     		always +
    The IAM instance profile associated with the instance, if applicable.
    +
    +
       +
    + arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the instance profile.
    +
    +
    Sample:
    +
    arn:aws:iam::000012345678:instance-profile/myprofile
    +
       +
    + id + +
    + string +
    +     		always +
    The ID of the instance profile
    +
    +
    Sample:
    +
    JFJ397FDG400FG9FD1N
    +
      +
    + image_id + +
    + string +
    +     		always +
    The ID of the AMI used to launch the instance.
    +
    +
    Sample:
    +
    ami-0011223344
    +
      +
    + instance_id + +
    + string +
    +     		always +
    The ID of the instance.
    +
    +
    Sample:
    +
    i-012345678
    +
      +
    + instance_type + +
    + string +
    +     		always +
    The instance type size of the running instance.
    +
    +
    Sample:
    +
    t2.micro
    +
      +
    + key_name + +
    + string +
    +     		always +
    The name of the key pair, if this instance was launched with an associated key pair.
    +
    +
    Sample:
    +
    my-key
    +
      +
    + launch_time + +
    + string +
    +     		always +
    The time the instance was launched.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    +
      +
    + monitoring + +
    + complex +
    +     		always +
    The monitoring for the instance.
    +
    +
       +
    + state + +
    + string +
    +     		always +
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    +
    +
    Sample:
    +
    disabled
    +
      +
    + network.source_dest_check + +
    + boolean +
    +     		always +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    +
      +
    + network_interfaces + +
    + complex +
    +     		always +
    One or more network interfaces for the instance.
    +
    +
       +
    + association + +
    + complex +
    +     		always +
    The association information for an Elastic IPv4 associated with the network interface.
    +
    +
        +
    + ip_owner_id + +
    + string +
    +     		always +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    +
        +
    + public_dns_name + +
    + string +
    +     		always +
    The public DNS name.
    +
    +
        +
    + public_ip + +
    + string +
    +     		always +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    +
       +
    + attachment + +
    + complex +
    +     		always +
    The network interface attachment.
    +
    +
        +
    + attach_time + +
    + string +
    +     		always +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    +
        +
    + attachment_id + +
    + string +
    +     		always +
    The ID of the network interface attachment.
    +
    +
    Sample:
    +
    eni-attach-3aff3f
    +
        +
    + delete_on_termination + +
    + boolean +
    +     		always +
    Indicates whether the network interface is deleted when the instance is terminated.
    +
    +
    Sample:
    +
    True
    +
        +
    + device_index + +
    + integer +
    +     		always +
    The index of the device on the instance for the network interface attachment.
    +
    +
        +
    + status + +
    + string +
    +     		always +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    +
       +
    + description + +
    + string +
    +     		always +
    The description.
    +
    +
    Sample:
    +
    My interface
    +
       +
    + groups + +
    + list + / elements=dictionary
    +     		always +
    One or more security groups.
    +
    +
        +
    + group_id + +
    + string +
    +     		always +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-abcdef12
    +
        +
    + group_name + +
    + string +
    +     		always +
    The name of the security group.
    +
    +
    Sample:
    +
    mygroup
    +
       +
    + ipv6_addresses + +
    + list + / elements=dictionary
    +     		always +
    One or more IPv6 addresses associated with the network interface.
    +
    +
        +
    + ipv6_address + +
    + string +
    +     		always +
    The IPv6 address.
    +
    +
    Sample:
    +
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    +
       +
    + mac_address + +
    + string +
    +     		always +
    The MAC address.
    +
    +
    Sample:
    +
    00:11:22:33:44:55
    +
       +
    + network_interface_id + +
    + string +
    +     		always +
    The ID of the network interface.
    +
    +
    Sample:
    +
    eni-01234567
    +
       +
    + owner_id + +
    + string +
    +     		always +
    The AWS account ID of the owner of the network interface.
    +
    +
    Sample:
    +
    01234567890
    +
       +
    + private_ip_address + +
    + string +
    +     		always +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    +
       +
    + private_ip_addresses + +
    + list + / elements=dictionary
    +     		always +
    The private IPv4 addresses associated with the network interface.
    +
    +
        +
    + association + +
    + complex +
    +     		always +
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    +
    +
         +
    + ip_owner_id + +
    + string +
    +     		always +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    +
         +
    + public_dns_name + +
    + string +
    +     		always +
    The public DNS name.
    +
    +
         +
    + public_ip + +
    + string +
    +     		always +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    +
        +
    + primary + +
    + boolean +
    +     		always +
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    +
    +
    Sample:
    +
    True
    +
        +
    + private_ip_address + +
    + string +
    +     		always +
    The private IPv4 address of the network interface.
    +
    +
    Sample:
    +
    10.0.0.1
    +
       +
    + source_dest_check + +
    + boolean +
    +     		always +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    +
       +
    + status + +
    + string +
    +     		always +
    The status of the network interface.
    +
    +
    Sample:
    +
    in-use
    +
       +
    + subnet_id + +
    + string +
    +     		always +
    The ID of the subnet for the network interface.
    +
    +
    Sample:
    +
    subnet-0123456
    +
       +
    + vpc_id + +
    + string +
    +     		always +
    The ID of the VPC for the network interface.
    +
    +
    Sample:
    +
    vpc-0123456
    +
      +
    + placement + +
    + complex +
    +     		always +
    The location where the instance launched, if applicable.
    +
    +
       +
    + availability_zone + +
    + string +
    +     		always +
    The Availability Zone of the instance.
    +
    +
    Sample:
    +
    ap-southeast-2a
    +
       +
    + group_name + +
    + string +
    +     		always +
    The name of the placement group the instance is in (for cluster compute instances).
    +
    +
       +
    + tenancy + +
    + string +
    +     		always +
    The tenancy of the instance (if the instance is running in a VPC).
    +
    +
    Sample:
    +
    default
    +
      +
    + private_dns_name + +
    + string +
    +     		always +
    The private DNS name.
    +
    +
    Sample:
    +
    ip-10-0-0-1.ap-southeast-2.compute.internal
    +
      +
    + private_ip_address + +
    + string +
    +     		always +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    +
      +
    + product_codes + +
    + list + / elements=dictionary
    +     		always +
    One or more product codes.
    +
    +
       +
    + product_code_id + +
    + string +
    +     		always +
    The product code.
    +
    +
    Sample:
    +
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    +
       +
    + product_code_type + +
    + string +
    +     		always +
    The type of product code.
    +
    +
    Sample:
    +
    marketplace
    +
      +
    + public_dns_name + +
    + string +
    +     		always +
    The public DNS name assigned to the instance.
    +
    +
      +
    + public_ip_address + +
    + string +
    +     		always +
    The public IPv4 address assigned to the instance
    +
    +
    Sample:
    +
    52.0.0.1
    +
      +
    + root_device_name + +
    + string +
    +     		always +
    The device name of the root device
    +
    +
    Sample:
    +
    /dev/sda1
    +
      +
    + root_device_type + +
    + string +
    +     		always +
    The type of root device used by the AMI.
    +
    +
    Sample:
    +
    ebs
    +
      +
    + security_groups + +
    + list + / elements=dictionary
    +     		always +
    One or more security groups for the instance.
    +
    +
       +
    + group_id + +
    + string +
    +     		always +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-0123456
    +
       +
    + group_name + +
    + string +
    +     		always +
    The name of the security group.
    +
    +
    Sample:
    +
    my-security-group
    +
      +
    + state + +
    + complex +
    +     		always +
    The current state of the instance.
    +
    +
       +
    + code + +
    + integer +
    +     		always +
    The low byte represents the state.
    +
    +
    Sample:
    +
    16
    +
       +
    + name + +
    + string +
    +     		always +
    The name of the state.
    +
    +
    Sample:
    +
    running
    +
      +
    + state_transition_reason + +
    + string +
    +     		always +
    The reason for the most recent state transition.
    +
    +
      +
    + subnet_id + +
    + string +
    +     		always +
    The ID of the subnet in which the instance is running.
    +
    +
    Sample:
    +
    subnet-00abcdef
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    Any tags assigned to the instance.
    +
    +
      +
    + virtualization_type + +
    + string +
    +     		always +
    The type of virtualization of the AMI.
    +
    +
    Sample:
    +
    hvm
    +
      +
    + vpc_id + +
    + dictionary +
    +     		always +
    The ID of the VPC the instance is in.
    +
    +
    Sample:
    +
    vpc-0011223344
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + diff --git a/docs/community.aws.ec2_launch_template_module.rst b/docs/community.aws.ec2_launch_template_module.rst new file mode 100644 index 00000000000..a014b5b1e1f --- /dev/null +++ b/docs/community.aws.ec2_launch_template_module.rst @@ -0,0 +1,1340 @@ +.. _community.aws.ec2_launch_template_module: + + +********************************* +community.aws.ec2_launch_template +********************************* + +**Manage EC2 launch templates** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modify, and delete EC2 Launch Templates, which can be used to create individual instances or with Autoscaling Groups. +- The :ref:`community.aws.ec2_instance ` and :ref:`community.aws.ec2_asg ` modules can, instead of specifying all parameters on those tasks, be passed a Launch Template which contains settings like instance size, disk type, subnet, and more. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.6.0 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + block_device_mappings + +
    + list + / elements=dictionary
    +     		+ +
    The block device mapping. Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.
    +
    +
    + device_name + +
    + string +
    +     		+ +
    The device name (for example, /dev/sdh or xvdh).
    +
    +
    + ebs + +
    + dictionary +
    +     		+ +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    +
    +
    + delete_on_termination + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the EBS volume is deleted on instance termination.
    +
    +
    + encrypted + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
    +
    +
    + iops + +
    + integer +
    +     		+ +
    The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide.
    +
    Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
    +
    +
    + snapshot_id + +
    + string +
    +     		+ +
    The ID of the snapshot to create the volume from.
    +
    +
    + volume_size + +
    + integer +
    +     		+ +
    The size of the volume, in GiB.
    +
    Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.
    +
    +
    + volume_type + +
    + string +
    +     		+ +
    The volume type
    +
    +
    + no_device + +
    + string +
    +     		+ +
    Suppresses the specified device included in the block device mapping of the AMI.
    +
    +
    + virtual_name + +
    + string +
    +     		+ +
    The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
    +
    +
    + cpu_options + +
    + dictionary +
    +     		+ +
    Choose CPU settings for the EC2 instances that will be created with this template.
    + +
    +
    + core_count + +
    + integer +
    +     		+ +
    The number of CPU cores for the instance.
    +
    +
    + threads_per_core + +
    + integer +
    +     		+ +
    The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.
    +
    +
    + credit_specification + +
    + dictionary +
    +     		+ +
    The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.
    +
    +
    + cpu_credits + +
    + string +
    +     		+ +
    The credit option for CPU usage of a T2 or T3 instance. Valid values are standard and unlimited.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + default_version + +
    + string +
    +     		+ Default:
    "latest"
    +     		+
    Which version should be the default when users spin up new instances based on this template? By default, the latest version will be made the default.
    +
    +
    + disable_api_termination + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    This helps protect instances from accidental termination. If set to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute.
    +
    +
    + ebs_optimized + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + elastic_gpu_specifications + +
    + list + / elements=dictionary
    +     		+ +
    Settings for Elastic GPU attachments. See https://aws.amazon.com/ec2/elastic-gpus/ for details.
    +
    +
    + type + +
    + string +
    +     		+ +
    The type of Elastic GPU to attach
    +
    +
    + iam_instance_profile + +
    + string +
    +     		+ +
    The name or ARN of an IAM instance profile. Requires permissions to describe existing instance roles to confirm ARN is properly formed.
    +
    +
    + image_id + +
    + string +
    +     		+ +
    The AMI ID to use for new instances launched with this template. This value is region-dependent since AMIs are not global resources.
    +
    +
    + instance_initiated_shutdown_behavior + +
    + string +
    +     		+
      Choices: +
    • stop
      • +
    • terminate
      • +
    +     		+
    Indicates whether an instance stops or terminates when you initiate shutdown from the instance using the operating system shutdown command.
    +
    +
    + instance_market_options + +
    + dictionary +
    +     		+ +
    Options for alternative instance markets, currently only the spot market is supported.
    +
    +
    + market_type + +
    + string +
    +     		+ +
    The market type. This should always be 'spot'.
    +
    +
    + spot_options + +
    + dictionary +
    +     		+ +
    Spot-market specific settings.
    +
    +
    + block_duration_minutes + +
    + integer +
    +     		+ +
    The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
    +
    +
    + instance_interruption_behavior + +
    + string +
    +     		+
      Choices: +
    • hibernate
      • +
    • stop
      • +
    • terminate
      • +
    +     		+
    The behavior when a Spot Instance is interrupted. The default is terminate.
    +
    +
    + max_price + +
    + string +
    +     		+ +
    The highest hourly price you're willing to pay for this Spot Instance.
    +
    +
    + spot_instance_type + +
    + string +
    +     		+
      Choices: +
    • one-time
      • +
    • persistent
      • +
    +     		+
    The request type to send.
    +
    +
    + instance_type + +
    + string +
    +     		+ +
    The instance type, such as c5.2xlarge. For a full list of instance types, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html.
    +
    +
    + kernel_id + +
    + string +
    +     		+ +
    The ID of the kernel. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    +
    +
    + key_name + +
    + string +
    +     		+ +
    The name of the key pair. You can create a key pair using amazon.aws.ec2_key.
    +
    If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
    +
    +
    + monitoring + +
    + dictionary +
    +     		+ +
    Settings for instance monitoring.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to turn on detailed monitoring for new instances. This will incur extra charges.
    +
    +
    + network_interfaces + +
    + list + / elements=dictionary
    +     		+ +
    One or more network interfaces.
    +
    +
    + associate_public_ip_address + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Associates a public IPv4 address with eth0 for a new network interface.
    +
    +
    + delete_on_termination + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the network interface is deleted when the instance is terminated.
    +
    +
    + description + +
    + string +
    +     		+ +
    A description for the network interface.
    +
    +
    + device_index + +
    + integer +
    +     		+ +
    The device index for the network interface attachment.
    +
    +
    + groups + +
    + list + / elements=string
    +     		+ +
    List of security group IDs to include on this instance.
    +
    +
    + ipv6_address_count + +
    + integer +
    +     		+ +
    The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying the ipv6_addresses option.
    +
    +
    + ipv6_addresses + +
    + list + / elements=string
    +     		+ +
    A list of one or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying the ipv6_address_count option.
    +
    +
    + network_interface_id + +
    + string +
    +     		+ +
    The eni ID of a network interface to attach.
    +
    +
    + private_ip_address + +
    + string +
    +     		+ +
    The primary private IPv4 address of the network interface.
    +
    +
    + subnet_id + +
    + string +
    +     		+ +
    The ID of the subnet for the network interface.
    +
    +
    + placement + +
    + dictionary +
    +     		+ +
    The placement group settings for the instance.
    +
    +
    + affinity + +
    + string +
    +     		+ +
    The affinity setting for an instance on a Dedicated Host.
    +
    +
    + availability_zone + +
    + string +
    +     		+ +
    The Availability Zone for the instance.
    +
    +
    + group_name + +
    + string +
    +     		+ +
    The name of the placement group for the instance.
    +
    +
    + host_id + +
    + string +
    +     		+ +
    The ID of the Dedicated Host for the instance.
    +
    +
    + tenancy + +
    + string +
    +     		+ +
    The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + ram_disk_id + +
    + string +
    +     		+ +
    The ID of the RAM disk to launch the instance with. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_group_ids + +
    + list + / elements=string
    +     		+ +
    A list of security group IDs (VPC or EC2-Classic) that the new instances will be added to.
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the launch template should exist or not.
    +
    Deleting specific versions of a launch template is not supported at this time.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A set of key-value pairs to be applied to resources when this Launch Template is used.
    +
    Tag key constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:
    +
    Tag value constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
    +
    +
    + template_id + +
    + string +
    +     		+ +
    The ID for the launch template, can be used for all cases except creating a new Launch Template.
    +

    aliases: id
    +
    +
    + template_name + +
    + string +
    +     		+ +
    The template name. This must be unique in the region-account combination you are using.
    +

    aliases: name
    +
    +
    + user_data + +
    + string +
    +     		+ +
    The Base64-encoded user data to make available to the instance. For more information, see the Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html and Windows http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data documentation on user-data.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create an ec2 launch template + community.aws.ec2_launch_template: + name: "my_template" + image_id: "ami-04b762b4289fba92b" + key_name: my_ssh_key + instance_type: t2.micro + iam_instance_profile: myTestProfile + disable_api_termination: true + + - name: > + Create a new version of an existing ec2 launch template with a different instance type, + while leaving an older version as the default version + community.aws.ec2_launch_template: + name: "my_template" + default_version: 1 + instance_type: c5.4xlarge + + - name: Delete an ec2 launch template + community.aws.ec2_launch_template: + name: "my_template" + state: absent + + # This module does not yet allow deletion of specific versions of launch templates + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + default_version + +
    + integer +
    +     		when state=present +
    The version that will be used if only the template name is specified. Often this is the same as the latest version, but not always.
    +
    +
    +
    + latest_version + +
    + integer +
    +     		when state=present +
    Latest available version of the launch template
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + diff --git a/docs/community.aws.ec2_lc_find_module.rst b/docs/community.aws.ec2_lc_find_module.rst new file mode 100644 index 00000000000..4e2aa13f827 --- /dev/null +++ b/docs/community.aws.ec2_lc_find_module.rst @@ -0,0 +1,546 @@ +.. _community.aws.ec2_lc_find_module: + + +************************* +community.aws.ec2_lc_find +************************* + +**Find AWS Autoscaling Launch Configurations** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Returns list of matching Launch Configurations for a given name, along with other useful information. +- Results can be sorted and sliced. +- It depends on boto. +- Based on the work by Tom Bamford https://github.com/tombamford + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + limit + +
    + integer +
    +     		+ +
    How many results to show.
    +
    Corresponds to Python slice notation like list[:limit].
    +
    +
    + name_regex + +
    + string + / required
    +     		+ +
    A Launch Configuration to match.
    +
    It'll be compiled as regex.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + sort_order + +
    + string +
    +     		+
      Choices: +
    • ascending ←
      • +
    • descending
      • +
    +     		+
    Order in which to sort results.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Search for the Launch Configurations that start with "app" + community.aws.ec2_lc_find: + name_regex: app.* + sort_order: descending + limit: 2 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + arn + +
    + string +
    +     		when Launch Configuration was found +
    Name of the AMI
    +
    +
    Sample:
    +
    arn:aws:autoscaling:eu-west-1:12345:launchConfiguration:d82f050e-e315:launchConfigurationName/yourproject
    +
    +
    + associate_public_address + +
    + boolean +
    +     		when Launch Configuration was found +
    Assign public address or not
    +
    +
    Sample:
    +
    True
    +
    +
    + block_device_mappings + +
    + list +
    +     		when Launch Configuration was found +
    Launch Configuration block device mappings property
    +
    +
    +
    + classic_link_vpc_security_groups + +
    + list +
    +     		when Launch Configuration was found +
    Launch Configuration classic link vpc security groups property
    +
    +
    +
    + created_time + +
    + string +
    +     		when Launch Configuration was found +
    When it was created
    +
    +
    Sample:
    +
    2016-06-29T14:59:22.222000+00:00
    +
    +
    + ebs_optimized + +
    + boolean +
    +     		when Launch Configuration was found +
    Launch Configuration EBS optimized property
    +
    +
    +
    + image_id + +
    + string +
    +     		when Launch Configuration was found +
    AMI id
    +
    +
    Sample:
    +
    ami-0d75df7e
    +
    +
    + instance_monitoring + +
    + string +
    +     		when Launch Configuration was found +
    Launch Configuration instance monitoring property
    +
    +
    Sample:
    +
    {'Enabled': False}
    +
    +
    + instance_type + +
    + string +
    +     		when Launch Configuration was found +
    Type of ec2 instance
    +
    +
    Sample:
    +
    t2.small
    +
    +
    + kernel_id + +
    + string +
    +     		when Launch Configuration was found +
    Launch Configuration kernel to use
    +
    +
    +
    + keyname + +
    + string +
    +     		when Launch Configuration was found +
    Launch Configuration ssh key
    +
    +
    Sample:
    +
    mykey
    +
    +
    + name + +
    + string +
    +     		when Launch Configuration was found +
    Name of the Launch Configuration
    +
    +
    Sample:
    +
    myapp-v123
    +
    +
    + ram_disk_id + +
    + string +
    +     		when Launch Configuration was found +
    Launch Configuration ram disk property
    +
    +
    +
    + security_groups + +
    + list +
    +     		when Launch Configuration was found +
    Launch Configuration security groups
    +
    +
    +
    + user_data + +
    + string +
    +     		when Launch Configuration was found +
    User data used to start instance
    +
    +
    Sample:
    +
    ZXhwb3J0IENMT1VE
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jose Armesto (@fiunchinho) + + diff --git a/docs/community.aws.ec2_lc_info_module.rst b/docs/community.aws.ec2_lc_info_module.rst new file mode 100644 index 00000000000..0d9504ece83 --- /dev/null +++ b/docs/community.aws.ec2_lc_info_module.rst @@ -0,0 +1,578 @@ +.. _community.aws.ec2_lc_info_module: + + +************************* +community.aws.ec2_lc_info +************************* + +**Gather information about AWS Autoscaling Launch Configurations.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about AWS Autoscaling Launch Configurations. +- This module was called ``ec2_lc_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + list + / elements=string
    +     		+ Default:
    []
    +     		+
    A name or a list of name to match.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + sort + +
    + string +
    +     		+
      Choices: +
    • launch_configuration_name
      • +
    • image_id
      • +
    • created_time
      • +
    • instance_type
      • +
    • kernel_id
      • +
    • ramdisk_id
      • +
    • key_name
      • +
    +     		+
    Optional attribute which with to sort the results.
    +
    +
    + sort_end + +
    + integer +
    +     		+ +
    Which result to end with (when sorting).
    +
    Corresponds to Python slice notation.
    +
    +
    + sort_order + +
    + string +
    +     		+
      Choices: +
    • ascending ←
      • +
    • descending
      • +
    +     		+
    Order in which to sort results.
    +
    Only used when the 'sort' parameter is specified.
    +
    +
    + sort_start + +
    + integer +
    +     		+ +
    Which result to start with (when sorting).
    +
    Corresponds to Python slice notation.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all launch configurations + community.aws.ec2_lc_info: + + - name: Gather information about launch configuration with name "example" + community.aws.ec2_lc_info: + name: example + + - name: Gather information sorted by created_time from most recent to least recent + community.aws.ec2_lc_info: + sort: created_time + sort_order: descending + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + block_device_mapping + +
    + list +
    +     		always +
    Block device mapping for the instances of launch configuration
    +
    +
    Sample:
    +
    [{ 'device_name': '/dev/xvda':, 'ebs': { 'delete_on_termination': true, 'volume_size': 8, 'volume_type': 'gp2' }]
    +
    +
    + classic_link_vpc_security_groups + +
    + string +
    +     		always +
    IDs of one or more security groups for the VPC specified in classic_link_vpc_id
    +
    +
    +
    + created_time + +
    + string +
    +     		always +
    The creation date and time for the launch configuration
    +
    +
    Sample:
    +
    2016-05-27T13:47:44.216000+00:00
    +
    +
    + ebs_optimized + +
    + boolean +
    +     		always +
    EBS I/O optimized (true ) or not (false )
    +
    +
    Sample:
    +
    true,
    +
    +
    + image_id + +
    + string +
    +     		always +
    ID of the Amazon Machine Image (AMI)
    +
    +
    Sample:
    +
    ami-12345678
    +
    +
    + instance_monitoring + +
    + dictionary +
    +     		always +
    Launched with detailed monitoring or not
    +
    +
    Sample:
    +
    { 'enabled': true }
    +
    +
    + instance_type + +
    + string +
    +     		always +
    Instance type
    +
    +
    Sample:
    +
    t2.micro
    +
    +
    + kernel_id + +
    + string +
    +     		always +
    ID of the kernel associated with the AMI
    +
    +
    +
    + key_name + +
    + string +
    +     		always +
    Name of the key pair
    +
    +
    Sample:
    +
    user_app
    +
    +
    + launch_configuration_arn + +
    + string +
    +     		always +
    Amazon Resource Name (ARN) of the launch configuration
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:666612345678:launchConfiguration:ba785e3a-dd42-6f02-4585-ea1a2b458b3d:launchConfigurationName/lc-app
    +
    +
    + launch_configuration_name + +
    + string +
    +     		always +
    Name of the launch configuration
    +
    +
    Sample:
    +
    lc-app
    +
    +
    + ramdisk_id + +
    + string +
    +     		always +
    ID of the RAM disk associated with the AMI
    +
    +
    +
    + security_groups + +
    + list +
    +     		always +
    Security groups to associated
    +
    +
    Sample:
    +
    [ 'web' ]
    +
    +
    + user_data + +
    + string +
    +     		always +
    User data available
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Loïc Latreille (@psykotox) + + diff --git a/docs/community.aws.ec2_lc_module.rst b/docs/community.aws.ec2_lc_module.rst new file mode 100644 index 00000000000..20e22f690dc --- /dev/null +++ b/docs/community.aws.ec2_lc_module.rst @@ -0,0 +1,1469 @@ +.. _community.aws.ec2_lc_module: + + +******************** +community.aws.ec2_lc +******************** + +**Create or delete AWS Autoscaling Launch Configurations** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete AWS Autoscaling Configurations. +- Works with the ec2_asg module to manage Autoscaling Groups. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.4.4 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + assign_public_ip + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
    +
    +
    + associate_public_ip_address + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The associate_public_ip_address option does nothing and will be removed after 2022-06-01
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + classic_link_vpc_id + +
    + string +
    +     		+ +
    Id of ClassicLink enabled VPC
    +
    +
    + classic_link_vpc_security_groups + +
    + list + / elements=string
    +     		+ +
    A list of security group IDs with which to associate the ClassicLink VPC instances.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ebs_optimized + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether the instance is optimized for EBS I/O (true) or not (false).
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + image_id + +
    + string +
    +     		+ +
    The AMI unique identifier to be used for the group.
    +
    +
    + instance_id + +
    + string +
    +     		+ +
    The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
    +
    +
    + instance_monitoring + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether instances are launched with detailed monitoring.
    +
    +
    + instance_profile_name + +
    + string +
    +     		+ +
    The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
    +
    +
    + instance_type + +
    + string +
    +     		+ +
    Instance type to use for the instance.
    +
    Required when creating a new Launch Configuration.
    +
    +
    + kernel_id + +
    + string +
    +     		+ +
    Kernel id for the EC2 instance.
    +
    +
    + key_name + +
    + string +
    +     		+ +
    The SSH key name to be used for access to managed instances.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Unique name for configuration.
    +
    +
    + placement_tenancy + +
    + string +
    +     		+
      Choices: +
    • default
      • +
    • dedicated
      • +
    +     		+
    Determines whether the instance runs on single-tenant hardware or not.
    +
    When not set AWS will default to default.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + ramdisk_id + +
    + string +
    +     		+ +
    A RAM disk id for the instances.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + spot_price + +
    + float +
    +     		+ +
    The spot price you are bidding. Only applies for an autoscaling group with spot instances.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the instance.
    +
    +
    + user_data + +
    + string +
    +     		+ +
    Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with user_data_path.
    +
    +
    + user_data_path + +
    + path +
    +     		+ +
    Path to the file that contains userdata for the ec2 instances. Mutually exclusive with user_data.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + volumes + +
    + list + / elements=dictionary
    +     		+ +
    A list dictionaries defining the volumes to create.
    +
    For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
    +
    +
    + delete_on_termination + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the volume should be automatically deleted when the instance is terminated.
    +
    +
    + device_name + +
    + string + / required
    +     		+ +
    The name for the volume (For example /dev/sda).
    +
    +
    + encrypted + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the volume should be encrypted using the 'aws/ebs' KMS CMK.
    +
    +
    + ephemeral + +
    + string +
    +     		+ +
    Whether the volume should be ephemeral.
    +
    Data on ephemeral volumes is lost when the instance is stopped.
    +
    Mutually exclusive with the snapshot parameter.
    +
    +
    + iops + +
    + integer +
    +     		+ +
    The number of IOPS per second to provision for the volume.
    +
    Required when volume_type=io1.
    +
    +
    + no_device + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When no_device=true the device will not be created.
    +
    +
    + snapshot + +
    + string +
    +     		+ +
    The ID of an EBS snapshot to copy when creating the volume.
    +
    Mutually exclusive with the ephemeral parameter.
    +
    +
    + volume_size + +
    + integer +
    +     		+ +
    The size of the volume (in GiB).
    +
    Required unless one of ephemeral, snapshot or no_device is set.
    +
    +
    + volume_type + +
    + string +
    +     		+ +
    The type of volume to create.
    +
    See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html for more information on the available volume types.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    VPC ID, used when resolving security group names to IDs.
    +
    +
    + + +Notes +----- + +.. note:: + - Amazon ASG Autoscaling Launch Configurations are immutable once created, so modifying the configuration after it is changed will not modify the launch configuration on AWS. You must create a new config and assign it to the ASG instead. + - encrypted volumes are supported on versions >= 2.4 + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # create a launch configuration using an AMI image and instance type as a basis + + - name: note that encrypted volumes are only supported in >= Ansible 2.4 + community.aws.ec2_lc: + name: special + image_id: ami-XXX + key_name: default + security_groups: ['group', 'group2' ] + instance_type: t1.micro + volumes: + - device_name: /dev/sda1 + volume_size: 100 + volume_type: io1 + iops: 3000 + delete_on_termination: true + encrypted: true + - device_name: /dev/sdb + ephemeral: ephemeral0 + + - name: create a launch configuration using a running instance id as a basis + community.aws.ec2_lc: + name: special + instance_id: i-00a48b207ec59e948 + key_name: default + security_groups: ['launch-wizard-2' ] + volumes: + - device_name: /dev/sda1 + volume_size: 120 + volume_type: io1 + iops: 3000 + delete_on_termination: true + + - name: create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image + community.aws.ec2_lc: + name: special + image_id: ami-XXX + key_name: default + security_groups: ['group', 'group2' ] + instance_type: t1.micro + volumes: + - device_name: /dev/sdf + no_device: true + + - name: Use EBS snapshot ID for volume + block: + - name: Set Volume Facts + set_fact: + volumes: + - device_name: /dev/sda1 + volume_size: 20 + ebs: + snapshot: snap-XXXX + volume_type: gp2 + delete_on_termination: true + encrypted: no + + - name: Create launch configuration + community.aws.ec2_lc: + name: lc1 + image_id: ami-xxxx + assign_public_ip: yes + instance_type: t2.medium + key_name: my-key + security_groups: "['sg-xxxx']" + volumes: "{{ volumes }}" + register: lc_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + arn + +
    + string +
    +     		when state=present +
    The Amazon Resource Name of the launch configuration.
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    +
    +
    + changed + +
    + boolean +
    +     		always +
    Whether the state of the launch configuration has changed.
    +
    +
    +
    + created_time + +
    + string +
    +     		when state=present +
    The creation date and time for the launch configuration.
    +
    +
    Sample:
    +
    2017-11-03 23:46:44.841000
    +
    +
    + image_id + +
    + string +
    +     		when state=present +
    The ID of the Amazon Machine Image used by the launch configuration.
    +
    +
    Sample:
    +
    ami-9be6f38c
    +
    +
    + instance_type + +
    + string +
    +     		when state=present +
    The instance type for the instances.
    +
    +
    Sample:
    +
    t1.micro
    +
    +
    + name + +
    + string +
    +     		when state=present +
    The name of the launch configuration.
    +
    +
    Sample:
    +
    launch_config_name
    +
    +
    + result + +
    + complex +
    +     		when state=present +
    The specification details for the launch configuration.
    +
    +
      +
    + associate_public_ip_address + +
    + boolean +
    +     		when state=present +
    (EC2-VPC) Indicates whether to assign a public IP address to each instance.
    +
    +
      +
    + block_device_mappings + +
    + complex +
    +     		when state=present +
    A block device mapping, which specifies the block devices.
    +
    +
       +
    + device_name + +
    + string +
    +     		when state=present +
    The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).
    +
    +
    Sample:
    +
    /dev/sda1
    +
       +
    + ebs + +
    + complex +
    +     		when state=present +
    The information about the Amazon EBS volume.
    +
    +
        +
    + snapshot_id + +
    + string +
    +     		when state=present +
    The ID of the snapshot.
    +
    +
        +
    + volume_size + +
    + string +
    +     		when state=present +
    The volume size, in GiB.
    +
    +
    Sample:
    +
    100
    +
       +
    + virtual_name + +
    + string +
    +     		when state=present +
    The name of the virtual device (for example, ephemeral0).
    +
    +
    Sample:
    +
    ephemeral0
    +
      +
    + classic_link_vpc_id + +
    + string +
    +     		when state=present +
    The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
    +
    +
      +
    + classic_link_vpc_security_groups + +
    + list +
    +     		when state=present +
    The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId.
    +
    +
      +
    + created_time + +
    + string +
    +     		when state=present +
    The creation date and time for the launch configuration.
    +
    +
    Sample:
    +
    2017-11-03 23:46:44.841000
    +
      +
    + delete_on_termination + +
    + boolean +
    +     		when state=present +
    Indicates whether the volume is deleted on instance termination.
    +
    +
    Sample:
    +
    True
    +
      +
    + ebs_optimized + +
    + boolean +
    +     		when state=present +
    Indicates whether the instance is optimized for EBS I/O (true) or not (false).
    +
    +
      +
    + image_id + +
    + string +
    +     		when state=present +
    The ID of the Amazon Machine Image used by the launch configuration.
    +
    +
    Sample:
    +
    ami-9be6f38c
    +
      +
    + instance_monitoring + +
    + boolean +
    +     		when state=present +
    Indicates whether instances in this group are launched with detailed (true) or basic (false) monitoring.
    +
    +
    Sample:
    +
    True
    +
      +
    + instance_profile_name + +
    + string +
    +     		when state=present +
    The name or Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance.
    +
    +
      +
    + instance_type + +
    + string +
    +     		when state=present +
    The instance type for the instances.
    +
    +
    Sample:
    +
    t1.micro
    +
      +
    + iops + +
    + integer +
    +     		when state=present +
    The number of I/O operations per second (IOPS) to provision for the volume.
    +
    +
      +
    + kernel_id + +
    + string +
    +     		when state=present +
    The ID of the kernel associated with the AMI.
    +
    +
      +
    + key_name + +
    + string +
    +     		when state=present +
    The name of the key pair.
    +
    +
    Sample:
    +
    testkey
    +
      +
    + launch_configuration_arn + +
    + string +
    +     		when state=present +
    The Amazon Resource Name (ARN) of the launch configuration.
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    +
      +
    + member + +
    + string +
    +     		when state=present +
    +
    +
    Sample:
    +
    +
      +
    + name + +
    + string +
    +     		when state=present +
    The name of the launch configuration.
    +
    +
    Sample:
    +
    launch_config_name
    +
      +
    + PlacementTenancy + +
    + string +
    +     		when state=present +
    The tenancy of the instances, either default or dedicated.
    +
    +
    Sample:
    +
    default
    +
      +
    + ramdisk_id + +
    + string +
    +     		when state=present +
    The ID of the RAM disk associated with the AMI.
    +
    +
      +
    + security_groups + +
    + list +
    +     		when state=present +
    The security groups to associate with the instances.
    +
    +
    Sample:
    +
    ['sg-5e27db2f']
    +
      +
    + spot_price + +
    + float +
    +     		when state=present +
    The price to bid when launching Spot Instances.
    +
    +
      +
    + use_block_device_types + +
    + boolean +
    +     		when state=present +
    Indicates whether to suppress a device mapping.
    +
    +
      +
    + user_data + +
    + string +
    +     		when state=present +
    The user data available to the instances.
    +
    +
      +
    + volume_type + +
    + string +
    +     		when state=present +
    The volume type (one of standard, io1, gp2).
    +
    +
    Sample:
    +
    io1
    +
    +
    + security_groups + +
    + list +
    +     		when state=present +
    The security groups to associate with the instances.
    +
    +
    Sample:
    +
    ['sg-5e27db2f']
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Gareth Rushgrove (@garethr) +- Willem van Ketwich (@wilvk) + + diff --git a/docs/community.aws.ec2_metric_alarm_module.rst b/docs/community.aws.ec2_metric_alarm_module.rst new file mode 100644 index 00000000000..bb16941d1ab --- /dev/null +++ b/docs/community.aws.ec2_metric_alarm_module.rst @@ -0,0 +1,562 @@ +.. _community.aws.ec2_metric_alarm_module: + + +****************************** +community.aws.ec2_metric_alarm +****************************** + +**Create/update or delete AWS Cloudwatch 'metric alarms'** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete AWS metric alarms. +- Metrics you wish to alarm on must already exist. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + alarm_actions + +
    + list + / elements=string
    +     		+ +
    A list of the names action(s) taken when the alarm is in the alarm status, denoted as Amazon Resource Name(s).
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + comparison + +
    + string +
    +     		+
      Choices: +
    • GreaterThanOrEqualToThreshold
      • +
    • GreaterThanThreshold
      • +
    • LessThanThreshold
      • +
    • LessThanOrEqualToThreshold
      • +
    • <=
      • +
    • <
      • +
    • >=
      • +
    • >
      • +
    +     		+
    Determines how the threshold value is compared
    +
    Symbolic comparison operators have been deprecated, and will be removed after 2022-06-22.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A longer description of the alarm.
    +
    +
    + dimensions + +
    + dictionary +
    +     		+ +
    A dictionary describing which metric the alarm is applied to.
    +
    For more information see the AWS documentation:
    + +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + evaluation_periods + +
    + integer +
    +     		+ +
    The number of times in which the metric is evaluated before final calculation.
    +
    +
    + insufficient_data_actions + +
    + list + / elements=string
    +     		+ +
    A list of the names of action(s) to take when the alarm is in the insufficient_data status.
    +
    +
    + metric + +
    + string +
    +     		+ +
    Name of the monitored metric (e.g. CPUUtilization).
    +
    Metric must already exist.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Unique name for the alarm.
    +
    +
    + namespace + +
    + string +
    +     		+ +
    Name of the appropriate namespace (AWS/EC2, System/Linux, etc.), which determines the category it will appear under in cloudwatch.
    +
    +
    + ok_actions + +
    + list + / elements=string
    +     		+ +
    A list of the names of action(s) to take when the alarm is in the ok status, denoted as Amazon Resource Name(s).
    +
    +
    + period + +
    + integer +
    +     		+ +
    The time (in seconds) between metric evaluations.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the alarm.
    +
    +
    + statistic + +
    + string +
    +     		+
      Choices: +
    • SampleCount
      • +
    • Average
      • +
    • Sum
      • +
    • Minimum
      • +
    • Maximum
      • +
    +     		+
    Operation applied to the metric.
    +
    Works in conjunction with period and evaluation_periods to determine the comparison value.
    +
    +
    + threshold + +
    + float +
    +     		+ +
    Sets the min/max bound for triggering the alarm.
    +
    +
    + treat_missing_data + +
    + string +
    +     		+
      Choices: +
    • breaching
      • +
    • notBreaching
      • +
    • ignore
      • +
    • missing ←
      • +
    +     		+
    Sets how the alarm handles missing data points.
    +
    +
    + unit + +
    + string +
    +     		+
      Choices: +
    • Seconds
      • +
    • Microseconds
      • +
    • Milliseconds
      • +
    • Bytes
      • +
    • Kilobytes
      • +
    • Megabytes
      • +
    • Gigabytes
      • +
    • Terabytes
      • +
    • Bits
      • +
    • Kilobits
      • +
    • Megabits
      • +
    • Gigabits
      • +
    • Terabits
      • +
    • Percent
      • +
    • Count
      • +
    • Bytes/Second
      • +
    • Kilobytes/Second
      • +
    • Megabytes/Second
      • +
    • Gigabytes/Second
      • +
    • Terabytes/Second
      • +
    • Bits/Second
      • +
    • Kilobits/Second
      • +
    • Megabits/Second
      • +
    • Gigabits/Second
      • +
    • Terabits/Second
      • +
    • Count/Second
      • +
    • None
      • +
    +     		+
    The threshold's unit of measurement.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create alarm + community.aws.ec2_metric_alarm: + state: present + region: ap-southeast-2 + name: "cpu-low" + metric: "CPUUtilization" + namespace: "AWS/EC2" + statistic: Average + comparison: "LessThanOrEqualToThreshold" + threshold: 5.0 + period: 300 + evaluation_periods: 3 + unit: "Percent" + description: "This will alarm when a bamboo slave's cpu usage average is lower than 5% for 15 minutes " + dimensions: {'InstanceId':'i-XXX'} + alarm_actions: ["action1","action2"] + + - name: Create an alarm to recover a failed instance + community.aws.ec2_metric_alarm: + state: present + region: us-west-1 + name: "recover-instance" + metric: "StatusCheckFailed_System" + namespace: "AWS/EC2" + statistic: "Minimum" + comparison: ">=" + threshold: 1.0 + period: 60 + evaluation_periods: 2 + unit: "Count" + description: "This will recover an instance when it fails" + dimensions: {"InstanceId":'i-XXX'} + alarm_actions: ["arn:aws:automate:us-west-1:ec2:recover"] + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Zacharie Eakin (@Zeekin) + + diff --git a/docs/community.aws.ec2_placement_group_info_module.rst b/docs/community.aws.ec2_placement_group_info_module.rst new file mode 100644 index 00000000000..88f9cc5d02a --- /dev/null +++ b/docs/community.aws.ec2_placement_group_info_module.rst @@ -0,0 +1,345 @@ +.. _community.aws.ec2_placement_group_info_module: + + +************************************** +community.aws.ec2_placement_group_info +************************************** + +**List EC2 Placement Group(s) details** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- List details of EC2 Placement Group(s). +- This module was called ``ec2_placement_group_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + names + +
    + list + / elements=string
    +     		+ Default:
    []
    +     		+
    A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details or the AWS region, + # see the AWS Guide for details. + + - name: List all placement groups. + community.aws.ec2_placement_group_info: + register: all_ec2_placement_groups + + - name: List two placement groups. + community.aws.ec2_placement_group_info: + names: + - my-cluster + - my-other-cluster + register: specific_ec2_placement_groups + + - debug: + msg: "{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + placement_groups + +
    + complex +
    +     		always +
    Placement group attributes
    +
    +
      +
    + name + +
    + string +
    +     		+
    PG name
    +
    +
    Sample:
    +
    my-cluster
    +
      +
    + state + +
    + string +
    +     		+
    PG state
    +
    +
    Sample:
    +
    available
    +
      +
    + strategy + +
    + string +
    +     		+
    PG strategy
    +
    +
    Sample:
    +
    cluster
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Brad Macpherson (@iiibrad) + + diff --git a/docs/community.aws.ec2_placement_group_module.rst b/docs/community.aws.ec2_placement_group_module.rst new file mode 100644 index 00000000000..6170c36a7e1 --- /dev/null +++ b/docs/community.aws.ec2_placement_group_module.rst @@ -0,0 +1,383 @@ +.. _community.aws.ec2_placement_group_module: + + +********************************* +community.aws.ec2_placement_group +********************************* + +**Create or delete an EC2 Placement Group** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create an EC2 Placement Group; if the placement group already exists, nothing is done. Or, delete an existing placement group. If the placement group is absent, do nothing. See also https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name for the placement group.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete placement group.
    +
    +
    + strategy + +
    + string +
    +     		+
      Choices: +
    • cluster ←
      • +
    • spread
      • +
    +     		+
    Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide + # for details. + + - name: Create a placement group. + community.aws.ec2_placement_group: + name: my-cluster + state: present + + - name: Create a Spread placement group. + community.aws.ec2_placement_group: + name: my-cluster + state: present + strategy: spread + + - name: Delete a placement group. + community.aws.ec2_placement_group: + name: my-cluster + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + placement_group + +
    + complex +
    +     		when state != absent +
    Placement group attributes
    +
    +
      +
    + name + +
    + string +
    +     		+
    PG name
    +
    +
    Sample:
    +
    my-cluster
    +
      +
    + state + +
    + string +
    +     		+
    PG state
    +
    +
    Sample:
    +
    available
    +
      +
    + strategy + +
    + string +
    +     		+
    PG strategy
    +
    +
    Sample:
    +
    cluster
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Brad Macpherson (@iiibrad) + + diff --git a/docs/community.aws.ec2_scaling_policy_module.rst b/docs/community.aws.ec2_scaling_policy_module.rst new file mode 100644 index 00000000000..06bca9d7550 --- /dev/null +++ b/docs/community.aws.ec2_scaling_policy_module.rst @@ -0,0 +1,350 @@ +.. _community.aws.ec2_scaling_policy_module: + + +******************************** +community.aws.ec2_scaling_policy +******************************** + +**Create or delete AWS scaling policies for Autoscaling groups** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Can create or delete scaling policies for autoscaling groups. +- Referenced autoscaling groups must already exist. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + adjustment_type + +
    + string +
    +     		+
      Choices: +
    • ChangeInCapacity
      • +
    • ExactCapacity
      • +
    • PercentChangeInCapacity
      • +
    +     		+
    The type of change in capacity of the autoscaling group.
    +
    +
    + asg_name + +
    + string + / required
    +     		+ +
    Name of the associated autoscaling group.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cooldown + +
    + integer +
    +     		+ +
    The minimum period of time (in seconds) between which autoscaling actions can take place.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + min_adjustment_step + +
    + integer +
    +     		+ +
    Minimum amount of adjustment when policy is triggered.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Unique name for the scaling policy.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + scaling_adjustment + +
    + integer +
    +     		+ +
    The amount by which the autoscaling group is adjusted by the policy.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the policy.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - community.aws.ec2_scaling_policy: + state: present + region: US-XXX + name: "scaledown-policy" + adjustment_type: "ChangeInCapacity" + asg_name: "slave-pool" + scaling_adjustment: -1 + min_adjustment_step: 1 + cooldown: 300 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Zacharie Eakin (@Zeekin) + + diff --git a/docs/community.aws.ec2_snapshot_copy_module.rst b/docs/community.aws.ec2_snapshot_copy_module.rst new file mode 100644 index 00000000000..b62f92cc791 --- /dev/null +++ b/docs/community.aws.ec2_snapshot_copy_module.rst @@ -0,0 +1,425 @@ +.. _community.aws.ec2_snapshot_copy_module: + + +******************************* +community.aws.ec2_snapshot_copy +******************************* + +**Copies an EC2 snapshot and returns the new Snapshot ID.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Copies an EC2 Snapshot from a source region to a destination region. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    An optional human-readable string describing purpose of the new Snapshot.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + encrypted + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not the destination Snapshot should be encrypted.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    KMS key id used to encrypt snapshot. If not specified, AWS defaults to alias/aws/ebs.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + source_region + +
    + string + / required
    +     		+ +
    The source region the Snapshot should be copied from.
    +
    +
    + source_snapshot_id + +
    + string + / required
    +     		+ +
    The ID of the Snapshot in source region that should be copied.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A hash/dictionary of tags to add to the new Snapshot; '{"key":"value"}' and '{"key":"value","key":"value"}'
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for the copied Snapshot to be in 'Available' state before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    600
    +     		+
    How long before wait gives up, in seconds.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Basic Snapshot Copy + community.aws.ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + + - name: Copy Snapshot and wait until available + community.aws.ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + wait: yes + wait_timeout: 1200 # Default timeout is 600 + register: snapshot_id + + - name: Tagged Snapshot copy + community.aws.ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + tags: + Name: Snapshot-Name + + - name: Encrypted Snapshot copy + community.aws.ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + encrypted: yes + + - name: Encrypted Snapshot copy with specified key + community.aws.ec2_snapshot_copy: + source_region: eu-central-1 + region: eu-west-1 + source_snapshot_id: snap-xxxxxxx + encrypted: yes + kms_key_id: arn:aws:kms:eu-central-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + snapshot_id + +
    + string +
    +     		when snapshot copy is successful +
    snapshot id of the newly created snapshot
    +
    +
    Sample:
    +
    snap-e9095e8c
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Deepak Kothandan (@Deepakkothandan) + + diff --git a/docs/community.aws.ec2_transit_gateway_info_module.rst b/docs/community.aws.ec2_transit_gateway_info_module.rst new file mode 100644 index 00000000000..33a44105ca3 --- /dev/null +++ b/docs/community.aws.ec2_transit_gateway_info_module.rst @@ -0,0 +1,606 @@ +.. _community.aws.ec2_transit_gateway_info_module: + + +************************************** +community.aws.ec2_transit_gateway_info +************************************** + +**Gather information about ec2 transit gateways in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 transit gateways in AWS + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html for filters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + transit_gateway_ids + +
    + list +
    +     		+ +
    A list of transit gateway IDs to gather information for.
    +

    aliases: transit_gateway_id
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather info about all transit gateways + community.aws.ec2_transit_gateway_info: + + - name: Gather info about a particular transit gateway using filter transit gateway ID + community.aws.ec2_transit_gateway_info: + filters: + transit-gateway-id: tgw-02c42332e6b7da829 + + - name: Gather info about a particular transit gateway using multiple option filters + community.aws.ec2_transit_gateway_info: + filters: + options.dns-support: enable + options.vpn-ecmp-support: enable + + - name: Gather info about multiple transit gateways using module param + community.aws.ec2_transit_gateway_info: + transit_gateway_ids: + - tgw-02c42332e6b7da829 + - tgw-03c53443d5a8cb716 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + transit_gateways + +
    + complex +
    +     		on success +
    Transit gateways that match the provided filters. Each element consists of a dict with all the information related to that transit gateway.
    +
    +
      +
    + creation_time + +
    + string +
    +     		always +
    The creation time.
    +
    +
    Sample:
    +
    2019-02-05T16:19:58+00:00
    +
      +
    + description + +
    + string +
    +     		always +
    The description of the transit gateway.
    +
    +
    Sample:
    +
    A transit gateway
    +
      +
    + options + +
    + complex +
    +     		always +
    A dictionary of the transit gateway options.
    +
    +
       +
    + amazon_side_asn + +
    + integer +
    +     		always +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    +
    +
    Sample:
    +
    64512
    +
       +
    + association_default_route_table_id + +
    + string +
    +     		when present +
    The ID of the default association route table.
    +
    +
    Sample:
    +
    rtb-11223344
    +
       +
    + auto_accept_shared_attachments + +
    + string +
    +     		always +
    Indicates whether attachment requests are automatically accepted.
    +
    +
    Sample:
    +
    enable
    +
       +
    + default_route_table_association + +
    + string +
    +     		always +
    Indicates whether resource attachments are automatically associated with the default association route table.
    +
    +
    Sample:
    +
    disable
    +
       +
    + default_route_table_propagation + +
    + string +
    +     		always +
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    +
    +
    Sample:
    +
    disable
    +
       +
    + dns_support + +
    + string +
    +     		always +
    Indicates whether DNS support is enabled.
    +
    +
    Sample:
    +
    enable
    +
       +
    + propagation_default_route_table_id + +
    + string +
    +     		when present +
    The ID of the default propagation route table.
    +
    +
    Sample:
    +
    rtb-11223344
    +
       +
    + vpn_ecmp_support + +
    + string +
    +     		always +
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    +
    +
    Sample:
    +
    enable
    +
      +
    + owner_id + +
    + string +
    +     		always +
    The AWS account number ID which owns the transit gateway.
    +
    +
    Sample:
    +
    1234567654323
    +
      +
    + state + +
    + string +
    +     		always +
    The state of the transit gateway.
    +
    +
    Sample:
    +
    available
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    A dict of tags associated with the transit gateway.
    +
    +
    Sample:
    +
    { "Name": "A sample TGW" }
    +
      +
    + transit_gateway_arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the transit gateway.
    +
    +
    Sample:
    +
    arn:aws:ec2:us-west-2:1234567654323:transit-gateway/tgw-02c42332e6b7da829
    +
      +
    + transit_gateway_id + +
    + string +
    +     		always +
    The ID of the transit gateway.
    +
    +
    Sample:
    +
    tgw-02c42332e6b7da829
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Bob Boldin (@BobBoldin) + + diff --git a/docs/community.aws.ec2_transit_gateway_module.rst b/docs/community.aws.ec2_transit_gateway_module.rst new file mode 100644 index 00000000000..507be21f2ea --- /dev/null +++ b/docs/community.aws.ec2_transit_gateway_module.rst @@ -0,0 +1,819 @@ +.. _community.aws.ec2_transit_gateway_module: + + +********************************* +community.aws.ec2_transit_gateway +********************************* + +**Create and delete AWS Transit Gateways** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS Transit Gateways. +- Deletes AWS Transit Gateways. +- Updates tags on existing transit gateways. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + asn + +
    + integer +
    +     		+ +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
    +
    The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    +
    +
    + auto_associate + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Enable or disable automatic association with the default association route table.
    +
    +
    + auto_attach + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enable or disable automatic acceptance of attachment requests.
    +
    +
    + auto_propagate + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Enable or disable automatic propagation of routes to the default propagation route table.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    The description of the transit gateway.
    +
    +
    + dns_support + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to enable AWS DNS support.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to purge existing tags not included with tags argument.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    present to ensure resource is created.
    +
    absent to remove resource.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of resource tags
    +
    +
    + transit_gateway_id + +
    + string +
    +     		+ +
    The ID of the transit gateway.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpn_ecmp_support + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Enable or disable Equal Cost Multipath Protocol support.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to wait for status
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    number of seconds to wait for status
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new transit gateway using defaults + community.aws.ec2_transit_gateway: + state: present + region: us-east-1 + description: personal-testing + register: created_tgw + + - name: Create a new transit gateway with options + community.aws.ec2_transit_gateway: + asn: 64514 + auto_associate: no + auto_propagate: no + dns_support: True + description: "nonprod transit gateway" + purge_tags: False + state: present + region: us-east-1 + tags: + Name: nonprod transit gateway + status: testing + + - name: Remove a transit gateway by description + community.aws.ec2_transit_gateway: + state: absent + region: us-east-1 + description: personal-testing + + - name: Remove a transit gateway by id + community.aws.ec2_transit_gateway: + state: absent + region: ap-southeast-2 + transit_gateway_id: tgw-3a9aa123 + register: deleted_tgw + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + transit_gateway + +
    + complex +
    +     		state=present +
    The attributes of the transit gateway.
    +
    +
      +
    + creation_time + +
    + string +
    +     		always +
    The creation time of the transit gateway.
    +
    +
    Sample:
    +
    2019-03-06T17:13:51+00:00
    +
      +
    + description + +
    + string +
    +     		always +
    The description of the transit gateway.
    +
    +
    Sample:
    +
    my test tgw
    +
      +
    + options + +
    + complex +
    +     		always +
    The options attributes of the transit gateway
    +
    +
       +
    + amazon_side_asn + +
    + string +
    +     		always +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    +
    +
    Sample:
    +
    64512
    +
       +
    + association_default_route_table_id + +
    + string +
    +     		Iwhen exists +
    The ID of the default association route table.
    +
    +
    Sample:
    +
    tgw-rtb-abc123444
    +
       +
    + auto_accept_shared_attachements + +
    + string +
    +     		always +
    Indicates whether attachment requests are automatically accepted.
    +
    +
    Sample:
    +
    disable
    +
       +
    + default_route_table_association + +
    + string +
    +     		always +
    Indicates whether resource attachments are automatically associated with the default association route table.
    +
    +
    Sample:
    +
    enable
    +
       +
    + default_route_table_propagation + +
    + string +
    +     		always +
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    +
    +
    Sample:
    +
    disable
    +
       +
    + dns_support + +
    + string +
    +     		always +
    Indicates whether DNS support is enabled.
    +
    +
    Sample:
    +
    enable
    +
       +
    + propagation_default_route_table_id + +
    + string +
    +     		when exists +
    The ID of the default propagation route table.
    +
    +
    Sample:
    +
    tgw-rtb-def456777
    +
       +
    + vpn_ecmp_support + +
    + string +
    +     		always +
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    +
    +
    Sample:
    +
    enable
    +
      +
    + owner_id + +
    + string +
    +     		always +
    The account that owns the transit gateway.
    +
    +
    Sample:
    +
    123456789012
    +
      +
    + state + +
    + string +
    +     		always +
    The state of the transit gateway.
    +
    +
    Sample:
    +
    pending
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    A dictionary of resource tags
    +
    +
    Sample:
    +
    {'tags': {'Name': 'nonprod_tgw'}}
    +
      +
    + transit_gateway_arn + +
    + string +
    +     		always +
    The ID of the transit_gateway.
    +
    +
    Sample:
    +
    tgw-3a9aa123
    +
      +
    + transit_gateway_id + +
    + string +
    +     		always +
    The ID of the transit_gateway.
    +
    +
    Sample:
    +
    tgw-3a9aa123
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Bob Boldin (@BobBoldin) + + diff --git a/docs/community.aws.ec2_vpc_egress_igw_module.rst b/docs/community.aws.ec2_vpc_egress_igw_module.rst new file mode 100644 index 00000000000..36eaf3e1401 --- /dev/null +++ b/docs/community.aws.ec2_vpc_egress_igw_module.rst @@ -0,0 +1,318 @@ +.. _community.aws.ec2_vpc_egress_igw_module: + + +******************************** +community.aws.ec2_vpc_egress_igw +******************************** + +**Manage an AWS VPC Egress Only Internet gateway** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS VPC Egress Only Internet gateway + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete the EIGW.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string + / required
    +     		+ +
    The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Ensure that the VPC has an Internet Gateway. + # The Internet Gateway ID is can be accessed via {{eigw.gateway_id}} for use in setting up NATs etc. + - community.aws.ec2_vpc_egress_igw: + vpc_id: vpc-abcdefgh + state: present + register: eigw + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + gateway_id + +
    + string +
    +     		always +
    The ID of the Egress Only Internet Gateway or Null.
    +
    +
    Sample:
    +
    eigw-0e00cf111ba5bc11e
    +
    +
    + vpc_id + +
    + string +
    +     		always +
    The ID of the VPC to attach or detach gateway from.
    +
    +
    Sample:
    +
    vpc-012345678
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Daniel Shepherd (@shepdelacreme) + + diff --git a/docs/community.aws.ec2_vpc_endpoint_info_module.rst b/docs/community.aws.ec2_vpc_endpoint_info_module.rst new file mode 100644 index 00000000000..ee83c340bd3 --- /dev/null +++ b/docs/community.aws.ec2_vpc_endpoint_info_module.rst @@ -0,0 +1,359 @@ +.. _community.aws.ec2_vpc_endpoint_info_module: + + +*********************************** +community.aws.ec2_vpc_endpoint_info +*********************************** + +**Retrieves AWS VPC endpoints details using AWS methods.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to AWS VPC Endpoints. +- This module was called ``ec2_vpc_endpoint_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html for possible filters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + query + +
    + string + / required
    +     		+
      Choices: +
    • services
      • +
    • endpoints
      • +
    +     		+
    Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_endpoint_ids + +
    + list + / elements=string
    +     		+ +
    Get details of specific endpoint IDs
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all support AWS services for VPC endpoints + - name: List supported AWS endpoint services + community.aws.ec2_vpc_endpoint_info: + query: services + region: ap-southeast-2 + register: supported_endpoint_services + + - name: Get all endpoints in ap-southeast-2 region + community.aws.ec2_vpc_endpoint_info: + query: endpoints + region: ap-southeast-2 + register: existing_endpoints + + - name: Get all endpoints with specific filters + community.aws.ec2_vpc_endpoint_info: + query: endpoints + region: ap-southeast-2 + filters: + vpc-id: + - vpc-12345678 + - vpc-87654321 + vpc-endpoint-state: + - available + - pending + register: existing_endpoints + + - name: Get details on specific endpoint + community.aws.ec2_vpc_endpoint_info: + query: endpoints + region: ap-southeast-2 + vpc_endpoint_ids: + - vpce-12345678 + register: endpoint_details + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + service_names + +
    + list +
    +     		query is services +
    AWS VPC endpoint service names
    +
    +
    Sample:
    +
    {'service_names': ['com.amazonaws.ap-southeast-2.s3']}
    +
    +
    + vpc_endpoints + +
    + list +
    +     		query is endpoints +
    A list of endpoints that match the query. Each endpoint has the keys creation_timestamp, policy_document, route_table_ids, service_name, state, vpc_endpoint_id, vpc_id.
    +
    +
    Sample:
    +
    {'vpc_endpoints': [{'creation_timestamp': '2017-02-16T11:06:48+00:00', 'policy_document': '"{"Version":"2012-10-17","Id":"Policy1450910922815", "Statement":[{"Sid":"Stmt1450910920641","Effect":"Allow", "Principal":"*","Action":"s3:*","Resource":["arn:aws:s3:::*/*","arn:aws:s3:::*"]}]}"\n', 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'state': 'available', 'vpc_endpoint_id': 'vpce-abbad0d0', 'vpc_id': 'vpc-1111ffff'}]}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + diff --git a/docs/community.aws.ec2_vpc_endpoint_module.rst b/docs/community.aws.ec2_vpc_endpoint_module.rst new file mode 100644 index 00000000000..01772dbebfd --- /dev/null +++ b/docs/community.aws.ec2_vpc_endpoint_module.rst @@ -0,0 +1,467 @@ +.. _community.aws.ec2_vpc_endpoint_module: + + +****************************** +community.aws.ec2_vpc_endpoint +****************************** + +**Create and delete AWS VPC Endpoints.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS VPC endpoints. +- Deletes AWS VPC endpoints. +- This module supports check mode. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + client_token + +
    + string +
    +     		+ +
    Optional client token to ensure idempotency
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + policy + +
    + json +
    +     		+ +
    A properly formatted json policy as string, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813. Cannot be used with policy_file.
    +
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    +
    +
    + policy_file + +
    + path +
    +     		+ +
    The path to the properly json formatted policy file, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly. Cannot be used with policy.
    +
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    +

    aliases: policy_path
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + route_table_ids + +
    + list + / elements=string
    +     		+ +
    List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + service + +
    + string +
    +     		+ +
    An AWS supported vpc endpoint service. Use the community.aws.ec2_vpc_endpoint_info module to describe the supported endpoint services.
    +
    Required when creating an endpoint.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    present to ensure resource is created.
    +
    absent to remove resource
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_endpoint_id + +
    + string +
    +     		+ +
    One or more vpc endpoint ids to remove from the AWS account
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    Required when creating a VPC endpoint.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    320
    +     		+
    Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create new vpc endpoint with a json template for policy + community.aws.ec2_vpc_endpoint: + state: present + region: ap-southeast-2 + vpc_id: vpc-12345678 + service: com.amazonaws.ap-southeast-2.s3 + policy: " {{ lookup( 'template', 'endpoint_policy.json.j2') }} " + route_table_ids: + - rtb-12345678 + - rtb-87654321 + register: new_vpc_endpoint + + - name: Create new vpc endpoint with the default policy + community.aws.ec2_vpc_endpoint: + state: present + region: ap-southeast-2 + vpc_id: vpc-12345678 + service: com.amazonaws.ap-southeast-2.s3 + route_table_ids: + - rtb-12345678 + - rtb-87654321 + register: new_vpc_endpoint + + - name: Create new vpc endpoint with json file + community.aws.ec2_vpc_endpoint: + state: present + region: ap-southeast-2 + vpc_id: vpc-12345678 + service: com.amazonaws.ap-southeast-2.s3 + policy_file: "{{ role_path }}/files/endpoint_policy.json" + route_table_ids: + - rtb-12345678 + - rtb-87654321 + register: new_vpc_endpoint + + - name: Delete newly created vpc endpoint + community.aws.ec2_vpc_endpoint: + state: absent + vpc_endpoint_id: "{{ new_vpc_endpoint.result['VpcEndpointId'] }}" + region: ap-southeast-2 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + endpoints + +
    + list +
    +     		success +
    The resulting endpoints from the module call
    +
    +
    Sample:
    +
    [{'creation_timestamp': '2017-02-20T05:04:15+00:00', 'policy_document': {'Id': 'Policy1450910922815', 'Statement': [{'Action': 's3:*', 'Effect': 'Allow', 'Principal': '*', 'Resource': ['arn:aws:s3:::*/*', 'arn:aws:s3:::*'], 'Sid': 'Stmt1450910920641'}], 'Version': '2012-10-17'}, 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'vpc_endpoint_id': 'vpce-a1b2c3d4', 'vpc_id': 'vpc-abbad0d0'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + diff --git a/docs/community.aws.ec2_vpc_igw_info_module.rst b/docs/community.aws.ec2_vpc_igw_info_module.rst new file mode 100644 index 00000000000..69140031b7f --- /dev/null +++ b/docs/community.aws.ec2_vpc_igw_info_module.rst @@ -0,0 +1,329 @@ +.. _community.aws.ec2_vpc_igw_info_module: + + +****************************** +community.aws.ec2_vpc_igw_info +****************************** + +**Gather information about internet gateways in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about internet gateways in AWS. +- This module was called ``ec2_vpc_igw_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html for possible filters.
    +
    +
    + internet_gateway_ids + +
    + list + / elements=string
    +     		+ +
    Get details of specific Internet Gateway ID. Provide this value as a list.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all Internet Gateways for an account or profile + community.aws.ec2_vpc_igw_info: + region: ap-southeast-2 + profile: production + register: igw_info + + - name: Gather information about a filtered list of Internet Gateways + community.aws.ec2_vpc_igw_info: + region: ap-southeast-2 + profile: production + filters: + "tag:Name": "igw-123" + register: igw_info + + - name: Gather information about a specific internet gateway by InternetGatewayId + community.aws.ec2_vpc_igw_info: + region: ap-southeast-2 + profile: production + internet_gateway_ids: igw-c1231234 + register: igw_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    True if listing the internet gateways succeeds.
    +
    +
    Sample:
    +
    false
    +
    +
    + internet_gateways + +
    + list +
    +     		always +
    The internet gateways for the account.
    +
    +
    Sample:
    +
    [{'attachments': [{'state': 'available', 'vpc_id': 'vpc-02123b67'}], 'internet_gateway_id': 'igw-2123634d', 'tags': [{'key': 'Name', 'value': 'test-vpc-20-igw'}]}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) + + diff --git a/docs/community.aws.ec2_vpc_igw_module.rst b/docs/community.aws.ec2_vpc_igw_module.rst new file mode 100644 index 00000000000..b7ae748cba2 --- /dev/null +++ b/docs/community.aws.ec2_vpc_igw_module.rst @@ -0,0 +1,370 @@ +.. _community.aws.ec2_vpc_igw_module: + + +************************* +community.aws.ec2_vpc_igw +************************* + +**Manage an AWS VPC Internet gateway** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS VPC Internet gateway + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or terminate the IGW
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
    +

    aliases: resource_tags
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string + / required
    +     		+ +
    The VPC ID for the VPC in which to manage the Internet Gateway.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Ensure that the VPC has an Internet Gateway. + # The Internet Gateway ID is can be accessed via {{igw.gateway_id}} for use in setting up NATs etc. + - community.aws.ec2_vpc_igw: + vpc_id: vpc-abcdefgh + state: present + register: igw + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    If any changes have been made to the Internet Gateway.
    +
    +
    Sample:
    +
    {'changed': False}
    +
    +
    + gateway_id + +
    + string +
    +     		state=present +
    The unique identifier for the Internet Gateway.
    +
    +
    Sample:
    +
    {'gateway_id': 'igw-XXXXXXXX'}
    +
    +
    + tags + +
    + dictionary +
    +     		state=present +
    The tags associated the Internet Gateway.
    +
    +
    Sample:
    +
    {'tags': {'Ansible': 'Test'}}
    +
    +
    + vpc_id + +
    + string +
    +     		state=present +
    The VPC ID associated with the Internet Gateway.
    +
    +
    Sample:
    +
    {'vpc_id': 'vpc-XXXXXXXX'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Robert Estelle (@erydo) + + diff --git a/docs/community.aws.ec2_vpc_nacl_info_module.rst b/docs/community.aws.ec2_vpc_nacl_info_module.rst new file mode 100644 index 00000000000..345affd043e --- /dev/null +++ b/docs/community.aws.ec2_vpc_nacl_info_module.rst @@ -0,0 +1,426 @@ +.. _community.aws.ec2_vpc_nacl_info_module: + + +******************************* +community.aws.ec2_vpc_nacl_info +******************************* + +**Gather information about Network ACLs in an AWS VPC** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about Network ACLs in an AWS VPC +- This module was called ``ec2_vpc_nacl_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html for possible filters. Filter names and values are case sensitive.
    +
    +
    + nacl_ids + +
    + list +
    +     		+ Default:
    []
    +     		+
    A list of Network ACL IDs to retrieve information about.
    +

    aliases: nacl_id
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - By default, the module will return all Network ACLs. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Gather information about all Network ACLs: + - name: Get All NACLs + community.aws.ec2_vpc_nacl_info: + region: us-west-2 + register: all_nacls + + # Retrieve default Network ACLs: + - name: Get Default NACLs + community.aws.ec2_vpc_nacl_info: + region: us-west-2 + filters: + 'default': 'true' + register: default_nacls + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + nacls + +
    + complex +
    +     		success +
    Returns an array of complex objects as described below.
    +
    +
      +
    + egress + +
    + list + / elements=list
    +     		always +
    A list of NACL egress rules with the following format.
    +
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    +
    +
    Sample:
    +
    [[100, 'all', 'allow', '0.0.0.0/0', None, None, None, None]]
    +
      +
    + ingress + +
    + list + / elements=list
    +     		always +
    A list of NACL ingress rules with the following format.
    +
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    +
    +
    Sample:
    +
    [[100, 'tcp', 'allow', '0.0.0.0/0', None, None, 22, 22]]
    +
      +
    + is_default + +
    + boolean +
    +     		always +
    True if the NACL is the default for its VPC.
    +
    +
      +
    + nacl_id + +
    + string +
    +     		always +
    The ID of the Network Access Control List.
    +
    +
      +
    + subnets + +
    + list + / elements=string
    +     		always +
    A list of subnet IDs that are associated with the NACL.
    +
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    A dict of tags associated with the NACL.
    +
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    The ID of the VPC that the NACL is attached to.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Brad Davidson (@brandond) + + diff --git a/docs/community.aws.ec2_vpc_nacl_module.rst b/docs/community.aws.ec2_vpc_nacl_module.rst new file mode 100644 index 00000000000..a3736d26ff6 --- /dev/null +++ b/docs/community.aws.ec2_vpc_nacl_module.rst @@ -0,0 +1,462 @@ +.. _community.aws.ec2_vpc_nacl_module: + + +************************** +community.aws.ec2_vpc_nacl +************************** + +**create and delete Network ACLs.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for Network ACLS https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + egress + +
    + list +
    +     		+ Default:
    []
    +     		+
    A list of rules for outgoing traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    +
    +
    + ingress + +
    + list +
    +     		+ Default:
    []
    +     		+
    List of rules for incoming traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    +
    +
    + nacl_id + +
    + string +
    +     		+ +
    NACL id identifying a network ACL.
    +
    One and only one of the name or nacl_id is required.
    +
    +
    + name + +
    + string +
    +     		+ +
    Tagged name identifying a network ACL.
    +
    One and only one of the name or nacl_id is required.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Creates or modifies an existing NACL
    +
    Deletes a NACL and reassociates subnets to the default NACL
    +
    +
    + subnets + +
    + list +
    +     		+ +
    The list of subnets that should be associated with the network ACL.
    +
    Must be specified as a list
    +
    Each subnet can be specified as subnet ID, or its tagged name.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Dictionary of tags to look for and apply when creating a network ACL.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    VPC id of the requesting VPC.
    +
    Required when state present.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + # Complete example to create and delete a network ACL + # that allows SSH, HTTP and ICMP in, and all traffic out. + - name: "Create and associate production DMZ network ACL with DMZ subnets" + community.aws.ec2_vpc_nacl: + vpc_id: vpc-12345678 + name: prod-dmz-nacl + region: ap-southeast-2 + subnets: ['prod-dmz-1', 'prod-dmz-2'] + tags: + CostCode: CC1234 + Project: phoenix + Description: production DMZ + ingress: + # rule no, protocol, allow/deny, cidr, icmp_type, icmp_code, + # port from, port to + - [100, 'tcp', 'allow', '0.0.0.0/0', null, null, 22, 22] + - [200, 'tcp', 'allow', '0.0.0.0/0', null, null, 80, 80] + - [300, 'icmp', 'allow', '0.0.0.0/0', 0, 8] + egress: + - [100, 'all', 'allow', '0.0.0.0/0', null, null, null, null] + state: 'present' + + - name: "Remove the ingress and egress rules - defaults to deny all" + community.aws.ec2_vpc_nacl: + vpc_id: vpc-12345678 + name: prod-dmz-nacl + region: ap-southeast-2 + subnets: + - prod-dmz-1 + - prod-dmz-2 + tags: + CostCode: CC1234 + Project: phoenix + Description: production DMZ + state: present + + - name: "Remove the NACL subnet associations and tags" + community.aws.ec2_vpc_nacl: + vpc_id: 'vpc-12345678' + name: prod-dmz-nacl + region: ap-southeast-2 + state: present + + - name: "Delete nacl and subnet associations" + community.aws.ec2_vpc_nacl: + vpc_id: vpc-12345678 + name: prod-dmz-nacl + state: absent + + - name: "Delete nacl by its id" + community.aws.ec2_vpc_nacl: + nacl_id: acl-33b4ee5b + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + nacl_id + +
    + string +
    +     		success +
    The id of the NACL (when creating or updating an ACL)
    +
    +
    Sample:
    +
    acl-123456789abcdef01
    +
    +
    + task + +
    + dictionary +
    +     		success +
    The result of the create, or delete action.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) + + diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst new file mode 100644 index 00000000000..b7bd64d6cb9 --- /dev/null +++ b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst @@ -0,0 +1,320 @@ +.. _community.aws.ec2_vpc_nat_gateway_info_module: + + +************************************** +community.aws.ec2_vpc_nat_gateway_info +************************************** + +**Retrieves AWS VPC Managed Nat Gateway details using AWS methods.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to AWS VPC Managed Nat Gateways +- This module was called ``ec2_vpc_nat_gateway_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html for possible filters.
    +
    +
    + nat_gateway_ids + +
    + list + / elements=string
    +     		+ +
    List of specific nat gateway IDs to fetch details for.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all nat gateways + - name: List all managed nat gateways in ap-southeast-2 + community.aws.ec2_vpc_nat_gateway_info: + region: ap-southeast-2 + register: all_ngws + + - name: Debugging the result + debug: + msg: "{{ all_ngws.result }}" + + - name: Get details on specific nat gateways + community.aws.ec2_vpc_nat_gateway_info: + nat_gateway_ids: + - nat-1234567891234567 + - nat-7654321987654321 + region: ap-southeast-2 + register: specific_ngws + + - name: Get all nat gateways with specific filters + community.aws.ec2_vpc_nat_gateway_info: + region: ap-southeast-2 + filters: + state: ['pending'] + register: pending_ngws + + - name: Get nat gateways with specific filter + community.aws.ec2_vpc_nat_gateway_info: + region: ap-southeast-2 + filters: + subnet-id: subnet-12345678 + state: ['available'] + register: existing_nat_gateways + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + result + +
    + list +
    +     		success +
    The result of the describe, converted to ansible snake case style. See http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_nat_gateways for the response.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + diff --git a/docs/community.aws.ec2_vpc_nat_gateway_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_module.rst new file mode 100644 index 00000000000..b94a4eb28aa --- /dev/null +++ b/docs/community.aws.ec2_vpc_nat_gateway_module.rst @@ -0,0 +1,587 @@ +.. _community.aws.ec2_vpc_nat_gateway_module: + + +********************************* +community.aws.ec2_vpc_nat_gateway +********************************* + +**Manage AWS VPC NAT Gateways.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Ensure the state of AWS VPC NAT Gateways based on their id, allocation and subnet ids. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + allocation_id + +
    + string +
    +     		+ +
    The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + client_token + +
    + string +
    +     		+ +
    Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + eip_address + +
    + string +
    +     		+ +
    The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
    +
    +
    + if_exist_do_not_create + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    if a NAT Gateway exists already in the subnet_id, then do not create a new one.
    +
    +
    + nat_gateway_id + +
    + string +
    +     		+ +
    The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + release_eip + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Deallocate the EIP from the VPC.
    +
    Option is only valid with the absent state.
    +
    You should use this with the wait option. Since you can not release an address while a delete operation is happening.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Ensure NAT Gateway is present or absent.
    +
    +
    + subnet_id + +
    + string +
    +     		+ +
    The id of the subnet to create the NAT Gateway in. This is required with the present option.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for operation to complete before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    320
    +     		+
    How many seconds to wait for an operation to complete before timing out.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create new nat gateway with client token. + community.aws.ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + eip_address: 52.1.1.1 + region: ap-southeast-2 + client_token: abcd-12345678 + register: new_nat_gateway + + - name: Create new nat gateway using an allocation-id. + community.aws.ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + allocation_id: eipalloc-12345678 + region: ap-southeast-2 + register: new_nat_gateway + + - name: Create new nat gateway, using an EIP address and wait for available status. + community.aws.ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + eip_address: 52.1.1.1 + wait: true + region: ap-southeast-2 + register: new_nat_gateway + + - name: Create new nat gateway and allocate new EIP. + community.aws.ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + wait: true + region: ap-southeast-2 + register: new_nat_gateway + + - name: Create new nat gateway and allocate new EIP if a nat gateway does not yet exist in the subnet. + community.aws.ec2_vpc_nat_gateway: + state: present + subnet_id: subnet-12345678 + wait: true + region: ap-southeast-2 + if_exist_do_not_create: true + register: new_nat_gateway + + - name: Delete nat gateway using discovered nat gateways from facts module. + community.aws.ec2_vpc_nat_gateway: + state: absent + region: ap-southeast-2 + wait: true + nat_gateway_id: "{{ item.NatGatewayId }}" + release_eip: true + register: delete_nat_gateway_result + loop: "{{ gateways_to_remove.result }}" + + - name: Delete nat gateway and wait for deleted status. + community.aws.ec2_vpc_nat_gateway: + state: absent + nat_gateway_id: nat-12345678 + wait: true + wait_timeout: 500 + region: ap-southeast-2 + + - name: Delete nat gateway and release EIP. + community.aws.ec2_vpc_nat_gateway: + state: absent + nat_gateway_id: nat-12345678 + release_eip: true + wait: yes + wait_timeout: 300 + region: ap-southeast-2 + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + create_time + +
    + string +
    +     		In all cases. +
    The ISO 8601 date time format in UTC.
    +
    +
    Sample:
    +
    2016-03-05T05:19:20.282000+00:00'
    +
    +
    + nat_gateway_addresses + +
    + string +
    +     		In all cases. +
    List of dictionaries containing the public_ip, network_interface_id, private_ip, and allocation_id.
    +
    +
    Sample:
    +
    [{'public_ip': '52.52.52.52', 'network_interface_id': 'eni-12345', 'private_ip': '10.0.0.100', 'allocation_id': 'eipalloc-12345'}]
    +
    +
    + nat_gateway_id + +
    + string +
    +     		In all cases. +
    id of the VPC NAT Gateway
    +
    +
    Sample:
    +
    nat-0d1e3a878585988f8
    +
    +
    + state + +
    + string +
    +     		In all cases. +
    The current state of the NAT Gateway.
    +
    +
    Sample:
    +
    available
    +
    +
    + subnet_id + +
    + string +
    +     		In all cases. +
    id of the Subnet
    +
    +
    Sample:
    +
    subnet-12345
    +
    +
    + vpc_id + +
    + string +
    +     		In all cases. +
    id of the VPC.
    +
    +
    Sample:
    +
    vpc-12345
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Allen Sanabria (@linuxdynasty) +- Jon Hadfield (@jonhadfield) +- Karen Cheng (@Etherdaemon) + + diff --git a/docs/community.aws.ec2_vpc_peer_module.rst b/docs/community.aws.ec2_vpc_peer_module.rst new file mode 100644 index 00000000000..ddf59a4ce77 --- /dev/null +++ b/docs/community.aws.ec2_vpc_peer_module.rst @@ -0,0 +1,518 @@ +.. _community.aws.ec2_vpc_peer_module: + + +************************** +community.aws.ec2_vpc_peer +************************** + +**create, delete, accept, and reject VPC peering connections between two VPCs.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Read the AWS documentation for VPC Peering Connections https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-peering.html. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + peer_owner_id + +
    + string +
    +     		+ +
    The AWS account number for cross account peering.
    +
    +
    + peer_region + +
    + string +
    +     		+ +
    Region of the accepting VPC.
    +
    +
    + peer_vpc_id + +
    + string +
    +     		+ +
    VPC id of the accepting VPC.
    +
    +
    + peering_id + +
    + string +
    +     		+ +
    Peering connection id.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • accept
      • +
    • reject
      • +
    +     		+
    Create, delete, accept, reject a peering connection.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Dictionary of tags to look for and apply when creating a Peering Connection.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    VPC id of the requesting VPC.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Complete example to create and accept a local peering connection. + - name: Create local account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept local VPC peering request + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: accept + register: action_peer + + # Complete example to delete a local peering connection. + - name: Create local account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: delete a local VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: absent + register: vpc_peer + + # Complete example to create and accept a cross account peering connection. + - name: Create cross account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-12345678 + peer_owner_id: 123456789102 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept peering connection from remote account + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + profile: bot03_profile_for_cross_account + state: accept + register: vpc_peer + + # Complete example to create and accept an intra-region peering connection. + - name: Create intra-region VPC peering Connection + community.aws.ec2_vpc_peer: + region: us-east-1 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + peer_region: us-west-2 + state: present + tags: + Name: Peering connection for us-east-1 VPC to us-west-2 VPC + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept peering connection from peer region + community.aws.ec2_vpc_peer: + region: us-west-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: accept + register: vpc_peer + + # Complete example to create and reject a local peering connection. + - name: Create local account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-87654321 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Reject a local VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + state: reject + + # Complete example to create and accept a cross account peering connection. + - name: Create cross account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-12345678 + peer_owner_id: 123456789102 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Accept a cross account VPC peering connection request + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + profile: bot03_profile_for_cross_account + state: accept + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + + # Complete example to create and reject a cross account peering connection. + - name: Create cross account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + vpc_id: vpc-12345678 + peer_vpc_id: vpc-12345678 + peer_owner_id: 123456789102 + state: present + tags: + Name: Peering connection for VPC 21 to VPC 22 + CostCode: CC1234 + Project: phoenix + register: vpc_peer + + - name: Reject a cross account VPC peering Connection + community.aws.ec2_vpc_peer: + region: ap-southeast-2 + peering_id: "{{ vpc_peer.peering_id }}" + profile: bot03_profile_for_cross_account + state: reject + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + task + +
    + dictionary +
    +     		success +
    The result of the create, accept, reject or delete action.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mike Mochan (@mmochan) + + diff --git a/docs/community.aws.ec2_vpc_peering_info_module.rst b/docs/community.aws.ec2_vpc_peering_info_module.rst new file mode 100644 index 00000000000..daa5c314c37 --- /dev/null +++ b/docs/community.aws.ec2_vpc_peering_info_module.rst @@ -0,0 +1,312 @@ +.. _community.aws.ec2_vpc_peering_info_module: + + +********************************** +community.aws.ec2_vpc_peering_info +********************************** + +**Retrieves AWS VPC Peering details using AWS methods.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to AWS VPC Peers +- This module was called ``ec2_vpc_peering_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html for possible filters.
    +
    +
    + peer_connection_ids + +
    + list + / elements=string
    +     		+ +
    List of specific VPC peer IDs to get details for.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all VPC Peers + - name: List all vpc peers + community.aws.ec2_vpc_peering_info: + region: ap-southeast-2 + register: all_vpc_peers + + - name: Debugging the result + debug: + msg: "{{ all_vpc_peers.result }}" + + - name: Get details on specific VPC peer + community.aws.ec2_vpc_peering_info: + peer_connection_ids: + - pcx-12345678 + - pcx-87654321 + region: ap-southeast-2 + register: all_vpc_peers + + - name: Get all vpc peers with specific filters + community.aws.ec2_vpc_peering_info: + region: ap-southeast-2 + filters: + status-code: ['pending-acceptance'] + register: pending_vpc_peers + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + result + +
    + list +
    +     		success +
    The result of the describe.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + diff --git a/docs/community.aws.ec2_vpc_route_table_info_module.rst b/docs/community.aws.ec2_vpc_route_table_info_module.rst new file mode 100644 index 00000000000..930e72799d7 --- /dev/null +++ b/docs/community.aws.ec2_vpc_route_table_info_module.rst @@ -0,0 +1,262 @@ +.. _community.aws.ec2_vpc_route_table_info_module: + + +************************************** +community.aws.ec2_vpc_route_table_info +************************************** + +**Gather information about ec2 VPC route tables in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ec2 VPC route tables in AWS +- This module was called ``ec2_vpc_route_table_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html for possible filters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all VPC route tables + community.aws.ec2_vpc_route_table_info: + + - name: Gather information about a particular VPC route table using route table ID + community.aws.ec2_vpc_route_table_info: + filters: + route-table-id: rtb-00112233 + + - name: Gather information about any VPC route table with a tag key Name and value Example + community.aws.ec2_vpc_route_table_info: + filters: + "tag:Name": Example + + - name: Gather information about any VPC route table within VPC with ID vpc-abcdef00 + community.aws.ec2_vpc_route_table_info: + filters: + vpc-id: vpc-abcdef00 + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.ec2_vpc_route_table_module.rst b/docs/community.aws.ec2_vpc_route_table_module.rst new file mode 100644 index 00000000000..3891bd4803a --- /dev/null +++ b/docs/community.aws.ec2_vpc_route_table_module.rst @@ -0,0 +1,817 @@ +.. _community.aws.ec2_vpc_route_table_module: + + +********************************* +community.aws.ec2_vpc_route_table +********************************* + +**Manage route tables for AWS virtual private clouds** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage route tables for AWS virtual private clouds + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + lookup + +
    + string +
    +     		+
      Choices: +
    • tag ←
      • +
    • id
      • +
    +     		+
    Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + propagating_vgw_ids + +
    + list + / elements=string
    +     		+ +
    Enable route propagation from virtual gateways specified by ID.
    +
    +
    + purge_routes + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Purge existing routes that are not found in routes.
    +
    +
    + purge_subnets + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    + Default:
    "true"
    +     		+
    Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing tags that are not found in route table.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + route_table_id + +
    + string +
    +     		+ +
    The ID of the route table to update or delete.
    +
    Required when lookup=id.
    +
    +
    + routes + +
    + list + / elements=dictionary
    +     		+ +
    List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or destroy the VPC route table.
    +
    +
    + subnets + +
    + list + / elements=string
    +     		+ +
    An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.
    +

    aliases: resource_tags
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    VPC ID of the VPC in which to create the route table.
    +
    Required when state=present or lookup=tag.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic creation example: + - name: Set up public subnet route table + community.aws.ec2_vpc_route_table: + vpc_id: vpc-1245678 + region: us-west-1 + tags: + Name: Public + subnets: + - "{{ jumpbox_subnet.subnet.id }}" + - "{{ frontend_subnet.subnet.id }}" + - "{{ vpn_subnet.subnet_id }}" + routes: + - dest: 0.0.0.0/0 + gateway_id: "{{ igw.gateway_id }}" + register: public_route_table + + - name: Set up NAT-protected route table + community.aws.ec2_vpc_route_table: + vpc_id: vpc-1245678 + region: us-west-1 + tags: + Name: Internal + subnets: + - "{{ application_subnet.subnet.id }}" + - 'Database Subnet' + - '10.0.0.0/8' + routes: + - dest: 0.0.0.0/0 + instance_id: "{{ nat.instance_id }}" + register: nat_route_table + + - name: delete route table + community.aws.ec2_vpc_route_table: + vpc_id: vpc-1245678 + region: us-west-1 + route_table_id: "{{ route_table.id }}" + lookup: id + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + route_table + +
    + complex +
    +     		always +
    Route Table result
    +
    +
      +
    + associations + +
    + complex +
    +     		always +
    List of subnets associated with the route table
    +
    +
       +
    + main + +
    + boolean +
    +     		always +
    Whether this is the main route table
    +
    +
       +
    + route_table_association_id + +
    + string +
    +     		always +
    ID of association between route table and subnet
    +
    +
    Sample:
    +
    rtbassoc-ab47cfc3
    +
       +
    + route_table_id + +
    + string +
    +     		always +
    ID of the route table
    +
    +
    Sample:
    +
    rtb-bf779ed7
    +
       +
    + subnet_id + +
    + string +
    +     		always +
    ID of the subnet
    +
    +
    Sample:
    +
    subnet-82055af9
    +
      +
    + id + +
    + string +
    +     		always +
    ID of the route table (same as route_table_id for backwards compatibility)
    +
    +
    Sample:
    +
    rtb-bf779ed7
    +
      +
    + propagating_vgws + +
    + list +
    +     		always +
    List of Virtual Private Gateways propagating routes
    +
    +
      +
    + route_table_id + +
    + string +
    +     		always +
    ID of the route table
    +
    +
    Sample:
    +
    rtb-bf779ed7
    +
      +
    + routes + +
    + complex +
    +     		always +
    List of routes in the route table
    +
    +
       +
    + destination_cidr_block + +
    + string +
    +     		always +
    CIDR block of destination
    +
    +
    Sample:
    +
    10.228.228.0/22
    +
       +
    + gateway_id + +
    + string +
    +     		when gateway is local or internet gateway +
    ID of the gateway
    +
    +
    Sample:
    +
    local
    +
       +
    + instance_id + +
    + string +
    +     		when the route is via an EC2 instance +
    ID of a NAT instance
    +
    +
    Sample:
    +
    i-abcd123456789
    +
       +
    + instance_owner_id + +
    + string +
    +     		when the route is via an EC2 instance +
    AWS account owning the NAT instance
    +
    +
    Sample:
    +
    123456789012
    +
       +
    + nat_gateway_id + +
    + string +
    +     		when the route is via a NAT gateway +
    ID of the NAT gateway
    +
    +
    Sample:
    +
    local
    +
       +
    + origin + +
    + string +
    +     		always +
    mechanism through which the route is in the table
    +
    +
    Sample:
    +
    CreateRouteTable
    +
       +
    + state + +
    + string +
    +     		always +
    state of the route
    +
    +
    Sample:
    +
    active
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    Tags applied to the route table
    +
    +
    Sample:
    +
    {'Name': 'Public route table', 'Public': 'true'}
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    ID for the VPC in which the route lives
    +
    +
    Sample:
    +
    vpc-6e2d2407
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Robert Estelle (@erydo) +- Rob White (@wimnat) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.ec2_vpc_vgw_info_module.rst b/docs/community.aws.ec2_vpc_vgw_info_module.rst new file mode 100644 index 00000000000..8b2816e8bf0 --- /dev/null +++ b/docs/community.aws.ec2_vpc_vgw_info_module.rst @@ -0,0 +1,329 @@ +.. _community.aws.ec2_vpc_vgw_info_module: + + +****************************** +community.aws.ec2_vpc_vgw_info +****************************** + +**Gather information about virtual gateways in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about virtual gateways in AWS. +- This module was called ``ec2_vpc_vgw_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html for possible filters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpn_gateway_ids + +
    + list + / elements=string
    +     		+ +
    Get details of a specific Virtual Gateway ID. This value should be provided as a list.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all virtual gateways for an account or profile + community.aws.ec2_vpc_vgw_info: + region: ap-southeast-2 + profile: production + register: vgw_info + + - name: Gather information about a filtered list of Virtual Gateways + community.aws.ec2_vpc_vgw_info: + region: ap-southeast-2 + profile: production + filters: + "tag:Name": "main-virt-gateway" + register: vgw_info + + - name: Gather information about a specific virtual gateway by VpnGatewayIds + community.aws.ec2_vpc_vgw_info: + region: ap-southeast-2 + profile: production + vpn_gateway_ids: vgw-c432f6a7 + register: vgw_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    True if listing the virtual gateways succeeds.
    +
    +
    Sample:
    +
    false
    +
    +
    + virtual_gateways + +
    + list +
    +     		always +
    The virtual gateways for the account.
    +
    +
    Sample:
    +
    [{'state': 'available', 'tags': [{'key': 'Name', 'value': 'TEST-VGW'}], 'type': 'ipsec.1', 'vpc_attachments': [{'state': 'attached', 'vpc_id': 'vpc-22a93c74'}], 'vpn_gateway_id': 'vgw-23e3d64e'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) + + diff --git a/docs/community.aws.ec2_vpc_vgw_module.rst b/docs/community.aws.ec2_vpc_vgw_module.rst new file mode 100644 index 00000000000..3dd97370a37 --- /dev/null +++ b/docs/community.aws.ec2_vpc_vgw_module.rst @@ -0,0 +1,428 @@ +.. _community.aws.ec2_vpc_vgw_module: + + +************************* +community.aws.ec2_vpc_vgw +************************* + +**Create and delete AWS VPN Virtual Gateways.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates AWS VPN Virtual Gateways +- Deletes AWS VPN Virtual Gateways +- Attaches Virtual Gateways to VPCs +- Detaches Virtual Gateways from VPCs + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + asn + +
    + integer +
    +     		+ +
    the BGP ASN of the amazon side
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    name of the vgw to be created or deleted
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    present to ensure resource is created.
    +
    absent to remove resource
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    dictionary of resource tags
    +

    aliases: resource_tags
    +
    +
    + type + +
    + string +
    +     		+
      Choices: +
    • ipsec.1 ←
      • +
    +     		+
    type of the virtual gateway to be created
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    the vpc-id of a vpc to attach or detach
    +
    +
    + vpn_gateway_id + +
    + string +
    +     		+ +
    vpn gateway id of an existing virtual gateway
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    320
    +     		+
    number of seconds to wait for status during vpc attach and detach
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new vgw attached to a specific VPC + community.aws.ec2_vpc_vgw: + state: present + region: ap-southeast-2 + profile: personal + vpc_id: vpc-12345678 + name: personal-testing + type: ipsec.1 + register: created_vgw + + - name: Create a new unattached vgw + community.aws.ec2_vpc_vgw: + state: present + region: ap-southeast-2 + profile: personal + name: personal-testing + type: ipsec.1 + tags: + environment: production + owner: ABC + register: created_vgw + + - name: Remove a new vgw using the name + community.aws.ec2_vpc_vgw: + state: absent + region: ap-southeast-2 + profile: personal + name: personal-testing + type: ipsec.1 + register: deleted_vgw + + - name: Remove a new vgw using the vpn_gateway_id + community.aws.ec2_vpc_vgw: + state: absent + region: ap-southeast-2 + profile: personal + vpn_gateway_id: vgw-3a9aa123 + register: deleted_vgw + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + result + +
    + dictionary +
    +     		success +
    The result of the create, or delete action.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) + + diff --git a/docs/community.aws.ec2_vpc_vpn_info_module.rst b/docs/community.aws.ec2_vpc_vpn_info_module.rst new file mode 100644 index 00000000000..e59d33d8134 --- /dev/null +++ b/docs/community.aws.ec2_vpc_vpn_info_module.rst @@ -0,0 +1,648 @@ +.. _community.aws.ec2_vpc_vpn_info_module: + + +****************************** +community.aws.ec2_vpc_vpn_info +****************************** + +**Gather information about VPN Connections in AWS.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about VPN Connections in AWS. +- This module was called ``ec2_vpc_vpn_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html for possible filters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpn_connection_ids + +
    + list + / elements=string
    +     		+ +
    Get details of a specific VPN connections using vpn connection ID/IDs. This value should be provided as a list.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # # Note: These examples do not set authentication details, see the AWS Guide for details. + - name: Gather information about all vpn connections + community.aws.ec2_vpc_vpn_info: + + - name: Gather information about a filtered list of vpn connections, based on tags + community.aws.ec2_vpc_vpn_info: + filters: + "tag:Name": test-connection + register: vpn_conn_info + + - name: Gather information about vpn connections by specifying connection IDs. + community.aws.ec2_vpc_vpn_info: + filters: + vpn-gateway-id: vgw-cbe66beb + register: vpn_conn_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + vpn_connections + +
    + complex +
    +     		always +
    List of one or more VPN Connections.
    +
    +
      +
    + category + +
    + string +
    +     		always +
    The category of the VPN connection.
    +
    +
    Sample:
    +
    VPN
    +
      +
    + customer_gateway_id + +
    + string +
    +     		always +
    The ID of the customer gateway at your end of the VPN connection.
    +
    +
    Sample:
    +
    cgw-17a53c37
    +
      +
    + customer_gatway_configuration + +
    + string +
    +     		always +
    The configuration information for the VPN connection's customer gateway (in the native XML format).
    +
    +
      +
    + options + +
    + dictionary +
    +     		always +
    The VPN connection options.
    +
    +
    Sample:
    +
    {'static_routes_only': False}
    +
      +
    + routes + +
    + complex +
    +     		always +
    List of static routes associated with the VPN connection.
    +
    +
       +
    + destination_cidr_block + +
    + string +
    +     		always +
    The CIDR block associated with the local subnet of the customer data center.
    +
    +
    Sample:
    +
    10.0.0.0/16
    +
       +
    + state + +
    + string +
    +     		always +
    The current state of the static route.
    +
    +
    Sample:
    +
    available
    +
      +
    + state + +
    + string +
    +     		always +
    The current state of the VPN connection.
    +
    +
    Sample:
    +
    available
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    Any tags assigned to the VPN connection.
    +
    +
    Sample:
    +
    {'Name': 'test-conn'}
    +
      +
    + type + +
    + string +
    +     		always +
    The type of VPN connection.
    +
    +
    Sample:
    +
    ipsec.1
    +
      +
    + vgw_telemetry + +
    + complex +
    +     		always +
    Information about the VPN tunnel.
    +
    +
       +
    + accepted_route_count + +
    + integer +
    +     		always +
    The number of accepted routes.
    +
    +
       +
    + certificate_arn + +
    + string +
    +     		when a private certificate is used for authentication +
    The Amazon Resource Name of the virtual private gateway tunnel endpoint certificate.
    +
    +
    Sample:
    +
    arn:aws:acm:us-east-1:123456789101:certificate/c544d8ce-20b8-4fff-98b0-example
    +
       +
    + last_status_change + +
    + string +
    +     		always +
    The date and time of the last change in status.
    +
    +
    Sample:
    +
    2018-02-09T14:35:27+00:00
    +
       +
    + outside_ip_address + +
    + string +
    +     		always +
    The Internet-routable IP address of the virtual private gateway's outside interface.
    +
    +
    Sample:
    +
    13.127.79.191
    +
       +
    + status + +
    + string +
    +     		always +
    The status of the VPN tunnel.
    +
    +
    Sample:
    +
    DOWN
    +
       +
    + status_message + +
    + string +
    +     		always +
    If an error occurs, a description of the error.
    +
    +
    Sample:
    +
    IPSEC IS DOWN
    +
      +
    + vpn_connection_id + +
    + string +
    +     		always +
    The ID of the VPN connection.
    +
    +
    Sample:
    +
    vpn-f700d5c0
    +
      +
    + vpn_gateway_id + +
    + string +
    +     		always +
    The ID of the virtual private gateway at the AWS side of the VPN connection.
    +
    +
    Sample:
    +
    vgw-cbe56bfb
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Madhura Naniwadekar (@Madhura-CSI) + + diff --git a/docs/community.aws.ec2_vpc_vpn_module.rst b/docs/community.aws.ec2_vpc_vpn_module.rst new file mode 100644 index 00000000000..31231c55f35 --- /dev/null +++ b/docs/community.aws.ec2_vpc_vpn_module.rst @@ -0,0 +1,939 @@ +.. _community.aws.ec2_vpc_vpn_module: + + +************************* +community.aws.ec2_vpc_vpn +************************* + +**Create, modify, and delete EC2 VPN connections.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module creates, modifies, and deletes VPN connections. Idempotence is achieved by using the filters option or specifying the VPN connection identifier. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + connection_type + +
    + string +
    +     		+ Default:
    "ipsec.1"
    +     		+
    The type of VPN connection.
    +
    At this time only 'ipsec.1' is supported.
    +
    +
    + customer_gateway_id + +
    + string +
    +     		+ +
    The ID of the customer gateway.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delay + +
    + integer +
    +     		+ Default:
    15
    +     		+
    The time to wait before checking operation again. in seconds.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
    +
    +
    + bgp + +
    + - +
    +     		+ +
    The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
    +
    +
    + cgw + +
    + - +
    +     		+ +
    The customer gateway id as a string or a list of those strings.
    +
    +
    + cgw-config + +
    + - +
    +     		+ +
    The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
    +
    +
    + cidr + +
    + - +
    +     		+ +
    The destination cidr of the VPN's route as a string or a list of those strings.
    +
    +
    + static-routes-only + +
    + - +
    +     		+ +
    The type of routing; true or false.
    +
    +
    + tag-keys + +
    + - +
    +     		+ +
    The key of a tag as a string or a list of those strings.
    +
    +
    + tag-values + +
    + - +
    +     		+ +
    The value of a tag as a string or a list of those strings.
    +
    +
    + tags + +
    + - +
    +     		+ +
    A dict of key value pairs.
    +
    +
    + vgw + +
    + - +
    +     		+ +
    The virtual private gateway as a string or a list of those strings.
    +
    +
    + vpn + +
    + - +
    +     		+ +
    The VPN connection id as a string or a list of those strings.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_routes + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to delete VPN connections routes that are not specified in the task.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + routes + +
    + list + / elements=string
    +     		+ +
    Routes to add to the connection.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    The desired state of the VPN connection.
    +
    +
    + static_only + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Tags to attach to the VPN connection.
    +
    +
    + tunnel_options + +
    + list + / elements=dictionary
    +     		+ +
    An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
    +
    +
    + PreSharedKey + +
    + string +
    +     		+ +
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
    +
    +
    + TunnelInsideCidr + +
    + string +
    +     		+ +
    The range of inside IP addresses for the tunnel.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpn_connection_id + +
    + string +
    +     		+ +
    The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
    +
    +
    + vpn_gateway_id + +
    + string +
    +     		+ +
    The ID of the virtual private gateway.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    600
    +     		+
    How long before wait gives up, in seconds.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + - name: create a VPN connection + community.aws.ec2_vpc_vpn: + state: present + vpn_gateway_id: vgw-XXXXXXXX + customer_gateway_id: cgw-XXXXXXXX + + - name: modify VPN connection tags + community.aws.ec2_vpc_vpn: + state: present + vpn_connection_id: vpn-XXXXXXXX + tags: + Name: ansible-tag-1 + Other: ansible-tag-2 + + - name: delete a connection + community.aws.ec2_vpc_vpn: + vpn_connection_id: vpn-XXXXXXXX + state: absent + + - name: modify VPN tags (identifying VPN by filters) + community.aws.ec2_vpc_vpn: + state: present + filters: + cidr: 194.168.1.0/24 + tag-keys: + - Ansible + - Other + tags: + New: Tag + purge_tags: true + static_only: true + + - name: set up VPN with tunnel options utilizing 'TunnelInsideCidr' only + community.aws.ec2_vpc_vpn: + state: present + filters: + vpn: vpn-XXXXXXXX + static_only: true + tunnel_options: + - + TunnelInsideCidr: '169.254.100.1/30' + - + TunnelInsideCidr: '169.254.100.5/30' + + - name: add routes and remove any preexisting ones + community.aws.ec2_vpc_vpn: + state: present + filters: + vpn: vpn-XXXXXXXX + routes: + - 195.168.2.0/24 + - 196.168.2.0/24 + purge_routes: true + + - name: remove all routes + community.aws.ec2_vpc_vpn: + state: present + vpn_connection_id: vpn-XXXXXXXX + routes: [] + purge_routes: true + + - name: delete a VPN identified by filters + community.aws.ec2_vpc_vpn: + state: absent + filters: + tags: + Ansible: Tag + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    If the VPN connection has changed.
    +
    +
    Sample:
    +
    {'changed': True}
    +
    +
    + customer_gateway_configuration + +
    + string +
    +     		state=present +
    The configuration of the VPN connection.
    +
    +
    +
    + customer_gateway_id + +
    + string +
    +     		state=present +
    The customer gateway connected via the connection.
    +
    +
    Sample:
    +
    {'customer_gateway_id': 'cgw-1220c87b'}
    +
    +
    + options + +
    + complex +
    +     		state=present +
    The VPN connection options (currently only containing static_routes_only).
    +
    +
      +
    + static_routes_only + +
    + string +
    +     		state=present +
    If the VPN connection only allows static routes.
    +
    +
    Sample:
    +
    {'static_routes_only': True}
    +
    +
    + routes + +
    + list +
    +     		state=present +
    The routes of the VPN connection.
    +
    +
    Sample:
    +
    {'routes': [{'destination_cidr_block': '192.168.1.0/24', 'state': 'available'}]}
    +
    +
    + state + +
    + string +
    +     		state=present +
    The status of the VPN connection.
    +
    +
    Sample:
    +
    {'state': 'available'}
    +
    +
    + tags + +
    + dictionary +
    +     		state=present +
    The tags associated with the connection.
    +
    +
    Sample:
    +
    {'tags': {'name': 'ansible-test', 'other': 'tag'}}
    +
    +
    + type + +
    + string +
    +     		state=present +
    The type of VPN connection (currently only ipsec.1 is available).
    +
    +
    Sample:
    +
    {'type': 'ipsec.1'}
    +
    +
    + vgw_telemetry + +
    + list +
    +     		state=present +
    The telemetry for the VPN tunnel.
    +
    +
    Sample:
    +
    {'vgw_telemetry': [{'outside_ip_address': 'string', 'status': 'up', 'last_status_change': 'datetime(2015, 1, 1)', 'status_message': 'string', 'accepted_route_count': 123}]}
    +
    +
    + vpn_connection_id + +
    + string +
    +     		state=present +
    The identifier for the VPN connection.
    +
    +
    Sample:
    +
    {'vpn_connection_id': 'vpn-781e0e19'}
    +
    +
    + vpn_gateway_id + +
    + string +
    +     		state=present +
    The virtual private gateway connected via the connection.
    +
    +
    Sample:
    +
    {'vpn_gateway_id': 'vgw-cb0ae2a2'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.ec2_win_password_module.rst b/docs/community.aws.ec2_win_password_module.rst new file mode 100644 index 00000000000..92888f50c03 --- /dev/null +++ b/docs/community.aws.ec2_win_password_module.rst @@ -0,0 +1,360 @@ +.. _community.aws.ec2_win_password_module: + + +****************************** +community.aws.ec2_win_password +****************************** + +**Gets the default administrator password for ec2 windows instances** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets the default administrator password from any EC2 Windows instance. The instance is referenced by its id (e.g. ``i-XXXXXXX``). +- This module has a dependency on python-boto. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- cryptography +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + instance_id + +
    + string + / required
    +     		+ +
    The instance id to get the password data from.
    +
    +
    + key_data + +
    + string +
    +     		+ +
    The private key (usually stored in vault).
    +
    Conflicts with key_file,
    +
    +
    + key_file + +
    + path +
    +     		+ +
    Path to the file containing the key pair used on the instance.
    +
    Conflicts with key_data.
    +
    +
    + key_passphrase + +
    + string +
    +     		+ +
    The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) openssl rsa -in current_key -out new_key -des3.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the password to be available before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    120
    +     		+
    Number of seconds to wait before giving up.
    +
    +
    + + +Notes +----- + +.. note:: + - As of Ansible 2.4, this module requires the python cryptography module rather than the older pycrypto module. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Example of getting a password + - name: get the Administrator password + community.aws.ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_file: "~/aws-creds/my_test_key.pem" + + # Example of getting a password using a variable + - name: get the Administrator password + community.aws.ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_data: "{{ ec2_private_key }}" + + # Example of getting a password with a password protected key + - name: get the Administrator password + community.aws.ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_file: "~/aws-creds/my_protected_test_key.pem" + key_passphrase: "secret" + + # Example of waiting for a password + - name: get the Administrator password + community.aws.ec2_win_password: + profile: my-boto-profile + instance_id: i-XXXXXX + region: us-east-1 + key_file: "~/aws-creds/my_test_key.pem" + wait: yes + wait_timeout: 45 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rick Mendes (@rickmendes) + + diff --git a/docs/community.aws.ecs_attribute_module.rst b/docs/community.aws.ecs_attribute_module.rst new file mode 100644 index 00000000000..e45d1584b8a --- /dev/null +++ b/docs/community.aws.ecs_attribute_module.rst @@ -0,0 +1,460 @@ +.. _community.aws.ecs_attribute_module: + + +*************************** +community.aws.ecs_attribute +*************************** + +**manage ecs attributes** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, update or delete ECS container instance attributes. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + attributes + +
    + list + / elements=dictionary / required
    +     		+ +
    List of attributes.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, and periods are allowed.
    +
    +
    + value + +
    + string +
    +     		+ +
    The value of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, periods, at signs (@), forward slashes, colons, and spaces are allowed.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster + +
    + string + / required
    +     		+ +
    The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_instance_id + +
    + string + / required
    +     		+ +
    EC2 instance ID of ECS cluster container instance.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    The desired state of the attributes.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Set attributes + community.aws.ecs_attribute: + state: present + cluster: test-cluster + ec2_instance_id: "{{ ec2_id }}" + attributes: + - flavor: test + - migrated + delegate_to: localhost + + - name: Delete attributes + community.aws.ecs_attribute: + state: absent + cluster: test-cluster + ec2_instance_id: "{{ ec2_id }}" + attributes: + - flavor: test + - migrated + delegate_to: localhost + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + attributes + +
    + complex +
    +     		always +
    attributes
    +
    +
      +
    + attributes + +
    + list + / elements=dictionary
    +     		+
    list of attributes
    +
    +
       +
    + name + +
    + string +
    +     		+
    name of the attribute
    +
    +
       +
    + value + +
    + string +
    +     		if present +
    value of the attribute
    +
    +
      +
    + cluster + +
    + string +
    +     		+
    cluster name
    +
    +
      +
    + ec2_instance_id + +
    + string +
    +     		+
    ec2 instance id of ecs container instance
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Andrej Svenke (@anryko) + + diff --git a/docs/community.aws.ecs_cluster_module.rst b/docs/community.aws.ecs_cluster_module.rst new file mode 100644 index 00000000000..f8bffee55ac --- /dev/null +++ b/docs/community.aws.ecs_cluster_module.rst @@ -0,0 +1,442 @@ +.. _community.aws.ecs_cluster_module: + + +************************* +community.aws.ecs_cluster +************************* + +**Create or terminate ECS clusters.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or terminates ecs clusters. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delay + +
    + integer +
    +     		+ Default:
    10
    +     		+
    Number of seconds to wait.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The cluster name.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + repeat + +
    + integer +
    +     		+ Default:
    10
    +     		+
    The number of times to wait for the cluster to have an instance.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • has_instances
      • +
    +     		+
    The desired state of the cluster.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - When deleting a cluster, the information returned is the state of the cluster prior to deletion. + - It will also wait for a cluster to have instances registered to it. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Cluster creation + community.aws.ecs_cluster: + name: default + state: present + + - name: Cluster deletion + community.aws.ecs_cluster: + name: default + state: absent + + - name: Wait for register + community.aws.ecs_cluster: + name: "{{ new_cluster }}" + state: has_instances + delay: 10 + repeat: 10 + register: task_output + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + activeServicesCount + +
    + integer +
    +     		0 if a new cluster +
    how many services are active in this cluster
    +
    +
    +
    + clusterArn + +
    + string +
    +     		0 if a new cluster +
    the ARN of the cluster just created
    +
    +
    Sample:
    +
    arn:aws:ecs:us-west-2:172139249013:cluster/test-cluster-mfshcdok
    +
    +
    + clusterName + +
    + string +
    +     		always +
    name of the cluster just created (should match the input argument)
    +
    +
    Sample:
    +
    test-cluster-mfshcdok
    +
    +
    + pendingTasksCount + +
    + integer +
    +     		0 if a new cluster +
    how many tasks are waiting to run in this cluster
    +
    +
    +
    + registeredContainerInstancesCount + +
    + integer +
    +     		0 if a new cluster +
    how many container instances are available in this cluster
    +
    +
    +
    + runningTasksCount + +
    + integer +
    +     		0 if a new cluster +
    how many tasks are running in this cluster
    +
    +
    +
    + status + +
    + string +
    +     		always +
    the status of the new cluster
    +
    +
    Sample:
    +
    ACTIVE
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) + + diff --git a/docs/community.aws.ecs_ecr_module.rst b/docs/community.aws.ecs_ecr_module.rst new file mode 100644 index 00000000000..39ccb8ec31c --- /dev/null +++ b/docs/community.aws.ecs_ecr_module.rst @@ -0,0 +1,527 @@ +.. _community.aws.ecs_ecr_module: + + +********************* +community.aws.ecs_ecr +********************* + +**Manage Elastic Container Registry repositories** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage Elastic Container Registry repositories. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + force_set_policy + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If force_set_policy=false, it prevents setting a policy that would prevent you from setting another policy in the future.
    +
    +
    + image_tag_mutability + +
    + string +
    +     		+
      Choices: +
    • mutable ←
      • +
    • immutable
      • +
    +     		+
    Configure whether repository should be mutable (ie. an already existing tag can be overwritten) or not.
    +
    +
    + lifecycle_policy + +
    + json +
    +     		+ +
    JSON or dict that represents the new lifecycle policy
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the repository.
    +
    +
    + policy + +
    + json +
    +     		+ +
    JSON or dict that represents the new policy.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_lifecycle_policy + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    if yes, remove the lifecycle policy from the repository
    +
    +
    + purge_policy + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If yes, remove the policy from the repository.
    +
    Alias delete_policy has been deprecated and will be removed after 2022-06-01.
    +

    aliases: delete_policy
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + registry_id + +
    + string +
    +     		+ +
    AWS account id associated with the registry.
    +
    If not specified, the default registry is assumed.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or destroy the repository.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # If the repository does not exist, it is created. If it does exist, would not + # affect any policies already on it. + - name: ecr-repo + community.aws.ecs_ecr: + name: super/cool + + - name: destroy-ecr-repo + community.aws.ecs_ecr: + name: old/busted + state: absent + + - name: Cross account ecr-repo + community.aws.ecs_ecr: + registry_id: 999999999999 + name: cross/account + + - name: set-policy as object + community.aws.ecs_ecr: + name: needs-policy-object + policy: + Version: '2008-10-17' + Statement: + - Sid: read-only + Effect: Allow + Principal: + AWS: '{{ read_only_arn }}' + Action: + - ecr:GetDownloadUrlForLayer + - ecr:BatchGetImage + - ecr:BatchCheckLayerAvailability + + - name: set-policy as string + community.aws.ecs_ecr: + name: needs-policy-string + policy: "{{ lookup('template', 'policy.json.j2') }}" + + - name: delete-policy + community.aws.ecs_ecr: + name: needs-no-policy + purge_policy: yes + + - name: create immutable ecr-repo + community.aws.ecs_ecr: + name: super/cool + image_tag_mutability: immutable + + - name: set-lifecycle-policy + community.aws.ecs_ecr: + name: needs-lifecycle-policy + lifecycle_policy: + rules: + - rulePriority: 1 + description: new policy + selection: + tagStatus: untagged + countType: sinceImagePushed + countUnit: days + countNumber: 365 + action: + type: expire + + - name: purge-lifecycle-policy + community.aws.ecs_ecr: + name: needs-no-lifecycle-policy + purge_lifecycle_policy: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + created + +
    + boolean +
    +     		always +
    If true, the repository was created
    +
    +
    +
    + name + +
    + string +
    +     		when state == 'absent' +
    The name of the repository
    +
    +
    +
    + repository + +
    + dictionary +
    +     		when state == 'present' +
    The created or updated repository
    +
    +
    Sample:
    +
    {'createdAt': '2017-01-17T08:41:32-06:00', 'registryId': '999999999999', 'repositoryArn': 'arn:aws:ecr:us-east-1:999999999999:repository/ecr-test-1484664090', 'repositoryName': 'ecr-test-1484664090', 'repositoryUri': '999999999999.dkr.ecr.us-east-1.amazonaws.com/ecr-test-1484664090'}
    +
    +
    + state + +
    + string +
    +     		always +
    The asserted state of the repository (present, absent)
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- David M. Lee (@leedm777) + + diff --git a/docs/community.aws.ecs_service_info_module.rst b/docs/community.aws.ecs_service_info_module.rst new file mode 100644 index 00000000000..6c289787f3d --- /dev/null +++ b/docs/community.aws.ecs_service_info_module.rst @@ -0,0 +1,571 @@ +.. _community.aws.ecs_service_info_module: + + +****************************** +community.aws.ecs_service_info +****************************** + +**List or describe services in ECS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Lists or describes services in ECS. +- This module was called ``ecs_service_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.ecs_service_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster + +
    + string +
    +     		+ +
    The cluster ARNS in which to list the services.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + details + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Set this to true if you want detailed information about the services.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + events + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to return ECS service events. Only has an effect if details=true.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + service + +
    + list + / elements=string
    +     		+ +
    One or more services to get details for
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic listing example + - community.aws.ecs_service_info: + cluster: test-cluster + service: console-test-service + details: true + register: output + + # Basic listing example + - community.aws.ecs_service_info: + cluster: test-cluster + register: output + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + services + +
    + complex +
    +     		success +
    When details is false, returns an array of service ARNs, otherwise an array of complex objects as described below.
    +
    +
      +
    + clusterArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    +
    +
      +
    + deployments + +
    + list + / elements=dictionary
    +     		always +
    list of service deployments
    +
    +
      +
    + desiredCount + +
    + integer +
    +     		always +
    The desired number of instantiations of the task definition to keep running on the service.
    +
    +
      +
    + events + +
    + list + / elements=dictionary
    +     		when events is true +
    list of service events
    +
    +
      +
    + loadBalancers + +
    + complex +
    +     		always +
    A list of load balancer objects
    +
    +
       +
    + containerName + +
    + string +
    +     		always +
    The name of the container to associate with the load balancer.
    +
    +
       +
    + containerPort + +
    + integer +
    +     		always +
    The port on the container to associate with the load balancer.
    +
    +
       +
    + loadBalancerName + +
    + string +
    +     		always +
    the name
    +
    +
      +
    + pendingCount + +
    + integer +
    +     		always +
    The number of tasks in the cluster that are in the PENDING state.
    +
    +
      +
    + runningCount + +
    + integer +
    +     		always +
    The number of tasks in the cluster that are in the RUNNING state.
    +
    +
      +
    + serviceArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    +
    +
      +
    + serviceName + +
    + string +
    +     		always +
    A user-generated string used to identify the service
    +
    +
      +
    + status + +
    + string +
    +     		always +
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    +
    +
      +
    + taskDefinition + +
    + string +
    +     		always +
    The ARN of a task definition to use for tasks in the service.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) +- Darek Kaczynski (@kaczynskid) + + diff --git a/docs/community.aws.ecs_service_module.rst b/docs/community.aws.ecs_service_module.rst new file mode 100644 index 00000000000..c76848b84b1 --- /dev/null +++ b/docs/community.aws.ecs_service_module.rst @@ -0,0 +1,1642 @@ +.. _community.aws.ecs_service_module: + + +************************* +community.aws.ecs_service +************************* + +**Create, terminate, start or stop a service in ECS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or terminates ECS. services. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + client_token + +
    + string +
    +     		+ +
    Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
    +
    +
    + cluster + +
    + string +
    +     		+ +
    The name of the cluster in which the service exists.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delay + +
    + integer +
    +     		+ Default:
    10
    +     		+
    The time to wait before checking that the service is available.
    +
    +
    + deployment_configuration + +
    + dictionary +
    +     		+ +
    Optional parameters that control the deployment_configuration.
    +
    Format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
    +
    +
    + maximum_percent + +
    + integer +
    +     		+ +
    Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment.
    +
    +
    + minimum_healthy_percent + +
    + integer +
    +     		+ +
    A lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment.
    +
    +
    + desired_count + +
    + integer +
    +     		+ +
    The count of how many instances of the service.
    +
    This parameter is required when state=present.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + force_new_deployment + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Force deployment of service even if there are no changes.
    +
    +
    + health_check_grace_period_seconds + +
    + integer +
    +     		+ +
    Seconds to wait before health checking the freshly added/updated services.
    +
    This option requires botocore >= 1.8.20.
    +
    +
    + launch_type + +
    + string +
    +     		+
      Choices: +
    • EC2
      • +
    • FARGATE
      • +
    +     		+
    The launch type on which to run your service.
    +
    +
    + load_balancers + +
    + list + / elements=string
    +     		+ +
    The list of ELBs defined for this service.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the service.
    +
    +
    + network_configuration + +
    + dictionary +
    +     		+ +
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    +
    assign_public_ip requires botocore >= 1.8.4
    +
    +
    + assign_public_ip + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the task's elastic network interface receives a public IP address.
    +
    This option requires botocore >= 1.8.4.
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    A list of security group names or group IDs to associate with the task
    +
    +
    + subnets + +
    + list + / elements=string
    +     		+ +
    A list of subnet IDs to associate with the task
    +
    +
    + placement_constraints + +
    + list + / elements=dictionary
    +     		+ +
    The placement constraints for the tasks in the service.
    + +
    +
    + expression + +
    + string +
    +     		+ +
    A cluster query language expression to apply to the constraint.
    +
    +
    + type + +
    + string +
    +     		+ +
    The type of constraint.
    +
    +
    + placement_strategy + +
    + list + / elements=dictionary
    +     		+ +
    The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service.
    +
    +
    + field + +
    + string +
    +     		+ +
    The field to apply the placement strategy against.
    +
    +
    + type + +
    + string +
    +     		+ +
    The type of placement strategy.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + repeat + +
    + integer +
    +     		+ Default:
    10
    +     		+
    The number of times to check that the service is available.
    +
    +
    + role + +
    + string +
    +     		+ +
    The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf.
    +
    This parameter is only required if you are using a load balancer with your service in a network mode other than awsvpc.
    +
    +
    + scheduling_strategy + +
    + string +
    +     		+
      Choices: +
    • DAEMON
      • +
    • REPLICA
      • +
    +     		+
    The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + service_registries + +
    + list + / elements=dictionary
    +     		+ +
    Describes service discovery registries this service will register with.
    +
    +
    + arn + +
    + string +
    +     		+ +
    Service discovery registry ARN
    +
    +
    + container_name + +
    + string +
    +     		+ +
    container name for service discovery registration
    +
    +
    + container_port + +
    + integer +
    +     		+ +
    container port for service discovery registration
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • deleting
      • +
    +     		+
    The desired state of the service.
    +
    +
    + task_definition + +
    + string +
    +     		+ +
    The task definition the service will run.
    +
    This parameter is required when state=present.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - The service role specified must be assumable. (i.e. have a trust relationship for the ecs service, ecs.amazonaws.com) + - For details of the parameters and returns see https://boto3.readthedocs.io/en/latest/reference/services/ecs.html. + - An IAM role must have been previously created. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic provisioning example + - community.aws.ecs_service: + state: present + name: console-test-service + cluster: new_cluster + task_definition: 'new_cluster-task:1' + desired_count: 0 + + - name: create ECS service on VPC network + community.aws.ecs_service: + state: present + name: console-test-service + cluster: new_cluster + task_definition: 'new_cluster-task:1' + desired_count: 0 + network_configuration: + subnets: + - subnet-abcd1234 + security_groups: + - sg-aaaa1111 + - my_security_group + + # Simple example to delete + - community.aws.ecs_service: + name: default + state: absent + cluster: new_cluster + + # With custom deployment configuration (added in version 2.3), placement constraints and strategy (added in version 2.4) + - community.aws.ecs_service: + state: present + name: test-service + cluster: test-cluster + task_definition: test-task-definition + desired_count: 3 + deployment_configuration: + minimum_healthy_percent: 75 + maximum_percent: 150 + placement_constraints: + - type: memberOf + expression: 'attribute:flavor==test' + placement_strategy: + - type: binpack + field: memory + + + +Returned Facts +-------------- +Facts returned by this module are added/updated in the ``hostvars`` host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them. + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    FactReturnedDescription
    +
    + service + +
    + complex +
    +     		when service existed and was deleted +
    Details of deleted service. +
    +
    +
    +
    + clusterArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service. +
    +
    +
    +
    + deploymentConfiguration + +
    + complex +
    +     		always +
    dictionary of deploymentConfiguration +
    +
    +
    +
    + maximumPercent + +
    + integer +
    +     		always +
    maximumPercent param +
    +
    +
    +
    + minimumHealthyPercent + +
    + integer +
    +     		always +
    minimumHealthyPercent param +
    +
    +
    +
    + deployments + +
    + list + / elements=dictionary
    +     		always +
    list of service deployments +
    +
    +
    +
    + desiredCount + +
    + integer +
    +     		always +
    The desired number of instantiations of the task definition to keep running on the service. +
    +
    +
    +
    + events + +
    + list + / elements=dictionary
    +     		always +
    list of service events +
    +
    +
    +
    + loadBalancers + +
    + complex +
    +     		always +
    A list of load balancer objects +
    +
    +
    +
    + containerName + +
    + string +
    +     		always +
    The name of the container to associate with the load balancer. +
    +
    +
    +
    + containerPort + +
    + integer +
    +     		always +
    The port on the container to associate with the load balancer. +
    +
    +
    +
    + loadBalancerName + +
    + string +
    +     		always +
    the name +
    +
    +
    +
    + pendingCount + +
    + integer +
    +     		always +
    The number of tasks in the cluster that are in the PENDING state. +
    +
    +
    +
    + placementConstraints + +
    + list + / elements=dictionary
    +     		always +
    List of placement constraints objects +
    +
    +
    +
    + expression + +
    + string +
    +     		always +
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance. +
    +
    +
    +
    + type + +
    + string +
    +     		always +
    The type of constraint. Valid values are distinctInstance and memberOf. +
    +
    +
    +
    + placementStrategy + +
    + list + / elements=dictionary
    +     		always +
    List of placement strategy objects +
    +
    +
    +
    + field + +
    + string +
    +     		always +
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY. +
    +
    +
    +
    + type + +
    + string +
    +     		always +
    The type of placement strategy. Valid values are random, spread and binpack. +
    +
    +
    +
    + runningCount + +
    + integer +
    +     		always +
    The number of tasks in the cluster that are in the RUNNING state. +
    +
    +
    +
    + serviceArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service . +
    +
    +
    +
    + serviceName + +
    + string +
    +     		always +
    A user-generated string used to identify the service +
    +
    +
    +
    + status + +
    + string +
    +     		always +
    The valid values are ACTIVE, DRAINING, or INACTIVE. +
    +
    +
    +
    + taskDefinition + +
    + string +
    +     		always +
    The ARN of a task definition to use for tasks in the service. +
    +
    +
    +

    + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + service + +
    + complex +
    +     		when creating a service +
    Details of created service.
    +
    +
      +
    + clusterArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    +
    +
      +
    + deploymentConfiguration + +
    + complex +
    +     		always +
    dictionary of deploymentConfiguration
    +
    +
       +
    + maximumPercent + +
    + integer +
    +     		always +
    maximumPercent param
    +
    +
       +
    + minimumHealthyPercent + +
    + integer +
    +     		always +
    minimumHealthyPercent param
    +
    +
      +
    + deployments + +
    + list + / elements=dictionary
    +     		always +
    list of service deployments
    +
    +
      +
    + desiredCount + +
    + integer +
    +     		always +
    The desired number of instantiations of the task definition to keep running on the service.
    +
    +
      +
    + events + +
    + list + / elements=dictionary
    +     		always +
    list of service events
    +
    +
      +
    + loadBalancers + +
    + complex +
    +     		always +
    A list of load balancer objects
    +
    +
       +
    + containerName + +
    + string +
    +     		always +
    The name of the container to associate with the load balancer.
    +
    +
       +
    + containerPort + +
    + integer +
    +     		always +
    The port on the container to associate with the load balancer.
    +
    +
       +
    + loadBalancerName + +
    + string +
    +     		always +
    the name
    +
    +
      +
    + pendingCount + +
    + integer +
    +     		always +
    The number of tasks in the cluster that are in the PENDING state.
    +
    +
      +
    + placementConstraints + +
    + list + / elements=dictionary
    +     		always +
    List of placement constraints objects
    +
    +
       +
    + expression + +
    + string +
    +     		always +
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.
    +
    +
       +
    + type + +
    + string +
    +     		always +
    The type of constraint. Valid values are distinctInstance and memberOf.
    +
    +
      +
    + placementStrategy + +
    + list + / elements=dictionary
    +     		always +
    List of placement strategy objects
    +
    +
       +
    + field + +
    + string +
    +     		always +
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.
    +
    +
       +
    + type + +
    + string +
    +     		always +
    The type of placement strategy. Valid values are random, spread and binpack.
    +
    +
      +
    + runningCount + +
    + integer +
    +     		always +
    The number of tasks in the cluster that are in the RUNNING state.
    +
    +
      +
    + serviceArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    +
    +
      +
    + serviceName + +
    + string +
    +     		always +
    A user-generated string used to identify the service
    +
    +
      +
    + status + +
    + string +
    +     		always +
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    +
    +
      +
    + taskDefinition + +
    + string +
    +     		always +
    The ARN of a task definition to use for tasks in the service.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) +- Darek Kaczynski (@kaczynskid) +- Stephane Maarek (@simplesteph) +- Zac Blazic (@zacblazic) + + diff --git a/docs/community.aws.ecs_tag_module.rst b/docs/community.aws.ecs_tag_module.rst new file mode 100644 index 00000000000..0a8f538e71a --- /dev/null +++ b/docs/community.aws.ecs_tag_module.rst @@ -0,0 +1,431 @@ +.. _community.aws.ecs_tag_module: + + +********************* +community.aws.ecs_tag +********************* + +**create and remove tags on Amazon ECS resources** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and removes tags for Amazon ECS resources. +- Resources are referenced by their cluster name. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster_name + +
    + string + / required
    +     		+ +
    The name of the cluster whose resources we are tagging.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether unspecified tags should be removed from the resource.
    +
    Note that when combined with state=absent, specified tags with non-matching values are not purged.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + resource + +
    + string +
    +     		+ +
    The ECS resource name.
    +
    Required unless resource_type=cluster.
    +
    +
    + resource_type + +
    + string +
    +     		+
      Choices: +
    • cluster ←
      • +
    • task
      • +
    • service
      • +
    • task_definition
      • +
    • container
      • +
    +     		+
    The type of resource.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the tags should be present or absent on the resource.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of tags to add or remove from the resource.
    +
    If the value provided for a tag is null and state=absent, the tag will be removed regardless of its current value.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - none + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Ensure tags are present on a resource + community.aws.ecs_tag: + cluster_name: mycluster + resource_type: cluster + state: present + tags: + Name: ubervol + env: prod + + - name: Remove the Env tag + community.aws.ecs_tag: + cluster_name: mycluster + resource_type: cluster + tags: + Env: + state: absent + + - name: Remove the Env tag if it's currently 'development' + community.aws.ecs_tag: + cluster_name: mycluster + resource_type: cluster + tags: + Env: development + state: absent + + - name: Remove all tags except for Name from a cluster + community.aws.ecs_tag: + cluster_name: mycluster + resource_type: cluster + tags: + Name: foo + state: absent + purge_tags: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + added_tags + +
    + dictionary +
    +     		If tags were added +
    A dict of tags that were added to the resource
    +
    +
    +
    + removed_tags + +
    + dictionary +
    +     		If tags were removed +
    A dict of tags that were removed from the resource
    +
    +
    +
    + tags + +
    + dictionary +
    +     		always +
    A dict containing the tags on the resource
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Pechner (@mpechner) + + diff --git a/docs/community.aws.ecs_task_module.rst b/docs/community.aws.ecs_task_module.rst new file mode 100644 index 00000000000..4b171d2f6a4 --- /dev/null +++ b/docs/community.aws.ecs_task_module.rst @@ -0,0 +1,747 @@ +.. _community.aws.ecs_task_module: + + +********************** +community.aws.ecs_task +********************** + +**Run, start or stop a task in ecs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or deletes instances of task definitions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster + +
    + string +
    +     		+ +
    The name of the cluster to run the task on.
    +
    +
    + container_instances + +
    + list + / elements=string
    +     		+ +
    The list of container instances on which to deploy the task.
    +
    +
    + count + +
    + integer +
    +     		+ +
    How many new instances to start.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + launch_type + +
    + string +
    +     		+
      Choices: +
    • EC2
      • +
    • FARGATE
      • +
    +     		+
    The launch type on which to run your service.
    +
    +
    + network_configuration + +
    + dictionary +
    +     		+ +
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    A list of group names or group IDs for the task.
    +
    +
    + subnets + +
    + list + / elements=string
    +     		+ +
    A list of subnet IDs to which the task is attached.
    +
    +
    + operation + +
    + string + / required
    +     		+
      Choices: +
    • run
      • +
    • start
      • +
    • stop
      • +
    +     		+
    Which task operation to execute.
    +
    +
    + overrides + +
    + dictionary +
    +     		+ +
    A dictionary of values to pass to the new instances.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + started_by + +
    + string +
    +     		+ +
    A value showing who or what started the task (for informational purposes).
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Tags that will be added to ecs tasks on start and run
    +
    +
    + task + +
    + string +
    +     		+ +
    The task to stop.
    +
    +
    + task_definition + +
    + string +
    +     		+ +
    The task definition to start or run.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of run task + - name: Run task + community.aws.ecs_task: + operation: run + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + count: 1 + started_by: ansible_user + register: task_output + + # Simple example of start task + + - name: Start a task + community.aws.ecs_task: + operation: start + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" + tags: + resourceName: a_task_for_ansible_to_run + type: long_running_task + network: internal + version: 1.4 + container_instances: + - arn:aws:ecs:us-west-2:172139249013:container-instance/79c23f22-876c-438a-bddf-55c98a3538a8 + started_by: ansible_user + network_configuration: + subnets: + - subnet-abcd1234 + security_groups: + - sg-aaaa1111 + - my_security_group + register: task_output + + - name: RUN a task on Fargate + community.aws.ecs_task: + operation: run + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" + started_by: ansible_user + launch_type: FARGATE + network_configuration: + subnets: + - subnet-abcd1234 + security_groups: + - sg-aaaa1111 + - my_security_group + register: task_output + + - name: Stop a task + community.aws.ecs_task: + operation: stop + cluster: console-sample-app-static-cluster + task_definition: console-sample-app-static-taskdef + task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + task + +
    + complex +
    +     		success +
    details about the task that was started
    +
    +
      +
    + clusterArn + +
    + string +
    +     		only when details is true +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the task.
    +
    +
      +
    + containerInstanceArn + +
    + string +
    +     		only when details is true +
    The Amazon Resource Name (ARN) of the container running the task.
    +
    +
      +
    + containers + +
    + list + / elements=dictionary
    +     		only when details is true +
    The container details.
    +
    +
      +
    + createdAt + +
    + string +
    +     		only when details is true +
    The timestamp of when the task was created.
    +
    +
      +
    + desiredStatus + +
    + string +
    +     		only when details is true +
    The desired status of the task.
    +
    +
      +
    + lastStatus + +
    + string +
    +     		only when details is true +
    The last recorded status of the task.
    +
    +
      +
    + launchType + +
    + string +
    +     		always +
    The launch type on which to run your task.
    +
    +
      +
    + overrides + +
    + list + / elements=dictionary
    +     		only when details is true +
    The container overrides set for this task.
    +
    +
      +
    + startedAt + +
    + string +
    +     		only when details is true +
    The timestamp of when the task was started.
    +
    +
      +
    + startedBy + +
    + string +
    +     		only when details is true +
    The used who started the task.
    +
    +
      +
    + stoppedAt + +
    + string +
    +     		only when details is true +
    The timestamp of when the task was stopped.
    +
    +
      +
    + stoppedReason + +
    + string +
    +     		only when details is true +
    The reason why the task was stopped.
    +
    +
      +
    + taskArn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) that identifies the task.
    +
    +
      +
    + taskDefinitionArn + +
    + string +
    +     		only when details is true +
    The Amazon Resource Name (ARN) of the task definition.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) + + diff --git a/docs/community.aws.ecs_taskdefinition_info_module.rst b/docs/community.aws.ecs_taskdefinition_info_module.rst new file mode 100644 index 00000000000..2f426b87f22 --- /dev/null +++ b/docs/community.aws.ecs_taskdefinition_info_module.rst @@ -0,0 +1,1242 @@ +.. _community.aws.ecs_taskdefinition_info_module: + + +************************************* +community.aws.ecs_taskdefinition_info +************************************* + +**Describe a task definition in ECS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Describes a task definition in ECS. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + task_definition + +
    + string + / required
    +     		+ +
    The name of the task definition to get details for
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition + - This module was called ``ecs_taskdefinition_facts`` before Ansible 2.9. The usage did not change. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - community.aws.ecs_taskdefinition_info: + task_definition: test-td + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + container_definitions + +
    + complex +
    +     		success +
    Returns a list of complex objects representing the containers
    +
    +
      +
    + command + +
    + string +
    +     		when present +
    The command that is passed to the container.
    +
    +
      +
    + cpu + +
    + integer +
    +     		always +
    The number of cpu units reserved for the container.
    +
    +
      +
    + disableNetworking + +
    + boolean +
    +     		when present +
    When this parameter is true, networking is disabled within the container.
    +
    +
      +
    + dnsSearchDomains + +
    + string +
    +     		when present +
    A list of DNS search domains that are presented to the container.
    +
    +
      +
    + dnsServers + +
    + string +
    +     		when present +
    A list of DNS servers that are presented to the container.
    +
    +
      +
    + dockerLabels + +
    + string +
    +     		when present +
    A key/value map of labels to add to the container.
    +
    +
      +
    + dockerSecurityOptions + +
    + string +
    +     		when present +
    A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems.
    +
    +
      +
    + entryPoint + +
    + string +
    +     		when present +
    The entry point that is passed to the container.
    +
    +
      +
    + environment + +
    + complex +
    +     		always +
    The environment variables to pass to a container.
    +
    +
       +
    + name + +
    + string +
    +     		when present +
    The name of the environment variable.
    +
    +
       +
    + value + +
    + string +
    +     		when present +
    The value of the environment variable.
    +
    +
      +
    + essential + +
    + boolean +
    +     		always +
    Whether this is an essential container or not.
    +
    +
      +
    + extraHosts + +
    + complex +
    +     		when present +
    A list of hostnames and IP address mappings to append to the /etc/hosts file on the container.
    +
    +
       +
    + hostname + +
    + string +
    +     		when present +
    The hostname to use in the /etc/hosts entry.
    +
    +
       +
    + ipAddress + +
    + string +
    +     		when present +
    The IP address to use in the /etc/hosts entry.
    +
    +
      +
    + hostname + +
    + string +
    +     		when present +
    The hostname to use for your container.
    +
    +
      +
    + image + +
    + string +
    +     		always +
    The image used to start a container.
    +
    +
      +
    + links + +
    + string +
    +     		when present +
    Links to other containers.
    +
    +
      +
    + logConfiguration + +
    + string +
    +     		when present +
    The log configuration specification for the container.
    +
    +
      +
    + memoryReservation + +
    + integer +
    +     		when present +
    The soft limit (in MiB) of memory to reserve for the container.
    +
    +
      +
    + mountPoints + +
    + complex +
    +     		always +
    The mount points for data volumes in your container.
    +
    +
       +
    + containerPath + +
    + string +
    +     		when present +
    The path on the container to mount the host volume at.
    +
    +
       +
    + readOnly + +
    + boolean +
    +     		when present +
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    +
    +
       +
    + sourceVolume + +
    + string +
    +     		when present +
    The name of the volume to mount.
    +
    +
      +
    + name + +
    + string +
    +     		always +
    The name of a container.
    +
    +
      +
    + options + +
    + string +
    +     		when present +
    The configuration options to send to the log driver.
    +
    +
      +
    + portMappings + +
    + complex +
    +     		always +
    The list of port mappings for the container.
    +
    +
       +
    + containerPort + +
    + integer +
    +     		when present +
    The port number on the container.
    +
    +
       +
    + hostPort + +
    + integer +
    +     		when present +
    The port number on the container instance to reserve for your container.
    +
    +
       +
    + protocol + +
    + string +
    +     		when present +
    The protocol used for the port mapping.
    +
    +
      +
    + privileged + +
    + boolean +
    +     		when present +
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
    +
    +
      +
    + readonlyRootFilesystem + +
    + boolean +
    +     		when present +
    When this parameter is true, the container is given read-only access to its root file system.
    +
    +
      +
    + ulimits + +
    + complex +
    +     		when present +
    A list of ulimits to set in the container.
    +
    +
       +
    + hardLimit + +
    + integer +
    +     		when present +
    The hard limit for the ulimit type.
    +
    +
       +
    + name + +
    + string +
    +     		when present +
    The type of the ulimit .
    +
    +
       +
    + softLimit + +
    + integer +
    +     		when present +
    The soft limit for the ulimit type.
    +
    +
      +
    + user + +
    + string +
    +     		when present +
    The user name to use inside the container.
    +
    +
      +
    + volumesFrom + +
    + complex +
    +     		always +
    Data volumes to mount from another container.
    +
    +
       +
    + readOnly + +
    + boolean +
    +     		when present +
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    +
    +
       +
    + sourceContainer + +
    + string +
    +     		when present +
    The name of another container within the same task definition to mount volumes from.
    +
    +
      +
    + workingDirectory + +
    + string +
    +     		when present +
    The working directory in which to run commands inside the container.
    +
    +
    +
    + family + +
    + string +
    +     		always +
    The family of your task definition, used as the definition name
    +
    +
    +
    + network_mode + +
    + string +
    +     		always +
    Network mode for the containers
    +
    +
    +
    + placement_constraints + +
    + complex +
    +     		always +
    A list of placement constraint objects to use for tasks
    +
    +
      +
    + expression + +
    + string +
    +     		when present +
    A cluster query language expression to apply to the constraint.
    +
    +
      +
    + type + +
    + string +
    +     		when present +
    The type of constraint.
    +
    +
    +
    + requires_attributes + +
    + complex +
    +     		when present +
    The container instance attributes required by your task
    +
    +
      +
    + name + +
    + string +
    +     		when present +
    The name of the attribute.
    +
    +
      +
    + targetId + +
    + string +
    +     		when present +
    The ID of the target.
    +
    +
      +
    + targetType + +
    + string +
    +     		when present +
    The type of the target with which to attach the attribute.
    +
    +
      +
    + value + +
    + string +
    +     		when present +
    The value of the attribute.
    +
    +
    +
    + revision + +
    + integer +
    +     		always +
    Revision number that was queried
    +
    +
    +
    + status + +
    + string +
    +     		always +
    The status of the task definition
    +
    +
    +
    + task_definition_arn + +
    + string +
    +     		always +
    ARN of the task definition
    +
    +
    +
    + task_role_arn + +
    + string +
    +     		when role is set +
    The ARN of the IAM role that containers in this task can assume
    +
    +
    +
    + volumes + +
    + complex +
    +     		always +
    The list of volumes in a task
    +
    +
      +
    + host + +
    + boolean +
    +     		when present +
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored.
    +
    +
      +
    + name + +
    + string +
    +     		when present +
    The name of the volume.
    +
    +
      +
    + source_path + +
    + string +
    +     		when present +
    The path on the host container instance that is presented to the container.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Gustavo Maia (@gurumaia) +- Mark Chance (@Java1Guy) +- Darek Kaczynski (@kaczynskid) + + diff --git a/docs/community.aws.ecs_taskdefinition_module.rst b/docs/community.aws.ecs_taskdefinition_module.rst new file mode 100644 index 00000000000..91f569a6c81 --- /dev/null +++ b/docs/community.aws.ecs_taskdefinition_module.rst @@ -0,0 +1,589 @@ +.. _community.aws.ecs_taskdefinition_module: + + +******************************** +community.aws.ecs_taskdefinition +******************************** + +**register a task definition in ecs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Registers or deregisters task definitions in the Amazon Web Services (AWS) EC2 Container Service (ECS). + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- json +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + arn + +
    + string +
    +     		+ +
    The ARN of the task description to delete.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + containers + +
    + list + / elements=string
    +     		+ +
    A list of containers definitions.
    +
    +
    + cpu + +
    + string +
    +     		+ +
    The number of cpu units used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    +
    If using the Fargate launch type, this field is required and you must use one of 256, 512, 1024, 2048, 4096.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + execution_role_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.
    +
    +
    + family + +
    + string +
    +     		+ +
    A Name that would be given to the task definition.
    +
    +
    + force_create + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Always create new task definition.
    +
    +
    + launch_type + +
    + string +
    +     		+
      Choices: +
    • EC2
      • +
    • FARGATE
      • +
    +     		+
    The launch type on which to run your task.
    +
    +
    + memory + +
    + string +
    +     		+ +
    The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    +
    If using the Fargate launch type, this field is required and is limited by the cpu.
    +
    +
    + network_mode + +
    + string +
    +     		+
      Choices: +
    • default
      • +
    • bridge ←
      • +
    • host
      • +
    • none
      • +
    • awsvpc
      • +
    +     		+
    The Docker networking mode to use for the containers in the task.
    +
    awsvpc mode was added in Ansible 2.5
    +
    Windows containers must use network_mode=default, which will utilize docker NAT networking.
    +
    Setting network_mode=default for a Linux container will use bridge mode.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + revision + +
    + integer +
    +     		+ +
    A revision number for the task definition.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    State whether the task definition should exist or be deleted.
    +
    +
    + task_role_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + volumes + +
    + list + / elements=dictionary
    +     		+ +
    A list of names of volumes to be attached.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the volume.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create task definition + community.aws.ecs_taskdefinition: + containers: + - name: simple-app + cpu: 10 + essential: true + image: "httpd:2.4" + memory: 300 + mountPoints: + - containerPath: /usr/local/apache2/htdocs + sourceVolume: my-vol + portMappings: + - containerPort: 80 + hostPort: 80 + logConfiguration: + logDriver: awslogs + options: + awslogs-group: /ecs/test-cluster-taskdef + awslogs-region: us-west-2 + awslogs-stream-prefix: ecs + - name: busybox + command: + - > + /bin/sh -c "while true; do echo 'Amazon ECS Sample App

    Amazon ECS Sample App

    Congratulations! +

    Your application is now running on a container in Amazon ECS.

    ' > top; /bin/date > date ; echo '
    ' > bottom; + cat top date bottom > /usr/local/apache2/htdocs/index.html ; sleep 1; done" + cpu: 10 + entryPoint: + - sh + - "-c" + essential: false + image: busybox + memory: 200 + volumesFrom: + - sourceContainer: simple-app + volumes: + - name: my-vol + family: test-cluster-taskdef + state: present + register: task_output + + - name: Create task definition + community.aws.ecs_taskdefinition: + family: nginx + containers: + - name: nginx + essential: true + image: "nginx" + portMappings: + - containerPort: 8080 + hostPort: 8080 + cpu: 512 + memory: 1024 + state: present + + - name: Create task definition + community.aws.ecs_taskdefinition: + family: nginx + containers: + - name: nginx + essential: true + image: "nginx" + portMappings: + - containerPort: 8080 + hostPort: 8080 + launch_type: FARGATE + cpu: 512 + memory: 1024 + state: present + network_mode: awsvpc + + # Create Task Definition with Environment Variables and Secrets + - name: Create task definition + community.aws.ecs_taskdefinition: + family: nginx + containers: + - name: nginx + essential: true + image: "nginx" + environment: + - name: "PORT" + value: "8080" + secrets: + # For variables stored in Secrets Manager + - name: "NGINX_HOST" + valueFrom: "arn:aws:secretsmanager:us-west-2:123456789012:secret:nginx/NGINX_HOST" + # For variables stored in Parameter Store + - name: "API_KEY" + valueFrom: "arn:aws:ssm:us-west-2:123456789012:parameter/nginx/API_KEY" + launch_type: FARGATE + cpu: 512 + memory: 1GB + state: present + network_mode: awsvpc + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + taskdefinition + +
    + dictionary +
    +     		always +
    a reflection of the input parameters
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chance (@Java1Guy) + + diff --git a/docs/community.aws.efs_info_module.rst b/docs/community.aws.efs_info_module.rst new file mode 100644 index 00000000000..70ad702130c --- /dev/null +++ b/docs/community.aws.efs_info_module.rst @@ -0,0 +1,580 @@ +.. _community.aws.efs_info_module: + + +********************** +community.aws.efs_info +********************** + +**Get information about Amazon EFS file systems** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module can be used to search Amazon EFS file systems. +- This module was called ``efs_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.efs_info ` module no longer returns ``ansible_facts``! + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + id + +
    + string +
    +     		+ +
    ID of Amazon EFS.
    +
    +
    + name + +
    + string +
    +     		+ +
    Creation Token of Amazon EFS file system.
    +

    aliases: creation_token
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    List of tags of Amazon EFS. Should be defined as dictionary.
    +
    +
    + targets + +
    + list + / elements=string
    +     		+ +
    List of targets on which to filter the returned results.
    +
    Result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Find all existing efs + community.aws.efs_info: + register: result + + - name: Find efs using id + community.aws.efs_info: + id: fs-1234abcd + register: result + + - name: Searching all EFS instances with tag Name = 'myTestNameTag', in subnet 'subnet-1a2b3c4d' and with security group 'sg-4d3c2b1a' + community.aws.efs_info: + tags: + Name: myTestNameTag + targets: + - subnet-1a2b3c4d + - sg-4d3c2b1a + register: result + + - debug: + msg: "{{ result['efs'] }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + creation_time + +
    + string +
    +     		always +
    timestamp of creation date
    +
    +
    Sample:
    +
    2015-11-16 07:30:57-05:00
    +
    +
    + creation_token + +
    + string +
    +     		always +
    EFS creation token
    +
    +
    Sample:
    +
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    +
    +
    + file_system_id + +
    + string +
    +     		always +
    ID of the file system
    +
    +
    Sample:
    +
    fs-xxxxxxxx
    +
    +
    + filesystem_address + +
    + string +
    +     		always +
    url of file system
    +
    +
    Sample:
    +
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    +
    +
    + life_cycle_state + +
    + string +
    +     		always +
    state of the EFS file system
    +
    +
    Sample:
    +
    creating, available, deleting, deleted
    +
    +
    + mount_point + +
    + string +
    +     		always +
    url of file system with leading dot from the time AWS EFS required to add network suffix to EFS address
    +
    +
    Sample:
    +
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    +
    +
    + mount_targets + +
    + list +
    +     		always +
    list of mount targets
    +
    +
    Sample:
    +
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    +
    +
    + name + +
    + string +
    +     		always +
    name of the file system
    +
    +
    Sample:
    +
    my-efs
    +
    +
    + number_of_mount_targets + +
    + integer +
    +     		always +
    the number of targets mounted
    +
    +
    Sample:
    +
    3
    +
    +
    + owner_id + +
    + string +
    +     		always +
    AWS account ID of EFS owner
    +
    +
    Sample:
    +
    XXXXXXXXXXXX
    +
    +
    + performance_mode + +
    + string +
    +     		always +
    performance mode of the file system
    +
    +
    Sample:
    +
    generalPurpose
    +
    +
    + provisioned_throughput_in_mibps + +
    + float +
    +     		when botocore >= 1.10.57 and throughput_mode is set to "provisioned" +
    throughput provisioned in Mibps
    +
    +
    Sample:
    +
    15.0
    +
    +
    + size_in_bytes + +
    + dictionary +
    +     		always +
    size of the file system in bytes as of a timestamp
    +
    +
    Sample:
    +
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    +
    +
    + tags + +
    + dictionary +
    +     		always +
    tags on the efs instance
    +
    +
    Sample:
    +
    {'name': 'my-efs', 'key': 'Value'}
    +
    +
    + throughput_mode + +
    + string +
    +     		when botocore >= 1.10.57 +
    mode of throughput for the file system
    +
    +
    Sample:
    +
    bursting
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Sydnor (@ryansydnor) + + diff --git a/docs/community.aws.efs_module.rst b/docs/community.aws.efs_module.rst new file mode 100644 index 00000000000..5ef1d40cb81 --- /dev/null +++ b/docs/community.aws.efs_module.rst @@ -0,0 +1,760 @@ +.. _community.aws.efs_module: + + +***************** +community.aws.efs +***************** + +**create and maintain EFS file systems** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module allows create, search and destroy Amazon EFS file systems. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + encrypt + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If encrypt=true creates an encrypted file system. This can not be modified after the file system is created.
    +
    +
    + id + +
    + string +
    +     		+ +
    ID of Amazon EFS. Either name or ID required for delete.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
    +
    +
    + name + +
    + string +
    +     		+ +
    Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
    +
    +
    + performance_mode + +
    + string +
    +     		+
      Choices: +
    • general_purpose ←
      • +
    • max_io
      • +
    +     		+
    File system's performance mode to use. Only takes effect during creation.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + provisioned_throughput_in_mibps + +
    + float +
    +     		+ +
    If the throughput_mode is provisioned, select the amount of throughput to provisioned in Mibps.
    +
    Requires botocore >= 1.10.57
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Allows to create, search and destroy Amazon EFS file system.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
    +
    +
    + targets + +
    + list + / elements=dictionary
    +     		+ +
    List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: This data may be modified for existing EFS using state 'present' and new list of mount targets.
    +
    +
    + ip_address + +
    + string +
    +     		+ +
    A valid IPv4 address within the address range of the specified subnet.
    +
    +
    + security_groups + +
    + list + / elements=string
    +     		+ +
    List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified
    +
    +
    + subnet_id + +
    + - + / required
    +     		+ +
    The ID of the subnet to add the mount target in.
    +
    +
    + throughput_mode + +
    + string +
    +     		+
      Choices: +
    • bursting
      • +
    • provisioned
      • +
    +     		+
    The throughput_mode for the file system to be created.
    +
    Requires botocore >= 1.10.57
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    0
    +     		+
    How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: EFS provisioning + community.aws.efs: + state: present + name: myTestEFS + tags: + Name: myTestNameTag + purpose: file-storage + targets: + - subnet_id: subnet-748c5d03 + security_groups: [ "sg-1a2b3c4d" ] + + - name: Modifying EFS data + community.aws.efs: + state: present + name: myTestEFS + tags: + name: myAnotherTestTag + targets: + - subnet_id: subnet-7654fdca + security_groups: [ "sg-4c5d6f7a" ] + + - name: Deleting EFS + community.aws.efs: + state: absent + name: myTestEFS + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + creation_time + +
    + string +
    +     		always +
    timestamp of creation date
    +
    +
    Sample:
    +
    2015-11-16 07:30:57-05:00
    +
    +
    + creation_token + +
    + string +
    +     		always +
    EFS creation token
    +
    +
    Sample:
    +
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    +
    +
    + file_system_id + +
    + string +
    +     		always +
    ID of the file system
    +
    +
    Sample:
    +
    fs-xxxxxxxx
    +
    +
    + filesystem_address + +
    + string +
    +     		always +
    url of file system valid for use with mount
    +
    +
    Sample:
    +
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    +
    +
    + life_cycle_state + +
    + string +
    +     		always +
    state of the EFS file system
    +
    +
    Sample:
    +
    creating, available, deleting, deleted
    +
    +
    + mount_point + +
    + string +
    +     		always +
    url of file system with leading dot from the time when AWS EFS required to add a region suffix to the address
    +
    +
    Sample:
    +
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    +
    +
    + mount_targets + +
    + list +
    +     		always +
    list of mount targets
    +
    +
    Sample:
    +
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    +
    +
    + name + +
    + string +
    +     		always +
    name of the file system
    +
    +
    Sample:
    +
    my-efs
    +
    +
    + number_of_mount_targets + +
    + integer +
    +     		always +
    the number of targets mounted
    +
    +
    Sample:
    +
    3
    +
    +
    + owner_id + +
    + string +
    +     		always +
    AWS account ID of EFS owner
    +
    +
    Sample:
    +
    XXXXXXXXXXXX
    +
    +
    + performance_mode + +
    + string +
    +     		always +
    performance mode of the file system
    +
    +
    Sample:
    +
    generalPurpose
    +
    +
    + size_in_bytes + +
    + dictionary +
    +     		always +
    size of the file system in bytes as of a timestamp
    +
    +
    Sample:
    +
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    +
    +
    + tags + +
    + dictionary +
    +     		always +
    tags on the efs instance
    +
    +
    Sample:
    +
    {'name': 'my-efs', 'key': 'Value'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Sydnor (@ryansydnor) +- Artem Kazakov (@akazakov) + + diff --git a/docs/community.aws.elasticache_info_module.rst b/docs/community.aws.elasticache_info_module.rst new file mode 100644 index 00000000000..1ccb64c9b55 --- /dev/null +++ b/docs/community.aws.elasticache_info_module.rst @@ -0,0 +1,917 @@ +.. _community.aws.elasticache_info_module: + + +****************************** +community.aws.elasticache_info +****************************** + +**Retrieve information for AWS ElastiCache clusters** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve information from AWS ElastiCache clusters +- This module was called ``elasticache_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of an ElastiCache cluster.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: obtain all ElastiCache information + community.aws.elasticache_info: + + - name: obtain all information for a single ElastiCache cluster + community.aws.elasticache_info: + name: test_elasticache + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + elasticache_clusters + +
    + complex +
    +     		always +
    List of ElastiCache clusters
    +
    +
      +
    + auto_minor_version_upgrade + +
    + boolean +
    +     		always +
    Whether to automatically upgrade to minor versions
    +
    +
    Sample:
    +
    True
    +
      +
    + cache_cluster_create_time + +
    + string +
    +     		always +
    Date and time cluster was created
    +
    +
    Sample:
    +
    2017-09-15T05:43:46.038000+00:00
    +
      +
    + cache_cluster_id + +
    + string +
    +     		always +
    ID of the cache cluster
    +
    +
    Sample:
    +
    abcd-1234-001
    +
      +
    + cache_cluster_status + +
    + string +
    +     		always +
    Status of ElastiCache cluster
    +
    +
    Sample:
    +
    available
    +
      +
    + cache_node_type + +
    + string +
    +     		always +
    Instance type of ElastiCache nodes
    +
    +
    Sample:
    +
    cache.t2.micro
    +
      +
    + cache_nodes + +
    + complex +
    +     		always +
    List of ElastiCache nodes in the cluster
    +
    +
       +
    + cache_node_create_time + +
    + string +
    +     		always +
    Date and time node was created
    +
    +
    Sample:
    +
    2017-09-15T05:43:46.038000+00:00
    +
       +
    + cache_node_id + +
    + string +
    +     		always +
    ID of the cache node
    +
    +
    Sample:
    +
    0001
    +
       +
    + cache_node_status + +
    + string +
    +     		always +
    Status of the cache node
    +
    +
    Sample:
    +
    available
    +
       +
    + customer_availability_zone + +
    + string +
    +     		always +
    Availability Zone in which the cache node was created
    +
    +
    Sample:
    +
    ap-southeast-2b
    +
       +
    + endpoint + +
    + complex +
    +     		always +
    Connection details for the cache node
    +
    +
        +
    + address + +
    + string +
    +     		always +
    URL of the cache node endpoint
    +
    +
    Sample:
    +
    abcd-1234-001.bgiz2p.0001.apse2.cache.amazonaws.com
    +
        +
    + port + +
    + integer +
    +     		always +
    Port of the cache node endpoint
    +
    +
    Sample:
    +
    6379
    +
       +
    + parameter_group_status + +
    + string +
    +     		always +
    Status of the Cache Parameter Group
    +
    +
    Sample:
    +
    in-sync
    +
      +
    + cache_parameter_group + +
    + complex +
    +     		always +
    Contents of the Cache Parameter Group
    +
    +
       +
    + cache_node_ids_to_reboot + +
    + list +
    +     		always +
    Cache nodes which need to be rebooted for parameter changes to be applied
    +
    +
       +
    + cache_parameter_group_name + +
    + string +
    +     		always +
    Name of the cache parameter group
    +
    +
    Sample:
    +
    default.redis3.2
    +
       +
    + parameter_apply_status + +
    + string +
    +     		always +
    Status of parameter updates
    +
    +
    Sample:
    +
    in-sync
    +
      +
    + cache_security_groups + +
    + list +
    +     		always +
    Security Groups used by the cache
    +
    +
    Sample:
    +
    ['sg-abcd1234']
    +
      +
    + cache_subnet_group_name + +
    + string +
    +     		always +
    ElastiCache Subnet Group used by the cache
    +
    +
    Sample:
    +
    abcd-subnet-group
    +
      +
    + client_download_landing_page + +
    + string +
    +     		always +
    URL of client download web page
    +
    +
    Sample:
    +
    https://console.aws.amazon.com/elasticache/home#client-download:
    +
      +
    + engine + +
    + string +
    +     		always +
    Engine used by ElastiCache
    +
    +
    Sample:
    +
    redis
    +
      +
    + engine_version + +
    + string +
    +     		always +
    Version of ElastiCache engine
    +
    +
    Sample:
    +
    3.2.4
    +
      +
    + notification_configuration + +
    + complex +
    +     		if notifications are enabled +
    Configuration of notifications
    +
    +
       +
    + topic_arn + +
    + string +
    +     		if notifications are enabled +
    ARN of notification destination topic
    +
    +
    Sample:
    +
    arn:aws:sns:*:123456789012:my_topic
    +
       +
    + topic_name + +
    + string +
    +     		if notifications are enabled +
    Name of notification destination topic
    +
    +
    Sample:
    +
    MyTopic
    +
      +
    + num_cache_nodes + +
    + integer +
    +     		always +
    Number of Cache Nodes
    +
    +
    Sample:
    +
    1
    +
      +
    + pending_modified_values + +
    + complex +
    +     		always +
    Values that are pending modification
    +
    +
      +
    + preferred_availability_zone + +
    + string +
    +     		always +
    Preferred Availability Zone
    +
    +
    Sample:
    +
    ap-southeast-2b
    +
      +
    + preferred_maintenance_window + +
    + string +
    +     		always +
    Time slot for preferred maintenance window
    +
    +
    Sample:
    +
    sat:12:00-sat:13:00
    +
      +
    + replication_group_id + +
    + string +
    +     		always +
    Replication Group Id
    +
    +
    Sample:
    +
    replication-001
    +
      +
    + security_groups + +
    + complex +
    +     		always +
    List of Security Groups associated with ElastiCache
    +
    +
       +
    + security_group_id + +
    + string +
    +     		always +
    Security Group ID
    +
    +
    Sample:
    +
    sg-abcd1234
    +
       +
    + status + +
    + string +
    +     		always +
    Status of Security Group
    +
    +
    Sample:
    +
    active
    +
      +
    + tags + +
    + complex +
    +     		always +
    Tags applied to the ElastiCache cluster
    +
    +
    Sample:
    +
    {'Application': 'web', 'Environment': 'test'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + diff --git a/docs/community.aws.elasticache_module.rst b/docs/community.aws.elasticache_module.rst new file mode 100644 index 00000000000..264fd43bfef --- /dev/null +++ b/docs/community.aws.elasticache_module.rst @@ -0,0 +1,486 @@ +.. _community.aws.elasticache_module: + + +************************* +community.aws.elasticache +************************* + +**Manage cache clusters in Amazon ElastiCache** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage cache clusters in Amazon ElastiCache. +- Returns information about the specified cache cluster. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cache_engine_version + +
    + string +
    +     		+ +
    The version number of the cache engine.
    +
    +
    + cache_parameter_group + +
    + string +
    +     		+ +
    The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.
    +

    aliases: parameter_group
    +
    +
    + cache_port + +
    + integer +
    +     		+ +
    The port number on which each of the cache nodes will accept connections.
    +
    +
    + cache_security_groups + +
    + list + / elements=string
    +     		+ +
    A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
    +
    +
    + cache_subnet_group + +
    + string +
    +     		+ +
    The subnet group name to associate with. Only use if inside a vpc.
    +
    Required if inside a vpc
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + engine + +
    + string +
    +     		+ Default:
    "memcached"
    +     		+
    Name of the cache engine to be used.
    +
    Supported values are redis and memcached.
    +
    +
    + hard_modify + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The cache cluster identifier.
    +
    +
    + node_type + +
    + string +
    +     		+ Default:
    "cache.t2.small"
    +     		+
    The compute and memory capacity of the nodes in the cache cluster.
    +
    +
    + num_nodes + +
    + integer +
    +     		+ Default:
    1
    +     		+
    The initial number of cache nodes that the cache cluster will have.
    +
    Required when state=present.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_group_ids + +
    + list + / elements=string
    +     		+ +
    A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • rebooted
      • +
    +     		+
    absent or present are idempotent actions that will create or destroy a cache cluster as needed.
    +
    rebooted will reboot the cluster, resulting in a momentary outage.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for cache cluster result before returning.
    +
    +
    + zone + +
    + string +
    +     		+ +
    The EC2 Availability Zone in which the cache cluster will be created.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + - name: Basic example + community.aws.elasticache: + name: "test-please-delete" + state: present + engine: memcached + cache_engine_version: 1.4.14 + node_type: cache.m1.small + num_nodes: 1 + cache_port: 11211 + cache_security_groups: + - default + zone: us-east-1d + + + - name: Ensure cache cluster is gone + community.aws.elasticache: + name: "test-please-delete" + state: absent + + - name: Reboot cache cluster + community.aws.elasticache: + name: "test-please-delete" + state: rebooted + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jim Dalton (@jsdalton) + + diff --git a/docs/community.aws.elasticache_parameter_group_module.rst b/docs/community.aws.elasticache_parameter_group_module.rst new file mode 100644 index 00000000000..87c32316aea --- /dev/null +++ b/docs/community.aws.elasticache_parameter_group_module.rst @@ -0,0 +1,394 @@ +.. _community.aws.elasticache_parameter_group_module: + + +***************************************** +community.aws.elasticache_parameter_group +***************************************** + +**Manage cache parameter groups in Amazon ElastiCache.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage cache security groups in Amazon ElastiCache. +- Returns information about the specified cache cluster. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A user-specified description for the cache parameter group.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + group_family + +
    + string +
    +     		+
      Choices: +
    • memcached1.4
      • +
    • memcached1.5
      • +
    • redis2.6
      • +
    • redis2.8
      • +
    • redis3.2
      • +
    • redis4.0
      • +
    • redis5.0
      • +
    +     		+
    The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    A user-specified name for the cache parameter group.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • reset
      • +
    +     		+
    Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + values + +
    + dictionary +
    +     		+ +
    A user-specified dictionary of parameters to reset or modify for the cache parameter group.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + --- + - hosts: localhost + connection: local + tasks: + - name: 'Create a test parameter group' + community.aws.elasticache_parameter_group: + name: 'test-param-group' + group_family: 'redis3.2' + description: 'This is a cache parameter group' + state: 'present' + - name: 'Modify a test parameter group' + community.aws.elasticache_parameter_group: + name: 'test-param-group' + values: + activerehashing: yes + client-output-buffer-limit-normal-hard-limit: 4 + state: 'present' + - name: 'Reset all modifiable parameters for the test parameter group' + community.aws.elasticache_parameter_group: + name: 'test-param-group' + state: reset + - name: 'Delete a test parameter group' + community.aws.elasticache_parameter_group: + name: 'test-param-group' + state: 'absent' + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    if the cache parameter group has changed
    +
    +
    Sample:
    +
    {'changed': True}
    +
    +
    + elasticache + +
    + dictionary +
    +     		always +
    cache parameter group information and response metadata
    +
    +
    Sample:
    +
    {'cache_parameter_group': {'cache_parameter_group_family': 'redis3.2', 'cache_parameter_group_name': 'test-please-delete', 'description': 'initial description'}, 'response_metadata': {'http_headers': {'content-length': '562', 'content-type': 'text/xml', 'date': 'Mon, 06 Feb 2017 22:14:08 GMT', 'x-amzn-requestid': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1'}, 'http_status_code': 200, 'request_id': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1', 'retry_attempts': 0}}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.elasticache_snapshot_module.rst b/docs/community.aws.elasticache_snapshot_module.rst new file mode 100644 index 00000000000..93841ae3b73 --- /dev/null +++ b/docs/community.aws.elasticache_snapshot_module.rst @@ -0,0 +1,399 @@ +.. _community.aws.elasticache_snapshot_module: + + +********************************** +community.aws.elasticache_snapshot +********************************** + +**Manage cache snapshots in Amazon ElastiCache** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage cache snapshots in Amazon ElastiCache. +- Returns information about the specified snapshot. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bucket + +
    + string +
    +     		+ +
    The s3 bucket to which the snapshot is exported.
    +
    +
    + cluster_id + +
    + string +
    +     		+ +
    The name of an existing cache cluster in the replication group to make the snapshot.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the snapshot we want to create, copy, delete.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + replication_id + +
    + string +
    +     		+ +
    The name of the existing replication group to make the snapshot.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • copy
      • +
    +     		+
    Actions that will create, destroy, or copy a snapshot.
    +
    +
    + target + +
    + string +
    +     		+ +
    The name of a snapshot copy.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + - name: 'Create a snapshot' + community.aws.elasticache_snapshot: + name: 'test-snapshot' + state: 'present' + cluster_id: '{{ cluster }}' + replication_id: '{{ replication }}' + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    if a snapshot has been created, deleted, or copied
    +
    +
    Sample:
    +
    {'changed': True}
    +
    +
    + response_metadata + +
    + dictionary +
    +     		always +
    response metadata about the snapshot
    +
    +
    Sample:
    +
    {'http_headers': {'content-length': 1490, 'content-type': 'text/xml', 'date': 'Tue, 07 Feb 2017 16:43:04 GMT', 'x-amzn-requestid': '7f436dea-ed54-11e6-a04c-ab2372a1f14d'}, 'http_status_code': 200, 'request_id': '7f436dea-ed54-11e6-a04c-ab2372a1f14d', 'retry_attempts': 0}
    +
    +
    + snapshot + +
    + dictionary +
    +     		always +
    snapshot data
    +
    +
    Sample:
    +
    {'auto_minor_version_upgrade': True, 'cache_cluster_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_cluster_id': 'test-please-delete', 'cache_node_type': 'cache.m1.small', 'cache_parameter_group_name': 'default.redis3.2', 'cache_subnet_group_name': 'default', 'engine': 'redis', 'engine_version': '3.2.4', 'node_snapshots': {'cache_node_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_node_id': 1, 'cache_size': None}, 'num_cache_nodes': 1, 'port': 11211, 'preferred_availability_zone': 'us-east-1d', 'preferred_maintenance_window': 'wed:03:00-wed:04:00', 'snapshot_name': 'deletesnapshot', 'snapshot_retention_limit': 0, 'snapshot_source': 'manual', 'snapshot_status': 'creating', 'snapshot_window': '10:00-11:00', 'vpc_id': 'vpc-c248fda4'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.elasticache_subnet_group_module.rst b/docs/community.aws.elasticache_subnet_group_module.rst new file mode 100644 index 00000000000..9a788bdcaea --- /dev/null +++ b/docs/community.aws.elasticache_subnet_group_module.rst @@ -0,0 +1,303 @@ +.. _community.aws.elasticache_subnet_group_module: + + +************************************** +community.aws.elasticache_subnet_group +************************************** + +**manage ElastiCache subnet groups** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, modifies, and deletes ElastiCache subnet groups. This module has a dependency on python-boto >= 2.5. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    ElastiCache subnet group description. Only set when a new group is added.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Database subnet group identifier.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the subnet should be present or absent.
    +
    +
    + subnets + +
    + list + / elements=string
    +     		+ +
    List of subnet IDs that make up the ElastiCache subnet group.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Add or change a subnet group + community.aws.elasticache_subnet_group: + state: present + name: norwegian-blue + description: My Fancy Ex Parrot Subnet Group + subnets: + - subnet-aaaaaaaa + - subnet-bbbbbbbb + + - name: Remove a subnet group + community.aws.elasticache_subnet_group: + state: absent + name: norwegian-blue + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Tim Mahoney (@timmahoney) + + diff --git a/docs/community.aws.elb_application_lb_info_module.rst b/docs/community.aws.elb_application_lb_info_module.rst new file mode 100644 index 00000000000..1efd5604f84 --- /dev/null +++ b/docs/community.aws.elb_application_lb_info_module.rst @@ -0,0 +1,636 @@ +.. _community.aws.elb_application_lb_info_module: + + +************************************* +community.aws.elb_application_lb_info +************************************* + +**Gather information about application ELBs in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about application ELBs in AWS +- This module was called ``elb_application_lb_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + load_balancer_arns + +
    + list +
    +     		+ +
    The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
    +
    +
    + names + +
    + list +
    +     		+ +
    The names of the load balancers.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all target groups + community.aws.elb_application_lb_info: + + - name: Gather information about the target group attached to a particular ELB + community.aws.elb_application_lb_info: + load_balancer_arns: + - "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" + + - name: Gather information about a target groups named 'tg1' and 'tg2' + community.aws.elb_application_lb_info: + names: + - elb1 + - elb2 + + - name: Gather information about specific ALB + community.aws.elb_application_lb_info: + names: "alb-name" + region: "aws-region" + register: alb_info + - debug: + var: alb_info + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + load_balancers + +
    + complex +
    +     		always +
    a list of load balancers
    +
    +
      +
    + access_logs_s3_bucket + +
    + string +
    +     		when status is present +
    The name of the S3 bucket for the access logs.
    +
    +
    Sample:
    +
    mys3bucket
    +
      +
    + access_logs_s3_enabled + +
    + string +
    +     		when status is present +
    Indicates whether access logs stored in Amazon S3 are enabled.
    +
    +
    Sample:
    +
    True
    +
      +
    + access_logs_s3_prefix + +
    + string +
    +     		when status is present +
    The prefix for the location in the S3 bucket.
    +
    +
    Sample:
    +
    /my/logs
    +
      +
    + availability_zones + +
    + list +
    +     		when status is present +
    The Availability Zones for the load balancer.
    +
    +
    Sample:
    +
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    +
      +
    + canonical_hosted_zone_id + +
    + string +
    +     		when status is present +
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    +
    +
    Sample:
    +
    ABCDEF12345678
    +
      +
    + created_time + +
    + string +
    +     		when status is present +
    The date and time the load balancer was created.
    +
    +
    Sample:
    +
    2015-02-12T02:14:02+00:00
    +
      +
    + deletion_protection_enabled + +
    + string +
    +     		when status is present +
    Indicates whether deletion protection is enabled.
    +
    +
    Sample:
    +
    True
    +
      +
    + dns_name + +
    + string +
    +     		when status is present +
    The public DNS name of the load balancer.
    +
    +
    Sample:
    +
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    +
      +
    + idle_timeout_timeout_seconds + +
    + string +
    +     		when status is present +
    The idle timeout value, in seconds.
    +
    +
    Sample:
    +
    60
    +
      +
    + ip_address_type + +
    + string +
    +     		when status is present +
    The type of IP addresses used by the subnets for the load balancer.
    +
    +
    Sample:
    +
    ipv4
    +
      +
    + load_balancer_arn + +
    + string +
    +     		when status is present +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    +
      +
    + load_balancer_name + +
    + string +
    +     		when status is present +
    The name of the load balancer.
    +
    +
    Sample:
    +
    my-elb
    +
      +
    + scheme + +
    + string +
    +     		when status is present +
    Internet-facing or internal load balancer.
    +
    +
    Sample:
    +
    internal
    +
      +
    + security_groups + +
    + list +
    +     		when status is present +
    The IDs of the security groups for the load balancer.
    +
    +
    Sample:
    +
    ['sg-0011223344']
    +
      +
    + state + +
    + dictionary +
    +     		when status is present +
    The state of the load balancer.
    +
    +
    Sample:
    +
    {'code': 'active'}
    +
      +
    + tags + +
    + dictionary +
    +     		when status is present +
    The tags attached to the load balancer.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    +
      +
    + type + +
    + string +
    +     		when status is present +
    The type of load balancer.
    +
    +
    Sample:
    +
    application
    +
      +
    + vpc_id + +
    + string +
    +     		when status is present +
    The ID of the VPC for the load balancer.
    +
    +
    Sample:
    +
    vpc-0011223344
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.elb_application_lb_module.rst b/docs/community.aws.elb_application_lb_module.rst new file mode 100644 index 00000000000..b0bca5d3711 --- /dev/null +++ b/docs/community.aws.elb_application_lb_module.rst @@ -0,0 +1,1386 @@ +.. _community.aws.elb_application_lb_module: + + +******************************** +community.aws.elb_application_lb +******************************** + +**Manage an Application load balancer** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Application Elastic Load Balancer. See https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/ for details. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + access_logs_enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to enable access logs.
    +
    When set, access_logs_s3_bucket must also be set.
    +
    +
    + access_logs_s3_bucket + +
    + string +
    +     		+ +
    The name of the S3 bucket for the access logs.
    +
    The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
    +
    Required if access logs in Amazon S3 are enabled.
    +
    When set, access_logs_enabled must also be set.
    +
    +
    + access_logs_s3_prefix + +
    + string +
    +     		+ +
    The prefix for the log location in the S3 bucket.
    +
    If you don't specify a prefix, the access logs are stored in the root of the bucket.
    +
    Cannot begin or end with a slash.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + deletion_protection + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether deletion protection for the ELB is enabled.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + http2 + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether to enable HTTP2 routing.
    +
    +
    + idle_timeout + +
    + integer +
    +     		+ +
    The number of seconds to wait before an idle connection is closed.
    +
    +
    + listeners + +
    + list +
    +     		+ +
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    +
    +
    + Certificates + +
    + list +
    +     		+ +
    The SSL server certificate.
    +
    +
    + CertificateArn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the certificate.
    +
    +
    + DefaultActions + +
    + list + / required
    +     		+ +
    The default actions for the listener.
    +
    +
    + TargetGroupArn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    + Type + +
    + string +
    +     		+ +
    The type of action.
    +
    +
    + Port + +
    + integer + / required
    +     		+ +
    The port on which the load balancer is listening.
    +
    +
    + Protocol + +
    + string + / required
    +     		+ +
    The protocol for connections from clients to the load balancer.
    +
    +
    + Rules + +
    + list +
    +     		+ +
    A list of ALB Listener Rules.
    +
    For the complete documentation of possible Conditions and Actions please see the boto3 documentation:
    +
    https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_rule
    +
    +
    + Actions + +
    + list +
    +     		+ +
    Actions to apply if all of the rule's conditions are met.
    +
    +
    + Conditions + +
    + list +
    +     		+ +
    Conditions which must be met for the actions to be applied.
    +
    +
    + Priority + +
    + integer +
    +     		+ +
    The rule priority.
    +
    +
    + SslPolicy + +
    + string +
    +     		+ +
    The security policy that defines which ciphers and protocols are supported.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_listeners + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
    +
    +
    + purge_rules + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + scheme + +
    + string +
    +     		+
      Choices: +
    • internet-facing ←
      • +
    • internal
      • +
    +     		+
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    +
    +
    + security_groups + +
    + list +
    +     		+ Default:
    []
    +     		+
    A list of the names or IDs of the security groups to assign to the load balancer.
    +
    Required if state=present.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or destroy the load balancer.
    +
    +
    + subnets + +
    + list +
    +     		+ +
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    +
    Required if state=present.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of one or more tags to assign to the load balancer.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ +
    The time in seconds to use in conjunction with wait.
    +
    +
    + + +Notes +----- + +.. note:: + - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. + - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Create an ELB and attach a listener + - community.aws.elb_application_lb: + name: myelb + security_groups: + - sg-12345678 + - my-sec-group + subnets: + - subnet-012345678 + - subnet-abcdef000 + listeners: + - Protocol: HTTP # Required. The protocol for connections from clients to the load balancer (HTTP or HTTPS) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + # The security policy that defines which ciphers and protocols are supported. The default is the current predefined security policy. + SslPolicy: ELBSecurityPolicy-2015-05 + Certificates: # The ARN of the certificate (only one certficate ARN should be provided) + - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com + DefaultActions: + - Type: forward # Required. + TargetGroupName: # Required. The name of the target group + state: present + + # Create an ELB and attach a listener with logging enabled + - community.aws.elb_application_lb: + access_logs_enabled: yes + access_logs_s3_bucket: mybucket + access_logs_s3_prefix: "logs" + name: myelb + security_groups: + - sg-12345678 + - my-sec-group + subnets: + - subnet-012345678 + - subnet-abcdef000 + listeners: + - Protocol: HTTP # Required. The protocol for connections from clients to the load balancer (HTTP or HTTPS) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + # The security policy that defines which ciphers and protocols are supported. The default is the current predefined security policy. + SslPolicy: ELBSecurityPolicy-2015-05 + Certificates: # The ARN of the certificate (only one certficate ARN should be provided) + - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com + DefaultActions: + - Type: forward # Required. + TargetGroupName: # Required. The name of the target group + state: present + + # Create an ALB with listeners and rules + - community.aws.elb_application_lb: + name: test-alb + subnets: + - subnet-12345678 + - subnet-87654321 + security_groups: + - sg-12345678 + scheme: internal + listeners: + - Protocol: HTTPS + Port: 443 + DefaultActions: + - Type: forward + TargetGroupName: test-target-group + Certificates: + - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com + SslPolicy: ELBSecurityPolicy-2015-05 + Rules: + - Conditions: + - Field: path-pattern + Values: + - '/test' + Priority: '1' + Actions: + - TargetGroupName: test-target-group + Type: forward + - Conditions: + - Field: path-pattern + Values: + - "/redirect-path/*" + Priority: '2' + Actions: + - Type: redirect + RedirectConfig: + Host: "#{host}" + Path: "/example/redir" # or /#{path} + Port: "#{port}" + Protocol: "#{protocol}" + Query: "#{query}" + StatusCode: "HTTP_302" # or HTTP_301 + - Conditions: + - Field: path-pattern + Values: + - "/fixed-response-path/" + Priority: '3' + Actions: + - Type: fixed-response + FixedResponseConfig: + ContentType: "text/plain" + MessageBody: "This is the page you're looking for" + StatusCode: "200" + - Conditions: + - Field: host-header + Values: + - "hostname.domain.com" + - "alternate.domain.com" + Priority: '4' + Actions: + - TargetGroupName: test-target-group + Type: forward + state: present + + # Remove an ELB + - community.aws.elb_application_lb: + name: myelb + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + access_logs_s3_bucket + +
    + string +
    +     		when state is present +
    The name of the S3 bucket for the access logs.
    +
    +
    Sample:
    +
    mys3bucket
    +
    +
    + access_logs_s3_enabled + +
    + string +
    +     		when state is present +
    Indicates whether access logs stored in Amazon S3 are enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + access_logs_s3_prefix + +
    + string +
    +     		when state is present +
    The prefix for the location in the S3 bucket.
    +
    +
    Sample:
    +
    my/logs
    +
    +
    + availability_zones + +
    + list +
    +     		when state is present +
    The Availability Zones for the load balancer.
    +
    +
    Sample:
    +
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    +
    +
    + canonical_hosted_zone_id + +
    + string +
    +     		when state is present +
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    +
    +
    Sample:
    +
    ABCDEF12345678
    +
    +
    + created_time + +
    + string +
    +     		when state is present +
    The date and time the load balancer was created.
    +
    +
    Sample:
    +
    2015-02-12T02:14:02+00:00
    +
    +
    + deletion_protection_enabled + +
    + string +
    +     		when state is present +
    Indicates whether deletion protection is enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + dns_name + +
    + string +
    +     		when state is present +
    The public DNS name of the load balancer.
    +
    +
    Sample:
    +
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    +
    +
    + idle_timeout_timeout_seconds + +
    + integer +
    +     		when state is present +
    The idle timeout value, in seconds.
    +
    +
    Sample:
    +
    60
    +
    +
    + ip_address_type + +
    + string +
    +     		when state is present +
    The type of IP addresses used by the subnets for the load balancer.
    +
    +
    Sample:
    +
    ipv4
    +
    +
    + listeners + +
    + complex +
    +     		when state is present +
    Information about the listeners.
    +
    +
      +
    + certificates + +
    + complex +
    +     		when state is present +
    The SSL server certificate.
    +
    +
       +
    + certificate_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the certificate.
    +
    +
      +
    + default_actions + +
    + string +
    +     		when state is present +
    The default actions for the listener.
    +
    +
       +
    + target_group_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
       +
    + type + +
    + string +
    +     		when state is present +
    The type of action.
    +
    +
      +
    + listener_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the listener.
    +
    +
      +
    + load_balancer_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
      +
    + port + +
    + integer +
    +     		when state is present +
    The port on which the load balancer is listening.
    +
    +
    Sample:
    +
    80
    +
      +
    + protocol + +
    + string +
    +     		when state is present +
    The protocol for connections from clients to the load balancer.
    +
    +
    Sample:
    +
    HTTPS
    +
      +
    + ssl_policy + +
    + string +
    +     		when state is present +
    The security policy that defines which ciphers and protocols are supported.
    +
    +
    +
    + load_balancer_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    +
    +
    + load_balancer_name + +
    + string +
    +     		when state is present +
    The name of the load balancer.
    +
    +
    Sample:
    +
    my-elb
    +
    +
    + routing_http2_enabled + +
    + string +
    +     		when state is present +
    Indicates whether HTTP/2 is enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + scheme + +
    + string +
    +     		when state is present +
    Internet-facing or internal load balancer.
    +
    +
    Sample:
    +
    internal
    +
    +
    + security_groups + +
    + list +
    +     		when state is present +
    The IDs of the security groups for the load balancer.
    +
    +
    Sample:
    +
    ['sg-0011223344']
    +
    +
    + state + +
    + dictionary +
    +     		when state is present +
    The state of the load balancer.
    +
    +
    Sample:
    +
    {'code': 'active'}
    +
    +
    + tags + +
    + dictionary +
    +     		when state is present +
    The tags attached to the load balancer.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    +
    +
    + type + +
    + string +
    +     		when state is present +
    The type of load balancer.
    +
    +
    Sample:
    +
    application
    +
    +
    + vpc_id + +
    + string +
    +     		when state is present +
    The ID of the VPC for the load balancer.
    +
    +
    Sample:
    +
    vpc-0011223344
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.elb_classic_lb_info_module.rst b/docs/community.aws.elb_classic_lb_info_module.rst new file mode 100644 index 00000000000..8985f283859 --- /dev/null +++ b/docs/community.aws.elb_classic_lb_info_module.rst @@ -0,0 +1,307 @@ +.. _community.aws.elb_classic_lb_info_module: + + +********************************* +community.aws.elb_classic_lb_info +********************************* + +**Gather information about EC2 Elastic Load Balancers in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about EC2 Elastic Load Balancers in AWS +- This module was called ``elb_classic_lb_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + names + +
    + list +
    +     		+ +
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Output format tries to match amazon.aws.ec2_elb_lb module input parameters + + # Gather information about all ELBs + - community.aws.elb_classic_lb_info: + register: elb_info + + - debug: + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + # Gather information about a particular ELB + - community.aws.elb_classic_lb_info: + names: frontend-prod-elb + register: elb_info + + - debug: + msg: "{{ elb_info.elbs.0.dns_name }}" + + # Gather information about a set of ELBs + - community.aws.elb_classic_lb_info: + names: + - frontend-prod-elb + - backend-prod-elb + register: elb_info + + - debug: + msg: "{{ item.dns_name }}" + loop: "{{ elb_info.elbs }}" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + elbs + +
    + list +
    +     		always +
    a list of load balancers
    +
    +
    Sample:
    +
    {'elbs': [{'attributes': {'access_log': {'enabled': False}, 'connection_draining': {'enabled': True, 'timeout': 300}, 'connection_settings': {'idle_timeout': 60}, 'cross_zone_load_balancing': {'enabled': True}}, 'availability_zones': ['us-east-1a', 'us-east-1b', 'us-east-1c', 'us-east-1d', 'us-east-1e'], 'backend_server_description': [], 'canonical_hosted_zone_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'canonical_hosted_zone_name_id': 'XXXXXXXXXXXXXX', 'created_time': '2017-08-23T18:25:03.280000+00:00', 'dns_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'health_check': {'healthy_threshold': 10, 'interval': 30, 'target': 'HTTP:80/index.html', 'timeout': 5, 'unhealthy_threshold': 2}, 'instances': [], 'instances_inservice': [], 'instances_inservice_count': 0, 'instances_outofservice': [], 'instances_outofservice_count': 0, 'instances_unknownservice': [], 'instances_unknownservice_count': 0, 'listener_descriptions': [{'listener': {'instance_port': 80, 'instance_protocol': 'HTTP', 'load_balancer_port': 80, 'protocol': 'HTTP'}, 'policy_names': []}], 'load_balancer_name': 'test-lb', 'policies': {'app_cookie_stickiness_policies': [], 'lb_cookie_stickiness_policies': [], 'other_policies': []}, 'scheme': 'internet-facing', 'security_groups': ['sg-29d13055'], 'source_security_group': {'group_name': 'default', 'owner_alias': 'XXXXXXXXXXXX'}, 'subnets': ['subnet-XXXXXXXX', 'subnet-XXXXXXXX'], 'tags': {}, 'vpc_id': 'vpc-c248fda4'}]}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael Schultz (@mjschultz) +- Fernando Jose Pando (@nand0p) + + diff --git a/docs/community.aws.elb_classic_lb_module.rst b/docs/community.aws.elb_classic_lb_module.rst new file mode 100644 index 00000000000..5ff27670508 --- /dev/null +++ b/docs/community.aws.elb_classic_lb_module.rst @@ -0,0 +1,809 @@ +.. _community.aws.elb_classic_lb_module: + + +**************************** +community.aws.elb_classic_lb +**************************** + +**Creates or destroys Amazon ELB.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Returns information about the load balancer. +- Will be marked changed when called only if state is changed. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + access_logs + +
    + dictionary +
    +     		+ +
    An associative array of access logs configuration settings (see example)
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + connection_draining_timeout + +
    + integer +
    +     		+ +
    Wait a specified timeout allowing connections to drain before terminating an instance
    +
    +
    + cross_az_load_balancing + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Distribute load across all configured Availability Zones
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + health_check + +
    + dictionary +
    +     		+ +
    An associative array of health check configuration settings (see example)
    +
    +
    + idle_timeout + +
    + integer +
    +     		+ +
    ELB connections from clients and to servers are timed out after this amount of time
    +
    +
    + instance_ids + +
    + list +
    +     		+ +
    List of instance ids to attach to this ELB
    +
    +
    + listeners + +
    + list +
    +     		+ +
    List of ports/protocols for this ELB to listen on (see example)
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the ELB
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_instance_ids + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing instance ids on ELB that are not found in instance_ids
    +
    +
    + purge_listeners + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Purge existing listeners on ELB that are not found in listeners
    +
    +
    + purge_subnets + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing subnet on ELB that are not found in subnets
    +
    +
    + purge_zones + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing availability zones on ELB that are not found in zones
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + scheme + +
    + string +
    +     		+
      Choices: +
    • internal
      • +
    • internet-facing ←
      • +
    +     		+
    The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
    +
    +
    + security_group_ids + +
    + list +
    +     		+ +
    A list of security groups to apply to the elb
    +
    +
    + security_group_names + +
    + list +
    +     		+ +
    A list of security group names to apply to the elb
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or destroy the ELB
    +
    +
    + stickiness + +
    + dictionary +
    +     		+ +
    An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
    +
    +
    + subnets + +
    + list +
    +     		+ +
    A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    An associative array of tags. To delete all tags, supply an empty dict.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    60
    +     		+
    Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
    +
    +
    + zones + +
    + list +
    +     		+ +
    List of availability zones to enable on this ELB
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: None of these examples set aws_access_key, aws_secret_key, or region. + # It is assumed that their matching environment variables are set. + + # Basic provisioning example (non-VPC) + + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http # options are http, https, ssl, tcp + load_balancer_port: 80 + instance_port: 80 + proxy_protocol: True + - protocol: https + load_balancer_port: 443 + instance_protocol: http # optional, defaults to value of protocol setting + instance_port: 80 + # ssl certificate required for https or ssl + ssl_certificate_id: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert" + delegate_to: localhost + + # Internal ELB example + + - community.aws.elb_classic_lb: + name: "test-vpc" + scheme: internal + state: present + instance_ids: + - i-abcd1234 + purge_instance_ids: true + subnets: + - subnet-abcd1234 + - subnet-1a2b3c4d + listeners: + - protocol: http # options are http, https, ssl, tcp + load_balancer_port: 80 + instance_port: 80 + delegate_to: localhost + + # Configure a health check and the access logs + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + health_check: + ping_protocol: http # options are http, https, ssl, tcp + ping_port: 80 + ping_path: "/index.html" # not required for tcp or ssl + response_timeout: 5 # seconds + interval: 30 # seconds + unhealthy_threshold: 2 + healthy_threshold: 10 + access_logs: + interval: 5 # minutes (defaults to 60) + s3_location: "my-bucket" # This value is required if access_logs is set + s3_prefix: "logs" + delegate_to: localhost + + # Ensure ELB is gone + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: absent + delegate_to: localhost + + # Ensure ELB is gone and wait for check (for default timeout) + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: absent + wait: yes + delegate_to: localhost + + # Ensure ELB is gone and wait for check with timeout value + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: absent + wait: yes + wait_timeout: 600 + delegate_to: localhost + + # Normally, this module will purge any listeners that exist on the ELB + # but aren't specified in the listeners parameter. If purge_listeners is + # false it leaves them alone + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + purge_listeners: no + delegate_to: localhost + + # Normally, this module will leave availability zones that are enabled + # on the ELB alone. If purge_zones is true, then any extraneous zones + # will be removed + - community.aws.elb_classic_lb: + name: "test-please-delete" + state: present + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + purge_zones: yes + delegate_to: localhost + + # Creates a ELB and assigns a list of subnets to it. + - community.aws.elb_classic_lb: + state: present + name: 'New ELB' + security_group_ids: 'sg-123456, sg-67890' + region: us-west-2 + subnets: 'subnet-123456,subnet-67890' + purge_subnets: yes + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + delegate_to: localhost + + # Create an ELB with connection draining, increased idle timeout and cross availability + # zone load balancing + - community.aws.elb_classic_lb: + name: "New ELB" + state: present + connection_draining_timeout: 60 + idle_timeout: 300 + cross_az_load_balancing: "yes" + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + delegate_to: localhost + + # Create an ELB with load balancer stickiness enabled + - community.aws.elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + stickiness: + type: loadbalancer + enabled: yes + expiration: 300 + delegate_to: localhost + + # Create an ELB with application stickiness enabled + - community.aws.elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + stickiness: + type: application + enabled: yes + cookie: SESSIONID + delegate_to: localhost + + # Create an ELB and add tags + - community.aws.elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + tags: + Name: "New ELB" + stack: "production" + client: "Bob" + delegate_to: localhost + + # Delete all tags from an ELB + - community.aws.elb_classic_lb: + name: "New ELB" + state: present + region: us-east-1 + zones: + - us-east-1a + - us-east-1d + listeners: + - protocol: http + load_balancer_port: 80 + instance_port: 80 + tags: {} + delegate_to: localhost + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jim Dalton (@jsdalton) + + diff --git a/docs/community.aws.elb_instance_module.rst b/docs/community.aws.elb_instance_module.rst new file mode 100644 index 00000000000..d0f1a853ba6 --- /dev/null +++ b/docs/community.aws.elb_instance_module.rst @@ -0,0 +1,348 @@ +.. _community.aws.elb_instance_module: + + +************************** +community.aws.elb_instance +************************** + +**De-registers or registers instances from EC2 ELBs** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module de-registers or registers an AWS EC2 instance from the ELBs that it belongs to. +- Returns fact "ec2_elbs" which is a list of elbs attached to the instance if state=absent is passed as an argument. +- Will be marked changed when called only if there are ELBs found to operate on. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_elbs + +
    + list +
    +     		+ +
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + enable_availability_zone + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    +
    +
    + instance_id + +
    + string + / required
    +     		+ +
    EC2 Instance ID
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    register or deregister the instance
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for instance registration or deregistration to complete successfully before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    0
    +     		+
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # basic pre_task and post_task example + pre_tasks: + - name: Instance De-register + community.aws.elb_instance: + instance_id: "{{ ansible_ec2_instance_id }}" + state: absent + delegate_to: localhost + roles: + - myrole + post_tasks: + - name: Instance Register + community.aws.elb_instance: + instance_id: "{{ ansible_ec2_instance_id }}" + ec2_elbs: "{{ item }}" + state: present + delegate_to: localhost + loop: "{{ ec2_elbs }}" + + + + + +Status +------ + + +Authors +~~~~~~~ + +- John Jarvis (@jarv) + + diff --git a/docs/community.aws.elb_network_lb_module.rst b/docs/community.aws.elb_network_lb_module.rst new file mode 100644 index 00000000000..34b94598c2c --- /dev/null +++ b/docs/community.aws.elb_network_lb_module.rst @@ -0,0 +1,1082 @@ +.. _community.aws.elb_network_lb_module: + + +**************************** +community.aws.elb_network_lb +**************************** + +**Manage a Network Load Balancer** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Network Elastic Load Balancer. See https://aws.amazon.com/blogs/aws/new-network-load-balancer-effortless-scaling-to-millions-of-requests-per-second/ for details. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cross_zone_load_balancing + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether cross-zone load balancing is enabled.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + deletion_protection + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether deletion protection for the ELB is enabled.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + listeners + +
    + list + / elements=dictionary
    +     		+ +
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    +
    +
    + Certificates + +
    + list + / elements=dictionary
    +     		+ +
    The SSL server certificate.
    +
    +
    + CertificateArn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the certificate.
    +
    +
    + DefaultActions + +
    + list + / elements=dictionary / required
    +     		+ +
    The default actions for the listener.
    +
    +
    + TargetGroupArn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    + Type + +
    + string +
    +     		+ +
    The type of action.
    +
    +
    + Port + +
    + integer + / required
    +     		+ +
    The port on which the load balancer is listening.
    +
    +
    + Protocol + +
    + string + / required
    +     		+ +
    The protocol for connections from clients to the load balancer.
    +
    +
    + SslPolicy + +
    + string +
    +     		+ +
    The security policy that defines which ciphers and protocols are supported.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_listeners + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If purge_listeners=true, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
    +
    If the listeners parameter is not set then listeners will not be modified.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If purge_tags=true, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
    +
    If the tags parameter is not set then tags will not be modified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + scheme + +
    + string +
    +     		+
      Choices: +
    • internet-facing ←
      • +
    • internal
      • +
    +     		+
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or destroy the load balancer.
    +
    The current default is absent. However, this behavior is inconsistent with other modules and as such the default will change to present in 2.14. To maintain the existing behavior explicitly set state=absent.
    +
    +
    + subnet_mappings + +
    + list + / elements=dictionary
    +     		+ +
    A list of dicts containing the IDs of the subnets to attach to the load balancer. You can also specify the allocation ID of an Elastic IP to attach to the load balancer. You can specify one Elastic IP address per subnet.
    +
    This parameter is mutually exclusive with subnets.
    +
    +
    + subnets + +
    + list +
    +     		+ +
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    +
    Required when state=present.
    +
    This parameter is mutually exclusive with subnet_mappings.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of one or more tags to assign to the load balancer.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the network load balancer to reach the desired state.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ +
    The duration in seconds to wait, used in conjunction with wait.
    +
    +
    + + +Notes +----- + +.. note:: + - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. + - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create an ELB and attach a listener + community.aws.elb_network_lb: + name: myelb + subnets: + - subnet-012345678 + - subnet-abcdef000 + listeners: + - Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP, TLS, UDP or TCP_UDP) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + DefaultActions: + - Type: forward # Required. Only 'forward' is accepted at this time + TargetGroupName: mytargetgroup # Required. The name of the target group + state: present + + - name: Create an ELB with an attached Elastic IP address + community.aws.elb_network_lb: + name: myelb + subnet_mappings: + - SubnetId: subnet-012345678 + AllocationId: eipalloc-aabbccdd + listeners: + - Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP, TLS, UDP or TCP_UDP) (case-sensitive). + Port: 80 # Required. The port on which the load balancer is listening. + DefaultActions: + - Type: forward # Required. Only 'forward' is accepted at this time + TargetGroupName: mytargetgroup # Required. The name of the target group + state: present + + - name: Remove an ELB + community.aws.elb_network_lb: + name: myelb + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + availability_zones + +
    + list +
    +     		when state is present +
    The Availability Zones for the load balancer.
    +
    +
    Sample:
    +
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a', 'load_balancer_addresses': []}]
    +
    +
    + canonical_hosted_zone_id + +
    + string +
    +     		when state is present +
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    +
    +
    Sample:
    +
    ABCDEF12345678
    +
    +
    + created_time + +
    + string +
    +     		when state is present +
    The date and time the load balancer was created.
    +
    +
    Sample:
    +
    2015-02-12T02:14:02+00:00
    +
    +
    + deletion_protection_enabled + +
    + string +
    +     		when state is present +
    Indicates whether deletion protection is enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + dns_name + +
    + string +
    +     		when state is present +
    The public DNS name of the load balancer.
    +
    +
    Sample:
    +
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    +
    +
    + idle_timeout_timeout_seconds + +
    + string +
    +     		when state is present +
    The idle timeout value, in seconds.
    +
    +
    Sample:
    +
    60
    +
    +
    + ip_address_type + +
    + string +
    +     		when state is present +
    The type of IP addresses used by the subnets for the load balancer.
    +
    +
    Sample:
    +
    ipv4
    +
    +
    + listeners + +
    + complex +
    +     		when state is present +
    Information about the listeners.
    +
    +
      +
    + certificates + +
    + complex +
    +     		when state is present +
    The SSL server certificate.
    +
    +
       +
    + certificate_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the certificate.
    +
    +
      +
    + default_actions + +
    + string +
    +     		when state is present +
    The default actions for the listener.
    +
    +
       +
    + target_group_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
       +
    + type + +
    + string +
    +     		when state is present +
    The type of action.
    +
    +
      +
    + listener_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the listener.
    +
    +
      +
    + load_balancer_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
      +
    + port + +
    + integer +
    +     		when state is present +
    The port on which the load balancer is listening.
    +
    +
    Sample:
    +
    80
    +
      +
    + protocol + +
    + string +
    +     		when state is present +
    The protocol for connections from clients to the load balancer.
    +
    +
    Sample:
    +
    HTTPS
    +
      +
    + ssl_policy + +
    + string +
    +     		when state is present +
    The security policy that defines which ciphers and protocols are supported.
    +
    +
    +
    + load_balancer_arn + +
    + string +
    +     		when state is present +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    +
    +
    + load_balancer_name + +
    + string +
    +     		when state is present +
    The name of the load balancer.
    +
    +
    Sample:
    +
    my-elb
    +
    +
    + load_balancing_cross_zone_enabled + +
    + string +
    +     		when state is present +
    Indicates whether cross-zone load balancing is enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + scheme + +
    + string +
    +     		when state is present +
    Internet-facing or internal load balancer.
    +
    +
    Sample:
    +
    internal
    +
    +
    + state + +
    + dictionary +
    +     		when state is present +
    The state of the load balancer.
    +
    +
    Sample:
    +
    {'code': 'active'}
    +
    +
    + tags + +
    + dictionary +
    +     		when state is present +
    The tags attached to the load balancer.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    +
    +
    + type + +
    + string +
    +     		when state is present +
    The type of load balancer.
    +
    +
    Sample:
    +
    network
    +
    +
    + vpc_id + +
    + string +
    +     		when state is present +
    The ID of the VPC for the load balancer.
    +
    +
    Sample:
    +
    vpc-0011223344
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.elb_target_group_info_module.rst b/docs/community.aws.elb_target_group_info_module.rst new file mode 100644 index 00000000000..3a05c418629 --- /dev/null +++ b/docs/community.aws.elb_target_group_info_module.rst @@ -0,0 +1,810 @@ +.. _community.aws.elb_target_group_info_module: + + +*********************************** +community.aws.elb_target_group_info +*********************************** + +**Gather information about ELB target groups in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about ELB target groups in AWS +- This module was called ``elb_target_group_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + collect_targets_health + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When set to "yes", output contains targets health description
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + load_balancer_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    + names + +
    + list +
    +     		+ +
    The names of the target groups.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + target_group_arns + +
    + list +
    +     		+ +
    The Amazon Resource Names (ARN) of the target groups.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Gather information about all target groups + community.aws.elb_target_group_info: + + - name: Gather information about the target group attached to a particular ELB + community.aws.elb_target_group_info: + load_balancer_arn: "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" + + - name: Gather information about a target groups named 'tg1' and 'tg2' + community.aws.elb_target_group_info: + names: + - tg1 + - tg2 + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + target_groups + +
    + complex +
    +     		always +
    a list of target groups
    +
    +
      +
    + deregistration_delay_timeout_seconds + +
    + integer +
    +     		always +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    +
    +
    Sample:
    +
    300
    +
      +
    + health_check_interval_seconds + +
    + integer +
    +     		always +
    The approximate amount of time, in seconds, between health checks of an individual target.
    +
    +
    Sample:
    +
    30
    +
      +
    + health_check_path + +
    + string +
    +     		always +
    The destination for the health check request.
    +
    +
    Sample:
    +
    /index.html
    +
      +
    + health_check_port + +
    + string +
    +     		always +
    The port to use to connect with the target.
    +
    +
    Sample:
    +
    traffic-port
    +
      +
    + health_check_protocol + +
    + string +
    +     		always +
    The protocol to use to connect with the target.
    +
    +
    Sample:
    +
    HTTP
    +
      +
    + health_check_timeout_seconds + +
    + integer +
    +     		always +
    The amount of time, in seconds, during which no response means a failed health check.
    +
    +
    Sample:
    +
    5
    +
      +
    + healthy_threshold_count + +
    + integer +
    +     		always +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    +
    +
    Sample:
    +
    5
    +
      +
    + load_balancer_arns + +
    + list +
    +     		always +
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    +
    +
      +
    + matcher + +
    + dictionary +
    +     		always +
    The HTTP codes to use when checking for a successful response from a target.
    +
    +
    Sample:
    +
    {'http_code': '200'}
    +
      +
    + port + +
    + integer +
    +     		always +
    The port on which the targets are listening.
    +
    +
    Sample:
    +
    80
    +
      +
    + protocol + +
    + string +
    +     		always +
    The protocol to use for routing traffic to the targets.
    +
    +
    Sample:
    +
    HTTP
    +
      +
    + stickiness_enabled + +
    + boolean +
    +     		always +
    Indicates whether sticky sessions are enabled.
    +
    +
    Sample:
    +
    True
    +
      +
    + stickiness_lb_cookie_duration_seconds + +
    + integer +
    +     		always +
    Indicates whether sticky sessions are enabled.
    +
    +
    Sample:
    +
    86400
    +
      +
    + stickiness_type + +
    + string +
    +     		always +
    The type of sticky sessions.
    +
    +
    Sample:
    +
    lb_cookie
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    The tags attached to the target group.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    +
      +
    + target_group_arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    +
      +
    + target_group_name + +
    + string +
    +     		always +
    The name of the target group.
    +
    +
    Sample:
    +
    mytargetgroup
    +
      +
    + targets_health_description + +
    + complex +
    +     		when collect_targets_health is enabled +
    Targets health description.
    +
    +
       +
    + health_check_port + +
    + string +
    +     		always +
    The port to check target health.
    +
    +
    Sample:
    +
    80
    +
       +
    + target + +
    + complex +
    +     		always +
    The target metadata.
    +
    +
        +
    + id + +
    + string +
    +     		always +
    The ID of the target.
    +
    +
    Sample:
    +
    i-0123456789
    +
        +
    + port + +
    + integer +
    +     		always +
    The port to use to connect with the target.
    +
    +
    Sample:
    +
    80
    +
       +
    + target_health + +
    + complex +
    +     		always +
    The target health status.
    +
    +
        +
    + state + +
    + string +
    +     		always +
    The state of the target health.
    +
    +
    Sample:
    +
    healthy
    +
      +
    + unhealthy_threshold_count + +
    + integer +
    +     		always +
    The number of consecutive health check failures required before considering the target unhealthy.
    +
    +
    Sample:
    +
    2
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    The ID of the VPC for the targets.
    +
    +
    Sample:
    +
    vpc-0123456
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.elb_target_group_module.rst b/docs/community.aws.elb_target_group_module.rst new file mode 100644 index 00000000000..49fac29647d --- /dev/null +++ b/docs/community.aws.elb_target_group_module.rst @@ -0,0 +1,1084 @@ +.. _community.aws.elb_target_group_module: + + +****************************** +community.aws.elb_target_group +****************************** + +**Manage a target group for an Application or Network load balancer** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage an AWS Elastic Load Balancer target group. See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html or https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html for details. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + deregistration_delay_timeout + +
    + integer +
    +     		+ +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + health_check_interval + +
    + integer +
    +     		+ +
    The approximate amount of time, in seconds, between health checks of an individual target.
    +
    +
    + health_check_path + +
    + string +
    +     		+ +
    The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
    +
    Requires the health_check_protocol parameter to be set.
    +
    +
    + health_check_port + +
    + string +
    +     		+ +
    The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
    +
    When not defined will default to the port on which each target receives traffic from the load balancer.
    +
    +
    + health_check_protocol + +
    + string +
    +     		+
      Choices: +
    • http
      • +
    • https
      • +
    • tcp
      • +
    • tls
      • +
    • udp
      • +
    • tcp_udp
      • +
    • HTTP
      • +
    • HTTPS
      • +
    • TCP
      • +
    • TLS
      • +
    • UDP
      • +
    • TCP_UDP
      • +
    +     		+
    The protocol the load balancer uses when performing health checks on targets.
    +
    +
    + health_check_timeout + +
    + integer +
    +     		+ +
    The amount of time, in seconds, during which no response from a target means a failed health check.
    +
    +
    + healthy_threshold_count + +
    + integer +
    +     		+ +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    +
    +
    + modify_targets + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to alter existing targets in the group to match what is passed with the module
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the target group.
    +
    +
    + port + +
    + integer +
    +     		+ +
    The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if state is present.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + protocol + +
    + string +
    +     		+
      Choices: +
    • http
      • +
    • https
      • +
    • tcp
      • +
    • tls
      • +
    • udp
      • +
    • tcp_udp
      • +
    • HTTP
      • +
    • HTTPS
      • +
    • TCP
      • +
    • TLS
      • +
    • UDP
      • +
    • TCP_UDP
      • +
    +     		+
    The protocol to use for routing traffic to the targets. Required when state is present.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tag parameter is not set then tags will not be modified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or destroy the target group.
    +
    +
    + stickiness_enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether sticky sessions are enabled.
    +
    +
    + stickiness_lb_cookie_duration + +
    + integer +
    +     		+ +
    The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
    +
    +
    + stickiness_type + +
    + string +
    +     		+ +
    The type of sticky sessions.
    +
    If not set AWS will default to lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
    +
    +
    + successful_response_codes + +
    + string +
    +     		+ +
    The HTTP codes to use when checking for a successful response from a target.
    +
    Accepts multiple values (for example, "200,202") or a range of values (for example, "200-299").
    +
    Requires the health_check_protocol parameter to be set.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of one or more tags to assign to the target group.
    +
    +
    + target_type + +
    + string +
    +     		+
      Choices: +
    • instance
      • +
    • ip
      • +
    • lambda
      • +
    +     		+
    The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID), ip (targets are specified by IP address) or lambda (target is specified by ARN). Note that you can't specify targets for a target group using more than one type. Target type lambda only accept one target. When more than one target is specified, only the first one is used. All additional targets are ignored. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
    +
    The default behavior is instance.
    +
    +
    + targets + +
    + list +
    +     		+ +
    A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
    +
    +
    + unhealthy_threshold_count + +
    + integer +
    +     		+ +
    The number of consecutive health check failures required before considering a target unhealthy.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    The identifier of the virtual private cloud (VPC). Required when state is present.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the target group.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    200
    +     		+
    The time to wait for the target group.
    +
    +
    + + +Notes +----- + +.. note:: + - Once a target group has been created, only its health check can then be modified using subsequent calls + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create a target group with a default health check + community.aws.elb_target_group: + name: mytargetgroup + protocol: http + port: 80 + vpc_id: vpc-01234567 + state: present + + - name: Modify the target group with a custom health check + community.aws.elb_target_group: + name: mytargetgroup + protocol: http + port: 80 + vpc_id: vpc-01234567 + health_check_protocol: http + health_check_path: /health_check + health_check_port: 80 + successful_response_codes: 200 + health_check_interval: 15 + health_check_timeout: 3 + healthy_threshold_count: 4 + unhealthy_threshold_count: 3 + state: present + + - name: Delete a target group + community.aws.elb_target_group: + name: mytargetgroup + state: absent + + - name: Create a target group with instance targets + community.aws.elb_target_group: + name: mytargetgroup + protocol: http + port: 81 + vpc_id: vpc-01234567 + health_check_protocol: http + health_check_path: / + successful_response_codes: "200,250-260" + targets: + - Id: i-01234567 + Port: 80 + - Id: i-98765432 + Port: 80 + state: present + wait_timeout: 200 + wait: True + + - name: Create a target group with IP address targets + community.aws.elb_target_group: + name: mytargetgroup + protocol: http + port: 81 + vpc_id: vpc-01234567 + health_check_protocol: http + health_check_path: / + successful_response_codes: "200,250-260" + target_type: ip + targets: + - Id: 10.0.0.10 + Port: 80 + AvailabilityZone: all + - Id: 10.0.0.20 + Port: 80 + state: present + wait_timeout: 200 + wait: True + + # Using lambda as targets require that the target group + # itself is allow to invoke the lambda function. + # therefore you need first to create an empty target group + # to receive its arn, second, allow the target group + # to invoke the lambda function and third, add the target + # to the target group + - name: first, create empty target group + community.aws.elb_target_group: + name: my-lambda-targetgroup + target_type: lambda + state: present + modify_targets: False + register: out + + - name: second, allow invoke of the lambda + community.aws.lambda_policy: + state: "{{ state | default('present') }}" + function_name: my-lambda-function + statement_id: someID + action: lambda:InvokeFunction + principal: elasticloadbalancing.amazonaws.com + source_arn: "{{ out.target_group_arn }}" + + - name: third, add target + community.aws.elb_target_group: + name: my-lambda-targetgroup + target_type: lambda + state: present + targets: + - Id: arn:aws:lambda:eu-central-1:123456789012:function:my-lambda-function + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + deregistration_delay_timeout_seconds + +
    + integer +
    +     		when state present +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    +
    +
    Sample:
    +
    300
    +
    +
    + health_check_interval_seconds + +
    + integer +
    +     		when state present +
    The approximate amount of time, in seconds, between health checks of an individual target.
    +
    +
    Sample:
    +
    30
    +
    +
    + health_check_path + +
    + string +
    +     		when state present +
    The destination for the health check request.
    +
    +
    Sample:
    +
    /index.html
    +
    +
    + health_check_port + +
    + string +
    +     		when state present +
    The port to use to connect with the target.
    +
    +
    Sample:
    +
    traffic-port
    +
    +
    + health_check_protocol + +
    + string +
    +     		when state present +
    The protocol to use to connect with the target.
    +
    +
    Sample:
    +
    HTTP
    +
    +
    + health_check_timeout_seconds + +
    + integer +
    +     		when state present +
    The amount of time, in seconds, during which no response means a failed health check.
    +
    +
    Sample:
    +
    5
    +
    +
    + healthy_threshold_count + +
    + integer +
    +     		when state present +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    +
    +
    Sample:
    +
    5
    +
    +
    + load_balancer_arns + +
    + list +
    +     		when state present +
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    +
    +
    +
    + matcher + +
    + dictionary +
    +     		when state present +
    The HTTP codes to use when checking for a successful response from a target.
    +
    +
    Sample:
    +
    {'http_code': '200'}
    +
    +
    + port + +
    + integer +
    +     		when state present +
    The port on which the targets are listening.
    +
    +
    Sample:
    +
    80
    +
    +
    + protocol + +
    + string +
    +     		when state present +
    The protocol to use for routing traffic to the targets.
    +
    +
    Sample:
    +
    HTTP
    +
    +
    + stickiness_enabled + +
    + boolean +
    +     		when state present +
    Indicates whether sticky sessions are enabled.
    +
    +
    Sample:
    +
    True
    +
    +
    + stickiness_lb_cookie_duration_seconds + +
    + integer +
    +     		when state present +
    The time period, in seconds, during which requests from a client should be routed to the same target.
    +
    +
    Sample:
    +
    86400
    +
    +
    + stickiness_type + +
    + string +
    +     		when state present +
    The type of sticky sessions.
    +
    +
    Sample:
    +
    lb_cookie
    +
    +
    + tags + +
    + dictionary +
    +     		when state present +
    The tags attached to the target group.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    +
    +
    + target_group_arn + +
    + string +
    +     		when state present +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    +
    +
    + target_group_name + +
    + string +
    +     		when state present +
    The name of the target group.
    +
    +
    Sample:
    +
    mytargetgroup
    +
    +
    + unhealthy_threshold_count + +
    + integer +
    +     		when state present +
    The number of consecutive health check failures required before considering the target unhealthy.
    +
    +
    Sample:
    +
    2
    +
    +
    + vpc_id + +
    + string +
    +     		when state present +
    The ID of the VPC for the targets.
    +
    +
    Sample:
    +
    vpc-0123456
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.elb_target_info_module.rst b/docs/community.aws.elb_target_info_module.rst new file mode 100644 index 00000000000..c2cf10de75a --- /dev/null +++ b/docs/community.aws.elb_target_info_module.rst @@ -0,0 +1,575 @@ +.. _community.aws.elb_target_info_module: + + +***************************** +community.aws.elb_target_info +***************************** + +**Gathers which target groups a target is associated with.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module will search through every target group in a region to find which ones have registered a given instance ID or IP. +- This module was called ``elb_target_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + get_unused_target_groups + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to get target groups not used by any load balancers.
    +
    +
    + instance_id + +
    + string + / required
    +     		+ +
    What instance ID to get information for.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # practical use case - dynamically de-registering and re-registering nodes + + - name: Get EC2 Metadata + amazon.aws.ec2_metadata_facts: + + - name: Get initial list of target groups + delegate_to: localhost + community.aws.elb_target_info: + instance_id: "{{ ansible_ec2_instance_id }}" + region: "{{ ansible_ec2_placement_region }}" + register: target_info + + - name: save fact for later + set_fact: + original_tgs: "{{ target_info.instance_target_groups }}" + + - name: Deregister instance from all target groups + delegate_to: localhost + community.aws.elb_target: + target_group_arn: "{{ item.0.target_group_arn }}" + target_port: "{{ item.1.target_port }}" + target_az: "{{ item.1.target_az }}" + target_id: "{{ item.1.target_id }}" + state: absent + target_status: "draining" + region: "{{ ansible_ec2_placement_region }}" + with_subelements: + - "{{ original_tgs }}" + - "targets" + + # This avoids having to wait for 'elb_target' to serially deregister each + # target group. An alternative would be to run all of the 'elb_target' + # tasks async and wait for them to finish. + + - name: wait for all targets to deregister simultaneously + delegate_to: localhost + community.aws.elb_target_info: + get_unused_target_groups: false + instance_id: "{{ ansible_ec2_instance_id }}" + region: "{{ ansible_ec2_placement_region }}" + register: target_info + until: (target_info.instance_target_groups | length) == 0 + retries: 60 + delay: 10 + + - name: reregister in elbv2s + community.aws.elb_target: + region: "{{ ansible_ec2_placement_region }}" + target_group_arn: "{{ item.0.target_group_arn }}" + target_port: "{{ item.1.target_port }}" + target_az: "{{ item.1.target_az }}" + target_id: "{{ item.1.target_id }}" + state: present + target_status: "initial" + with_subelements: + - "{{ original_tgs }}" + - "targets" + + # wait until all groups associated with this instance are 'healthy' or + # 'unused' + - name: wait for registration + community.aws.elb_target_info: + get_unused_target_groups: false + instance_id: "{{ ansible_ec2_instance_id }}" + region: "{{ ansible_ec2_placement_region }}" + register: target_info + until: (target_info.instance_target_groups | + map(attribute='targets') | + flatten | + map(attribute='target_health') | + rejectattr('state', 'equalto', 'healthy') | + rejectattr('state', 'equalto', 'unused') | + list | + length) == 0 + retries: 61 + delay: 10 + + # using the target groups to generate AWS CLI commands to reregister the + # instance - useful in case the playbook fails mid-run and manual + # rollback is required + - name: "reregistration commands: ELBv2s" + debug: + msg: > + aws --region {{ansible_ec2_placement_region}} elbv2 + register-targets --target-group-arn {{item.target_group_arn}} + --targets{%for target in item.targets%} + Id={{target.target_id}}, + Port={{target.target_port}}{%if target.target_az%},AvailabilityZone={{target.target_az}} + {%endif%} + {%endfor%} + loop: "{{target_info.instance_target_groups}}" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + instance_target_groups + +
    + complex +
    +     		always +
    a list of target groups to which the instance is registered to
    +
    +
      +
    + target_group_arn + +
    + string +
    +     		always +
    The ARN of the target group
    +
    +
    Sample:
    +
    ['arn:aws:elasticloadbalancing:eu-west-1:111111111111:targetgroup/target-group/deadbeefdeadbeef']
    +
      +
    + target_group_type + +
    + string +
    +     		always +
    Which target type is used for this group
    +
    +
    Sample:
    +
    ['ip', 'instance']
    +
      +
    + targets + +
    + complex +
    +     		always +
    A list of targets that point to this instance ID
    +
    +
       +
    + target_az + +
    + string +
    +     		when an AZ is associated with this instance +
    which availability zone is explicitly associated with this target
    +
    +
    Sample:
    +
    ['us-west-2a']
    +
       +
    + target_health + +
    + complex +
    +     		always +
    The target health description.
    + +
    +
        +
    + description + +
    + string +
    +     		if state!=present +
    description of target health
    +
    +
    Sample:
    +
    ['Target desregistration is in progress']
    +
        +
    + reason + +
    + string +
    +     		if state!=healthy +
    reason code for target health
    +
    +
    Sample:
    +
    ['Target.Deregistration in progress']
    +
        +
    + state + +
    + string +
    +     		always +
    health state
    +
    +
    Sample:
    +
    ['healthy', 'draining', 'initial', 'unhealthy', 'unused', 'unavailable']
    +
       +
    + target_id + +
    + string +
    +     		always +
    the target ID referring to this instance
    +
    +
    Sample:
    +
    ['i-deadbeef', '1.2.3.4']
    +
       +
    + target_port + +
    + string +
    +     		always +
    which port this target is listening on
    +
    +
    Sample:
    +
    [80]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Yaakov Kuperman (@yaakov-github) + + diff --git a/docs/community.aws.elb_target_module.rst b/docs/community.aws.elb_target_module.rst new file mode 100644 index 00000000000..3eb8c10c08b --- /dev/null +++ b/docs/community.aws.elb_target_module.rst @@ -0,0 +1,408 @@ +.. _community.aws.elb_target_module: + + +************************ +community.aws.elb_target +************************ + +**Manage a target in a target group** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Used to register or deregister a target in a target group + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + deregister_unused + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Register or deregister the target.
    +
    +
    + target_az + +
    + string +
    +     		+ +
    An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
    +
    +
    + target_group_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
    +
    +
    + target_group_name + +
    + string +
    +     		+ +
    The name of the target group. Mutually exclusive of target_group_arn.
    +
    +
    + target_id + +
    + string + / required
    +     		+ +
    The ID of the target.
    +
    +
    + target_port + +
    + integer +
    +     		+ +
    The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
    +
    The default port for a target is the port for the target group.
    +
    +
    + target_status + +
    + string +
    +     		+
      Choices: +
    • initial
      • +
    • healthy
      • +
    • unhealthy
      • +
    • unused
      • +
    • draining
      • +
    • unavailable
      • +
    +     		+
    Blocks and waits for the target status to equal given value. For more detail on target status see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states
    +
    +
    + target_status_timeout + +
    + integer +
    +     		+ Default:
    60
    +     		+
    Maximum time in seconds to wait for target_status change
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If you specified a port override when you registered a target, you must specify both the target ID and the port when you deregister it. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Register an IP address target to a target group + community.aws.elb_target: + target_group_name: myiptargetgroup + target_id: i-1234567 + state: present + + - name: Register an instance target to a target group + community.aws.elb_target: + target_group_name: mytargetgroup + target_id: i-1234567 + state: present + + - name: Deregister a target from a target group + community.aws.elb_target: + target_group_name: mytargetgroup + target_id: i-1234567 + state: absent + + # Modify a target to use a different port + - name: Register a target to a target group + community.aws.elb_target: + target_group_name: mytargetgroup + target_id: i-1234567 + target_port: 8080 + state: present + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.execute_lambda_module.rst b/docs/community.aws.execute_lambda_module.rst new file mode 100644 index 00000000000..acd00876d59 --- /dev/null +++ b/docs/community.aws.execute_lambda_module.rst @@ -0,0 +1,444 @@ +.. _community.aws.execute_lambda_module: + + +**************************** +community.aws.execute_lambda +**************************** + +**Execute an AWS Lambda function** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module executes AWS Lambda functions, allowing synchronous and asynchronous invocation. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + dry_run + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Do not *actually* invoke the function. A DryRun call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + function_arn + +
    + string +
    +     		+ +
    The name of the function to be invoked
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use function_arn to specify the full ARN.
    +
    +
    + payload + +
    + dictionary +
    +     		+ Default:
    {}
    +     		+
    A dictionary in any form to be provided as input to the Lambda function.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + tail_log + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If tail_log=yes, the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation wait=yes. This is usually used for development or testing Lambdas.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + version_qualifier + +
    + string +
    +     		+ +
    Which version/alias of the function to run. This defaults to the LATEST revision, but can be set to any existing version or alias. See https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to wait for the function results or not. If wait=no the task will not return any results. To wait for the Lambda function to complete, set wait=yes and the result will be available in the output key.
    +
    +
    + + +Notes +----- + +.. note:: + - Async invocation will always return an empty ``output`` key. + - Synchronous invocation may result in a function timeout, resulting in an empty ``output`` key. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - community.aws.execute_lambda: + name: test-function + # the payload is automatically serialized and sent to the function + payload: + foo: bar + value: 8 + register: response + + # Test that you have sufficient permissions to execute a Lambda function in + # another account + - community.aws.execute_lambda: + function_arn: arn:aws:lambda:us-east-1:123456789012:function/some-function + dry_run: true + + - community.aws.execute_lambda: + name: test-function + payload: + foo: bar + value: 8 + wait: true + tail_log: true + register: response + # the response will have a `logs` key that will contain a log (up to 4KB) of the function execution in Lambda + + # Pass the Lambda event payload as a json file. + - community.aws.execute_lambda: + name: test-function + payload: "{{ lookup('file','lambda_event.json') }}" + register: response + + - community.aws.execute_lambda: + name: test-function + version_qualifier: PRODUCTION + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + logs + +
    + string +
    +     		if tail_log == true +
    The last 4KB of the function logs. Only provided if tail_log is true
    +
    +
    +
    + output + +
    + dictionary +
    +     		success +
    Function output if wait=true and the function returns a value
    +
    +
    Sample:
    +
    { 'output': 'something' }
    +
    +
    + status + +
    + integer +
    +     		always +
    StatusCode of API call exit (200 for synchronous invokes, 202 for async)
    +
    +
    Sample:
    +
    200
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ryan Scott Brown (@ryansb) + + diff --git a/docs/community.aws.iam_cert_module.rst b/docs/community.aws.iam_cert_module.rst new file mode 100644 index 00000000000..8d0cf82ecc7 --- /dev/null +++ b/docs/community.aws.iam_cert_module.rst @@ -0,0 +1,405 @@ +.. _community.aws.iam_cert_module: + + +********************** +community.aws.iam_cert +********************** + +**Manage server certificates for use on ELBs and CloudFront** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of server certificates. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cert + +
    + string +
    +     		+ +
    The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    +
    +
    + cert_chain + +
    + string +
    +     		+ +
    The path to, or content of, the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + dup_ok + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    By default the module will not upload a certificate that is already uploaded into AWS.
    +
    If dup_ok=True, it will upload the certificate as long as the name is unique.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + key + +
    + string +
    +     		+ +
    The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of certificate to add, update or remove.
    +
    +
    + new_name + +
    + string +
    +     		+ +
    When state is present, this will update the name of the cert.
    +
    The cert, key and cert_chain parameters will be ignored if this is defined.
    +
    +
    + new_path + +
    + string +
    +     		+ +
    When state is present, this will update the path of the cert.
    +
    The cert, key and cert_chain parameters will be ignored if this is defined.
    +
    +
    + path + +
    + string +
    +     		+ Default:
    "/"
    +     		+
    When creating or updating, specify the desired path of the certificate.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Whether to create(or update) or delete the certificate.
    +
    If new_path or new_name is defined, specifying present will attempt to make an update these.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Basic server certificate upload from local file + community.aws.iam_cert: + name: very_ssl + state: present + cert: "{{ lookup('file', 'path/to/cert') }}" + key: "{{ lookup('file', 'path/to/key') }}" + cert_chain: "{{ lookup('file', 'path/to/certchain') }}" + + - name: Basic server certificate upload + community.aws.iam_cert: + name: very_ssl + state: present + cert: path/to/cert + key: path/to/key + cert_chain: path/to/certchain + + - name: Server certificate upload using key string + community.aws.iam_cert: + name: very_ssl + state: present + path: "/a/cert/path/" + cert: body_of_somecert + key: vault_body_of_privcertkey + cert_chain: body_of_myverytrustedchain + + - name: Basic rename of existing certificate + community.aws.iam_cert: + name: very_ssl + new_name: new_very_ssl + state: present + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jonathan I. Davila (@defionscode) + + diff --git a/docs/community.aws.iam_group_module.rst b/docs/community.aws.iam_group_module.rst new file mode 100644 index 00000000000..1ea0674ae6d --- /dev/null +++ b/docs/community.aws.iam_group_module.rst @@ -0,0 +1,632 @@ +.. _community.aws.iam_group_module: + + +*********************** +community.aws.iam_group +*********************** + +**Manage AWS IAM groups** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage AWS IAM groups. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + managed_policies + +
    + list + / elements=string
    +     		+ +
    A list of managed policy ARNs or friendly names to attach to the role.
    +
    To embed an inline policy, use community.aws.iam_policy.
    +

    aliases: managed_policy
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the group to create.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_policies + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    +

    aliases: purge_policy, purge_managed_policies
    +
    +
    + purge_users + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When purge_users=true users which are not included in users will be detached.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or remove the IAM group.
    +
    +
    + users + +
    + list + / elements=string
    +     		+ +
    A list of existing users to add as members of the group.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create a group + community.aws.iam_group: + name: testgroup1 + state: present + + - name: Create a group and attach a managed policy using its ARN + community.aws.iam_group: + name: testgroup1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + state: present + + - name: Create a group with users as members and attach a managed policy using its ARN + community.aws.iam_group: + name: testgroup1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + users: + - test_user1 + - test_user2 + state: present + + - name: Remove all managed policies from an existing group with an empty list + community.aws.iam_group: + name: testgroup1 + state: present + purge_policies: true + + - name: Remove all group members from an existing group + community.aws.iam_group: + name: testgroup1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + purge_users: true + state: present + + - name: Delete the group + community.aws.iam_group: + name: testgroup1 + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + iam_group + +
    + complex +
    +     		success +
    dictionary containing all the group information including group membership
    +
    +
      +
    + group + +
    + complex +
    +     		success +
    dictionary containing all the group information
    +
    +
       +
    + arn + +
    + string +
    +     		+
    the Amazon Resource Name (ARN) specifying the group
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:group/testgroup1
    +
       +
    + create_date + +
    + string +
    +     		+
    the date and time, in ISO 8601 date-time format, when the group was created
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    +
       +
    + group_id + +
    + string +
    +     		+
    the stable and unique string identifying the group
    +
    +
    Sample:
    +
    AGPAIDBWE12NSFINE55TM
    +
       +
    + group_name + +
    + string +
    +     		+
    the friendly name that identifies the group
    +
    +
    Sample:
    +
    testgroup1
    +
       +
    + path + +
    + string +
    +     		+
    the path to the group
    +
    +
    Sample:
    +
    /
    +
      +
    + users + +
    + complex +
    +     		success +
    list containing all the group members
    +
    +
       +
    + arn + +
    + string +
    +     		+
    the Amazon Resource Name (ARN) specifying the user
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:user/test_user1
    +
       +
    + create_date + +
    + string +
    +     		+
    the date and time, in ISO 8601 date-time format, when the user was created
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    +
       +
    + path + +
    + string +
    +     		+
    the path to the user
    +
    +
    Sample:
    +
    /
    +
       +
    + user_id + +
    + string +
    +     		+
    the stable and unique string identifying the user
    +
    +
    Sample:
    +
    AIDAIZTPY123YQRS22YU2
    +
       +
    + user_name + +
    + string +
    +     		+
    the friendly name that identifies the user
    +
    +
    Sample:
    +
    testgroup1
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Nick Aslanidis (@naslanidis) +- Maksym Postument (@infectsoldier) + + diff --git a/docs/community.aws.iam_managed_policy_module.rst b/docs/community.aws.iam_managed_policy_module.rst new file mode 100644 index 00000000000..f1c1541cf54 --- /dev/null +++ b/docs/community.aws.iam_managed_policy_module.rst @@ -0,0 +1,418 @@ +.. _community.aws.iam_managed_policy_module: + + +******************************** +community.aws.iam_managed_policy +******************************** + +**Manage User Managed IAM policies** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows creating and removing managed IAM policies + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + fail_on_delete + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The fail_on_delete option does nothing and will be removed after 2022-06-01
    +
    +
    + make_default + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Make this revision the default revision.
    +
    +
    + only_version + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Remove all other non default revisions, if this is used with make_default it will result in all other versions of this policy being deleted.
    +
    +
    + policy + +
    + json +
    +     		+ +
    A properly json formatted policy
    +
    +
    + policy_description + +
    + string +
    +     		+ Default:
    ""
    +     		+
    A helpful description of this policy, this value is immutable and only set when creating a new policy.
    +
    +
    + policy_name + +
    + string + / required
    +     		+ +
    The name of the managed policy.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create Policy ex nihilo + - name: Create IAM Managed Policy + community.aws.iam_managed_policy: + policy_name: "ManagedPolicy" + policy_description: "A Helpful managed policy" + policy: "{{ lookup('template', 'managed_policy.json.j2') }}" + state: present + + # Update a policy with a new default version + - name: Create IAM Managed Policy + community.aws.iam_managed_policy: + policy_name: "ManagedPolicy" + policy: "{{ lookup('file', 'managed_policy_update.json') }}" + state: present + + # Update a policy with a new non default version + - name: Create IAM Managed Policy + community.aws.iam_managed_policy: + policy_name: "ManagedPolicy" + policy: "{{ lookup('file', 'managed_policy_update.json') }}" + make_default: false + state: present + + # Update a policy and make it the only version and the default version + - name: Create IAM Managed Policy + community.aws.iam_managed_policy: + policy_name: "ManagedPolicy" + policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" + only_version: true + state: present + + # Remove a policy + - name: Create IAM Managed Policy + community.aws.iam_managed_policy: + policy_name: "ManagedPolicy" + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + policy + +
    + string +
    +     		success +
    Returns the policy json structure, when state == absent this will return the value of the removed policy.
    +
    +
    Sample:
    +
    { "arn": "arn:aws:iam::aws:policy/AdministratorAccess " "attachment_count": 0, "create_date": "2017-03-01T15:42:55.981000+00:00", "default_version_id": "v1", "is_attachable": true, "path": "/", "policy_id": "ANPALM4KLDMTFXGOOJIHL", "policy_name": "AdministratorAccess", "update_date": "2017-03-01T15:42:55.981000+00:00" }
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Dan Kozlowski (@dkhenry) + + diff --git a/docs/community.aws.iam_mfa_device_info_module.rst b/docs/community.aws.iam_mfa_device_info_module.rst new file mode 100644 index 00000000000..d60035243fa --- /dev/null +++ b/docs/community.aws.iam_mfa_device_info_module.rst @@ -0,0 +1,290 @@ +.. _community.aws.iam_mfa_device_info_module: + + +********************************* +community.aws.iam_mfa_device_info +********************************* + +**List the MFA (Multi-Factor Authentication) devices registered for a user** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- List the MFA (Multi-Factor Authentication) devices registered for a user +- This module was called ``iam_mfa_device_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + user_name + +
    + string +
    +     		+ +
    The name of the user whose MFA devices will be listed
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html + - name: List MFA devices + community.aws.iam_mfa_device_info: + register: mfa_devices + + # more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html + - name: Assume an existing role + community.aws.sts_assume_role: + mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" + role_arn: "arn:aws:iam::123456789012:role/someRole" + role_session_name: "someRoleSession" + register: assumed_role + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + mfa_devices + +
    + list +
    +     		always +
    The MFA devices registered for the given user
    +
    +
    Sample:
    +
    [{'enable_date': '2016-03-11T23:25:36+00:00', 'serial_number': 'arn:aws:iam::085120003701:mfa/pwnall', 'user_name': 'pwnall'}, {'enable_date': '2016-03-11T23:25:37+00:00', 'serial_number': 'arn:aws:iam::085120003702:mfa/pwnall', 'user_name': 'pwnall'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Victor Costan (@pwnall) + + diff --git a/docs/community.aws.iam_module.rst b/docs/community.aws.iam_module.rst new file mode 100644 index 00000000000..b5802e50289 --- /dev/null +++ b/docs/community.aws.iam_module.rst @@ -0,0 +1,565 @@ +.. _community.aws.iam_module: + + +***************** +community.aws.iam +***************** + +**Manage IAM users, groups, roles and keys** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of IAM users, user API keys, groups, roles. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + access_key_ids + +
    + list +
    +     		+ +
    A list of the keys that you want affected by the access_key_state parameter.
    +
    +
    + access_key_state + +
    + string +
    +     		+
      Choices: +
    • create
      • +
    • remove
      • +
    • active
      • +
    • inactive
      • +
    • Create
      • +
    • Remove
      • +
    • Active
      • +
    • Inactive
      • +
    +     		+
    When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + groups + +
    + list +
    +     		+ +
    A list of groups the user should belong to. When state=update, will gracefully remove groups not listed.
    +
    +
    + iam_type + +
    + string + / required
    +     		+
      Choices: +
    • user
      • +
    • group
      • +
    • role
      • +
    +     		+
    Type of IAM resource.
    +
    +
    + key_count + +
    + integer +
    +     		+ Default:
    1
    +     		+
    When access_key_state=create it will ensure this quantity of keys are present.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of IAM resource to create or identify.
    +
    +
    + new_name + +
    + string +
    +     		+ +
    When state=update, will replace name with new_name on IAM resource.
    +
    +
    + new_path + +
    + string +
    +     		+ +
    When state=update, will replace the path with new_path on the IAM resource.
    +
    +
    + password + +
    + string +
    +     		+ +
    When type=user and either state=present or state=update, define the users login password.
    +
    Note that this will always return 'changed'.
    +
    +
    + path + +
    + string +
    +     		+ Default:
    "/"
    +     		+
    When creating or updating, specify the desired path of the resource.
    +
    If state=present, it will replace the current path to match what is passed in when they do not match.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • update
      • +
    +     		+
    Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
    +
    +
    + trust_policy + +
    + dictionary +
    +     		+ +
    The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role.
    +
    Mutually exclusive with trust_policy_filepath.
    +
    +
    + trust_policy_filepath + +
    + string +
    +     		+ +
    The path to the trust policy document that grants an entity permission to assume the role.
    +
    Mutually exclusive with trust_policy.
    +
    +
    + update_password + +
    + string +
    +     		+
      Choices: +
    • always ←
      • +
    • on_create
      • +
    +     		+
    When to update user passwords.
    +
    update_password=always will ensure the password is set to password.
    +
    update_password=on_create will only set the password for newly created users.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - Currently boto does not support the removal of Managed Policies, the module will error out if your user/group/role has managed policies when you try to do state=absent. They will need to be removed manually. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Basic user creation example + - name: Create two new IAM users with API keys + community.aws.iam: + iam_type: user + name: "{{ item }}" + state: present + password: "{{ temp_pass }}" + access_key_state: create + loop: + - jcleese + - mpython + + # Advanced example, create two new groups and add the pre-existing user + # jdavila to both groups. + - name: Create Two Groups, Mario and Luigi + community.aws.iam: + iam_type: group + name: "{{ item }}" + state: present + loop: + - Mario + - Luigi + register: new_groups + + - name: Update user + community.aws.iam: + iam_type: user + name: jdavila + state: update + groups: "{{ item.created_group.group_name }}" + loop: "{{ new_groups.results }}" + + # Example of role with custom trust policy for Lambda service + - name: Create IAM role with custom trust relationship + community.aws.iam: + iam_type: role + name: AAALambdaTestRole + state: present + trust_policy: + Version: '2012-10-17' + Statement: + - Action: sts:AssumeRole + Effect: Allow + Principal: + Service: lambda.amazonaws.com + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + role_result + +
    + string +
    +     		if iam_type=role and state=present +
    the IAM.role dict returned by Boto
    +
    +
    Sample:
    +
    {'arn': 'arn:aws:iam::A1B2C3D4E5F6:role/my-new-role', 'assume_role_policy_document': '...truncated...', 'create_date': '2017-09-02T14:32:23Z', 'path': '/', 'role_id': 'AROAA1B2C3D4E5F6G7H8I', 'role_name': 'my-new-role'}
    +
    +
    + roles + +
    + list +
    +     		if iam_type=role and state=present +
    a list containing the name of the currently defined roles
    +
    +
    Sample:
    +
    ['my-new-role', 'my-existing-role-1', 'my-existing-role-2', 'my-existing-role-3', 'my-existing-role-...']
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jonathan I. Davila (@defionscode) +- Paul Seiffert (@seiffert) + + diff --git a/docs/community.aws.iam_password_policy_module.rst b/docs/community.aws.iam_password_policy_module.rst new file mode 100644 index 00000000000..7ee644fd3fe --- /dev/null +++ b/docs/community.aws.iam_password_policy_module.rst @@ -0,0 +1,426 @@ +.. _community.aws.iam_password_policy_module: + + +********************************* +community.aws.iam_password_policy +********************************* + +**Update an IAM Password Policy** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Module updates an IAM Password Policy on a given AWS account + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + allow_pw_change + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Allow users to change their password.
    +

    aliases: allow_password_change
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + min_pw_length + +
    + integer +
    +     		+ Default:
    6
    +     		+
    Minimum password length.
    +

    aliases: minimum_password_length
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + pw_expire + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Prevents users from change an expired password.
    +

    aliases: password_expire, expire
    +
    +
    + pw_max_age + +
    + integer +
    +     		+ Default:
    0
    +     		+
    Maximum age for a password in days. When this option is 0 then passwords do not expire automatically.
    +

    aliases: password_max_age
    +
    +
    + pw_reuse_prevent + +
    + integer +
    +     		+ Default:
    0
    +     		+
    Prevent re-use of passwords.
    +

    aliases: password_reuse_prevent, prevent_reuse
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + require_lowercase + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require lowercase letters in password.
    +
    +
    + require_numbers + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require numbers in password.
    +
    +
    + require_symbols + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require symbols in password.
    +
    +
    + require_uppercase + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require uppercase letters in password.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies the overall state of the password policy.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Password policy for AWS account + community.aws.iam_password_policy: + state: present + min_pw_length: 8 + require_symbols: false + require_numbers: true + require_uppercase: true + require_lowercase: true + allow_pw_change: true + pw_max_age: 60 + pw_reuse_prevent: 5 + pw_expire: false + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Aaron Smith (@slapula) + + diff --git a/docs/community.aws.iam_policy_info_module.rst b/docs/community.aws.iam_policy_info_module.rst new file mode 100644 index 00000000000..de27cd26404 --- /dev/null +++ b/docs/community.aws.iam_policy_info_module.rst @@ -0,0 +1,380 @@ +.. _community.aws.iam_policy_info_module: + + +***************************** +community.aws.iam_policy_info +***************************** + +**Retrieve inline IAM policies for users, groups, and roles** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Supports fetching of inline IAM policies for IAM users, groups and roles. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + iam_name + +
    + string + / required
    +     		+ +
    Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name.
    +
    +
    + iam_type + +
    + string + / required
    +     		+
      Choices: +
    • user
      • +
    • group
      • +
    • role
      • +
    +     		+
    Type of IAM resource you wish to retrieve inline policies for.
    +
    +
    + policy_name + +
    + string +
    +     		+ +
    Name of a specific IAM inline policy you with to retrieve.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Describe all inline IAM policies on an IAM User + community.aws.iam_policy_info: + iam_type: user + iam_name: example_user + + - name: Describe a specific inline policy on an IAM Role + community.aws.iam_policy_info: + iam_type: role + iam_name: example_role + policy_name: example_policy + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + all_policy_names + +
    + list +
    +     		success +
    A list of names of all of the IAM inline policies on the queried object
    +
    +
    +
    + policies + +
    + complex +
    +     		success +
    A list containing the matching IAM inline policy names and their data
    +
    +
      +
    + policy_document + +
    + list +
    +     		success +
    The JSON document representing the inline IAM policy
    +
    +
      +
    + policy_name + +
    + string +
    +     		success +
    The Name of the inline policy
    +
    +
    +
    + policy_names + +
    + list +
    +     		success +
    A list of matching names of the IAM inline policies on the queried object
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Mark Chappell (@tremble) + + diff --git a/docs/community.aws.iam_policy_module.rst b/docs/community.aws.iam_policy_module.rst new file mode 100644 index 00000000000..b11694f041e --- /dev/null +++ b/docs/community.aws.iam_policy_module.rst @@ -0,0 +1,393 @@ +.. _community.aws.iam_policy_module: + + +************************ +community.aws.iam_policy +************************ + +**Manage inline IAM policies for users, groups, and roles** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows uploading or removing inline IAM policies for IAM users, groups or roles. +- To administer managed policies please see :ref:`community.aws.iam_user `, :ref:`community.aws.iam_role `, :ref:`community.aws.iam_group ` and :ref:`community.aws.iam_managed_policy ` + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + iam_name + +
    + string + / required
    +     		+ +
    Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
    +
    +
    + iam_type + +
    + string + / required
    +     		+
      Choices: +
    • user
      • +
    • group
      • +
    • role
      • +
    +     		+
    Type of IAM resource.
    +
    +
    + policy_document + +
    + string +
    +     		+ +
    The path to the properly json formatted policy file.
    +
    Mutually exclusive with policy_json.
    +
    This option has been deprecated and will be removed in 2.14. The existing behavior can be reproduced by using the policy_json option and reading the file using the lookup plugin.
    +
    +
    + policy_json + +
    + json +
    +     		+ +
    A properly json formatted policy as string.
    +
    Mutually exclusive with policy_document.
    + +
    +
    + policy_name + +
    + string + / required
    +     		+ +
    The name label for the policy to create or remove.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + skip_duplicates + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When skip_duplicates=true the module looks for any policies that match the document you pass in. If there is a match it will not make a new policy object with the same rules.
    +
    The current default is true. However, this behavior can be confusing and as such the default will change to false in 2.14. To maintain the existing behavior explicitly set skip_duplicates=true.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create or delete the IAM policy.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create a policy with the name of 'Admin' to the group 'administrators' + - name: Assign a policy called Admin to the administrators group + community.aws.iam_policy: + iam_type: group + iam_name: administrators + policy_name: Admin + state: present + policy_document: admin_policy.json + + # Advanced example, create two new groups and add a READ-ONLY policy to both + # groups. + - name: Create Two Groups, Mario and Luigi + community.aws.iam: + iam_type: group + name: "{{ item }}" + state: present + loop: + - Mario + - Luigi + register: new_groups + + - name: Apply READ-ONLY policy to new groups that have been recently created + community.aws.iam_policy: + iam_type: group + iam_name: "{{ item.created_group.group_name }}" + policy_name: "READ-ONLY" + policy_document: readonlypolicy.json + state: present + loop: "{{ new_groups.results }}" + + # Create a new S3 policy with prefix per user + - name: Create S3 policy from template + community.aws.iam_policy: + iam_type: user + iam_name: "{{ item.user }}" + policy_name: "s3_limited_access_{{ item.prefix }}" + state: present + policy_json: " {{ lookup( 'template', 's3_policy.json.j2') }} " + loop: + - user: s3_user + prefix: s3_user_prefix + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Jonathan I. Davila (@defionscode) +- Dennis Podkovyrin (@sbj-ss) + + diff --git a/docs/community.aws.iam_role_info_module.rst b/docs/community.aws.iam_role_info_module.rst new file mode 100644 index 00000000000..e0ba73016f9 --- /dev/null +++ b/docs/community.aws.iam_role_info_module.rst @@ -0,0 +1,627 @@ +.. _community.aws.iam_role_info_module: + + +*************************** +community.aws.iam_role_info +*************************** + +**Gather information on IAM roles** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gathers information about IAM roles. +- This module was called ``iam_role_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    Name of a role to search for.
    +
    Mutually exclusive with path_prefix.
    +

    aliases: role_name
    +
    +
    + path_prefix + +
    + string +
    +     		+ +
    Prefix of role to restrict IAM role search for.
    +
    Mutually exclusive with name.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: find all existing IAM roles + community.aws.iam_role_info: + register: result + + - name: describe a single role + community.aws.iam_role_info: + name: MyIAMRole + + - name: describe all roles matching a path prefix + community.aws.iam_role_info: + path_prefix: /application/path + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + iam_roles + +
    + complex +
    +     		always +
    List of IAM roles
    +
    +
      +
    + arn + +
    + string +
    +     		always +
    Amazon Resource Name for IAM role.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:role/AnsibleTestRole
    +
      +
    + assume_role_policy_document + +
    + string +
    +     		always +
    Policy Document describing what can assume the role.
    +
    +
      +
    + create_date + +
    + string +
    +     		always +
    Date IAM role was created.
    +
    +
    Sample:
    +
    2017-10-23T00:05:08+00:00
    +
      +
    + inline_policies + +
    + list +
    +     		always +
    List of names of inline policies.
    +
    +
      +
    + instance_profiles + +
    + complex +
    +     		always +
    List of attached instance profiles.
    +
    +
       +
    + arn + +
    + string +
    +     		always +
    Amazon Resource Name for the instance profile.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:instance-profile/AnsibleTestEC2Policy
    +
       +
    + create_date + +
    + string +
    +     		always +
    Date instance profile was created.
    +
    +
    Sample:
    +
    2017-10-23T00:05:08+00:00
    +
       +
    + instance_profile_id + +
    + string +
    +     		always +
    Amazon Identifier for the instance profile.
    +
    +
    Sample:
    +
    AROAII7ABCD123456EFGH
    +
       +
    + instance_profile_name + +
    + string +
    +     		always +
    Name of instance profile.
    +
    +
    Sample:
    +
    AnsibleTestEC2Policy
    +
       +
    + path + +
    + string +
    +     		always +
    Path of instance profile.
    +
    +
    Sample:
    +
    /
    +
       +
    + roles + +
    + list +
    +     		always +
    List of roles associated with this instance profile.
    +
    +
      +
    + managed_policies + +
    + complex +
    +     		always +
    List of attached managed policies.
    +
    +
       +
    + policy_arn + +
    + string +
    +     		always +
    Amazon Resource Name for the policy.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:policy/AnsibleTestEC2Policy
    +
       +
    + policy_name + +
    + string +
    +     		always +
    Name of managed policy.
    +
    +
    Sample:
    +
    AnsibleTestEC2Policy
    +
      +
    + path + +
    + string +
    +     		always +
    Path of role.
    +
    +
    Sample:
    +
    /
    +
      +
    + role_id + +
    + string +
    +     		always +
    Amazon Identifier for the role.
    +
    +
    Sample:
    +
    AROAII7ABCD123456EFGH
    +
      +
    + role_name + +
    + string +
    +     		always +
    Name of the role.
    +
    +
    Sample:
    +
    AnsibleTestRole
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    Role tags.
    +
    +
    Sample:
    +
    {"Env": "Prod"}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + diff --git a/docs/community.aws.iam_role_module.rst b/docs/community.aws.iam_role_module.rst new file mode 100644 index 00000000000..7f8a2d60458 --- /dev/null +++ b/docs/community.aws.iam_role_module.rst @@ -0,0 +1,662 @@ +.. _community.aws.iam_role_module: + + +********************** +community.aws.iam_role +********************** + +**Manage AWS IAM roles** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage AWS IAM roles. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + assume_role_policy_document + +
    + json +
    +     		+ +
    The trust relationship policy document that grants an entity permission to assume the role.
    +
    This parameter is required when state=present.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + boundary + +
    + string +
    +     		+ +
    The ARN of an IAM managed policy to use to restrict the permissions this role can pass on to IAM roles/users that it creates.
    +
    Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
    +
    This is intended for roles/users that have permissions to create new IAM objects.
    + +
    Requires botocore 1.10.57 or above.
    +

    aliases: boundary_policy_arn
    +
    +
    + create_instance_profile + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Creates an IAM instance profile along with the role.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delete_instance_profile + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When delete_instance_profile=true and state=absent deleting a role will also delete the instance profile created with the same name as the role.
    +
    Only applies when state=absent.
    +
    +
    + description + +
    + string +
    +     		+ +
    Provides a description of the role.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + managed_policies + +
    + list +
    +     		+ +
    A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
    +
    To remove all policies set purge_polices=true and managed_policies=[None].
    +
    To embed an inline policy, use community.aws.iam_policy.
    +

    aliases: managed_policy
    +
    +
    + max_session_duration + +
    + integer +
    +     		+ +
    The maximum duration (in seconds) of a session when assuming the role.
    +
    Valid values are between 1 and 12 hours (3600 and 43200 seconds).
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the role to create.
    +
    +
    + path + +
    + string +
    +     		+ Default:
    "/"
    +     		+
    The path to the role. For more information about paths, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_policies + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    +
    By default purge_policies=true. In Ansible 2.14 this will be changed to purge_policies=false.
    +

    aliases: purge_policy, purge_managed_policies
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Remove tags not listed in tags when tags is specified.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove the IAM role.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Tag dict to apply to the queue.
    +
    Requires botocore 1.12.46 or above.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create a role with description and tags + community.aws.iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file','policy.json') }}" + description: This is My New Role + tags: + env: dev + + - name: "Create a role and attach a managed policy called 'PowerUserAccess'" + community.aws.iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file','policy.json') }}" + managed_policies: + - arn:aws:iam::aws:policy/PowerUserAccess + + - name: Keep the role created above but remove all managed policies + community.aws.iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file','policy.json') }}" + managed_policies: [] + + - name: Delete the role + community.aws.iam_role: + name: mynewrole + assume_role_policy_document: "{{ lookup('file', 'policy.json') }}" + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + iam_role + +
    + complex +
    +     		success +
    dictionary containing the IAM Role data
    +
    +
      +
    + arn + +
    + string +
    +     		always +
    the Amazon Resource Name (ARN) specifying the role
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:role/mynewrole
    +
      +
    + assume_role_policy_document + +
    + string +
    +     		always +
    the policy that grants an entity permission to assume the role
    +
    +
    Sample:
    +
    {'statement': [{'action': 'sts:AssumeRole', 'effect': 'Allow', 'principal': {'service': 'ec2.amazonaws.com'}, 'sid': ''}], 'version': '2012-10-17'}
    +
      +
    + attached_policies + +
    + list +
    +     		always +
    a list of dicts containing the name and ARN of the managed IAM policies attached to the role
    +
    +
    Sample:
    +
    [{'policy_arn': 'arn:aws:iam::aws:policy/PowerUserAccess', 'policy_name': 'PowerUserAccess'}]
    +
      +
    + create_date + +
    + string +
    +     		always +
    the date and time, in ISO 8601 date-time format, when the role was created
    +
    +
    Sample:
    +
    2016-08-14T04:36:28+00:00
    +
      +
    + path + +
    + string +
    +     		always +
    the path to the role
    +
    +
    Sample:
    +
    /
    +
      +
    + role_id + +
    + string +
    +     		always +
    the stable and unique string identifying the role
    +
    +
    Sample:
    +
    ABCDEFF4EZ4ABCDEFV4ZC
    +
      +
    + role_name + +
    + string +
    +     		always +
    the friendly name that identifies the role
    +
    +
    Sample:
    +
    myrole
    +
      +
    + tags + +
    + dictionary +
    +     		always +
    role tags
    +
    +
    Sample:
    +
    {"Env": "Prod"}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.iam_saml_federation_module.rst b/docs/community.aws.iam_saml_federation_module.rst new file mode 100644 index 00000000000..da4e8adb396 --- /dev/null +++ b/docs/community.aws.iam_saml_federation_module.rst @@ -0,0 +1,399 @@ +.. _community.aws.iam_saml_federation_module: + + +********************************* +community.aws.iam_saml_federation +********************************* + +**Maintain IAM SAML federation configuration.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Provides a mechanism to manage AWS IAM SAML Identity Federation providers (create/update/delete metadata). + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the provider to create.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + saml_metadata_document + +
    + string +
    +     		+ +
    The XML document generated by an identity provider (IdP) that supports SAML 2.0.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create or delete identity provider. If 'present' is specified it will attempt to update the identity provider matching the name field.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # It is assumed that their matching environment variables are set. + # Creates a new iam saml identity provider if not present + - name: saml provider + community.aws.iam_saml_federation: + name: example1 + # the > below opens an indented block, so no escaping/quoting is needed when in the indentation level under this key + saml_metadata_document: > + ... + `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + saml_provider + +
    + complex +
    +     		present +
    Details of the SAML Identity Provider that was created/modified.
    +
    +
      +
    + arn + +
    + string +
    +     		present +
    The ARN of the identity provider.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:saml-provider/my_saml_provider
    +
      +
    + create_date + +
    + string +
    +     		present +
    The date and time when the SAML provider was created in ISO 8601 date-time format.
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    +
      +
    + expire_date + +
    + string +
    +     		present +
    The expiration date and time for the SAML provider in ISO 8601 date-time format.
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    +
      +
    + metadata_document + +
    + string +
    +     		present +
    The XML metadata document that includes information about an identity provider.
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Tony (@axc450) +- Aidan Rowe (@aidan-) + + diff --git a/docs/community.aws.iam_server_certificate_info_module.rst b/docs/community.aws.iam_server_certificate_info_module.rst new file mode 100644 index 00000000000..7dcc4995460 --- /dev/null +++ b/docs/community.aws.iam_server_certificate_info_module.rst @@ -0,0 +1,388 @@ +.. _community.aws.iam_server_certificate_info_module: + + +***************************************** +community.aws.iam_server_certificate_info +***************************************** + +**Retrieve the information of a server certificate** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Retrieve the attributes of a server certificate. +- This module was called ``iam_server_certificate_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the server certificate you are retrieving attributes for.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Retrieve server certificate + community.aws.iam_server_certificate_info: + name: production-cert + register: server_cert + + - name: Fail if the server certificate name was not found + community.aws.iam_server_certificate_info: + name: production-cert + register: server_cert + failed_when: "{{ server_cert.results | length == 0 }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + arn + +
    + string +
    +     		success +
    The Amazon resource name of the server certificate
    +
    +
    Sample:
    +
    arn:aws:iam::911277865346:server-certificate/server-cert-name
    +
    +
    + certificate_body + +
    + string +
    +     		success +
    The asn1der encoded PEM string
    +
    +
    Sample:
    +
    -----BEGIN CERTIFICATE----- bunch of random data -----END CERTIFICATE-----
    +
    +
    + expiration + +
    + string +
    +     		success +
    The date and time this server certificate will expire, in ISO 8601 format.
    +
    +
    Sample:
    +
    2017-06-15T12:00:00+00:00
    +
    +
    + path + +
    + string +
    +     		success +
    The path of the server certificate
    +
    +
    Sample:
    +
    /
    +
    +
    + server_certificate_id + +
    + string +
    +     		success +
    The 21 character certificate id
    +
    +
    Sample:
    +
    ADWAJXWTZAXIPIMQHMJPO
    +
    +
    + server_certificate_name + +
    + string +
    +     		success +
    The name of the server certificate
    +
    +
    Sample:
    +
    server-cert-name
    +
    +
    + upload_date + +
    + string +
    +     		success +
    The date and time this server certificate was uploaded, in ISO 8601 format.
    +
    +
    Sample:
    +
    2015-04-25T00:36:40+00:00
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Allen Sanabria (@linuxdynasty) + + diff --git a/docs/community.aws.iam_user_info_module.rst b/docs/community.aws.iam_user_info_module.rst new file mode 100644 index 00000000000..8236d83bf83 --- /dev/null +++ b/docs/community.aws.iam_user_info_module.rst @@ -0,0 +1,430 @@ +.. _community.aws.iam_user_info_module: + + +*************************** +community.aws.iam_user_info +*************************** + +**Gather IAM user(s) facts in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module can be used to gather IAM user(s) facts in AWS. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + group + +
    + string +
    +     		+ +
    The group name name of the IAM user to look for. Mutually exclusive with path.
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the IAM user to look for.
    +
    +
    + path + +
    + string +
    +     		+ Default:
    "/"
    +     		+
    The path to the IAM user. Mutually exclusive with group.
    +
    If specified, then would get all user names whose path starts with user provided value.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Gather facts about "test" user. + - name: Get IAM user facts + community.aws.iam_user_info: + name: "test" + + # Gather facts about all users in the "dev" group. + - name: Get IAM user facts + community.aws.iam_user_info: + group: "dev" + + # Gather facts about all users with "/division_abc/subdivision_xyz/" path. + - name: Get IAM user facts + community.aws.iam_user_info: + path: "/division_abc/subdivision_xyz/" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + iam_users + +
    + complex +
    +     		success +
    list of maching iam users
    +
    +
      +
    + arn + +
    + string +
    +     		if user exists +
    the ARN of the user
    +
    +
    Sample:
    +
    arn:aws:iam::156360693172:user/dev/test_user
    +
      +
    + create_date + +
    + string +
    +     		if user exists +
    the datetime user was created
    +
    +
    Sample:
    +
    2016-05-24T12:24:59+00:00
    +
      +
    + password_last_used + +
    + string +
    +     		if password was used at least once +
    the last datetime the password was used by user
    +
    +
    Sample:
    +
    2016-05-25T13:39:11+00:00
    +
      +
    + path + +
    + string +
    +     		if user exists +
    the path to user
    +
    +
    Sample:
    +
    /dev/
    +
      +
    + user_id + +
    + string +
    +     		if user exists +
    the unique user id
    +
    +
    Sample:
    +
    AIDUIOOCQKTUGI6QJLGH2
    +
      +
    + user_name + +
    + string +
    +     		if user exists +
    the user name
    +
    +
    Sample:
    +
    test_user
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Constantin Bugneac (@Constantin07) +- Abhijeet Kasurde (@Akasurde) + + diff --git a/docs/community.aws.iam_user_module.rst b/docs/community.aws.iam_user_module.rst new file mode 100644 index 00000000000..6cdf3bf9d6c --- /dev/null +++ b/docs/community.aws.iam_user_module.rst @@ -0,0 +1,448 @@ +.. _community.aws.iam_user_module: + + +********************** +community.aws.iam_user +********************** + +**Manage AWS IAM users** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage AWS IAM users. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + managed_policies + +
    + list +
    +     		+ +
    A list of managed policy ARNs or friendly names to attach to the user.
    +
    To embed an inline policy, use community.aws.iam_policy.
    +

    aliases: managed_policy
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the user to create.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_policies + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    +

    aliases: purge_policy, purge_managed_policies
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or remove the IAM user.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + # Note: This module does not allow management of groups that users belong to. + # Groups should manage their membership directly using `iam_group`, + # as users belong to them. + + - name: Create a user + community.aws.iam_user: + name: testuser1 + state: present + + - name: Create a user and attach a managed policy using its ARN + community.aws.iam_user: + name: testuser1 + managed_policies: + - arn:aws:iam::aws:policy/AmazonSNSFullAccess + state: present + + - name: Remove all managed policies from an existing user with an empty list + community.aws.iam_user: + name: testuser1 + state: present + purge_policies: true + + - name: Delete the user + community.aws.iam_user: + name: testuser1 + state: absent + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + user + +
    + complex +
    +     		success +
    dictionary containing all the user information
    +
    +
      +
    + arn + +
    + string +
    +     		+
    the Amazon Resource Name (ARN) specifying the user
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:user/testuser1
    +
      +
    + create_date + +
    + string +
    +     		+
    the date and time, in ISO 8601 date-time format, when the user was created
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    +
      +
    + path + +
    + string +
    +     		+
    the path to the user
    +
    +
    Sample:
    +
    /
    +
      +
    + user_id + +
    + string +
    +     		+
    the stable and unique string identifying the user
    +
    +
    Sample:
    +
    AGPAIDBWE12NSFINE55TM
    +
      +
    + user_name + +
    + string +
    +     		+
    the friendly name that identifies the user
    +
    +
    Sample:
    +
    testuser1
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Josh Souza (@joshsouza) + + diff --git a/docs/community.aws.kinesis_stream_module.rst b/docs/community.aws.kinesis_stream_module.rst new file mode 100644 index 00000000000..1193e820132 --- /dev/null +++ b/docs/community.aws.kinesis_stream_module.rst @@ -0,0 +1,569 @@ +.. _community.aws.kinesis_stream_module: + + +**************************** +community.aws.kinesis_stream +**************************** + +**Manage a Kinesis Stream.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or Delete a Kinesis Stream. +- Update the retention period of a Kinesis Stream. +- Update Tags on a Kinesis Stream. +- Enable/disable server side encryption on a Kinesis Stream. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + encryption_state + +
    + string +
    +     		+
      Choices: +
    • enabled
      • +
    • disabled
      • +
    +     		+
    Enable or Disable encryption on the Kinesis Stream.
    +
    +
    + encryption_type + +
    + string +
    +     		+
      Choices: +
    • KMS
      • +
    • NONE
      • +
    +     		+
    The type of encryption.
    +
    Defaults to KMS
    +
    +
    + key_id + +
    + string +
    +     		+ +
    The GUID or alias for the KMS key.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name of the Kinesis Stream you are managing.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + retention_period + +
    + integer +
    +     		+ +
    The length of time (in hours) data records are accessible after they are added to the stream.
    +
    The default retention period is 24 hours and can not be less than 24 hours.
    +
    The maximum retention period is 168 hours.
    +
    The retention period can be modified during any point in time.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + shards + +
    + integer +
    +     		+ +
    The number of shards you want to have with this stream.
    +
    This is required when state=present
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or Delete the Kinesis Stream.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.
    +

    aliases: resource_tags
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for operation to complete before returning.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    How many seconds to wait for an operation to complete before timing out.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Basic creation example: + - name: Set up Kinesis Stream with 10 shards and wait for the stream to become ACTIVE + community.aws.kinesis_stream: + name: test-stream + shards: 10 + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic creation example with tags: + - name: Set up Kinesis Stream with 10 shards, tag the environment, and wait for the stream to become ACTIVE + community.aws.kinesis_stream: + name: test-stream + shards: 10 + tags: + Env: development + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic creation example with tags and increase the retention period from the default 24 hours to 48 hours: + - name: Set up Kinesis Stream with 10 shards, tag the environment, increase the retention period and wait for the stream to become ACTIVE + community.aws.kinesis_stream: + name: test-stream + retention_period: 48 + shards: 10 + tags: + Env: development + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic delete example: + - name: Delete Kinesis Stream test-stream and wait for it to finish deleting. + community.aws.kinesis_stream: + name: test-stream + state: absent + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic enable encryption example: + - name: Encrypt Kinesis Stream test-stream. + community.aws.kinesis_stream: + name: test-stream + state: present + encryption_state: enabled + encryption_type: KMS + key_id: alias/aws/kinesis + wait: yes + wait_timeout: 600 + register: test_stream + + # Basic disable encryption example: + - name: Encrypt Kinesis Stream test-stream. + community.aws.kinesis_stream: + name: test-stream + state: present + encryption_state: disabled + encryption_type: KMS + key_id: alias/aws/kinesis + wait: yes + wait_timeout: 600 + register: test_stream + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + retention_period_hours + +
    + integer +
    +     		when state == present. +
    Number of hours messages will be kept for a Kinesis Stream.
    +
    +
    Sample:
    +
    24
    +
    +
    + stream_arn + +
    + string +
    +     		when state == present. +
    The amazon resource identifier
    +
    +
    Sample:
    +
    arn:aws:kinesis:east-side:123456789:stream/test-stream
    +
    +
    + stream_name + +
    + string +
    +     		when state == present. +
    The name of the Kinesis Stream.
    +
    +
    Sample:
    +
    test-stream
    +
    +
    + stream_status + +
    + string +
    +     		when state == present. +
    The current state of the Kinesis Stream.
    +
    +
    Sample:
    +
    ACTIVE
    +
    +
    + tags + +
    + dictionary +
    +     		when state == present. +
    Dictionary containing all the tags associated with the Kinesis stream.
    +
    +
    Sample:
    +
    {'Name': 'Splunk', 'Env': 'development'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Allen Sanabria (@linuxdynasty) + + diff --git a/docs/community.aws.lambda_alias_module.rst b/docs/community.aws.lambda_alias_module.rst new file mode 100644 index 00000000000..d7d677458a6 --- /dev/null +++ b/docs/community.aws.lambda_alias_module.rst @@ -0,0 +1,451 @@ +.. _community.aws.lambda_alias_module: + + +************************** +community.aws.lambda_alias +************************** + +**Creates, updates or deletes AWS Lambda function aliases** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda functions aliases via the Ansible framework. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.lambda ` to manage the lambda function itself and :ref:`community.aws.lambda_event ` to manage event source mappings. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A short, user-defined function alias description.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + function_name + +
    + string + / required
    +     		+ +
    The name of the function alias.
    +
    +
    + function_version + +
    + integer +
    +     		+ +
    Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
    +

    aliases: version
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the function alias.
    +

    aliases: alias_name
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Simple example to create a lambda function and publish a version + - hosts: localhost + gather_facts: no + vars: + state: present + project_folder: /path/to/deployment/package + deployment_package: lambda.zip + account: 123456789012 + production_version: 5 + tasks: + - name: AWS Lambda Function + lambda: + state: "{{ state | default('present') }}" + name: myLambdaFunction + publish: True + description: lambda function description + code_s3_bucket: package-bucket + code_s3_key: "lambda/{{ deployment_package }}" + local_path: "{{ project_folder }}/{{ deployment_package }}" + runtime: python2.7 + timeout: 5 + handler: lambda.handler + memory_size: 128 + role: "arn:aws:iam::{{ account }}:role/API2LambdaExecRole" + + - name: Get information + lambda_info: + name: myLambdaFunction + register: lambda_info + - name: show results + debug: + msg: "{{ lambda_info['lambda_facts'] }}" + + # The following will set the Dev alias to the latest version ($LATEST) since version is omitted (or = 0) + - name: "alias 'Dev' for function {{ lambda_info.lambda_facts.FunctionName }} " + community.aws.lambda_alias: + state: "{{ state | default('present') }}" + function_name: "{{ lambda_info.lambda_facts.FunctionName }}" + name: Dev + description: Development is $LATEST version + + # The QA alias will only be created when a new version is published (i.e. not = '$LATEST') + - name: "alias 'QA' for function {{ lambda_info.lambda_facts.FunctionName }} " + community.aws.lambda_alias: + state: "{{ state | default('present') }}" + function_name: "{{ lambda_info.lambda_facts.FunctionName }}" + name: QA + version: "{{ lambda_info.lambda_facts.Version }}" + description: "QA is version {{ lambda_info.lambda_facts.Version }}" + when: lambda_info.lambda_facts.Version != "$LATEST" + + # The Prod alias will have a fixed version based on a variable + - name: "alias 'Prod' for function {{ lambda_info.lambda_facts.FunctionName }} " + community.aws.lambda_alias: + state: "{{ state | default('present') }}" + function_name: "{{ lambda_info.lambda_facts.FunctionName }}" + name: Prod + version: "{{ production_version }}" + description: "Production is version {{ production_version }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + alias_arn + +
    + string +
    +     		success +
    Full ARN of the function, including the alias
    +
    +
    Sample:
    +
    arn:aws:lambda:us-west-2:123456789012:function:myFunction:dev
    +
    +
    + description + +
    + string +
    +     		success +
    A short description of the alias
    +
    +
    Sample:
    +
    The development stage for my hot new app
    +
    +
    + function_version + +
    + string +
    +     		success +
    The qualifier that the alias refers to
    +
    +
    Sample:
    +
    $LATEST
    +
    +
    + name + +
    + string +
    +     		success +
    The name of the alias assigned
    +
    +
    Sample:
    +
    dev
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin), Ryan Scott Brown (@ryansb) + + diff --git a/docs/community.aws.lambda_event_module.rst b/docs/community.aws.lambda_event_module.rst new file mode 100644 index 00000000000..4649d985667 --- /dev/null +++ b/docs/community.aws.lambda_event_module.rst @@ -0,0 +1,453 @@ +.. _community.aws.lambda_event_module: + + +************************** +community.aws.lambda_event +************************** + +**Creates, updates or deletes AWS Lambda function event mappings** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda function event source mappings such as DynamoDB and Kinesis stream events via the Ansible framework. These event source mappings are relevant only in the AWS Lambda pull model, where AWS Lambda invokes the function. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.lambda ` to manage the lambda function itself and :ref:`community.aws.lambda_alias ` to manage function aliases. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + alias + +
    + string +
    +     		+ +
    Name of the function alias.
    +
    Mutually exclusive with version.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + event_source + +
    + string +
    +     		+
      Choices: +
    • stream ←
      • +
    • sqs
      • +
    +     		+
    Source of the event that triggers the lambda function.
    +
    For DynamoDB and Kinesis events, select stream
    +
    For SQS queues, select sqs
    +
    +
    + lambda_function_arn + +
    + string + / required
    +     		+ +
    The name or ARN of the lambda function.
    +

    aliases: function_name, function_arn
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + source_params + +
    + dictionary + / required
    +     		+ +
    Sub-parameters required for event source.
    +
    +
    + batch_size + +
    + integer +
    +     		+ Default:
    100
    +     		+
    The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
    +
    +
    + enabled + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    + Default:
    "true."
    +     		+
    Indicates whether AWS Lambda should begin polling or readin from the event source.
    +
    +
    + source_arn + +
    + string + / required
    +     		+ +
    The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
    +
    +
    + starting_position + +
    + string +
    +     		+
      Choices: +
    • TRIM_HORIZON
      • +
    • LATEST
      • +
    +     		+
    The position in the stream where AWS Lambda should start reading.
    +
    Required when event_source=stream.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + version + +
    + integer +
    +     		+ +
    Version of the Lambda function.
    +
    Mutually exclusive with alias.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Example that creates a lambda event notification for a DynamoDB stream + - name: DynamoDB stream event mapping + community.aws.lambda_event: + state: present + event_source: stream + function_name: "{{ function_name }}" + alias: Dev + source_params: + source_arn: arn:aws:dynamodb:us-east-1:123456789012:table/tableName/stream/2016-03-19T19:51:37.457 + enabled: True + batch_size: 100 + starting_position: TRIM_HORIZON + register: event + + - name: Show source event + debug: + var: event.lambda_stream_events + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + lambda_stream_events + +
    + list +
    +     		success +
    list of dictionaries returned by the API describing stream event mappings
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin), Ryan Brown (@ryansb) + + diff --git a/docs/community.aws.lambda_facts_module.rst b/docs/community.aws.lambda_facts_module.rst new file mode 100644 index 00000000000..d2f95f4a830 --- /dev/null +++ b/docs/community.aws.lambda_facts_module.rst @@ -0,0 +1,375 @@ +.. _community.aws.lambda_facts_module: + + +************************** +community.aws.lambda_facts +************************** + +**Gathers AWS Lambda function details as Ansible facts** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2021-12-01 +:Why: Deprecated in favour of ``_info`` module. +:Alternative: Use :ref:`community.aws.lambda_info ` instead. + + + +Synopsis +-------- +- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_event ` to manage lambda event source mappings. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + event_source_arn + +
    + string +
    +     		+ +
    For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    +
    +
    + function_name + +
    + string +
    +     		+ +
    The name of the lambda function for which facts are requested.
    +

    aliases: function, name
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + query + +
    + string +
    +     		+
      Choices: +
    • aliases
      • +
    • all ←
      • +
    • config
      • +
    • mappings
      • +
    • policy
      • +
    • versions
      • +
    +     		+
    Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Simple example of listing all info for a function + - name: List all for a specific function + community.aws.lambda_facts: + query: all + function_name: myFunction + register: my_function_details + + # List all versions of a function + - name: List function versions + community.aws.lambda_facts: + query: versions + function_name: myFunction + register: my_function_versions + + # List all lambda function versions + - name: List all function + community.aws.lambda_facts: + query: all + max_items: 20 + - name: show Lambda facts + debug: + var: lambda_facts + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + lambda_facts + +
    + dictionary +
    +     		success +
    lambda facts
    +
    +
    +
    + lambda_facts.function + +
    + dictionary +
    +     		success +
    lambda function list
    +
    +
    +
    + lambda_facts.function.TheName + +
    + dictionary +
    +     		success +
    lambda function information, including event, mapping, and version information
    +
    +
    +

    + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin) + + diff --git a/docs/community.aws.lambda_info_module.rst b/docs/community.aws.lambda_info_module.rst new file mode 100644 index 00000000000..f269b0c7986 --- /dev/null +++ b/docs/community.aws.lambda_info_module.rst @@ -0,0 +1,349 @@ +.. _community.aws.lambda_info_module: + + +************************* +community.aws.lambda_info +************************* + +**Gathers AWS Lambda function details** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. +- Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_event ` to manage lambda event source mappings. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + event_source_arn + +
    + string +
    +     		+ +
    When query=mappings, this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    +
    +
    + function_name + +
    + string +
    +     		+ +
    The name of the lambda function for which information is requested.
    +

    aliases: function, name
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + query + +
    + string +
    +     		+
      Choices: +
    • aliases
      • +
    • all ←
      • +
    • config
      • +
    • mappings
      • +
    • policy
      • +
    • versions
      • +
    +     		+
    Specifies the resource type for which to gather information. Leave blank to retrieve all information.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Simple example of listing all info for a function + - name: List all for a specific function + community.aws.lambda_info: + query: all + function_name: myFunction + register: my_function_details + # List all versions of a function + - name: List function versions + community.aws.lambda_info: + query: versions + function_name: myFunction + register: my_function_versions + # List all lambda function versions + - name: List all function + community.aws.lambda_info: + query: all + max_items: 20 + register: output + - name: show Lambda information + debug: + msg: "{{ output['function'] }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + function + +
    + dictionary +
    +     		success +
    lambda function list
    +
    +
    +
    + function.TheName + +
    + dictionary +
    +     		success +
    lambda function information, including event, mapping, and version information
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin) + + diff --git a/docs/community.aws.lambda_module.rst b/docs/community.aws.lambda_module.rst new file mode 100644 index 00000000000..84ecb936cec --- /dev/null +++ b/docs/community.aws.lambda_module.rst @@ -0,0 +1,617 @@ +.. _community.aws.lambda_module: + + +******************** +community.aws.lambda +******************** + +**Manage AWS Lambda functions** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Allows for the management of Lambda functions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + dead_letter_arn + +
    + string +
    +     		+ +
    The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + environment_variables + +
    + dictionary +
    +     		+ +
    A dictionary of environment variables the Lambda function is given.
    +
    +
    + handler + +
    + string +
    +     		+ +
    The function within your code that Lambda calls to begin execution.
    +
    +
    + memory_size + +
    + integer +
    +     		+ Default:
    128
    +     		+
    The amount of memory, in MB, your Lambda function is given.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name you want to assign to the function you are uploading. Cannot be changed.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.
    +
    Required when state=present.
    +
    +
    + runtime + +
    + string +
    +     		+ +
    The runtime environment for the Lambda function you are uploading.
    +
    Required when creating a function. Uses parameters as described in boto3 docs.
    +
    Required when state=present.
    + +
    +
    + s3_bucket + +
    + string +
    +     		+ +
    Amazon S3 bucket name where the .zip file containing your deployment package is stored.
    +
    If state=present then either zip_file or s3_bucket must be present.
    +
    s3_bucket and s3_key are required together.
    +
    +
    + s3_key + +
    + string +
    +     		+ +
    The Amazon S3 object (the deployment package) key name you want to upload.
    +
    s3_bucket and s3_key are required together.
    +
    +
    + s3_object_version + +
    + string +
    +     		+ +
    The Amazon S3 object (the deployment package) version you want to upload.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete Lambda function.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    tag dict to apply to the function (requires botocore 1.5.40 or above).
    +
    +
    + timeout + +
    + integer +
    +     		+ Default:
    3
    +     		+
    The function maximum execution time in seconds after which Lambda should terminate the function.
    +
    +
    + tracing_mode + +
    + string +
    +     		+
      Choices: +
    • Active
      • +
    • PassThrough
      • +
    +     		+
    Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_security_group_ids + +
    + list + / elements=string
    +     		+ +
    List of VPC security group IDs to associate with the Lambda function.
    +
    Required when vpc_subnet_ids is used.
    +
    +
    + vpc_subnet_ids + +
    + list + / elements=string
    +     		+ +
    List of subnet IDs to run Lambda function in.
    +
    Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
    +
    If set, vpc_security_group_ids must also be set.
    +
    +
    + zip_file + +
    + string +
    +     		+ +
    A .zip file containing your deployment package
    +
    If state=present then either zip_file or s3_bucket must be present.
    +

    aliases: src
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Create Lambda functions + - name: looped creation + community.aws.lambda: + name: '{{ item.name }}' + state: present + zip_file: '{{ item.zip_file }}' + runtime: 'python2.7' + role: 'arn:aws:iam::987654321012:role/lambda_basic_execution' + handler: 'hello_python.my_handler' + vpc_subnet_ids: + - subnet-123abcde + - subnet-edcba321 + vpc_security_group_ids: + - sg-123abcde + - sg-edcba321 + environment_variables: '{{ item.env_vars }}' + tags: + key1: 'value1' + loop: + - name: HelloWorld + zip_file: hello-code.zip + env_vars: + key1: "first" + key2: "second" + - name: ByeBye + zip_file: bye-code.zip + env_vars: + key1: "1" + key2: "2" + + # To remove previously added tags pass an empty dict + - name: remove tags + community.aws.lambda: + name: 'Lambda function' + state: present + zip_file: 'code.zip' + runtime: 'python2.7' + role: 'arn:aws:iam::987654321012:role/lambda_basic_execution' + handler: 'hello_python.my_handler' + tags: {} + + # Basic Lambda function deletion + - name: Delete Lambda functions HelloWorld and ByeBye + community.aws.lambda: + name: '{{ item }}' + state: absent + loop: + - HelloWorld + - ByeBye + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + code + +
    + dictionary +
    +     		success +
    the lambda function location returned by get_function in boto3
    +
    +
    Sample:
    +
    {'location': 'a presigned S3 URL', 'repository_type': 'S3'}
    +
    +
    + configuration + +
    + dictionary +
    +     		success +
    the lambda function metadata returned by get_function in boto3
    +
    +
    Sample:
    +
    {'code_sha256': 'zOAGfF5JLFuzZoSNirUtOrQp+S341IOA3BcoXXoaIaU=', 'code_size': 123, 'description': 'My function', 'environment': {'variables': {'key': 'value'}}, 'function_arn': 'arn:aws:lambda:us-east-1:123456789012:function:myFunction:1', 'function_name': 'myFunction', 'handler': 'index.handler', 'last_modified': '2017-08-01T00:00:00.000+0000', 'memory_size': 128, 'revision_id': 'a2x9886d-d48a-4a0c-ab64-82abc005x80c', 'role': 'arn:aws:iam::123456789012:role/lambda_basic_execution', 'runtime': 'nodejs6.10', 'tracing_config': {'mode': 'Active'}, 'timeout': 3, 'version': '1', 'vpc_config': {'security_group_ids': [], 'subnet_ids': [], 'vpc_id': '123'}}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Steyn Huizinga (@steynovich) + + diff --git a/docs/community.aws.lambda_policy_module.rst b/docs/community.aws.lambda_policy_module.rst new file mode 100644 index 00000000000..e9864920a4c --- /dev/null +++ b/docs/community.aws.lambda_policy_module.rst @@ -0,0 +1,436 @@ +.. _community.aws.lambda_policy_module: + + +*************************** +community.aws.lambda_policy +*************************** + +**Creates, updates or deletes AWS Lambda policy statements.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda policy statements. +- It is idempotent and supports "Check" mode. +- Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases, :ref:`community.aws.lambda_event ` to manage event source mappings such as Kinesis streams, :ref:`community.aws.execute_lambda ` to execute a lambda function and :ref:`community.aws.lambda_info ` to gather information relating to one or more lambda functions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + action + +
    + string + / required
    +     		+ +
    The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:*) to grant permission for all AWS Lambda actions.
    +
    +
    + alias + +
    + string +
    +     		+ +
    Name of the function alias. Mutually exclusive with version.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + event_source_token + +
    + string +
    +     		+ +
    Token string representing source ARN or account. Mutually exclusive with source_arn or source_account.
    +
    +
    + function_name + +
    + string + / required
    +     		+ +
    Name of the Lambda function whose resource policy you are updating by adding a new permission.
    +
    You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the
    +
    function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to
    +
    specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the
    +
    ARN. If you specify only the function name, it is limited to 64 character in length.
    +

    aliases: lambda_function_arn, function_arn
    +
    +
    + principal + +
    + string + / required
    +     		+ +
    The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + source_account + +
    + string +
    +     		+ +
    The AWS account ID (without a hyphen) of the source owner. For example, if source_arn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the source_arn ) owned by a specific account.
    +
    +
    + source_arn + +
    + string +
    +     		+ +
    This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + statement_id + +
    + string + / required
    +     		+ +
    A unique statement identifier.
    +

    aliases: sid
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + version + +
    + integer +
    +     		+ +
    Version of the Lambda function. Mutually exclusive with alias.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: Lambda S3 event notification + community.aws.lambda_policy: + state: present + function_name: functionName + alias: Dev + statement_id: lambda-s3-myBucket-create-data-log + action: lambda:InvokeFunction + principal: s3.amazonaws.com + source_arn: arn:aws:s3:eu-central-1:123456789012:bucketName + source_account: 123456789012 + register: lambda_policy_action + + - name: show results + debug: + var: lambda_policy_action + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + lambda_policy_action + +
    + string +
    +     		success +
    describes what action was taken
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Pierre Jodouin (@pjodouin) +- Michael De La Rue (@mikedlr) + + diff --git a/docs/community.aws.lightsail_module.rst b/docs/community.aws.lightsail_module.rst new file mode 100644 index 00000000000..e97535cdff1 --- /dev/null +++ b/docs/community.aws.lightsail_module.rst @@ -0,0 +1,451 @@ +.. _community.aws.lightsail_module: + + +*********************** +community.aws.lightsail +*********************** + +**Manage instances in AWS Lightsail** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage instances in AWS Lightsail. +- Instance tagging is not yet supported in this module. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + blueprint_id + +
    + string +
    +     		+ +
    ID of the instance blueprint image.
    +
    Required when state=present
    +
    +
    + bundle_id + +
    + string +
    +     		+ +
    Bundle of specification info for the instance.
    +
    Required when state=present.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + key_pair_name + +
    + string +
    +     		+ +
    Name of the key pair to use with the instance.
    +
    If state=present and a key_pair_name is not provided, the default keypair from the region will be used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the instance.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • running
      • +
    • restarted
      • +
    • rebooted
      • +
    • stopped
      • +
    +     		+
    Indicate desired state of the target.
    +
    rebooted and restarted are aliases.
    +
    +
    + user_data + +
    + string +
    +     		+ +
    Launch script that can configure the instance with additional data.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for the instance to be in state 'running' before returning.
    +
    If wait=false an ip_address may not be returned.
    +
    Has no effect when state=rebooted or state=absent.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    How long before wait gives up, in seconds.
    +
    +
    + zone + +
    + string +
    +     		+ +
    AWS availability zone in which to launch the instance.
    +
    Required when state=present
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a new Lightsail instance + community.aws.lightsail: + state: present + name: my_instance + region: us-east-1 + zone: us-east-1a + blueprint_id: ubuntu_16_04 + bundle_id: nano_1_0 + key_pair_name: id_rsa + user_data: " echo 'hello world' > /home/ubuntu/test.txt" + register: my_instance + + - name: Delete an instance + community.aws.lightsail: + state: absent + region: us-east-1 + name: my_instance + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    if a snapshot has been modified/created
    +
    +
    Sample:
    +
    {'changed': True}
    +
    +
    + instance + +
    + dictionary +
    +     		always +
    instance data
    +
    +
    Sample:
    +
    {'arn': 'arn:aws:lightsail:us-east-1:448830907657:Instance/1fef0175-d6c8-480e-84fa-214f969cda87', 'blueprint_id': 'ubuntu_16_04', 'blueprint_name': 'Ubuntu', 'bundle_id': 'nano_1_0', 'created_at': '2017-03-27T08:38:59.714000-04:00', 'hardware': {'cpu_count': 1, 'ram_size_in_gb': 0.5}, 'is_static_ip': False, 'location': {'availability_zone': 'us-east-1a', 'region_name': 'us-east-1'}, 'name': 'my_instance', 'networking': {'monthly_transfer': {'gb_per_month_allocated': 1024}, 'ports': [{'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 80, 'protocol': 'tcp', 'to_port': 80}, {'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 22, 'protocol': 'tcp', 'to_port': 22}]}, 'private_ip_address': '172.26.8.14', 'public_ip_address': '34.207.152.202', 'resource_type': 'Instance', 'ssh_key_name': 'keypair', 'state': {'code': 16, 'name': 'running'}, 'support_code': '588307843083/i-0997c97831ee21e33', 'username': 'ubuntu'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Nick Ball (@nickball) +- Prasad Katti (@prasadkatti) + + diff --git a/docs/community.aws.rds_instance_info_module.rst b/docs/community.aws.rds_instance_info_module.rst new file mode 100644 index 00000000000..ebf08809687 --- /dev/null +++ b/docs/community.aws.rds_instance_info_module.rst @@ -0,0 +1,1317 @@ +.. _community.aws.rds_instance_info_module: + + +******************************* +community.aws.rds_instance_info +******************************* + +**obtain information about one or more RDS instances** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Obtain information about one or more RDS instances. +- This module was called ``rds_instance_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 +- python >= 2.7 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + db_instance_identifier + +
    + string +
    +     		+ +
    The RDS instance's unique identifier.
    +

    aliases: id
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + filters + +
    + dictionary +
    +     		+ +
    A filter that specifies one or more DB instances to describe. See https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Get information about an instance + community.aws.rds_instance_info: + db_instance_identifier: new-database + register: new_database_info + + - name: Get all RDS instances + community.aws.rds_instance_info: + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + instances + +
    + complex +
    +     		always +
    List of RDS instances
    +
    +
      +
    + allocated_storage + +
    + integer +
    +     		always +
    Gigabytes of storage allocated to the database
    +
    +
    Sample:
    +
    10
    +
      +
    + auto_minor_version_upgrade + +
    + boolean +
    +     		always +
    Whether minor version upgrades happen automatically
    +
    +
    Sample:
    +
    True
    +
      +
    + availability_zone + +
    + string +
    +     		always +
    Availability Zone in which the database resides
    +
    +
    Sample:
    +
    us-west-2b
    +
      +
    + backup_retention_period + +
    + integer +
    +     		always +
    Days for which backups are retained
    +
    +
    Sample:
    +
    7
    +
      +
    + ca_certificate_identifier + +
    + string +
    +     		always +
    ID for the CA certificate
    +
    +
    Sample:
    +
    rds-ca-2015
    +
      +
    + copy_tags_to_snapshot + +
    + boolean +
    +     		always +
    Whether DB tags should be copied to the snapshot
    +
    +
      +
    + db_instance_arn + +
    + string +
    +     		always +
    ARN of the database instance
    +
    +
    Sample:
    +
    arn:aws:rds:us-west-2:111111111111:db:helloworld-rds
    +
      +
    + db_instance_class + +
    + string +
    +     		always +
    Instance class of the database instance
    +
    +
    Sample:
    +
    db.t2.small
    +
      +
    + db_instance_identifier + +
    + string +
    +     		always +
    Database instance identifier
    +
    +
    Sample:
    +
    helloworld-rds
    +
      +
    + db_instance_port + +
    + integer +
    +     		always +
    Port used by the database instance
    +
    +
      +
    + db_instance_status + +
    + string +
    +     		always +
    Status of the database instance
    +
    +
    Sample:
    +
    available
    +
      +
    + db_name + +
    + string +
    +     		always +
    Name of the database
    +
    +
    Sample:
    +
    management
    +
      +
    + db_parameter_groups + +
    + complex +
    +     		always +
    List of database parameter groups
    +
    +
       +
    + db_parameter_group_name + +
    + string +
    +     		always +
    Name of the database parameter group
    +
    +
    Sample:
    +
    psql-pg-helloworld
    +
       +
    + parameter_apply_status + +
    + string +
    +     		always +
    Whether the parameter group has been applied
    +
    +
    Sample:
    +
    in-sync
    +
      +
    + db_security_groups + +
    + list +
    +     		always +
    List of security groups used by the database instance
    +
    +
      +
    + db_subnet_group + +
    + complex +
    +     		always +
    list of subnet groups
    +
    +
       +
    + db_subnet_group_description + +
    + string +
    +     		always +
    Description of the DB subnet group
    +
    +
    Sample:
    +
    My database subnet group
    +
       +
    + db_subnet_group_name + +
    + string +
    +     		always +
    Name of the database subnet group
    +
    +
    Sample:
    +
    my-subnet-group
    +
       +
    + subnet_group_status + +
    + string +
    +     		always +
    Subnet group status
    +
    +
    Sample:
    +
    Complete
    +
       +
    + subnets + +
    + complex +
    +     		always +
    List of subnets in the subnet group
    +
    +
        +
    + subnet_availability_zone + +
    + complex +
    +     		always +
    Availability zone of the subnet
    +
    +
         +
    + name + +
    + string +
    +     		always +
    Name of the availability zone
    +
    +
    Sample:
    +
    us-west-2c
    +
        +
    + subnet_identifier + +
    + string +
    +     		always +
    Subnet ID
    +
    +
    Sample:
    +
    subnet-abcd1234
    +
        +
    + subnet_status + +
    + string +
    +     		always +
    Subnet status
    +
    +
    Sample:
    +
    Active
    +
       +
    + vpc_id + +
    + string +
    +     		always +
    VPC id of the subnet group
    +
    +
    Sample:
    +
    vpc-abcd1234
    +
      +
    + dbi_resource_id + +
    + string +
    +     		always +
    AWS Region-unique, immutable identifier for the DB instance
    +
    +
    Sample:
    +
    db-AAAAAAAAAAAAAAAAAAAAAAAAAA
    +
      +
    + domain_memberships + +
    + list +
    +     		always +
    List of domain memberships
    +
    +
      +
    + endpoint + +
    + complex +
    +     		always +
    Database endpoint
    +
    +
       +
    + address + +
    + string +
    +     		always +
    Database endpoint address
    +
    +
    Sample:
    +
    helloworld-rds.ctrqpe3so1sf.us-west-2.rds.amazonaws.com
    +
       +
    + hosted_zone_id + +
    + string +
    +     		always +
    Route53 hosted zone ID
    +
    +
    Sample:
    +
    Z1PABCD0000000
    +
       +
    + port + +
    + integer +
    +     		always +
    Database endpoint port
    +
    +
    Sample:
    +
    5432
    +
      +
    + engine + +
    + string +
    +     		always +
    Database engine
    +
    +
    Sample:
    +
    postgres
    +
      +
    + engine_version + +
    + string +
    +     		always +
    Database engine version
    +
    +
    Sample:
    +
    9.5.10
    +
      +
    + iam_database_authentication_enabled + +
    + boolean +
    +     		always +
    Whether database authentication through IAM is enabled
    +
    +
      +
    + instance_create_time + +
    + string +
    +     		always +
    Date and time the instance was created
    +
    +
    Sample:
    +
    2017-10-10T04:00:07.434000+00:00
    +
      +
    + kms_key_id + +
    + string +
    +     		always +
    KMS Key ID
    +
    +
    Sample:
    +
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-0000-abcd-1111-0123456789ab
    +
      +
    + latest_restorable_time + +
    + string +
    +     		always +
    Latest time to which a database can be restored with point-in-time restore
    +
    +
    Sample:
    +
    2018-05-17T00:03:56+00:00
    +
      +
    + license_model + +
    + string +
    +     		always +
    License model
    +
    +
    Sample:
    +
    postgresql-license
    +
      +
    + master_username + +
    + string +
    +     		always +
    Database master username
    +
    +
    Sample:
    +
    dbadmin
    +
      +
    + monitoring_interval + +
    + integer +
    +     		always +
    Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance
    +
    +
      +
    + multi_az + +
    + boolean +
    +     		always +
    Whether Multi-AZ is on
    +
    +
      +
    + option_group_memberships + +
    + complex +
    +     		always +
    List of option groups
    +
    +
       +
    + option_group_name + +
    + string +
    +     		always +
    Option group name
    +
    +
    Sample:
    +
    default:postgres-9-5
    +
       +
    + status + +
    + string +
    +     		always +
    Status of option group
    +
    +
    Sample:
    +
    in-sync
    +
      +
    + pending_modified_values + +
    + complex +
    +     		always +
    Modified values pending application
    +
    +
      +
    + performance_insights_enabled + +
    + boolean +
    +     		always +
    Whether performance insights are enabled
    +
    +
      +
    + preferred_backup_window + +
    + string +
    +     		always +
    Preferred backup window
    +
    +
    Sample:
    +
    04:00-05:00
    +
      +
    + preferred_maintenance_window + +
    + string +
    +     		always +
    Preferred maintenance window
    +
    +
    Sample:
    +
    mon:05:00-mon:05:30
    +
      +
    + publicly_accessible + +
    + boolean +
    +     		always +
    Whether the DB is publicly accessible
    +
    +
      +
    + read_replica_db_instance_identifiers + +
    + list +
    +     		always +
    List of database instance read replicas
    +
    +
      +
    + storage_encrypted + +
    + boolean +
    +     		always +
    Whether the storage is encrypted
    +
    +
    Sample:
    +
    True
    +
      +
    + storage_type + +
    + string +
    +     		always +
    Storage type of the Database instance
    +
    +
    Sample:
    +
    gp2
    +
      +
    + tags + +
    + complex +
    +     		always +
    Tags used by the database instance
    +
    +
      +
    + vpc_security_groups + +
    + complex +
    +     		always +
    List of VPC security groups
    +
    +
       +
    + status + +
    + string +
    +     		always +
    Status of the VPC security group
    +
    +
    Sample:
    +
    active
    +
       +
    + vpc_security_group_id + +
    + string +
    +     		always +
    VPC Security Group ID
    +
    +
    Sample:
    +
    sg-abcd1234
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) +- Michael De La Rue (@mikedlr) + + diff --git a/docs/community.aws.rds_instance_module.rst b/docs/community.aws.rds_instance_module.rst new file mode 100644 index 00000000000..f10000f56ff --- /dev/null +++ b/docs/community.aws.rds_instance_module.rst @@ -0,0 +1,2432 @@ +.. _community.aws.rds_instance_module: + + +************************** +community.aws.rds_instance +************************** + +**Manage RDS instances** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modify, and delete RDS instances. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.5.0 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + allocated_storage + +
    + integer +
    +     		+ +
    The amount of storage (in gibibytes) to allocate for the DB instance.
    +
    +
    + allow_major_version_upgrade + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to allow major version upgrades.
    +
    +
    + apply_immediately + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    A value that specifies whether modifying a cluster with new_db_instance_identifier and master_user_password should be applied as soon as possible, regardless of the preferred_maintenance_window setting. If false, changes are applied during the next maintenance window.
    +
    +
    + auto_minor_version_upgrade + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether minor version upgrades are applied automatically to the DB instance during the maintenance window.
    +
    +
    + availability_zone + +
    + string +
    +     		+ +
    A list of EC2 Availability Zones that instances in the DB cluster can be created in. May be used when creating a cluster or when restoring from S3 or a snapshot. Mutually exclusive with multi_az.
    +

    aliases: az, zone
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + backup_retention_period + +
    + integer +
    +     		+ +
    The number of days for which automated backups are retained (must be greater or equal to 1). May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    +
    +
    + ca_certificate_identifier + +
    + string +
    +     		+ +
    The identifier of the CA certificate for the DB instance.
    +
    +
    + character_set_name + +
    + string +
    +     		+ +
    The character set to associate with the DB cluster.
    +
    +
    + copy_tags_to_snapshot + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to copy all tags from the DB instance to snapshots of the instance. When initially creating a DB instance the RDS API defaults this to false if unspecified.
    +
    +
    + creation_source + +
    + string +
    +     		+
      Choices: +
    • snapshot
      • +
    • s3
      • +
    • instance
      • +
    +     		+
    Which source to use if restoring from a template (an existing instance, S3 bucket, or snapshot).
    +
    +
    + db_cluster_identifier + +
    + string +
    +     		+ +
    The DB cluster (lowercase) identifier to add the aurora DB instance to. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    +

    aliases: cluster_id
    +
    +
    + db_instance_class + +
    + string +
    +     		+ +
    The compute and memory capacity of the DB instance, for example db.t2.micro.
    +

    aliases: class, instance_type
    +
    +
    + db_instance_identifier + +
    + string + / required
    +     		+ +
    The DB instance (lowercase) identifier. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    +

    aliases: instance_id, id
    +
    +
    + db_name + +
    + string +
    +     		+ +
    The name for your database. If a name is not provided Amazon RDS will not create a database.
    +
    +
    + db_parameter_group_name + +
    + string +
    +     		+ +
    The name of the DB parameter group to associate with this DB instance. When creating the DB instance if this argument is omitted the default DBParameterGroup for the specified engine is used.
    +
    +
    + db_security_groups + +
    + list +
    +     		+ +
    (EC2-Classic platform) A list of DB security groups to associate with this DB instance.
    +
    +
    + db_snapshot_identifier + +
    + string +
    +     		+ +
    The identifier for the DB snapshot to restore from if using creation_source=snapshot.
    +
    +
    + db_subnet_group_name + +
    + string +
    +     		+ +
    The DB subnet group name to use for the DB instance.
    +

    aliases: subnet_group
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + domain + +
    + string +
    +     		+ +
    The Active Directory Domain to restore the instance in.
    +
    +
    + domain_iam_role_name + +
    + string +
    +     		+ +
    The name of the IAM role to be used when making API calls to the Directory Service.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + enable_cloudwatch_logs_exports + +
    + list +
    +     		+ +
    A list of log types that need to be enabled for exporting to CloudWatch Logs.
    +

    aliases: cloudwatch_log_exports
    +
    +
    + enable_iam_database_authentication + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. If this option is omitted when creating the cluster, Amazon RDS sets this to False.
    +
    +
    + enable_performance_insights + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to enable Performance Insights for the DB instance.
    +
    +
    + engine + +
    + string +
    +     		+ +
    The name of the database engine to be used for this DB instance. This is required to create an instance. Valid choices are aurora | aurora-mysql | aurora-postgresql | mariadb | mysql | oracle-ee | oracle-se | oracle-se1 | oracle-se2 | postgres | sqlserver-ee | sqlserver-ex | sqlserver-se | sqlserver-web
    +
    +
    + engine_version + +
    + string +
    +     		+ +
    The version number of the database engine to use. For Aurora MySQL that could be 5.6.10a , 5.7.12. Aurora PostgreSQL example, 9.6.3
    +
    +
    + final_db_snapshot_identifier + +
    + string +
    +     		+ +
    The DB instance snapshot identifier of the new DB instance snapshot created when skip_final_snapshot is false.
    +

    aliases: final_snapshot_identifier
    +
    +
    + force_failover + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Set to true to conduct the reboot through a MultiAZ failover.
    +
    +
    + force_update_password + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Set to True to update your cluster password with master_user_password. Since comparing passwords to determine if it needs to be updated is not possible this is set to False by default to allow idempotence.
    +
    +
    + iops + +
    + integer +
    +     		+ +
    The Provisioned IOPS (I/O operations per second) value. Is only set when using storage_type is set to io1.
    +
    +
    + kms_key_id + +
    + string +
    +     		+ +
    The ARN of the AWS KMS key identifier for an encrypted DB instance. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
    +
    If storage_encrypted is true and and this option is not provided, the default encryption key is used.
    +
    +
    + license_model + +
    + string +
    +     		+ +
    The license model for the DB instance.
    +
    Several options are license-included, bring-your-own-license, and general-public-license.
    +
    This option can also be omitted to default to an accepted value.
    +
    +
    + master_user_password + +
    + string +
    +     		+ +
    An 8-41 character password for the master database user. The password can contain any printable ASCII character except "/", """, or "@". To modify the password use force_password_update. Use apply immediately to change the password immediately, otherwise it is updated during the next maintenance window.
    +

    aliases: password
    +
    +
    + master_username + +
    + string +
    +     		+ +
    The name of the master user for the DB cluster. Must be 1-16 letters or numbers and begin with a letter.
    +

    aliases: username
    +
    +
    + max_allocated_storage + +
    + integer +
    +     		+ +
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    +
    +
    + monitoring_interval + +
    + integer +
    +     		+ +
    The interval, in seconds, when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting metrics, specify 0. Amazon RDS defaults this to 0 if omitted when initially creating a DB instance.
    +
    +
    + monitoring_role_arn + +
    + string +
    +     		+ +
    The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
    +
    +
    + multi_az + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies if the DB instance is a Multi-AZ deployment. Mutually exclusive with availability_zone.
    +
    +
    + new_db_instance_identifier + +
    + string +
    +     		+ +
    The new DB cluster (lowercase) identifier for the DB cluster when renaming a DB instance. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens. Use apply_immediately to rename immediately, otherwise it is updated during the next maintenance window.
    +

    aliases: new_instance_id, new_id
    +
    +
    + option_group_name + +
    + string +
    +     		+ +
    The option group to associate with the DB instance.
    +
    +
    + performance_insights_kms_key_id + +
    + string +
    +     		+ +
    The AWS KMS key identifier (ARN, name, or alias) for encryption of Performance Insights data.
    +
    +
    + performance_insights_retention_period + +
    + integer +
    +     		+ +
    The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731.
    +
    +
    + port + +
    + integer +
    +     		+ +
    The port number on which the instances accept connections.
    +
    +
    + preferred_backup_window + +
    + string +
    +     		+ +
    The daily time range (in UTC) of at least 30 minutes, during which automated backups are created if automated backups are enabled using backup_retention_period. The option must be in the format of "hh24:mi-hh24:mi" and not conflict with preferred_maintenance_window.
    +

    aliases: backup_window
    +
    +
    + preferred_maintenance_window + +
    + string +
    +     		+ +
    The weekly time range (in UTC) of at least 30 minutes, during which system maintenance can occur. The option must be in the format "ddd:hh24:mi-ddd:hh24:mi" where ddd is one of Mon, Tue, Wed, Thu, Fri, Sat, Sun.
    +

    aliases: maintenance_window
    +
    +
    + processor_features + +
    + dictionary +
    +     		+ +
    A dictionary of Name, Value pairs to indicate the number of CPU cores and the number of threads per core for the DB instance class of the DB instance. Names are threadsPerCore and coreCount. Set this option to an empty dictionary to use the default processor features.
    +
    +
    + coreCount + +
    + - +
    +     		+ +
    The number of CPU cores
    +
    +
    + threadsPerCore + +
    + - +
    +     		+ +
    The number of threads per core
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + promotion_tier + +
    + string +
    +     		+ +
    An integer that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
    +
    +
    + publicly_accessible + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
    +
    +
    + purge_cloudwatch_logs_exports + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Set to False to retain any enabled cloudwatch logs that aren't specified in the task and are associated with the instance.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Set to False to retain any tags that aren't specified in task and are associated with the instance.
    +
    +
    + read_replica + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Set to False to promote a read replica cluster or true to create one. When creating a read replica creation_source should be set to 'instance' or not provided. source_db_instance_identifier must be provided with this option.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + restore_time + +
    + string +
    +     		+ +
    If using creation_source=instance this indicates the UTC date and time to restore from the source instance. For example, "2009-09-07T23:45:00Z".
    +
    May alternatively set use_latest_restore_time=True.
    +
    Only one of use_latest_restorable_time and restore_time may be provided.
    +
    +
    + s3_bucket_name + +
    + string +
    +     		+ +
    The name of the Amazon S3 bucket that contains the data used to create the Amazon DB instance.
    +
    +
    + s3_ingestion_role_arn + +
    + string +
    +     		+ +
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.
    +
    +
    + s3_prefix + +
    + string +
    +     		+ +
    The prefix for all of the file names that contain the data used to create the Amazon DB instance. If you do not specify a SourceS3Prefix value, then the Amazon DB instance is created by using all of the files in the Amazon S3 bucket.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + skip_final_snapshot + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether a final DB cluster snapshot is created before the DB cluster is deleted. If this is false final_db_snapshot_identifier must be provided.
    +
    +
    + snapshot_identifier + +
    + string +
    +     		+ +
    The ARN of the DB snapshot to restore from when using creation_source=snapshot.
    +
    +
    + source_db_instance_identifier + +
    + string +
    +     		+ +
    The identifier or ARN of the source DB instance from which to restore when creating a read replica or spinning up a point-in-time DB instance using creation_source=instance. If the source DB is not in the same region this should be an ARN.
    +
    +
    + source_engine + +
    + string +
    +     		+
      Choices: +
    • mysql
      • +
    +     		+
    The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.
    +
    +
    + source_engine_version + +
    + string +
    +     		+ +
    The version of the database that the backup files were created from.
    +
    +
    + source_region + +
    + string +
    +     		+ +
    The region of the DB instance from which the replica is created.
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • terminated
      • +
    • running
      • +
    • started
      • +
    • stopped
      • +
    • rebooted
      • +
    • restarted
      • +
    +     		+
    Whether the snapshot should exist or not. rebooted is not idempotent and will leave the DB instance in a running state and start it prior to rebooting if it was stopped. present will leave the DB instance in the current running/stopped state, (running if creating the DB instance).
    +
    state=running and state=started are synonyms, as are state=rebooted and state=restarted. Note - rebooting the instance is not idempotent.
    +
    +
    + storage_encrypted + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the DB instance is encrypted.
    +
    +
    + storage_type + +
    + string +
    +     		+
      Choices: +
    • standard
      • +
    • gp2
      • +
    • io1
      • +
    +     		+
    The storage type to be associated with the DB instance. storage_type does not apply to Aurora DB instances.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary of key value pairs to assign the DB cluster.
    +
    +
    + tde_credential_arn + +
    + string +
    +     		+ +
    The ARN from the key store with which to associate the instance for Transparent Data Encryption. This is supported by Oracle or SQL Server DB instances and may be used in conjunction with storage_encrypted though it might slightly affect the performance of your database.
    +

    aliases: transparent_data_encryption_arn
    +
    +
    + tde_credential_password + +
    + string +
    +     		+ +
    The password for the given ARN from the key store in order to access the device.
    +

    aliases: transparent_data_encryption_password
    +
    +
    + timezone + +
    + string +
    +     		+ +
    The time zone of the DB instance.
    +
    +
    + use_latest_restorable_time + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to restore the DB instance to the latest restorable backup time.
    +
    Only one of use_latest_restorable_time and restore_time may be provided.
    +

    aliases: restore_from_latest
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_security_group_ids + +
    + list +
    +     		+ +
    A list of EC2 VPC security groups to associate with the DB cluster.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to wait for the cluster to be available, stopped, or deleted. At a later time a wait_timeout option may be added. Following each API call to create/modify/delete the instance a waiter is used with a 60 second delay 30 times until the instance reaches the expected state (available/stopped/deleted). The total task time may also be influenced by AWSRetry which helps stabilize if the instance is in an invalid state to operate on to begin with (such as if you try to stop it when it is in the process of rebooting). If setting this to False task retries and delays may make your playbook execution better handle timeouts for major modifications.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + - name: create minimal aurora instance in default VPC and default subnet group + community.aws.rds_instance: + engine: aurora + db_instance_identifier: ansible-test-aurora-db-instance + instance_type: db.t2.small + password: "{{ password }}" + username: "{{ username }}" + cluster_id: ansible-test-cluster # This cluster must exist - see rds_cluster to manage it + + - name: Create a DB instance using the default AWS KMS encryption key + community.aws.rds_instance: + id: test-encrypted-db + state: present + engine: mariadb + storage_encrypted: True + db_instance_class: db.t2.medium + username: "{{ username }}" + password: "{{ password }}" + allocated_storage: "{{ allocated_storage }}" + + - name: remove the DB instance without a final snapshot + community.aws.rds_instance: + id: "{{ instance_id }}" + state: absent + skip_final_snapshot: True + + - name: remove the DB instance with a final snapshot + community.aws.rds_instance: + id: "{{ instance_id }}" + state: absent + final_snapshot_identifier: "{{ snapshot_id }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + allocated_storage + +
    + integer +
    +     		always +
    The allocated storage size in gibibytes. This is always 1 for aurora database engines.
    +
    +
    Sample:
    +
    20
    +
    +
    + auto_minor_version_upgrade + +
    + boolean +
    +     		always +
    Whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
    +
    +
    Sample:
    +
    True
    +
    +
    + availability_zone + +
    + string +
    +     		always +
    The availability zone for the DB instance.
    +
    +
    Sample:
    +
    us-east-1f
    +
    +
    + backup_retention_period + +
    + integer +
    +     		always +
    The number of days for which automated backups are retained.
    +
    +
    Sample:
    +
    1
    +
    +
    + ca_certificate_identifier + +
    + string +
    +     		always +
    The identifier of the CA certificate for the DB instance.
    +
    +
    Sample:
    +
    rds-ca-2015
    +
    +
    + copy_tags_to_snapshot + +
    + boolean +
    +     		always +
    Whether tags are copied from the DB instance to snapshots of the DB instance.
    +
    +
    +
    + db_instance_arn + +
    + string +
    +     		always +
    The Amazon Resource Name (ARN) for the DB instance.
    +
    +
    Sample:
    +
    arn:aws:rds:us-east-1:123456789012:db:ansible-test
    +
    +
    + db_instance_class + +
    + string +
    +     		always +
    The name of the compute and memory capacity class of the DB instance.
    +
    +
    Sample:
    +
    db.m4.large
    +
    +
    + db_instance_identifier + +
    + string +
    +     		always +
    The identifier of the DB instance
    +
    +
    Sample:
    +
    ansible-test
    +
    +
    + db_instance_port + +
    + integer +
    +     		always +
    The port that the DB instance listens on.
    +
    +
    +
    + db_instance_status + +
    + string +
    +     		always +
    The current state of this database.
    +
    +
    Sample:
    +
    stopped
    +
    +
    + db_parameter_groups + +
    + complex +
    +     		always +
    The list of DB parameter groups applied to this DB instance.
    +
    +
      +
    + db_parameter_group_name + +
    + string +
    +     		always +
    The name of the DP parameter group.
    +
    +
    Sample:
    +
    default.mariadb10.0
    +
      +
    + parameter_apply_status + +
    + string +
    +     		always +
    The status of parameter updates.
    +
    +
    Sample:
    +
    in-sync
    +
    +
    + db_security_groups + +
    + list +
    +     		always +
    A list of DB security groups associated with this DB instance.
    +
    +
    +
    + db_subnet_group + +
    + complex +
    +     		always +
    The subnet group associated with the DB instance.
    +
    +
      +
    + db_subnet_group_description + +
    + string +
    +     		always +
    The description of the DB subnet group.
    +
    +
    Sample:
    +
    default
    +
      +
    + db_subnet_group_name + +
    + string +
    +     		always +
    The name of the DB subnet group.
    +
    +
    Sample:
    +
    default
    +
      +
    + subnet_group_status + +
    + string +
    +     		always +
    The status of the DB subnet group.
    +
    +
    Sample:
    +
    Complete
    +
      +
    + subnets + +
    + complex +
    +     		always +
    A list of Subnet elements.
    +
    +
       +
    + subnet_availability_zone + +
    + complex +
    +     		always +
    The availability zone of the subnet.
    +
    +
        +
    + name + +
    + string +
    +     		always +
    The name of the Availability Zone.
    +
    +
    Sample:
    +
    us-east-1c
    +
       +
    + subnet_identifier + +
    + string +
    +     		always +
    The ID of the subnet.
    +
    +
    Sample:
    +
    subnet-12345678
    +
       +
    + subnet_status + +
    + string +
    +     		always +
    The status of the subnet.
    +
    +
    Sample:
    +
    Active
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    The VpcId of the DB subnet group.
    +
    +
    Sample:
    +
    vpc-12345678
    +
    +
    + dbi_resource_id + +
    + string +
    +     		always +
    The AWS Region-unique, immutable identifier for the DB instance.
    +
    +
    Sample:
    +
    db-UHV3QRNWX4KB6GALCIGRML6QFA
    +
    +
    + domain_memberships + +
    + list +
    +     		always +
    The Active Directory Domain membership records associated with the DB instance.
    +
    +
    +
    + endpoint + +
    + complex +
    +     		always +
    The connection endpoint.
    +
    +
      +
    + address + +
    + string +
    +     		always +
    The DNS address of the DB instance.
    +
    +
    Sample:
    +
    ansible-test.cvlrtwiennww.us-east-1.rds.amazonaws.com
    +
      +
    + hosted_zone_id + +
    + string +
    +     		always +
    The ID that Amazon Route 53 assigns when you create a hosted zone.
    +
    +
    Sample:
    +
    ZTR2ITUGPA61AM
    +
      +
    + port + +
    + integer +
    +     		always +
    The port that the database engine is listening on.
    +
    +
    Sample:
    +
    3306
    +
    +
    + engine + +
    + string +
    +     		always +
    The database engine version.
    +
    +
    Sample:
    +
    mariadb
    +
    +
    + engine_version + +
    + string +
    +     		always +
    The database engine version.
    +
    +
    Sample:
    +
    10.0.35
    +
    +
    + iam_database_authentication_enabled + +
    + boolean +
    +     		always +
    Whether mapping of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.
    +
    +
    +
    + instance_create_time + +
    + string +
    +     		always +
    The date and time the DB instance was created.
    +
    +
    Sample:
    +
    2018-07-04T16:48:35.332000+00:00
    +
    +
    + kms_key_id + +
    + string +
    +     		When storage_encrypted is true +
    The AWS KMS key identifier for the encrypted DB instance when storage_encrypted is true.
    +
    +
    Sample:
    +
    arn:aws:kms:us-east-1:123456789012:key/70c45553-ad2e-4a85-9f14-cfeb47555c33
    +
    +
    + latest_restorable_time + +
    + string +
    +     		always +
    The latest time to which a database can be restored with point-in-time restore.
    +
    +
    Sample:
    +
    2018-07-04T16:50:50.642000+00:00
    +
    +
    + license_model + +
    + string +
    +     		always +
    The License model information for this DB instance.
    +
    +
    Sample:
    +
    general-public-license
    +
    +
    + master_username + +
    + string +
    +     		always +
    The master username for the DB instance.
    +
    +
    Sample:
    +
    test
    +
    +
    + max_allocated_storage + +
    + integer +
    +     		When max allocated storage is present. +
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    +
    +
    Sample:
    +
    100
    +
    +
    + monitoring_interval + +
    + integer +
    +     		always +
    The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. 0 means collecting Enhanced Monitoring metrics is disabled.
    +
    +
    +
    + multi_az + +
    + boolean +
    +     		always +
    Whether the DB instance is a Multi-AZ deployment.
    +
    +
    +
    + option_group_memberships + +
    + complex +
    +     		always +
    The list of option group memberships for this DB instance.
    +
    +
      +
    + option_group_name + +
    + string +
    +     		always +
    The name of the option group that the instance belongs to.
    +
    +
    Sample:
    +
    default:mariadb-10-0
    +
      +
    + status + +
    + string +
    +     		always +
    The status of the DB instance's option group membership.
    +
    +
    Sample:
    +
    in-sync
    +
    +
    + pending_modified_values + +
    + complex +
    +     		always +
    The changes to the DB instance that are pending.
    +
    +
    +
    + performance_insights_enabled + +
    + boolean +
    +     		always +
    True if Performance Insights is enabled for the DB instance, and otherwise false.
    +
    +
    +
    + preferred_backup_window + +
    + string +
    +     		always +
    The daily time range during which automated backups are created if automated backups are enabled.
    +
    +
    Sample:
    +
    07:01-07:31
    +
    +
    + preferred_maintenance_window + +
    + string +
    +     		always +
    The weekly time range (in UTC) during which system maintenance can occur.
    +
    +
    Sample:
    +
    sun:09:31-sun:10:01
    +
    +
    + publicly_accessible + +
    + boolean +
    +     		always +
    True for an Internet-facing instance with a publicly resolvable DNS name, False to indicate an internal instance with a DNS name that resolves to a private IP address.
    +
    +
    Sample:
    +
    True
    +
    +
    + read_replica_db_instance_identifiers + +
    + list +
    +     		always +
    Identifiers of the Read Replicas associated with this DB instance.
    +
    +
    +
    + storage_encrypted + +
    + boolean +
    +     		always +
    Whether the DB instance is encrypted.
    +
    +
    +
    + storage_type + +
    + string +
    +     		always +
    The storage type to be associated with the DB instance.
    +
    +
    Sample:
    +
    standard
    +
    +
    + tags + +
    + complex +
    +     		always +
    A dictionary of tags associated with the DB instance.
    +
    +
    +
    + vpc_security_groups + +
    + complex +
    +     		always +
    A list of VPC security group elements that the DB instance belongs to.
    +
    +
      +
    + status + +
    + string +
    +     		always +
    The status of the VPC security group.
    +
    +
    Sample:
    +
    active
    +
      +
    + vpc_security_group_id + +
    + string +
    +     		always +
    The name of the VPC security group.
    +
    +
    Sample:
    +
    sg-12345678
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Sloane Hertel (@s-hertel) + + diff --git a/docs/community.aws.rds_module.rst b/docs/community.aws.rds_module.rst new file mode 100644 index 00000000000..cf97a712f12 --- /dev/null +++ b/docs/community.aws.rds_module.rst @@ -0,0 +1,1681 @@ +.. _community.aws.rds_module: + + +***************** +community.aws.rds +***************** + +**create, delete, or modify Amazon rds instances, rds snapshots, and related facts** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, deletes, or modifies rds resources. +- When creating an instance it can be either a new instance or a read-only replica of an existing instance. +- This module has a dependency on python-boto >= 2.5 and will soon be deprecated. +- The 'promote' command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0). +- Please use boto3 based :ref:`community.aws.rds_instance ` instead. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + apply_immediately + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When apply_immediately=trye, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
    +
    Used only when command=modify.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + backup_retention + +
    + string +
    +     		+ +
    Number of days backups are retained.
    +
    Set to 0 to disable backups.
    +
    Default is 1 day.
    +
    Valid range: 0-35.
    +
    Used only when command=create or command=modify.
    +
    +
    + backup_window + +
    + string +
    +     		+ +
    Backup window in format of hh24:mi-hh24:mi. (Example: 18:00-20:30)
    +
    Times are specified in UTC.
    +
    If not specified then a random backup window is assigned.
    +
    Used only when command=create or command=modify.
    +
    +
    + character_set_name + +
    + string +
    +     		+ +
    Associate the DB instance with a specified character set.
    +
    Used with command=create.
    +
    +
    + command + +
    + string + / required
    +     		+
      Choices: +
    • create
      • +
    • replicate
      • +
    • delete
      • +
    • facts
      • +
    • modify
      • +
    • promote
      • +
    • snapshot
      • +
    • reboot
      • +
    • restore
      • +
    +     		+
    Specifies the action to take. The 'reboot' option is available starting at version 2.0.
    +
    +
    + db_engine + +
    + string +
    +     		+
      Choices: +
    • mariadb
      • +
    • MySQL
      • +
    • oracle-se1
      • +
    • oracle-se2
      • +
    • oracle-se
      • +
    • oracle-ee
      • +
    • sqlserver-ee
      • +
    • sqlserver-se
      • +
    • sqlserver-ex
      • +
    • sqlserver-web
      • +
    • postgres
      • +
    • aurora
      • +
    +     		+
    The type of database.
    +
    Used only when command=create.
    +
    mariadb was added in version 2.2.
    +
    +
    + db_name + +
    + string +
    +     		+ +
    Name of a database to create within the instance.
    +
    If not specified then no database is created.
    +
    Used only when command=create.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + engine_version + +
    + string +
    +     		+ +
    Version number of the database engine to use.
    +
    If not specified then the current Amazon RDS default engine version is used
    +
    Used only when command=create.
    +
    +
    + force_failover + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If enabled, the reboot is done using a MultiAZ failover.
    +
    Used only when command=reboot.
    +
    +
    + instance_name + +
    + string +
    +     		+ +
    Database instance identifier.
    +
    Required except when using command=facts or command=delete on just a snapshot.
    +
    +
    + instance_type + +
    + string +
    +     		+ +
    The instance type of the database.
    +
    If not specified then the replica inherits the same instance type as the source instance.
    +
    Required when command=create.
    +
    Optional when command=replicate, command=modify or command=restore.
    +

    aliases: type
    +
    +
    + iops + +
    + string +
    +     		+ +
    Specifies the number of IOPS for the instance.
    +
    Used only when command=create or command=modify.
    +
    Must be an integer greater than 1000.
    +
    +
    + license_model + +
    + string +
    +     		+
      Choices: +
    • license-included
      • +
    • bring-your-own-license
      • +
    • general-public-license
      • +
    • postgresql-license
      • +
    +     		+
    The license model for this DB instance.
    +
    Used only when command=create or command=restore.
    +
    +
    + maint_window + +
    + string +
    +     		+ +
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    +
    Times are specified in UTC.
    +
    If not specified then a random maintenance window is assigned.
    +
    Used only when command=create or command=modify.
    +
    +
    + multi_zone + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies if this is a Multi-availability-zone deployment.
    +
    Can not be used in conjunction with zone parameter.
    +
    Used only when command=create or command=modify.
    +
    +
    + new_instance_name + +
    + string +
    +     		+ +
    Name to rename an instance to.
    +
    Used only when command=modify.
    +
    +
    + option_group + +
    + string +
    +     		+ +
    The name of the option group to use.
    +
    If not specified then the default option group is used.
    +
    Used only when command=create.
    +
    +
    + parameter_group + +
    + string +
    +     		+ +
    Name of the DB parameter group to associate with this instance.
    +
    If omitted then the RDS default DBParameterGroup will be used.
    +
    Used only when command=create or command=modify.
    +
    +
    + password + +
    + string +
    +     		+ +
    Password for the master database username.
    +
    Used only when command=create or command=modify.
    +
    +
    + port + +
    + integer +
    +     		+ +
    Port number that the DB instance uses for connections.
    +
    Used only when command=create or command=replicate.
    +
    Defaults to the standard ports for each db_engine: 3306 for MySQL and MariaDB, 1521 for Oracle 1433 for SQL Server, 5432 for PostgreSQL.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + publicly_accessible + +
    + string +
    +     		+ +
    Explicitly set whether the resource should be publicly accessible or not.
    +
    Used with command=create, command=replicate.
    +
    Requires boto >= 2.26.0
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_groups + +
    + string +
    +     		+ +
    Comma separated list of one or more security groups.
    +
    Used only when command=create or command=modify.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + size + +
    + string +
    +     		+ +
    Size in gigabytes of the initial storage for the DB instance.
    +
    Used only when command=create or command=modify.
    +
    +
    + snapshot + +
    + string +
    +     		+ +
    Name of snapshot to take.
    +
    When command=delete, if no snapshot name is provided then no snapshot is taken.
    +
    When command=delete, if no instance_name is provided the snapshot is deleted.
    +
    Used with command=facts, command=delete or command=snapshot.
    +
    +
    + source_instance + +
    + string +
    +     		+ +
    Name of the database to replicate.
    +
    Used only when command=replicate.
    +
    +
    + subnet + +
    + string +
    +     		+ +
    VPC subnet group.
    +
    If specified then a VPC instance is created.
    +
    Used only when command=create.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    tags dict to apply to a resource.
    +
    Used with command=create, command=replicate, command=restore.
    +
    Requires boto >= 2.26.0
    +
    +
    + upgrade + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates that minor version upgrades should be applied automatically.
    +
    Used only when command=create or command=modify or command=restore or command=replicate.
    +
    +
    + username + +
    + string +
    +     		+ +
    Master database username.
    +
    Used only when command=create.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_security_groups + +
    + list + / elements=string
    +     		+ +
    Comma separated list of one or more vpc security group ids.
    +
    Also requires subnet to be specified.
    +
    Used only when command=create or command=modify.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When command=create, replicate, modify or restore then wait for the database to enter the 'available' state.
    +
    When command=delete, wait for the database to be terminated.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    How long before wait gives up, in seconds.
    +
    Used when wait=true.
    +
    +
    + zone + +
    + string +
    +     		+ +
    availability zone in which to launch the instance.
    +
    Used only when command=create, command=replicate or command=restore.
    +
    Can not be used in conjunction with multi_zone parameter.
    +

    aliases: aws_zone, ec2_zone
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Basic mysql provisioning example + community.aws.rds: + command: create + instance_name: new-database + db_engine: MySQL + size: 10 + instance_type: db.m1.small + username: mysql_admin + password: 1nsecure + tags: + Environment: testing + Application: cms + + - name: Create a read-only replica and wait for it to become available + community.aws.rds: + command: replicate + instance_name: new-database-replica + source_instance: new_database + wait: yes + wait_timeout: 600 + + - name: Delete an instance, but create a snapshot before doing so + community.aws.rds: + command: delete + instance_name: new-database + snapshot: new_database_snapshot + + - name: Get facts about an instance + community.aws.rds: + command: facts + instance_name: new-database + register: new_database_facts + + - name: Rename an instance and wait for the change to take effect + community.aws.rds: + command: modify + instance_name: new-database + new_instance_name: renamed-database + wait: yes + + - name: Reboot an instance and wait for it to become available again + community.aws.rds: + command: reboot + instance_name: database + wait: yes + + # Restore a Postgres db instance from a snapshot, wait for it to become available again, and + # then modify it to add your security group. Also, display the new endpoint. + # Note that the "publicly_accessible" option is allowed here just as it is in the AWS CLI + - community.aws.rds: + command: restore + snapshot: mypostgres-snapshot + instance_name: MyNewInstanceName + region: us-west-2 + zone: us-west-2b + subnet: default-vpc-xx441xxx + publicly_accessible: yes + wait: yes + wait_timeout: 600 + tags: + Name: pg1_test_name_tag + register: rds + + - community.aws.rds: + command: modify + instance_name: MyNewInstanceName + region: us-west-2 + vpc_security_groups: sg-xxx945xx + + - debug: + msg: "The new db endpoint is {{ rds.instance.endpoint }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + instance + +
    + complex +
    +     		always +
    the rds instance
    +
    +
      +
    + allocated_storage + +
    + string +
    +     		when RDS instance exists +
    the allocated storage size in gigabytes (GB)
    +
    +
    Sample:
    +
    100
    +
      +
    + auto_minor_version_upgrade + +
    + boolean +
    +     		when RDS instance exists +
    indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window
    +
    +
    Sample:
    +
    true
    +
      +
    + backup_window + +
    + string +
    +     		when RDS instance exists and automated backups are enabled +
    the daily time range during which automated backups are created if automated backups are enabled
    +
    +
    Sample:
    +
    03:00-03:30
    +
      +
    + character_set_name + +
    + string +
    +     		when RDS instance exists +
    the name of the character set that this instance is associated with
    +
    +
    Sample:
    +
    AL32UTF8
    +
      +
    + db_name + +
    + string +
    +     		when RDS instance exists +
    the name of the database to create when the DB instance is created
    +
    +
    Sample:
    +
    ASERTG
    +
      +
    + db_subnet_groups + +
    + complex +
    +     		when RDS instance exists +
    information on the subnet group associated with this RDS instance
    +
    +
       +
    + description + +
    + string +
    +     		when RDS instance exists +
    the subnet group associated with the DB instance
    +
    +
    Sample:
    +
    Subnets for the UAT RDS SQL DB Instance
    +
       +
    + name + +
    + string +
    +     		when RDS instance exists +
    the name of the DB subnet group
    +
    +
    Sample:
    +
    samplesubnetgrouprds-j6paiqkxqp4z
    +
       +
    + status + +
    + string +
    +     		when RDS instance exists +
    the status of the DB subnet group
    +
    +
    Sample:
    +
    complete
    +
       +
    + subnets + +
    + complex +
    +     		when RDS instance exists +
    the description of the DB subnet group
    +
    +
        +
    + availability_zone + +
    + complex +
    +     		when RDS instance exists +
    subnet availability zone information
    +
    +
         +
    + name + +
    + string +
    +     		when RDS instance exists +
    availability zone
    +
    +
    Sample:
    +
    eu-west-1b
    +
         +
    + provisioned_iops_capable + +
    + boolean +
    +     		when RDS instance exists +
    whether provisioned iops are available in AZ subnet
    +
    +
    Sample:
    +
    false
    +
        +
    + identifier + +
    + string +
    +     		when RDS instance exists +
    the identifier of the subnet
    +
    +
    Sample:
    +
    subnet-3fdba63e
    +
        +
    + status + +
    + string +
    +     		when RDS instance exists +
    the status of the subnet
    +
    +
    Sample:
    +
    active
    +
      +
    + endpoint + +
    + string +
    +     		when RDS instance exists +
    the endpoint uri of the database instance
    +
    +
    Sample:
    +
    my-ansible-database.asdfaosdgih.us-east-1.rds.amazonaws.com
    +
      +
    + engine + +
    + string +
    +     		when RDS instance exists +
    the name of the database engine
    +
    +
    Sample:
    +
    oracle-se
    +
      +
    + engine_version + +
    + string +
    +     		when RDS instance exists +
    the version of the database engine
    +
    +
    Sample:
    +
    11.2.0.4.v6
    +
      +
    + latest_restorable_time + +
    + string +
    +     		when RDS instance exists +
    the latest time to which a database can be restored with point-in-time restore
    +
    +
    Sample:
    +
    1489707802.0
    +
      +
    + license_model + +
    + string +
    +     		when RDS instance exists +
    the license model information
    +
    +
    Sample:
    +
    bring-your-own-license
    +
      +
    + option_groups + +
    + complex +
    +     		when RDS instance exists +
    the list of option group memberships for this RDS instance
    +
    +
       +
    + option_group_name + +
    + string +
    +     		when RDS instance exists +
    the option group name for this RDS instance
    +
    +
    Sample:
    +
    default:oracle-se-11-2
    +
       +
    + status + +
    + string +
    +     		when RDS instance exists +
    the status of the RDS instance's option group membership
    +
    +
    Sample:
    +
    in-sync
    +
      +
    + parameter_groups + +
    + complex +
    +     		when RDS instance exists and parameter groups are defined +
    the list of DB parameter groups applied to this RDS instance
    +
    +
       +
    + parameter_apply_status + +
    + string +
    +     		when RDS instance exists +
    the status of parameter updates
    +
    +
    Sample:
    +
    in-sync
    +
       +
    + parameter_group_name + +
    + string +
    +     		when RDS instance exists +
    the name of the DP parameter group
    +
    +
    Sample:
    +
    testawsrpprodb01spfile-1ujg7nrs7sgyz
    +
      +
    + pending_modified_values + +
    + complex +
    +     		when RDS instance exists +
    a dictionary of changes to the RDS instance that are pending
    +
    +
       +
    + allocated_storage + +
    + string +
    +     		when RDS instance exists +
    the new allocated storage size for this RDS instance that will be applied or is in progress
    +
    +
    Sample:
    +
    null
    +
       +
    + backup_retention_period + +
    + string +
    +     		when RDS instance exists +
    the pending number of days for which automated backups are retained
    +
    +
    Sample:
    +
    null
    +
       +
    + db_instance_class + +
    + string +
    +     		when RDS instance exists +
    the new DB instance class for this RDS instance that will be applied or is in progress
    +
    +
    Sample:
    +
    null
    +
       +
    + db_instance_identifier + +
    + string +
    +     		when RDS instance exists +
    the new DB instance identifier this RDS instance that will be applied or is in progress
    +
    +
    Sample:
    +
    null
    +
       +
    + engine_version + +
    + string +
    +     		when RDS instance exists +
    indicates the database engine version
    +
    +
    Sample:
    +
    null
    +
       +
    + iops + +
    + string +
    +     		when RDS instance exists +
    the new provisioned IOPS value for this RDS instance that will be applied or is being applied
    +
    +
    Sample:
    +
    null
    +
       +
    + master_user_password + +
    + string +
    +     		when RDS instance exists +
    the pending or in-progress change of the master credentials for this RDS instance
    +
    +
    Sample:
    +
    null
    +
       +
    + multi_az + +
    + string +
    +     		when RDS instance exists +
    indicates that the single-AZ RDS instance is to change to a multi-AZ deployment
    +
    +
    Sample:
    +
    null
    +
       +
    + port + +
    + string +
    +     		when RDS instance exists +
    specifies the pending port for this RDS instance
    +
    +
    Sample:
    +
    null
    +
      +
    + port + +
    + integer +
    +     		when RDS instance exists +
    the listening port of the database instance
    +
    +
    Sample:
    +
    3306
    +
      +
    + publicly_accessible + +
    + boolean +
    +     		when RDS instance exists +
    the accessibility options for the DB instance
    +
    +
    Sample:
    +
    true
    +
      +
    + read_replica_source_dbinstance_identifier + +
    + string +
    +     		when read replica RDS instance exists +
    the identifier of the source DB instance if this RDS instance is a read replica
    +
    +
    Sample:
    +
    null
    +
      +
    + secondary_availability_zone + +
    + string +
    +     		when RDS instance exists and is multy-AZ +
    the name of the secondary AZ for a DB instance with multi-AZ support
    +
    +
    Sample:
    +
    eu-west-1b
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Bruce Pennypacker (@bpennypacker) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.rds_param_group_module.rst b/docs/community.aws.rds_param_group_module.rst new file mode 100644 index 00000000000..3da04481638 --- /dev/null +++ b/docs/community.aws.rds_param_group_module.rst @@ -0,0 +1,486 @@ +.. _community.aws.rds_param_group_module: + + +***************************** +community.aws.rds_param_group +***************************** + +**manage RDS parameter groups** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, modifies, and deletes RDS parameter groups. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    Database parameter group description. Only set when a new group is added.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + engine + +
    + string +
    +     		+ +
    The type of database for this group.
    +
    Please use following command to get list of all supported db engines and their respective versions.
    +
    # aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
    +
    Required for state=present.
    +
    +
    + immediate + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to apply the changes immediately, or after the next reboot of any associated instances.
    +

    aliases: apply_immediately
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Database parameter group identifier.
    +
    +
    + params + +
    + dictionary +
    +     		+ +
    Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
    +

    aliases: parameters
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to remove tags that do not appear in the tags list.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the group should be present or absent.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Dictionary of tags to attach to the parameter group.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 + community.aws.rds_param_group: + state: present + name: norwegian-blue + description: 'My Fancy Ex Parrot Group' + engine: 'mysql5.6' + params: + auto_increment_increment: "42K" + tags: + Environment: production + Application: parrot + + - name: Remove a parameter group + community.aws.rds_param_group: + state: absent + name: norwegian-blue + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + db_parameter_group_arn + +
    + string +
    +     		when state is present +
    ARN of the DB parameter group
    +
    +
    +
    + db_parameter_group_family + +
    + string +
    +     		when state is present +
    DB parameter group family that this DB parameter group is compatible with.
    +
    +
    +
    + db_parameter_group_name + +
    + string +
    +     		when state is present +
    Name of DB parameter group
    +
    +
    +
    + description + +
    + string +
    +     		when state is present +
    description of the DB parameter group
    +
    +
    +
    + errors + +
    + list +
    +     		when state is present +
    list of errors from attempting to modify parameters that are not modifiable
    +
    +
    +
    + tags + +
    + dictionary +
    +     		when state is present +
    dictionary of tags
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Scott Anderson (@tastychutney) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.rds_snapshot_info_module.rst b/docs/community.aws.rds_snapshot_info_module.rst new file mode 100644 index 00000000000..9cbf19a48cd --- /dev/null +++ b/docs/community.aws.rds_snapshot_info_module.rst @@ -0,0 +1,1097 @@ +.. _community.aws.rds_snapshot_info_module: + + +******************************* +community.aws.rds_snapshot_info +******************************* + +**obtain information about one or more RDS snapshots** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Obtain information about one or more RDS snapshots. These can be for unclustered snapshots or snapshots of clustered DBs (Aurora). +- Aurora snapshot information may be obtained if no identifier parameters are passed or if one of the cluster parameters are passed. +- This module was called ``rds_snapshot_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + db_cluster_identifier + +
    + string +
    +     		+ +
    RDS cluster name for which to find snapshots.
    +
    Mutually exclusive with db_snapshot_identifier, db_instance_identifier, db_cluster_snapshot_identifier
    +
    +
    + db_cluster_snapshot_identifier + +
    + string +
    +     		+ +
    Name of an RDS cluster snapshot.
    +
    Mutually exclusive with db_instance_identifier, db_snapshot_identifier, db_cluster_identifier
    +
    +
    + db_instance_identifier + +
    + string +
    +     		+ +
    RDS instance name for which to find snapshots.
    +
    Mutually exclusive with db_snapshot_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    +
    +
    + db_snapshot_identifier + +
    + string +
    +     		+ +
    Name of an RDS (unclustered) snapshot.
    +
    Mutually exclusive with db_instance_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    +

    aliases: snapshot_name
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + snapshot_type + +
    + string +
    +     		+
      Choices: +
    • automated
      • +
    • manual
      • +
    • shared
      • +
    • public
      • +
    +     		+
    Type of snapshot to find.
    +
    By default both automated and manual snapshots will be returned.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Get information about an snapshot + community.aws.rds_snapshot_info: + db_snapshot_identifier: snapshot_name + register: new_database_info + + - name: Get all RDS snapshots for an RDS instance + community.aws.rds_snapshot_info: + db_instance_identifier: helloworld-rds-master + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + cluster_snapshots + +
    + complex +
    +     		always +
    List of cluster snapshots
    +
    +
      +
    + allocated_storage + +
    + integer +
    +     		always +
    How many gigabytes of storage are allocated
    +
    +
    Sample:
    +
    1
    +
      +
    + availability_zones + +
    + list +
    +     		always +
    The availability zones of the database from which the snapshot was taken
    +
    +
    Sample:
    +
    ['ca-central-1a', 'ca-central-1b']
    +
      +
    + cluster_create_time + +
    + string +
    +     		always +
    Date and time the cluster was created
    +
    +
    Sample:
    +
    2018-05-17T00:13:40.223000+00:00
    +
      +
    + db_cluster_identifier + +
    + string +
    +     		always +
    Database cluster identifier
    +
    +
    Sample:
    +
    test-aurora-cluster
    +
      +
    + db_cluster_snapshot_arn + +
    + string +
    +     		always +
    ARN of the database snapshot
    +
    +
    Sample:
    +
    arn:aws:rds:ca-central-1:111111111111:cluster-snapshot:test-aurora-snapshot
    +
      +
    + db_cluster_snapshot_identifier + +
    + string +
    +     		always +
    Snapshot identifier
    +
    +
    Sample:
    +
    test-aurora-snapshot
    +
      +
    + engine + +
    + string +
    +     		always +
    Database engine
    +
    +
    Sample:
    +
    aurora
    +
      +
    + engine_version + +
    + string +
    +     		always +
    Database engine version
    +
    +
    Sample:
    +
    5.6.10a
    +
      +
    + iam_database_authentication_enabled + +
    + boolean +
    +     		always +
    Whether database authentication through IAM is enabled
    +
    +
      +
    + kms_key_id + +
    + string +
    +     		always +
    ID of the KMS Key encrypting the snapshot
    +
    +
    Sample:
    +
    arn:aws:kms:ca-central-1:111111111111:key/abcd1234-abcd-1111-aaaa-0123456789ab
    +
      +
    + license_model + +
    + string +
    +     		always +
    License model
    +
    +
    Sample:
    +
    aurora
    +
      +
    + master_username + +
    + string +
    +     		always +
    Database master username
    +
    +
    Sample:
    +
    shertel
    +
      +
    + percent_progress + +
    + integer +
    +     		always +
    Percent progress of snapshot
    +
    +
      +
    + port + +
    + integer +
    +     		always +
    Database port
    +
    +
      +
    + snapshot_create_time + +
    + string +
    +     		always +
    Date and time when the snapshot was created
    +
    +
    Sample:
    +
    2018-05-17T00:23:23.731000+00:00
    +
      +
    + snapshot_type + +
    + string +
    +     		always +
    Type of snapshot
    +
    +
    Sample:
    +
    manual
    +
      +
    + status + +
    + string +
    +     		always +
    Status of snapshot
    +
    +
    Sample:
    +
    creating
    +
      +
    + storage_encrypted + +
    + boolean +
    +     		always +
    Whether the snapshot is encrypted
    +
    +
    Sample:
    +
    True
    +
      +
    + tags + +
    + complex +
    +     		when snapshot is not shared +
    Tags of the snapshot
    +
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    VPC of the database
    +
    +
    Sample:
    +
    vpc-abcd1234
    +
    +
    + snapshots + +
    + complex +
    +     		When cluster parameters are not passed +
    List of non-clustered snapshots
    +
    +
      +
    + allocated_storage + +
    + integer +
    +     		always +
    How many gigabytes of storage are allocated
    +
    +
    Sample:
    +
    10
    +
      +
    + availability_zone + +
    + string +
    +     		always +
    The availability zone of the database from which the snapshot was taken
    +
    +
    Sample:
    +
    us-west-2b
    +
      +
    + db_instance_identifier + +
    + string +
    +     		always +
    Database instance identifier
    +
    +
    Sample:
    +
    hello-world-rds
    +
      +
    + db_snapshot_arn + +
    + string +
    +     		always +
    Snapshot ARN
    +
    +
    Sample:
    +
    arn:aws:rds:us-west-2:111111111111:snapshot:rds:hello-world-rds-us1-2018-05-16-04-03
    +
      +
    + db_snapshot_identifier + +
    + string +
    +     		always +
    Snapshot name
    +
    +
    Sample:
    +
    rds:hello-world-rds-us1-2018-05-16-04-03
    +
      +
    + encrypted + +
    + boolean +
    +     		always +
    Whether the snapshot was encrypted
    +
    +
    Sample:
    +
    True
    +
      +
    + engine + +
    + string +
    +     		always +
    Database engine
    +
    +
    Sample:
    +
    postgres
    +
      +
    + engine_version + +
    + string +
    +     		always +
    Database engine version
    +
    +
    Sample:
    +
    9.5.10
    +
      +
    + iam_database_authentication_enabled + +
    + boolean +
    +     		always +
    Whether database authentication through IAM is enabled
    +
    +
      +
    + instance_create_time + +
    + string +
    +     		always +
    Time the Instance was created
    +
    +
    Sample:
    +
    2017-10-10T04:00:07.434000+00:00
    +
      +
    + kms_key_id + +
    + string +
    +     		always +
    ID of the KMS Key encrypting the snapshot
    +
    +
    Sample:
    +
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-1234-aaaa-0000-1234567890ab
    +
      +
    + license_model + +
    + string +
    +     		always +
    License model
    +
    +
    Sample:
    +
    postgresql-license
    +
      +
    + master_username + +
    + string +
    +     		always +
    Database master username
    +
    +
    Sample:
    +
    dbadmin
    +
      +
    + option_group_name + +
    + string +
    +     		always +
    Database option group name
    +
    +
    Sample:
    +
    default:postgres-9-5
    +
      +
    + percent_progress + +
    + integer +
    +     		always +
    Percent progress of snapshot
    +
    +
    Sample:
    +
    100
    +
      +
    + snapshot_create_time + +
    + string +
    +     		always +
    Time snapshot was created
    +
    +
    Sample:
    +
    2018-05-16T04:03:33.871000+00:00
    +
      +
    + snapshot_type + +
    + string +
    +     		always +
    Type of snapshot
    +
    +
    Sample:
    +
    automated
    +
      +
    + status + +
    + string +
    +     		always +
    Status of snapshot
    +
    +
    Sample:
    +
    available
    +
      +
    + storage_type + +
    + string +
    +     		always +
    Storage type of underlying DB
    +
    +
    Sample:
    +
    gp2
    +
      +
    + tags + +
    + complex +
    +     		when snapshot is not shared +
    Snapshot tags
    +
    +
      +
    + vpc_id + +
    + string +
    +     		always +
    ID of VPC containing the DB
    +
    +
    Sample:
    +
    vpc-abcd1234
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) + + diff --git a/docs/community.aws.rds_snapshot_module.rst b/docs/community.aws.rds_snapshot_module.rst new file mode 100644 index 00000000000..02805a49a39 --- /dev/null +++ b/docs/community.aws.rds_snapshot_module.rst @@ -0,0 +1,755 @@ +.. _community.aws.rds_snapshot_module: + + +************************** +community.aws.rds_snapshot +************************** + +**manage Amazon RDS snapshots.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates or deletes RDS snapshots. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + db_instance_identifier + +
    + string +
    +     		+ +
    Database instance identifier. Required when state is present.
    +

    aliases: instance_id
    +
    +
    + db_snapshot_identifier + +
    + string + / required
    +     		+ +
    The snapshot to manage.
    +

    aliases: id, snapshot_id
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    whether to remove tags not present in the tags parameter.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Specify the desired state of the snapshot.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    tags dict to apply to a snapshot.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for snapshot creation or deletion.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    how long before wait gives up, in seconds.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create snapshot + community.aws.rds_snapshot: + db_instance_identifier: new-database + db_snapshot_identifier: new-database-snapshot + + - name: Delete snapshot + community.aws.rds_snapshot: + db_snapshot_identifier: new-database-snapshot + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + allocated_storage + +
    + integer +
    +     		always +
    How much storage is allocated in GB.
    +
    +
    Sample:
    +
    20
    +
    +
    + availability_zone + +
    + string +
    +     		always +
    Availability zone of the database from which the snapshot was created.
    +
    +
    Sample:
    +
    us-west-2a
    +
    +
    + db_instance_identifier + +
    + string +
    +     		always +
    Database from which the snapshot was created.
    +
    +
    Sample:
    +
    ansible-test-16638696
    +
    +
    + db_snapshot_arn + +
    + string +
    +     		always +
    Amazon Resource Name for the snapshot.
    +
    +
    Sample:
    +
    arn:aws:rds:us-west-2:123456789012:snapshot:ansible-test-16638696-test-snapshot
    +
    +
    + db_snapshot_identifier + +
    + string +
    +     		always +
    Name of the snapshot.
    +
    +
    Sample:
    +
    ansible-test-16638696-test-snapshot
    +
    +
    + dbi_resource_id + +
    + string +
    +     		always +
    The identifier for the source DB instance, which can't be changed and which is unique to an AWS Region.
    +
    +
    Sample:
    +
    db-MM4P2U35RQRAMWD3QDOXWPZP4U
    +
    +
    + encrypted + +
    + boolean +
    +     		always +
    Whether the snapshot is encrypted.
    +
    +
    +
    + engine + +
    + string +
    +     		always +
    Engine of the database from which the snapshot was created.
    +
    +
    Sample:
    +
    mariadb
    +
    +
    + engine_version + +
    + string +
    +     		always +
    Version of the database from which the snapshot was created.
    +
    +
    Sample:
    +
    10.2.21
    +
    +
    + iam_database_authentication_enabled + +
    + boolean +
    +     		always +
    Whether IAM database authentication is enabled.
    +
    +
    +
    + instance_create_time + +
    + string +
    +     		always +
    Creation time of the instance from which the snapshot was created.
    +
    +
    Sample:
    +
    2019-06-15T10:15:56.221000+00:00
    +
    +
    + license_model + +
    + string +
    +     		always +
    License model of the database.
    +
    +
    Sample:
    +
    general-public-license
    +
    +
    + master_username + +
    + string +
    +     		always +
    Master username of the database.
    +
    +
    Sample:
    +
    test
    +
    +
    + option_group_name + +
    + string +
    +     		always +
    Option group of the database.
    +
    +
    Sample:
    +
    default:mariadb-10-2
    +
    +
    + percent_progress + +
    + integer +
    +     		always +
    How much progress has been made taking the snapshot. Will be 100 for an available snapshot.
    +
    +
    Sample:
    +
    100
    +
    +
    + port + +
    + integer +
    +     		always +
    Port on which the database is listening.
    +
    +
    Sample:
    +
    3306
    +
    +
    + processor_features + +
    + list +
    +     		always +
    List of processor features of the database.
    +
    +
    +
    + snapshot_create_time + +
    + string +
    +     		always +
    Creation time of the snapshot.
    +
    +
    Sample:
    +
    2019-06-15T10:46:23.776000+00:00
    +
    +
    + snapshot_type + +
    + string +
    +     		always +
    How the snapshot was created (always manual for this module!).
    +
    +
    Sample:
    +
    manual
    +
    +
    + status + +
    + string +
    +     		always +
    Status of the snapshot.
    +
    +
    Sample:
    +
    available
    +
    +
    + storage_type + +
    + string +
    +     		always +
    Storage type of the database.
    +
    +
    Sample:
    +
    gp2
    +
    +
    + tags + +
    + complex +
    +     		always +
    Tags applied to the snapshot.
    +
    +
    +
    + vpc_id + +
    + string +
    +     		always +
    ID of the VPC in which the DB lives.
    +
    +
    Sample:
    +
    vpc-09ff232e222710ae0
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Will Thames (@willthames) +- Michael De La Rue (@mikedlr) + + diff --git a/docs/community.aws.rds_subnet_group_module.rst b/docs/community.aws.rds_subnet_group_module.rst new file mode 100644 index 00000000000..b5fed6ab6bd --- /dev/null +++ b/docs/community.aws.rds_subnet_group_module.rst @@ -0,0 +1,416 @@ +.. _community.aws.rds_subnet_group_module: + + +****************************** +community.aws.rds_subnet_group +****************************** + +**manage RDS database subnet groups** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, modifies, and deletes RDS database subnet groups. This module has a dependency on python-boto >= 2.5. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + description + +
    + string +
    +     		+ +
    Database subnet group description.
    +
    Required when state=present.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Database subnet group identifier.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the subnet should be present or absent.
    +
    +
    + subnets + +
    + list +
    +     		+ +
    List of subnet IDs that make up the database subnet group.
    +
    Required when state=present.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Add or change a subnet group + community.aws.rds_subnet_group: + state: present + name: norwegian-blue + description: My Fancy Ex Parrot Subnet Group + subnets: + - subnet-aaaaaaaa + - subnet-bbbbbbbb + + - name: Remove a subnet group + community.aws.rds_subnet_group: + state: absent + name: norwegian-blue + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + subnet_group + +
    + complex +
    +     		state=present +
    Dictionary of DB subnet group values
    +
    +
      +
    + description + +
    + string +
    +     		state=present +
    The description of the DB subnet group
    +
    +
      +
    + name + +
    + string +
    +     		state=present +
    The name of the DB subnet group
    +
    +
      +
    + status + +
    + string +
    +     		state=present +
    The status of the DB subnet group
    +
    +
      +
    + subnet_ids + +
    + list +
    +     		state=present +
    Contains a list of Subnet IDs
    +
    +
      +
    + vpc_id + +
    + string +
    +     		state=present +
    The VpcId of the DB subnet group
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Scott Anderson (@tastychutney) + + diff --git a/docs/community.aws.redshift_cross_region_snapshots_module.rst b/docs/community.aws.redshift_cross_region_snapshots_module.rst new file mode 100644 index 00000000000..2836242a7c7 --- /dev/null +++ b/docs/community.aws.redshift_cross_region_snapshots_module.rst @@ -0,0 +1,336 @@ +.. _community.aws.redshift_cross_region_snapshots_module: + + +********************************************* +community.aws.redshift_cross_region_snapshots +********************************************* + +**Manage Redshift Cross Region Snapshots** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage Redshift Cross Region Snapshots. Supports KMS-Encrypted Snapshots. +- For more information, see https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html#cross-region-snapshot-copy + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster_name + +
    + string + / required
    +     		+ +
    The name of the cluster to configure cross-region snapshots for.
    +

    aliases: cluster
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + destination_region + +
    + string + / required
    +     		+ +
    The region to copy snapshots to.
    +

    aliases: destination
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string + / required
    +     		+ +
    The cluster's region.
    +

    aliases: source
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + snapshot_copy_grant + +
    + string +
    +     		+ +
    A grant for Amazon Redshift to use a master key in the destination_region.
    + +

    aliases: copy_grant
    +
    +
    + snapshot_retention_period + +
    + integer + / required
    +     		+ +
    The number of days to keep cross-region snapshots for.
    +

    aliases: retention_period
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove the cross-region snapshot configuration.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure cross-region snapshot on cluster `johniscool` + community.aws.redshift_cross_region_snapshots: + cluster_name: johniscool + state: present + region: us-east-1 + destination_region: us-west-2 + retention_period: 1 + + - name: configure cross-region snapshot on kms-encrypted cluster + community.aws.redshift_cross_region_snapshots: + cluster_name: whatever + state: present + region: us-east-1 + destination: us-west-2 + copy_grant: 'my-grant-in-destination' + retention_period: 10 + + - name: disable cross-region snapshots, necessary before most cluster modifications (rename, resize) + community.aws.redshift_cross_region_snapshots: + cluster_name: whatever + state: absent + region: us-east-1 + destination_region: us-west-2 + + + + + +Status +------ + + +Authors +~~~~~~~ + +- JR Kerkstra (@captainkerk) + + diff --git a/docs/community.aws.redshift_info_module.rst b/docs/community.aws.redshift_info_module.rst new file mode 100644 index 00000000000..13156c32437 --- /dev/null +++ b/docs/community.aws.redshift_info_module.rst @@ -0,0 +1,844 @@ +.. _community.aws.redshift_info_module: + + +*************************** +community.aws.redshift_info +*************************** + +**Gather information about Redshift cluster(s)** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gather information about Redshift cluster(s). +- This module was called ``redshift_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster_identifier + +
    + string +
    +     		+ +
    The prefix of cluster identifier of the Redshift cluster you are searching for.
    +
    This is a regular expression match with implicit '^'. Append '$' for a complete match.
    +

    aliases: name, identifier
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do net set authentication details, see the AWS guide for details. + + - name: Find all clusters + community.aws.redshift_info: + register: redshift + + - name: Find cluster(s) with matching tags + community.aws.redshift_info: + tags: + env: prd + stack: monitoring + register: redshift_tags + + - name: Find cluster(s) with matching name/prefix and tags + community.aws.redshift_info: + tags: + env: dev + stack: web + name: user- + register: redshift_web + + - name: Fail if no cluster(s) is/are found + community.aws.redshift_info: + tags: + env: stg + stack: db + register: redshift_user + failed_when: "{{ redshift_user.results | length == 0 }}" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + allow_version_upgrade + +
    + boolean +
    +     		success +
    A Boolean value that, if true, indicates that major version upgrades will be applied automatically to the cluster during the maintenance window.
    +
    +
    Sample:
    +
    true|false
    +
    +
    + automated_snapshot_retention_period + +
    + integer +
    +     		success +
    The number of days that automatic cluster snapshots are retained.
    +
    +
    Sample:
    +
    1
    +
    +
    + availability_zone + +
    + string +
    +     		success +
    The name of the Availability Zone in which the cluster is located.
    +
    +
    Sample:
    +
    us-east-1b
    +
    +
    + cluster_create_time + +
    + string +
    +     		success +
    The date and time that the cluster was created.
    +
    +
    Sample:
    +
    2016-05-10T08:33:16.629000+00:00
    +
    +
    + cluster_identifier + +
    + string +
    +     		success +
    Unique key to identify the cluster.
    +
    +
    Sample:
    +
    redshift-identifier
    +
    +
    + cluster_nodes + +
    + list +
    +     		success +
    The nodes in the cluster.
    +
    +
    Sample:
    +
    [{'node_role': 'LEADER', 'private_ip_address': '10.0.0.1', 'public_ip_address': 'x.x.x.x'}, {'node_role': 'COMPUTE-1', 'private_ip_address': '10.0.0.3', 'public_ip_address': 'x.x.x.x'}]
    +
    +
    + cluster_paramater_groups + +
    + list +
    +     		success +
    The list of cluster parameters that are associated with this cluster.
    +
    +
    Sample:
    +
    [{'cluster_parameter_status_list': [{'parameter_apply_status': 'in-sync', 'parameter_name': 'statement_timeout'}, {'parameter_apply_status': 'in-sync', 'parameter_name': 'require_ssl'}], 'parameter_apply_status': 'in-sync', 'parameter_group_name': 'tuba'}]
    +
    +
    + cluster_public_keys + +
    + string +
    +     		success +
    The public key for the cluster.
    +
    +
    Sample:
    +
    ssh-rsa anjigfam Amazon-Redshift
    +
    +
    + cluster_revision_number + +
    + string +
    +     		success +
    The specific revision number of the database in the cluster.
    +
    +
    Sample:
    +
    1231
    +
    +
    + cluster_security_groups + +
    + list +
    +     		success +
    A list of cluster security groups that are associated with the cluster.
    +
    +
    +
    + cluster_snapshot_copy_status + +
    + dictionary +
    +     		success +
    A value that returns the destination region and retention period that are configured for cross-region snapshot copy.
    +
    +
    +
    + cluster_status + +
    + string +
    +     		success +
    Current state of the cluster.
    +
    +
    Sample:
    +
    available
    +
    +
    + cluster_subnet_group_name + +
    + string +
    +     		success +
    The name of the subnet group that is associated with the cluster.
    +
    +
    Sample:
    +
    redshift-subnet
    +
    +
    + cluster_version + +
    + string +
    +     		success +
    The version ID of the Amazon Redshift engine that is running on the cluster.
    +
    +
    Sample:
    +
    1.0
    +
    +
    + db_name + +
    + string +
    +     		success +
    The name of the initial database that was created when the cluster was created.
    +
    +
    Sample:
    +
    dev
    +
    +
    + elastic_ip_status + +
    + dictionary +
    +     		success +
    The status of the elastic IP (EIP) address.
    +
    +
    +
    + encrypted + +
    + boolean +
    +     		success +
    Boolean value that, if true , indicates that data in the cluster is encrypted at rest.
    +
    +
    Sample:
    +
    true|false
    +
    +
    + endpoint + +
    + string +
    +     		success +
    The connection endpoint.
    +
    +
    Sample:
    +
    {'address': 'cluster-ds2.ocmugla0rf.us-east-1.redshift.amazonaws.com', 'port': 5439}
    +
    +
    + enhanced_vpc_routing + +
    + boolean +
    +     		success +
    An option that specifies whether to create the cluster with enhanced VPC routing enabled.
    +
    +
    Sample:
    +
    true|false
    +
    +
    + hsm_status + +
    + dictionary +
    +     		success +
    A value that reports whether the Amazon Redshift cluster has finished applying any hardware security module (HSM) settings changes specified in a modify cluster command.
    +
    +
    +
    + iam_roles + +
    + list +
    +     		success +
    List of IAM roles attached to the cluster.
    +
    +
    +
    + kms_key_id + +
    + string +
    +     		success +
    The AWS Key Management Service (AWS KMS) key ID of the encryption key used to encrypt data in the cluster.
    +
    +
    +
    + master_username + +
    + string +
    +     		success +
    The master user name for the cluster.
    +
    +
    Sample:
    +
    admin
    +
    +
    + modify_status + +
    + string +
    +     		optional +
    The status of a modify operation.
    +
    +
    +
    + node_type + +
    + string +
    +     		success +
    The node type for nodes in the cluster.
    +
    +
    Sample:
    +
    ds2.xlarge
    +
    +
    + number_of_nodes + +
    + integer +
    +     		success +
    The number of compute nodes in the cluster.
    +
    +
    Sample:
    +
    12
    +
    +
    + pending_modified_values + +
    + dictionary +
    +     		success +
    A value that, if present, indicates that changes to the cluster are pending.
    +
    +
    +
    + preferred_maintenance_window + +
    + string +
    +     		success +
    The weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur.
    +
    +
    Sample:
    +
    tue:07:30-tue:08:00
    +
    +
    + publicly_accessible + +
    + boolean +
    +     		success +
    A Boolean value that, if true , indicates that the cluster can be accessed from a public network.
    +
    +
    Sample:
    +
    true|false
    +
    +
    + restore_status + +
    + dictionary +
    +     		success +
    A value that describes the status of a cluster restore action.
    +
    +
    +
    + tags + +
    + list +
    +     		success +
    The list of tags for the cluster.
    +
    +
    +
    + vpc_id + +
    + string +
    +     		success +
    The identifier of the VPC the cluster is in, if the cluster is in a VPC.
    +
    +
    Sample:
    +
    vpc-1234567
    +
    +
    + vpc_security_groups + +
    + list +
    +     		success +
    A list of VPC security groups the are associated with the cluster.
    +
    +
    Sample:
    +
    [{'status': 'active', 'vpc_security_group_id': 'sg-12cghhg'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Jens Carl (@j-carl) + + diff --git a/docs/community.aws.redshift_module.rst b/docs/community.aws.redshift_module.rst new file mode 100644 index 00000000000..026de44e071 --- /dev/null +++ b/docs/community.aws.redshift_module.rst @@ -0,0 +1,946 @@ +.. _community.aws.redshift_module: + + +********************** +community.aws.redshift +********************** + +**create, delete, or modify an Amazon Redshift instance** + + +Version added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." - "Rafael Driutti (@rafaeldriutti)" + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates, deletes, or modifies Amazon Redshift cluster instances. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + allow_version_upgrade + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When allow_version_upgrade=true the cluster may be automatically upgraded during the maintenance window.
    +

    aliases: version_upgrade
    +
    +
    + automated_snapshot_retention_period + +
    + integer +
    +     		+ +
    The number of days that automated snapshots are retained.
    +

    aliases: retention_period
    +
    +
    + availability_zone + +
    + string +
    +     		+ +
    Availability zone in which to launch cluster.
    +

    aliases: zone, aws_zone
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + cluster_parameter_group_name + +
    + string +
    +     		+ +
    Name of the cluster parameter group.
    +

    aliases: param_group_name
    +
    +
    + cluster_security_groups + +
    + list + / elements=string
    +     		+ +
    In which security group the cluster belongs.
    +

    aliases: security_groups
    +
    +
    + cluster_subnet_group_name + +
    + string +
    +     		+ +
    Which subnet to place the cluster.
    +

    aliases: subnet
    +
    +
    + cluster_type + +
    + string +
    +     		+
      Choices: +
    • multi-node
      • +
    • single-node ←
      • +
    +     		+
    The type of cluster.
    +
    +
    + cluster_version + +
    + string +
    +     		+
      Choices: +
    • 1.0
      • +
    +     		+
    Which version the cluster should have.
    +

    aliases: version
    +
    +
    + command + +
    + string + / required
    +     		+
      Choices: +
    • create
      • +
    • facts
      • +
    • delete
      • +
    • modify
      • +
    +     		+
    Specifies the action to take.
    +
    +
    + db_name + +
    + string +
    +     		+ +
    Name of the database.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + elastic_ip + +
    + string +
    +     		+ +
    An Elastic IP to use for the cluster.
    +
    +
    + encrypted + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If the cluster is encrypted or not.
    +
    +
    + enhanced_vpc_routing + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the cluster should have enhanced VPC routing enabled.
    +
    +
    + final_cluster_snapshot_identifier + +
    + string +
    +     		+ +
    Identifier of the final snapshot to be created before deleting the cluster.
    +
    If this parameter is provided, skip_final_cluster_snapshot must be false.
    +
    Used only when command=delete.
    +

    aliases: final_snapshot_id
    +
    +
    + identifier + +
    + string + / required
    +     		+ +
    Redshift cluster identifier.
    +
    +
    + new_cluster_identifier + +
    + string +
    +     		+ +
    Only used when command=modify.
    +

    aliases: new_identifier
    +
    +
    + node_type + +
    + string +
    +     		+
      Choices: +
    • ds1.xlarge
      • +
    • ds1.8xlarge
      • +
    • ds2.xlarge
      • +
    • ds2.8xlarge
      • +
    • dc1.large
      • +
    • dc2.large
      • +
    • dc1.8xlarge
      • +
    • dw1.xlarge
      • +
    • dw1.8xlarge
      • +
    • dw2.large
      • +
    • dw2.8xlarge
      • +
    +     		+
    The node type of the cluster.
    +
    Require when command=create.
    +
    +
    + number_of_nodes + +
    + integer +
    +     		+ +
    Number of nodes.
    +
    Only used when cluster_type=multi-node.
    +
    +
    + password + +
    + string +
    +     		+ +
    Master database password.
    +
    Used only when command=create.
    +
    +
    + port + +
    + integer +
    +     		+ +
    Which port the cluster is listening on.
    +
    +
    + preferred_maintenance_window + +
    + string +
    +     		+ +
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    +
    Times are specified in UTC.
    +
    If not specified then a random 30 minute maintenance window is assigned.
    +

    aliases: maintance_window, maint_window
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + publicly_accessible + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If the cluster is accessible publicly or not.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + skip_final_cluster_snapshot + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Skip a final snapshot before deleting the cluster.
    +
    Used only when command=delete.
    +

    aliases: skip_final_snapshot
    +
    +
    + username + +
    + string +
    +     		+ +
    Master database username.
    +
    Used only when command=create.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_security_group_ids + +
    + list + / elements=string
    +     		+ +
    VPC security group
    +

    aliases: vpc_security_groups
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When command=create, command=modify or command=restore then wait for the database to enter the 'available' state.
    +
    When command=delete wait for the database to be terminated.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    When wait=true defines how long in seconds before giving up.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Basic cluster provisioning example + community.aws.redshift: + command: create + node_type: ds1.xlarge + identifier: new_cluster + username: cluster_admin + password: 1nsecure + + - name: Cluster delete example + community.aws.redshift: + command: delete + identifier: new_cluster + skip_final_cluster_snapshot: true + wait: true + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + cluster + +
    + complex +
    +     		success +
    dictionary containing all the cluster information
    +
    +
      +
    + availability_zone + +
    + string +
    +     		success +
    Amazon availability zone where the cluster is located. "None" until cluster is available.
    +
    +
    Sample:
    +
    us-east-1b
    +
      +
    + create_time + +
    + float +
    +     		success +
    Time of the cluster creation as timestamp.
    +
    +
    Sample:
    +
    1430158536.308
    +
      +
    + db_name + +
    + string +
    +     		success +
    Name of the database.
    +
    +
    Sample:
    +
    new_db_name
    +
      +
    + enhanced_vpc_routing + +
    + boolean +
    +     		success +
    status of the enhanced vpc routing feature.
    +
    +
      +
    + identifier + +
    + string +
    +     		success +
    Id of the cluster.
    +
    +
    Sample:
    +
    new_redshift_cluster
    +
      +
    + maintenance_window + +
    + string +
    +     		success +
    Time frame when maintenance/upgrade are done.
    +
    +
    Sample:
    +
    sun:09:30-sun:10:00
    +
      +
    + port + +
    + integer +
    +     		success +
    Port of the cluster. "None" until cluster is available.
    +
    +
    Sample:
    +
    5439
    +
      +
    + private_ip_address + +
    + string +
    +     		success +
    Private IP address of the main node.
    +
    +
    Sample:
    +
    10.10.10.10
    +
      +
    + public_ip_address + +
    + string +
    +     		success +
    Public IP address of the main node. "None" when enhanced_vpc_routing is enabled.
    +
    +
    Sample:
    +
    0.0.0.0
    +
      +
    + status + +
    + string +
    +     		success +
    Status of the cluster.
    +
    +
    Sample:
    +
    available
    +
      +
    + url + +
    + string +
    +     		success +
    FQDN of the main cluster node. "None" until cluster is available.
    +
    +
    Sample:
    +
    new-redshift_cluster.jfkdjfdkj.us-east-1.redshift.amazonaws.com
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- None + + diff --git a/docs/community.aws.redshift_subnet_group_module.rst b/docs/community.aws.redshift_subnet_group_module.rst new file mode 100644 index 00000000000..3880fbce20f --- /dev/null +++ b/docs/community.aws.redshift_subnet_group_module.rst @@ -0,0 +1,373 @@ +.. _community.aws.redshift_subnet_group_module: + + +*********************************** +community.aws.redshift_subnet_group +*********************************** + +**manage Redshift cluster subnet groups** + + +Version added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create, modifies, and deletes Redshift cluster subnet groups. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + group_description + +
    + string +
    +     		+ +
    Database subnet group description.
    +

    aliases: description
    +
    +
    + group_name + +
    + string + / required
    +     		+ +
    Cluster subnet group name.
    +

    aliases: name
    +
    +
    + group_subnets + +
    + list + / elements=string
    +     		+ +
    List of subnet IDs that make up the cluster subnet group.
    +

    aliases: subnets
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the subnet should be present or absent.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a Redshift subnet group + community.aws.redshift_subnet_group: + state: present + group_name: redshift-subnet + group_description: Redshift subnet + group_subnets: + - 'subnet-aaaaa' + - 'subnet-bbbbb' + + - name: Remove subnet group + community.aws.redshift_subnet_group: + state: absent + group_name: redshift-subnet + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + group + +
    + complex +
    +     		success +
    dictionary containing all Redshift subnet group information
    +
    +
      +
    + name + +
    + string +
    +     		success +
    name of the Redshift subnet group
    +
    +
    Sample:
    +
    redshift_subnet_group_name
    +
      +
    + vpc_id + +
    + string +
    +     		success +
    Id of the VPC where the subnet is located
    +
    +
    Sample:
    +
    vpc-aabb1122
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- None + + diff --git a/docs/community.aws.route53_health_check_module.rst b/docs/community.aws.route53_health_check_module.rst new file mode 100644 index 00000000000..cae430f758d --- /dev/null +++ b/docs/community.aws.route53_health_check_module.rst @@ -0,0 +1,420 @@ +.. _community.aws.route53_health_check_module: + + +********************************** +community.aws.route53_health_check +********************************** + +**Add or delete health-checks in Amazons Route53 DNS service** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and deletes DNS Health checks in Amazons Route53 service. +- Only the port, resource_path, string_match and request_interval are considered when updating existing health-checks. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + failure_threshold + +
    + integer +
    +     		+
      Choices: +
    • 1
      • +
    • 2
      • +
    • 3 ←
      • +
    • 4
      • +
    • 5
      • +
    • 6
      • +
    • 7
      • +
    • 8
      • +
    • 9
      • +
    • 10
      • +
    +     		+
    The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
    +
    +
    + fqdn + +
    + string +
    +     		+ +
    Domain name of the endpoint to check. Either this or ip_address has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
    +
    +
    + ip_address + +
    + string +
    +     		+ +
    IP address of the end-point to check. Either this or fqdn has to be provided.
    +
    +
    + port + +
    + integer +
    +     		+ +
    The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + request_interval + +
    + integer +
    +     		+
      Choices: +
    • 10
      • +
    • 30 ←
      • +
    +     		+
    The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
    +
    +
    + resource_path + +
    + string +
    +     		+ +
    The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.
    +
    Required for all checks except TCP.
    +
    The path must begin with a /
    +
    Maximum 255 characters.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Specifies the action to take.
    +
    +
    + string_match + +
    + string +
    +     		+ +
    If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
    +
    +
    + type + +
    + string + / required
    +     		+
      Choices: +
    • HTTP
      • +
    • HTTPS
      • +
    • HTTP_STR_MATCH
      • +
    • HTTPS_STR_MATCH
      • +
    • TCP
      • +
    +     		+
    The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create a health-check for host1.example.com and use it in record + community.aws.route53_health_check: + state: present + fqdn: host1.example.com + type: HTTP_STR_MATCH + resource_path: / + string_match: "Hello" + request_interval: 10 + failure_threshold: 2 + register: my_health_check + + - community.aws.route53: + action: create + zone: "example.com" + type: CNAME + record: "www.example.com" + value: host1.example.com + ttl: 30 + # Routing policy + identifier: "host1@www" + weight: 100 + health_check: "{{ my_health_check.health_check.id }}" + + - name: Delete health-check + community.aws.route53_health_check: + state: absent + fqdn: host1.example.com + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- zimbatm (@zimbatm) + + diff --git a/docs/community.aws.route53_info_module.rst b/docs/community.aws.route53_info_module.rst new file mode 100644 index 00000000000..a0f98c940ce --- /dev/null +++ b/docs/community.aws.route53_info_module.rst @@ -0,0 +1,533 @@ +.. _community.aws.route53_info_module: + + +************************** +community.aws.route53_info +************************** + +**Retrieves route53 details using AWS methods** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Gets various details related to Route53 zone, record set or health check details. +- This module was called ``route53_facts`` before Ansible 2.9. The usage did not change. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + change_id + +
    + string +
    +     		+ +
    The ID of the change batch request.
    +
    The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
    +
    Required if query=change.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delegation_set_id + +
    + string +
    +     		+ +
    The DNS Zone delegation set ID.
    +
    +
    + dns_name + +
    + string +
    +     		+ +
    The first name in the lexicographic ordering of domain names that you want the list_command to start listing from.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + health_check_id + +
    + string +
    +     		+ +
    The ID of the health check.
    +
    Required if query is set to health_check and health_check_method is set to details or status or failure_reason.
    +
    +
    + health_check_method + +
    + string +
    +     		+
      Choices: +
    • list ←
      • +
    • details
      • +
    • status
      • +
    • failure_reason
      • +
    • count
      • +
    • tags
      • +
    +     		+
    This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
    +
    +
    + hosted_zone_id + +
    + string +
    +     		+ +
    The Hosted Zone ID of the DNS zone.
    +
    Required if query is set to hosted_zone and hosted_zone_method is set to details.
    +
    Required if query is set to record_sets.
    +
    +
    + hosted_zone_method + +
    + string +
    +     		+
      Choices: +
    • details
      • +
    • list ←
      • +
    • list_by_name
      • +
    • count
      • +
    • tags
      • +
    +     		+
    This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
    +
    +
    + max_items + +
    + string +
    +     		+ +
    Maximum number of items to return for various get/list requests.
    +
    +
    + next_marker + +
    + string +
    +     		+ +
    Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + query + +
    + string + / required
    +     		+
      Choices: +
    • change
      • +
    • checker_ip_range
      • +
    • health_check
      • +
    • hosted_zone
      • +
    • record_sets
      • +
    • reusable_delegation_set
      • +
    +     		+
    Specifies the query action to take.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + resource_id + +
    + list + / elements=string
    +     		+ +
    The ID/s of the specified resource/s.
    +
    Required if query=health_check and health_check_method=tags.
    +
    Required if query=hosted_zone and hosted_zone_method=tags.
    +

    aliases: resource_ids
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + start_record_name + +
    + string +
    +     		+ +
    The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from.
    +
    +
    + type + +
    + string +
    +     		+
      Choices: +
    • A
      • +
    • CNAME
      • +
    • MX
      • +
    • AAAA
      • +
    • TXT
      • +
    • PTR
      • +
    • SRV
      • +
    • SPF
      • +
    • CAA
      • +
    • NS
      • +
    +     		+
    The type of DNS record.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Simple example of listing all hosted zones + - name: List all hosted zones + community.aws.route53_info: + query: hosted_zone + register: hosted_zones + + # Getting a count of hosted zones + - name: Return a count of all hosted zones + community.aws.route53_info: + query: hosted_zone + hosted_zone_method: count + register: hosted_zone_count + + - name: List the first 20 resource record sets in a given hosted zone + community.aws.route53_info: + profile: account_name + query: record_sets + hosted_zone_id: ZZZ1111112222 + max_items: 20 + register: record_sets + + - name: List first 20 health checks + community.aws.route53_info: + query: health_check + health_check_method: list + max_items: 20 + register: health_checks + + - name: Get health check last failure_reason + community.aws.route53_info: + query: health_check + health_check_method: failure_reason + health_check_id: 00000000-1111-2222-3333-12345678abcd + register: health_check_failure_reason + + - name: Retrieve reusable delegation set details + community.aws.route53_info: + query: reusable_delegation_set + delegation_set_id: delegation id + register: delegation_sets + + - name: setup of example for using next_marker + community.aws.route53_info: + query: hosted_zone + max_items: 1 + register: first_info + + - name: example for using next_marker + community.aws.route53_info: + query: hosted_zone + next_marker: "{{ first_info.NextMarker }}" + max_items: 1 + when: "{{ 'NextMarker' in first_info }}" + + - name: retrieve host entries starting with host1.workshop.test.io + block: + - name: grab zone id + community.aws.route53_zone: + zone: "test.io" + register: AWSINFO + + - name: grab Route53 record information + community.aws.route53_info: + type: A + query: record_sets + hosted_zone_id: "{{ AWSINFO.zone_id }}" + start_record_name: "host1.workshop.test.io" + register: RECORDS + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Karen Cheng (@Etherdaemon) + + diff --git a/docs/community.aws.route53_module.rst b/docs/community.aws.route53_module.rst new file mode 100644 index 00000000000..6c758f244ea --- /dev/null +++ b/docs/community.aws.route53_module.rst @@ -0,0 +1,982 @@ +.. _community.aws.route53_module: + + +********************* +community.aws.route53 +********************* + +**add or delete entries in Amazons Route53 DNS service** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and deletes DNS records in Amazons Route53 service + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + alias + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates if this is an alias record.
    +
    +
    + alias_evaluate_target_health + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
    +
    +
    + alias_hosted_zone_id + +
    + string +
    +     		+ +
    The hosted zone identifier.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + failover + +
    + string +
    +     		+
      Choices: +
    • SECONDARY
      • +
    • PRIMARY
      • +
    +     		+
    Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
    +
    +
    + health_check + +
    + string +
    +     		+ +
    Health check to associate with this record
    +
    +
    + hosted_zone_id + +
    + string +
    +     		+ +
    The Hosted Zone ID of the DNS zone to modify.
    +
    This is a required parameter, if parameter zone is not supplied.
    +
    +
    + identifier + +
    + string +
    +     		+ +
    Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    +
    +
    + overwrite + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether an existing record should be overwritten on create if values do not match.
    +
    +
    + private_zone + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + record + +
    + string + / required
    +     		+ +
    The full DNS record to create or delete.
    +
    +
    + region + +
    + string +
    +     		+ +
    Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
    +
    +
    + retry_interval + +
    + integer +
    +     		+ Default:
    500
    +     		+
    In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • get
      • +
    • create
      • +
    • delete
      • +
    +     		+
    Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.
    +

    aliases: command
    +
    +
    + ttl + +
    + integer +
    +     		+ Default:
    3600
    +     		+
    The TTL, in second, to give the new record.
    +
    +
    + type + +
    + string + / required
    +     		+
      Choices: +
    • A
      • +
    • CNAME
      • +
    • MX
      • +
    • AAAA
      • +
    • TXT
      • +
    • PTR
      • +
    • SRV
      • +
    • SPF
      • +
    • CAA
      • +
    • NS
      • +
    • SOA
      • +
    +     		+
    The type of DNS record to create.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + value + +
    + list +
    +     		+ +
    The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
    +
    When deleting a record all values for the record must be specified or Route53 will not delete it.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.
    +
    This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
    +
    +
    + wait + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
    +
    +
    + wait_timeout + +
    + integer +
    +     		+ Default:
    300
    +     		+
    How long to wait for the changes to be replicated, in seconds.
    +
    +
    + weight + +
    + integer +
    +     		+ +
    Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
    +
    +
    + zone + +
    + string +
    +     		+ +
    The DNS zone to modify.
    +
    This is a required parameter, if parameter hosted_zone_id is not supplied.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated + community.aws.route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: 1.1.1.1,2.2.2.2,3.3.3.3 + wait: yes + + - name: Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated + community.aws.route53: + state: present + zone: foo.com + record: new.foo.com + type: A + ttl: 7200 + value: + - 1.1.1.1 + - 2.2.2.2 + - 3.3.3.3 + wait: yes + + - name: Retrieve the details for new.foo.com + community.aws.route53: + state: get + zone: foo.com + record: new.foo.com + type: A + register: rec + + - name: Delete new.foo.com A record using the results from the get command + community.aws.route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" + + # Add an AAAA record. Note that because there are colons in the value + # that the IPv6 address must be quoted. Also shows using the old form command=create. + - name: Add an AAAA record + community.aws.route53: + command: create + zone: foo.com + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + + # For more information on SRV records see: + # https://en.wikipedia.org/wiki/SRV_record + - name: Add a SRV record with multiple fields for a service on port 22222 + community.aws.route53: + state: present + zone: foo.com + record: "_example-service._tcp.foo.com" + type: SRV + value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" + + # Note that TXT and SPF records must be surrounded + # by quotes when sent to Route 53: + - name: Add a TXT record. + community.aws.route53: + state: present + zone: foo.com + record: localhost.foo.com + type: TXT + ttl: 7200 + value: '"bar"' + + - name: Add an alias record that points to an Amazon ELB + community.aws.route53: + state: present + zone: foo.com + record: elb.foo.com + type: A + value: "{{ elb_dns_name }}" + alias: True + alias_hosted_zone_id: "{{ elb_zone_id }}" + + - name: Retrieve the details for elb.foo.com + community.aws.route53: + state: get + zone: foo.com + record: elb.foo.com + type: A + register: rec + + - name: Delete an alias record using the results from the get command + community.aws.route53: + state: absent + zone: foo.com + record: "{{ rec.set.record }}" + ttl: "{{ rec.set.ttl }}" + type: "{{ rec.set.type }}" + value: "{{ rec.set.value }}" + alias: True + alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" + + - name: Add an alias record that points to an Amazon ELB and evaluates it health + community.aws.route53: + state: present + zone: foo.com + record: elb.foo.com + type: A + value: "{{ elb_dns_name }}" + alias: True + alias_hosted_zone_id: "{{ elb_zone_id }}" + alias_evaluate_target_health: True + + - name: Add an AAAA record with Hosted Zone ID + community.aws.route53: + state: present + zone: foo.com + hosted_zone_id: Z2AABBCCDDEEFF + record: localhost.foo.com + type: AAAA + ttl: 7200 + value: "::1" + + - name: Use a routing policy to distribute traffic + community.aws.route53: + state: present + zone: foo.com + record: www.foo.com + type: CNAME + value: host1.foo.com + ttl: 30 + # Routing policy + identifier: "host1@www" + weight: 100 + health_check: "d994b780-3150-49fd-9205-356abdd42e75" + + - name: Add a CAA record (RFC 6844) + community.aws.route53: + state: present + zone: example.com + record: example.com + type: CAA + value: + - 0 issue "ca.example.net" + - 0 issuewild ";" + - 0 iodef "mailto:security@example.com" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + nameservers + +
    + list +
    +     		when state is 'get' +
    Nameservers associated with the zone.
    +
    +
    Sample:
    +
    ['ns-1036.awsdns-00.org.', 'ns-516.awsdns-00.net.', 'ns-1504.awsdns-00.co.uk.', 'ns-1.awsdns-00.com.']
    +
    +
    + set + +
    + complex +
    +     		when state is 'get' +
    Info specific to the resource record.
    +
    +
      +
    + alias + +
    + boolean +
    +     		always +
    Whether this is an alias.
    +
    +
      +
    + failover + +
    + string +
    +     		always +
    Whether this is the primary or secondary resource record set.
    +
    +
    Sample:
    +
    PRIMARY
    +
      +
    + health_check + +
    + string +
    +     		always +
    health_check associated with this record.
    +
    +
      +
    + identifier + +
    + string +
    +     		always +
    An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    +
    +
      +
    + record + +
    + string +
    +     		always +
    Domain name for the record set.
    +
    +
    Sample:
    +
    new.foo.com.
    +
      +
    + region + +
    + string +
    +     		always +
    Which region this should be associated with for latency-based routing.
    +
    +
    Sample:
    +
    us-west-2
    +
      +
    + ttl + +
    + string +
    +     		always +
    Resource record cache TTL.
    +
    +
    Sample:
    +
    3600
    +
      +
    + type + +
    + string +
    +     		always +
    Resource record set type.
    +
    +
    Sample:
    +
    A
    +
      +
    + value + +
    + string +
    +     		always +
    Record value.
    +
    +
    Sample:
    +
    52.43.18.27
    +
      +
    + values + +
    + list +
    +     		always +
    Record Values.
    +
    +
    Sample:
    +
    ['52.43.18.27']
    +
      +
    + weight + +
    + string +
    +     		always +
    Weight of the record.
    +
    +
    Sample:
    +
    3
    +
      +
    + zone + +
    + string +
    +     		always +
    Zone this record set belongs to.
    +
    +
    Sample:
    +
    foo.bar.com.
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Bruce Pennypacker (@bpennypacker) +- Mike Buzzetti (@jimbydamonk) + + diff --git a/docs/community.aws.route53_zone_module.rst b/docs/community.aws.route53_zone_module.rst new file mode 100644 index 00000000000..2943223a96d --- /dev/null +++ b/docs/community.aws.route53_zone_module.rst @@ -0,0 +1,495 @@ +.. _community.aws.route53_zone_module: + + +************************** +community.aws.route53_zone +************************** + +**add or delete Route53 zones** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Creates and deletes Route53 private and public zones. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + comment + +
    + string +
    +     		+ Default:
    ""
    +     		+
    Comment associated with the zone.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delegation_set_id + +
    + string +
    +     		+ +
    The reusable delegation set ID to be associated with the zone.
    +
    Note that you can't associate a reusable delegation set with a private hosted zone.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + hosted_zone_id + +
    + string +
    +     		+ +
    The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
    +
    Required if there are multiple zones identified with the above options.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether or not the zone should exist or not.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + vpc_id + +
    + string +
    +     		+ +
    The VPC ID the zone should be a part of (if this is going to be a private zone).
    +
    +
    + vpc_region + +
    + string +
    +     		+ +
    The VPC Region the zone should be a part of (if this is going to be a private zone).
    +
    +
    + zone + +
    + string + / required
    +     		+ +
    The DNS zone record (eg: foo.com.)
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create a public zone + community.aws.route53_zone: + zone: example.com + comment: this is an example + + - name: delete a public zone + community.aws.route53_zone: + zone: example.com + state: absent + + - name: create a private zone + community.aws.route53_zone: + zone: devel.example.com + vpc_id: '{{ myvpc_id }}' + vpc_region: us-west-2 + comment: developer domain + + - name: create a public zone associated with a specific reusable delegation set + community.aws.route53_zone: + zone: example.com + comment: reusable delegation set example + delegation_set_id: A1BCDEF2GHIJKL + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + comment + +
    + string +
    +     		when hosted zone exists +
    optional hosted zone comment
    +
    +
    Sample:
    +
    Private zone
    +
    +
    + delegation_set_id + +
    + string +
    +     		for public hosted zones, if they have been associated with a reusable delegation set +
    id of the associated reusable delegation set
    +
    +
    Sample:
    +
    A1BCDEF2GHIJKL
    +
    +
    + name + +
    + string +
    +     		when hosted zone exists +
    hosted zone name
    +
    +
    Sample:
    +
    private.local.
    +
    +
    + private_zone + +
    + boolean +
    +     		when hosted zone exists +
    whether hosted zone is private or public
    +
    +
    Sample:
    +
    True
    +
    +
    + vpc_id + +
    + string +
    +     		for private hosted zone +
    id of vpc attached to private hosted zone
    +
    +
    Sample:
    +
    vpc-1d36c84f
    +
    +
    + vpc_region + +
    + string +
    +     		for private hosted zone +
    region of vpc attached to private hosted zone
    +
    +
    Sample:
    +
    eu-west-1
    +
    +
    + zone_id + +
    + string +
    +     		when hosted zone exists +
    hosted zone id
    +
    +
    Sample:
    +
    Z6JQG9820BEFMW
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Christopher Troup (@minichate) + + diff --git a/docs/community.aws.s3_bucket_notification_module.rst b/docs/community.aws.s3_bucket_notification_module.rst new file mode 100644 index 00000000000..dcbbc4fd7bd --- /dev/null +++ b/docs/community.aws.s3_bucket_notification_module.rst @@ -0,0 +1,427 @@ +.. _community.aws.s3_bucket_notification_module: + + +************************************ +community.aws.s3_bucket_notification +************************************ + +**Creates, updates or deletes S3 Bucket notification for lambda** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module allows the management of AWS Lambda function bucket event mappings via the Ansible framework. Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_policy ` to modify lambda permissions. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bucket_name + +
    + string + / required
    +     		+ +
    S3 bucket name.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + event_name + +
    + string + / required
    +     		+ +
    Unique name for event notification on bucket.
    +
    +
    + events + +
    + list + / elements=string
    +     		+
      Choices: +
    • s3:ObjectCreated:*
      • +
    • s3:ObjectCreated:Put
      • +
    • s3:ObjectCreated:Post
      • +
    • s3:ObjectCreated:Copy
      • +
    • s3:ObjectCreated:CompleteMultipartUpload
      • +
    • s3:ObjectRemoved:*
      • +
    • s3:ObjectRemoved:Delete
      • +
    • s3:ObjectRemoved:DeleteMarkerCreated
      • +
    • s3:ObjectRestore:Post
      • +
    • s3:ObjectRestore:Completed
      • +
    • s3:ReducedRedundancyLostObject
      • +
    +     		+
    Events that you want to be triggering notifications. You can select multiple events to send to the same destination, you can set up different events to send to different destinations, and you can set up a prefix or suffix for an event. However, for each bucket, individual events cannot have multiple configurations with overlapping prefixes or suffixes that could match the same object key.
    +
    Required when state=present.
    +
    +
    + lambda_alias + +
    + string +
    +     		+ +
    Name of the Lambda function alias.
    +
    Mutually exclusive with lambda_version.
    +
    +
    + lambda_function_arn + +
    + string +
    +     		+ +
    The ARN of the lambda function.
    +

    aliases: function_arn
    +
    +
    + lambda_version + +
    + integer +
    +     		+ +
    Version of the Lambda function.
    +
    Mutually exclusive with lambda_alias.
    +
    +
    + prefix + +
    + string +
    +     		+ +
    Optional prefix to limit the notifications to objects with keys that start with matching characters.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    + suffix + +
    + string +
    +     		+ +
    Optional suffix to limit the notifications to objects with keys that end with matching characters.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - This module heavily depends on :ref:`community.aws.lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + --- + # Example that creates a lambda event notification for a bucket + - name: Process jpg image + community.aws.s3_bucket_notification: + state: present + event_name: on_file_add_or_remove + bucket_name: test-bucket + function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda + events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] + prefix: images/ + suffix: .jpg + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + notification_configuration + +
    + list +
    +     		success +
    list of currently applied notifications
    +
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- XLAB d.o.o. (@xlab-si) +- Aljaz Kosir (@aljazkosir) +- Miha Plesko (@miha-plesko) + + diff --git a/docs/community.aws.s3_lifecycle_module.rst b/docs/community.aws.s3_lifecycle_module.rst new file mode 100644 index 00000000000..49eb0ab2973 --- /dev/null +++ b/docs/community.aws.s3_lifecycle_module.rst @@ -0,0 +1,576 @@ +.. _community.aws.s3_lifecycle_module: + + +************************** +community.aws.s3_lifecycle +************************** + +**Manage s3 bucket lifecycle rules in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage s3 bucket lifecycle rules in AWS + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- python >= 2.6 +- python-dateutil + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + expiration_date + +
    + string +
    +     		+ +
    Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.
    +
    +
    + expiration_days + +
    + integer +
    +     		+ +
    Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the s3 bucket
    +
    +
    + noncurrent_version_expiration_days + +
    + integer +
    +     		+ +
    Delete noncurrent versions this many days after they become noncurrent
    +
    +
    + noncurrent_version_storage_class + +
    + string +
    +     		+
      Choices: +
    • glacier ←
      • +
    • onezone_ia
      • +
    • standard_ia
      • +
    +     		+
    Transition noncurrent versions to this storage class
    +
    +
    + noncurrent_version_transition_days + +
    + integer +
    +     		+ +
    Transition noncurrent versions this many days after they become noncurrent
    +
    +
    + noncurrent_version_transitions + +
    + list +
    +     		+ +
    A list of transition behaviors to be applied to noncurrent versions for the rule. Each storage class may be used only once. Each transition behavior contains these elements + transition_days + storage_class
    +
    +
    + prefix + +
    + string +
    +     		+ +
    Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_transitions + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    "Whether to replace all the current transition(s) with the new transition(s). When false, the provided transition(s) will be added, replacing transitions with the same storage_class. When true, existing transitions will be removed and replaced with the new transition(s)
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + requester_pays + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The requester_pays option does nothing and will be removed after 2022-06-01
    +
    +
    + rule_id + +
    + string +
    +     		+ +
    Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove the lifecycle rule
    +
    +
    + status + +
    + string +
    +     		+
      Choices: +
    • enabled ←
      • +
    • disabled
      • +
    +     		+
    If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
    +
    +
    + storage_class + +
    + string +
    +     		+
      Choices: +
    • glacier ←
      • +
    • onezone_ia
      • +
    • standard_ia
      • +
    +     		+
    The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
    +
    The 'standard_ia' class is only being available from Ansible version 2.2.
    +
    +
    + transition_date + +
    + string +
    +     		+ +
    Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required."
    +
    +
    + transition_days + +
    + integer +
    +     		+ +
    Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
    +
    +
    + transitions + +
    + list +
    +     		+ +
    A list of transition behaviors to be applied to the rule. Each storage class may be used only once. Each transition behavior may contain these elements transition_days transition_date storage_class
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If specifying expiration time as days then transition time must also be specified in days + - If specifying expiration time as a date then transition time must also be specified as a date + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days + community.aws.s3_lifecycle: + name: mybucket + expiration_days: 30 + prefix: logs/ + status: enabled + state: present + + - name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days + community.aws.s3_lifecycle: + name: mybucket + transition_days: 7 + expiration_days: 90 + prefix: logs/ + status: enabled + state: present + + # Note that midnight GMT must be specified. + # Be sure to quote your date strings + - name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. + community.aws.s3_lifecycle: + name: mybucket + transition_date: "2020-12-30T00:00:00.000Z" + expiration_date: "2030-12-30T00:00:00.000Z" + prefix: logs/ + status: enabled + state: present + + - name: Disable the rule created above + community.aws.s3_lifecycle: + name: mybucket + prefix: logs/ + status: disabled + state: present + + - name: Delete the lifecycle rule created above + community.aws.s3_lifecycle: + name: mybucket + prefix: logs/ + state: absent + + - name: Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. + community.aws.s3_lifecycle: + name: mybucket + prefix: backups/ + storage_class: standard_ia + transition_days: 31 + state: present + status: enabled + + - name: Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 + community.aws.s3_lifecycle: + name: mybucket + prefix: logs/ + state: present + status: enabled + transitions: + - transition_days: 30 + storage_class: standard_ia + - transition_days: 90 + storage_class: glacier + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.s3_logging_module.rst b/docs/community.aws.s3_logging_module.rst new file mode 100644 index 00000000000..1662ee90d97 --- /dev/null +++ b/docs/community.aws.s3_logging_module.rst @@ -0,0 +1,305 @@ +.. _community.aws.s3_logging_module: + + +************************ +community.aws.s3_logging +************************ + +**Manage logging facility of an s3 bucket in AWS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage logging facility of an s3 bucket in AWS + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the s3 bucket.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Enable or disable logging.
    +
    +
    + target_bucket + +
    + string +
    +     		+ +
    The bucket to log to. Required when state=present.
    +
    +
    + target_prefix + +
    + string +
    +     		+ Default:
    ""
    +     		+
    The prefix that should be prepended to the generated log files written to the target_bucket.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Enable logging of s3 bucket mywebsite.com to s3 bucket mylogs + community.aws.s3_logging: + name: mywebsite.com + target_bucket: mylogs + target_prefix: logs/mywebsite.com + state: present + + - name: Remove logging on an s3 bucket + community.aws.s3_logging: + name: mywebsite.com + state: absent + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.s3_sync_module.rst b/docs/community.aws.s3_sync_module.rst new file mode 100644 index 00000000000..ba5e284cbb8 --- /dev/null +++ b/docs/community.aws.s3_sync_module.rst @@ -0,0 +1,577 @@ +.. _community.aws.s3_sync_module: + + +********************* +community.aws.s3_sync +********************* + +**Efficiently upload multiple files to S3** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The S3 module is great, but it is very slow for a large volume of files- even a dozen will be noticeable. In addition to speed, it handles globbing, inclusions/exclusions, mime types, expiration mapping, recursion, cache control and smart directory mapping. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 >= 1.4.4 +- botocore +- python >= 2.6 +- python-dateutil + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + bucket + +
    + string + / required
    +     		+ +
    Bucket name.
    +
    +
    + cache_control + +
    + string +
    +     		+ +
    Cache-Control header set on uploaded objects.
    +
    Directives are separated by commas.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delete + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Remove remote files that exist in bucket but are not present in the file root.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + exclude + +
    + string +
    +     		+ Default:
    ".*"
    +     		+
    Shell pattern-style file matching.
    +
    Used after include to remove files (for instance, skip "*.txt")
    +
    For multiple patterns, comma-separate them.
    +
    +
    + file_change_strategy + +
    + string +
    +     		+
      Choices: +
    • force
      • +
    • checksum
      • +
    • date_size ←
      • +
    +     		+
    Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.
    +
    date_size will upload if file sizes don't match or if local file modified date is newer than s3's version
    +
    checksum will compare etag values based on s3's implementation of chunked md5s.
    +
    force will always upload all files.
    +
    +
    + file_root + +
    + path + / required
    +     		+ +
    File/directory path for synchronization. This is a local path.
    +
    This root path is scrubbed from the key name, so subdirectories will remain as keys.
    +
    +
    + include + +
    + string +
    +     		+ Default:
    "*"
    +     		+
    Shell pattern-style file matching.
    +
    Used before exclude to determine eligible files (for instance, only "*.gif")
    +
    For multiple patterns, comma-separate them.
    +
    +
    + key_prefix + +
    + string +
    +     		+ +
    In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
    +
    +
    + mime_map + +
    + dictionary +
    +     		+ +
    Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example {".txt": "application/text", ".yml": "application/text"}
    +
    +
    + mode + +
    + string +
    +     		+
      Choices: +
    • push ←
      • +
    +     		+
    sync direction.
    +
    +
    + permission + +
    + string +
    +     		+
      Choices: +
    • private
      • +
    • public-read
      • +
    • public-read-write
      • +
    • authenticated-read
      • +
    • aws-exec-read
      • +
    • bucket-owner-read
      • +
    • bucket-owner-full-control
      • +
    +     		+
    Canned ACL to apply to synced files.
    +
    Changing this ACL only changes newly synced files, it does not trigger a full reupload.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + retries + +
    + string +
    +     		+ +
    The retries option does nothing and will be removed after 2022-06-01
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: basic upload + community.aws.s3_sync: + bucket: tedder + file_root: roles/s3/files/ + + - name: all the options + community.aws.s3_sync: + bucket: tedder + file_root: roles/s3/files + mime_map: + .yml: application/text + .json: application/text + key_prefix: config_files/web + file_change_strategy: force + permission: public-read + cache_control: "public, max-age=31536000" + include: "*" + exclude: "*.txt,.*" + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + filelist_actionable + +
    + list +
    +     		always +
    file listing (dicts) of files that will be uploaded after the strategy decision
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477931256, 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931256 / 1477929260'}]
    +
    +
    + filelist_initial + +
    + list +
    +     		always +
    file listing (dicts) from initial globbing
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'modified_epoch': 1477416706}]
    +
    +
    + filelist_local_etag + +
    + list +
    +     		always +
    file listing (dicts) including calculated local etag
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    +
    +
    + filelist_s3 + +
    + list +
    +     		always +
    file listing (dicts) including information about previously-uploaded versions
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    +
    +
    + filelist_typed + +
    + list +
    +     		always +
    file listing (dicts) with calculated or overridden mime types
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706}]
    +
    +
    + uploaded + +
    + list +
    +     		always +
    file listing (dicts) of files that were actually uploaded
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931637 / 1477931489'}]
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Ted Timmons (@tedder) + + diff --git a/docs/community.aws.s3_website_module.rst b/docs/community.aws.s3_website_module.rst new file mode 100644 index 00000000000..8fd280997b0 --- /dev/null +++ b/docs/community.aws.s3_website_module.rst @@ -0,0 +1,641 @@ +.. _community.aws.s3_website_module: + + +************************ +community.aws.s3_website +************************ + +**Configure an s3 bucket as a website** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Configure an s3 bucket as a website + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + error_key + +
    + string +
    +     		+ +
    The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the s3 bucket
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + redirect_all_requests + +
    + string +
    +     		+ +
    Describes the redirect behavior for every request to this s3 bucket website endpoint
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string + / required
    +     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Add or remove s3 website configuration
    +
    +
    + suffix + +
    + string +
    +     		+ Default:
    "index.html"
    +     		+
    Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Configure an s3 bucket to redirect all requests to example.com + community.aws.s3_website: + name: mybucket.com + redirect_all_requests: example.com + state: present + + - name: Remove website configuration from an s3 bucket + community.aws.s3_website: + name: mybucket.com + state: absent + + - name: Configure an s3 bucket as a website with index and error pages + community.aws.s3_website: + name: mybucket.com + suffix: home.htm + error_key: errors/404.htm + state: present + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + error_document + +
    + complex +
    +     		always +
    error document
    +
    +
      +
    + key + +
    + string +
    +     		when error_document parameter set +
    object key name to use when a 4XX class error occurs
    +
    +
    Sample:
    +
    error.html
    +
    +
    + index_document + +
    + complex +
    +     		always +
    index document
    +
    +
      +
    + suffix + +
    + string +
    +     		success +
    suffix that is appended to a request that is for a directory on the website endpoint
    +
    +
    Sample:
    +
    index.html
    +
    +
    + redirect_all_requests_to + +
    + complex +
    +     		always +
    where to redirect requests
    +
    +
      +
    + host_name + +
    + string +
    +     		when redirect all requests parameter set +
    name of the host where requests will be redirected.
    +
    +
    Sample:
    +
    ansible.com
    +
      +
    + protocol + +
    + string +
    +     		when redirect all requests parameter set +
    protocol to use when redirecting requests.
    +
    +
    Sample:
    +
    https
    +
    +
    + routing_rules + +
    + list +
    +     		always +
    routing rules
    +
    +
      +
    + condition + +
    + complex +
    +     		+
    A container for describing a condition that must be met for the specified redirect to apply.
    +
    +
       +
    + http_error_code_returned_equals + +
    + string +
    +     		always +
    The HTTP error code when the redirect is applied.
    +
    +
       +
    + key_prefix_equals + +
    + string +
    +     		when routing rule present +
    object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html
    +
    +
    Sample:
    +
    docs/
    +
      +
    + redirect + +
    + complex +
    +     		always +
    Container for redirect information.
    +
    +
       +
    + host_name + +
    + string +
    +     		when host name set as part of redirect rule +
    name of the host where requests will be redirected.
    +
    +
    Sample:
    +
    ansible.com
    +
       +
    + http_redirect_code + +
    + string +
    +     		when routing rule present +
    The HTTP redirect code to use on the response.
    +
    +
       +
    + protocol + +
    + string +
    +     		when routing rule present +
    Protocol to use when redirecting requests.
    +
    +
    Sample:
    +
    http
    +
       +
    + replace_key_prefix_with + +
    + string +
    +     		when routing rule present +
    object key prefix to use in the redirect request
    +
    +
    Sample:
    +
    documents/
    +
       +
    + replace_key_with + +
    + string +
    +     		when routing rule present +
    object key prefix to use in the redirect request
    +
    +
    Sample:
    +
    documents/
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Rob White (@wimnat) + + diff --git a/docs/community.aws.sns_module.rst b/docs/community.aws.sns_module.rst new file mode 100644 index 00000000000..8a7f1cb26d1 --- /dev/null +++ b/docs/community.aws.sns_module.rst @@ -0,0 +1,508 @@ +.. _community.aws.sns_module: + + +***************** +community.aws.sns +***************** + +**Send Amazon Simple Notification Service messages** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Sends a notification to a topic on your Amazon SNS account. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + application + +
    + string +
    +     		+ +
    Message to send to application subscriptions.
    +
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + email + +
    + string +
    +     		+ +
    Message to send to email subscriptions.
    +
    +
    + email_json + +
    + string +
    +     		+ +
    Message to send to email-json subscriptions.
    +
    +
    + http + +
    + string +
    +     		+ +
    Message to send to HTTP subscriptions.
    +
    +
    + https + +
    + string +
    +     		+ +
    Message to send to HTTPS subscriptions.
    +
    +
    + lambda + +
    + string +
    +     		+ +
    Message to send to Lambda subscriptions.
    +
    +
    + message_attributes + +
    + dictionary +
    +     		+ +
    Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
    +
    This is in AWS's distinct Name/Type/Value format; see example below.
    +
    +
    + message_structure + +
    + string +
    +     		+
      Choices: +
    • json ←
      • +
    • string
      • +
    +     		+
    The payload format to use for the message.
    +
    This must be 'json' to support protocol-specific messages (http, https, email, sms, sqs).
    +
    It must be 'string' to support message_attributes.
    +
    +
    + msg + +
    + string + / required
    +     		+ +
    Default message for subscriptions without a more specific message.
    +

    aliases: default
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + sms + +
    + string +
    +     		+ +
    Message to send to SMS subscriptions.
    +
    +
    + sqs + +
    + string +
    +     		+ +
    Message to send to SQS subscriptions.
    +
    +
    + subject + +
    + string +
    +     		+ +
    Message subject
    +
    +
    + topic + +
    + string + / required
    +     		+ +
    The name or ARN of the topic to publish to.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Send default notification message via SNS + community.aws.sns: + msg: '{{ inventory_hostname }} has completed the play.' + subject: Deploy complete! + topic: deploy + delegate_to: localhost + + - name: Send notification messages via SNS with short message for SMS + community.aws.sns: + msg: '{{ inventory_hostname }} has completed the play.' + sms: deployed! + subject: Deploy complete! + topic: deploy + delegate_to: localhost + + - name: Send message with message_attributes + community.aws.sns: + topic: "deploy" + msg: "message with extra details!" + message_attributes: + channel: + data_type: String + string_value: "mychannel" + color: + data_type: String + string_value: "green" + delegate_to: localhost + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + message_id + +
    + string +
    +     		when success +
    The message ID of the submitted message
    +
    +
    Sample:
    +
    2f681ef0-6d76-5c94-99b2-4ae3996ce57b
    +
    +
    + msg + +
    + string +
    +     		always +
    Human-readable diagnostic information
    +
    +
    Sample:
    +
    OK
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Michael J. Schultz (@mjschultz) +- Paul Arthur (@flowerysong) + + diff --git a/docs/community.aws.sns_topic_module.rst b/docs/community.aws.sns_topic_module.rst new file mode 100644 index 00000000000..c47c7f3f172 --- /dev/null +++ b/docs/community.aws.sns_topic_module.rst @@ -0,0 +1,773 @@ +.. _community.aws.sns_topic_module: + + +*********************** +community.aws.sns_topic +*********************** + +**Manages AWS SNS topics and subscriptions** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The :ref:`community.aws.sns_topic ` module allows you to create, delete, and manage subscriptions for AWS SNS topics. +- As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delivery_policy + +
    + dictionary +
    +     		+ +
    Delivery policy to apply to the SNS topic.
    +
    +
    + display_name + +
    + string +
    +     		+ +
    Display name of the topic.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    The name or ARN of the SNS topic to manage.
    +
    +
    + policy + +
    + dictionary +
    +     		+ +
    Policy to apply to the SNS topic.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_subscriptions + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    Whether to create or destroy an SNS topic.
    +
    +
    + subscriptions + +
    + list + / elements=dictionary
    +     		+ Default:
    []
    +     		+
    List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
    +
    +
    + endpoint + +
    + - + / required
    +     		+ +
    Endpoint of subscription.
    +
    +
    + protocol + +
    + - + / required
    +     		+ +
    Protocol of subscription.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + + - name: Create alarm SNS topic + community.aws.sns_topic: + name: "alarms" + state: present + display_name: "alarm SNS topic" + delivery_policy: + http: + defaultHealthyRetryPolicy: + minDelayTarget: 2 + maxDelayTarget: 4 + numRetries: 3 + numMaxDelayRetries: 5 + backoffFunction: "" + disableSubscriptionOverrides: True + defaultThrottlePolicy: + maxReceivesPerSecond: 10 + subscriptions: + - endpoint: "my_email_address@example.com" + protocol: "email" + - endpoint: "my_mobile_number" + protocol: "sms" + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + community.aws.sns_topic + +
    + complex +
    +     		always +
    Dict of sns topic details
    +
    +
      +
    + attributes_set + +
    + list +
    +     		always +
    list of attributes set during this run
    +
    +
      +
    + check_mode + +
    + boolean +
    +     		always +
    whether check mode was on
    +
    +
      +
    + delivery_policy + +
    + string +
    +     		when topic is owned by this AWS account +
    Delivery policy for the SNS topic
    +
    +
    Sample:
    +
    {"http":{"defaultHealthyRetryPolicy":{"minDelayTarget":20,"maxDelayTarget":20,"numRetries":3,"numMaxDelayRetries":0, "numNoDelayRetries":0,"numMinDelayRetries":0,"backoffFunction":"linear"},"disableSubscriptionOverrides":false}}
    +
      +
    + display_name + +
    + string +
    +     		when topic is owned by this AWS account +
    Display name for SNS topic
    +
    +
    Sample:
    +
    My topic name
    +
      +
    + name + +
    + string +
    +     		always +
    Topic name
    +
    +
    Sample:
    +
    ansible-test-dummy-topic
    +
      +
    + owner + +
    + string +
    +     		when topic is owned by this AWS account +
    AWS account that owns the topic
    +
    +
    Sample:
    +
    111111111111
    +
      +
    + policy + +
    + string +
    +     		when topic is owned by this AWS account +
    Policy for the SNS topic
    +
    +
    Sample:
    +
    {"Version":"2012-10-17","Id":"SomePolicyId","Statement":[{"Sid":"ANewSid","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111111111111:root"}, "Action":"sns:Subscribe","Resource":"arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic","Condition":{"StringEquals":{"sns:Protocol":"email"}}}]}
    +
      +
    + state + +
    + string +
    +     		always +
    whether the topic is present or absent
    +
    +
    Sample:
    +
    present
    +
      +
    + subscriptions + +
    + list +
    +     		always +
    List of subscribers to the topic in this AWS account
    +
    +
      +
    + subscriptions_added + +
    + list +
    +     		always +
    List of subscribers added in this run
    +
    +
      +
    + subscriptions_confirmed + +
    + string +
    +     		when topic is owned by this AWS account +
    Count of confirmed subscriptions
    +
    +
    Sample:
    +
    0
    +
      +
    + subscriptions_deleted + +
    + string +
    +     		when topic is owned by this AWS account +
    Count of deleted subscriptions
    +
    +
    Sample:
    +
    0
    +
      +
    + subscriptions_existing + +
    + list +
    +     		always +
    List of existing subscriptions
    +
    +
      +
    + subscriptions_new + +
    + list +
    +     		always +
    List of new subscriptions
    +
    +
      +
    + subscriptions_pending + +
    + string +
    +     		when topic is owned by this AWS account +
    Count of pending subscriptions
    +
    +
    Sample:
    +
    0
    +
      +
    + subscriptions_purge + +
    + boolean +
    +     		always +
    Whether or not purge_subscriptions was set
    +
    +
    Sample:
    +
    True
    +
      +
    + topic_arn + +
    + string +
    +     		when topic is owned by this AWS account +
    ARN of the SNS topic (equivalent to sns_arn)
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic
    +
      +
    + topic_created + +
    + boolean +
    +     		always +
    Whether the topic was created
    +
    +
      +
    + topic_deleted + +
    + boolean +
    +     		always +
    Whether the topic was deleted
    +
    +
    +
    + sns_arn + +
    + string +
    +     		always +
    The ARN of the topic you are modifying
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-2:111111111111:my_topic_name
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Joel Thompson (@joelthompson) +- Fernando Jose Pando (@nand0p) +- Will Thames (@willthames) + + diff --git a/docs/community.aws.sqs_queue_module.rst b/docs/community.aws.sqs_queue_module.rst new file mode 100644 index 00000000000..e6213d4ae27 --- /dev/null +++ b/docs/community.aws.sqs_queue_module.rst @@ -0,0 +1,756 @@ +.. _community.aws.sqs_queue_module: + + +*********************** +community.aws.sqs_queue +*********************** + +**Creates or deletes AWS SQS queues.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Create or delete AWS SQS queues. +- Update attributes on existing queues. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + content_based_deduplication + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enables content-based deduplication. Used for FIFOs only.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + delay_seconds + +
    + integer +
    +     		+ +
    The delivery delay in seconds.
    +

    aliases: delivery_delay
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + kms_data_key_reuse_period_seconds + +
    + integer +
    +     		+ +
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    +

    aliases: kms_data_key_reuse_period
    +
    +
    + kms_master_key_id + +
    + string +
    +     		+ +
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    +
    +
    + maximum_message_size + +
    + integer +
    +     		+ +
    The maximum message size in bytes.
    +
    +
    + message_retention_period + +
    + integer +
    +     		+ +
    The message retention period in seconds.
    +
    +
    + name + +
    + string + / required
    +     		+ +
    Name of the queue.
    +
    +
    + policy + +
    + dictionary +
    +     		+ +
    The JSON dict policy to attach to queue.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + purge_tags + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Remove tags not listed in tags.
    +
    +
    + queue_type + +
    + string +
    +     		+
      Choices: +
    • standard ←
      • +
    • fifo
      • +
    +     		+
    Standard or FIFO queue.
    +
    queue_type can only be set at queue creation and will otherwise be ignored.
    +
    +
    + receive_message_wait_time_seconds + +
    + integer +
    +     		+ +
    The receive message wait time in seconds.
    +

    aliases: receive_message_wait_time
    +
    +
    + redrive_policy + +
    + dictionary +
    +     		+ +
    JSON dict with the redrive_policy (see example).
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + state + +
    + string +
    +     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete the queue.
    +
    +
    + tags + +
    + dictionary +
    +     		+ +
    Tag dict to apply to the queue (requires botocore 1.5.40 or above).
    +
    To remove all tags set tags={} and purge_tags=true.
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + visibility_timeout + +
    + integer +
    +     		+ +
    The default visibility timeout in seconds.
    +

    aliases: default_visibility_timeout
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create SQS queue with redrive policy + community.aws.sqs_queue: + name: my-queue + region: ap-southeast-2 + default_visibility_timeout: 120 + message_retention_period: 86400 + maximum_message_size: 1024 + delivery_delay: 30 + receive_message_wait_time: 20 + policy: "{{ json_dict }}" + redrive_policy: + maxReceiveCount: 5 + deadLetterTargetArn: arn:aws:sqs:eu-west-1:123456789012:my-dead-queue + + - name: Drop redrive policy + community.aws.sqs_queue: + name: my-queue + region: ap-southeast-2 + redrive_policy: {} + + - name: Create FIFO queue + community.aws.sqs_queue: + name: fifo-queue + region: ap-southeast-2 + queue_type: fifo + content_based_deduplication: yes + + - name: Tag queue + community.aws.sqs_queue: + name: fifo-queue + region: ap-southeast-2 + tags: + example: SomeValue + + - name: Configure Encryption, automatically uses a new data key every hour + community.aws.sqs_queue: + name: fifo-queue + region: ap-southeast-2 + kms_master_key_id: alias/MyQueueKey + kms_data_key_reuse_period_seconds: 3600 + + - name: Delete SQS queue + community.aws.sqs_queue: + name: my-queue + region: ap-southeast-2 + state: absent + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + content_based_deduplication + +
    + boolean +
    +     		always +
    Enables content-based deduplication. Used for FIFOs only.
    +
    +
    Sample:
    +
    True
    +
    +
    + delay_seconds + +
    + integer +
    +     		always +
    The delivery delay in seconds.
    +
    +
    +
    + kms_data_key_reuse_period_seconds + +
    + integer +
    +     		always +
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    +
    +
    Sample:
    +
    300
    +
    +
    + kms_master_key_id + +
    + string +
    +     		always +
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    +
    +
    Sample:
    +
    alias/MyAlias
    +
    +
    + maximum_message_size + +
    + integer +
    +     		always +
    The maximum message size in bytes.
    +
    +
    Sample:
    +
    262144
    +
    +
    + message_retention_period + +
    + integer +
    +     		always +
    The message retention period in seconds.
    +
    +
    Sample:
    +
    345600
    +
    +
    + name + +
    + string +
    +     		always +
    Name of the SQS Queue
    +
    +
    Sample:
    +
    queuename-987d2de0
    +
    +
    + queue_arn + +
    + string +
    +     		on success +
    The queue's Amazon resource name (ARN).
    +
    +
    Sample:
    +
    arn:aws:sqs:us-east-1:199999999999:queuename-987d2de0
    +
    +
    + queue_url + +
    + string +
    +     		on success +
    URL to access the queue
    +
    +
    Sample:
    +
    https://queue.amazonaws.com/123456789012/MyQueue
    +
    +
    + receive_message_wait_time_seconds + +
    + integer +
    +     		always +
    The receive message wait time in seconds.
    +
    +
    +
    + region + +
    + string +
    +     		always +
    Region that the queue was created within
    +
    +
    Sample:
    +
    us-east-1
    +
    +
    + tags + +
    + dictionary +
    +     		always +
    List of queue tags
    +
    +
    Sample:
    +
    {"Env": "prod"}
    +
    +
    + visibility_timeout + +
    + integer +
    +     		always +
    The default visibility timeout in seconds.
    +
    +
    Sample:
    +
    30
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Alan Loi (@loia) +- Fernando Jose Pando (@nand0p) +- Nadir Lloret (@nadirollo) +- Dennis Podkovyrin (@sbj-ss) + + diff --git a/docs/community.aws.sts_assume_role_module.rst b/docs/community.aws.sts_assume_role_module.rst new file mode 100644 index 00000000000..f10e29cf764 --- /dev/null +++ b/docs/community.aws.sts_assume_role_module.rst @@ -0,0 +1,419 @@ +.. _community.aws.sts_assume_role_module: + + +***************************** +community.aws.sts_assume_role +***************************** + +**Assume a role using AWS Security Token Service and obtain temporary credentials** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Assume a role using AWS Security Token Service and obtain temporary credentials. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + duration_seconds + +
    + integer +
    +     		+ +
    The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
    +
    The max depends on the IAM role's sessions duration setting.
    +
    By default, the value is set to 3600 seconds.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + external_id + +
    + string +
    +     		+ +
    A unique identifier that is used by third parties to assume a role in their customers' accounts.
    +
    +
    + mfa_serial_number + +
    + string +
    +     		+ +
    The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
    +
    +
    + mfa_token + +
    + string +
    +     		+ +
    The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
    +
    +
    + policy + +
    + string +
    +     		+ +
    Supplemental policy to use in addition to assumed role's policies.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + role_arn + +
    + string + / required
    +     		+ +
    The Amazon Resource Name (ARN) of the role that the caller is assuming https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs.
    +
    +
    + role_session_name + +
    + string + / required
    +     		+ +
    Name of the role's session - will be used by CloudTrail.
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) + - community.aws.sts_assume_role: + role_arn: "arn:aws:iam::123456789012:role/someRole" + role_session_name: "someRoleSession" + register: assumed_role + + # Use the assumed role above to tag an instance in account 123456789012 + - amazon.aws.ec2_tag: + aws_access_key: "{{ assumed_role.sts_creds.access_key }}" + aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}" + security_token: "{{ assumed_role.sts_creds.session_token }}" + resource: i-xyzxyz01 + state: present + tags: + MyNewTag: value + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    True if obtaining the credentials succeeds
    +
    +
    +
    + sts_creds + +
    + dictionary +
    +     		always +
    The temporary security credentials, which include an access key ID, a secret access key, and a security (or session) token
    +
    +
    Sample:
    +
    {'access_key': 'XXXXXXXXXXXXXXXXXXXX', 'expiration': '2017-11-11T11:11:11+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    +
    +
    + sts_user + +
    + dictionary +
    +     		always +
    The Amazon Resource Name (ARN) and the assumed role ID
    +
    +
    Sample:
    +
    {'assumed_role_id': 'arn:aws:sts::123456789012:assumed-role/demo/Bob', 'arn': 'ARO123EXAMPLE123:Bob'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Boris Ekelchik (@bekelchik) +- Marek Piatek (@piontas) + + diff --git a/docs/community.aws.sts_session_token_module.rst b/docs/community.aws.sts_session_token_module.rst new file mode 100644 index 00000000000..57ae9ee3893 --- /dev/null +++ b/docs/community.aws.sts_session_token_module.rst @@ -0,0 +1,339 @@ +.. _community.aws.sts_session_token_module: + + +******************************* +community.aws.sts_session_token +******************************* + +**Obtain a session token from the AWS Security Token Service** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Obtain a session token from the AWS Security Token Service. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + duration_seconds + +
    + integer +
    +     		+ +
    The duration, in seconds, of the session token. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +
    +
    + mfa_serial_number + +
    + string +
    +     		+ +
    The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
    +
    +
    + mfa_token + +
    + string +
    +     		+ +
    The value provided by the MFA device, if the trust policy of the user requires MFA.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - In order to use the session token in a following playbook task you must pass the *access_key*, *access_secret* and *access_token*. + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + # (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) + - name: Get a session token + community.aws.sts_session_token: + duration_seconds: 3600 + register: session_credentials + + - name: Use the session token obtained above to tag an instance in account 123456789012 + amazon.aws.ec2_tag: + aws_access_key: "{{ session_credentials.sts_creds.access_key }}" + aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" + security_token: "{{ session_credentials.sts_creds.session_token }}" + resource: i-xyzxyz01 + state: present + tags: + MyNewTag: value + + + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + changed + +
    + boolean +
    +     		always +
    True if obtaining the credentials succeeds
    +
    +
    +
    + sts_creds + +
    + list +
    +     		always +
    The Credentials object returned by the AWS Security Token Service
    +
    +
    Sample:
    +
    {'access_key': 'ASXXXXXXXXXXXXXXXXXX', 'expiration': '2016-04-08T11:59:47+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Victor Costan (@pwnall) + + diff --git a/galaxy.yml b/galaxy.yml index 9fe26378c3e..98e9b710028 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: community name: aws -version: 0.1.0 +version: 1.0.0 readme: README.md authors: - Ansible (https://github.com/ansible) From fb46e017c9737b2f46e89f311e4b3f692c570ea6 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Mon, 22 Jun 2020 09:40:16 -0700 Subject: [PATCH 027/129] Add contrib guide (#109) --- CONTRIBUTING.md | 79 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000000..33c92e9609d --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,79 @@ +# Contributing + +## Getting Started + +General information about setting up your Python environment, testing modules, +Ansible coding styles, and more can be found in the [Ansible Community Guide]( +https://docs.ansible.com/ansible/latest/community/index.html). + +Information about boto library usage, module utils, testing, and more can be +found in the [AWS Guidelines](https://docs.ansible.com/ansible/devel/dev_guide/platforms/aws_guidelines.html) +documentation. + +## AWS Collections + +There are two related collections containing AWS content (modules and plugins). + +### amazon.aws +This collection contains the `module_utils` (shared libraries) used by both collections. +Content in this collection is included downstream in Red Hat Ansible Automation Platform. + +Code standards, test coverage, and other supportability criteria may be higher in this collection. + +### community.aws +This collection contains modules and plugins contributed and maintained by the Ansible AWS +community. The `community.aws` collection is tested and generally assured to work in +conjunction with `amazon.aws`. + +New modules and plugins developed by the community should be proposed to `community.aws`. +Content in this collection that is stable and meets other acceptance criteria has the potential +to be promoted and migrated into `amazon.aws`. + +## Submitting Issues +All software has bugs, and the `community.aws` collection is no exception. When you find a bug, +you can help tremendously by [telling us about it](https://github.com/ansible-collections/community.aws/issues/new/choose). + +If you should discover that the bug you're trying to file already exists in an issue, +you can help by verifying the behavior of the reported bug with a comment in that +issue, or by reporting any additional information + +## Pull Requests + +All modules MUST have integration tests for new features. Upgrading to boto3 shall be considered a feature request. +Bug fixes for modules that currently have integration tests SHOULD have tests added. +New modules should be submitted to the [community.aws](https://github.com/ansible-collections/community.aws) collection +and MUST have integration tests. + +Expected test criteria: +* Resource creation under check mode +* Resource creation +* Resource creation again (idempotency) under check mode +* Resource creation again (idempotency) +* Resource modification under check mode +* Resource modification +* Resource modification again (idempotency) under check mode +* Resource modification again (idempotency) +* Resource deletion under check mode +* Resource deletion +* Resource deletion (of a non-existent resource) under check mode +* Resource deletion (of a non-existent resource) + +Where modules have multiple parameters we recommend running through the 4-step modification cycle for each parameter the module accepts, as well as a modification cycle where as most, if not all, parameters are modified at the same time. + +For general information on running the integration tests see the +[Integration Tests page of the Module Development Guide](https://docs.ansible.com/ansible/devel/dev_guide/testing_integration.html#testing-integration), +especially the section on configuration for cloud tests. For questions about writing tests the Ansible AWS community can +be found on Freenode IRC as detailed below. + + +### Code of Conduct +The `community.aws` collection follows the Ansible project's +[Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). +Please read and familiarize yourself with this document. + +### IRC +Our IRC channels may require you to register your nickname. If you receive an error when you connect, see +[Freenode's Nickname Registration guide](https://freenode.net/kb/answer/registration) for instructions + +The `#ansible-aws` channel on Freenode irc is the main and official place to discuss use and development +of the `community.aws` collection. From 022b61ddbfa2d3c09ba78319b6ad1aaf07b1d1bc Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Mon, 22 Jun 2020 10:20:43 -0700 Subject: [PATCH 028/129] Add shippable matrix jobs for 2.9, 2.10 (#114) * Add shippable matrix jobs for 2.9, 2.10 Run all supported Ansible revisions in test matrix * Use branch names instead --- shippable.yml | 57 ++++++++++++++----- tests/sanity/ignore-2.9.txt | 91 ++++++++++++++---------------- tests/utils/shippable/shippable.sh | 8 +-- 3 files changed, 87 insertions(+), 69 deletions(-) diff --git a/shippable.yml b/shippable.yml index 53e37c78d70..f1848fc7e0e 100644 --- a/shippable.yml +++ b/shippable.yml @@ -8,26 +8,53 @@ matrix: exclude: - env: T=none include: - - env: T=sanity/1 + - env: T=sanity/1 A_REV=devel + - env: T=sanity/1 A_REV=stable-2.9 + - env: T=sanity/1 A_REV=stable-2.10 - - env: T=units/2.7/1 - - env: T=units/3.6/1 - - env: T=units/3.7/1 - - env: T=units/3.8/1 + - env: T=units/2.7/1 A_REV=devel + - env: T=units/3.6/1 A_REV=devel + - env: T=units/3.7/1 A_REV=devel + - env: T=units/3.8/1 A_REV=devel # Until boto/botocore#2002 is fixed -# - env: T=units/3.9/1 - - - env: T=aws/2.7/1 - - env: T=aws/3.7/1 +# - env: T=units/3.9/1 A_REV=devel + - env: T=units/2.7/1 A_REV=stable-2.9 + - env: T=units/3.6/1 A_REV=stable-2.9 + - env: T=units/3.7/1 A_REV=stable-2.9 + - env: T=units/3.8/1 A_REV=stable-2.9 + - env: T=units/2.7/1 A_REV=stable-2.10 + - env: T=units/3.6/1 A_REV=stable-2.10 + - env: T=units/3.7/1 A_REV=stable-2.10 + - env: T=units/3.8/1 A_REV=stable-2.10 +# Until boto/botocore#2002 is fixed +# - env: T=units/3.9/1 A_REV=stable-2.10 + - env: T=aws/2.7/1 A_REV=devel + - env: T=aws/3.7/1 A_REV=devel + - env: T=aws/2.7/1 A_REV=stable-2.9 + - env: T=aws/3.7/1 A_REV=stable-2.9 + - env: T=aws/2.7/1 A_REV=stable-2.10 + - env: T=aws/3.7/1 A_REV=stable-2.10 - - env: T=aws/2.7/2 - - env: T=aws/3.7/2 + - env: T=aws/2.7/2 A_REV=devel + - env: T=aws/3.7/2 A_REV=devel + - env: T=aws/2.7/2 A_REV=stable-2.9 + - env: T=aws/3.7/2 A_REV=stable-2.9 + - env: T=aws/2.7/2 A_REV=stable-2.10 + - env: T=aws/3.7/2 A_REV=stable-2.10 - - env: T=aws/2.7/3 - - env: T=aws/3.7/3 + - env: T=aws/2.7/3 A_REV=devel + - env: T=aws/3.7/3 A_REV=devel + - env: T=aws/2.7/3 A_REV=stable-2.9 + - env: T=aws/3.7/3 A_REV=stable-2.9 + - env: T=aws/2.7/3 A_REV=stable-2.10 + - env: T=aws/3.7/3 A_REV=stable-2.10 - - env: T=aws/2.7/4 - - env: T=aws/3.7/4 + - env: T=aws/2.7/4 A_REV=devel + - env: T=aws/3.7/4 A_REV=devel + - env: T=aws/2.7/4 A_REV=stable-2.9 + - env: T=aws/3.7/4 A_REV=stable-2.9 + - env: T=aws/2.7/4 A_REV=stable-2.10 + - env: T=aws/3.7/4 A_REV=stable-2.10 branches: except: - "*-patch-*" diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index 1b0be587e01..a3fc20f62c9 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -150,51 +150,46 @@ tests/unit/modules/utils.py future-import-boilerplate tests/unit/modules/utils.py metaclass-boilerplate tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang -plugins/modules/aws_acm_info.py ansible-deprecated-no-version -plugins/modules/aws_kms_info.py ansible-deprecated-no-version -plugins/modules/aws_kms.py ansible-deprecated-no-version -plugins/modules/aws_region_info.py ansible-deprecated-no-version -plugins/modules/aws_s3_bucket_info.py ansible-deprecated-no-version -plugins/modules/aws_sgw_info.py ansible-deprecated-no-version -plugins/modules/aws_waf_info.py ansible-deprecated-no-version -plugins/modules/cloudfront_info.py ansible-deprecated-no-version -plugins/modules/cloudwatchlogs_log_group_info.py ansible-deprecated-no-version -plugins/modules/ec2_ami_copy.py ansible-deprecated-no-version -plugins/modules/ec2_asg_info.py ansible-deprecated-no-version -plugins/modules/ec2_customer_gateway_info.py ansible-deprecated-no-version -plugins/modules/ec2_eip_info.py ansible-deprecated-no-version -plugins/modules/ec2_elb_info.py ansible-deprecated-no-version -plugins/modules/ec2_instance_info.py ansible-deprecated-no-version -plugins/modules/ec2_lc_info.py ansible-deprecated-no-version -plugins/modules/ec2_metric_alarm.py ansible-deprecated-no-version -plugins/modules/ec2_placement_group_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_endpoint_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_igw_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_nacl_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_nat_gateway_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_peering_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_route_table_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_vgw_info.py ansible-deprecated-no-version -plugins/modules/ec2_vpc_vpn_info.py ansible-deprecated-no-version -plugins/modules/ecs_ecr.py ansible-deprecated-no-version -plugins/modules/ecs_service_info.py ansible-deprecated-no-version -plugins/modules/ecs_taskdefinition_info.py ansible-deprecated-no-version -plugins/modules/efs_info.py ansible-deprecated-no-version -plugins/modules/elasticache_info.py ansible-deprecated-no-version -plugins/modules/elb_application_lb_info.py ansible-deprecated-no-version -plugins/modules/elb_classic_lb_info.py ansible-deprecated-no-version -plugins/modules/elb_network_lb.py ansible-deprecated-no-version -plugins/modules/elb_target_group_info.py ansible-deprecated-no-version -plugins/modules/elb_target_info.py ansible-deprecated-no-version -plugins/modules/iam_mfa_device_info.py ansible-deprecated-no-version -plugins/modules/iam_policy.py ansible-deprecated-no-version -plugins/modules/iam_role_info.py ansible-deprecated-no-version -plugins/modules/iam_role.py ansible-deprecated-no-version -plugins/modules/iam_server_certificate_info.py ansible-deprecated-no-version -plugins/modules/lambda_facts.py ansible-deprecated-no-version -plugins/modules/rds_instance_info.py ansible-deprecated-no-version -plugins/modules/rds.py ansible-deprecated-no-version -plugins/modules/rds_snapshot_info.py ansible-deprecated-no-version -plugins/modules/redshift_info.py ansible-deprecated-no-version -plugins/modules/route53_info.py ansible-deprecated-no-version - +plugins/modules/aws_acm_info.py pylint:ansible-deprecated-no-version +plugins/modules/aws_kms_info.py pylint:ansible-deprecated-no-version +plugins/modules/aws_kms.py pylint:ansible-deprecated-no-version +plugins/modules/aws_region_info.py pylint:ansible-deprecated-no-version +plugins/modules/aws_s3_bucket_info.py pylint:ansible-deprecated-no-version +plugins/modules/aws_sgw_info.py pylint:ansible-deprecated-no-version +plugins/modules/aws_waf_info.py pylint:ansible-deprecated-no-version +plugins/modules/cloudfront_info.py pylint:ansible-deprecated-no-version +plugins/modules/cloudwatchlogs_log_group_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_asg_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_customer_gateway_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_eip_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_elb_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_instance_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_lc_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_metric_alarm.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_placement_group_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_endpoint_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_igw_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_nacl_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_nat_gateway_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_peering_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_route_table_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_vgw_info.py pylint:ansible-deprecated-no-version +plugins/modules/ec2_vpc_vpn_info.py pylint:ansible-deprecated-no-version +plugins/modules/ecs_service_info.py pylint:ansible-deprecated-no-version +plugins/modules/ecs_taskdefinition_info.py pylint:ansible-deprecated-no-version +plugins/modules/efs_info.py pylint:ansible-deprecated-no-version +plugins/modules/elasticache_info.py pylint:ansible-deprecated-no-version +plugins/modules/elb_application_lb_info.py pylint:ansible-deprecated-no-version +plugins/modules/elb_classic_lb_info.py pylint:ansible-deprecated-no-version +plugins/modules/elb_network_lb.py pylint:ansible-deprecated-no-version +plugins/modules/elb_target_group_info.py pylint:ansible-deprecated-no-version +plugins/modules/elb_target_info.py pylint:ansible-deprecated-no-version +plugins/modules/iam_mfa_device_info.py pylint:ansible-deprecated-no-version +plugins/modules/iam_policy.py pylint:ansible-deprecated-no-version +plugins/modules/iam_role_info.py pylint:ansible-deprecated-no-version +plugins/modules/iam_role.py pylint:ansible-deprecated-no-version +plugins/modules/iam_server_certificate_info.py pylint:ansible-deprecated-no-version +plugins/modules/rds_instance_info.py pylint:ansible-deprecated-no-version +plugins/modules/rds_snapshot_info.py pylint:ansible-deprecated-no-version +plugins/modules/redshift_info.py pylint:ansible-deprecated-no-version +plugins/modules/route53_info.py pylint:ansible-deprecated-no-version diff --git a/tests/utils/shippable/shippable.sh b/tests/utils/shippable/shippable.sh index 27ecda57f09..cdee6ed3ec0 100755 --- a/tests/utils/shippable/shippable.sh +++ b/tests/utils/shippable/shippable.sh @@ -75,11 +75,7 @@ set -ux pip install setuptools==44.1.0 -if [ -n "${ANSIBLE_BASE_REV:-}" ]; then - pip install "ansible~=${ANSIBLE_BASE_REV}" -else - pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check -fi +pip install https://github.com/ansible/ansible/archive/"${A_REV:-devel}".tar.gz --disable-pip-version-check #ansible-galaxy collection install community.general mkdir -p "${HOME}/.ansible/collections/ansible_collections/community" @@ -120,7 +116,7 @@ function cleanup cp -a tests/output/reports/coverage=*.xml "$SHIPPABLE_RESULT_DIR/codecoverage/" # analyze and capture code coverage aggregated by integration test target if not on 2.9, defaults to devel if unset - if [ -n "${ANSIBLE_BASE_REV:-}" ] || [ "${ANSIBLE_BASE_REV:-}" != "2.9" ]; then + if [ -z "${A_REV:-}" ] || [ "${A_REV:-}" != "stable-2.9" ]; then ansible-test coverage analyze targets generate -v "$SHIPPABLE_RESULT_DIR/testresults/coverage-analyze-targets.json" fi From b3d7b7716381083e0652e49a862164e57499bed5 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 24 Jun 2020 22:13:03 +0530 Subject: [PATCH 029/129] changelog configuration (#112) Signed-off-by: Abhijeet Kasurde --- .gitignore | 3 +++ changelogs/config.yaml | 29 +++++++++++++++++++++++++++++ changelogs/fragments/.empty | 0 galaxy.yml | 1 + 4 files changed, 33 insertions(+) create mode 100644 changelogs/config.yaml create mode 100644 changelogs/fragments/.empty diff --git a/.gitignore b/.gitignore index c6fc14ad0bb..6058f0fa338 100644 --- a/.gitignore +++ b/.gitignore @@ -384,4 +384,7 @@ $RECYCLE.BIN/ # Windows shortcuts *.lnk +# Antsibull-changelog +changelogs/.plugin-cache.yaml + # End of https://www.gitignore.io/api/git,linux,pydev,python,windows,pycharm+all,jupyternotebook,vim,webstorm,emacs,dotenv diff --git a/changelogs/config.yaml b/changelogs/config.yaml new file mode 100644 index 00000000000..df8a7220c31 --- /dev/null +++ b/changelogs/config.yaml @@ -0,0 +1,29 @@ +changelog_filename_template: ../CHANGELOG.rst +changelog_filename_version_depth: 0 +changes_file: changelog.yaml +changes_format: combined +keep_fragments: false +mention_ancestor: true +new_plugins_after_name: removed_features +notesdir: fragments +prelude_section_name: release_summary +prelude_section_title: Release Summary +sections: +- - major_changes + - Major Changes +- - minor_changes + - Minor Changes +- - breaking_changes + - Breaking Changes / Porting Guide +- - deprecated_features + - Deprecated Features +- - removed_features + - Removed Features (previously deprecated) +- - security_fixes + - Security Fixes +- - bugfixes + - Bugfixes +- - known_issues + - Known Issues +title: community.aws +trivial_section_name: trivial diff --git a/changelogs/fragments/.empty b/changelogs/fragments/.empty new file mode 100644 index 00000000000..e69de29bb2d diff --git a/galaxy.yml b/galaxy.yml index 98e9b710028..88d277a6bc1 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -16,3 +16,4 @@ issues: https://github.com/ansible-collections/community.aws/issues?q=is%3Aissue build_ignore: - '*cloud-config-aws.ini' - '*cloud-config-aws.yml' + - 'changelogs/.plugin-cache.yaml' From 05ee2bfc68adbc18cfccad2e549d25c0714e626f Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 24 Jun 2020 12:31:22 -0700 Subject: [PATCH 030/129] Added migrated changelog fragments from ansible (#119) Added the changelog fragments from ansible/ansible for changes that were made before the migration occurred. --- .../480004-cloudwatchlogs_log_group-KeyError.yaml | 4 ++++ changelogs/fragments/56468-deprecate-lnb-absent.yml | 2 ++ .../fragments/58118-aws_api_gateway-params.yml | 2 ++ .../fragments/58822-aws-lamda-tracing-config.yaml | 2 ++ .../59597-ecs-allow_default_network_mode.yml | 2 ++ ...508-route53-improve-octal-characters-handling.yml | 3 +++ .../60944-sns_topic-delivery_policy-changed.yml | 3 +++ .../fragments/61263-aws_codecommit-description.yml | 2 ++ .../61271-cloudfront_distribution-encryptionid.yml | 2 ++ .../fragments/61279-ec2_launch_template-output.yml | 2 ++ .../61577-support-iops-in-purefa_volume.yml | 2 ++ changelogs/fragments/61805-azure-facts-info.yml | 7 +++++++ ...c2_transit_gateway-honor-auto_attach-setting.yaml | 2 ++ .../62014-iam_role_session_instanceprofile.yml | 3 +++ .../fragments/63362-remove-edgeos-filtering.yaml | 2 ++ changelogs/fragments/63924-boto3.yml | 5 +++++ .../fragments/63961-deprecate-fail_on_delete.yml | 2 ++ changelogs/fragments/63989-deprecate-unused.yml | 3 +++ changelogs/fragments/64230-deprecate-unused.yml | 5 +++++ changelogs/fragments/64258-purge_policies.yml | 5 +++++ changelogs/fragments/64368-deprecate-unused.yml | 3 +++ .../fragments/64598-add-next-token-support.yml | 2 ++ changelogs/fragments/64867-route53-diff.yml | 2 ++ .../fragments/65265-allow-udp-tcpudp-protocol.yaml | 3 +++ .../fragments/65555-amazon-sanity-required.yml | 2 ++ .../fragments/65557-iam-make-name-required.yml | 2 ++ changelogs/fragments/65558-iam_cert-require-name.yml | 2 ++ .../fragments/65559-iam_policy-require-iam_name.yml | 2 ++ changelogs/fragments/66037-aws_kms.yml | 2 ++ changelogs/fragments/66673-elb_target-awsretry.yaml | 3 +++ changelogs/fragments/66779-redshift-backoff.yml | 2 ++ changelogs/fragments/66795-sqs_queue-boto3.yaml | 3 +++ ..._instance_lifetime-and-honor-wait-on-replace.yaml | 5 +++++ .../67045-ec2_asg_mixed_instance_policy.yml | 2 ++ .../fragments/67089-sns_topic-notfound-backoff.yaml | 2 ++ .../67247-fix-ec2_transit_gateway-retries.yaml | 2 ++ changelogs/fragments/67651-aws-kms-key-rotation.yml | 2 ++ .../fragments/67671-aws_acm-module_defaults.yaml | 3 +++ .../fragments/67770-aws-kms-info-key-rotation.yml | 2 ++ changelogs/fragments/dont-template-cli-passwords.yml | 12 ++++++++++++ .../lineinfile-backrefs-match-object-type.yaml | 2 ++ changelogs/fragments/win_credential-wildcard.yaml | 2 ++ 42 files changed, 122 insertions(+) create mode 100644 changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml create mode 100644 changelogs/fragments/56468-deprecate-lnb-absent.yml create mode 100644 changelogs/fragments/58118-aws_api_gateway-params.yml create mode 100644 changelogs/fragments/58822-aws-lamda-tracing-config.yaml create mode 100644 changelogs/fragments/59597-ecs-allow_default_network_mode.yml create mode 100644 changelogs/fragments/60508-route53-improve-octal-characters-handling.yml create mode 100644 changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml create mode 100644 changelogs/fragments/61263-aws_codecommit-description.yml create mode 100644 changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml create mode 100644 changelogs/fragments/61279-ec2_launch_template-output.yml create mode 100644 changelogs/fragments/61577-support-iops-in-purefa_volume.yml create mode 100644 changelogs/fragments/61805-azure-facts-info.yml create mode 100644 changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml create mode 100644 changelogs/fragments/62014-iam_role_session_instanceprofile.yml create mode 100644 changelogs/fragments/63362-remove-edgeos-filtering.yaml create mode 100644 changelogs/fragments/63924-boto3.yml create mode 100644 changelogs/fragments/63961-deprecate-fail_on_delete.yml create mode 100644 changelogs/fragments/63989-deprecate-unused.yml create mode 100644 changelogs/fragments/64230-deprecate-unused.yml create mode 100644 changelogs/fragments/64258-purge_policies.yml create mode 100644 changelogs/fragments/64368-deprecate-unused.yml create mode 100644 changelogs/fragments/64598-add-next-token-support.yml create mode 100644 changelogs/fragments/64867-route53-diff.yml create mode 100644 changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml create mode 100644 changelogs/fragments/65555-amazon-sanity-required.yml create mode 100644 changelogs/fragments/65557-iam-make-name-required.yml create mode 100644 changelogs/fragments/65558-iam_cert-require-name.yml create mode 100644 changelogs/fragments/65559-iam_policy-require-iam_name.yml create mode 100644 changelogs/fragments/66037-aws_kms.yml create mode 100644 changelogs/fragments/66673-elb_target-awsretry.yaml create mode 100644 changelogs/fragments/66779-redshift-backoff.yml create mode 100644 changelogs/fragments/66795-sqs_queue-boto3.yaml create mode 100644 changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml create mode 100644 changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml create mode 100644 changelogs/fragments/67089-sns_topic-notfound-backoff.yaml create mode 100644 changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml create mode 100644 changelogs/fragments/67651-aws-kms-key-rotation.yml create mode 100644 changelogs/fragments/67671-aws_acm-module_defaults.yaml create mode 100644 changelogs/fragments/67770-aws-kms-info-key-rotation.yml create mode 100644 changelogs/fragments/dont-template-cli-passwords.yml create mode 100644 changelogs/fragments/lineinfile-backrefs-match-object-type.yaml create mode 100644 changelogs/fragments/win_credential-wildcard.yaml diff --git a/changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml b/changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml new file mode 100644 index 00000000000..68526821252 --- /dev/null +++ b/changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml @@ -0,0 +1,4 @@ +--- +bugfixes: + - cloudwatchlogs_log_group - Fix a KeyError when updating a log group that does not have a retention period + (https://github.com/ansible/ansible/issues/47945) diff --git a/changelogs/fragments/56468-deprecate-lnb-absent.yml b/changelogs/fragments/56468-deprecate-lnb-absent.yml new file mode 100644 index 00000000000..6e21d723986 --- /dev/null +++ b/changelogs/fragments/56468-deprecate-lnb-absent.yml @@ -0,0 +1,2 @@ +deprecated_features: +- 'elb_network_lb: The current default value of the `state` option has been deprecated and will change from absent to present in Ansible 2.14' diff --git a/changelogs/fragments/58118-aws_api_gateway-params.yml b/changelogs/fragments/58118-aws_api_gateway-params.yml new file mode 100644 index 00000000000..ca3c44ea6eb --- /dev/null +++ b/changelogs/fragments/58118-aws_api_gateway-params.yml @@ -0,0 +1,2 @@ +minor_changes: + - Allow all params that boto support in aws_api_gateway module diff --git a/changelogs/fragments/58822-aws-lamda-tracing-config.yaml b/changelogs/fragments/58822-aws-lamda-tracing-config.yaml new file mode 100644 index 00000000000..c88b4ca81b9 --- /dev/null +++ b/changelogs/fragments/58822-aws-lamda-tracing-config.yaml @@ -0,0 +1,2 @@ +minor_changes: + - lambda - add a tracing_mode parameter to set the TracingConfig for AWS X-Ray. Also allow updating Lambda runtime. diff --git a/changelogs/fragments/59597-ecs-allow_default_network_mode.yml b/changelogs/fragments/59597-ecs-allow_default_network_mode.yml new file mode 100644 index 00000000000..3f2cb10d735 --- /dev/null +++ b/changelogs/fragments/59597-ecs-allow_default_network_mode.yml @@ -0,0 +1,2 @@ +minor_changes: + - ecs_task_definition - Add network_mode=default to support Windows ECS tasks. \ No newline at end of file diff --git a/changelogs/fragments/60508-route53-improve-octal-characters-handling.yml b/changelogs/fragments/60508-route53-improve-octal-characters-handling.yml new file mode 100644 index 00000000000..4f99f4474b2 --- /dev/null +++ b/changelogs/fragments/60508-route53-improve-octal-characters-handling.yml @@ -0,0 +1,3 @@ +--- +bugfixes: +- route53 - improve handling of octal encoded characters diff --git a/changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml b/changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml new file mode 100644 index 00000000000..1975ea92d2d --- /dev/null +++ b/changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml @@ -0,0 +1,3 @@ +bugfixes: +- fixed issue with sns_topic's delivery_policy option resulting in changed + always being true diff --git a/changelogs/fragments/61263-aws_codecommit-description.yml b/changelogs/fragments/61263-aws_codecommit-description.yml new file mode 100644 index 00000000000..e3da4dff1e5 --- /dev/null +++ b/changelogs/fragments/61263-aws_codecommit-description.yml @@ -0,0 +1,2 @@ +minor_changes: + - aws_codecommit - Support updating the description diff --git a/changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml b/changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml new file mode 100644 index 00000000000..f3052fbebcc --- /dev/null +++ b/changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml @@ -0,0 +1,2 @@ +bugfixes: +- cloudfront_distribution - Always add field_level_encryption_id to cache behaviour to match AWS requirements diff --git a/changelogs/fragments/61279-ec2_launch_template-output.yml b/changelogs/fragments/61279-ec2_launch_template-output.yml new file mode 100644 index 00000000000..176ef4eff0d --- /dev/null +++ b/changelogs/fragments/61279-ec2_launch_template-output.yml @@ -0,0 +1,2 @@ +bugfixes: +- ec2_launch_template - Update output to include latest_version and default_version, matching the documentation diff --git a/changelogs/fragments/61577-support-iops-in-purefa_volume.yml b/changelogs/fragments/61577-support-iops-in-purefa_volume.yml new file mode 100644 index 00000000000..fd3f1f965ab --- /dev/null +++ b/changelogs/fragments/61577-support-iops-in-purefa_volume.yml @@ -0,0 +1,2 @@ +minor_changes: + - purefa_volume - Change I(qos) parameter to I(bw_iops), but retain I(qos) as an alias for backwards compatability (https://github.com/ansible/ansible/pull/61577). diff --git a/changelogs/fragments/61805-azure-facts-info.yml b/changelogs/fragments/61805-azure-facts-info.yml new file mode 100644 index 00000000000..aa04f7e5ca2 --- /dev/null +++ b/changelogs/fragments/61805-azure-facts-info.yml @@ -0,0 +1,7 @@ +bugfixes: +- "azure_rm_dnsrecordset_info - no longer returns empty ``azure_dnsrecordset`` facts when called as ``_info`` module." +- "azure_rm_resourcegroup_info - no longer returns ``azure_resourcegroups`` facts when called as ``_info`` module." +- "azure_rm_storageaccount_info - no longer returns empty ``azure_storageaccounts`` facts when called as ``_info`` module." +- "azure_rm_virtualmachineimage_info - no longer returns empty ``azure_vmimages`` facts when called as ``_info`` module." +- "azure_rm_virtualmachinescaleset_info - fix wrongly empty result, or ``ansible_facts`` result, when called as ``_info`` module." +- "azure_rm_virtualnetwork_info - no longer returns empty ``azure_virtualnetworks`` facts when called as ``_info`` module." diff --git a/changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml b/changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml new file mode 100644 index 00000000000..0c949e4169e --- /dev/null +++ b/changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml @@ -0,0 +1,2 @@ +bugfixes: + - ec2_transit_gateway - fixed issue where auto_attach set to yes was not being honored (https://github.com/ansible/ansible/issues/61907) diff --git a/changelogs/fragments/62014-iam_role_session_instanceprofile.yml b/changelogs/fragments/62014-iam_role_session_instanceprofile.yml new file mode 100644 index 00000000000..50e64ac181e --- /dev/null +++ b/changelogs/fragments/62014-iam_role_session_instanceprofile.yml @@ -0,0 +1,3 @@ +minor_changes: +- iam_role - Add support for removing the related instance profile when we delete the role +- iam_role - Add support for managing the maximum session duration diff --git a/changelogs/fragments/63362-remove-edgeos-filtering.yaml b/changelogs/fragments/63362-remove-edgeos-filtering.yaml new file mode 100644 index 00000000000..9ed91ff4666 --- /dev/null +++ b/changelogs/fragments/63362-remove-edgeos-filtering.yaml @@ -0,0 +1,2 @@ +bugfixes: + - edgeos_config - fix issue where module would silently filter out encrypted passwords diff --git a/changelogs/fragments/63924-boto3.yml b/changelogs/fragments/63924-boto3.yml new file mode 100644 index 00000000000..4b4553f4e5a --- /dev/null +++ b/changelogs/fragments/63924-boto3.yml @@ -0,0 +1,5 @@ +minor_changes: +- "iam_policy - The iam_policy module has been migrated from boto to boto3." +deprecated_features: +- "iam_policy - The ``policy_document`` will be removed in Ansible 2.14. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin." +- "iam_policy - The default value of ``skip_duplicates`` will change in Ansible 2.14 from ``true`` to ``false``." diff --git a/changelogs/fragments/63961-deprecate-fail_on_delete.yml b/changelogs/fragments/63961-deprecate-fail_on_delete.yml new file mode 100644 index 00000000000..ad5ea495bb8 --- /dev/null +++ b/changelogs/fragments/63961-deprecate-fail_on_delete.yml @@ -0,0 +1,2 @@ +deprecated_features: +- "iam_managed_policy - The ``fail_on_delete`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/63989-deprecate-unused.yml b/changelogs/fragments/63989-deprecate-unused.yml new file mode 100644 index 00000000000..0068be6a15e --- /dev/null +++ b/changelogs/fragments/63989-deprecate-unused.yml @@ -0,0 +1,3 @@ +deprecated_features: +- "s3_sync - The ``retries`` option had no effect and will be removed in Ansible 2.14" +- "s3_lifecycle - The ``requester_pays`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/64230-deprecate-unused.yml b/changelogs/fragments/64230-deprecate-unused.yml new file mode 100644 index 00000000000..050b9370ede --- /dev/null +++ b/changelogs/fragments/64230-deprecate-unused.yml @@ -0,0 +1,5 @@ +deprecated_features: +- "ec2_eip - The ``wait_timeout`` option had no effect and will be removed in Ansible 2.14" +- "ec2_key - The ``wait`` option had no effect and will be removed in Ansible 2.14" +- "ec2_key - The ``wait_timeout`` option had no effect and will be removed in Ansible 2.14" +- "ec2_lc - The ``associate_public_ip_address`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/64258-purge_policies.yml b/changelogs/fragments/64258-purge_policies.yml new file mode 100644 index 00000000000..8d3a3beb8a4 --- /dev/null +++ b/changelogs/fragments/64258-purge_policies.yml @@ -0,0 +1,5 @@ +deprecated_features: +- 'iam_role: The default value of the purge_policies has been deprecated and will change from true to false in Ansible 2.14' +minor_changes: +- 'iam_role, iam_user and iam_group: the managed_policy option has been renamed to managed_policies (with an alias added)' +- 'iam_role, iam_user and iam_group: the purge_policy option has been renamed to purge_policies (with an alias added)' diff --git a/changelogs/fragments/64368-deprecate-unused.yml b/changelogs/fragments/64368-deprecate-unused.yml new file mode 100644 index 00000000000..ce93d59ed6f --- /dev/null +++ b/changelogs/fragments/64368-deprecate-unused.yml @@ -0,0 +1,3 @@ +deprecated_features: +- "cloudformation - The ``template_format`` option had no effect since Ansible 2.3 and will be removed in Ansible 2.14" +- "data_pipeline - The ``version`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/64598-add-next-token-support.yml b/changelogs/fragments/64598-add-next-token-support.yml new file mode 100644 index 00000000000..158f7140182 --- /dev/null +++ b/changelogs/fragments/64598-add-next-token-support.yml @@ -0,0 +1,2 @@ +bugfixes: + - cloudwatchlogs_log_group_info - remove limitation of max 50 results diff --git a/changelogs/fragments/64867-route53-diff.yml b/changelogs/fragments/64867-route53-diff.yml new file mode 100644 index 00000000000..a27be1b102f --- /dev/null +++ b/changelogs/fragments/64867-route53-diff.yml @@ -0,0 +1,2 @@ +minor_changes: +- "route53 - the module now has diff support." diff --git a/changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml b/changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml new file mode 100644 index 00000000000..7253e1c9c78 --- /dev/null +++ b/changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml @@ -0,0 +1,3 @@ +minor_changes: + - elb_network_lb - added support to UDP and TCP_UDP protocols + - elb_target_group - allow UDP and TCP_UDP protocols; permit only HTTP/HTTPS health checks using response codes and paths diff --git a/changelogs/fragments/65555-amazon-sanity-required.yml b/changelogs/fragments/65555-amazon-sanity-required.yml new file mode 100644 index 00000000000..ef385be3e48 --- /dev/null +++ b/changelogs/fragments/65555-amazon-sanity-required.yml @@ -0,0 +1,2 @@ +minor_changes: +- ec2_placement_group - make `name` a required field. diff --git a/changelogs/fragments/65557-iam-make-name-required.yml b/changelogs/fragments/65557-iam-make-name-required.yml new file mode 100644 index 00000000000..81e2602e396 --- /dev/null +++ b/changelogs/fragments/65557-iam-make-name-required.yml @@ -0,0 +1,2 @@ +minor_changes: +- iam - make `name` a required field. diff --git a/changelogs/fragments/65558-iam_cert-require-name.yml b/changelogs/fragments/65558-iam_cert-require-name.yml new file mode 100644 index 00000000000..2458c8491ff --- /dev/null +++ b/changelogs/fragments/65558-iam_cert-require-name.yml @@ -0,0 +1,2 @@ +minor_changes: +- iam_cert - make `name` a required field. diff --git a/changelogs/fragments/65559-iam_policy-require-iam_name.yml b/changelogs/fragments/65559-iam_policy-require-iam_name.yml new file mode 100644 index 00000000000..0242871ca40 --- /dev/null +++ b/changelogs/fragments/65559-iam_policy-require-iam_name.yml @@ -0,0 +1,2 @@ +minor_changes: +- iam_policy - make `iam_name` a required field. diff --git a/changelogs/fragments/66037-aws_kms.yml b/changelogs/fragments/66037-aws_kms.yml new file mode 100644 index 00000000000..945d29cd230 --- /dev/null +++ b/changelogs/fragments/66037-aws_kms.yml @@ -0,0 +1,2 @@ +minor_changes: + - 'aws_kms: code refactor, some error messages updated' diff --git a/changelogs/fragments/66673-elb_target-awsretry.yaml b/changelogs/fragments/66673-elb_target-awsretry.yaml new file mode 100644 index 00000000000..6523bb87a6c --- /dev/null +++ b/changelogs/fragments/66673-elb_target-awsretry.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: + - elb_target - add awsretry to prevent rate exceeded errors (https://github.com/ansible/ansible/issues/51108) diff --git a/changelogs/fragments/66779-redshift-backoff.yml b/changelogs/fragments/66779-redshift-backoff.yml new file mode 100644 index 00000000000..a18c0be7cd4 --- /dev/null +++ b/changelogs/fragments/66779-redshift-backoff.yml @@ -0,0 +1,2 @@ +minor_changes: +- 'redshift: Add AWSRetry calls for errors outside our control' diff --git a/changelogs/fragments/66795-sqs_queue-boto3.yaml b/changelogs/fragments/66795-sqs_queue-boto3.yaml new file mode 100644 index 00000000000..ea05c63bdae --- /dev/null +++ b/changelogs/fragments/66795-sqs_queue-boto3.yaml @@ -0,0 +1,3 @@ +minor_changes: +- 'sqs_queue: updated to use boto3 instead of boto' +- 'sqs_queue: Add support for tagging, KMS and FIFO queues' diff --git a/changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml b/changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml new file mode 100644 index 00000000000..57c11832aaf --- /dev/null +++ b/changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml @@ -0,0 +1,5 @@ +minor_changes: +- 'ec2_asg: Migrated to AnsibleAWSModule' +- 'ec2_asg: Add support for Max Instance Lifetime' +bugfixes: +- 'ec2_asg: Ensure "wait" is honored during replace operations' diff --git a/changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml b/changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml new file mode 100644 index 00000000000..bd57c2dc30a --- /dev/null +++ b/changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml @@ -0,0 +1,2 @@ +minor_changes: + - ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups diff --git a/changelogs/fragments/67089-sns_topic-notfound-backoff.yaml b/changelogs/fragments/67089-sns_topic-notfound-backoff.yaml new file mode 100644 index 00000000000..dcd01aad484 --- /dev/null +++ b/changelogs/fragments/67089-sns_topic-notfound-backoff.yaml @@ -0,0 +1,2 @@ +minor_changes: +- sns_topic - Add backoff when we get Topic ``NotFound`` exceptions while listing the subscriptions. diff --git a/changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml b/changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml new file mode 100644 index 00000000000..9e4d8e373b3 --- /dev/null +++ b/changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml @@ -0,0 +1,2 @@ +bugfixes: + - ec2_transit_gateway - Use AWSRetry before ClientError is handled when describing transit gateways diff --git a/changelogs/fragments/67651-aws-kms-key-rotation.yml b/changelogs/fragments/67651-aws-kms-key-rotation.yml new file mode 100644 index 00000000000..542223fdf30 --- /dev/null +++ b/changelogs/fragments/67651-aws-kms-key-rotation.yml @@ -0,0 +1,2 @@ +minor_changes: + - aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically key rotation. diff --git a/changelogs/fragments/67671-aws_acm-module_defaults.yaml b/changelogs/fragments/67671-aws_acm-module_defaults.yaml new file mode 100644 index 00000000000..146e503ea55 --- /dev/null +++ b/changelogs/fragments/67671-aws_acm-module_defaults.yaml @@ -0,0 +1,3 @@ +minor_changes: +- 'aws_acm: Add the module to group/aws for module_defaults.' +- 'aws_acm: Update automatic retries to stabilize the integration tests.' diff --git a/changelogs/fragments/67770-aws-kms-info-key-rotation.yml b/changelogs/fragments/67770-aws-kms-info-key-rotation.yml new file mode 100644 index 00000000000..adff2ab322b --- /dev/null +++ b/changelogs/fragments/67770-aws-kms-info-key-rotation.yml @@ -0,0 +1,2 @@ +minor_changes: + - aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. diff --git a/changelogs/fragments/dont-template-cli-passwords.yml b/changelogs/fragments/dont-template-cli-passwords.yml new file mode 100644 index 00000000000..5c8dbea7e19 --- /dev/null +++ b/changelogs/fragments/dont-template-cli-passwords.yml @@ -0,0 +1,12 @@ +bugfixes: +- > + **security issue** - Convert CLI provided passwords to text initially, to + prevent unsafe context being lost when converting from bytes->text during + post processing of PlayContext. This prevents CLI provided passwords from + being incorrectly templated (CVE-2019-14856) +- > + **security issue** - Update ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes`` + to maintain unsafe context by overriding ``.encode`` and ``.decode``. This + prevents future issues with ``to_text``, ``to_bytes``, or ``to_native`` + removing the unsafe wrapper when converting between string types + (CVE-2019-14856) diff --git a/changelogs/fragments/lineinfile-backrefs-match-object-type.yaml b/changelogs/fragments/lineinfile-backrefs-match-object-type.yaml new file mode 100644 index 00000000000..55d532b3564 --- /dev/null +++ b/changelogs/fragments/lineinfile-backrefs-match-object-type.yaml @@ -0,0 +1,2 @@ +bugfixes: + - lineinfile - properly handle inserting a line when backrefs are enabled and the line already exists in the file (https://github.com/ansible/ansible/issues/63756) diff --git a/changelogs/fragments/win_credential-wildcard.yaml b/changelogs/fragments/win_credential-wildcard.yaml new file mode 100644 index 00000000000..a27b5842365 --- /dev/null +++ b/changelogs/fragments/win_credential-wildcard.yaml @@ -0,0 +1,2 @@ +bugfixes: +- win_credential - Fix issue that errors when trying to add a ``name`` with wildcards. From 1a1be5f494bb3935084b33d9183a41b9e9389cff Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 25 Jun 2020 10:39:55 -0700 Subject: [PATCH 031/129] Cleanup renamed docs (#122) The add_docs script uses a new rst filename, which was missed in #116. So there's a bunch of duplicated docs files which should be cleaned up. --- docs/community.aws.aws_acm.rst | 501 -- docs/community.aws.aws_acm_info.rst | 963 ---- docs/community.aws.aws_api_gateway.rst | 578 -- ...ity.aws.aws_application_scaling_policy.rst | 1017 ---- ...nity.aws.aws_batch_compute_environment.rst | 583 -- ...community.aws.aws_batch_job_definition.rst | 727 --- docs/community.aws.aws_batch_job_queue.rst | 401 -- docs/community.aws.aws_codebuild.rst | 1137 ---- docs/community.aws.aws_codecommit.rst | 570 -- docs/community.aws.aws_codepipeline.rst | 631 --- ...s.aws_config_aggregation_authorization.rst | 287 - docs/community.aws.aws_config_aggregator.rst | 411 -- ...munity.aws.aws_config_delivery_channel.rst | 339 -- docs/community.aws.aws_config_recorder.rst | 360 -- docs/community.aws.aws_config_rule.rst | 477 -- ...nity.aws.aws_direct_connect_connection.rst | 576 -- ...mmunity.aws.aws_direct_connect_gateway.rst | 457 -- ..._direct_connect_link_aggregation_group.rst | 645 --- ...s.aws_direct_connect_virtual_interface.rst | 910 ---- docs/community.aws.aws_eks_cluster.rst | 615 --- ...community.aws.aws_elasticbeanstalk_app.rst | 359 -- docs/community.aws.aws_glue_connection.rst | 539 -- docs/community.aws.aws_glue_job.rst | 719 --- docs/community.aws.aws_inspector_target.rst | 415 -- docs/community.aws.aws_kms.rst | 1088 ---- docs/community.aws.aws_kms_info.rst | 727 --- docs/community.aws.aws_region_info.rst | 289 - docs/community.aws.aws_s3_bucket_info.rst | 274 - docs/community.aws.aws_s3_cors.rst | 367 -- docs/community.aws.aws_secret.rst | 544 -- docs/community.aws.aws_ses_identity.rst | 741 --- .../community.aws.aws_ses_identity_policy.rst | 357 -- docs/community.aws.aws_ses_rule_set.rst | 386 -- docs/community.aws.aws_sgw_info.rst | 734 --- docs/community.aws.aws_ssm.rst | 276 - .../community.aws.aws_ssm_parameter_store.rst | 456 -- ...y.aws.aws_step_functions_state_machine.rst | 383 -- ...step_functions_state_machine_execution.rst | 419 -- docs/community.aws.aws_waf_condition.rst | 1440 ----- docs/community.aws.aws_waf_info.rst | 455 -- docs/community.aws.aws_waf_rule.rst | 573 -- docs/community.aws.aws_waf_web_acl.rst | 635 --- ...munity.aws.cloudformation_exports_info.rst | 267 - ...community.aws.cloudformation_stack_set.rst | 717 --- .../community.aws.cloudfront_distribution.rst | 4701 ----------------- docs/community.aws.cloudfront_info.rst | 777 --- .../community.aws.cloudfront_invalidation.rst | 508 -- ....aws.cloudfront_origin_access_identity.rst | 458 -- docs/community.aws.cloudtrail.rst | 853 --- docs/community.aws.cloudwatchevent_rule.rst | 546 -- ...community.aws.cloudwatchlogs_log_group.rst | 517 -- ...nity.aws.cloudwatchlogs_log_group_info.rst | 393 -- ...cloudwatchlogs_log_group_metric_filter.rst | 424 -- docs/community.aws.data_pipeline.rst | 677 --- docs/community.aws.dms_endpoint.rst | 653 --- ...unity.aws.dms_replication_subnet_group.rst | 298 -- docs/community.aws.dynamodb_table.rst | 638 --- docs/community.aws.dynamodb_ttl.rst | 325 -- docs/community.aws.ec2_ami_copy.rst | 475 -- docs/community.aws.ec2_asg.rst | 1408 ----- docs/community.aws.ec2_asg_info.rst | 670 --- docs/community.aws.ec2_asg_lifecycle_hook.rst | 401 -- docs/community.aws.ec2_customer_gateway.rst | 468 -- ...ommunity.aws.ec2_customer_gateway_info.rst | 313 -- docs/community.aws.ec2_eip.rst | 592 --- docs/community.aws.ec2_eip_info.rst | 320 -- docs/community.aws.ec2_elb.rst | 349 -- docs/community.aws.ec2_elb_info.rst | 275 - docs/community.aws.ec2_instance.rst | 2708 ---------- docs/community.aws.ec2_instance_info.rst | 1837 ------- docs/community.aws.ec2_launch_template.rst | 1343 ----- docs/community.aws.ec2_lc.rst | 1472 ------ docs/community.aws.ec2_lc_find.rst | 549 -- docs/community.aws.ec2_lc_info.rst | 581 -- docs/community.aws.ec2_metric_alarm.rst | 565 -- docs/community.aws.ec2_placement_group.rst | 386 -- ...community.aws.ec2_placement_group_info.rst | 348 -- docs/community.aws.ec2_scaling_policy.rst | 353 -- docs/community.aws.ec2_snapshot_copy.rst | 428 -- docs/community.aws.ec2_transit_gateway.rst | 822 --- ...community.aws.ec2_transit_gateway_info.rst | 609 --- docs/community.aws.ec2_vpc_egress_igw.rst | 321 -- docs/community.aws.ec2_vpc_endpoint.rst | 470 -- docs/community.aws.ec2_vpc_endpoint_info.rst | 362 -- docs/community.aws.ec2_vpc_igw.rst | 373 -- docs/community.aws.ec2_vpc_igw_info.rst | 332 -- docs/community.aws.ec2_vpc_nacl.rst | 465 -- docs/community.aws.ec2_vpc_nacl_info.rst | 429 -- docs/community.aws.ec2_vpc_nat_gateway.rst | 590 --- ...community.aws.ec2_vpc_nat_gateway_info.rst | 323 -- docs/community.aws.ec2_vpc_peer.rst | 521 -- docs/community.aws.ec2_vpc_peering_info.rst | 315 -- docs/community.aws.ec2_vpc_route_table.rst | 820 --- ...community.aws.ec2_vpc_route_table_info.rst | 265 - docs/community.aws.ec2_vpc_vgw.rst | 431 -- docs/community.aws.ec2_vpc_vgw_info.rst | 332 -- docs/community.aws.ec2_vpc_vpn.rst | 942 ---- docs/community.aws.ec2_vpc_vpn_info.rst | 651 --- docs/community.aws.ec2_win_password.rst | 363 -- docs/community.aws.ecs_attribute.rst | 463 -- docs/community.aws.ecs_cluster.rst | 445 -- docs/community.aws.ecs_ecr.rst | 530 -- docs/community.aws.ecs_service.rst | 1645 ------ docs/community.aws.ecs_service_info.rst | 574 -- docs/community.aws.ecs_tag.rst | 434 -- docs/community.aws.ecs_task.rst | 750 --- docs/community.aws.ecs_taskdefinition.rst | 592 --- .../community.aws.ecs_taskdefinition_info.rst | 1245 ----- docs/community.aws.efs.rst | 763 --- docs/community.aws.efs_info.rst | 583 -- docs/community.aws.elasticache.rst | 489 -- docs/community.aws.elasticache_info.rst | 920 ---- ...munity.aws.elasticache_parameter_group.rst | 397 -- docs/community.aws.elasticache_snapshot.rst | 402 -- ...community.aws.elasticache_subnet_group.rst | 306 -- docs/community.aws.elb_application_lb.rst | 1389 ----- .../community.aws.elb_application_lb_info.rst | 639 --- docs/community.aws.elb_classic_lb.rst | 812 --- docs/community.aws.elb_classic_lb_info.rst | 310 -- docs/community.aws.elb_instance.rst | 351 -- docs/community.aws.elb_network_lb.rst | 1085 ---- docs/community.aws.elb_target.rst | 411 -- docs/community.aws.elb_target_group.rst | 1087 ---- docs/community.aws.elb_target_group_info.rst | 813 --- docs/community.aws.elb_target_info.rst | 578 -- docs/community.aws.execute_lambda.rst | 447 -- docs/community.aws.iam.rst | 568 -- docs/community.aws.iam_cert.rst | 408 -- docs/community.aws.iam_group.rst | 635 --- docs/community.aws.iam_managed_policy.rst | 421 -- docs/community.aws.iam_mfa_device_info.rst | 293 - docs/community.aws.iam_password_policy.rst | 429 -- docs/community.aws.iam_policy.rst | 396 -- docs/community.aws.iam_policy_info.rst | 383 -- docs/community.aws.iam_role.rst | 665 --- docs/community.aws.iam_role_info.rst | 630 --- docs/community.aws.iam_saml_federation.rst | 402 -- ...munity.aws.iam_server_certificate_info.rst | 391 -- docs/community.aws.iam_user.rst | 451 -- docs/community.aws.iam_user_info.rst | 433 -- docs/community.aws.kinesis_stream.rst | 572 -- docs/community.aws.lambda.rst | 620 --- docs/community.aws.lambda_alias.rst | 454 -- docs/community.aws.lambda_event.rst | 456 -- docs/community.aws.lambda_facts.rst | 378 -- docs/community.aws.lambda_info.rst | 352 -- docs/community.aws.lambda_policy.rst | 439 -- docs/community.aws.lightsail.rst | 454 -- docs/community.aws.rds.rst | 1684 ------ docs/community.aws.rds_instance.rst | 2435 --------- docs/community.aws.rds_instance_info.rst | 1320 ----- docs/community.aws.rds_param_group.rst | 489 -- docs/community.aws.rds_snapshot.rst | 758 --- docs/community.aws.rds_snapshot_info.rst | 1100 ---- docs/community.aws.rds_subnet_group.rst | 419 -- docs/community.aws.redshift.rst | 950 ---- ...ty.aws.redshift_cross_region_snapshots.rst | 339 -- docs/community.aws.redshift_info.rst | 847 --- docs/community.aws.redshift_subnet_group.rst | 376 -- docs/community.aws.route53.rst | 985 ---- docs/community.aws.route53_health_check.rst | 423 -- docs/community.aws.route53_info.rst | 536 -- docs/community.aws.route53_zone.rst | 498 -- docs/community.aws.s3_bucket_notification.rst | 430 -- docs/community.aws.s3_lifecycle.rst | 579 -- docs/community.aws.s3_logging.rst | 308 -- docs/community.aws.s3_sync.rst | 580 -- docs/community.aws.s3_website.rst | 644 --- docs/community.aws.sns.rst | 511 -- docs/community.aws.sns_topic.rst | 776 --- docs/community.aws.sqs_queue.rst | 759 --- docs/community.aws.sts_assume_role.rst | 422 -- docs/community.aws.sts_session_token.rst | 342 -- 173 files changed, 109890 deletions(-) delete mode 100644 docs/community.aws.aws_acm.rst delete mode 100644 docs/community.aws.aws_acm_info.rst delete mode 100644 docs/community.aws.aws_api_gateway.rst delete mode 100644 docs/community.aws.aws_application_scaling_policy.rst delete mode 100644 docs/community.aws.aws_batch_compute_environment.rst delete mode 100644 docs/community.aws.aws_batch_job_definition.rst delete mode 100644 docs/community.aws.aws_batch_job_queue.rst delete mode 100644 docs/community.aws.aws_codebuild.rst delete mode 100644 docs/community.aws.aws_codecommit.rst delete mode 100644 docs/community.aws.aws_codepipeline.rst delete mode 100644 docs/community.aws.aws_config_aggregation_authorization.rst delete mode 100644 docs/community.aws.aws_config_aggregator.rst delete mode 100644 docs/community.aws.aws_config_delivery_channel.rst delete mode 100644 docs/community.aws.aws_config_recorder.rst delete mode 100644 docs/community.aws.aws_config_rule.rst delete mode 100644 docs/community.aws.aws_direct_connect_connection.rst delete mode 100644 docs/community.aws.aws_direct_connect_gateway.rst delete mode 100644 docs/community.aws.aws_direct_connect_link_aggregation_group.rst delete mode 100644 docs/community.aws.aws_direct_connect_virtual_interface.rst delete mode 100644 docs/community.aws.aws_eks_cluster.rst delete mode 100644 docs/community.aws.aws_elasticbeanstalk_app.rst delete mode 100644 docs/community.aws.aws_glue_connection.rst delete mode 100644 docs/community.aws.aws_glue_job.rst delete mode 100644 docs/community.aws.aws_inspector_target.rst delete mode 100644 docs/community.aws.aws_kms.rst delete mode 100644 docs/community.aws.aws_kms_info.rst delete mode 100644 docs/community.aws.aws_region_info.rst delete mode 100644 docs/community.aws.aws_s3_bucket_info.rst delete mode 100644 docs/community.aws.aws_s3_cors.rst delete mode 100644 docs/community.aws.aws_secret.rst delete mode 100644 docs/community.aws.aws_ses_identity.rst delete mode 100644 docs/community.aws.aws_ses_identity_policy.rst delete mode 100644 docs/community.aws.aws_ses_rule_set.rst delete mode 100644 docs/community.aws.aws_sgw_info.rst delete mode 100644 docs/community.aws.aws_ssm.rst delete mode 100644 docs/community.aws.aws_ssm_parameter_store.rst delete mode 100644 docs/community.aws.aws_step_functions_state_machine.rst delete mode 100644 docs/community.aws.aws_step_functions_state_machine_execution.rst delete mode 100644 docs/community.aws.aws_waf_condition.rst delete mode 100644 docs/community.aws.aws_waf_info.rst delete mode 100644 docs/community.aws.aws_waf_rule.rst delete mode 100644 docs/community.aws.aws_waf_web_acl.rst delete mode 100644 docs/community.aws.cloudformation_exports_info.rst delete mode 100644 docs/community.aws.cloudformation_stack_set.rst delete mode 100644 docs/community.aws.cloudfront_distribution.rst delete mode 100644 docs/community.aws.cloudfront_info.rst delete mode 100644 docs/community.aws.cloudfront_invalidation.rst delete mode 100644 docs/community.aws.cloudfront_origin_access_identity.rst delete mode 100644 docs/community.aws.cloudtrail.rst delete mode 100644 docs/community.aws.cloudwatchevent_rule.rst delete mode 100644 docs/community.aws.cloudwatchlogs_log_group.rst delete mode 100644 docs/community.aws.cloudwatchlogs_log_group_info.rst delete mode 100644 docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst delete mode 100644 docs/community.aws.data_pipeline.rst delete mode 100644 docs/community.aws.dms_endpoint.rst delete mode 100644 docs/community.aws.dms_replication_subnet_group.rst delete mode 100644 docs/community.aws.dynamodb_table.rst delete mode 100644 docs/community.aws.dynamodb_ttl.rst delete mode 100644 docs/community.aws.ec2_ami_copy.rst delete mode 100644 docs/community.aws.ec2_asg.rst delete mode 100644 docs/community.aws.ec2_asg_info.rst delete mode 100644 docs/community.aws.ec2_asg_lifecycle_hook.rst delete mode 100644 docs/community.aws.ec2_customer_gateway.rst delete mode 100644 docs/community.aws.ec2_customer_gateway_info.rst delete mode 100644 docs/community.aws.ec2_eip.rst delete mode 100644 docs/community.aws.ec2_eip_info.rst delete mode 100644 docs/community.aws.ec2_elb.rst delete mode 100644 docs/community.aws.ec2_elb_info.rst delete mode 100644 docs/community.aws.ec2_instance.rst delete mode 100644 docs/community.aws.ec2_instance_info.rst delete mode 100644 docs/community.aws.ec2_launch_template.rst delete mode 100644 docs/community.aws.ec2_lc.rst delete mode 100644 docs/community.aws.ec2_lc_find.rst delete mode 100644 docs/community.aws.ec2_lc_info.rst delete mode 100644 docs/community.aws.ec2_metric_alarm.rst delete mode 100644 docs/community.aws.ec2_placement_group.rst delete mode 100644 docs/community.aws.ec2_placement_group_info.rst delete mode 100644 docs/community.aws.ec2_scaling_policy.rst delete mode 100644 docs/community.aws.ec2_snapshot_copy.rst delete mode 100644 docs/community.aws.ec2_transit_gateway.rst delete mode 100644 docs/community.aws.ec2_transit_gateway_info.rst delete mode 100644 docs/community.aws.ec2_vpc_egress_igw.rst delete mode 100644 docs/community.aws.ec2_vpc_endpoint.rst delete mode 100644 docs/community.aws.ec2_vpc_endpoint_info.rst delete mode 100644 docs/community.aws.ec2_vpc_igw.rst delete mode 100644 docs/community.aws.ec2_vpc_igw_info.rst delete mode 100644 docs/community.aws.ec2_vpc_nacl.rst delete mode 100644 docs/community.aws.ec2_vpc_nacl_info.rst delete mode 100644 docs/community.aws.ec2_vpc_nat_gateway.rst delete mode 100644 docs/community.aws.ec2_vpc_nat_gateway_info.rst delete mode 100644 docs/community.aws.ec2_vpc_peer.rst delete mode 100644 docs/community.aws.ec2_vpc_peering_info.rst delete mode 100644 docs/community.aws.ec2_vpc_route_table.rst delete mode 100644 docs/community.aws.ec2_vpc_route_table_info.rst delete mode 100644 docs/community.aws.ec2_vpc_vgw.rst delete mode 100644 docs/community.aws.ec2_vpc_vgw_info.rst delete mode 100644 docs/community.aws.ec2_vpc_vpn.rst delete mode 100644 docs/community.aws.ec2_vpc_vpn_info.rst delete mode 100644 docs/community.aws.ec2_win_password.rst delete mode 100644 docs/community.aws.ecs_attribute.rst delete mode 100644 docs/community.aws.ecs_cluster.rst delete mode 100644 docs/community.aws.ecs_ecr.rst delete mode 100644 docs/community.aws.ecs_service.rst delete mode 100644 docs/community.aws.ecs_service_info.rst delete mode 100644 docs/community.aws.ecs_tag.rst delete mode 100644 docs/community.aws.ecs_task.rst delete mode 100644 docs/community.aws.ecs_taskdefinition.rst delete mode 100644 docs/community.aws.ecs_taskdefinition_info.rst delete mode 100644 docs/community.aws.efs.rst delete mode 100644 docs/community.aws.efs_info.rst delete mode 100644 docs/community.aws.elasticache.rst delete mode 100644 docs/community.aws.elasticache_info.rst delete mode 100644 docs/community.aws.elasticache_parameter_group.rst delete mode 100644 docs/community.aws.elasticache_snapshot.rst delete mode 100644 docs/community.aws.elasticache_subnet_group.rst delete mode 100644 docs/community.aws.elb_application_lb.rst delete mode 100644 docs/community.aws.elb_application_lb_info.rst delete mode 100644 docs/community.aws.elb_classic_lb.rst delete mode 100644 docs/community.aws.elb_classic_lb_info.rst delete mode 100644 docs/community.aws.elb_instance.rst delete mode 100644 docs/community.aws.elb_network_lb.rst delete mode 100644 docs/community.aws.elb_target.rst delete mode 100644 docs/community.aws.elb_target_group.rst delete mode 100644 docs/community.aws.elb_target_group_info.rst delete mode 100644 docs/community.aws.elb_target_info.rst delete mode 100644 docs/community.aws.execute_lambda.rst delete mode 100644 docs/community.aws.iam.rst delete mode 100644 docs/community.aws.iam_cert.rst delete mode 100644 docs/community.aws.iam_group.rst delete mode 100644 docs/community.aws.iam_managed_policy.rst delete mode 100644 docs/community.aws.iam_mfa_device_info.rst delete mode 100644 docs/community.aws.iam_password_policy.rst delete mode 100644 docs/community.aws.iam_policy.rst delete mode 100644 docs/community.aws.iam_policy_info.rst delete mode 100644 docs/community.aws.iam_role.rst delete mode 100644 docs/community.aws.iam_role_info.rst delete mode 100644 docs/community.aws.iam_saml_federation.rst delete mode 100644 docs/community.aws.iam_server_certificate_info.rst delete mode 100644 docs/community.aws.iam_user.rst delete mode 100644 docs/community.aws.iam_user_info.rst delete mode 100644 docs/community.aws.kinesis_stream.rst delete mode 100644 docs/community.aws.lambda.rst delete mode 100644 docs/community.aws.lambda_alias.rst delete mode 100644 docs/community.aws.lambda_event.rst delete mode 100644 docs/community.aws.lambda_facts.rst delete mode 100644 docs/community.aws.lambda_info.rst delete mode 100644 docs/community.aws.lambda_policy.rst delete mode 100644 docs/community.aws.lightsail.rst delete mode 100644 docs/community.aws.rds.rst delete mode 100644 docs/community.aws.rds_instance.rst delete mode 100644 docs/community.aws.rds_instance_info.rst delete mode 100644 docs/community.aws.rds_param_group.rst delete mode 100644 docs/community.aws.rds_snapshot.rst delete mode 100644 docs/community.aws.rds_snapshot_info.rst delete mode 100644 docs/community.aws.rds_subnet_group.rst delete mode 100644 docs/community.aws.redshift.rst delete mode 100644 docs/community.aws.redshift_cross_region_snapshots.rst delete mode 100644 docs/community.aws.redshift_info.rst delete mode 100644 docs/community.aws.redshift_subnet_group.rst delete mode 100644 docs/community.aws.route53.rst delete mode 100644 docs/community.aws.route53_health_check.rst delete mode 100644 docs/community.aws.route53_info.rst delete mode 100644 docs/community.aws.route53_zone.rst delete mode 100644 docs/community.aws.s3_bucket_notification.rst delete mode 100644 docs/community.aws.s3_lifecycle.rst delete mode 100644 docs/community.aws.s3_logging.rst delete mode 100644 docs/community.aws.s3_sync.rst delete mode 100644 docs/community.aws.s3_website.rst delete mode 100644 docs/community.aws.sns.rst delete mode 100644 docs/community.aws.sns_topic.rst delete mode 100644 docs/community.aws.sqs_queue.rst delete mode 100644 docs/community.aws.sts_assume_role.rst delete mode 100644 docs/community.aws.sts_session_token.rst diff --git a/docs/community.aws.aws_acm.rst b/docs/community.aws.aws_acm.rst deleted file mode 100644 index 9df10011171..00000000000 --- a/docs/community.aws.aws_acm.rst +++ /dev/null @@ -1,501 +0,0 @@ -:orphan: - -.. _community.aws.aws_acm_module: - - -********************* -community.aws.aws_acm -********************* - -**Upload and delete certificates in the AWS Certificate Manager service** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Import and delete certificates in Amazon Web Service's Certificate Manager (AWS ACM). -- This module does not currently interact with AWS-provided certificates. It currently only manages certificates provided to AWS by the user. - -- The ACM API allows users to upload multiple certificates for the same domain name, and even multiple identical certificates. This module attempts to restrict such freedoms, to be idempotent, as per the Ansible philosophy. It does this through applying AWS resource "Name" tags to ACM certificates. -- When *state=present*, if there is one certificate in ACM with a ``Name`` tag equal to the ``name_tag`` parameter, and an identical body and chain, this task will succeed without effect. - -- When *state=present*, if there is one certificate in ACM a *Name* tag equal to the *name_tag* parameter, and a different body, this task will overwrite that certificate. - -- When *state=present*, if there are multiple certificates in ACM with a *Name* tag equal to the *name_tag* parameter, this task will fail. - -- When *state=absent* and *certificate_arn* is defined, this module will delete the ACM resource with that ARN if it exists in this region, and succeed without effect if it doesn't exist. - -- When *state=absent* and *domain_name* is defined, this module will delete all ACM resources in this AWS region with a corresponding domain name. If there are none, it will succeed without effect. - -- When *state=absent* and *certificate_arn* is not defined, and *domain_name* is not defined, this module will delete all ACM resources in this AWS region with a corresponding *Name* tag. If there are none, it will succeed without effect. - -- Note that this may not work properly with keys of size 4096 bits, due to a limitation of the ACM API. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - certificate - -
    - string -
    -     		- -
    The body of the PEM encoded public certificate.
    -
    Required when state is not absent.
    -
    If your certificate is in a file, use lookup('file', 'path/to/cert.pem').
    -
    -
    - certificate_arn - -
    - string -
    -     		- -
    The ARN of a certificate in ACM to delete
    -
    Ignored when state=present.
    -
    If state=absent, you must provide one of certificate_arn, domain_name or name_tag.
    -
    If state=absent and no resource exists with this ARN in this region, the task will succeed with no effect.
    -
    If state=absent and the corresponding resource exists in a different region, this task may report success without deleting that resource.
    -

    aliases: arn
    -
    -
    - certificate_chain - -
    - string -
    -     		- -
    The body of the PEM encoded chain for your certificate.
    -
    If your certificate chain is in a file, use lookup('file', 'path/to/chain.pem').
    -
    Ignored when state=absent
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - domain_name - -
    - string -
    -     		- -
    The domain name of the certificate.
    -
    If state=absent and domain_name is specified, this task will delete all ACM certificates with this domain.
    -
    Exactly one of domain_name, name_tag and certificate_arn must be provided.
    -
    If state=present this must not be specified. (Since the domain name is encoded within the public certificate's body.)
    -

    aliases: domain
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name_tag - -
    - string -
    -     		- -
    The unique identifier for tagging resources using AWS tags, with key Name.
    -
    This can be any set of characters accepted by AWS for tag values.
    -
    This is to ensure Ansible can treat certificates idempotently, even though the ACM API allows duplicate certificates.
    -
    If state=preset, this must be specified.
    -
    If state=absent, you must provide exactly one of certificate_arn, domain_name or name_tag.
    -

    aliases: name
    -
    -
    - private_key - -
    - string -
    -     		- -
    The body of the PEM encoded private key.
    -
    Required when state=present.
    -
    Ignored when state=absent.
    -
    If your private key is in a file, use lookup('file', 'path/to/key.pem').
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    If state=present, the specified public certificate and private key will be uploaded, with Name tag equal to name_tag.
    -
    If state=absent, any certificates in this region with a corresponding domain_name, name_tag or certificate_arn will be deleted.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - - name: upload a self-signed certificate - community.aws.aws_acm: - certificate: "{{ lookup('file', 'cert.pem' ) }}" - privateKey: "{{ lookup('file', 'key.pem' ) }}" - name_tag: my_cert # to be applied through an AWS tag as "Name":"my_cert" - region: ap-southeast-2 # AWS region - - - name: create/update a certificate with a chain - community.aws.aws_acm: - certificate: "{{ lookup('file', 'cert.pem' ) }}" - privateKey: "{{ lookup('file', 'key.pem' ) }}" - name_tag: my_cert - certificate_chain: "{{ lookup('file', 'chain.pem' ) }}" - state: present - region: ap-southeast-2 - register: cert_create - - - name: print ARN of cert we just created - debug: - var: cert_create.certificate.arn - - - name: delete the cert we just created - community.aws.aws_acm: - name_tag: my_cert - state: absent - region: ap-southeast-2 - - - name: delete a certificate with a particular ARN - community.aws.aws_acm: - certificate_arn: "arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901" - state: absent - region: ap-southeast-2 - - - name: delete all certificates with a particular domain name - community.aws.aws_acm: - domain_name: acm.ansible.com - state: absent - region: ap-southeast-2 - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - arns - -
    - list - / elements=string
    -     		when state=absent -
    A list of the ARNs of the certificates in ACM which were deleted
    -
    -
    Sample:
    -
    ['arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901']
    -
    -
    - certificate - -
    - complex -
    -     		when state=present -
    Information about the certificate which was uploaded
    -
    -
      -
    - arn - -
    - string -
    -     		when state=present -
    The ARN of the certificate in ACM
    -
    -
    Sample:
    -
    arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901
    -
      -
    - domain_name - -
    - string -
    -     		when state=present -
    The domain name encoded within the public certificate
    -
    -
    Sample:
    -
    acm.ansible.com
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Matthew Davis (@matt-telstra) on behalf of Telstra Corporation Limited - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_acm_info.rst b/docs/community.aws.aws_acm_info.rst deleted file mode 100644 index e68876774ee..00000000000 --- a/docs/community.aws.aws_acm_info.rst +++ /dev/null @@ -1,963 +0,0 @@ -:orphan: - -.. _community.aws.aws_acm_info_module: - - -************************** -community.aws.aws_acm_info -************************** - -**Retrieve certificate information from AWS Certificate Manager service** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Retrieve information for ACM certificates -- This module was called ``aws_acm_facts`` before Ansible 2.9. The usage did not change. -- Note that this will not return information about uploaded keys of size 4096 bits, due to a limitation of the ACM API. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - certificate_arn - -
    - string -
    -     		- -
    If provided, the results will be filtered to show only the certificate with this ARN.
    -
    If no certificate with this ARN exists, this task will fail.
    -
    If a certificate with this ARN exists in a different region, this task will fail
    -

    aliases: arn
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - domain_name - -
    - string -
    -     		- -
    The domain name of an ACM certificate to limit the search to
    -

    aliases: name
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - statuses - -
    - list - / elements=string
    -     		-
      Choices: -
    • PENDING_VALIDATION
      • -
    • ISSUED
      • -
    • INACTIVE
      • -
    • EXPIRED
      • -
    • VALIDATION_TIMED_OUT
      • -
    • REVOKED
      • -
    • FAILED
      • -
    -     		-
    Status to filter the certificate results
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Filter results to show only certificates with tags that match all the tags specified here.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: obtain all ACM certificates - community.aws.aws_acm_info: - - - name: obtain all information for a single ACM certificate - community.aws.aws_acm_info: - domain_name: "*.example_com" - - - name: obtain all certificates pending validation - community.aws.aws_acm_info: - statuses: - - PENDING_VALIDATION - - - name: obtain all certificates with tag Name=foo and myTag=bar - community.aws.aws_acm_info: - tags: - Name: foo - myTag: bar - - - # The output is still a list of certificates, just one item long. - - name: obtain information about a certificate with a particular ARN - community.aws.aws_acm_info: - certificate_arn: "arn:aws:acm:ap-southeast-2:123456789876:certificate/abcdeabc-abcd-1234-4321-abcdeabcde12" - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - certificates - -
    - complex -
    -     		always -
    A list of certificates
    -
    -
      -
    - certificate - -
    - string -
    -     		when certificate creation is complete -
    The ACM Certificate body
    -
    -
    Sample:
    -
    -----BEGIN CERTIFICATE-----\nMII.....-----END CERTIFICATE-----\n
    -
      -
    - certificate_arn - -
    - string -
    -     		always -
    Certificate ARN
    -
    -
    Sample:
    -
    arn:aws:acm:ap-southeast-2:123456789012:certificate/abcd1234-abcd-1234-abcd-123456789abc
    -
      -
    - certificate_chain - -
    - string -
    -     		when certificate creation is complete -
    Full certificate chain for the certificate
    -
    -
    Sample:
    -
    -----BEGIN CERTIFICATE-----\nMII...\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n...
    -
      -
    - created_at - -
    - string -
    -     		always -
    Date certificate was created
    -
    -
    Sample:
    -
    2017-08-15T10:31:19+10:00
    -
      -
    - domain_name - -
    - string -
    -     		always -
    Domain name for the certificate
    -
    -
    Sample:
    -
    *.example.com
    -
      -
    - domain_validation_options - -
    - complex -
    -     		when certificate type is AMAZON_ISSUED -
    Options used by ACM to validate the certificate
    -
    -
       -
    - domain_name - -
    - string -
    -     		always -
    Fully qualified domain name of the certificate
    -
    -
    Sample:
    -
    example.com
    -
       -
    - validation_domain - -
    - string -
    -     		always -
    The domain name ACM used to send validation emails
    -
    -
    Sample:
    -
    example.com
    -
       -
    - validation_emails - -
    - list - / elements=string
    -     		always -
    A list of email addresses that ACM used to send domain validation emails
    -
    -
    Sample:
    -
    ['admin@example.com', 'postmaster@example.com']
    -
       -
    - validation_status - -
    - string -
    -     		always -
    Validation status of the domain
    -
    -
    Sample:
    -
    SUCCESS
    -
      -
    - failure_reason - -
    - string -
    -     		only when certificate issuing failed -
    Reason certificate request failed
    -
    -
    Sample:
    -
    NO_AVAILABLE_CONTACTS
    -
      -
    - in_use_by - -
    - list - / elements=string
    -     		always -
    A list of ARNs for the AWS resources that are using the certificate.
    -
    -
      -
    - issued_at - -
    - string -
    -     		always -
    Date certificate was issued
    -
    -
    Sample:
    -
    2017-01-01T00:00:00+10:00
    -
      -
    - issuer - -
    - string -
    -     		always -
    Issuer of the certificate
    -
    -
    Sample:
    -
    Amazon
    -
      -
    - key_algorithm - -
    - string -
    -     		always -
    Algorithm used to generate the certificate
    -
    -
    Sample:
    -
    RSA-2048
    -
      -
    - not_after - -
    - string -
    -     		always -
    Date after which the certificate is not valid
    -
    -
    Sample:
    -
    2019-01-01T00:00:00+10:00
    -
      -
    - not_before - -
    - string -
    -     		always -
    Date before which the certificate is not valid
    -
    -
    Sample:
    -
    2017-01-01T00:00:00+10:00
    -
      -
    - renewal_summary - -
    - complex -
    -     		when certificate is issued by Amazon and a renewal has been started -
    Information about managed renewal process
    -
    -
       -
    - domain_validation_options - -
    - complex -
    -     		when certificate type is AMAZON_ISSUED -
    Options used by ACM to validate the certificate
    -
    -
        -
    - domain_name - -
    - string -
    -     		always -
    Fully qualified domain name of the certificate
    -
    -
    Sample:
    -
    example.com
    -
        -
    - validation_domain - -
    - string -
    -     		always -
    The domain name ACM used to send validation emails
    -
    -
    Sample:
    -
    example.com
    -
        -
    - validation_emails - -
    - list - / elements=string
    -     		always -
    A list of email addresses that ACM used to send domain validation emails
    -
    -
    Sample:
    -
    ['admin@example.com', 'postmaster@example.com']
    -
        -
    - validation_status - -
    - string -
    -     		always -
    Validation status of the domain
    -
    -
    Sample:
    -
    SUCCESS
    -
       -
    - renewal_status - -
    - string -
    -     		always -
    Status of the domain renewal
    -
    -
    Sample:
    -
    PENDING_AUTO_RENEWAL
    -
      -
    - revocation_reason - -
    - string -
    -     		when the certificate has been revoked -
    Reason for certificate revocation
    -
    -
    Sample:
    -
    SUPERCEDED
    -
      -
    - revoked_at - -
    - string -
    -     		when the certificate has been revoked -
    Date certificate was revoked
    -
    -
    Sample:
    -
    2017-09-01T10:00:00+10:00
    -
      -
    - serial - -
    - string -
    -     		always -
    The serial number of the certificate
    -
    -
    Sample:
    -
    00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f
    -
      -
    - signature_algorithm - -
    - string -
    -     		always -
    Algorithm used to sign the certificate
    -
    -
    Sample:
    -
    SHA256WITHRSA
    -
      -
    - status - -
    - string -
    -     		always -
    Status of the certificate in ACM
    -
    -
    Sample:
    -
    ISSUED
    -
      -
    - subject - -
    - string -
    -     		always -
    The name of the entity that is associated with the public key contained in the certificate
    -
    -
    Sample:
    -
    CN=*.example.com
    -
      -
    - subject_alternative_names - -
    - list - / elements=string
    -     		always -
    Subject Alternative Names for the certificate
    -
    -
    Sample:
    -
    ['*.example.com']
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    Tags associated with the certificate
    -
    -
    Sample:
    -
    {'Application': 'helloworld', 'Environment': 'test'}
    -
      -
    - type - -
    - string -
    -     		always -
    The source of the certificate
    -
    -
    Sample:
    -
    AMAZON_ISSUED
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_api_gateway.rst b/docs/community.aws.aws_api_gateway.rst deleted file mode 100644 index 2e8a844fbef..00000000000 --- a/docs/community.aws.aws_api_gateway.rst +++ /dev/null @@ -1,578 +0,0 @@ -:orphan: - -.. _community.aws.aws_api_gateway_module: - - -***************************** -community.aws.aws_api_gateway -***************************** - -**Manage AWS API Gateway APIs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for the management of API Gateway APIs -- Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do not give api_id then a new API will be create each time this is run. -- Beware that there are very hard limits on the rate that you can call API Gateway's REST API. You may need to patch your boto. See https://github.com/boto/boto3/issues/876 and discuss with your AWS rep. -- swagger_file and swagger_text are passed directly on to AWS transparently whilst swagger_dict is an ansible dict which is converted to JSON before the API definitions are uploaded. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - api_id - -
    - string -
    -     		- -
    The ID of the API you want to manage.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cache_enabled - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enable API GW caching of backend responses. Defaults to false.
    -
    -
    - cache_size - -
    - string -
    -     		-
      Choices: -
    • 0.5 ←
      • -
    • 1.6
      • -
    • 6.1
      • -
    • 13.5
      • -
    • 28.4
      • -
    • 58.2
      • -
    • 118
      • -
    • 237
      • -
    -     		-
    Size in GB of the API GW cache, becomes effective when cache_enabled is true.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - deploy_desc - -
    - string -
    -     		- Default:
    "Automatic deployment by Ansible."
    -     		-
    Description of the deployment - recorded and visible in the AWS console.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - endpoint_type - -
    - string -
    -     		-
      Choices: -
    • EDGE ←
      • -
    • REGIONAL
      • -
    • PRIVATE
      • -
    -     		-
    Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
    -
    REGIONAL for just a regional deploy or PRIVATE for a private API.
    -
    This will flag will only be used when creating a new API Gateway setup, not for updates.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - stage - -
    - string -
    -     		- -
    The name of the stage the API should be deployed to.
    -
    -
    - stage_canary_settings - -
    - dictionary -
    -     		- -
    Canary settings for the deployment of the stage.
    -
    Dict with following settings:
    -
    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
    -
    deploymentId: The ID of the canary deployment.
    -
    stageVariableOverrides: Stage variables overridden for a canary release deployment.
    -
    useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
    - -
    -
    - stage_variables - -
    - dictionary -
    -     		- -
    ENV variables for the stage. Define a dict of key values pairs for variables.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete API Gateway.
    -
    -
    - swagger_dict - -
    - json -
    -     		- -
    Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
    -
    -
    - swagger_file - -
    - path -
    -     		- -
    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
    -

    aliases: src, api_file
    -
    -
    - swagger_text - -
    - string -
    -     		- -
    Swagger definitions for API in JSON or YAML as a string direct from playbook.
    -
    -
    - tracing_enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies whether active tracing with X-ray is enabled for the API GW stage.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - A future version of this module will probably use tags or another ID so that an API can be create only once. - - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Setup AWS API Gateway setup on AWS and deploy API definition - community.aws.aws_api_gateway: - swagger_file: my_api.yml - stage: production - cache_enabled: true - cache_size: '1.6' - tracing_enabled: true - endpoint_type: EDGE - state: present - - - name: Update API definition to deploy new version - community.aws.aws_api_gateway: - api_id: 'abc123321cba' - swagger_file: my_api.yml - deploy_desc: Make auth fix available. - cache_enabled: true - cache_size: '1.6' - endpoint_type: EDGE - state: present - - - name: Update API definitions and settings and deploy as canary - community.aws.aws_api_gateway: - api_id: 'abc123321cba' - swagger_file: my_api.yml - cache_enabled: true - cache_size: '6.1' - canary_settings: { percentTraffic: 50.0, deploymentId: '123', useStageCache: True } - state: present - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - api_id - -
    - string -
    -     		success -
    API id of the API endpoint created
    -
    -
    Sample:
    -
    0ln4zq7p86
    -
    -
    - configure_response - -
    - dictionary -
    -     		success -
    AWS response from the API configure call
    -
    -
    Sample:
    -
    {'api_key_source': 'HEADER', 'created_at': '2020-01-01T11:37:59+00:00', 'id': '0ln4zq7p86'}
    -
    -
    - deploy_response - -
    - dictionary -
    -     		success -
    AWS response from the API deploy call
    -
    -
    Sample:
    -
    {'created_date': '2020-01-01T11:36:59+00:00', 'id': 'rptv4b', 'description': 'Automatic deployment by Ansible.'}
    -
    -
    - resource_actions - -
    - list -
    -     		always -
    Actions performed against AWS API
    -
    -
    Sample:
    -
    ['apigateway:CreateRestApi', 'apigateway:CreateDeployment', 'apigateway:PutRestApi']
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael De La Rue (@mikedlr) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_application_scaling_policy.rst b/docs/community.aws.aws_application_scaling_policy.rst deleted file mode 100644 index e244a142610..00000000000 --- a/docs/community.aws.aws_application_scaling_policy.rst +++ /dev/null @@ -1,1017 +0,0 @@ -:orphan: - -.. _community.aws.aws_application_scaling_policy_module: - - -******************************************** -community.aws.aws_application_scaling_policy -******************************************** - -**Manage Application Auto Scaling Scaling Policies** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, updates or removes a Scaling Policy - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - maximum_tasks - -
    - integer -
    -     		- -
    The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service.
    -
    -
    - minimum_tasks - -
    - integer -
    -     		- -
    The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service.
    -
    -
    - override_task_capacity - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to override values of minimum and/or maximum tasks if it's already set.
    -
    -
    - policy_name - -
    - string - / required
    -     		- -
    The name of the scaling policy.
    -
    -
    - policy_type - -
    - string - / required
    -     		-
      Choices: -
    • StepScaling
      • -
    • TargetTrackingScaling
      • -
    -     		-
    The policy type.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - resource_id - -
    - string - / required
    -     		- -
    The identifier of the resource associated with the scalable target.
    -
    -
    - scalable_dimension - -
    - string - / required
    -     		-
      Choices: -
    • ecs:service:DesiredCount
      • -
    • ec2:spot-fleet-request:TargetCapacity
      • -
    • elasticmapreduce:instancegroup:InstanceCount
      • -
    • appstream:fleet:DesiredCapacity
      • -
    • dynamodb:table:ReadCapacityUnits
      • -
    • dynamodb:table:WriteCapacityUnits
      • -
    • dynamodb:index:ReadCapacityUnits
      • -
    • dynamodb:index:WriteCapacityUnits
      • -
    -     		-
    The scalable dimension associated with the scalable target.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - service_namespace - -
    - string - / required
    -     		-
      Choices: -
    • ecs
      • -
    • elasticmapreduce
      • -
    • ec2
      • -
    • appstream
      • -
    • dynamodb
      • -
    -     		-
    The namespace of the AWS service.
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • absent
      • -
    • present
      • -
    -     		-
    Whether a policy should be present or absent
    -
    -
    - step_scaling_policy_configuration - -
    - dictionary -
    -     		- -
    A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
    -
    -
    - target_tracking_scaling_policy_configuration - -
    - dictionary -
    -     		- -
    A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
    -
    Full documentation of the suboptions can be found in the API documentation:
    - -
    -
    - CustomizedMetricSpecification - -
    - dictionary -
    -     		- -
    The metric to use if using a customized metric.
    -
    -
    - DisableScaleIn - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether scaling-in should be disabled.
    -
    -
    - PredefinedMetricSpecification - -
    - dictionary -
    -     		- -
    The metric to use if using a predefined metric.
    -
    -
    - ScaleInCooldown - -
    - integer -
    -     		- -
    The time (in seconds) to wait after scaling-in before another scaling action can occur.
    -
    -
    - ScaleOutCooldown - -
    - integer -
    -     		- -
    The time (in seconds) to wait after scaling-out before another scaling action can occur.
    -
    -
    - TargetValue - -
    - float -
    -     		- -
    The target value for the metric
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/application-autoscaling.html#ApplicationAutoScaling.Client.put_scaling_policy - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Create step scaling policy for ECS Service - - name: scaling_policy - community.aws.aws_application_scaling_policy: - state: present - policy_name: test_policy - service_namespace: ecs - resource_id: service/poc-pricing/test-as - scalable_dimension: ecs:service:DesiredCount - policy_type: StepScaling - minimum_tasks: 1 - maximum_tasks: 6 - step_scaling_policy_configuration: - AdjustmentType: ChangeInCapacity - StepAdjustments: - - MetricIntervalUpperBound: 123 - ScalingAdjustment: 2 - - MetricIntervalLowerBound: 123 - ScalingAdjustment: -2 - Cooldown: 123 - MetricAggregationType: Average - - # Create target tracking scaling policy for ECS Service - - name: scaling_policy - community.aws.aws_application_scaling_policy: - state: present - policy_name: test_policy - service_namespace: ecs - resource_id: service/poc-pricing/test-as - scalable_dimension: ecs:service:DesiredCount - policy_type: TargetTrackingScaling - minimum_tasks: 1 - maximum_tasks: 6 - target_tracking_scaling_policy_configuration: - TargetValue: 60 - PredefinedMetricSpecification: - PredefinedMetricType: ECSServiceAverageCPUUtilization - ScaleOutCooldown: 60 - ScaleInCooldown: 60 - - # Remove scalable target for ECS Service - - name: scaling_policy - community.aws.aws_application_scaling_policy: - state: absent - policy_name: test_policy - policy_type: StepScaling - service_namespace: ecs - resource_id: service/cluster-name/service-name - scalable_dimension: ecs:service:DesiredCount - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - alarms - -
    - complex -
    -     		when state present -
    List of the CloudWatch alarms associated with the scaling policy
    -
    -
      -
    - alarm_arn - -
    - string -
    -     		when state present -
    The Amazon Resource Name (ARN) of the alarm
    -
    -
      -
    - alarm_name - -
    - string -
    -     		when state present -
    The name of the alarm
    -
    -
    -
    - creation_time - -
    - string -
    -     		when state present -
    The Unix timestamp for when the scalable target was created.
    -
    -
    Sample:
    -
    2017-09-28T08:22:51.881000-03:00
    -
    -
    - max_capacity - -
    - integer -
    -     		when state present -
    The maximum value to scale to in response to a scale out event. Required if state is present.
    -
    -
    Sample:
    -
    2
    -
    -
    - min_capacity - -
    - integer -
    -     		when state present -
    The minimum value to scale to in response to a scale in event. Required if state is present.
    -
    -
    Sample:
    -
    1
    -
    -
    - policy_arn - -
    - string -
    -     		when state present -
    The Amazon Resource Name (ARN) of the scaling policy..
    -
    -
    -
    - policy_name - -
    - string -
    -     		when state present -
    The name of the scaling policy.
    -
    -
    -
    - policy_type - -
    - string -
    -     		when state present -
    The policy type.
    -
    -
    -
    - resource_id - -
    - string -
    -     		when state present -
    The identifier of the resource associated with the scalable target.
    -
    -
    Sample:
    -
    service/cluster-name/service-name
    -
    -
    - role_arn - -
    - string -
    -     		when state present -
    The ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf. Required if state is present.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789123:role/roleName
    -
    -
    - scalable_dimension - -
    - string -
    -     		when state present -
    The scalable dimension associated with the scalable target.
    -
    -
    Sample:
    -
    ecs:service:DesiredCount
    -
    -
    - service_namespace - -
    - string -
    -     		when state present -
    The namespace of the AWS service.
    -
    -
    Sample:
    -
    ecs
    -
    -
    - step_scaling_policy_configuration - -
    - complex -
    -     		when state present and the policy type is StepScaling -
    The step scaling policy.
    -
    -
      -
    - adjustment_type - -
    - string -
    -     		when state present and the policy type is StepScaling -
    The adjustment type
    -
    -
    Sample:
    -
    ChangeInCapacity, PercentChangeInCapacity, ExactCapacity
    -
      -
    - cooldown - -
    - integer -
    -     		when state present and the policy type is StepScaling -
    The amount of time, in seconds, after a scaling activity completes where previous trigger-related scaling activities can influence future scaling events
    -
    -
    Sample:
    -
    60
    -
      -
    - metric_aggregation_type - -
    - string -
    -     		when state present and the policy type is StepScaling -
    The aggregation type for the CloudWatch metrics
    -
    -
    Sample:
    -
    Average, Minimum, Maximum
    -
      -
    - step_adjustments - -
    - list - / elements=dictionary
    -     		when state present and the policy type is StepScaling -
    A set of adjustments that enable you to scale based on the size of the alarm breach
    -
    -
    -
    - target_tracking_scaling_policy_configuration - -
    - complex -
    -     		when state present and the policy type is TargetTrackingScaling -
    The target tracking policy.
    -
    -
      -
    - predefined_metric_specification - -
    - complex -
    -     		when state present and the policy type is TargetTrackingScaling -
    A predefined metric
    -
    -
       -
    - predefined_metric_type - -
    - string -
    -     		when state present and the policy type is TargetTrackingScaling -
    The metric type
    -
    -
    Sample:
    -
    ECSServiceAverageCPUUtilization, ECSServiceAverageMemoryUtilization
    -
       -
    - resource_label - -
    - string -
    -     		when metric type is ALBRequestCountPerTarget -
    Identifies the resource associated with the metric type
    -
    -
      -
    - scale_in_cooldown - -
    - integer -
    -     		when state present and the policy type is TargetTrackingScaling -
    The amount of time, in seconds, after a scale in activity completes before another scale in activity can start
    -
    -
    Sample:
    -
    60
    -
      -
    - scale_out_cooldown - -
    - integer -
    -     		when state present and the policy type is TargetTrackingScaling -
    The amount of time, in seconds, after a scale out activity completes before another scale out activity can start
    -
    -
    Sample:
    -
    60
    -
      -
    - target_value - -
    - integer -
    -     		when state present and the policy type is TargetTrackingScaling -
    The target value for the metric
    -
    -
    Sample:
    -
    70
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Gustavo Maia (@gurumaia) -- Chen Leibovich (@chenl87) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_batch_compute_environment.rst b/docs/community.aws.aws_batch_compute_environment.rst deleted file mode 100644 index 9422dfab469..00000000000 --- a/docs/community.aws.aws_batch_compute_environment.rst +++ /dev/null @@ -1,583 +0,0 @@ -:orphan: - -.. _community.aws.aws_batch_compute_environment_module: - - -******************************************* -community.aws.aws_batch_compute_environment -******************************************* - -**Manage AWS Batch Compute Environments** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Batch Compute Environments. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bid_percentage - -
    - integer -
    -     		- -
    The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
    -
    -
    - compute_environment_name - -
    - string - / required
    -     		- -
    The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
    -
    -
    - compute_environment_state - -
    - string -
    -     		-
      Choices: -
    • ENABLED ←
      • -
    • DISABLED
      • -
    -     		-
    The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
    -
    -
    - compute_resource_type - -
    - string - / required
    -     		-
      Choices: -
    • EC2
      • -
    • SPOT
      • -
    -     		-
    The type of compute resource.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - desiredv_cpus - -
    - integer -
    -     		- -
    The desired number of EC2 vCPUS in the compute environment.
    -
    -
    - ec2_key_pair - -
    - string -
    -     		- -
    The EC2 key pair that is used for instances launched in the compute environment.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - image_id - -
    - string -
    -     		- -
    The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
    -
    -
    - instance_role - -
    - string - / required
    -     		- -
    The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
    -
    -
    - instance_types - -
    - list - / elements=string / required
    -     		- -
    The instance types that may be launched.
    -
    -
    - maxv_cpus - -
    - integer - / required
    -     		- -
    The maximum number of EC2 vCPUs that an environment can reach.
    -
    -
    - minv_cpus - -
    - integer - / required
    -     		- -
    The minimum number of EC2 vCPUs that an environment should maintain.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_group_ids - -
    - list - / elements=string / required
    -     		- -
    The EC2 security groups that are associated with instances launched in the compute environment.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - service_role - -
    - string - / required
    -     		- -
    The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
    -
    -
    - spot_iam_fleet_role - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - subnets - -
    - list - / elements=string / required
    -     		- -
    The VPC subnets into which the compute resources are launched.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Key-value pair tags to be applied to resources that are launched in the compute environment.
    -
    -
    - type - -
    - string - / required
    -     		-
      Choices: -
    • MANAGED
      • -
    • UNMANAGED
      • -
    -     		-
    The type of the compute environment.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - - hosts: localhost - gather_facts: no - vars: - state: present - tasks: - - name: My Batch Compute Environment - community.aws.aws_batch_compute_environment: - compute_environment_name: computeEnvironmentName - state: present - region: us-east-1 - compute_environment_state: ENABLED - type: MANAGED - compute_resource_type: EC2 - minv_cpus: 0 - maxv_cpus: 2 - desiredv_cpus: 1 - instance_types: - - optimal - subnets: - - my-subnet1 - - my-subnet2 - security_group_ids: - - my-sg1 - - my-sg2 - instance_role: arn:aws:iam:::instance-profile/ - tags: - tag1: value1 - tag2: value2 - service_role: arn:aws:iam:::role/service-role/ - register: aws_batch_compute_environment_action - - - name: show results - debug: - var: aws_batch_compute_environment_action - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - output - -
    - dictionary -
    -     		always -
    returns what action was taken, whether something was changed, invocation and response
    -
    -
    Sample:
    -
    {'batch_compute_environment_action': 'none', 'changed': False, 'invocation': {'module_args': {'aws_access_key': None, 'aws_secret_key': None, 'bid_percentage': None, 'compute_environment_name': '<name>', 'compute_environment_state': 'ENABLED', 'compute_resource_type': 'EC2', 'desiredv_cpus': 0, 'ec2_key_pair': None, 'ec2_url': None, 'image_id': None, 'instance_role': 'arn:aws:iam::...', 'instance_types': ['optimal'], 'maxv_cpus': 8, 'minv_cpus': 0, 'profile': None, 'region': 'us-east-1', 'security_group_ids': ['*******'], 'security_token': None, 'service_role': 'arn:aws:iam::....', 'spot_iam_fleet_role': None, 'state': 'present', 'subnets': ['******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'MANAGED', 'validate_certs': True}}, 'response': {'computeEnvironmentArn': 'arn:aws:batch:....', 'computeEnvironmentName': '<name>', 'computeResources': {'desiredvCpus': 0, 'instanceRole': 'arn:aws:iam::...', 'instanceTypes': ['optimal'], 'maxvCpus': 8, 'minvCpus': 0, 'securityGroupIds': ['******'], 'subnets': ['*******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'EC2'}, 'ecsClusterArn': 'arn:aws:ecs:.....', 'serviceRole': 'arn:aws:iam::...', 'state': 'ENABLED', 'status': 'VALID', 'statusReason': 'ComputeEnvironment Healthy', 'type': 'MANAGED'}}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jon Meran (@jonmer85) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_batch_job_definition.rst b/docs/community.aws.aws_batch_job_definition.rst deleted file mode 100644 index 4e6cd969454..00000000000 --- a/docs/community.aws.aws_batch_job_definition.rst +++ /dev/null @@ -1,727 +0,0 @@ -:orphan: - -.. _community.aws.aws_batch_job_definition_module: - - -************************************** -community.aws.aws_batch_job_definition -************************************** - -**Manage AWS Batch Job Definitions** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Batch Job Definitions. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - attempts - -
    - integer -
    -     		- -
    Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - command - -
    - list - / elements=string
    -     		- -
    The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - environment - -
    - list - / elements=dictionary
    -     		- -
    The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run.
    -
    -
    - name - -
    - - -
    -     		- -
    The name of the key value pair. For environment variables, this is the name of the environment variable.
    -
    -
    - value - -
    - - -
    -     		- -
    The value of the key value pair. For environment variables, this is the value of the environment variable.
    -
    -
    - image - -
    - string - / required
    -     		- -
    The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
    -
    -
    - job_definition_arn - -
    - string -
    -     		- -
    The ARN for the job definition.
    -
    -
    - job_definition_name - -
    - string - / required
    -     		- -
    The name for the job definition.
    -
    -
    - job_role_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
    -
    -
    - memory - -
    - integer - / required
    -     		- -
    The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
    -
    -
    - mount_points - -
    - list - / elements=dictionary
    -     		- -
    The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
    -
    -
    - containerPath - -
    - - -
    -     		- -
    The path on the container at which to mount the host volume.
    -
    -
    - readOnly - -
    - - -
    -     		- -
    If this value is true , the container has read-only access to the volume; otherwise, the container can write to the volume. The default value is false.
    -
    -
    - sourceVolume - -
    - - -
    -     		- -
    The name of the volume to mount.
    -
    -
    - parameters - -
    - dictionary -
    -     		- -
    Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
    -
    -
    - privileged - -
    - string -
    -     		- -
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - readonly_root_filesystem - -
    - string -
    -     		- -
    When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - type - -
    - string - / required
    -     		- -
    The type of job definition.
    -
    -
    - ulimits - -
    - list - / elements=dictionary
    -     		- -
    A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run.
    -
    -
    - hardLimit - -
    - - -
    -     		- -
    The hard limit for the ulimit type.
    -
    -
    - name - -
    - - -
    -     		- -
    The type of the ulimit.
    -
    -
    - softLimit - -
    - - -
    -     		- -
    The soft limit for the ulimit type.
    -
    -
    - user - -
    - string -
    -     		- -
    The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vcpus - -
    - integer - / required
    -     		- -
    The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
    -
    -
    - volumes - -
    - list - / elements=dictionary
    -     		- -
    A list of data volumes used in a job.
    -
    -
    - host - -
    - - -
    -     		- -
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume, but the data is not guaranteed to persist after the containers associated with it stop running. This is a dictionary with one property, sourcePath - The path on the host container instance that is presented to the container. If this parameter is empty,then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value does not exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
    -
    -
    - name - -
    - - -
    -     		- -
    The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - - hosts: localhost - gather_facts: no - vars: - state: present - tasks: - - name: My Batch Job Definition - community.aws.aws_batch_job_definition: - job_definition_name: My Batch Job Definition - state: present - type: container - parameters: - Param1: Val1 - Param2: Val2 - image: - vcpus: 1 - memory: 512 - command: - - python - - run_my_script.py - - arg1 - job_role_arn: - attempts: 3 - register: job_definition_create_result - - - name: show results - debug: var=job_definition_create_result - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - output - -
    - dictionary -
    -     		always -
    returns what action was taken, whether something was changed, invocation and response
    -
    -
    Sample:
    -
    {'aws_batch_job_definition_action': 'none', 'changed': False, 'response': {'job_definition_arn': 'arn:aws:batch:....', 'job_definition_name': '<name>', 'status': 'INACTIVE', 'type': 'container'}}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jon Meran (@jonmer85) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_batch_job_queue.rst b/docs/community.aws.aws_batch_job_queue.rst deleted file mode 100644 index aa0dacd87ce..00000000000 --- a/docs/community.aws.aws_batch_job_queue.rst +++ /dev/null @@ -1,401 +0,0 @@ -:orphan: - -.. _community.aws.aws_batch_job_queue_module: - - -********************************* -community.aws.aws_batch_job_queue -********************************* - -**Manage AWS Batch Job Queues** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Batch Job Queues. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - compute_environment_order - -
    - list - / elements=dictionary / required
    -     		- -
    The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
    -
    -
    - compute_environment - -
    - string -
    -     		- -
    The name of the compute environment.
    -
    -
    - order - -
    - integer -
    -     		- -
    The relative priority of the environment.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - job_queue_name - -
    - string - / required
    -     		- -
    The name for the job queue
    -
    -
    - job_queue_state - -
    - string -
    -     		-
      Choices: -
    • ENABLED ←
      • -
    • DISABLED
      • -
    -     		-
    The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
    -
    -
    - priority - -
    - integer - / required
    -     		- -
    The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - - hosts: localhost - gather_facts: no - vars: - state: present - tasks: - - name: My Batch Job Queue - community.aws.aws_batch_job_queue: - job_queue_name: jobQueueName - state: present - region: us-east-1 - job_queue_state: ENABLED - priority: 1 - compute_environment_order: - - order: 1 - compute_environment: my_compute_env1 - - order: 2 - compute_environment: my_compute_env2 - register: batch_job_queue_action - - - name: show results - debug: - var: batch_job_queue_action - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - output - -
    - dictionary -
    -     		always -
    returns what action was taken, whether something was changed, invocation and response
    -
    -
    Sample:
    -
    {'batch_job_queue_action': 'updated', 'changed': False, 'response': {'job_queue_arn': 'arn:aws:batch:....', 'job_queue_name': '<name>', 'priority': 1, 'state': 'DISABLED', 'status': 'UPDATING', 'status_reason': 'JobQueue Healthy'}}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jon Meran (@jonmer85) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_codebuild.rst b/docs/community.aws.aws_codebuild.rst deleted file mode 100644 index 7a4915af009..00000000000 --- a/docs/community.aws.aws_codebuild.rst +++ /dev/null @@ -1,1137 +0,0 @@ -:orphan: - -.. _community.aws.aws_codebuild_module: - - -*************************** -community.aws.aws_codebuild -*************************** - -**Create or delete an AWS CodeBuild project** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create or delete a CodeBuild projects on AWS, used for building code artifacts from source code. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - artifacts - -
    - dictionary - / required
    -     		- -
    Information about the build output artifacts for the build project.
    -
    -
    - location - -
    - - -
    -     		- -
    Information about the build output artifact location. When choosing type S3, set the bucket name here.
    -
    -
    - name - -
    - - -
    -     		- -
    Along with path and namespace_type, the pattern that AWS CodeBuild will use to name and store the output artifact.
    -
    -
    - namespace_type - -
    - - -
    -     		- -
    Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts.
    -
    Accepts BUILD_ID and NONE.
    - -
    -
    - packaging - -
    - - -
    -     		- -
    The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file.
    -
    -
    - path - -
    - - -
    -     		- -
    Along with namespace_type and name, the pattern that AWS CodeBuild will use to name and store the output artifacts.
    -
    Used for path in S3 bucket when type is S3.
    -
    -
    - type - -
    - - - / required
    -     		- -
    The type of build output for artifacts. Can be one of the following: CODEPIPELINE, NO_ARTIFACTS, S3.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cache - -
    - dictionary -
    -     		- -
    Caching params to speed up following builds.
    -
    -
    - location - -
    - - - / required
    -     		- -
    Caching location on S3.
    -
    -
    - type - -
    - - - / required
    -     		- -
    Cache type. Can be NO_CACHE or S3.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    Descriptive text of the CodeBuild project.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - encryption_key - -
    - string -
    -     		- -
    The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
    -
    -
    - environment - -
    - dictionary -
    -     		- -
    Information about the build environment for the build project.
    -
    -
    - compute_type - -
    - - - / required
    -     		- -
    Information about the compute resources the build project will use.
    -
    Available values include: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE.
    -
    -
    - environment_variables - -
    - - -
    -     		- -
    A set of environment variables to make available to builds for the build project. List of dictionaries with name and value fields.
    -
    Example: { name: 'MY_ENV_VARIABLE', value: 'test' }
    -
    -
    - image - -
    - - - / required
    -     		- -
    The ID of the Docker image to use for this build project.
    -
    -
    - privileged_mode - -
    - - -
    -     		- -
    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
    -
    -
    - type - -
    - - - / required
    -     		- -
    The type of build environment to use for the project. Usually LINUX_CONTAINER.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the CodeBuild project.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - service_role - -
    - string -
    -     		- -
    The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
    -
    -
    - source - -
    - dictionary - / required
    -     		- -
    Configure service and location for the build input source.
    -
    -
    - buildspec - -
    - string -
    -     		- -
    The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
    -
    -
    - git_clone_depth - -
    - integer -
    -     		- -
    When using git you can specify the clone depth as an integer here.
    -
    -
    - insecure_ssl - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Enable this flag to ignore SSL warnings while connecting to the project source code.
    -
    -
    - location - -
    - string -
    -     		- -
    Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
    -
    -
    - type - -
    - string - / required
    -     		- -
    The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove code build project.
    -
    -
    - tags - -
    - list - / elements=dictionary
    -     		- -
    A set of tags for the build project.
    -
    -
    - key - -
    - string -
    -     		- -
    The name of the Tag.
    -
    -
    - value - -
    - string -
    -     		- -
    The value of the Tag.
    -
    -
    - timeout_in_minutes - -
    - integer -
    -     		- Default:
    60
    -     		-
    How long CodeBuild should wait until timing out any build that has not been marked as completed.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_config - -
    - dictionary -
    -     		- -
    The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
    -
    -
    - - -Notes ------ - -.. note:: - - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - community.aws.aws_codebuild: - name: my_project - description: My nice little project - service_role: "arn:aws:iam::123123:role/service-role/code-build-service-role" - source: - # Possible values: BITBUCKET, CODECOMMIT, CODEPIPELINE, GITHUB, S3 - type: CODEPIPELINE - buildspec: '' - artifacts: - namespaceType: NONE - packaging: NONE - type: CODEPIPELINE - name: my_project - environment: - computeType: BUILD_GENERAL1_SMALL - privilegedMode: "true" - image: "aws/codebuild/docker:17.09.0" - type: LINUX_CONTAINER - environmentVariables: - - { name: 'PROFILE', value: 'staging' } - encryption_key: "arn:aws:kms:us-east-1:123123:alias/aws/s3" - region: us-east-1 - state: present - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - project - -
    - complex -
    -     		success -
    Returns the dictionary describing the code project configuration.
    -
    -
      -
    - arn - -
    - string -
    -     		always -
    ARN of the CodeBuild project
    -
    -
    Sample:
    -
    arn:aws:codebuild:us-east-1:123123123:project/vod-api-app-builder
    -
      -
    - artifacts - -
    - complex -
    -     		always -
    Information about the output of build artifacts
    -
    -
       -
    - location - -
    - string -
    -     		when configured -
    Output location for build artifacts
    -
    -
       -
    - type - -
    - string -
    -     		always -
    The type of build artifact.
    -
    -
    Sample:
    -
    CODEPIPELINE
    -
      -
    - cache - -
    - dictionary -
    -     		when configured -
    Cache settings for the build project.
    -
    -
      -
    - created - -
    - string -
    -     		always -
    Timestamp of the create time of the project
    -
    -
    Sample:
    -
    2018-04-17T16:56:03.245000+02:00
    -
      -
    - description - -
    - string -
    -     		always -
    A description of the build project
    -
    -
    Sample:
    -
    My nice little project
    -
      -
    - environment - -
    - dictionary -
    -     		always -
    Environment settings for the build
    -
    -
      -
    - name - -
    - string -
    -     		always -
    Name of the CodeBuild project
    -
    -
    Sample:
    -
    my_project
    -
      -
    - service_role - -
    - string -
    -     		always -
    IAM role to be used during build to access other AWS services.
    -
    -
    Sample:
    -
    arn:aws:iam::123123123:role/codebuild-service-role
    -
      -
    - source - -
    - complex -
    -     		always -
    Information about the build input source code.
    -
    -
       -
    - auth - -
    - complex -
    -     		when configured -
    Information about the authorization settings for AWS CodeBuild to access the source code to be built.
    -
    -
       -
    - build_spec - -
    - string -
    -     		always -
    The build spec declaration to use for the builds in this build project.
    -
    -
       -
    - git_clone_depth - -
    - integer -
    -     		when configured -
    The git clone depth
    -
    -
       -
    - insecure_ssl - -
    - boolean -
    -     		when configured -
    True if set to ignore SSL warnings.
    -
    -
       -
    - location - -
    - string -
    -     		when configured -
    Location identifier, depending on the source type.
    -
    -
       -
    - type - -
    - string -
    -     		always -
    The type of the repository
    -
    -
    Sample:
    -
    CODEPIPELINE
    -
      -
    - tags - -
    - list -
    -     		when configured -
    Tags added to the project
    -
    -
      -
    - timeout_in_minutes - -
    - integer -
    -     		always -
    The timeout of a build in minutes
    -
    -
    Sample:
    -
    60
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Stefan Horning (@stefanhorning) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_codecommit.rst b/docs/community.aws.aws_codecommit.rst deleted file mode 100644 index 273c6f6504f..00000000000 --- a/docs/community.aws.aws_codecommit.rst +++ /dev/null @@ -1,570 +0,0 @@ -:orphan: - -.. _community.aws.aws_codecommit_module: - - -**************************** -community.aws.aws_codecommit -**************************** - -**Manage repositories in AWS CodeCommit** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Supports creation and deletion of CodeCommit repositories. -- See https://aws.amazon.com/codecommit/ for more information about CodeCommit. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    description or comment of repository.
    -

    aliases: comment
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    name of repository.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies the state of repository.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Create a new repository - - community.aws.aws_codecommit: - name: repo - state: present - - # Delete a repository - - community.aws.aws_codecommit: - name: repo - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - repository_metadata - -
    - complex -
    -     		always -
    Information about the repository.
    -
    -
      -
    - account_id - -
    - string -
    -     		when state is present -
    The ID of the AWS account associated with the repository.
    -
    -
    Sample:
    -
    268342293637
    -
      -
    - arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the repository.
    -
    -
    Sample:
    -
    arn:aws:codecommit:ap-northeast-1:268342293637:username
    -
      -
    - clone_url_http - -
    - string -
    -     		when state is present -
    The URL to use for cloning the repository over HTTPS.
    -
    -
    Sample:
    -
    https://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    -
      -
    - clone_url_ssh - -
    - string -
    -     		when state is present -
    The URL to use for cloning the repository over SSH.
    -
    -
    Sample:
    -
    ssh://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    -
      -
    - creation_date - -
    - string -
    -     		when state is present -
    The date and time the repository was created, in timestamp format.
    -
    -
    Sample:
    -
    2018-10-16T13:21:41.261000+09:00
    -
      -
    - last_modified_date - -
    - string -
    -     		when state is present -
    The date and time the repository was last modified, in timestamp format.
    -
    -
    Sample:
    -
    2018-10-16T13:21:41.261000+09:00
    -
      -
    - repository_description - -
    - string -
    -     		when state is present -
    A comment or description about the repository.
    -
    -
    Sample:
    -
    test from ptux
    -
      -
    - repository_id - -
    - string -
    -     		always -
    The ID of the repository that was created or deleted
    -
    -
    Sample:
    -
    e62a5c54-i879-497b-b62f-9f99e4ebfk8e
    -
      -
    - repository_name - -
    - string -
    -     		when state is present -
    The repository's name.
    -
    -
    Sample:
    -
    reponame
    -
    -
    - response_metadata - -
    - complex -
    -     		always -
    Information about the response.
    -
    -
      -
    - http_headers - -
    - dictionary -
    -     		always -
    http headers of http response
    -
    -
      -
    - http_status_code - -
    - string -
    -     		always -
    http status code of http response
    -
    -
    Sample:
    -
    200
    -
      -
    - request_id - -
    - string -
    -     		always -
    http request id
    -
    -
    Sample:
    -
    fb49cfca-d0fa-11e8-85cb-b3cc4b5045ef
    -
      -
    - retry_attempts - -
    - string -
    -     		always -
    numbers of retry attempts
    -
    -
    Sample:
    -
    0
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Shuang Wang (@ptux) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_codepipeline.rst b/docs/community.aws.aws_codepipeline.rst deleted file mode 100644 index 8eededc759d..00000000000 --- a/docs/community.aws.aws_codepipeline.rst +++ /dev/null @@ -1,631 +0,0 @@ -:orphan: - -.. _community.aws.aws_codepipeline_module: - - -****************************** -community.aws.aws_codepipeline -****************************** - -**Create or delete AWS CodePipelines** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create or delete a CodePipeline on AWS. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - artifact_store - -
    - dictionary - / required
    -     		- -
    Location information where artifacts are stored (on S3). Dictionary with fields type and location.
    -
    -
    - location - -
    - string -
    -     		- -
    Bucket name for artifacts.
    -
    -
    - type - -
    - string -
    -     		- -
    Type of the artifacts storage (only 'S3' is currently supported).
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the pipeline
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string - / required
    -     		- -
    ARN of the IAM role to use when executing the pipeline
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - stages - -
    - list - / elements=dictionary / required
    -     		- -
    List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
    -
    -
    - actions - -
    - list - / elements=dictionary
    -     		- -
    List of action configurations for that stage.
    -
    See the boto3 documentation for full documentation of suboptions:
    - -
    -
    - name - -
    - string -
    -     		- -
    Name of the stage (step) in the codepipeline
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove code pipeline
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - version - -
    - integer -
    -     		- -
    Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
    -
    -
    - - -Notes ------ - -.. note:: - - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codepipeline.html - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) - - community.aws.aws_codepipeline: - name: my_deploy_pipeline - role_arn: arn:aws:iam::123456:role/AWS-CodePipeline-Service - artifact_store: - type: S3 - location: my_s3_codepipline_bucket - stages: - - name: Get_source - actions: - - - name: Git_pull - actionTypeId: - category: Source - owner: ThirdParty - provider: GitHub - version: '1' - outputArtifacts: - - { name: my-app-source } - configuration: - Owner: mediapeers - Repo: my_gh_repo - PollForSourceChanges: 'true' - Branch: master - # Generate token like this: - # https://docs.aws.amazon.com/codepipeline/latest/userguide/GitHub-rotate-personal-token-CLI.html - # GH Link: https://github.com/settings/tokens - OAuthToken: 'abc123def456' - runOrder: 1 - - name: Build - actions: - - - name: CodeBuild - actionTypeId: - category: Build - owner: AWS - provider: CodeBuild - version: '1' - inputArtifacts: - - { name: my-app-source } - outputArtifacts: - - { name: my-app-build } - configuration: - # A project with that name needs to be setup on AWS CodeBuild already (use code_build module). - ProjectName: codebuild-project-name - runOrder: 1 - - name: ECS_deploy - actions: - - - name: ECS_deploy - actionTypeId: - category: Deploy - owner: AWS - provider: ECS - version: '1' - inputArtifacts: - - { name: vod-api-app-build } - configuration: - # an ECS cluster with that name needs to be setup on AWS ECS already (use ecs_cluster and ecs_service module) - ClusterName: ecs-cluster-name - ServiceName: ecs-cluster-service-name - FileName: imagedefinitions.json - region: us-east-1 - state: present - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - pipeline - -
    - complex -
    -     		success -
    Returns the dictionary describing the code pipeline configuration.
    -
    -
      -
    - artifact_store - -
    - complex -
    -     		always -
    Information about where the build artifacts are stored
    -
    -
       -
    - encryption_key - -
    - string -
    -     		when configured -
    The encryption key used to encrypt the artifacts store, such as an AWS KMS key.
    -
    -
       -
    - location - -
    - string -
    -     		always -
    The location of the artifacts storage (s3 bucket name)
    -
    -
    Sample:
    -
    my_s3_codepipline_bucket
    -
       -
    - type - -
    - string -
    -     		always -
    The type of the artifacts store, such as S3
    -
    -
    Sample:
    -
    S3
    -
      -
    - name - -
    - string -
    -     		always -
    Name of the CodePipeline
    -
    -
    Sample:
    -
    my_deploy_pipeline
    -
      -
    - role_arn - -
    - string -
    -     		always -
    ARN of the IAM role attached to the code pipeline
    -
    -
    Sample:
    -
    arn:aws:iam::123123123:role/codepipeline-service-role
    -
      -
    - stages - -
    - list -
    -     		always -
    List of stages configured for this pipeline
    -
    -
      -
    - version - -
    - integer -
    -     		always -
    The version number of the pipeline. This number is auto incremented when pipeline params are changed.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Stefan Horning (@stefanhorning) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_aggregation_authorization.rst b/docs/community.aws.aws_config_aggregation_authorization.rst deleted file mode 100644 index 333c51d687a..00000000000 --- a/docs/community.aws.aws_config_aggregation_authorization.rst +++ /dev/null @@ -1,287 +0,0 @@ -:orphan: - -.. _community.aws.aws_config_aggregation_authorization_module: - - -************************************************** -community.aws.aws_config_aggregation_authorization -************************************************** - -**Manage cross-account AWS Config authorizations** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module manages AWS Config resources. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - authorized_account_id - -
    - string - / required
    -     		- -
    The 12-digit account ID of the account authorized to aggregate data.
    -
    -
    - authorized_aws_region - -
    - string - / required
    -     		- -
    The region authorized to collect aggregated data.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Get current account ID - community.aws.aws_caller_info: - register: whoami - - community.aws.aws_config_aggregation_authorization: - state: present - authorized_account_id: '{{ whoami.account }}' - authorized_aws_region: us-east-1 - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Aaron Smith (@slapula) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_aggregator.rst b/docs/community.aws.aws_config_aggregator.rst deleted file mode 100644 index 8e980438a59..00000000000 --- a/docs/community.aws.aws_config_aggregator.rst +++ /dev/null @@ -1,411 +0,0 @@ -:orphan: - -.. _community.aws.aws_config_aggregator_module: - - -*********************************** -community.aws.aws_config_aggregator -*********************************** - -**Manage AWS Config aggregations across multiple accounts** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module manages AWS Config resources - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - account_sources - -
    - list - / elements=dictionary / required
    -     		- -
    Provides a list of source accounts and regions to be aggregated.
    -
    -
    - account_ids - -
    - list - / elements=string
    -     		- -
    A list of 12-digit account IDs of accounts being aggregated.
    -
    -
    - all_aws_regions - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    If true, aggregate existing AWS Config regions and future regions.
    -
    -
    - aws_regions - -
    - list - / elements=string
    -     		- -
    A list of source regions being aggregated.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the AWS Config resource.
    -
    -
    - organization_source - -
    - dictionary - / required
    -     		- -
    The region authorized to collect aggregated data.
    -
    -
    - all_aws_regions - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    If true, aggregate existing AWS Config regions and future regions.
    -
    -
    - aws_regions - -
    - list - / elements=string
    -     		- -
    The source regions being aggregated.
    -
    -
    - role_arn - -
    - string -
    -     		- -
    ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create cross-account aggregator - community.aws.aws_config_aggregator: - name: test_config_rule - state: present - account_sources: - account_ids: - - 1234567890 - - 0123456789 - - 9012345678 - all_aws_regions: yes - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Aaron Smith (@slapula) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_delivery_channel.rst b/docs/community.aws.aws_config_delivery_channel.rst deleted file mode 100644 index 0e9ab296160..00000000000 --- a/docs/community.aws.aws_config_delivery_channel.rst +++ /dev/null @@ -1,339 +0,0 @@ -:orphan: - -.. _community.aws.aws_config_delivery_channel_module: - - -***************************************** -community.aws.aws_config_delivery_channel -***************************************** - -**Manage AWS Config delivery channels** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module manages AWS Config delivery locations for rule checks and configuration info. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delivery_frequency - -
    - string -
    -     		-
      Choices: -
    • One_Hour
      • -
    • Three_Hours
      • -
    • Six_Hours
      • -
    • Twelve_Hours
      • -
    • TwentyFour_Hours
      • -
    -     		-
    The frequency with which AWS Config delivers configuration snapshots.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the AWS Config resource.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - s3_bucket - -
    - string - / required
    -     		- -
    The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
    -
    -
    - s3_prefix - -
    - string -
    -     		- -
    The prefix for the specified Amazon S3 bucket.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - sns_topic_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create Delivery Channel for AWS Config - community.aws.aws_config_delivery_channel: - name: test_delivery_channel - state: present - s3_bucket: 'test_aws_config_bucket' - sns_topic_arn: 'arn:aws:sns:us-east-1:123456789012:aws_config_topic:1234ab56-cdef-7g89-01hi-2jk34l5m67no' - delivery_frequency: 'Twelve_Hours' - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Aaron Smith (@slapula) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_recorder.rst b/docs/community.aws.aws_config_recorder.rst deleted file mode 100644 index 6762b32c84e..00000000000 --- a/docs/community.aws.aws_config_recorder.rst +++ /dev/null @@ -1,360 +0,0 @@ -:orphan: - -.. _community.aws.aws_config_recorder_module: - - -********************************* -community.aws.aws_config_recorder -********************************* - -**Manage AWS Config Recorders** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module manages AWS Config configuration recorder settings. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the AWS Config resource.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - recording_group - -
    - dictionary -
    -     		- -
    Specifies the types of AWS resources for which AWS Config records configuration changes.
    -
    Required when state=present
    -
    -
    - all_supported - -
    - - -
    -     		- -
    Specifies whether AWS Config records configuration changes for every supported type of regional resource.
    -
    If all_supported=true, when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
    -
    If all_supported=true, you cannot enumerate a list of resource_types.
    -
    -
    - include_global_types - -
    - - -
    -     		- -
    Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
    -
    The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
    -
    If you set include_global_types=true, you must also set all_supported=true.
    -
    If you set include_global_types=true, when AWS Config adds support for a new type of global resource, it starts recording resources of that type automatically.
    -
    -
    - resource_types - -
    - - -
    -     		- -
    A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
    -
    Before you can set this option, you must set all_supported=false.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string -
    -     		- -
    Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
    -
    Required when state=present.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create Configuration Recorder for AWS Config - community.aws.aws_config_recorder: - name: test_configuration_recorder - state: present - role_arn: 'arn:aws:iam::123456789012:role/AwsConfigRecorder' - recording_group: - all_supported: true - include_global_types: true - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Aaron Smith (@slapula) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_config_rule.rst b/docs/community.aws.aws_config_rule.rst deleted file mode 100644 index 5f5b217833c..00000000000 --- a/docs/community.aws.aws_config_rule.rst +++ /dev/null @@ -1,477 +0,0 @@ -:orphan: - -.. _community.aws.aws_config_rule_module: - - -***************************** -community.aws.aws_config_rule -***************************** - -**Manage AWS Config resources** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module manages AWS Config rules - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    The description that you provide for the AWS Config rule.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - execution_frequency - -
    - string -
    -     		-
      Choices: -
    • One_Hour
      • -
    • Three_Hours
      • -
    • Six_Hours
      • -
    • Twelve_Hours
      • -
    • TwentyFour_Hours
      • -
    -     		-
    The maximum frequency with which AWS Config runs evaluations for a rule.
    -
    -
    - input_parameters - -
    - string -
    -     		- -
    A string, in JSON format, that is passed to the AWS Config rule Lambda function.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the AWS Config resource.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - scope - -
    - dictionary -
    -     		- -
    Defines which resources can trigger an evaluation for the rule.
    -
    -
    - compliance_id - -
    - - -
    -     		- -
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    -
    -
    - compliance_types - -
    - - -
    -     		- -
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    -
    -
    - tag_key - -
    - - -
    -     		- -
    The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
    -
    -
    - tag_value - -
    - - -
    -     		- -
    The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for tag_value, you must also specify a value for tag_key.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - source - -
    - dictionary - / required
    -     		- -
    Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
    -
    -
    - details - -
    - - -
    -     		- -
    Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
    -
    This parameter expects a list of dictionaries. Each dictionary expects the following key/value pairs.
    -
    Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
    -
    Key `MessageType` The type of notification that triggers AWS Config to run an evaluation for a rule.
    -
    Key `MaximumExecutionFrequency` The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
    -
    -
    - identifier - -
    - - -
    -     		- -
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    -
    -
    - owner - -
    - - -
    -     		- -
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create Config Rule for AWS Config - community.aws.aws_config_rule: - name: test_config_rule - state: present - description: 'This AWS Config rule checks for public write access on S3 buckets' - scope: - compliance_types: - - 'AWS::S3::Bucket' - source: - owner: AWS - identifier: 'S3_BUCKET_PUBLIC_WRITE_PROHIBITED' - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Aaron Smith (@slapula) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_connection.rst b/docs/community.aws.aws_direct_connect_connection.rst deleted file mode 100644 index cfbc2f70a83..00000000000 --- a/docs/community.aws.aws_direct_connect_connection.rst +++ /dev/null @@ -1,576 +0,0 @@ -:orphan: - -.. _community.aws.aws_direct_connect_connection_module: - - -******************************************* -community.aws.aws_direct_connect_connection -******************************************* - -**Creates, deletes, modifies a DirectConnect connection** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, update, or delete a Direct Connect connection between a network and a specific AWS Direct Connect location. Upon creation the connection may be added to a link aggregation group or established as a standalone connection. The connection may later be associated or disassociated with a link aggregation group. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bandwidth - -
    - string -
    -     		-
      Choices: -
    • 1Gbps
      • -
    • 10Gbps
      • -
    -     		-
    The bandwidth of the Direct Connect connection.
    -
    Required when state=present.
    -
    -
    - connection_id - -
    - string -
    -     		- -
    The ID of the Direct Connect connection.
    -
    Modifying attributes of a connection with forced_update will result in a new Direct Connect connection ID.
    -
    One of connection_id or name must be specified.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - forced_update - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
    -
    -
    - link_aggregation_group - -
    - string -
    -     		- -
    The ID of the link aggregation group you want to associate with the connection.
    -
    This is optional when a stand-alone connection is desired.
    -
    -
    - location - -
    - string -
    -     		- -
    Where the Direct Connect connection is located.
    -
    Required when state=present.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the Direct Connect connection. This is required to create a new connection.
    -
    One of connection_id or name must be specified.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    The state of the Direct Connect connection.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - # create a Direct Connect connection - - community.aws.aws_direct_connect_connection: - name: ansible-test-connection - state: present - location: EqDC2 - link_aggregation_group: dxlag-xxxxxxxx - bandwidth: 1Gbps - register: dc - - # disassociate the LAG from the connection - - community.aws.aws_direct_connect_connection: - state: present - connection_id: dc.connection.connection_id - location: EqDC2 - bandwidth: 1Gbps - - # replace the connection with one with more bandwidth - - community.aws.aws_direct_connect_connection: - state: present - name: ansible-test-connection - location: EqDC2 - bandwidth: 10Gbps - forced_update: True - - # delete the connection - - community.aws.aws_direct_connect_connection: - state: absent - name: ansible-test-connection - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - connection - -
    - complex -
    -     		state=present -
    The attributes of the direct connect connection.
    -
    -
      -
    - aws_device - -
    - string -
    -     		when the requested state is no longer 'requested' -
    The endpoint which the physical connection terminates on.
    -
    -
    Sample:
    -
    EqDC2-12pmo7hemtz1z
    -
      -
    - bandwidth - -
    - string -
    -     		always -
    The bandwidth of the connection.
    -
    -
    Sample:
    -
    1Gbps
    -
      -
    - connection_id - -
    - string -
    -     		always -
    The ID of the connection.
    -
    -
    Sample:
    -
    dxcon-ffy9ywed
    -
      -
    - connection_name - -
    - string -
    -     		always -
    The name of the connection.
    -
    -
    Sample:
    -
    ansible-test-connection
    -
      -
    - connection_state - -
    - string -
    -     		always -
    The state of the connection.
    -
    -
    Sample:
    -
    pending
    -
      -
    - loa_issue_time - -
    - string -
    -     		when the LOA-CFA has been issued (the connection state will no longer be 'requested') -
    The issue time of the connection's Letter of Authorization - Connecting Facility Assignment.
    -
    -
    Sample:
    -
    2018-03-20T17:36:26-04:00
    -
      -
    - location - -
    - string -
    -     		always -
    The location of the connection.
    -
    -
    Sample:
    -
    EqDC2
    -
      -
    - owner_account - -
    - string -
    -     		always -
    The account that owns the direct connect connection.
    -
    -
    Sample:
    -
    123456789012
    -
      -
    - region - -
    - string -
    -     		always -
    The region in which the connection exists.
    -
    -
    Sample:
    -
    us-east-1
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_gateway.rst b/docs/community.aws.aws_direct_connect_gateway.rst deleted file mode 100644 index e5615dfb917..00000000000 --- a/docs/community.aws.aws_direct_connect_gateway.rst +++ /dev/null @@ -1,457 +0,0 @@ -:orphan: - -.. _community.aws.aws_direct_connect_gateway_module: - - -**************************************** -community.aws.aws_direct_connect_gateway -**************************************** - -**Manage AWS Direct Connect gateway** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates AWS Direct Connect Gateway. -- Deletes AWS Direct Connect Gateway. -- Attaches Virtual Gateways to Direct Connect Gateway. -- Detaches Virtual Gateways to Direct Connect Gateway. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - amazon_asn - -
    - string -
    -     		- -
    The Amazon side ASN.
    -
    Required when state=present.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - direct_connect_gateway_id - -
    - string -
    -     		- -
    The ID of an existing Direct Connect Gateway.
    -
    Required when state=absent.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    Name of the Direct Connect Gateway to be created or deleted.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Set state=present to ensure a resource is created.
    -
    Set state=absent to remove a resource.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - virtual_gateway_id - -
    - string -
    -     		- -
    The VPN gateway ID of an existing virtual gateway.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    320
    -     		-
    How long to wait for the association to be deleted.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a new direct connect gateway attached to virtual private gateway - community.aws.aws_direct_connect_gateway: - state: present - name: my-dx-gateway - amazon_asn: 7224 - virtual_gateway_id: vpg-12345 - register: created_dxgw - - - name: Create a new unattached dxgw - community.aws.aws_direct_connect_gateway: - state: present - name: my-dx-gateway - amazon_asn: 7224 - register: created_dxgw - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - result - -
    - complex -
    -     		state=present -
    The attributes of the Direct Connect Gateway
    -
    -
      -
    - amazon_side_asn - -
    - string -
    -     		-
    ASN on the amazon side.
    -
    -
      -
    - direct_connect_gateway_id - -
    - string -
    -     		-
    The ID of the direct connect gateway.
    -
    -
      -
    - direct_connect_gateway_name - -
    - string -
    -     		-
    The name of the direct connect gateway.
    -
    -
      -
    - direct_connect_gateway_state - -
    - string -
    -     		-
    The state of the direct connect gateway.
    -
    -
      -
    - owner_account - -
    - string -
    -     		-
    The AWS account ID of the owner of the direct connect gateway.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Gobin Sougrakpam (@gobins) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group.rst deleted file mode 100644 index 56ad8b10b2e..00000000000 --- a/docs/community.aws.aws_direct_connect_link_aggregation_group.rst +++ /dev/null @@ -1,645 +0,0 @@ -:orphan: - -.. _community.aws.aws_direct_connect_link_aggregation_group_module: - - -******************************************************* -community.aws.aws_direct_connect_link_aggregation_group -******************************************************* - -**Manage Direct Connect LAG bundles** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, delete, or modify a Direct Connect link aggregation group. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bandwidth - -
    - string -
    -     		- -
    The bandwidth of the link aggregation group.
    -
    -
    - connection_id - -
    - string -
    -     		- -
    A connection ID to link with the link aggregation group upon creation.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delete_with_disassociation - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    To be used with state=absent to delete connections after disassociating them with the LAG.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - force_delete - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
    -
    -
    - link_aggregation_group_id - -
    - string -
    -     		- -
    The ID of the Direct Connect link aggregation group.
    -
    -
    - location - -
    - string -
    -     		- -
    The location of the link aggregation group.
    -
    -
    - min_links - -
    - integer -
    -     		- -
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the Direct Connect link aggregation group.
    -
    -
    - num_connections - -
    - integer -
    -     		- -
    The number of connections with which to initialize the link aggregation group.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    The state of the Direct Connect link aggregation group.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the operation to complete.
    -
    May be useful when waiting for virtual interfaces to be deleted.
    -
    The time to wait can be controlled by setting wait_timeout.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    120
    -     		-
    The duration in seconds to wait if wait=true.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - # create a Direct Connect connection - - community.aws.aws_direct_connect_link_aggregation_group: - state: present - location: EqDC2 - lag_id: dxlag-xxxxxxxx - bandwidth: 1Gbps - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - aws_device - -
    - string -
    -     		when state=present -
    The AWS Direct Connection endpoint that hosts the LAG.
    -
    -
    Sample:
    -
    EqSe2-1bwfvazist2k0
    -
    -
    - changed - -
    - string -
    -     		always -
    Whether or not the LAG has changed.
    -
    -
    -
    - connections - -
    - list -
    -     		when state=present -
    A list of connections bundled by this LAG.
    -
    -
    Sample:
    -
    {'connections': [{'aws_device': 'EqSe2-1bwfvazist2k0', 'bandwidth': '1Gbps', 'connection_id': 'dxcon-fgzjah5a', 'connection_name': 'Requested Connection 1 for Lag dxlag-fgtoh97h', 'connection_state': 'down', 'lag_id': 'dxlag-fgnsp4rq', 'location': 'EqSe2', 'owner_account': '448830907657', 'region': 'us-west-2'}]}
    -
    -
    - connections_bandwidth - -
    - string -
    -     		when state=present -
    The individual bandwidth of the physical connections bundled by the LAG.
    -
    -
    Sample:
    -
    1Gbps
    -
    -
    - lag_id - -
    - string -
    -     		when state=present -
    Unique identifier for the link aggregation group.
    -
    -
    Sample:
    -
    dxlag-fgnsp4rq
    -
    -
    - lag_name - -
    - string -
    -     		when state=present -
    User-provided name for the link aggregation group.
    -
    -
    -
    - lag_state - -
    - string -
    -     		when state=present -
    State of the LAG.
    -
    -
    Sample:
    -
    pending
    -
    -
    - location - -
    - string -
    -     		when state=present -
    Where the connection is located.
    -
    -
    Sample:
    -
    EqSe2
    -
    -
    - minimum_links - -
    - integer -
    -     		when state=present -
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    -
    -
    -
    - number_of_connections - -
    - integer -
    -     		when state=present -
    The number of physical connections bundled by the LAG.
    -
    -
    -
    - owner_account - -
    - string -
    -     		when state=present -
    Owner account ID of the LAG.
    -
    -
    -
    - region - -
    - string -
    -     		when state=present -
    The region in which the LAG exists.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_direct_connect_virtual_interface.rst b/docs/community.aws.aws_direct_connect_virtual_interface.rst deleted file mode 100644 index 6eb62085160..00000000000 --- a/docs/community.aws.aws_direct_connect_virtual_interface.rst +++ /dev/null @@ -1,910 +0,0 @@ -:orphan: - -.. _community.aws.aws_direct_connect_virtual_interface_module: - - -************************************************** -community.aws.aws_direct_connect_virtual_interface -************************************************** - -**Manage Direct Connect virtual interfaces** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, delete, or modify a Direct Connect public or private virtual interface. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - address_type - -
    - string -
    -     		- -
    The type of IP address for the BGP peer.
    -
    -
    - amazon_address - -
    - string -
    -     		- -
    The amazon address CIDR with which to create the virtual interface.
    -
    -
    - authentication_key - -
    - string -
    -     		- -
    The authentication key for BGP configuration.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bgp_asn - -
    - integer -
    -     		- Default:
    65000
    -     		-
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    -
    -
    - cidr - -
    - list - / elements=string
    -     		- -
    A list of route filter prefix CIDRs with which to create the public virtual interface.
    -
    -
    - customer_address - -
    - string -
    -     		- -
    The customer address CIDR with which to create the virtual interface.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - id_to_associate - -
    - string - / required
    -     		- -
    The ID of the link aggregation group or connection to associate with the virtual interface.
    -

    aliases: link_aggregation_group_id, connection_id
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the virtual interface.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - public - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The type of virtual interface.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    The desired state of the Direct Connect virtual interface.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - virtual_gateway_id - -
    - string -
    -     		- -
    The virtual gateway ID required for creating a private virtual interface.
    -
    -
    - virtual_interface_id - -
    - string -
    -     		- -
    The virtual interface ID.
    -
    -
    - vlan - -
    - integer -
    -     		- Default:
    100
    -     		-
    The VLAN ID.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - - name: create an association between a LAG and connection - community.aws.aws_direct_connect_virtual_interface: - state: present - name: "{{ name }}" - link_aggregation_group_id: LAG-XXXXXXXX - connection_id: dxcon-XXXXXXXX - - - name: remove an association between a connection and virtual interface - community.aws.aws_direct_connect_virtual_interface: - state: absent - connection_id: dxcon-XXXXXXXX - virtual_interface_id: dxv-XXXXXXXX - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - address_family - -
    - string -
    -     		always -
    The address family for the BGP peer.
    -
    -
    Sample:
    -
    ipv4
    -
    -
    - amazon_address - -
    - string -
    -     		always -
    IP address assigned to the Amazon interface.
    -
    -
    Sample:
    -
    169.254.255.1/30
    -
    -
    - asn - -
    - integer -
    -     		always -
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    -
    -
    Sample:
    -
    65000
    -
    -
    - auth_key - -
    - string -
    -     		always -
    The authentication key for BGP configuration.
    -
    -
    Sample:
    -
    0xZ59Y1JZ2oDOSh6YriIlyRE
    -
    -
    - bgp_peers - -
    - complex -
    -     		always -
    A list of the BGP peers configured on this virtual interface.
    -
    -
      -
    - address_family - -
    - string -
    -     		always -
    The address family for the BGP peer.
    -
    -
    Sample:
    -
    ipv4
    -
      -
    - amazon_address - -
    - string -
    -     		always -
    IP address assigned to the Amazon interface.
    -
    -
    Sample:
    -
    169.254.255.1/30
    -
      -
    - asn - -
    - integer -
    -     		always -
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    -
    -
    Sample:
    -
    65000
    -
      -
    - auth_key - -
    - string -
    -     		always -
    The authentication key for BGP configuration.
    -
    -
    Sample:
    -
    0xZ59Y1JZ2oDOSh6YriIlyRE
    -
      -
    - bgp_peer_state - -
    - string -
    -     		always -
    The state of the BGP peer (verifying, pending, available)
    -
    -
    Sample:
    -
    available
    -
      -
    - bgp_status - -
    - string -
    -     		always -
    The up/down state of the BGP peer.
    -
    -
    Sample:
    -
    up
    -
      -
    - customer_address - -
    - string -
    -     		always -
    IP address assigned to the customer interface.
    -
    -
    Sample:
    -
    169.254.255.2/30
    -
    -
    - changed - -
    - boolean -
    -     		always -
    Indicated if the virtual interface has been created/modified/deleted
    -
    -
    -
    - connection_id - -
    - string -
    -     		always -
    The ID of the connection. This field is also used as the ID type for operations that use multiple connection types (LAG, interconnect, and/or connection).
    -
    -
    Sample:
    -
    dxcon-fgb175av
    -
    -
    - customer_address - -
    - string -
    -     		always -
    IP address assigned to the customer interface.
    -
    -
    Sample:
    -
    169.254.255.2/30
    -
    -
    - customer_router_config - -
    - string -
    -     		always -
    Information for generating the customer router configuration.
    -
    -
    -
    - location - -
    - string -
    -     		always -
    Where the connection is located.
    -
    -
    Sample:
    -
    EqDC2
    -
    -
    - owner_account - -
    - string -
    -     		always -
    The AWS account that will own the new virtual interface.
    -
    -
    Sample:
    -
    123456789012
    -
    -
    - route_filter_prefixes - -
    - complex -
    -     		always -
    A list of routes to be advertised to the AWS network in this region (public virtual interface).
    -
    -
      -
    - cidr - -
    - string -
    -     		always -
    A routes to be advertised to the AWS network in this region.
    -
    -
    Sample:
    -
    54.227.92.216/30
    -
    -
    - virtual_gateway_id - -
    - string -
    -     		when public=False -
    The ID of the virtual private gateway to a VPC. This only applies to private virtual interfaces.
    -
    -
    Sample:
    -
    vgw-f3ce259a
    -
    -
    - virtual_interface_id - -
    - string -
    -     		always -
    The ID of the virtual interface.
    -
    -
    Sample:
    -
    dxvif-fh0w7cex
    -
    -
    - virtual_interface_name - -
    - string -
    -     		always -
    The name of the virtual interface assigned by the customer.
    -
    -
    Sample:
    -
    test_virtual_interface
    -
    -
    - virtual_interface_state - -
    - string -
    -     		always -
    State of the virtual interface (confirming, verifying, pending, available, down, rejected).
    -
    -
    Sample:
    -
    available
    -
    -
    - virtual_interface_type - -
    - string -
    -     		always -
    The type of virtual interface (private, public).
    -
    -
    Sample:
    -
    private
    -
    -
    - vlan - -
    - integer -
    -     		always -
    The VLAN ID.
    -
    -
    Sample:
    -
    100
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_eks_cluster.rst b/docs/community.aws.aws_eks_cluster.rst deleted file mode 100644 index 0ae14e2756a..00000000000 --- a/docs/community.aws.aws_eks_cluster.rst +++ /dev/null @@ -1,615 +0,0 @@ -:orphan: - -.. _community.aws.aws_eks_cluster_module: - - -***************************** -community.aws.aws_eks_cluster -***************************** - -**Manage Elastic Kubernetes Service Clusters** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage Elastic Kubernetes Service Clusters - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of EKS cluster
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string -
    -     		- -
    ARN of IAM role used by the EKS cluster
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    list of security group names or IDs
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    desired state of the EKS cluster
    -
    -
    - subnets - -
    - list - / elements=string
    -     		- -
    list of subnet IDs for the Kubernetes cluster
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - version - -
    - string -
    -     		- -
    Kubernetes version - defaults to latest
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether the module waits until the cluster is active or deleted before moving on. It takes "usually less than 10 minutes" per AWS documentation.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    1200
    -     		-
    The duration in seconds to wait for the cluster to become active. Defaults to 1200 seconds (20 minutes).
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create an EKS cluster - community.aws.aws_eks_cluster: - name: my_cluster - version: 1.14 - role_arn: my_eks_role - subnets: - - subnet-aaaa1111 - security_groups: - - my_eks_sg - - sg-abcd1234 - register: caller_facts - - - name: Remove an EKS cluster - community.aws.aws_eks_cluster: - name: my_cluster - wait: yes - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - arn - -
    - string -
    -     		when state is present -
    ARN of the EKS cluster
    -
    -
    Sample:
    -
    arn:aws:eks:us-west-2:111111111111:cluster/my-eks-cluster
    -
    -
    - certificate_authority - -
    - complex -
    -     		after creation -
    Dictionary containing Certificate Authority Data for cluster
    -
    -
      -
    - data - -
    - string -
    -     		when the cluster has been created and is active -
    Base-64 encoded Certificate Authority Data for cluster
    -
    -
    -
    - created_at - -
    - string -
    -     		when state is present -
    Cluster creation date and time
    -
    -
    Sample:
    -
    2018-06-06T11:56:56.242000+00:00
    -
    -
    - endpoint - -
    - string -
    -     		when the cluster has been created and is active -
    Kubernetes API server endpoint
    -
    -
    Sample:
    -
    https://API_SERVER_ENDPOINT.yl4.us-west-2.eks.amazonaws.com
    -
    -
    - name - -
    - string -
    -     		when state is present -
    EKS cluster name
    -
    -
    Sample:
    -
    my-eks-cluster
    -
    -
    - resources_vpc_config - -
    - complex -
    -     		when state is present -
    VPC configuration of the cluster
    -
    -
      -
    - security_group_ids - -
    - list -
    -     		always -
    List of security group IDs
    -
    -
    Sample:
    -
    ['sg-abcd1234', 'sg-aaaa1111']
    -
      -
    - subnet_ids - -
    - list -
    -     		always -
    List of subnet IDs
    -
    -
    Sample:
    -
    ['subnet-abcdef12', 'subnet-345678ab', 'subnet-cdef1234']
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    VPC id
    -
    -
    Sample:
    -
    vpc-a1b2c3d4
    -
    -
    - role_arn - -
    - string -
    -     		when state is present -
    ARN of the IAM role used by the cluster
    -
    -
    Sample:
    -
    arn:aws:iam::111111111111:role/aws_eks_cluster_role
    -
    -
    - status - -
    - string -
    -     		when state is present -
    status of the EKS cluster
    -
    -
    Sample:
    -
    ['CREATING', 'ACTIVE']
    -
    -
    - version - -
    - string -
    -     		when state is present -
    Kubernetes version of the cluster
    -
    -
    Sample:
    -
    1.10
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_elasticbeanstalk_app.rst b/docs/community.aws.aws_elasticbeanstalk_app.rst deleted file mode 100644 index fe7ac89178b..00000000000 --- a/docs/community.aws.aws_elasticbeanstalk_app.rst +++ /dev/null @@ -1,359 +0,0 @@ -:orphan: - -.. _community.aws.aws_elasticbeanstalk_app_module: - - -************************************** -community.aws.aws_elasticbeanstalk_app -************************************** - -**Create, update, and delete an elastic beanstalk application** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, updates, deletes beanstalk applications if app_name is provided. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - app_name - -
    - string -
    -     		- -
    Name of the beanstalk application you wish to manage.
    -

    aliases: name
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    The description of the application.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    Whether to ensure the application is present or absent.
    -
    -
    - terminate_by_force - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When terminate_by_force=true, running environments will be terminated before deleting the application.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Create or update an application - - community.aws.aws_elasticbeanstalk_app: - app_name: Sample_App - description: "Hello World App" - state: present - - # Delete application - - community.aws.aws_elasticbeanstalk_app: - app_name: Sample_App - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - app - -
    - dictionary -
    -     		always -
    Beanstalk application.
    -
    -
    Sample:
    -
    {'ApplicationName': 'app-name', 'ConfigurationTemplates': [], 'DateCreated': '2016-12-28T14:50:03.185000+00:00', 'DateUpdated': '2016-12-28T14:50:03.185000+00:00', 'Description': 'description', 'Versions': ['1.0.0', '1.0.1']}
    -
    -
    - output - -
    - string -
    -     		in check mode -
    Message indicating what change will occur.
    -
    -
    Sample:
    -
    App is up-to-date
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Harpreet Singh (@hsingh) -- Stephen Granger (@viper233) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_glue_connection.rst b/docs/community.aws.aws_glue_connection.rst deleted file mode 100644 index 5c4efd0ae39..00000000000 --- a/docs/community.aws.aws_glue_connection.rst +++ /dev/null @@ -1,539 +0,0 @@ -:orphan: - -.. _community.aws.aws_glue_connection_module: - - -********************************* -community.aws.aws_glue_connection -********************************* - -**Manage an AWS Glue connection** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS Glue connection. See https://aws.amazon.com/glue/ for details. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - catalog_id - -
    - string -
    -     		- -
    The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.
    -
    -
    - connection_properties - -
    - dictionary -
    -     		- -
    A dict of key-value pairs used as parameters for this connection.
    -
    Required when state=present.
    -
    -
    - connection_type - -
    - string -
    -     		-
      Choices: -
    • JDBC ←
      • -
    • SFTP
      • -
    -     		-
    The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    The description of the connection.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - match_criteria - -
    - list - / elements=string
    -     		- -
    A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the connection.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    A list of security groups to be used by the connection. Use either security group name or ID.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or delete the AWS Glue connection.
    -
    -
    - subnet_id - -
    - string -
    -     		- -
    The subnet ID used by the connection.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Create an AWS Glue connection - - community.aws.aws_glue_connection: - name: my-glue-connection - connection_properties: - JDBC_CONNECTION_URL: jdbc:mysql://mydb:3306/databasename - USERNAME: my-username - PASSWORD: my-password - state: present - - # Delete an AWS Glue connection - - community.aws.aws_glue_connection: - name: my-glue-connection - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - connection_properties - -
    - dictionary -
    -     		when state is present -
    A dict of key-value pairs used as parameters for this connection.
    -
    -
    Sample:
    -
    {'JDBC_CONNECTION_URL': 'jdbc:mysql://mydb:3306/databasename', 'USERNAME': 'x', 'PASSWORD': 'y'}
    -
    -
    - connection_type - -
    - string -
    -     		when state is present -
    The type of the connection.
    -
    -
    Sample:
    -
    JDBC
    -
    -
    - creation_time - -
    - string -
    -     		when state is present -
    The time this connection definition was created.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    -
    -
    - description - -
    - string -
    -     		when state is present -
    Description of the job being defined.
    -
    -
    Sample:
    -
    My first Glue job
    -
    -
    - last_updated_time - -
    - string -
    -     		when state is present -
    The last time this connection definition was updated.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    -
    -
    - match_criteria - -
    - list -
    -     		when state is present -
    A list of criteria that can be used in selecting this connection.
    -
    -
    -
    - name - -
    - string -
    -     		when state is present -
    The name of the connection definition.
    -
    -
    Sample:
    -
    my-glue-connection
    -
    -
    - physical_connection_requirements - -
    - dictionary -
    -     		when state is present -
    A dict of physical connection requirements, such as VPC and SecurityGroup, needed for making this connection successfully.
    -
    -
    Sample:
    -
    {'subnet-id': 'subnet-aabbccddee'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_glue_job.rst b/docs/community.aws.aws_glue_job.rst deleted file mode 100644 index 6323f1071ce..00000000000 --- a/docs/community.aws.aws_glue_job.rst +++ /dev/null @@ -1,719 +0,0 @@ -:orphan: - -.. _community.aws.aws_glue_job_module: - - -************************** -community.aws.aws_glue_job -************************** - -**Manage an AWS Glue job** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS Glue job. See https://aws.amazon.com/glue/ for details. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - allocated_capacity - -
    - integer -
    -     		- -
    The number of AWS Glue data processing units (DPUs) to allocate to this Job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - command_name - -
    - string -
    -     		- Default:
    "glueetl"
    -     		-
    The name of the job command. This must be 'glueetl'.
    -
    -
    - command_script_location - -
    - string -
    -     		- -
    The S3 path to a script that executes a job.
    -
    Required when state=present.
    -
    -
    - connections - -
    - list - / elements=string
    -     		- -
    A list of Glue connections used for this job.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - default_arguments - -
    - dictionary -
    -     		- -
    A dict of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.
    -
    -
    - description - -
    - string -
    -     		- -
    Description of the job being defined.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - max_concurrent_runs - -
    - integer -
    -     		- -
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    -
    -
    - max_retries - -
    - integer -
    -     		- -
    The maximum number of times to retry this job if it fails.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name you assign to this job definition. It must be unique in your account.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role - -
    - string -
    -     		- -
    The name or ARN of the IAM role associated with this job.
    -
    Required when state=present.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or delete the AWS Glue job.
    -
    -
    - timeout - -
    - integer -
    -     		- -
    The job timeout in minutes.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Create an AWS Glue job - - community.aws.aws_glue_job: - command_script_location: s3bucket/script.py - name: my-glue-job - role: my-iam-role - state: present - - # Delete an AWS Glue job - - community.aws.aws_glue_job: - name: my-glue-job - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - allocated_capacity - -
    - integer -
    -     		when state is present -
    The number of AWS Glue data processing units (DPUs) allocated to runs of this job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    -
    -
    Sample:
    -
    10
    -
    -
    - command - -
    - complex -
    -     		when state is present -
    The JobCommand that executes this job.
    -
    -
      -
    - name - -
    - string -
    -     		when state is present -
    The name of the job command.
    -
    -
    Sample:
    -
    glueetl
    -
      -
    - script_location - -
    - string -
    -     		when state is present -
    Specifies the S3 path to a script that executes a job.
    -
    -
    Sample:
    -
    mybucket/myscript.py
    -
    -
    - connections - -
    - dictionary -
    -     		when state is present -
    The connections used for this job.
    -
    -
    Sample:
    -
    { Connections: [ 'list', 'of', 'connections' ] }
    -
    -
    - created_on - -
    - string -
    -     		when state is present -
    The time and date that this job definition was created.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    -
    -
    - default_arguments - -
    - dictionary -
    -     		when state is present -
    The default arguments for this job, specified as name-value pairs.
    -
    -
    Sample:
    -
    { 'mykey1': 'myvalue1' }
    -
    -
    - description - -
    - string -
    -     		when state is present -
    Description of the job being defined.
    -
    -
    Sample:
    -
    My first Glue job
    -
    -
    - execution_property - -
    - complex -
    -     		always -
    An ExecutionProperty specifying the maximum number of concurrent runs allowed for this job.
    -
    -
      -
    - max_concurrent_runs - -
    - integer -
    -     		when state is present -
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    -
    -
    Sample:
    -
    1
    -
    -
    - job_name - -
    - string -
    -     		always -
    The name of the AWS Glue job.
    -
    -
    Sample:
    -
    my-glue-job
    -
    -
    - last_modified_on - -
    - string -
    -     		when state is present -
    The last point in time when this job definition was modified.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    -
    -
    - max_retries - -
    - integer -
    -     		when state is present -
    The maximum number of times to retry this job after a JobRun fails.
    -
    -
    Sample:
    -
    5
    -
    -
    - name - -
    - string -
    -     		when state is present -
    The name assigned to this job definition.
    -
    -
    Sample:
    -
    my-glue-job
    -
    -
    - role - -
    - string -
    -     		when state is present -
    The name or ARN of the IAM role associated with this job.
    -
    -
    Sample:
    -
    my-iam-role
    -
    -
    - timeout - -
    - integer -
    -     		when state is present -
    The job timeout in minutes.
    -
    -
    Sample:
    -
    300
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_inspector_target.rst b/docs/community.aws.aws_inspector_target.rst deleted file mode 100644 index dfb5d551a9c..00000000000 --- a/docs/community.aws.aws_inspector_target.rst +++ /dev/null @@ -1,415 +0,0 @@ -:orphan: - -.. _community.aws.aws_inspector_target_module: - - -********************************** -community.aws.aws_inspector_target -********************************** - -**Create, Update and Delete Amazon Inspector Assessment Targets** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, updates, or deletes Amazon Inspector Assessment Targets and manages the required Resource Groups. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The user-defined name that identifies the assessment target. The name must be unique within the AWS account.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    The state of the assessment target.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Tags of the EC2 instances to be added to the assessment target.
    -
    Required if state=present.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create my_target Assessment Target - community.aws.aws_inspector_target: - name: my_target - tags: - role: scan_target - - - name: Update Existing my_target Assessment Target with Additional Tags - community.aws.aws_inspector_target: - name: my_target - tags: - env: dev - role: scan_target - - - name: Delete my_target Assessment Target - community.aws.aws_inspector_target: - name: my_target - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - arn - -
    - string -
    -     		success -
    The ARN that specifies the Amazon Inspector assessment target.
    -
    -
    Sample:
    -
    arn:aws:inspector:eu-west-1:123456789012:target/0-O4LnL7n1
    -
    -
    - created_at - -
    - string -
    -     		success -
    The time at which the assessment target was created.
    -
    -
    Sample:
    -
    2018-01-29T13:48:51.958000+00:00
    -
    -
    - name - -
    - string -
    -     		success -
    The name of the Amazon Inspector assessment target.
    -
    -
    Sample:
    -
    my_target
    -
    -
    - resource_group_arn - -
    - string -
    -     		success -
    The ARN that specifies the resource group that is associated with the assessment target.
    -
    -
    Sample:
    -
    arn:aws:inspector:eu-west-1:123456789012:resourcegroup/0-qY4gDel8
    -
    -
    - tags - -
    - list -
    -     		success -
    The tags of the resource group that is associated with the assessment target.
    -
    -
    Sample:
    -
    {'role': 'scan_target', 'env': 'dev'}
    -
    -
    - updated_at - -
    - string -
    -     		success -
    The time at which the assessment target was last updated.
    -
    -
    Sample:
    -
    2018-01-29T13:48:51.958000+00:00
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Dennis Conrad (@dennisconrad) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_kms.rst b/docs/community.aws.aws_kms.rst deleted file mode 100644 index d8231c77ad6..00000000000 --- a/docs/community.aws.aws_kms.rst +++ /dev/null @@ -1,1088 +0,0 @@ -:orphan: - -.. _community.aws.aws_kms_module: - - -********************* -community.aws.aws_kms -********************* - -**Perform various KMS management tasks.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage role/user access to a KMS key. Not designed for encrypting/decrypting. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - alias - -
    - string -
    -     		- -
    An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use community.aws.aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.
    -

    aliases: key_alias
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - enable_key_rotation - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the key should be automatically rotated every year.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not a key is enabled
    -
    -
    - grants - -
    - list - / elements=dictionary
    -     		- -
    A list of grants to apply to the key. Each item must contain grantee_principal. Each item can optionally contain retiring_principal, operations, constraints, name.
    -
    grantee_principal and retiring_principal must be ARNs
    -
    For full documentation of suboptions see the boto3 documentation:
    - -
    -
    - constraints - -
    - dictionary -
    -     		- -
    Constraints is a dict containing encryption_context_subset or encryption_context_equals, either or both being a dict specifying an encryption context match. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html or https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant
    -
    -
    - grantee_principal - -
    - string - / required
    -     		- -
    The full ARN of the principal being granted permissions.
    -
    -
    - operations - -
    - list - / elements=string
    -     		-
      Choices: -
    • Decrypt
      • -
    • Encrypt
      • -
    • GenerateDataKey
      • -
    • GenerateDataKeyWithoutPlaintext
      • -
    • ReEncryptFrom
      • -
    • ReEncryptTo
      • -
    • CreateGrant
      • -
    • RetireGrant
      • -
    • DescribeKey
      • -
    • Verify
      • -
    • Sign
      • -
    -     		-
    A list of operations that the grantee may perform using the CMK.
    -
    -
    - retiring_principal - -
    - string -
    -     		- -
    The full ARN of the principal permitted to revoke/retire the grant.
    -
    -
    - key_id - -
    - string -
    -     		- -
    Key ID or ARN of the key.
    -
    One of alias or key_id are required.
    -

    aliases: key_arn
    -
    -
    - policy - -
    - json -
    -     		- -
    policy to apply to the KMS key.
    - -
    -
    - policy_clean_invalid_entries - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    (deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
    -
    Only cleans if changes are being made.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: clean_invalid_entries
    -
    -
    - policy_grant_types - -
    - list - / elements=string
    -     		- -
    (deprecated) List of grants to give to user/role. Likely "role,role grant" or "role,role grant,admin".
    -
    Required when policy_mode=grant.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: grant_types
    -
    -
    - policy_mode - -
    - string -
    -     		-
      Choices: -
    • grant ←
      • -
    • deny
      • -
    -     		-
    (deprecated) Grant or deny access.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: mode
    -
    -
    - policy_role_arn - -
    - string -
    -     		- -
    (deprecated) ARN of role to allow/deny access.
    -
    One of policy_role_name or policy_role_arn are required.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: role_arn
    -
    -
    - policy_role_name - -
    - string -
    -     		- -
    (deprecated) Role to allow/deny access.
    -
    One of policy_role_name or policy_role_arn are required.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: role_name
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_grants - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the grants argument should cause grants not in the list to be removed
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the tags argument should cause tags not in the list to be removed
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether a key should be present or absent. Note that making an existing key absent only schedules a key for deletion. Passing a key that is scheduled for deletion with state present will cancel key deletion.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of tags to apply to a key.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile - # and has been deprecated in favour of the policy option. - - name: grant user-style access to production secrets - community.aws.aws_kms: - args: - alias: "alias/my_production_secrets" - policy_mode: grant - policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" - policy_grant_types: "role,role grant" - - name: remove access to production secrets from role - community.aws.aws_kms: - args: - alias: "alias/my_production_secrets" - policy_mode: deny - policy_role_name: "prod-appServerRole-1R5AQG2BSEL6L" - - # Create a new KMS key - - community.aws.aws_kms: - alias: mykey - tags: - Name: myKey - Purpose: protect_stuff - - # Update previous key with more tags - - community.aws.aws_kms: - alias: mykey - tags: - Name: myKey - Purpose: protect_stuff - Owner: security_team - - # Update a known key with grants allowing an instance with the billing-prod IAM profile - # to decrypt data encrypted with the environment: production, application: billing - # encryption context - - community.aws.aws_kms: - key_id: abcd1234-abcd-1234-5678-ef1234567890 - grants: - - name: billing_prod - grantee_principal: arn:aws:iam::1234567890123:role/billing_prod - constraints: - encryption_context_equals: - environment: production - application: billing - operations: - - Decrypt - - RetireGrant - - - name: Update IAM policy on an existing KMS key - community.aws.aws_kms: - alias: my-kms-key - policy: '{"Version": "2012-10-17", "Id": "my-kms-key-permissions", "Statement": [ { } ]}' - state: present - - - name: Example using lookup for policy json - community.aws.aws_kms: - alias: my-kms-key - policy: "{{ lookup('template', 'kms_iam_policy_template.json.j2') }}" - state: present - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - aliases - -
    - list -
    -     		always -
    list of aliases associated with the key
    -
    -
    Sample:
    -
    ['aws/acm', 'aws/ebs']
    -
    -
    - aws_account_id - -
    - string -
    -     		always -
    The AWS Account ID that the key belongs to
    -
    -
    Sample:
    -
    1234567890123
    -
    -
    - changes_needed - -
    - dictionary -
    -     		always -
    grant types that would be changed/were changed.
    -
    -
    Sample:
    -
    {'role': 'add', 'role grant': 'add'}
    -
    -
    - creation_date - -
    - string -
    -     		always -
    Date of creation of the key
    -
    -
    Sample:
    -
    2017-04-18T15:12:08.551000+10:00
    -
    -
    - description - -
    - string -
    -     		always -
    Description of the key
    -
    -
    Sample:
    -
    My Key for Protecting important stuff
    -
    -
    - enabled - -
    - string -
    -     		always -
    Whether the key is enabled. True if KeyState is true.
    -
    -
    -
    - grants - -
    - complex -
    -     		always -
    list of grants associated with a key
    -
    -
      -
    - constraints - -
    - dictionary -
    -     		always -
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    -
    -
    Sample:
    -
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    -
      -
    - creation_date - -
    - string -
    -     		always -
    Date of creation of the grant
    -
    -
    Sample:
    -
    2017-04-18T15:12:08+10:00
    -
      -
    - grant_id - -
    - string -
    -     		always -
    The unique ID for the grant
    -
    -
    Sample:
    -
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    -
      -
    - grantee_principal - -
    - string -
    -     		always -
    The principal that receives the grant's permissions
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    -
      -
    - issuing_account - -
    - string -
    -     		always -
    The AWS account under which the grant was issued
    -
    -
    Sample:
    -
    arn:aws:iam::01234567890:root
    -
      -
    - key_id - -
    - string -
    -     		always -
    The key ARN to which the grant applies.
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    -
      -
    - name - -
    - string -
    -     		always -
    The friendly name that identifies the grant
    -
    -
    Sample:
    -
    xyz
    -
      -
    - operations - -
    - list -
    -     		always -
    The list of operations permitted by the grant
    -
    -
    Sample:
    -
    ['Decrypt', 'RetireGrant']
    -
      -
    - retiring_principal - -
    - string -
    -     		always -
    The principal that can retire the grant
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    -
    -
    - had_invalid_entries - -
    - boolean -
    -     		always -
    there are invalid (non-ARN) entries in the KMS entry. These don't count as a change, but will be removed if any changes are being made.
    -
    -
    -
    - key_arn - -
    - string -
    -     		always -
    ARN of key
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    -
    -
    - key_id - -
    - string -
    -     		always -
    ID of key
    -
    -
    Sample:
    -
    abcd1234-abcd-1234-5678-ef1234567890
    -
    -
    - key_state - -
    - string -
    -     		always -
    The state of the key
    -
    -
    Sample:
    -
    PendingDeletion
    -
    -
    - key_usage - -
    - string -
    -     		always -
    The cryptographic operations for which you can use the key.
    -
    -
    Sample:
    -
    ENCRYPT_DECRYPT
    -
    -
    - origin - -
    - string -
    -     		always -
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    -
    -
    Sample:
    -
    AWS_KMS
    -
    -
    - policies - -
    - list -
    -     		always -
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    -
    -
    Sample:
    -
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    -
    -
    - tags - -
    - dictionary -
    -     		always -
    dictionary of tags applied to the key
    -
    -
    Sample:
    -
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ted Timmons (@tedder) -- Will Thames (@willthames) -- Mark Chappell (@tremble) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_kms_info.rst b/docs/community.aws.aws_kms_info.rst deleted file mode 100644 index 75afa4074a3..00000000000 --- a/docs/community.aws.aws_kms_info.rst +++ /dev/null @@ -1,727 +0,0 @@ -:orphan: - -.. _community.aws.aws_kms_info_module: - - -************************** -community.aws.aws_kms_info -************************** - -**Gather information about AWS KMS keys** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about AWS KMS keys including tags and grants -- This module was called ``aws_kms_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (tag-key, tag-value and tag:tagName) are available, as are key-id and alias
    -
    -
    - pending_deletion - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to get full details (tags, grants etc.) of keys pending deletion
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Gather information about all KMS keys - - community.aws.aws_kms_info: - - # Gather information about all keys with a Name tag - - community.aws.aws_kms_info: - filters: - tag-key: Name - - # Gather information about all keys with a specific name - - community.aws.aws_kms_info: - filters: - "tag:Name": Example - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - keys - -
    - complex -
    -     		always -
    list of keys
    -
    -
      -
    - aliases - -
    - list -
    -     		always -
    list of aliases associated with the key
    -
    -
    Sample:
    -
    ['aws/acm', 'aws/ebs']
    -
      -
    - aws_account_id - -
    - string -
    -     		always -
    The AWS Account ID that the key belongs to
    -
    -
    Sample:
    -
    1234567890123
    -
      -
    - creation_date - -
    - string -
    -     		always -
    Date of creation of the key
    -
    -
    Sample:
    -
    2017-04-18T15:12:08.551000+10:00
    -
      -
    - description - -
    - string -
    -     		always -
    Description of the key
    -
    -
    Sample:
    -
    My Key for Protecting important stuff
    -
      -
    - enable_key_rotation - -
    - boolean -
    -     		always -
    Whether the automatically key rotation every year is enabled.
    -
    -
      -
    - enabled - -
    - string -
    -     		always -
    Whether the key is enabled. True if KeyState is true.
    -
    -
      -
    - grants - -
    - complex -
    -     		always -
    list of grants associated with a key
    -
    -
       -
    - constraints - -
    - dictionary -
    -     		always -
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    -
    -
    Sample:
    -
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    -
       -
    - creation_date - -
    - string -
    -     		always -
    Date of creation of the grant
    -
    -
    Sample:
    -
    2017-04-18T15:12:08+10:00
    -
       -
    - grant_id - -
    - string -
    -     		always -
    The unique ID for the grant
    -
    -
    Sample:
    -
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    -
       -
    - grantee_principal - -
    - string -
    -     		always -
    The principal that receives the grant's permissions
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    -
       -
    - issuing_account - -
    - string -
    -     		always -
    The AWS account under which the grant was issued
    -
    -
    Sample:
    -
    arn:aws:iam::01234567890:root
    -
       -
    - key_id - -
    - string -
    -     		always -
    The key ARN to which the grant applies.
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    -
       -
    - name - -
    - string -
    -     		always -
    The friendly name that identifies the grant
    -
    -
    Sample:
    -
    xyz
    -
       -
    - operations - -
    - list -
    -     		always -
    The list of operations permitted by the grant
    -
    -
    Sample:
    -
    ['Decrypt', 'RetireGrant']
    -
       -
    - retiring_principal - -
    - string -
    -     		always -
    The principal that can retire the grant
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    -
      -
    - key_arn - -
    - string -
    -     		always -
    ARN of key
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    -
      -
    - key_id - -
    - string -
    -     		always -
    ID of key
    -
    -
    Sample:
    -
    abcd1234-abcd-1234-5678-ef1234567890
    -
      -
    - key_state - -
    - string -
    -     		always -
    The state of the key
    -
    -
    Sample:
    -
    PendingDeletion
    -
      -
    - key_usage - -
    - string -
    -     		always -
    The cryptographic operations for which you can use the key.
    -
    -
    Sample:
    -
    ENCRYPT_DECRYPT
    -
      -
    - origin - -
    - string -
    -     		always -
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    -
    -
    Sample:
    -
    AWS_KMS
    -
      -
    - policies - -
    - list -
    -     		always -
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    -
    -
    Sample:
    -
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    dictionary of tags applied to the key. Empty when access is denied even if there are tags.
    -
    -
    Sample:
    -
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_region_info.rst b/docs/community.aws.aws_region_info.rst deleted file mode 100644 index e55d0d635cf..00000000000 --- a/docs/community.aws.aws_region_info.rst +++ /dev/null @@ -1,289 +0,0 @@ -:orphan: - -.. _community.aws.aws_region_info_module: - - -***************************** -community.aws.aws_region_info -***************************** - -**Gather information about AWS regions.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about AWS regions. -- This module was called ``aws_region_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Gather information about all regions - - community.aws.aws_region_info: - - # Gather information about a single region - - community.aws.aws_region_info: - filters: - region-name: eu-west-1 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - regions - -
    - list -
    -     		on success -
    Regions that match the provided filters. Each element consists of a dict with all the information related to that region.
    -
    -
    Sample:
    -
    [{ 'endpoint': 'ec2.us-west-1.amazonaws.com', 'region_name': 'us-west-1' }]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Henrique Rodrigues (@Sodki) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_s3_bucket_info.rst b/docs/community.aws.aws_s3_bucket_info.rst deleted file mode 100644 index e61bfd693fa..00000000000 --- a/docs/community.aws.aws_s3_bucket_info.rst +++ /dev/null @@ -1,274 +0,0 @@ -:orphan: - -.. _community.aws.aws_s3_bucket_info_module: - - -******************************** -community.aws.aws_s3_bucket_info -******************************** - -**Lists S3 buckets in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Lists S3 buckets in AWS -- This module was called ``aws_s3_bucket_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.aws_s3_bucket_info ` module no longer returns ``ansible_facts``! - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.4.4 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Note: Only AWS S3 is currently supported - - # Lists all s3 buckets - - community.aws.aws_s3_bucket_info: - register: result - - - name: List buckets - debug: - msg: "{{ result['buckets'] }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - buckets - -
    - list -
    -     		always -
    List of buckets
    -
    -
    Sample:
    -
    [{'creation_date': '2017-07-06 15:05:12 +00:00', 'name': 'my_bucket'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Gerben Geijteman (@hyperized) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_s3_cors.rst b/docs/community.aws.aws_s3_cors.rst deleted file mode 100644 index e7475fd59bc..00000000000 --- a/docs/community.aws.aws_s3_cors.rst +++ /dev/null @@ -1,367 +0,0 @@ -:orphan: - -.. _community.aws.aws_s3_cors_module: - - -************************* -community.aws.aws_s3_cors -************************* - -**Manage CORS for S3 buckets in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage CORS for S3 buckets in AWS - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the s3 bucket
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - rules - -
    - list -
    -     		- -
    Cors rules to put on the s3 bucket
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or remove cors on the s3 bucket
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Create a simple cors for s3 bucket - - community.aws.aws_s3_cors: - name: mys3bucket - state: present - rules: - - allowed_origins: - - http://www.example.com/ - allowed_methods: - - GET - - POST - allowed_headers: - - Authorization - expose_headers: - - x-amz-server-side-encryption - - x-amz-request-id - max_age_seconds: 30000 - - # Remove cors for s3 bucket - - community.aws.aws_s3_cors: - name: mys3bucket - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    check to see if a change was made to the rules
    -
    -
    Sample:
    -
    True
    -
    -
    - name - -
    - string -
    -     		always -
    name of bucket
    -
    -
    Sample:
    -
    bucket-name
    -
    -
    - rules - -
    - list -
    -     		always -
    list of current rules
    -
    -
    Sample:
    -
    [{'allowed_headers': ['Authorization'], 'allowed_methods': ['GET'], 'allowed_origins': ['*'], 'max_age_seconds': 30000}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Oyvind Saltvik (@fivethreeo) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_secret.rst b/docs/community.aws.aws_secret.rst deleted file mode 100644 index ab115c4f6df..00000000000 --- a/docs/community.aws.aws_secret.rst +++ /dev/null @@ -1,544 +0,0 @@ -:orphan: - -.. _community.aws.aws_secret_module: - - -************************ -community.aws.aws_secret -************************ - -**Manage secrets stored in AWS Secrets Manager.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, update, and delete secrets stored in AWS Secrets Manager. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore>=1.10.0 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    Specifies a user-provided description of the secret.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Friendly name for the secret you are creating.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - recovery_window - -
    - integer -
    -     		- Default:
    30
    -     		-
    Only used if state is absent.
    -
    Specifies the number of days that Secrets Manager waits before it can delete the secret.
    -
    If set to 0, the deletion is forced without recovery.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - rotation_interval - -
    - integer -
    -     		- Default:
    30
    -     		-
    Specifies the number of days between automatic scheduled rotations of the secret.
    -
    -
    - rotation_lambda - -
    - string -
    -     		- -
    Specifies the ARN of the Lambda function that can rotate the secret.
    -
    -
    - secret - -
    - string -
    -     		- Default:
    ""
    -     		-
    Specifies string or binary data that you want to encrypt and store in the new version of the secret.
    -
    -
    - secret_type - -
    - string -
    -     		-
      Choices: -
    • binary
      • -
    • string ←
      • -
    -     		-
    Specifies the type of data that you want to encrypt.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the secret should be exist or not.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Specifies a list of user-defined tags that are attached to the secret.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Add string to AWS Secrets Manager - community.aws.aws_secret: - name: 'test_secret_string' - state: present - secret_type: 'string' - secret: "{{ super_secret_string }}" - - - name: remove string from AWS Secrets Manager - community.aws.aws_secret: - name: 'test_secret_string' - state: absent - secret_type: 'string' - secret: "{{ super_secret_string }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - secret - -
    - complex -
    -     		always -
    The secret information
    -
    -
      -
    - arn - -
    - string -
    -     		always -
    The ARN of the secret
    -
    -
    Sample:
    -
    arn:aws:secretsmanager:eu-west-1:xxxxxxxxxx:secret:xxxxxxxxxxx
    -
      -
    - last_accessed_date - -
    - string -
    -     		always -
    The date the secret was last accessed
    -
    -
    Sample:
    -
    2018-11-20T01:00:00+01:00
    -
      -
    - last_changed_date - -
    - string -
    -     		always -
    The date the secret was last modified.
    -
    -
    Sample:
    -
    2018-11-20T12:16:38.433000+01:00
    -
      -
    - name - -
    - string -
    -     		always -
    The secret name.
    -
    -
    Sample:
    -
    my_secret
    -
      -
    - rotation_enabled - -
    - boolean -
    -     		always -
    The secret rotation status.
    -
    -
      -
    - version_ids_to_stages - -
    - dictionary -
    -     		always -
    Provide the secret version ids and the associated secret stage.
    -
    -
    Sample:
    -
    {'dc1ed59b-6d8e-4450-8b41-536dfe4600a9': ['AWSCURRENT']}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- REY Remi (@rrey) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ses_identity.rst b/docs/community.aws.aws_ses_identity.rst deleted file mode 100644 index b5964692f03..00000000000 --- a/docs/community.aws.aws_ses_identity.rst +++ /dev/null @@ -1,741 +0,0 @@ -:orphan: - -.. _community.aws.aws_ses_identity_module: - - -****************************** -community.aws.aws_ses_identity -****************************** - -**Manages SES email and domain identity** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the user to manage verified email and domain identity for SES. -- This covers verifying and removing identities as well as setting up complaint, bounce and delivery notification settings. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bounce_notifications - -
    - dictionary -
    -     		- -
    Setup the SNS topic used to report bounce notifications.
    -
    If omitted, bounce notifications will not be delivered to a SNS topic.
    -
    If bounce notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    -
    -
    - include_headers - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to include headers when delivering to the SNS topic.
    -
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    -
    -
    - topic - -
    - - -
    -     		- -
    The ARN of the topic to send notifications to.
    -
    If omitted, notifications will not be delivered to a SNS topic.
    -
    -
    - complaint_notifications - -
    - dictionary -
    -     		- -
    Setup the SNS topic used to report complaint notifications.
    -
    If omitted, complaint notifications will not be delivered to a SNS topic.
    -
    If complaint notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    -
    -
    - include_headers - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to include headers when delivering to the SNS topic.
    -
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    -
    -
    - topic - -
    - - -
    -     		- -
    The ARN of the topic to send notifications to.
    -
    If omitted, notifications will not be delivered to a SNS topic.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delivery_notifications - -
    - dictionary -
    -     		- -
    Setup the SNS topic used to report delivery notifications.
    -
    If omitted, delivery notifications will not be delivered to a SNS topic.
    -
    -
    - include_headers - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to include headers when delivering to the SNS topic.
    -
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    -
    -
    - topic - -
    - - -
    -     		- -
    The ARN of the topic to send notifications to.
    -
    If omitted, notifications will not be delivered to a SNS topic.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - feedback_forwarding - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to enable feedback forwarding.
    -
    This can only be false if both bounce_notifications and complaint_notifications specify SNS topics.
    -
    -
    - identity - -
    - string - / required
    -     		- -
    This is the email address or domain to verify / delete.
    -
    If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create(or update) or delete the identity.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Ensure example@example.com email identity exists - community.aws.aws_ses_identity: - identity: example@example.com - state: present - - - name: Delete example@example.com email identity - community.aws.aws_ses_identity: - email: example@example.com - state: absent - - - name: Ensure example.com domain identity exists - community.aws.aws_ses_identity: - identity: example.com - state: present - - # Create an SNS topic and send bounce and complaint notifications to it - # instead of emailing the identity owner - - name: Ensure complaints-topic exists - community.aws.sns_topic: - name: "complaints-topic" - state: present - purge_subscriptions: False - register: topic_info - - - name: Deliver feedback to topic instead of owner email - community.aws.aws_ses_identity: - identity: example@example.com - state: present - complaint_notifications: - topic: "{{ topic_info.sns_arn }}" - include_headers: True - bounce_notifications: - topic: "{{ topic_info.sns_arn }}" - include_headers: False - feedback_forwarding: False - - # Create an SNS topic for delivery notifications and leave complaints - # Being forwarded to the identity owner email - - name: Ensure delivery-notifications-topic exists - community.aws.sns_topic: - name: "delivery-notifications-topic" - state: present - purge_subscriptions: False - register: topic_info - - - name: Delivery notifications to topic - community.aws.aws_ses_identity: - identity: example@example.com - state: present - delivery_notifications: - topic: "{{ topic_info.sns_arn }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - identity - -
    - string -
    -     		success -
    The identity being modified.
    -
    -
    Sample:
    -
    example@example.com
    -
    -
    - identity_arn - -
    - string -
    -     		success -
    The arn of the identity being modified.
    -
    -
    Sample:
    -
    arn:aws:ses:us-east-1:12345678:identity/example@example.com
    -
    -
    - notification_attributes - -
    - complex -
    -     		success -
    The notification setup for the identity.
    -
    -
    Sample:
    -
    {'bounce_topic': 'arn:aws:sns:....', 'complaint_topic': 'arn:aws:sns:....', 'delivery_topic': 'arn:aws:sns:....', 'forwarding_enabled': False, 'headers_in_bounce_notifications_enabled': True, 'headers_in_complaint_notifications_enabled': True, 'headers_in_delivery_notifications_enabled': True}
    -
      -
    - bounce_topic - -
    - string -
    -     		-
    The ARN of the topic bounce notifications are delivered to.
    -
    Omitted if bounce notifications are not delivered to a topic.
    -
    -
      -
    - complaint_topic - -
    - string -
    -     		-
    The ARN of the topic complaint notifications are delivered to.
    -
    Omitted if complaint notifications are not delivered to a topic.
    -
    -
      -
    - delivery_topic - -
    - string -
    -     		-
    The ARN of the topic delivery notifications are delivered to.
    -
    Omitted if delivery notifications are not delivered to a topic.
    -
    -
      -
    - forwarding_enabled - -
    - boolean -
    -     		-
    Whether or not feedback forwarding is enabled.
    -
    -
      -
    - headers_in_bounce_notifications_enabled - -
    - boolean -
    -     		-
    Whether or not headers are included in messages delivered to the bounce topic.
    -
    -
      -
    - headers_in_complaint_notifications_enabled - -
    - boolean -
    -     		-
    Whether or not headers are included in messages delivered to the complaint topic.
    -
    -
      -
    - headers_in_delivery_notifications_enabled - -
    - boolean -
    -     		-
    Whether or not headers are included in messages delivered to the delivery topic.
    -
    -
    -
    - verification_attributes - -
    - complex -
    -     		success -
    The verification information for the identity.
    -
    -
    Sample:
    -
    {'verification_status': 'Pending', 'verification_token': '....'}
    -
      -
    - verification_status - -
    - string -
    -     		-
    The verification status of the identity.
    -
    -
    Sample:
    -
    Pending
    -
      -
    - verification_token - -
    - string -
    -     		-
    The verification token for a domain identity.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ed Costello (@orthanc) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ses_identity_policy.rst b/docs/community.aws.aws_ses_identity_policy.rst deleted file mode 100644 index b0357951f28..00000000000 --- a/docs/community.aws.aws_ses_identity_policy.rst +++ /dev/null @@ -1,357 +0,0 @@ -:orphan: - -.. _community.aws.aws_ses_identity_policy_module: - - -************************************* -community.aws.aws_ses_identity_policy -************************************* - -**Manages SES sending authorization policies** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the user to manage sending authorization policies associated with an SES identity (email or domain). -- SES authorization sending policies can be used to control what actors are able to send email on behalf of the validated identity and what conditions must be met by the sent emails. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - identity - -
    - string - / required
    -     		- -
    The SES identity to attach or remove a policy from. This can be either the full ARN or just - the verified email or domain.
    -
    -
    - policy - -
    - json -
    -     		- -
    A properly formatted JSON sending authorization policy. Required when state=present.
    -
    -
    - policy_name - -
    - string - / required
    -     		- -
    The name used to identify the policy within the scope of the identity it's attached to.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create(or update) or delete the authorization policy on the identity.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: add sending authorization policy to domain identity - community.aws.aws_ses_identity_policy: - identity: example.com - policy_name: ExamplePolicy - policy: "{{ lookup('template', 'policy.json.j2') }}" - state: present - - - name: add sending authorization policy to email identity - community.aws.aws_ses_identity_policy: - identity: example@example.com - policy_name: ExamplePolicy - policy: "{{ lookup('template', 'policy.json.j2') }}" - state: present - - - name: add sending authorization policy to identity using ARN - community.aws.aws_ses_identity_policy: - identity: "arn:aws:ses:us-east-1:12345678:identity/example.com" - policy_name: ExamplePolicy - policy: "{{ lookup('template', 'policy.json.j2') }}" - state: present - - - name: remove sending authorization policy - community.aws.aws_ses_identity_policy: - identity: example.com - policy_name: ExamplePolicy - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - policies - -
    - list -
    -     		success -
    A list of all policies present on the identity after the operation.
    -
    -
    Sample:
    -
    ['ExamplePolicy']
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ed Costello (@orthanc) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ses_rule_set.rst b/docs/community.aws.aws_ses_rule_set.rst deleted file mode 100644 index 473db71bb6b..00000000000 --- a/docs/community.aws.aws_ses_rule_set.rst +++ /dev/null @@ -1,386 +0,0 @@ -:orphan: - -.. _community.aws.aws_ses_rule_set_module: - - -****************************** -community.aws.aws_ses_rule_set -****************************** - -**Manages SES inbound receipt rule sets** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- The :ref:`community.aws.aws_ses_rule_set ` module allows you to create, delete, and manage SES receipt rule sets - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - active - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not this rule set should be the active rule set. Only has an impact if state is present.
    -
    If omitted, the active rule set will not be changed.
    -
    If True then this rule set will be made active and all others inactive.
    -
    if False then this rule set will be deactivated. Be careful with this as you can end up with no active rule set.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - force - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When deleting a rule set, deactivate it first (AWS prevents deletion of the active rule set).
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the receipt rule set.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    Whether to create (or update) or destroy the receipt rule set.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: None of these examples set aws_access_key, aws_secret_key, or region. - # It is assumed that their matching environment variables are set. - --- - - name: Create default rule set and activate it if not already - community.aws.aws_ses_rule_set: - name: default-rule-set - state: present - active: yes - - - name: Create some arbitrary rule set but do not activate it - community.aws.aws_ses_rule_set: - name: arbitrary-rule-set - state: present - - - name: Explicitly deactivate the default rule set leaving no active rule set - community.aws.aws_ses_rule_set: - name: default-rule-set - state: present - active: no - - - name: Remove an arbitrary inactive rule set - community.aws.aws_ses_rule_set: - name: arbitrary-rule-set - state: absent - - - name: Remove an ruleset even if we have to first deactivate it to remove it - community.aws.aws_ses_rule_set: - name: default-rule-set - state: absent - force: yes - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - active - -
    - boolean -
    -     		success if state is present -
    if the SES rule set is active
    -
    -
    Sample:
    -
    True
    -
    -
    - rule_sets - -
    - list -
    -     		success -
    The list of SES receipt rule sets that exist after any changes.
    -
    -
    Sample:
    -
    [{'created_timestamp': '2018-02-25T01:20:32.690000+00:00', 'name': 'default-rule-set'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ben Tomasik (@tomislacker) -- Ed Costello (@orthanc) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_sgw_info.rst b/docs/community.aws.aws_sgw_info.rst deleted file mode 100644 index 166c39b5972..00000000000 --- a/docs/community.aws.aws_sgw_info.rst +++ /dev/null @@ -1,734 +0,0 @@ -:orphan: - -.. _community.aws.aws_sgw_info_module: - - -************************** -community.aws.aws_sgw_info -************************** - -**Fetch AWS Storage Gateway information** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Fetch AWS Storage Gateway information -- This module was called ``aws_sgw_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - gather_file_shares - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather file share information for storage gateways in s3 mode.
    -
    -
    - gather_local_disks - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather local disks attached to the storage gateway.
    -
    -
    - gather_tapes - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather tape information for storage gateways in tape mode.
    -
    -
    - gather_volumes - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather volume information for storage gateways in iSCSI (cached & stored) modes.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: "Get AWS storage gateway information" - community.aws.aws_sgw_info: - - - name: "Get AWS storage gateway information for region eu-west-3" - community.aws.aws_sgw_info: - region: eu-west-3 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - gateways - -
    - complex -
    -     		always -
    list of gateway objects
    -
    -
      -
    - file_shares - -
    - complex -
    -     		when gateway_type == "FILE_S3" -
    Storage gateway file shares
    -
    -
       -
    - file_share_arn - -
    - string -
    -     		always -
    File share ARN
    -
    -
    Sample:
    -
    arn:aws:storagegateway:eu-west-1:399805793479:share/share-AF999C88
    -
       -
    - file_share_id - -
    - string -
    -     		always -
    File share ID
    -
    -
    Sample:
    -
    share-AF999C88
    -
       -
    - file_share_status - -
    - string -
    -     		always -
    File share status
    -
    -
    Sample:
    -
    AVAILABLE
    -
      -
    - gateway_arn - -
    - string -
    -     		always -
    Storage Gateway ARN
    -
    -
    Sample:
    -
    arn:aws:storagegateway:eu-west-1:367709993819:gateway/sgw-9999F888
    -
      -
    - gateway_id - -
    - string -
    -     		always -
    Storage Gateway ID
    -
    -
    Sample:
    -
    sgw-9999F888
    -
      -
    - gateway_name - -
    - string -
    -     		always -
    Storage Gateway friendly name
    -
    -
    Sample:
    -
    my-sgw-01
    -
      -
    - gateway_operational_state - -
    - string -
    -     		always -
    Storage Gateway operational state
    -
    -
    Sample:
    -
    ACTIVE
    -
      -
    - gateway_type - -
    - string -
    -     		always -
    Storage Gateway type
    -
    -
    Sample:
    -
    FILE_S3
    -
      -
    - local_disks - -
    - complex -
    -     		always -
    Storage gateway local disks
    -
    -
       -
    - disk_allocation_type - -
    - string -
    -     		always -
    Disk allocation type
    -
    -
    Sample:
    -
    CACHE STORAGE
    -
       -
    - disk_id - -
    - string -
    -     		always -
    Disk ID on the system
    -
    -
    Sample:
    -
    pci-0000:00:1f.0
    -
       -
    - disk_node - -
    - string -
    -     		always -
    Disk parent block device
    -
    -
    Sample:
    -
    /dev/sdb
    -
       -
    - disk_path - -
    - string -
    -     		always -
    Disk path used for the cache
    -
    -
    Sample:
    -
    /dev/nvme1n1
    -
       -
    - disk_size_in_bytes - -
    - integer -
    -     		always -
    Disk size in bytes
    -
    -
    Sample:
    -
    107374182400
    -
       -
    - disk_status - -
    - string -
    -     		always -
    Disk status
    -
    -
    Sample:
    -
    present
    -
      -
    - tapes - -
    - complex -
    -     		when gateway_type == "VTL" -
    Storage Gateway tapes
    -
    -
       -
    - tape_arn - -
    - string -
    -     		always -
    Tape ARN
    -
    -
    Sample:
    -
    arn:aws:storagegateway:eu-west-1:399805793479:tape/tape-AF999C88
    -
       -
    - tape_barcode - -
    - string -
    -     		always -
    Tape ARN
    -
    -
    Sample:
    -
    tape-AF999C88
    -
       -
    - tape_size_in_bytes - -
    - integer -
    -     		always -
    Tape ARN
    -
    -
    Sample:
    -
    555887569
    -
       -
    - tape_status - -
    - string -
    -     		always -
    Tape ARN
    -
    -
    Sample:
    -
    AVAILABLE
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Loic Blot (@nerzhul) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ssm.rst b/docs/community.aws.aws_ssm.rst deleted file mode 100644 index 14dca08d823..00000000000 --- a/docs/community.aws.aws_ssm.rst +++ /dev/null @@ -1,276 +0,0 @@ - -.. _community.aws.aws_ssm_connection: - - -********************* -community.aws.aws_ssm -********************* - -**execute via AWS Systems Manager** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This connection plugin allows ansible to execute tasks on an EC2 instance via the aws ssm CLI. - - - -Requirements ------------- -The below requirements are needed on the local master node that executes this connection. - -- The remote EC2 instance must be running the AWS Systems Manager Agent (SSM Agent). -- The control machine must have the aws session manager plugin installed. -- The remote EC2 linux instance must have the curl installed. - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsConfigurationComments
    -
    - bucket_name - -
    - - -
    -     		- -
    var: ansible_aws_ssm_bucket_name
    -     		-
    The name of the S3 bucket used for file transfers.
    -
    -
    - instance_id - -
    - - -
    -     		- -
    var: ansible_aws_ssm_instance_id
    -     		-
    The EC2 instance ID.
    -
    -
    - plugin - -
    - - -
    -     		- Default:
    "/usr/local/bin/session-manager-plugin"
    -     		-
    var: ansible_aws_ssm_plugin
    -     		-
    This defines the location of the session-manager-plugin binary.
    -
    -
    - region - -
    - - -
    -     		- Default:
    "us-east-1"
    -     		-
    var: ansible_aws_ssm_region
    -     		-
    The region the EC2 instance is located.
    -
    -
    - retries - -
    - integer -
    -     		- Default:
    3
    -     		-
    var: ansible_aws_ssm_retries
    -     		-
    Number of attempts to connect.
    -
    -
    - timeout - -
    - integer -
    -     		- Default:
    60
    -     		-
    var: ansible_aws_ssm_timeout
    -     		-
    Connection timeout seconds.
    -
    -
    - - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - # Stop Spooler Process on Windows Instances - - name: Stop Spooler Service on Windows Instances - vars: - ansible_connection: aws_ssm - ansible_shell_type: powershell - ansible_aws_ssm_bucket_name: nameofthebucket - ansible_aws_ssm_region: us-east-1 - tasks: - - name: Stop spooler service - win_service: - name: spooler - state: stopped - - # Install a Nginx Package on Linux Instance - - name: Install a Nginx Package - vars: - ansible_connection: aws_ssm - ansible_aws_ssm_bucket_name: nameofthebucket - ansible_aws_ssm_region: us-west-2 - tasks: - - name: Install a Nginx Package - yum: - name: nginx - state: present - - # Create a directory in Windows Instances - - name: Create a directory in Windows Instance - vars: - ansible_connection: aws_ssm - ansible_shell_type: powershell - ansible_aws_ssm_bucket_name: nameofthebucket - ansible_aws_ssm_region: us-east-1 - tasks: - - name: Create a Directory - win_file: - path: C:\Windows\temp - state: directory - - # Making use of Dynamic Inventory Plugin - # ======================================= - # aws_ec2.yml (Dynamic Inventory - Linux) - # This will return the Instance IDs matching the filter - #plugin: aws_ec2 - #regions: - # - us-east-1 - #hostnames: - # - instance-id - #filters: - # tag:SSMTag: ssmlinux - # ----------------------- - - name: install aws-cli - hosts: all - gather_facts: false - vars: - ansible_connection: aws_ssm - ansible_aws_ssm_bucket_name: nameofthebucket - ansible_aws_ssm_region: us-east-1 - tasks: - - name: aws-cli - raw: yum install -y awscli - tags: aws-cli - # Execution: ansible-playbook linux.yaml -i aws_ec2.yml - # The playbook tasks will get executed on the instance ids returned from the dynamic inventory plugin using ssm connection. - # ===================================================== - # aws_ec2.yml (Dynamic Inventory - Windows) - #plugin: aws_ec2 - #regions: - # - us-east-1 - #hostnames: - # - instance-id - #filters: - # tag:SSMTag: ssmwindows - # ----------------------- - - name: Create a dir. - hosts: all - gather_facts: false - vars: - ansible_connection: aws_ssm - ansible_shell_type: powershell - ansible_aws_ssm_bucket_name: nameofthebucket - ansible_aws_ssm_region: us-east-1 - tasks: - - name: Create the directory - win_file: - path: C:\Temp\SSM_Testing5 - state: directory - # Execution: ansible-playbook win_file.yaml -i aws_ec2.yml - # The playbook tasks will get executed on the instance ids returned from the dynamic inventory plugin using ssm connection. - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Pat Sharkey (@psharkey) -- HanumanthaRao MVL (@hanumantharaomvl) -- Gaurav Ashtikar (@gau1991 ) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_ssm_parameter_store.rst b/docs/community.aws.aws_ssm_parameter_store.rst deleted file mode 100644 index 94cbbe34d8d..00000000000 --- a/docs/community.aws.aws_ssm_parameter_store.rst +++ /dev/null @@ -1,456 +0,0 @@ -:orphan: - -.. _community.aws.aws_ssm_parameter_store_module: - - -************************************* -community.aws.aws_ssm_parameter_store -************************************* - -**Manage key-value pairs in aws parameter store.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage key-value pairs in aws parameter store. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - decryption - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Work with SecureString type to get plain text secrets
    -
    -
    - description - -
    - string -
    -     		- -
    Parameter key description.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - key_id - -
    - string -
    -     		- Default:
    "alias/aws/ssm"
    -     		-
    AWS KMS key to decrypt the secrets.
    -
    The default key (alias/aws/ssm) is automatically generated the first time it's requested.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Parameter key name.
    -
    -
    - overwrite_value - -
    - string -
    -     		-
      Choices: -
    • never
      • -
    • changed ←
      • -
    • always
      • -
    -     		-
    Option to overwrite an existing value if it already exists.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Creates or modifies an existing parameter.
    -
    Deletes a parameter.
    -
    -
    - string_type - -
    - string -
    -     		-
      Choices: -
    • String ←
      • -
    • StringList
      • -
    • SecureString
      • -
    -     		-
    Parameter String type.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - value - -
    - string -
    -     		- -
    Parameter value.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create or update key/value pair in aws parameter store - community.aws.aws_ssm_parameter_store: - name: "Hello" - description: "This is your first key" - value: "World" - - - name: Delete the key - community.aws.aws_ssm_parameter_store: - name: "Hello" - state: absent - - - name: Create or update secure key/value pair with default kms key (aws/ssm) - community.aws.aws_ssm_parameter_store: - name: "Hello" - description: "This is your first key" - string_type: "SecureString" - value: "World" - - - name: Create or update secure key/value pair with nominated kms key - community.aws.aws_ssm_parameter_store: - name: "Hello" - description: "This is your first key" - string_type: "SecureString" - key_id: "alias/demo" - value: "World" - - - name: Always update a parameter store value and create a new version - community.aws.aws_ssm_parameter_store: - name: "overwrite_example" - description: "This example will always overwrite the value" - string_type: "String" - value: "Test1234" - overwrite_value: "always" - - - name: recommend to use with aws_ssm lookup plugin - debug: - msg: "{{ lookup('amazon.aws.aws_ssm', 'hello') }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - delete_parameter - -
    - dictionary -
    -     		success -
    Delete a parameter from the system.
    -
    -
    -
    - put_parameter - -
    - dictionary -
    -     		success -
    Add one or more parameters to the system.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Nathan Webster (@nathanwebsterdotme) -- Bill Wang (@ozbillwang) -- Michael De La Rue (@mikedlr) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_step_functions_state_machine.rst b/docs/community.aws.aws_step_functions_state_machine.rst deleted file mode 100644 index ec6ae2e96f5..00000000000 --- a/docs/community.aws.aws_step_functions_state_machine.rst +++ /dev/null @@ -1,383 +0,0 @@ -:orphan: - -.. _community.aws.aws_step_functions_state_machine_module: - - -********************************************** -community.aws.aws_step_functions_state_machine -********************************************** - -**Manage AWS Step Functions state machines** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, update and delete state machines in AWS Step Functions. -- Calling the module in ``state=present`` for an existing AWS Step Functions state machine will attempt to update the state machine definition, IAM Role, or tags with the provided data. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - definition - -
    - json -
    -     		- -
    The Amazon States Language definition of the state machine. See https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information on the Amazon States Language.
    -
    This parameter is required when state=present.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the state machine
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string -
    -     		- -
    The ARN of the IAM Role that will be used by the state machine for its executions.
    -
    This parameter is required when state=present.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Desired state for the state machine
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new state machine or to add/remove from an existing one.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Create a new AWS Step Functions state machine - - name: Setup HelloWorld state machine - community.aws.aws_step_functions_state_machine: - name: "HelloWorldStateMachine" - definition: "{{ lookup('file','state_machine.json') }}" - role_arn: arn:aws:iam::987654321012:role/service-role/invokeLambdaStepFunctionsRole - tags: - project: helloWorld - - # Update an existing state machine - - name: Change IAM Role and tags of HelloWorld state machine - community.aws.aws_step_functions_state_machine: - name: HelloWorldStateMachine - definition: "{{ lookup('file','state_machine.json') }}" - role_arn: arn:aws:iam::987654321012:role/service-role/anotherStepFunctionsRole - tags: - otherTag: aDifferentTag - - # Remove the AWS Step Functions state machine - - name: Delete HelloWorld state machine - community.aws.aws_step_functions_state_machine: - name: HelloWorldStateMachine - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - state_machine_arn - -
    - string -
    -     		always -
    ARN of the AWS Step Functions state machine
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Tom De Keyser (@tdekeyser) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_step_functions_state_machine_execution.rst b/docs/community.aws.aws_step_functions_state_machine_execution.rst deleted file mode 100644 index 8d3b2b77ec3..00000000000 --- a/docs/community.aws.aws_step_functions_state_machine_execution.rst +++ /dev/null @@ -1,419 +0,0 @@ -:orphan: - -.. _community.aws.aws_step_functions_state_machine_execution_module: - - -******************************************************** -community.aws.aws_step_functions_state_machine_execution -******************************************************** - -**Start or stop execution of an AWS Step Functions state machine.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Start or stop execution of a state machine in AWS Step Functions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - action - -
    - string -
    -     		-
      Choices: -
    • start ←
      • -
    • stop
      • -
    -     		-
    Desired action (start or stop) for a state machine execution.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cause - -
    - string -
    -     		- Default:
    ""
    -     		-
    A detailed explanation of the cause for stopping the execution.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - error - -
    - string -
    -     		- Default:
    ""
    -     		-
    The error code of the failure to pass in when stopping the execution.
    -
    -
    - execution_arn - -
    - string -
    -     		- -
    The ARN of the execution you wish to stop.
    -
    -
    - execution_input - -
    - json -
    -     		- Default:
    {}
    -     		-
    The JSON input data for the execution.
    -
    -
    - name - -
    - string -
    -     		- -
    Name of the execution.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state_machine_arn - -
    - string -
    -     		- -
    The ARN of the state machine that will be executed.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Start an execution of a state machine - community.aws.aws_step_functions_state_machine_execution: - name: an_execution_name - execution_input: '{ "IsHelloWorldExample": true }' - state_machine_arn: "arn:aws:states:us-west-2:682285639423:stateMachine:HelloWorldStateMachine" - - - name: Stop an execution of a state machine - community.aws.aws_step_functions_state_machine_execution: - action: stop - execution_arn: "arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8" - cause: "cause of task failure" - error: "error code of the failure" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - execution_arn - -
    - string -
    -     		if action == start and changed == True -
    ARN of the AWS Step Functions state machine execution.
    -
    -
    Sample:
    -
    arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8
    -
    -
    - start_date - -
    - string -
    -     		if action == start and changed == True -
    The date the execution is started.
    -
    -
    Sample:
    -
    2019-11-02T22:39:49.071000-07:00
    -
    -
    - stop_date - -
    - string -
    -     		if action == stop -
    The date the execution is stopped.
    -
    -
    Sample:
    -
    2019-11-02T22:39:49.071000-07:00
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Prasad Katti (@prasadkatti) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_condition.rst b/docs/community.aws.aws_waf_condition.rst deleted file mode 100644 index 2301928b362..00000000000 --- a/docs/community.aws.aws_waf_condition.rst +++ /dev/null @@ -1,1440 +0,0 @@ -:orphan: - -.. _community.aws.aws_waf_condition_module: - - -******************************* -community.aws.aws_waf_condition -******************************* - -**Create and delete WAF Conditions** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/ - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - list - / elements=dictionary
    -     		- -
    A list of the filters against which to match.
    -
    For type=byte, valid keys are field_to_match, position, header, transformation and target_string.
    -
    For type=geo, the only valid key is country.
    -
    For type=ip, the only valid key is ip_address.
    -
    For type=regex, valid keys are field_to_match, transformation and regex_pattern.
    -
    For type=size, valid keys are field_to_match, transformation, comparison and size.
    -
    For type=sql, valid keys are field_to_match and transformation.
    -
    For type=xss, valid keys are field_to_match and transformation.
    -
    Required when state=present.
    -
    -
    - comparison - -
    - string -
    -     		-
      Choices: -
    • EQ
      • -
    • NE
      • -
    • LE
      • -
    • LT
      • -
    • GE
      • -
    • GT
      • -
    -     		-
    What type of comparison to perform.
    -
    Only valid key when type=size.
    -
    -
    - country - -
    - string -
    -     		- -
    Value of geo constraint (typically a two letter country code).
    -
    The only valid key when type=geo.
    -
    -
    - field_to_match - -
    - string -
    -     		-
      Choices: -
    • uri
      • -
    • query_string
      • -
    • header
      • -
    • method
      • -
    • body
      • -
    -     		-
    The field upon which to perform the match.
    -
    Valid when type=byte, type=regex, type=sql or type=xss.
    -
    -
    - header - -
    - string -
    -     		- -
    Which specific header should be matched.
    -
    Required when field_to_match=header.
    -
    Valid when type=byte.
    -
    -
    - ip_address - -
    - string -
    -     		- -
    An IP Address or CIDR to match.
    -
    The only valid key when type=ip.
    -
    -
    - position - -
    - string -
    -     		-
      Choices: -
    • exactly
      • -
    • starts_with
      • -
    • ends_with
      • -
    • contains
      • -
    • contains_word
      • -
    -     		-
    Where in the field the match needs to occur.
    -
    Only valid when type=byte.
    -
    -
    - regex_pattern - -
    - dictionary -
    -     		- -
    A dict describing the regular expressions used to perform the match.
    -
    Only valid when type=regex.
    -
    -
    - name - -
    - string -
    -     		- -
    A name to describe the set of patterns.
    -
    -
    - regex_strings - -
    - list - / elements=string
    -     		- -
    A list of regular expressions to match.
    -
    -
    - size - -
    - integer -
    -     		- -
    The size of the field (in bytes).
    -
    Only valid key when type=size.
    -
    -
    - target_string - -
    - string -
    -     		- -
    The string to search for.
    -
    May be up to 50 bytes.
    -
    Valid when type=byte.
    -
    -
    - transformation - -
    - string -
    -     		-
      Choices: -
    • none
      • -
    • compress_white_space
      • -
    • html_entity_decode
      • -
    • lowercase
      • -
    • cmd_line
      • -
    • url_decode
      • -
    -     		-
    A transform to apply on the field prior to performing the match.
    -
    Valid when type=byte, type=regex, type=sql or type=xss.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the Web Application Firewall condition to manage.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_filters - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove existing filters from a condition if not passed in filters.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the condition should be present or absent.
    -
    -
    - type - -
    - string - / required
    -     		-
      Choices: -
    • byte
      • -
    • geo
      • -
    • ip
      • -
    • regex
      • -
    • size
      • -
    • sql
      • -
    • xss
      • -
    -     		-
    The type of matching to perform.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - waf_regional - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use waf-regional module.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: create WAF byte condition - community.aws.aws_waf_condition: - name: my_byte_condition - filters: - - field_to_match: header - position: STARTS_WITH - target_string: Hello - header: Content-type - type: byte - - - name: create WAF geo condition - community.aws.aws_waf_condition: - name: my_geo_condition - filters: - - country: US - - country: AU - - country: AT - type: geo - - - name: create IP address condition - community.aws.aws_waf_condition: - name: "{{ resource_prefix }}_ip_condition" - filters: - - ip_address: "10.0.0.0/8" - - ip_address: "192.168.0.0/24" - type: ip - - - name: create WAF regex condition - community.aws.aws_waf_condition: - name: my_regex_condition - filters: - - field_to_match: query_string - regex_pattern: - name: greetings - regex_strings: - - '[hH]ello' - - '^Hi there' - - '.*Good Day to You' - type: regex - - - name: create WAF size condition - community.aws.aws_waf_condition: - name: my_size_condition - filters: - - field_to_match: query_string - size: 300 - comparison: GT - type: size - - - name: create WAF sql injection condition - community.aws.aws_waf_condition: - name: my_sql_condition - filters: - - field_to_match: query_string - transformation: url_decode - type: sql - - - name: create WAF xss condition - community.aws.aws_waf_condition: - name: my_xss_condition - filters: - - field_to_match: query_string - transformation: url_decode - type: xss - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - condition - -
    - complex -
    -     		always -
    Condition returned by operation.
    -
    -
      -
    - byte_match_set_id - -
    - string -
    -     		always -
    ID for byte match set.
    -
    -
    Sample:
    -
    c4882c96-837b-44a2-a762-4ea87dbf812b
    -
      -
    - byte_match_tuples - -
    - complex -
    -     		always -
    List of byte match tuples.
    -
    -
       -
    - field_to_match - -
    - complex -
    -     		always -
    Field to match.
    -
    -
        -
    - data - -
    - string -
    -     		-
    Which specific header (if type is header).
    -
    -
    Sample:
    -
    content-type
    -
        -
    - type - -
    - string -
    -     		-
    Type of field
    -
    -
    Sample:
    -
    HEADER
    -
       -
    - positional_constraint - -
    - string -
    -     		-
    Position in the field to match.
    -
    -
    Sample:
    -
    STARTS_WITH
    -
       -
    - target_string - -
    - string -
    -     		-
    String to look for.
    -
    -
    Sample:
    -
    Hello
    -
       -
    - text_transformation - -
    - string -
    -     		-
    Transformation to apply to the field before matching.
    -
    -
    Sample:
    -
    NONE
    -
      -
    - condition_id - -
    - string -
    -     		when state is present -
    Type-agnostic ID for the condition.
    -
    -
    Sample:
    -
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    -
      -
    - geo_match_constraints - -
    - complex -
    -     		when type is geo and state is present -
    List of geographical constraints.
    -
    -
       -
    - type - -
    - string -
    -     		-
    Type of geo constraint.
    -
    -
    Sample:
    -
    Country
    -
       -
    - value - -
    - string -
    -     		-
    Value of geo constraint (typically a country code).
    -
    -
    Sample:
    -
    AT
    -
      -
    - geo_match_set_id - -
    - string -
    -     		when type is geo and state is present -
    ID of the geo match set.
    -
    -
    Sample:
    -
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    -
      -
    - ip_set_descriptors - -
    - complex -
    -     		when type is ip and state is present -
    list of IP address filters
    -
    -
       -
    - type - -
    - string -
    -     		always -
    Type of IP address (IPV4 or IPV6).
    -
    -
    Sample:
    -
    IPV4
    -
       -
    - value - -
    - string -
    -     		always -
    IP address.
    -
    -
    Sample:
    -
    10.0.0.0/8
    -
      -
    - ip_set_id - -
    - string -
    -     		when type is ip and state is present -
    ID of condition.
    -
    -
    Sample:
    -
    78ad334a-3535-4036-85e6-8e11e745217b
    -
      -
    - name - -
    - string -
    -     		when state is present -
    Name of condition.
    -
    -
    Sample:
    -
    my_waf_condition
    -
      -
    - regex_match_set_id - -
    - string -
    -     		when type is regex and state is present -
    ID of the regex match set.
    -
    -
    Sample:
    -
    5ea3f6a8-3cd3-488b-b637-17b79ce7089c
    -
      -
    - regex_match_tuples - -
    - complex -
    -     		when type is regex and state is present -
    List of regex matches.
    -
    -
       -
    - field_to_match - -
    - complex -
    -     		-
    Field on which the regex match is applied.
    -
    -
        -
    - type - -
    - string -
    -     		when type is regex and state is present -
    The field name.
    -
    -
    Sample:
    -
    QUERY_STRING
    -
       -
    - regex_pattern_set_id - -
    - string -
    -     		-
    ID of the regex pattern.
    -
    -
    Sample:
    -
    6fdf7f2d-9091-445c-aef2-98f3c051ac9e
    -
       -
    - text_transformation - -
    - string -
    -     		-
    transformation applied to the text before matching
    -
    -
    Sample:
    -
    NONE
    -
      -
    - size_constraint_set_id - -
    - string -
    -     		when type is size and state is present -
    ID of the size constraint set.
    -
    -
    Sample:
    -
    de84b4b3-578b-447e-a9a0-0db35c995656
    -
      -
    - size_constraints - -
    - complex -
    -     		when type is size and state is present -
    List of size constraints to apply.
    -
    -
       -
    - comparison_operator - -
    - string -
    -     		-
    Comparison operator to apply.
    -
    -
    Sample:
    -
    GT
    -
       -
    - field_to_match - -
    - complex -
    -     		-
    Field on which the size constraint is applied.
    -
    -
        -
    - type - -
    - string -
    -     		-
    Field name.
    -
    -
    Sample:
    -
    QUERY_STRING
    -
       -
    - size - -
    - integer -
    -     		-
    Size to compare against the field.
    -
    -
    Sample:
    -
    300
    -
       -
    - text_transformation - -
    - string -
    -     		-
    Transformation applied to the text before matching.
    -
    -
    Sample:
    -
    NONE
    -
      -
    - sql_injection_match_set_id - -
    - string -
    -     		when type is sql and state is present -
    ID of the SQL injection match set.
    -
    -
    Sample:
    -
    de84b4b3-578b-447e-a9a0-0db35c995656
    -
      -
    - sql_injection_match_tuples - -
    - complex -
    -     		when type is sql and state is present -
    List of SQL injection match sets.
    -
    -
       -
    - field_to_match - -
    - complex -
    -     		-
    Field on which the SQL injection match is applied.
    -
    -
        -
    - type - -
    - string -
    -     		-
    Field name.
    -
    -
    Sample:
    -
    QUERY_STRING
    -
       -
    - text_transformation - -
    - string -
    -     		-
    Transformation applied to the text before matching.
    -
    -
    Sample:
    -
    URL_DECODE
    -
      -
    - xss_match_set_id - -
    - string -
    -     		when type is xss and state is present -
    ID of the XSS match set.
    -
    -
    Sample:
    -
    de84b4b3-578b-447e-a9a0-0db35c995656
    -
      -
    - xss_match_tuples - -
    - complex -
    -     		when type is xss and state is present -
    List of XSS match sets.
    -
    -
       -
    - field_to_match - -
    - complex -
    -     		-
    Field on which the XSS match is applied.
    -
    -
        -
    - type - -
    - string -
    -     		-
    Field name
    -
    -
    Sample:
    -
    QUERY_STRING
    -
       -
    - text_transformation - -
    - string -
    -     		-
    transformation applied to the text before matching.
    -
    -
    Sample:
    -
    URL_DECODE
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) -- Mike Mochan (@mmochan) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_info.rst b/docs/community.aws.aws_waf_info.rst deleted file mode 100644 index 9772e3d7e85..00000000000 --- a/docs/community.aws.aws_waf_info.rst +++ /dev/null @@ -1,455 +0,0 @@ -:orphan: - -.. _community.aws.aws_waf_info_module: - - -************************** -community.aws.aws_waf_info -************************** - -**Retrieve information for WAF ACLs, Rule , Conditions and Filters.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Retrieve information for WAF ACLs, Rule , Conditions and Filters. -- This module was called ``aws_waf_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of a Web Application Firewall.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - waf_regional - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use the waf-regional module.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: obtain all WAF information - community.aws.aws_waf_info: - - - name: obtain all information for a single WAF - community.aws.aws_waf_info: - name: test_waf - - - name: obtain all information for a single WAF Regional - community.aws.aws_waf_info: - name: test_waf - waf_regional: true - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - wafs - -
    - complex -
    -     		success -
    The WAFs that match the passed arguments.
    -
    -
      -
    - default_action - -
    - integer -
    -     		always -
    The action to perform if none of the Rules contained in the WebACL match.
    -
    -
    Sample:
    -
    BLOCK
    -
      -
    - metric_name - -
    - string -
    -     		always -
    A friendly name or description for the metrics for this WebACL.
    -
    -
    Sample:
    -
    test_waf_metric
    -
      -
    - name - -
    - string -
    -     		always -
    A friendly name or description of the WebACL.
    -
    -
    Sample:
    -
    test_waf
    -
      -
    - rules - -
    - complex -
    -     		always -
    An array that contains the action for each Rule in a WebACL , the priority of the Rule.
    -
    -
       -
    - action - -
    - string -
    -     		always -
    The action to perform if the Rule matches.
    -
    -
    Sample:
    -
    BLOCK
    -
       -
    - metric_name - -
    - string -
    -     		always -
    A friendly name or description for the metrics for this Rule.
    -
    -
    Sample:
    -
    ipblockrule
    -
       -
    - name - -
    - string -
    -     		always -
    A friendly name or description of the Rule.
    -
    -
    Sample:
    -
    ip_block_rule
    -
       -
    - predicates - -
    - list -
    -     		always -
    The Predicates list contains a Predicate for each ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet or XssMatchSet object in a Rule.
    -
    -
    Sample:
    -
    [{'byte_match_set_id': '47b822b5-abcd-1234-faaf-1234567890', 'byte_match_tuples': [{'field_to_match': {'type': 'QUERY_STRING'}, 'positional_constraint': 'STARTS_WITH', 'target_string': 'bobbins', 'text_transformation': 'NONE'}], 'name': 'bobbins', 'negated': False, 'type': 'ByteMatch'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mike Mochan (@mmochan) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_rule.rst b/docs/community.aws.aws_waf_rule.rst deleted file mode 100644 index 12bbd6dfdd0..00000000000 --- a/docs/community.aws.aws_waf_rule.rst +++ /dev/null @@ -1,573 +0,0 @@ -:orphan: - -.. _community.aws.aws_waf_rule_module: - - -************************** -community.aws.aws_waf_rule -************************** - -**Create and delete WAF Rules** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - conditions - -
    - list - / elements=dictionary
    -     		- -
    List of conditions used in the rule. community.aws.aws_waf_condition can be used to create new conditions.
    -
    -
    - condition - -
    - string - / required
    -     		- -
    The name of the condition. The condition must already exist.
    -
    -
    - negated - -
    - boolean - / required
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the condition should be negated.
    -
    -
    - type - -
    - string - / required
    -     		-
      Choices: -
    • byte
      • -
    • geo
      • -
    • ip
      • -
    • size
      • -
    • sql
      • -
    • xss
      • -
    -     		-
    The type of rule to match.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - metric_name - -
    - string -
    -     		- -
    A friendly name or description for the metrics for the rule.
    -
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    -
    You can't change metric_name after you create the rule.
    -
    Defaults to the same as name with disallowed characters removed.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the Web Application Firewall rule.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_conditions - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to remove conditions that are not passed when updating `conditions`.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the rule should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - waf_regional - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use waf-regional module.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - - name: create WAF rule - community.aws.aws_waf_rule: - name: my_waf_rule - conditions: - - name: my_regex_condition - type: regex - negated: no - - name: my_geo_condition - type: geo - negated: no - - name: my_byte_condition - type: byte - negated: yes - - - name: remove WAF rule - community.aws.aws_waf_rule: - name: "my_waf_rule" - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - rule - -
    - complex -
    -     		always -
    WAF rule contents
    -
    -
      -
    - metric_name - -
    - string -
    -     		always -
    Metric name for the rule.
    -
    -
    Sample:
    -
    ansibletest1234rule
    -
      -
    - name - -
    - string -
    -     		always -
    Friendly name for the rule.
    -
    -
    Sample:
    -
    ansible-test-1234_rule
    -
      -
    - predicates - -
    - complex -
    -     		always -
    List of conditions used in the rule.
    -
    -
       -
    - data_id - -
    - string -
    -     		always -
    ID of the condition.
    -
    -
    Sample:
    -
    8251acdb-526c-42a8-92bc-d3d13e584166
    -
       -
    - negated - -
    - boolean -
    -     		always -
    Whether the sense of the condition is negated.
    -
    -
       -
    - type - -
    - string -
    -     		always -
    type of the condition.
    -
    -
    Sample:
    -
    ByteMatch
    -
      -
    - rule_id - -
    - string -
    -     		always -
    ID of the WAF rule.
    -
    -
    Sample:
    -
    15de0cbc-9204-4e1f-90e6-69b2f415c261
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mike Mochan (@mmochan) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.aws_waf_web_acl.rst b/docs/community.aws.aws_waf_web_acl.rst deleted file mode 100644 index 551129a72b1..00000000000 --- a/docs/community.aws.aws_waf_web_acl.rst +++ /dev/null @@ -1,635 +0,0 @@ -:orphan: - -.. _community.aws.aws_waf_web_acl_module: - - -***************************** -community.aws.aws_waf_web_acl -***************************** - -**Create and delete WAF Web ACLs.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Read the AWS documentation for WAF https://aws.amazon.com/documentation/waf/. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - default_action - -
    - string -
    -     		-
      Choices: -
    • block
      • -
    • allow
      • -
    • count
      • -
    -     		-
    The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - metric_name - -
    - string -
    -     		- -
    A friendly name or description for the metrics for this WebACL.
    -
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    -
    You can't change metric_name after you create the WebACL.
    -
    Metric name will default to name with disallowed characters stripped out.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the Web Application Firewall ACL to manage.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_rules - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove rules that aren't passed with rules.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - rules - -
    - list - / elements=dictionary
    -     		- -
    A list of rules that the Web ACL will enforce.
    -
    -
    - action - -
    - string - / required
    -     		- -
    The action to perform.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the rule.
    -
    -
    - priority - -
    - integer - / required
    -     		- -
    The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
    -
    -
    - type - -
    - string -
    -     		-
      Choices: -
    • rate_based
      • -
    • regular
      • -
    -     		-
    The type of rule.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Web ACL should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - waf_regional - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use waf-regional module.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: create web ACL - community.aws.aws_waf_web_acl: - name: my_web_acl - rules: - - name: my_rule - priority: 1 - action: block - default_action: block - purge_rules: yes - state: present - - - name: delete the web acl - community.aws.aws_waf_web_acl: - name: my_web_acl - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - web_acl - -
    - complex -
    -     		always -
    contents of the Web ACL.
    -
    -
      -
    - default_action - -
    - dictionary -
    -     		always -
    Default action taken by the Web ACL if no rules match.
    -
    -
    Sample:
    -
    {'type': 'BLOCK'}
    -
      -
    - metric_name - -
    - string -
    -     		always -
    Metric name used as an identifier.
    -
    -
    Sample:
    -
    mywebacl
    -
      -
    - name - -
    - string -
    -     		always -
    Friendly name of the Web ACL.
    -
    -
    Sample:
    -
    my web acl
    -
      -
    - rules - -
    - complex -
    -     		always -
    List of rules.
    -
    -
       -
    - action - -
    - complex -
    -     		always -
    Action taken by the WAF when the rule matches.
    -
    -
    Sample:
    -
    {'type': 'ALLOW'}
    -
       -
    - priority - -
    - integer -
    -     		always -
    priority number of the rule (lower numbers are run first).
    -
    -
    Sample:
    -
    2
    -
       -
    - rule_id - -
    - string -
    -     		always -
    Rule ID.
    -
    -
    Sample:
    -
    a6fc7ab5-287b-479f-8004-7fd0399daf75
    -
       -
    - type - -
    - string -
    -     		always -
    Type of rule (either REGULAR or RATE_BASED).
    -
    -
    Sample:
    -
    REGULAR
    -
      -
    - web_acl_id - -
    - string -
    -     		always -
    Unique identifier of Web ACL.
    -
    -
    Sample:
    -
    10fff965-4b6b-46e2-9d78-24f6d2e2d21c
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mike Mochan (@mmochan) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudformation_exports_info.rst b/docs/community.aws.cloudformation_exports_info.rst deleted file mode 100644 index 6a3400001c0..00000000000 --- a/docs/community.aws.cloudformation_exports_info.rst +++ /dev/null @@ -1,267 +0,0 @@ -:orphan: - -.. _community.aws.cloudformation_exports_info_module: - - -***************************************** -community.aws.cloudformation_exports_info -***************************************** - -**Read a value from CloudFormation Exports** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module retrieves a value from CloudFormation Exports - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.11.15 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Get Exports - community.aws.cloudformation_exports_info: - profile: 'my_aws_profile' - region: 'my_region' - register: cf_exports - - debug: - msg: "{{ cf_exports }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - export_items - -
    - dictionary -
    -     		Always -
    A dictionary of Exports items names and values.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael Moyle (@mmoyle) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudformation_stack_set.rst b/docs/community.aws.cloudformation_stack_set.rst deleted file mode 100644 index c6db71ccdae..00000000000 --- a/docs/community.aws.cloudformation_stack_set.rst +++ /dev/null @@ -1,717 +0,0 @@ -:orphan: - -.. _community.aws.cloudformation_stack_set_module: - - -************************************** -community.aws.cloudformation_stack_set -************************************** - -**Manage groups of CloudFormation stacks** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Launches/updates/deletes AWS CloudFormation Stack Sets. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3>=1.6 -- botocore>=1.10.26 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - accounts - -
    - list - / elements=string
    -     		- -
    A list of AWS accounts in which to create instance of CloudFormation stacks.
    -
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    -
    -
    - administration_role_arn - -
    - string -
    -     		- -
    ARN of the administration role, meaning the role that CloudFormation Stack Sets use to assume the roles in your child accounts.
    -
    This defaults to arn:aws:iam::{{ account ID }}:role/AWSCloudFormationStackSetAdministrationRole where {{ account ID }} is replaced with the account number of the current IAM role/user/STS credentials.
    -

    aliases: admin_role_arn, admin_role, administration_role
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - capabilities - -
    - list - / elements=string
    -     		-
      Choices: -
    • CAPABILITY_IAM
      • -
    • CAPABILITY_NAMED_IAM
      • -
    -     		-
    Capabilities allow stacks to create and modify IAM resources, which may include adding users or roles.
    -
    Currently the only available values are 'CAPABILITY_IAM' and 'CAPABILITY_NAMED_IAM'. Either or both may be provided.
    -
    The following resources require that one or both of these parameters is specified: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::IAM::UserToGroupAddition
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A description of what this stack set creates.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - execution_role_name - -
    - string -
    -     		- -
    ARN of the execution role, meaning the role that CloudFormation Stack Sets assumes in your child accounts.
    -
    This MUST NOT be an ARN, and the roles must exist in each child account specified.
    -
    The default name for the execution role is AWSCloudFormationStackSetExecutionRole
    -

    aliases: exec_role_name, exec_role, execution_role
    -
    -
    - failure_tolerance - -
    - dictionary -
    -     		- -
    Settings to change what is considered "failed" when running stack instance updates, and how many to do at a time.
    -
    -
    - fail_count - -
    - integer -
    -     		- -
    The number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region.
    -
    You must specify one of fail_count and fail_percentage.
    -
    -
    - fail_percentage - -
    - integer -
    -     		- -
    The percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region.
    -
    You must specify one of fail_count and fail_percentage.
    -
    -
    - parallel_count - -
    - integer -
    -     		- -
    The maximum number of accounts in which to perform this operation at one time.
    -
    parallel_count may be at most one more than the fail_count.
    -
    You must specify one of parallel_count and parallel_percentage.
    -
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual count may be lower.
    -
    -
    - parallel_percentage - -
    - integer -
    -     		- -
    The maximum percentage of accounts in which to perform this operation at one time.
    -
    You must specify one of parallel_count and parallel_percentage.
    -
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual percentage may be lower.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the CloudFormation stack set.
    -
    -
    - parameters - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A list of hashes of all the template variables for the stack. The value can be a string or a dict.
    -
    Dict can be used to set additional template parameter attributes like UsePreviousValue (see example).
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_stacks - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Only applicable when state=absent. Sets whether, when deleting a stack set, the stack instances should also be deleted.
    -
    By default, instances will be deleted. To keep stacks when stack set is deleted set purge_stacks=false.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - regions - -
    - list - / elements=string
    -     		- -
    A list of AWS regions to create instances of a stack in. The region parameter chooses where the Stack Set is created, and regions specifies the region for stack instances.
    -
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    If state=present, stack will be created. If state=present and if stack exists and template has changed, it will be updated. If state=absent, stack will be removed.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Dictionary of tags to associate with stack and its resources during stack creation.
    -
    Can be updated later, updating tags removes previous entries.
    -
    -
    - template - -
    - path -
    -     		- -
    The local path of the CloudFormation template.
    -
    This must be the full path to the file, relative to the working directory. If using roles this may look like roles/cloudformation/files/cloudformation-example.json.
    -
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    -
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    -
    -
    - template_body - -
    - string -
    -     		- -
    Template body. Use this to pass in the actual body of the CloudFormation template.
    -
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    -
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    -
    -
    - template_url - -
    - string -
    -     		- -
    Location of file containing the template body.
    -
    The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.
    -
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    -
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for stack operation to complete. This includes waiting for stack instances to reach UPDATE_COMPLETE status.
    -
    If you choose not to wait, this module will not notify when stack operations fail because it will not wait for them to finish.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    900
    -     		-
    How long to wait (in seconds) for stacks to complete create/update/delete operations.
    -
    -
    - - -Notes ------ - -.. note:: - - To make an individual stack, you want the :ref:`amazon.aws.cloudformation ` module. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a stack set with instances in two accounts - community.aws.cloudformation_stack_set: - name: my-stack - description: Test stack in two accounts - state: present - template_url: https://s3.amazonaws.com/my-bucket/cloudformation.template - accounts: [1234567890, 2345678901] - regions: - - us-east-1 - - - name: on subsequent calls, templates are optional but parameters and tags can be altered - community.aws.cloudformation_stack_set: - name: my-stack - state: present - parameters: - InstanceName: my_stacked_instance - tags: - foo: bar - test: stack - accounts: [1234567890, 2345678901] - regions: - - us-east-1 - - - name: The same type of update, but wait for the update to complete in all stacks - community.aws.cloudformation_stack_set: - name: my-stack - state: present - wait: true - parameters: - InstanceName: my_restacked_instance - tags: - foo: bar - test: stack - accounts: [1234567890, 2345678901] - regions: - - us-east-1 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - operations - -
    - list -
    -     		always -
    All operations initiated by this run of the cloudformation_stack_set module
    -
    -
    Sample:
    -
    [{'action': 'CREATE', 'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'operation_preferences': {'region_order': ['us-east-1', 'us-east-2']}, 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'FAILED'}]
    -
    -
    - operations_log - -
    - list -
    -     		always -
    Most recent events in CloudFormation's event log. This may be from a previous run in some cases.
    -
    -
    Sample:
    -
    [{'action': 'CREATE', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'status': 'FAILED', 'stack_instances': [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service."}]}]
    -
    -
    - stack_instances - -
    - list -
    -     		state == present -
    CloudFormation stack instances that are members of this stack set. This will also include their region and account ID.
    -
    -
    Sample:
    -
    [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service.\n"}, {'account': '1234567890', 'region': 'us-east-2', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': 'Cancelled since failure tolerance has exceeded'}]
    -
    -
    - stack_set - -
    - dictionary -
    -     		state == present -
    Facts about the currently deployed stack set, its parameters, and its tags
    -
    -
    Sample:
    -
    {'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'capabilities': [], 'description': 'test stack PRIME', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'parameters': [], 'stack_set_arn': 'arn:aws:cloudformation:us-east-1:1234567890:stackset/TestStackPrime:19f3f684-aae9-467-ba36-e09f92cf5929', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'stack_set_name': 'TestStackPrime', 'status': 'ACTIVE', 'tags': {'Some': 'Thing', 'an': 'other'}, 'template_body': 'AWSTemplateFormatVersion: "2010-09-09"\nParameters: {}\nResources:\n Bukkit:\n Type: "AWS::S3::Bucket"\n Properties: {}\n other:\n Type: "AWS::SNS::Topic"\n Properties: {}\n'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ryan Scott Brown (@ryansb) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_distribution.rst b/docs/community.aws.cloudfront_distribution.rst deleted file mode 100644 index fa619bae52a..00000000000 --- a/docs/community.aws.cloudfront_distribution.rst +++ /dev/null @@ -1,4701 +0,0 @@ -:orphan: - -.. _community.aws.cloudfront_distribution_module: - - -************************************* -community.aws.cloudfront_distribution -************************************* - -**Create, update and delete AWS CloudFront distributions.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for easy creation, updating and deletion of CloudFront distributions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.0.0 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - alias - -
    - string -
    -     		- -
    The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the distribution_id as well as the e_tag, or caller_reference of an existing distribution.
    -
    -
    - aliases - -
    - list - / elements=string
    -     		- -
    A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
    -
    Each alias must be unique across all distribution for the AWS account.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cache_behaviors - -
    - list - / elements=dictionary
    -     		- -
    A list of dictionaries describing the cache behaviors for the distribution.
    -
    The order of the list is preserved across runs unless purge_cache_behaviors is enabled.
    -
    -
    - forwarded_values - -
    - dictionary -
    -     		- -
    A dict that specifies how CloudFront handles query strings and cookies.
    -
    -
    - allowed_methods - -
    - dictionary -
    -     		- -
    A dict that controls which HTTP methods CloudFront processes and forwards.
    -
    -
    - cached_methods - -
    - list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to apply caching to.
    -
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    -
    -
    - items - -
    - list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to process and forward.
    -
    -
    - compress - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want CloudFront to automatically compress files.
    -
    -
    - cookies - -
    - dictionary -
    -     		- -
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    -
    -
    - forward - -
    - string -
    -     		- -
    Specifies which cookies to forward to the origin for this cache behavior.
    -
    Valid values are all, none, or whitelist.
    -
    -
    - whitelisted_names - -
    - list - / elements=string
    -     		- -
    A list of coockies to forward to the origin for this cache behavior.
    -
    -
    - default_ttl - -
    - integer -
    -     		- -
    The default amount of time that you want objects to stay in CloudFront caches.
    -
    -
    - field_level_encryption_id - -
    - string -
    -     		- -
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    -
    -
    - headers - -
    - list - / elements=string
    -     		- -
    A list of headers to forward to the origin for this cache behavior.
    -
    To forward all headers use a list containing a single element '*' (['*'])
    -
    -
    - lambda_function_associations - -
    - list - / elements=dictionary
    -     		- -
    A list of Lambda function associations to use for this cache behavior.
    -
    -
    - event_type - -
    - string -
    -     		- -
    Specifies the event type that triggers a Lambda function invocation.
    -
    This can be viewer-request, origin-request, origin-response or viewer-response.
    -
    -
    - lambda_function_arn - -
    - string -
    -     		- -
    The ARN of the Lambda function.
    -
    -
    - max_ttl - -
    - integer -
    -     		- -
    The maximum amount of time that you want objects to stay in CloudFront caches.
    -
    -
    - min_ttl - -
    - integer -
    -     		- -
    The minimum amount of time that you want objects to stay in CloudFront caches.
    -
    -
    - query_string - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    -
    -
    - query_string_cache_keys - -
    - list - / elements=string
    -     		- -
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    -
    -
    - smooth_streaming - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    -
    -
    - trusted_signers - -
    - dictionary -
    -     		- -
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to require viewers to use signed URLs to access the files specified by path_pattern and target_origin_id
    -
    -
    - items - -
    - list - / elements=string
    -     		- -
    A list of trusted signers for this cache behavior.
    -
    -
    - viewer_protocol_policy - -
    - string -
    -     		- -
    The protocol that viewers can use to access the files in the origin specified by target_origin_id when a request matches path_pattern.
    -
    Valid values are allow-all, redirect-to-https and https-only.
    -
    -
    - path_pattern - -
    - string -
    -     		- -
    The pattern that specifies which requests to apply the behavior to.
    -
    -
    - target_origin_id - -
    - string -
    -     		- -
    The ID of the origin that you want CloudFront to route requests to by default.
    -
    -
    - caller_reference - -
    - string -
    -     		- -
    A unique identifier for creating and updating CloudFront distributions.
    -
    Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of distribution_id to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format YYYY-MM-DDTHH:MM:SS.ffffff.
    -
    -
    - comment - -
    - string -
    -     		- -
    A comment that describes the CloudFront distribution.
    -
    If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
    -
    -
    - custom_error_responses - -
    - list - / elements=dictionary
    -     		- -
    A config element that is a list[] of complex custom error responses to be specified for the distribution.
    -
    This attribute configures custom http error messages returned to the user.
    -
    -
    - error_caching_min_ttl - -
    - integer -
    -     		- -
    The length of time (in seconds) that CloudFront will cache status codes for.
    -
    -
    - error_code - -
    - integer -
    -     		- -
    The error code the custom error page is for.
    -
    -
    - response_code - -
    - integer -
    -     		- -
    The HTTP status code that CloudFront should return to a user when the origin returns the HTTP status code specified by error_code.
    -
    -
    - response_page_path - -
    - string -
    -     		- -
    The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by error_code.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - default_cache_behavior - -
    - dictionary -
    -     		- -
    A dict specifying the default cache behavior of the distribution.
    -
    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
    -
    -
    - forwarded_values - -
    - dictionary -
    -     		- -
    A dict that specifies how CloudFront handles query strings and cookies.
    -
    -
    - allowed_methods - -
    - dictionary -
    -     		- -
    A dict that controls which HTTP methods CloudFront processes and forwards.
    -
    -
    - cached_methods - -
    - list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to apply caching to.
    -
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    -
    -
    - items - -
    - list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to process and forward.
    -
    -
    - compress - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want CloudFront to automatically compress files.
    -
    -
    - cookies - -
    - dictionary -
    -     		- -
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    -
    -
    - forward - -
    - string -
    -     		- -
    Specifies which cookies to forward to the origin for this cache behavior.
    -
    Valid values are all, none, or whitelist.
    -
    -
    - whitelisted_names - -
    - list - / elements=string
    -     		- -
    A list of coockies to forward to the origin for this cache behavior.
    -
    -
    - default_ttl - -
    - integer -
    -     		- -
    The default amount of time that you want objects to stay in CloudFront caches.
    -
    -
    - field_level_encryption_id - -
    - string -
    -     		- -
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    -
    -
    - headers - -
    - list - / elements=string
    -     		- -
    A list of headers to forward to the origin for this cache behavior.
    -
    To forward all headers use a list containing a single element '*' (['*'])
    -
    -
    - lambda_function_associations - -
    - list - / elements=dictionary
    -     		- -
    A list of Lambda function associations to use for this cache behavior.
    -
    -
    - event_type - -
    - string -
    -     		- -
    Specifies the event type that triggers a Lambda function invocation.
    -
    This can be viewer-request, origin-request, origin-response or viewer-response.
    -
    -
    - lambda_function_arn - -
    - string -
    -     		- -
    The ARN of the Lambda function.
    -
    -
    - max_ttl - -
    - integer -
    -     		- -
    The maximum amount of time that you want objects to stay in CloudFront caches.
    -
    -
    - min_ttl - -
    - integer -
    -     		- -
    The minimum amount of time that you want objects to stay in CloudFront caches.
    -
    -
    - query_string - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    -
    -
    - query_string_cache_keys - -
    - list - / elements=string
    -     		- -
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    -
    -
    - smooth_streaming - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    -
    -
    - trusted_signers - -
    - dictionary -
    -     		- -
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to require viewers to use signed URLs to access the files specified by target_origin_id
    -
    -
    - items - -
    - list - / elements=string
    -     		- -
    A list of trusted signers for this cache behavior.
    -
    -
    - viewer_protocol_policy - -
    - string -
    -     		- -
    The protocol that viewers can use to access the files in the origin specified by target_origin_id.
    -
    Valid values are allow-all, redirect-to-https and https-only.
    -
    -
    - target_origin_id - -
    - string -
    -     		- -
    The ID of the origin that you want CloudFront to route requests to by default.
    -
    -
    - default_origin_domain_name - -
    - string -
    -     		- -
    The domain name to use for an origin if no origins have been specified.
    -
    Should only be used on a first run of generating a distribution and not on subsequent runs.
    -
    Should not be used in conjunction with distribution_id, caller_reference or alias.
    -
    -
    - default_origin_path - -
    - string -
    -     		- -
    The default origin path to specify for an origin if no origins have been specified. Defaults to empty if not specified.
    -
    -
    - default_root_object - -
    - string -
    -     		- -
    A config element that specifies the path to request when the user requests the origin.
    -
    e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user.
    -
    This prevents the entire distribution origin from being exposed at the root.
    -
    -
    - distribution_id - -
    - string -
    -     		- -
    The ID of the CloudFront distribution.
    -
    This parameter can be exchanged with alias or caller_reference and is used in conjunction with e_tag.
    -
    -
    - e_tag - -
    - string -
    -     		- -
    A unique identifier of a modified or existing distribution. Used in conjunction with distribution_id.
    -
    Is determined automatically if not specified.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    A boolean value that specifies whether the distribution is enabled or disabled.
    -
    -
    - http_version - -
    - string -
    -     		- -
    The version of the http protocol to use for the distribution.
    -
    AWS defaults this to http2.
    -
    Valid values are http1.1 and http2
    -
    -
    - ipv6_enabled - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Determines whether IPv6 support is enabled or not.
    -
    -
    - logging - -
    - dictionary -
    -     		- -
    A config element that is a complex object that defines logging for the distribution.
    -
    -
    - bucket - -
    - string -
    -     		- -
    The S3 bucket to store the log in.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When enabled=true CloudFront will log access to an S3 bucket.
    -
    -
    - include_cookies - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When include_cookies=true CloudFront will include cookies in the logs.
    -
    -
    - prefix - -
    - string -
    -     		- -
    A prefix to include in the S3 object names.
    -
    -
    - origins - -
    - list - / elements=dictionary
    -     		- -
    A config element that is a list of complex origin objects to be specified for the distribution. Used for creating and updating distributions.
    -
    -
    - custom_headers - -
    - list - / elements=dictionary
    -     		- -
    Custom headers you wish to add to the request before passing it to the origin.
    - -
    -
    - header_name - -
    - string -
    -     		- -
    The name of a header that you want CloudFront to forward to your origin.
    -
    -
    - header_value - -
    - string -
    -     		- -
    The value for the header that you specified in the header_name field.
    -
    -
    - custom_origin_config - -
    - dictionary -
    -     		- -
    Connection information about the origin.
    -
    -
    - http_port - -
    - integer -
    -     		- -
    The HTTP port the custom origin listens on.
    -
    -
    - https_port - -
    - integer -
    -     		- -
    The HTTPS port the custom origin listens on.
    -
    -
    - origin_keepalive_timeout - -
    - integer -
    -     		- -
    A keep-alive timeout (in seconds).
    -
    -
    - origin_protocol_policy - -
    - string -
    -     		- -
    The origin protocol policy to apply to your origin.
    -
    -
    - origin_read_timeout - -
    - integer -
    -     		- -
    A timeout (in seconds) when reading from your origin.
    -
    -
    - origin_ssl_protocols - -
    - list - / elements=string
    -     		- -
    A list of SSL/TLS protocols that you want CloudFront to use when communicating to the origin over HTTPS.
    -
    -
    - domain_name - -
    - string -
    -     		- -
    The domain name which CloudFront will query as the origin.
    - -
    -
    - id - -
    - string -
    -     		- -
    A unique identifier for the origin or origin group. id must be unique within the distribution.
    -
    -
    - origin_path - -
    - string -
    -     		- -
    Tells CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    -
    -
    - s3_origin_access_identity_enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Use an origin access identity to configure the origin so that viewers can only access objects in an Amazon S3 bucket through CloudFront.
    -
    Will automatically create an Identity for you.
    - -
    -
    - price_class - -
    - string -
    -     		- -
    A string that specifies the pricing class of the distribution. As per https://aws.amazon.com/cloudfront/pricing/
    -
    price_class=PriceClass_100 consists of the areas United States, Canada and Europe.
    -
    price_class=PriceClass_200 consists of the areas United States, Canada, Europe, Japan, India, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    -
    price_class=PriceClass_All consists of the areas United States, Canada, Europe, Japan, India, South America, Australia, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    -
    AWS defaults this to PriceClass_All.
    -
    Valid values are PriceClass_100, PriceClass_200 and PriceClass_All
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_aliases - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether existing aliases will be removed before adding new aliases.
    -
    When purge_aliases=yes, existing aliases are removed and aliases are added.
    -
    -
    - purge_cache_behaviors - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove any cache behaviors that aren't listed in cache_behaviors.
    -
    This switch also allows the reordering of cache_behaviors.
    -
    -
    - purge_custom_error_responses - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove any custom error responses that aren't listed in custom_error_responses.
    -
    -
    - purge_origins - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove any origins that aren't listed in origins.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether existing tags will be removed before adding new tags.
    -
    When purge_tags=yes, existing tags are removed and tags are added, if specified. If no tags are specified, it removes all existing tags for the distribution.
    -
    When purge_tags=no, existing tags are kept and tags are added, if specified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - restrictions - -
    - dictionary -
    -     		- -
    A config element that is a complex object that describes how a distribution should restrict it's content.
    -
    -
    - geo_restriction - -
    - dictionary -
    -     		- -
    Apply a restriciton based on the location of the requester.
    -
    -
    - items - -
    - list -
    -     		- -
    A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
    -
    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
    -
    -
    - restriction_type - -
    - string -
    -     		- -
    The method that you want to use to restrict distribution of your content by country.
    -
    Valid values are none, whitelist, blacklist
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    The desired state of the distribution.
    -
    state=present creates a new distribution or updates an existing distribution.
    -
    state=absent deletes an existing distribution.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Should be input as a dict of key-value pairs.
    -
    Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - viewer_certificate - -
    - dictionary -
    -     		- -
    A dict that specifies the encryption details of the distribution.
    -
    -
    - acm_certificate_arn - -
    - string -
    -     		- -
    The ID of a certificate stored in ACM to use for HTTPS connections.
    -
    If acm_certificate_id is set then you must also specify ssl_support_method
    -
    -
    - cloudfront_default_certificate - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
    -
    If cloudfront_default_certificate=true do not set ssl_support_method.
    -
    -
    - iam_certificate_id - -
    - string -
    -     		- -
    The ID of a certificate stored in IAM to use for HTTPS connections.
    -
    If iam_certificate_id is set then you must also specify ssl_support_method
    -
    -
    - minimum_protocol_version - -
    - string -
    -     		- -
    The security policy that you want CloudFront to use for HTTPS connections.
    - -
    -
    - ssl_support_method - -
    - string -
    -     		- -
    How CloudFront should serve SSL certificates.
    -
    Valid values are sni-only for SNI, and vip if CloudFront is configured to use a dedicated IP for your content.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether the module waits until the distribution has completed processing the creation or update.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    1800
    -     		-
    Specifies the duration in seconds to wait for a timeout of a cloudfront create or update.
    -
    -
    - web_acl_id - -
    - string -
    -     		- -
    The ID of a Web Application Firewall (WAF) Access Control List (ACL).
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: create a basic distribution with defaults and tags - community.aws.cloudfront_distribution: - state: present - default_origin_domain_name: www.my-cloudfront-origin.com - tags: - Name: example distribution - Project: example project - Priority: '1' - - - name: update a distribution comment by distribution_id - community.aws.cloudfront_distribution: - state: present - distribution_id: E1RP5A2MJ8073O - comment: modified by ansible cloudfront.py - - - name: update a distribution comment by caller_reference - community.aws.cloudfront_distribution: - state: present - caller_reference: my cloudfront distribution 001 - comment: modified by ansible cloudfront.py - - - name: update a distribution's aliases and comment using the distribution_id as a reference - community.aws.cloudfront_distribution: - state: present - distribution_id: E1RP5A2MJ8073O - comment: modified by cloudfront.py again - aliases: [ 'www.my-distribution-source.com', 'zzz.aaa.io' ] - - - name: update a distribution's aliases and comment using an alias as a reference - community.aws.cloudfront_distribution: - state: present - caller_reference: my test distribution - comment: modified by cloudfront.py again - aliases: - - www.my-distribution-source.com - - zzz.aaa.io - - - name: update a distribution's comment and aliases and tags and remove existing tags - community.aws.cloudfront_distribution: - state: present - distribution_id: E15BU8SDCGSG57 - comment: modified by cloudfront.py again - aliases: - - tested.com - tags: - Project: distribution 1.2 - purge_tags: yes - - - name: create a distribution with an origin, logging and default cache behavior - community.aws.cloudfront_distribution: - state: present - caller_reference: unique test distribution ID - origins: - - id: 'my test origin-000111' - domain_name: www.example.com - origin_path: /production - custom_headers: - - header_name: MyCustomHeaderName - header_value: MyCustomHeaderValue - default_cache_behavior: - target_origin_id: 'my test origin-000111' - forwarded_values: - query_string: true - cookies: - forward: all - headers: - - '*' - viewer_protocol_policy: allow-all - smooth_streaming: true - compress: true - allowed_methods: - items: - - GET - - HEAD - cached_methods: - - GET - - HEAD - logging: - enabled: true - include_cookies: false - bucket: mylogbucket.s3.amazonaws.com - prefix: myprefix/ - enabled: false - comment: this is a CloudFront distribution with logging - - - name: delete a distribution - community.aws.cloudfront_distribution: - state: absent - caller_reference: replaceable distribution - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - active_trusted_signers - -
    - complex -
    -     		always -
    Key pair IDs that CloudFront is aware of for each trusted signer.
    -
    -
      -
    - enabled - -
    - boolean -
    -     		always -
    Whether trusted signers are in use.
    -
    -
      -
    - items - -
    - list -
    -     		when there are trusted signers -
    Number of trusted signers.
    -
    -
    Sample:
    -
    ['key_pair_id']
    -
      -
    - quantity - -
    - integer -
    -     		always -
    Number of trusted signers.
    -
    -
    Sample:
    -
    1
    -
    -
    - aliases - -
    - complex -
    -     		always -
    Aliases that refer to the distribution.
    -
    -
      -
    - items - -
    - list -
    -     		always -
    List of aliases.
    -
    -
    Sample:
    -
    ['test.example.com']
    -
      -
    - quantity - -
    - integer -
    -     		always -
    Number of aliases.
    -
    -
    Sample:
    -
    1
    -
    -
    - arn - -
    - string -
    -     		always -
    Amazon Resource Name of the distribution.
    -
    -
    Sample:
    -
    arn:aws:cloudfront::123456789012:distribution/E1234ABCDEFGHI
    -
    -
    - cache_behaviors - -
    - complex -
    -     		always -
    CloudFront cache behaviors.
    -
    -
      -
    - items - -
    - complex -
    -     		always -
    List of cache behaviors.
    -
    -
       -
    - allowed_methods - -
    - complex -
    -     		always -
    Methods allowed by the cache behavior.
    -
    -
        -
    - cached_methods - -
    - complex -
    -     		always -
    Methods cached by the cache behavior.
    -
    -
         -
    - items - -
    - list -
    -     		always -
    List of cached methods.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    -
         -
    - quantity - -
    - integer -
    -     		always -
    Count of cached methods.
    -
    -
    Sample:
    -
    2
    -
        -
    - items - -
    - list -
    -     		always -
    List of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    2
    -
       -
    - compress - -
    - boolean -
    -     		always -
    Whether compression is turned on for the cache behavior.
    -
    -
       -
    - default_ttl - -
    - integer -
    -     		always -
    Default Time to Live of the cache behavior.
    -
    -
    Sample:
    -
    86400
    -
       -
    - forwarded_values - -
    - complex -
    -     		always -
    Values forwarded to the origin for this cache behavior.
    -
    -
        -
    - cookies - -
    - complex -
    -     		always -
    Cookies to forward to the origin.
    -
    -
         -
    - forward - -
    - string -
    -     		always -
    Which cookies to forward to the origin for this cache behavior.
    -
    -
    Sample:
    -
    none
    -
         -
    - whitelisted_names - -
    - complex -
    -     		when forward=whitelist -
    The names of the cookies to forward to the origin for this cache behavior.
    -
    -
          -
    - items - -
    - list -
    -     		when list is not empty -
    List of cookies to forward.
    -
    -
    Sample:
    -
    my_cookie
    -
          -
    - quantity - -
    - integer -
    -     		always -
    Count of cookies to forward.
    -
    -
    Sample:
    -
    1
    -
        -
    - headers - -
    - complex -
    -     		always -
    Which headers are used to vary on cache retrievals.
    -
    -
         -
    - items - -
    - list -
    -     		when list is not empty -
    List of headers to vary on.
    -
    -
    Sample:
    -
    ['Host']
    -
         -
    - quantity - -
    - integer -
    -     		always -
    Count of headers to vary on.
    -
    -
    Sample:
    -
    1
    -
        -
    - query_string - -
    - boolean -
    -     		always -
    Whether the query string is used in cache lookups.
    -
    -
        -
    - query_string_cache_keys - -
    - complex -
    -     		always -
    Which query string keys to use in cache lookups.
    -
    -
         -
    - items - -
    - list -
    -     		when list is not empty -
    List of query string cache keys to use in cache lookups.
    -
    -
         -
    - quantity - -
    - integer -
    -     		always -
    Count of query string cache keys to use in cache lookups.
    -
    -
    Sample:
    -
    1
    -
       -
    - lambda_function_associations - -
    - complex -
    -     		always -
    Lambda function associations for a cache behavior.
    -
    -
        -
    - items - -
    - list -
    -     		when list is not empty -
    List of lambda function associations.
    -
    -
    Sample:
    -
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of lambda function associations.
    -
    -
    Sample:
    -
    1
    -
       -
    - max_ttl - -
    - integer -
    -     		always -
    Maximum Time to Live.
    -
    -
    Sample:
    -
    31536000
    -
       -
    - min_ttl - -
    - integer -
    -     		always -
    Minimum Time to Live.
    -
    -
       -
    - path_pattern - -
    - string -
    -     		always -
    Path pattern that determines this cache behavior.
    -
    -
    Sample:
    -
    /path/to/files/*
    -
       -
    - smooth_streaming - -
    - boolean -
    -     		always -
    Whether smooth streaming is enabled.
    -
    -
       -
    - target_origin_id - -
    - string -
    -     		always -
    ID of origin reference by this cache behavior.
    -
    -
    Sample:
    -
    origin_abcd
    -
       -
    - trusted_signers - -
    - complex -
    -     		always -
    Trusted signers.
    -
    -
        -
    - enabled - -
    - boolean -
    -     		always -
    Whether trusted signers are enabled for this cache behavior.
    -
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of trusted signers.
    -
    -
    Sample:
    -
    1
    -
       -
    - viewer_protocol_policy - -
    - string -
    -     		always -
    Policy of how to handle http/https.
    -
    -
    Sample:
    -
    redirect-to-https
    -
      -
    - quantity - -
    - integer -
    -     		always -
    Count of cache behaviors.
    -
    -
    Sample:
    -
    1
    -
    -
    - caller_reference - -
    - string -
    -     		always -
    Idempotency reference given when creating CloudFront distribution.
    -
    -
    Sample:
    -
    1484796016700
    -
    -
    - comment - -
    - string -
    -     		always -
    Any comments you want to include about the distribution.
    -
    -
    Sample:
    -
    my first CloudFront distribution
    -
    -
    - custom_error_responses - -
    - complex -
    -     		always -
    Custom error responses to use for error handling.
    -
    -
      -
    - items - -
    - complex -
    -     		always -
    List of custom error responses.
    -
    -
       -
    - error_caching_min_ttl - -
    - integer -
    -     		always -
    Minimum time to cache this error response.
    -
    -
    Sample:
    -
    300
    -
       -
    - error_code - -
    - integer -
    -     		always -
    Origin response code that triggers this error response.
    -
    -
    Sample:
    -
    500
    -
       -
    - response_code - -
    - string -
    -     		always -
    Response code to return to the requester.
    -
    -
    Sample:
    -
    500
    -
       -
    - response_page_path - -
    - string -
    -     		always -
    Path that contains the error page to display.
    -
    -
    Sample:
    -
    /errors/5xx.html
    -
      -
    - quantity - -
    - integer -
    -     		always -
    Count of custom error response items
    -
    -
    Sample:
    -
    1
    -
    -
    - default_cache_behavior - -
    - complex -
    -     		always -
    Default cache behavior.
    -
    -
      -
    - allowed_methods - -
    - complex -
    -     		always -
    Methods allowed by the cache behavior.
    -
    -
       -
    - cached_methods - -
    - complex -
    -     		always -
    Methods cached by the cache behavior.
    -
    -
        -
    - items - -
    - list -
    -     		always -
    List of cached methods.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of cached methods.
    -
    -
    Sample:
    -
    2
    -
       -
    - items - -
    - list -
    -     		always -
    List of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    -
       -
    - quantity - -
    - integer -
    -     		always -
    Count of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    2
    -
      -
    - compress - -
    - boolean -
    -     		always -
    Whether compression is turned on for the cache behavior.
    -
    -
      -
    - default_ttl - -
    - integer -
    -     		always -
    Default Time to Live of the cache behavior.
    -
    -
    Sample:
    -
    86400
    -
      -
    - forwarded_values - -
    - complex -
    -     		always -
    Values forwarded to the origin for this cache behavior.
    -
    -
       -
    - cookies - -
    - complex -
    -     		always -
    Cookies to forward to the origin.
    -
    -
        -
    - forward - -
    - string -
    -     		always -
    Which cookies to forward to the origin for this cache behavior.
    -
    -
    Sample:
    -
    none
    -
        -
    - whitelisted_names - -
    - complex -
    -     		when forward=whitelist -
    The names of the cookies to forward to the origin for this cache behavior.
    -
    -
         -
    - items - -
    - list -
    -     		when list is not empty -
    List of cookies to forward.
    -
    -
    Sample:
    -
    my_cookie
    -
         -
    - quantity - -
    - integer -
    -     		always -
    Count of cookies to forward.
    -
    -
    Sample:
    -
    1
    -
       -
    - headers - -
    - complex -
    -     		always -
    Which headers are used to vary on cache retrievals.
    -
    -
        -
    - items - -
    - list -
    -     		when list is not empty -
    List of headers to vary on.
    -
    -
    Sample:
    -
    ['Host']
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of headers to vary on.
    -
    -
    Sample:
    -
    1
    -
       -
    - query_string - -
    - boolean -
    -     		always -
    Whether the query string is used in cache lookups.
    -
    -
       -
    - query_string_cache_keys - -
    - complex -
    -     		always -
    Which query string keys to use in cache lookups.
    -
    -
        -
    - items - -
    - list -
    -     		when list is not empty -
    List of query string cache keys to use in cache lookups.
    -
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of query string cache keys to use in cache lookups.
    -
    -
    Sample:
    -
    1
    -
      -
    - lambda_function_associations - -
    - complex -
    -     		always -
    Lambda function associations for a cache behavior.
    -
    -
       -
    - items - -
    - list -
    -     		when list is not empty -
    List of lambda function associations.
    -
    -
    Sample:
    -
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    -
       -
    - quantity - -
    - integer -
    -     		always -
    Count of lambda function associations.
    -
    -
    Sample:
    -
    1
    -
      -
    - max_ttl - -
    - integer -
    -     		always -
    Maximum Time to Live.
    -
    -
    Sample:
    -
    31536000
    -
      -
    - min_ttl - -
    - integer -
    -     		always -
    Minimum Time to Live.
    -
    -
      -
    - path_pattern - -
    - string -
    -     		always -
    Path pattern that determines this cache behavior.
    -
    -
    Sample:
    -
    /path/to/files/*
    -
      -
    - smooth_streaming - -
    - boolean -
    -     		always -
    Whether smooth streaming is enabled.
    -
    -
      -
    - target_origin_id - -
    - string -
    -     		always -
    ID of origin reference by this cache behavior.
    -
    -
    Sample:
    -
    origin_abcd
    -
      -
    - trusted_signers - -
    - complex -
    -     		always -
    Trusted signers.
    -
    -
       -
    - enabled - -
    - boolean -
    -     		always -
    Whether trusted signers are enabled for this cache behavior.
    -
    -
       -
    - quantity - -
    - integer -
    -     		always -
    Count of trusted signers.
    -
    -
    Sample:
    -
    1
    -
      -
    - viewer_protocol_policy - -
    - string -
    -     		always -
    Policy of how to handle http/https.
    -
    -
    Sample:
    -
    redirect-to-https
    -
    -
    - default_root_object - -
    - string -
    -     		always -
    The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution.
    -
    -
    -
    - diff - -
    - dictionary -
    -     		always -
    Difference between previous configuration and new configuration.
    -
    -
    -
    - domain_name - -
    - string -
    -     		always -
    Domain name of CloudFront distribution.
    -
    -
    Sample:
    -
    d1vz8pzgurxosf.cloudfront.net
    -
    -
    - enabled - -
    - boolean -
    -     		always -
    Whether the CloudFront distribution is enabled or not.
    -
    -
    Sample:
    -
    True
    -
    -
    - http_version - -
    - string -
    -     		always -
    Version of HTTP supported by the distribution.
    -
    -
    Sample:
    -
    http2
    -
    -
    - id - -
    - string -
    -     		always -
    CloudFront distribution ID.
    -
    -
    Sample:
    -
    E123456ABCDEFG
    -
    -
    - in_progress_invalidation_batches - -
    - integer -
    -     		always -
    The number of invalidation batches currently in progress.
    -
    -
    -
    - is_ipv6_enabled - -
    - boolean -
    -     		always -
    Whether IPv6 is enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - last_modified_time - -
    - string -
    -     		always -
    Date and time distribution was last modified.
    -
    -
    Sample:
    -
    2017-10-13T01:51:12.656000+00:00
    -
    -
    - logging - -
    - complex -
    -     		always -
    Logging information.
    -
    -
      -
    - bucket - -
    - string -
    -     		always -
    S3 bucket logging destination.
    -
    -
    Sample:
    -
    logs-example-com.s3.amazonaws.com
    -
      -
    - enabled - -
    - boolean -
    -     		always -
    Whether logging is enabled.
    -
    -
    Sample:
    -
    True
    -
      -
    - include_cookies - -
    - boolean -
    -     		always -
    Whether to log cookies.
    -
    -
      -
    - prefix - -
    - string -
    -     		always -
    Prefix added to logging object names.
    -
    -
    Sample:
    -
    cloudfront/test
    -
    -
    - origins - -
    - complex -
    -     		always -
    Origins in the CloudFront distribution.
    -
    -
      -
    - items - -
    - complex -
    -     		always -
    List of origins.
    -
    -
       -
    - custom_headers - -
    - complex -
    -     		always -
    Custom headers passed to the origin.
    -
    -
        -
    - quantity - -
    - integer -
    -     		always -
    Count of headers.
    -
    -
    Sample:
    -
    1
    -
       -
    - custom_origin_config - -
    - complex -
    -     		always -
    Configuration of the origin.
    -
    -
        -
    - http_port - -
    - integer -
    -     		always -
    Port on which HTTP is listening.
    -
    -
    Sample:
    -
    80
    -
        -
    - https_port - -
    - integer -
    -     		always -
    Port on which HTTPS is listening.
    -
    -
    Sample:
    -
    443
    -
        -
    - origin_keepalive_timeout - -
    - integer -
    -     		always -
    Keep-alive timeout.
    -
    -
    Sample:
    -
    5
    -
        -
    - origin_protocol_policy - -
    - string -
    -     		always -
    Policy of which protocols are supported.
    -
    -
    Sample:
    -
    https-only
    -
        -
    - origin_read_timeout - -
    - integer -
    -     		always -
    Timeout for reads to the origin.
    -
    -
    Sample:
    -
    30
    -
        -
    - origin_ssl_protocols - -
    - complex -
    -     		always -
    SSL protocols allowed by the origin.
    -
    -
         -
    - items - -
    - list -
    -     		always -
    List of SSL protocols.
    -
    -
    Sample:
    -
    ['TLSv1', 'TLSv1.1', 'TLSv1.2']
    -
         -
    - quantity - -
    - integer -
    -     		always -
    Count of SSL protocols.
    -
    -
    Sample:
    -
    3
    -
       -
    - domain_name - -
    - string -
    -     		always -
    Domain name of the origin.
    -
    -
    Sample:
    -
    test-origin.example.com
    -
       -
    - id - -
    - string -
    -     		always -
    ID of the origin.
    -
    -
    Sample:
    -
    test-origin.example.com
    -
       -
    - origin_path - -
    - string -
    -     		always -
    Subdirectory to prefix the request from the S3 or HTTP origin.
    -
    -
      -
    - quantity - -
    - integer -
    -     		always -
    Count of origins.
    -
    -
    Sample:
    -
    1
    -
    -
    - price_class - -
    - string -
    -     		always -
    Price class of CloudFront distribution.
    -
    -
    Sample:
    -
    PriceClass_All
    -
    -
    - restrictions - -
    - complex -
    -     		always -
    Restrictions in use by CloudFront.
    -
    -
      -
    - geo_restriction - -
    - complex -
    -     		always -
    Controls the countries in which your content is distributed.
    -
    -
       -
    - items - -
    - list -
    -     		always -
    List of country codes allowed or disallowed.
    -
    -
    Sample:
    -
    xy
    -
       -
    - quantity - -
    - integer -
    -     		always -
    Count of restrictions.
    -
    -
    Sample:
    -
    1
    -
       -
    - restriction_type - -
    - string -
    -     		always -
    Type of restriction.
    -
    -
    Sample:
    -
    blacklist
    -
    -
    - status - -
    - string -
    -     		always -
    Status of the CloudFront distribution.
    -
    -
    Sample:
    -
    InProgress
    -
    -
    - tags - -
    - dictionary -
    -     		always -
    Distribution tags.
    -
    -
    Sample:
    -
    {'Hello': 'World'}
    -
    -
    - viewer_certificate - -
    - complex -
    -     		always -
    Certificate used by CloudFront distribution.
    -
    -
      -
    - acm_certificate_arn - -
    - string -
    -     		when certificate comes from ACM -
    ARN of ACM certificate.
    -
    -
    Sample:
    -
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    -
      -
    - certificate - -
    - string -
    -     		always -
    Reference to certificate.
    -
    -
    Sample:
    -
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    -
      -
    - certificate_source - -
    - string -
    -     		always -
    Where certificate comes from.
    -
    -
    Sample:
    -
    acm
    -
      -
    - minimum_protocol_version - -
    - string -
    -     		always -
    Minimum SSL/TLS protocol supported by this distribution.
    -
    -
    Sample:
    -
    TLSv1
    -
      -
    - ssl_support_method - -
    - string -
    -     		always -
    Support for pre-SNI browsers or not.
    -
    -
    Sample:
    -
    sni-only
    -
    -
    - web_acl_id - -
    - string -
    -     		always -
    ID of Web Access Control List (from WAF service).
    -
    -
    Sample:
    -
    abcd1234-1234-abcd-abcd-abcd12345678
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Willem van Ketwich (@wilvk) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_info.rst b/docs/community.aws.cloudfront_info.rst deleted file mode 100644 index a3282a26f2f..00000000000 --- a/docs/community.aws.cloudfront_info.rst +++ /dev/null @@ -1,777 +0,0 @@ -:orphan: - -.. _community.aws.cloudfront_info_module: - - -***************************** -community.aws.cloudfront_info -***************************** - -**Obtain facts about an AWS CloudFront distribution** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gets information about an AWS CloudFront distribution. -- This module was called ``cloudfront_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.cloudfront_info ` module no longer returns ``ansible_facts``! - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.0.0 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - all_lists - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get all CloudFront lists that do not require parameters.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - distribution - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about a distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    -
    - distribution_config - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get the configuration information about a distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    -
    - distribution_id - -
    - string -
    -     		- -
    The id of the CloudFront distribution. Used with distribution, distribution_config, invalidation, streaming_distribution, streaming_distribution_config, list_invalidations.
    -
    -
    - domain_name_alias - -
    - string -
    -     		- -
    Can be used instead of distribution_id - uses the aliased CNAME for the CloudFront distribution to get the distribution id where required.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - invalidation - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about an invalidation.
    -
    Requires invalidation_id to be specified.
    -
    -
    - invalidation_id - -
    - string -
    -     		- -
    The id of the invalidation to get information about.
    -
    Used with invalidation.
    -
    -
    - list_distributions - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of CloudFront distributions.
    -
    -
    - list_distributions_by_web_acl_id - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of distributions using web acl id as a filter.
    -
    Requires web_acl_id to be set.
    -
    -
    - list_invalidations - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of invalidations.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    -
    - list_origin_access_identities - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of CloudFront origin access identities.
    -
    Requires origin_access_identity_id to be set.
    -
    -
    - list_streaming_distributions - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of streaming distributions.
    -
    -
    - origin_access_identity - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about an origin access identity.
    -
    Requires origin_access_identity_id to be specified.
    -
    -
    - origin_access_identity_config - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get the configuration information about an origin access identity.
    -
    Requires origin_access_identity_id to be specified.
    -
    -
    - origin_access_identity_id - -
    - string -
    -     		- -
    The id of the CloudFront origin access identity to get information about.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - streaming_distribution - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about a specified RTMP distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    -
    - streaming_distribution_config - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get the configuration information about a specified RTMP distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    -
    - summary - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Returns a summary of all distributions, streaming distributions and origin_access_identities.
    -
    This is the default behaviour if no option is selected.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Get a summary of distributions - community.aws.cloudfront_info: - summary: true - register: result - - - name: Get information about a distribution - community.aws.cloudfront_info: - distribution: true - distribution_id: my-cloudfront-distribution-id - register: result_did - - debug: - msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" - - - name: Get information about a distribution using the CNAME of the cloudfront distribution. - community.aws.cloudfront_info: - distribution: true - domain_name_alias: www.my-website.com - register: result_website - - debug: - msg: "{{ result_website['cloudfront']['www.my-website.com'] }}" - - # When the module is called as cloudfront_facts, return values are published - # in ansible_facts['cloudfront'][] and can be used as follows. - # Note that this is deprecated and will stop working in Ansible 2.13. - - name: Gather facts - community.aws.cloudfront_facts: - distribution: true - distribution_id: my-cloudfront-distribution-id - - debug: - msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" - - - community.aws.cloudfront_facts: - distribution: true - domain_name_alias: www.my-website.com - - debug: - msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" - - - name: Get all information about an invalidation for a distribution. - community.aws.cloudfront_info: - invalidation: true - distribution_id: my-cloudfront-distribution-id - invalidation_id: my-cloudfront-invalidation-id - - - name: Get all information about a CloudFront origin access identity. - community.aws.cloudfront_info: - origin_access_identity: true - origin_access_identity_id: my-cloudfront-origin-access-identity-id - - - name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) - community.aws.cloudfront_info: - origin_access_identity: true - origin_access_identity_id: my-cloudfront-origin-access-identity-id - - - name: Get all information about lists not requiring parameters (ie. list_origin_access_identities, list_distributions, list_streaming_distributions) - community.aws.cloudfront_info: - all_lists: true - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - distribution - -
    - dictionary -
    -     		only if distribution is true -
    Facts about a CloudFront distribution. Requires distribution_id or domain_name_alias to be specified. Requires origin_access_identity_id to be set.
    -
    -
    -
    - distribution_config - -
    - dictionary -
    -     		only if distribution_config is true -
    Facts about a CloudFront distribution's config. Requires distribution_id or domain_name_alias to be specified.
    -
    -
    -
    - invalidation - -
    - dictionary -
    -     		only if invalidation is true -
    Describes the invalidation information for the distribution. Requires invalidation_id to be specified and either distribution_id or domain_name_alias.
    -
    -
    -
    - origin_access_identity - -
    - dictionary -
    -     		only if origin_access_identity is true -
    Describes the origin access identity information. Requires origin_access_identity_id to be set.
    -
    -
    -
    - origin_access_identity_configuration - -
    - dictionary -
    -     		only if origin_access_identity_configuration is true -
    Describes the origin access identity information configuration information. Requires origin_access_identity_id to be set.
    -
    -
    -
    - result - -
    - dictionary -
    -     		always -
    Result dict not nested under the CloudFront ID to access results of module without the knowledge of that id as figuring out the DistributionId is usually the reason one uses this module in the first place.
    -
    -
    -
    - streaming_distribution - -
    - dictionary -
    -     		only if streaming_distribution is true -
    Describes the streaming information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    -
    -
    -
    - streaming_distribution_config - -
    - dictionary -
    -     		only if streaming_distribution_config is true -
    Describes the streaming configuration information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    -
    -
    -
    - summary - -
    - dictionary -
    -     		as default or if summary is true -
    Gives a summary of distributions, streaming distributions and origin access identities.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Willem van Ketwich (@wilvk) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_invalidation.rst b/docs/community.aws.cloudfront_invalidation.rst deleted file mode 100644 index 00e8bc1e774..00000000000 --- a/docs/community.aws.cloudfront_invalidation.rst +++ /dev/null @@ -1,508 +0,0 @@ -:orphan: - -.. _community.aws.cloudfront_invalidation_module: - - -************************************* -community.aws.cloudfront_invalidation -************************************* - -**create invalidations for AWS CloudFront distributions** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for invalidation of a batch of paths for a CloudFront distribution. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.0.0 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - alias - -
    - string -
    -     		- -
    The alias of the CloudFront distribution to invalidate paths for. Can be specified instead of distribution_id.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - caller_reference - -
    - string -
    -     		- Default:
    null
    -     		-
    A unique reference identifier for the invalidation paths.
    -
    Defaults to current datetime stamp.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - distribution_id - -
    - string -
    -     		- -
    The ID of the CloudFront distribution to invalidate paths for. Can be specified instead of the alias.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - target_paths - -
    - list - / elements=string / required
    -     		- -
    A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*'
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - does not support check mode - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - - name: create a batch of invalidations using a distribution_id for a reference - community.aws.cloudfront_invalidation: - distribution_id: E15BU8SDCGSG57 - caller_reference: testing 123 - target_paths: - - /testpathone/test1.css - - /testpathtwo/test2.js - - /testpaththree/test3.ss - - - name: create a batch of invalidations using an alias as a reference and one path using a wildcard match - community.aws.cloudfront_invalidation: - alias: alias.test.com - caller_reference: testing 123 - target_paths: - - /testpathone/test4.css - - /testpathtwo/test5.js - - /testpaththree/* - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - invalidation - -
    - complex -
    -     		always -
    The invalidation's information.
    -
    -
      -
    - create_time - -
    - string -
    -     		always -
    The date and time the invalidation request was first made.
    -
    -
    Sample:
    -
    2018-02-01T15:50:41.159000+00:00
    -
      -
    - id - -
    - string -
    -     		always -
    The identifier for the invalidation request.
    -
    -
    Sample:
    -
    I2G9MOWJZFV612
    -
      -
    - invalidation_batch - -
    - complex -
    -     		always -
    The current invalidation information for the batch request.
    -
    -
       -
    - caller_reference - -
    - string -
    -     		always -
    The value used to uniquely identify an invalidation request.
    -
    -
    Sample:
    -
    testing 123
    -
       -
    - paths - -
    - complex -
    -     		always -
    A dict that contains information about the objects that you want to invalidate.
    -
    -
        -
    - items - -
    - list -
    -     		always -
    A list of the paths that you want to invalidate.
    -
    -
    Sample:
    -
    ['/testpathtwo/test2.js', '/testpathone/test1.css', '/testpaththree/test3.ss']
    -
        -
    - quantity - -
    - integer -
    -     		always -
    The number of objects that you want to invalidate.
    -
    -
    Sample:
    -
    3
    -
      -
    - status - -
    - string -
    -     		always -
    The status of the invalidation request.
    -
    -
    Sample:
    -
    Completed
    -
    -
    - location - -
    - string -
    -     		always -
    The fully qualified URI of the distribution and invalidation batch request.
    -
    -
    Sample:
    -
    https://cloudfront.amazonaws.com/2017-03-25/distribution/E1ZID6KZJECZY7/invalidation/I2G9MOWJZFV622
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Willem van Ketwich (@wilvk) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudfront_origin_access_identity.rst b/docs/community.aws.cloudfront_origin_access_identity.rst deleted file mode 100644 index a34b6629eec..00000000000 --- a/docs/community.aws.cloudfront_origin_access_identity.rst +++ /dev/null @@ -1,458 +0,0 @@ -:orphan: - -.. _community.aws.cloudfront_origin_access_identity_module: - - -*********************************************** -community.aws.cloudfront_origin_access_identity -*********************************************** - -**Create, update and delete origin access identities for a CloudFront distribution** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for easy creation, updating and deletion of origin access identities. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.0.0 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - caller_reference - -
    - string -
    -     		- -
    A unique identifier to reference the origin access identity by.
    -
    -
    - comment - -
    - string -
    -     		- -
    A comment to describe the CloudFront origin access identity.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - origin_access_identity_id - -
    - string -
    -     		- -
    The origin_access_identity_id of the CloudFront distribution.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    If the named resource should exist.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - Does not support check mode. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - - name: create an origin access identity - community.aws.cloudfront_origin_access_identity: - state: present - caller_reference: this is an example reference - comment: this is an example comment - - - name: update an existing origin access identity using caller_reference as an identifier - community.aws.cloudfront_origin_access_identity: - origin_access_identity_id: E17DRN9XUOAHZX - caller_reference: this is an example reference - comment: this is a new comment - - - name: delete an existing origin access identity using caller_reference as an identifier - community.aws.cloudfront_origin_access_identity: - state: absent - caller_reference: this is an example reference - comment: this is a new comment - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - cloud_front_origin_access_identity - -
    - complex -
    -     		always -
    The origin access identity's information.
    -
    -
      -
    - cloud_front_origin_access_identity_config - -
    - complex -
    -     		always -
    describes a url specifying the origin access identity.
    -
    -
       -
    - caller_reference - -
    - string -
    -     		always -
    a caller reference for the oai
    -
    -
       -
    - comment - -
    - string -
    -     		always -
    a comment describing the oai
    -
    -
      -
    - id - -
    - string -
    -     		always -
    a unique identifier of the oai
    -
    -
      -
    - s3_canonical_user_id - -
    - string -
    -     		always -
    the canonical user ID of the user who created the oai
    -
    -
    -
    - e_tag - -
    - string -
    -     		always -
    The current version of the origin access identity created.
    -
    -
    -
    - location - -
    - string -
    -     		when initially created -
    The fully qualified URI of the new origin access identity just created.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Willem van Ketwich (@wilvk) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudtrail.rst b/docs/community.aws.cloudtrail.rst deleted file mode 100644 index ae4563c0291..00000000000 --- a/docs/community.aws.cloudtrail.rst +++ /dev/null @@ -1,853 +0,0 @@ -:orphan: - -.. _community.aws.cloudtrail_module: - - -************************ -community.aws.cloudtrail -************************ - -**manage CloudTrail create, delete, update** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, deletes, or updates CloudTrail configuration. Ensures logging is also enabled. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cloudwatch_logs_log_group_arn - -
    - string -
    -     		- -
    A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.
    - -
    Required when cloudwatch_logs_role_arn.
    -
    -
    - cloudwatch_logs_role_arn - -
    - string -
    -     		- -
    Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.
    - -
    Required when cloudwatch_logs_log_group_arn.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - enable_log_file_validation - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies whether log file integrity validation is enabled.
    -
    CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.
    -

    aliases: log_file_validation_enabled
    -
    -
    - enable_logging - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
    -
    -
    - include_global_events - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Record API calls from global services such as IAM and STS.
    -

    aliases: include_global_service_events
    -
    -
    - is_multi_region_trail - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specify whether the trail belongs only to one region or exists in all regions.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.
    -
    The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
    - -
    -
    - name - -
    - string -
    -     		- Default:
    "default"
    -     		-
    Name for the CloudTrail.
    -
    Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - s3_bucket_name - -
    - string -
    -     		- -
    An existing S3 bucket where CloudTrail will deliver log files.
    -
    This bucket should exist and have the proper policy.
    - -
    Required when state=present.
    -
    -
    - s3_key_prefix - -
    - string -
    -     		- -
    S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - sns_topic_name - -
    - string -
    -     		- -
    SNS Topic name to send notifications to when a log file is delivered.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • enabled
      • -
    • disabled
      • -
    -     		-
    Add or remove CloudTrail configuration.
    -
    The following states have been preserved for backwards compatibility: state=enabled and state=disabled.
    -
    state=enabled is equivalet to state=present.
    -
    state=disabled is equivalet to state=absent.
    -
    -
    - tags - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A hash/dictionary of tags to be applied to the CloudTrail resource.
    -
    Remove completely or specify an empty dictionary to remove all tags.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: create single region cloudtrail - community.aws.cloudtrail: - state: present - name: default - s3_bucket_name: mylogbucket - s3_key_prefix: cloudtrail - region: us-east-1 - - - name: create multi-region trail with validation and tags - community.aws.cloudtrail: - state: present - name: default - s3_bucket_name: mylogbucket - region: us-east-1 - is_multi_region_trail: true - enable_log_file_validation: true - cloudwatch_logs_role_arn: "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role" - cloudwatch_logs_log_group_arn: "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*" - kms_key_id: "alias/MyAliasName" - tags: - environment: dev - Name: default - - - name: show another valid kms_key_id - community.aws.cloudtrail: - state: present - name: default - s3_bucket_name: mylogbucket - kms_key_id: "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012" - # simply "12345678-1234-1234-1234-123456789012" would be valid too. - - - name: pause logging the trail we just created - community.aws.cloudtrail: - state: present - name: default - enable_logging: false - s3_bucket_name: mylogbucket - region: us-east-1 - is_multi_region_trail: true - enable_log_file_validation: true - tags: - environment: dev - Name: default - - - name: delete a trail - community.aws.cloudtrail: - state: absent - name: default - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - exists - -
    - boolean -
    -     		always -
    whether the resource exists
    -
    -
    Sample:
    -
    True
    -
    -
    - trail - -
    - complex -
    -     		always -
    CloudTrail resource details
    -
    -
    Sample:
    -
    hash/dictionary of values
    -
      -
    - cloud_watch_logs_log_group_arn - -
    - string -
    -     		success when present -
    Full ARN of the CloudWatch Logs log group where events are delivered.
    -
    -
    Sample:
    -
    arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*
    -
      -
    - cloud_watch_logs_role_arn - -
    - string -
    -     		success when present -
    Full ARN of the IAM role that CloudTrail assumes to deliver events.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role
    -
      -
    - has_custom_event_selectors - -
    - boolean -
    -     		success -
    Whether any custom event selectors are used for this trail.
    -
    -
      -
    - home_region - -
    - string -
    -     		success -
    The home region where the trail was originally created and must be edited.
    -
    -
    Sample:
    -
    us-east-1
    -
      -
    - include_global_service_events - -
    - boolean -
    -     		success -
    Whether global services (IAM, STS) are logged with this trail
    -
    -
    Sample:
    -
    True
    -
      -
    - is_logging - -
    - boolean -
    -     		success -
    Whether logging is turned on or paused for the Trail
    -
    -
    Sample:
    -
    True
    -
      -
    - is_multi_region_trail - -
    - boolean -
    -     		success -
    Whether the trail applies to all regions or just one
    -
    -
    Sample:
    -
    True
    -
      -
    - kms_key_id - -
    - string -
    -     		success when present -
    Full ARN of the KMS Key used to encrypt log files.
    -
    -
    Sample:
    -
    arn:aws:kms::123456789012:key/12345678-1234-1234-1234-123456789012
    -
      -
    - log_file_validation_enabled - -
    - boolean -
    -     		success -
    Whether log file validation is enabled on the trail
    -
    -
    Sample:
    -
    True
    -
      -
    - name - -
    - string -
    -     		success -
    Name of the CloudTrail resource
    -
    -
    Sample:
    -
    default
    -
      -
    - s3_bucket_name - -
    - string -
    -     		success -
    S3 bucket name where log files are delivered
    -
    -
    Sample:
    -
    myBucket
    -
      -
    - s3_key_prefix - -
    - string -
    -     		success when present -
    Key prefix in bucket where log files are delivered (if any)
    -
    -
    Sample:
    -
    myKeyPrefix
    -
      -
    - sns_topic_arn - -
    - string -
    -     		success when present -
    Full ARN of the SNS topic where log delivery notifications are sent.
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-1:123456789012:topic/myTopic
    -
      -
    - sns_topic_name - -
    - string -
    -     		success when present -
    The SNS topic name where log delivery notifications are sent.
    -
    -
    Sample:
    -
    myTopic
    -
      -
    - tags - -
    - dictionary -
    -     		success -
    hash/dictionary of tags applied to this resource
    -
    -
    Sample:
    -
    {'environment': 'dev', 'Name': 'default'}
    -
      -
    - trail_arn - -
    - string -
    -     		success -
    Full ARN of the CloudTrail resource
    -
    -
    Sample:
    -
    arn:aws:cloudtrail:us-east-1:123456789012:trail/default
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ansible Core Team -- Ted Timmons (@tedder) -- Daniel Shepherd (@shepdelacreme) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchevent_rule.rst b/docs/community.aws.cloudwatchevent_rule.rst deleted file mode 100644 index 4757a689f54..00000000000 --- a/docs/community.aws.cloudwatchevent_rule.rst +++ /dev/null @@ -1,546 +0,0 @@ -:orphan: - -.. _community.aws.cloudwatchevent_rule_module: - - -********************************** -community.aws.cloudwatchevent_rule -********************************** - -**Manage CloudWatch Event rules and targets** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module creates and manages CloudWatch event rules and targets. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A description of the rule.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - event_pattern - -
    - string -
    -     		- -
    A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match [\.\-_A-Za-z0-9]+).
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role associated with the rule.
    -
    -
    - schedule_expression - -
    - string -
    -     		- -
    A cron or rate expression that defines the schedule the rule will trigger on. For example, cron(0 20 * * ? *), rate(5 minutes).
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • disabled
      • -
    • absent
      • -
    -     		-
    Whether the rule is present (and enabled), disabled, or absent.
    -
    -
    - targets - -
    - list - / elements=dictionary
    -     		- -
    A list of targets to add to or update for the rule.
    -
    -
    - arn - -
    - string - / required
    -     		- -
    The ARN associated with the target.
    -
    -
    - ecs_parameters - -
    - dictionary -
    -     		- -
    Contains the ECS task definition and task count to be used, if the event target is an ECS task.
    -
    -
    - task_count - -
    - integer -
    -     		- -
    The number of tasks to create based on task_definition.
    -
    -
    - task_definition_arn - -
    - string -
    -     		- -
    The full ARN of the task definition.
    -
    -
    - id - -
    - string - / required
    -     		- -
    The unique target assignment ID.
    -
    -
    - input - -
    - string -
    -     		- -
    A JSON object that will override the event data when passed to the target.
    -
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    -
    -
    - input_path - -
    - string -
    -     		- -
    A JSONPath string (e.g. $.detail) that specifies the part of the event data to be passed to the target.
    -
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    -
    -
    - role_arn - -
    - string -
    -     		- -
    The ARN of the IAM role to be used for this target when the rule is triggered.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - A rule must contain at least an *event_pattern* or *schedule_expression*. A rule can have both an *event_pattern* and a *schedule_expression*, in which case the rule will trigger on matching events as well as on a schedule. - - When specifying targets, *input* and *input_path* are mutually-exclusive and optional parameters. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - community.aws.cloudwatchevent_rule: - name: MyCronTask - schedule_expression: "cron(0 20 * * ? *)" - description: Run my scheduled task - targets: - - id: MyTargetId - arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction - - - community.aws.cloudwatchevent_rule: - name: MyDisabledCronTask - schedule_expression: "rate(5 minutes)" - description: Run my disabled scheduled task - state: disabled - targets: - - id: MyOtherTargetId - arn: arn:aws:lambda:us-east-1:123456789012:function:MyFunction - input: '{"foo": "bar"}' - - - community.aws.cloudwatchevent_rule: - name: MyCronTask - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - rule - -
    - dictionary -
    -     		success -
    CloudWatch Event rule data.
    -
    -
    Sample:
    -
    {'arn': 'arn:aws:events:us-east-1:123456789012:rule/MyCronTask', 'description': 'Run my scheduled task', 'name': 'MyCronTask', 'schedule_expression': 'cron(0 20 * * ? *)', 'state': 'ENABLED'}
    -
    -
    - targets - -
    - list -
    -     		success -
    CloudWatch Event target(s) assigned to the rule.
    -
    -
    Sample:
    -
    [{ 'arn': 'arn:aws:lambda:us-east-1:123456789012:function:MyFunction', 'id': 'MyTargetId' }]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jim Dalton (@jsdalton) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchlogs_log_group.rst b/docs/community.aws.cloudwatchlogs_log_group.rst deleted file mode 100644 index 3b6b2213b88..00000000000 --- a/docs/community.aws.cloudwatchlogs_log_group.rst +++ /dev/null @@ -1,517 +0,0 @@ -:orphan: - -.. _community.aws.cloudwatchlogs_log_group_module: - - -************************************** -community.aws.cloudwatchlogs_log_group -************************************** - -**create or delete log_group in CloudWatchLogs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create or delete log_group in CloudWatchLogs. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    -
    -
    - log_group_name - -
    - string - / required
    -     		- -
    The name of the log group.
    -
    -
    - overwrite - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether an existing log group should be overwritten on create.
    -
    Mutually exclusive with purge_retention_policy.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_retention_policy - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to purge the retention policy or not.
    -
    Mutually exclusive with retention and overwrite.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - retention - -
    - integer -
    -     		- -
    The number of days to retain the log events in the specified log group.
    -
    Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
    -
    Mutually exclusive with purge_retention_policy.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the rule is present or absent.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    The key-value pairs to use for the tags.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/logs.html. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - community.aws.cloudwatchlogs_log_group: - log_group_name: test-log-group - - - community.aws.cloudwatchlogs_log_group: - state: present - log_group_name: test-log-group - tags: { "Name": "test-log-group", "Env" : "QA" } - - - community.aws.cloudwatchlogs_log_group: - state: present - log_group_name: test-log-group - tags: { "Name": "test-log-group", "Env" : "QA" } - kms_key_id: arn:aws:kms:region:account-id:key/key-id - - - community.aws.cloudwatchlogs_log_group: - state: absent - log_group_name: test-log-group - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - log_groups - -
    - complex -
    -     		success -
    Return the list of complex objects representing log groups
    -
    -
      -
    - arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the log group.
    -
    -
      -
    - creation_time - -
    - integer -
    -     		always -
    The creation time of the log group.
    -
    -
      -
    - kms_key_id - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    -
    -
      -
    - log_group_name - -
    - string -
    -     		always -
    The name of the log group.
    -
    -
      -
    - metric_filter_count - -
    - integer -
    -     		always -
    The number of metric filters.
    -
    -
      -
    - retention_in_days - -
    - integer -
    -     		always -
    The number of days to retain the log events in the specified log group.
    -
    -
      -
    - stored_bytes - -
    - string -
    -     		always -
    The number of bytes stored.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Willian Ricardo (@willricardo) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchlogs_log_group_info.rst b/docs/community.aws.cloudwatchlogs_log_group_info.rst deleted file mode 100644 index 8fcda96b250..00000000000 --- a/docs/community.aws.cloudwatchlogs_log_group_info.rst +++ /dev/null @@ -1,393 +0,0 @@ -:orphan: - -.. _community.aws.cloudwatchlogs_log_group_info_module: - - -******************************************* -community.aws.cloudwatchlogs_log_group_info -******************************************* - -**Get information about log_group in CloudWatchLogs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Lists the specified log groups. You can list all your log groups or filter the results by prefix. -- This module was called ``cloudwatchlogs_log_group_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - log_group_name - -
    - string -
    -     		- -
    The name or prefix of the log group to filter by.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - community.aws.cloudwatchlogs_log_group_info: - log_group_name: test-log-group - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - log_groups - -
    - complex -
    -     		success -
    Return the list of complex objects representing log groups
    -
    -
      -
    - arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the log group.
    -
    -
      -
    - creation_time - -
    - integer -
    -     		always -
    The creation time of the log group.
    -
    -
      -
    - kms_key_id - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    -
    -
      -
    - log_group_name - -
    - string -
    -     		always -
    The name of the log group.
    -
    -
      -
    - metric_filter_count - -
    - integer -
    -     		always -
    The number of metric filters.
    -
    -
      -
    - retention_in_days - -
    - integer -
    -     		always -
    The number of days to retain the log events in the specified log group.
    -
    -
      -
    - stored_bytes - -
    - string -
    -     		always -
    The number of bytes stored.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Willian Ricardo (@willricardo) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst deleted file mode 100644 index 8add2e756e4..00000000000 --- a/docs/community.aws.cloudwatchlogs_log_group_metric_filter.rst +++ /dev/null @@ -1,424 +0,0 @@ -:orphan: - -.. _community.aws.cloudwatchlogs_log_group_metric_filter_module: - - -**************************************************** -community.aws.cloudwatchlogs_log_group_metric_filter -**************************************************** - -**Manage CloudWatch log group metric filter** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, modify and delete CloudWatch log group metric filter. -- CloudWatch log group metric filter can be use with :ref:`community.aws.ec2_metric_alarm `. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filter_name - -
    - string - / required
    -     		- -
    A name for the metric filter you create.
    -
    -
    - filter_pattern - -
    - string -
    -     		- -
    A filter pattern for extracting metric data out of ingested log events. Required when state=present.
    -
    -
    - log_group_name - -
    - string - / required
    -     		- -
    The name of the log group where the metric filter is applied on.
    -
    -
    - metric_transformation - -
    - dictionary -
    -     		- -
    A collection of information that defines how metric data gets emitted. Required when state=present.
    -
    -
    - default_value - -
    - float -
    -     		- -
    The value to emit when a filter pattern does not match a log event.
    -
    -
    - metric_name - -
    - string -
    -     		- -
    The name of the cloudWatch metric.
    -
    -
    - metric_namespace - -
    - string -
    -     		- -
    The namespace of the cloudWatch metric.
    -
    -
    - metric_value - -
    - string -
    -     		- -
    The value to publish to the cloudWatch metric when a filter pattern matches a log event.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Whether the rule is present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: set metric filter on log group /fluentd/testcase - community.aws.cloudwatchlogs_log_group_metric_filter: - log_group_name: /fluentd/testcase - filter_name: BoxFreeStorage - filter_pattern: '{($.value = *) && ($.hostname = "box")}' - state: present - metric_transformation: - metric_name: box_free_space - metric_namespace: fluentd_metrics - metric_value: "$.value" - - - name: delete metric filter on log group /fluentd/testcase - community.aws.cloudwatchlogs_log_group_metric_filter: - log_group_name: /fluentd/testcase - filter_name: BoxFreeStorage - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - metric_filters - -
    - list -
    -     		success -
    Return the origin response value
    -
    -
    Sample:
    -
    [{'default_value': 3.1415, 'metric_name': 'box_free_space', 'metric_namespace': 'made_with_ansible', 'metric_value': '$.value'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Markus Bergholz (@markuman) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.data_pipeline.rst b/docs/community.aws.data_pipeline.rst deleted file mode 100644 index 476f93b00dd..00000000000 --- a/docs/community.aws.data_pipeline.rst +++ /dev/null @@ -1,677 +0,0 @@ -:orphan: - -.. _community.aws.data_pipeline_module: - - -*************************** -community.aws.data_pipeline -*************************** - -**Create and manage AWS Datapipelines** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create and manage AWS Datapipelines. Creation is not idempotent in AWS, so the ``uniqueId`` is created by hashing the options (minus objects) given to the datapipeline. -- The pipeline definition must be in the format given here https://docs.aws.amazon.com/datapipeline/latest/APIReference/API_PutPipelineDefinition.html#API_PutPipelineDefinition_RequestSyntax. -- Operations will wait for a configurable amount of time to ensure the pipeline is in the requested state. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- Default:
    ""
    -     		-
    An optional description for the pipeline being created.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the Datapipeline to create/modify/delete.
    -
    -
    - objects - -
    - list - / elements=dictionary
    -     		- -
    A list of pipeline object definitions, each of which is a dict that takes the keys id, name and fields.
    -
    -
    - fields - -
    - list - / elements=dictionary
    -     		- -
    Key-value pairs that define the properties of the object.
    -
    The value is specified as a reference to another object refValue or as a string value stringValue but not as both.
    -
    -
    - key - -
    - string -
    -     		- -
    The field identifier.
    -
    -
    - refValue - -
    - string -
    -     		- -
    The field value, expressed as the identifier of another object.
    -
    Exactly one of stringValue and refValue may be specified.
    -
    -
    - stringValue - -
    - string -
    -     		- -
    The field value.
    -
    Exactly one of stringValue and refValue may be specified.
    -
    -
    - id - -
    - string -
    -     		- -
    The ID of the object.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the object.
    -
    -
    - parameters - -
    - list - / elements=dictionary
    -     		- -
    A list of parameter objects (dicts) in the pipeline definition.
    -
    -
    - attributes - -
    - list - / elements=dictionary
    -     		- -
    A list of attributes (dicts) of the parameter object.
    -
    -
    - key - -
    - string -
    -     		- -
    The field identifier.
    -
    -
    - stringValue - -
    - string -
    -     		- -
    The field value.
    -
    -
    - id - -
    - - -
    -     		- -
    The ID of the parameter object.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • active
      • -
    • inactive
      • -
    -     		-
    The requested state of the pipeline.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dict of key:value pair(s) to add to the pipeline.
    -
    -
    - timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - values - -
    - list - / elements=dictionary
    -     		- -
    A list of parameter values (dicts) in the pipeline definition.
    -
    -
    - id - -
    - string -
    -     		- -
    The ID of the parameter value
    -
    -
    - stringValue - -
    - string -
    -     		- -
    The field value
    -
    -
    - version - -
    - string -
    -     		- -
    The version option has never had any effect and will be removed after 2022-06-01.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Create pipeline - - community.aws.data_pipeline: - name: test-dp - region: us-west-2 - objects: "{{pipelineObjects}}" - parameters: "{{pipelineParameters}}" - values: "{{pipelineValues}}" - tags: - key1: val1 - key2: val2 - state: present - - # Example populating and activating a pipeline that demonstrates two ways of providing pipeline objects - - community.aws.data_pipeline: - name: test-dp - objects: - - "id": "DefaultSchedule" - "name": "Every 1 day" - "fields": - - "key": "period" - "stringValue": "1 days" - - "key": "type" - "stringValue": "Schedule" - - "key": "startAt" - "stringValue": "FIRST_ACTIVATION_DATE_TIME" - - "id": "Default" - "name": "Default" - "fields": [ { "key": "resourceRole", "stringValue": "my_resource_role" }, - { "key": "role", "stringValue": "DataPipelineDefaultRole" }, - { "key": "pipelineLogUri", "stringValue": "s3://my_s3_log.txt" }, - { "key": "scheduleType", "stringValue": "cron" }, - { "key": "schedule", "refValue": "DefaultSchedule" }, - { "key": "failureAndRerunMode", "stringValue": "CASCADE" } ] - state: active - - # Activate pipeline - - community.aws.data_pipeline: - name: test-dp - region: us-west-2 - state: active - - # Delete pipeline - - community.aws.data_pipeline: - name: test-dp - region: us-west-2 - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    whether the data pipeline has been modified
    -
    -
    Sample:
    -
    {'changed': True}
    -
    -
    - result - -
    - dictionary -
    -     		always -
    Contains the data pipeline data (data_pipeline) and a return message (msg). If the data pipeline exists data_pipeline will contain the keys description, name, pipeline_id, state, tags, and unique_id. If the data pipeline does not exist then data_pipeline will be an empty dict. The msg describes the status of the operation.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Raghu Udiyar (@raags) -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dms_endpoint.rst b/docs/community.aws.dms_endpoint.rst deleted file mode 100644 index 22f3e63fabf..00000000000 --- a/docs/community.aws.dms_endpoint.rst +++ /dev/null @@ -1,653 +0,0 @@ -:orphan: - -.. _community.aws.dms_endpoint_module: - - -************************** -community.aws.dms_endpoint -************************** - -**Creates or destroys a data migration services endpoint** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates or destroys a data migration services endpoint, that can be used to replicate data. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - certificatearn - -
    - string -
    -     		- -
    Amazon Resource Name (ARN) for the certificate.
    -
    -
    - databasename - -
    - string -
    -     		- -
    Name for the database on the origin or target side.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - dmstransfersettings - -
    - dictionary -
    -     		- -
    The settings in JSON format for the DMS transfer type of source endpoint.
    -
    -
    - dynamodbsettings - -
    - dictionary -
    -     		- -
    Settings in JSON format for the target Amazon DynamoDB endpoint if source or target is dynamodb.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - elasticsearchsettings - -
    - dictionary -
    -     		- -
    Settings in JSON format for the target Elasticsearch endpoint.
    -
    -
    - endpointidentifier - -
    - string - / required
    -     		- -
    An identifier name for the endpoint.
    -
    -
    - endpointtype - -
    - string - / required
    -     		-
      Choices: -
    • source
      • -
    • target
      • -
    -     		-
    Type of endpoint we want to manage.
    -
    -
    - enginename - -
    - string - / required
    -     		-
      Choices: -
    • mysql
      • -
    • oracle
      • -
    • postgres
      • -
    • mariadb
      • -
    • aurora
      • -
    • redshift
      • -
    • s3
      • -
    • db2
      • -
    • azuredb
      • -
    • sybase
      • -
    • dynamodb
      • -
    • mongodb
      • -
    • sqlserver
      • -
    -     		-
    Database engine that we want to use, please refer to the AWS DMS for more information on the supported engines and their limitations.
    -
    -
    - externaltabledefinition - -
    - string -
    -     		- -
    The external table definition.
    -
    -
    - extraconnectionattributes - -
    - string -
    -     		- -
    Extra attributes for the database connection, the AWS documentation states " For more information about extra connection attributes, see the documentation section for your data store."
    -
    -
    - kinesissettings - -
    - dictionary -
    -     		- -
    Settings in JSON format for the target Amazon Kinesis Data Streams endpoint.
    -
    -
    - kmskeyid - -
    - string -
    -     		- -
    Encryption key to use to encrypt replication storage and connection information.
    -
    -
    - mongodbsettings - -
    - dictionary -
    -     		- -
    Settings in JSON format for the source MongoDB endpoint.
    -
    -
    - password - -
    - string -
    -     		- -
    Password used to connect to the database this attribute can only be written the AWS API does not return this parameter.
    -
    -
    - port - -
    - integer -
    -     		- -
    TCP port for access to the database.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - retries - -
    - integer -
    -     		- -
    number of times we should retry when deleting a resource
    -
    Required when wait=true.
    -
    -
    - s3settings - -
    - dictionary -
    -     		- -
    S3 buckets settings for the target Amazon S3 endpoint.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - servername - -
    - string -
    -     		- -
    Servername that the endpoint will connect to.
    -
    -
    - serviceaccessrolearn - -
    - string -
    -     		- -
    Amazon Resource Name (ARN) for the service access role that you want to use to create the endpoint.
    -
    -
    - sslmode - -
    - string -
    -     		-
      Choices: -
    • none ←
      • -
    • require
      • -
    • verify-ca
      • -
    • verify-full
      • -
    -     		-
    Mode used for the SSL connection.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    State of the endpoint.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A list of tags to add to the endpoint.
    -
    -
    - timeout - -
    - integer -
    -     		- -
    Time in seconds we should wait for when deleting a resource.
    -
    Required when wait=true.
    -
    -
    - username - -
    - string -
    -     		- -
    Username our endpoint will use to connect to the database.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether Ansible should wait for the object to be deleted when state=absent.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details - - name: Endpoint Creation - community.aws.dms_endpoint: - state: absent - endpointidentifier: 'testsource' - endpointtype: source - enginename: aurora - username: testing1 - password: testint1234 - servername: testing.domain.com - port: 3306 - databasename: 'testdb' - sslmode: none - wait: false - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rui Moreira (@ruimoreira) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dms_replication_subnet_group.rst b/docs/community.aws.dms_replication_subnet_group.rst deleted file mode 100644 index 1999c3f18ed..00000000000 --- a/docs/community.aws.dms_replication_subnet_group.rst +++ /dev/null @@ -1,298 +0,0 @@ -:orphan: - -.. _community.aws.dms_replication_subnet_group_module: - - -****************************************** -community.aws.dms_replication_subnet_group -****************************************** - -**creates or destroys a data migration services subnet group** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates or destroys a data migration services subnet group. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string - / required
    -     		- -
    The description for the subnet group.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - identifier - -
    - string - / required
    -     		- -
    The name for the replication subnet group. This value is stored as a lowercase string. Must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens. Must not be "default".
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    State of the subnet group.
    -
    -
    - subnet_ids - -
    - list - / elements=string / required
    -     		- -
    A list containing the subnet ids for the replication subnet group, needs to be at least 2 items in the list.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - community.aws.dms_replication_subnet_group: - state: present - identifier: "dev-sngroup" - description: "Development Subnet Group asdasdas" - subnet_ids: ['subnet-id1','subnet-id2'] - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rui Moreira (@ruimoreira) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dynamodb_table.rst b/docs/community.aws.dynamodb_table.rst deleted file mode 100644 index ea16d293391..00000000000 --- a/docs/community.aws.dynamodb_table.rst +++ /dev/null @@ -1,638 +0,0 @@ -:orphan: - -.. _community.aws.dynamodb_table_module: - - -**************************** -community.aws.dynamodb_table -**************************** - -**Create, update or delete AWS Dynamo DB tables** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create or delete AWS Dynamo DB tables. -- Can update the provisioned throughput on existing tables. -- Returns the status of the specified table. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto >= 2.37.0 -- boto3 >= 1.4.4 (for tagging) -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - hash_key_name - -
    - string -
    -     		- -
    Name of the hash key.
    -
    Required when state=present.
    -
    -
    - hash_key_type - -
    - string -
    -     		-
      Choices: -
    • STRING ←
      • -
    • NUMBER
      • -
    • BINARY
      • -
    -     		-
    Type of the hash key.
    -
    -
    - indexes - -
    - list - / elements=dictionary
    -     		- Default:
    []
    -     		-
    list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.
    -
    required options: ['name', 'type', 'hash_key_name']
    -
    other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
    -
    -
    - hash_key_name - -
    - string - / required
    -     		- -
    The name of the hash-based key.
    -
    -
    - hash_key_type - -
    - string -
    -     		- -
    The type of the hash-based key.
    -
    -
    - includes - -
    - list -
    -     		- -
    A list of fields to include when using global_include or include indexes.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the index.
    -
    -
    - range_key_name - -
    - string -
    -     		- -
    The name of the range-based key.
    -
    -
    - range_key_type - -
    - string -
    -     		- -
    The type of the range-based key.
    -
    -
    - read_capacity - -
    - integer -
    -     		- -
    Read throughput capacity (units) to provision for the index.
    -
    -
    - type - -
    - string - / required
    -     		- -
    The type of index.
    -
    Valid types: all, global_all, global_include, global_keys_only, include, keys_only
    -
    -
    - write_capacity - -
    - integer -
    -     		- -
    Write throughput capacity (units) to provision for the index.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the table.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - range_key_name - -
    - string -
    -     		- -
    Name of the range key.
    -
    -
    - range_key_type - -
    - string -
    -     		-
      Choices: -
    • STRING ←
      • -
    • NUMBER
      • -
    • BINARY
      • -
    -     		-
    Type of the range key.
    -
    -
    - read_capacity - -
    - integer -
    -     		- Default:
    1
    -     		-
    Read throughput capacity (units) to provision.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete the table.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag.
    -
    For example: {"key":"value"} and {"key":"value","key2":"value2"}
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait_for_active_timeout - -
    - integer -
    -     		- Default:
    60
    -     		-
    how long before wait gives up, in seconds. only used when tags is set
    -
    -
    - write_capacity - -
    - integer -
    -     		- Default:
    1
    -     		-
    Write throughput capacity (units) to provision.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create dynamo table with hash and range primary key - community.aws.dynamodb_table: - name: my-table - region: us-east-1 - hash_key_name: id - hash_key_type: STRING - range_key_name: create_time - range_key_type: NUMBER - read_capacity: 2 - write_capacity: 2 - tags: - tag_name: tag_value - - - name: Update capacity on existing dynamo table - community.aws.dynamodb_table: - name: my-table - region: us-east-1 - read_capacity: 10 - write_capacity: 10 - - - name: set index on existing dynamo table - community.aws.dynamodb_table: - name: my-table - region: us-east-1 - indexes: - - name: NamedIndex - type: global_include - hash_key_name: id - range_key_name: create_time - includes: - - other_field - - other_field2 - read_capacity: 10 - write_capacity: 10 - - - name: Delete dynamo table - community.aws.dynamodb_table: - name: my-table - region: us-east-1 - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - table_status - -
    - string -
    -     		success -
    The current status of the table.
    -
    -
    Sample:
    -
    ACTIVE
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Alan Loi (@loia) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.dynamodb_ttl.rst b/docs/community.aws.dynamodb_ttl.rst deleted file mode 100644 index 748632fa818..00000000000 --- a/docs/community.aws.dynamodb_ttl.rst +++ /dev/null @@ -1,325 +0,0 @@ -:orphan: - -.. _community.aws.dynamodb_ttl_module: - - -************************** -community.aws.dynamodb_ttl -************************** - -**Set TTL for a given DynamoDB table** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Uses boto3 to set TTL. -- Requires botocore version 1.5.24 or higher. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore>=1.5.24 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - attribute_name - -
    - string - / required
    -     		- -
    The name of the Time To Live attribute used to store the expiration time for items in the table.
    -
    This appears to be required by the API even when disabling TTL.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • enable
      • -
    • disable
      • -
    -     		-
    State to set DynamoDB table to.
    -
    -
    - table_name - -
    - string - / required
    -     		- -
    Name of the DynamoDB table to work on.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: enable TTL on my cowfacts table - community.aws.dynamodb_ttl: - state: enable - table_name: cowfacts - attribute_name: cow_deleted_date - - - name: disable TTL on my cowfacts table - community.aws.dynamodb_ttl: - state: disable - table_name: cowfacts - attribute_name: cow_deleted_date - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - current_status - -
    - dictionary -
    -     		always -
    current or new TTL specification.
    -
    -
    Sample:
    -
    [{'AttributeName': 'deploy_timestamp', 'TimeToLiveStatus': 'ENABLED'}, {'AttributeName': 'deploy_timestamp', 'Enabled': True}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ted Timmons (@tedder) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_ami_copy.rst b/docs/community.aws.ec2_ami_copy.rst deleted file mode 100644 index 6d8861f4fab..00000000000 --- a/docs/community.aws.ec2_ami_copy.rst +++ /dev/null @@ -1,475 +0,0 @@ -:orphan: - -.. _community.aws.ec2_ami_copy_module: - - -************************** -community.aws.ec2_ami_copy -************************** - -**copies AMI between AWS regions, return new image id** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Copies AMI from a source region to a destination region. **Since version 2.3 this module depends on boto3.** - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    An optional human-readable string describing the contents and purpose of the new AMI.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - encrypted - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not the destination snapshots of the copied AMI should be encrypted.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
    -
    -
    - name - -
    - string -
    -     		- Default:
    "default"
    -     		-
    The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - source_image_id - -
    - string - / required
    -     		- -
    The ID of the AMI in source region that should be copied.
    -
    -
    - source_region - -
    - string - / required
    -     		- -
    The source region the AMI should be copied from.
    -
    -
    - tag_equality - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use tags if the source AMI already exists in the target region. If this is set, and all tags match in an existing AMI, the AMI will not be copied again.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new copied AMI: {"key":"value"} and {"key":"value","key":"value"}
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for the copied AMI to be in state 'available' before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    600
    -     		-
    How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
    -
    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Basic AMI Copy - community.aws.ec2_ami_copy: - source_region: us-east-1 - region: eu-west-1 - source_image_id: ami-xxxxxxx - - - name: AMI copy wait until available - community.aws.ec2_ami_copy: - source_region: us-east-1 - region: eu-west-1 - source_image_id: ami-xxxxxxx - wait: yes - wait_timeout: 1200 # Default timeout is 600 - register: image_id - - - name: Named AMI copy - community.aws.ec2_ami_copy: - source_region: us-east-1 - region: eu-west-1 - source_image_id: ami-xxxxxxx - name: My-Awesome-AMI - description: latest patch - - - name: Tagged AMI copy (will not copy the same AMI twice) - community.aws.ec2_ami_copy: - source_region: us-east-1 - region: eu-west-1 - source_image_id: ami-xxxxxxx - tags: - Name: My-Super-AMI - Patch: 1.2.3 - tag_equality: yes - - - name: Encrypted AMI copy - community.aws.ec2_ami_copy: - source_region: us-east-1 - region: eu-west-1 - source_image_id: ami-xxxxxxx - encrypted: yes - - - name: Encrypted AMI copy with specified key - community.aws.ec2_ami_copy: - source_region: us-east-1 - region: eu-west-1 - source_image_id: ami-xxxxxxx - encrypted: yes - kms_key_id: arn:aws:kms:us-east-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - image_id - -
    - string -
    -     		always -
    AMI ID of the copied AMI
    -
    -
    Sample:
    -
    ami-e689729e
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Amir Moulavi (@amir343) -- Tim C (@defunctio) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_asg.rst b/docs/community.aws.ec2_asg.rst deleted file mode 100644 index ef8eb7b9ac0..00000000000 --- a/docs/community.aws.ec2_asg.rst +++ /dev/null @@ -1,1408 +0,0 @@ -:orphan: - -.. _community.aws.ec2_asg_module: - - -********************* -community.aws.ec2_asg -********************* - -**Create or delete AWS AutoScaling Groups (ASGs)** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Can create or delete AWS AutoScaling Groups. -- Can be used with the :ref:`community.aws.ec2_lc ` module to manage Launch Configurations. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - availability_zones - -
    - list - / elements=string
    -     		- -
    List of availability zone names in which to create the group.
    -
    Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - default_cooldown - -
    - integer -
    -     		- Default:
    300
    -     		-
    The number of seconds after a scaling activity completes before another can begin.
    -
    -
    - desired_capacity - -
    - integer -
    -     		- -
    Desired number of instances in group, if unspecified then the current group value will be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - health_check_period - -
    - integer -
    -     		- Default:
    300
    -     		-
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    -
    -
    - health_check_type - -
    - string -
    -     		-
      Choices: -
    • EC2 ←
      • -
    • ELB
      • -
    -     		-
    The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
    -
    -
    - launch_config_name - -
    - string -
    -     		- -
    Name of the Launch configuration to use for the group. See the community.aws.ec2_lc) module for managing these.
    -
    If unspecified then the current group value will be used. One of launch_config_name or launch_template must be provided.
    -
    -
    - launch_template - -
    - dictionary -
    -     		- -
    Dictionary describing the Launch Template to use
    -
    -
    - launch_template_id - -
    - string -
    -     		- -
    The id of the launch template. Only one of launch_template_name or launch_template_id is required.
    -
    -
    - launch_template_name - -
    - string -
    -     		- -
    The name of the launch template. Only one of launch_template_name or launch_template_id is required.
    -
    -
    - version - -
    - string -
    -     		- -
    The version number of the launch template to use.
    -
    Defaults to latest version if not provided.
    -
    -
    - lc_check - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
    -
    -
    - load_balancers - -
    - list - / elements=string
    -     		- -
    List of ELB names to use for the group. Use for classic load balancers.
    -
    -
    - lt_check - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_template or I(launch_template version.
    -
    -
    - max_instance_lifetime - -
    - integer -
    -     		- -
    The maximum amount of time, in seconds, that an instance can be in service.
    -
    Maximum instance lifetime must be equal to 0, between 604800 and 31536000 seconds (inclusive), or not specified.
    -
    Value of 0 removes lifetime restriction.
    -
    -
    - max_size - -
    - integer -
    -     		- -
    Maximum number of instances in group, if unspecified then the current group value will be used.
    -
    -
    - metrics_collection - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enable ASG metrics collection.
    -
    -
    - metrics_granularity - -
    - string -
    -     		- Default:
    "1Minute"
    -     		-
    When metrics_collection=true this will determine the granularity of metrics collected by CloudWatch.
    -
    -
    - metrics_list - -
    - list - / elements=string
    -     		- Default:
    ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
    -     		-
    List of autoscaling metrics to collect when metrics_collection=true.
    -
    -
    - min_size - -
    - integer -
    -     		- -
    Minimum number of instances in group, if unspecified then the current group value will be used.
    -
    -
    - mixed_instances_policy - -
    - dictionary -
    -     		- -
    A mixed instance policy to use for the ASG.
    -
    Only used when the ASG is configured to use a Launch Template (launch_template).
    - -
    -
    - instance_types - -
    - list - / elements=string
    -     		- -
    A list of instance_types.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Unique name for group to be created or deleted.
    -
    -
    - notification_topic - -
    - string -
    -     		- -
    A SNS topic ARN to send auto scaling notifications to.
    -
    -
    - notification_types - -
    - list - / elements=string
    -     		- Default:
    ["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
    -     		-
    A list of auto scaling events to trigger notifications on.
    -
    -
    - placement_group - -
    - string -
    -     		- -
    Physical location of your cluster placement group created in Amazon EC2.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - replace_all_instances - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    In a rolling fashion, replace all instances that used the old launch configuration with one from the new launch configuration. It increases the ASG size by replace_batch_size, waits for the new instances to be up and running. After that, it terminates a batch of old instances, waits for the replacements, and repeats, until all old instances are replaced. Once that's done the ASG size is reduced back to the expected size.
    -
    -
    - replace_batch_size - -
    - integer -
    -     		- Default:
    1
    -     		-
    Number of instances you'd like to replace at a time. Used with replace_all_instances.
    -
    -
    - replace_instances - -
    - list - / elements=string
    -     		- -
    List of instance_ids belonging to the named AutoScalingGroup that you would like to terminate and be replaced with instances matching the current launch configuration.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the instance.
    -
    -
    - suspend_processes - -
    - list - / elements=string
    -     		- Default:
    []
    -     		-
    A list of scaling processes to suspend.
    -
    Valid values include:
    -
    Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer
    -
    Full documentation of valid values can be found in the AWS documentation:
    - -
    -
    - tags - -
    - list - / elements=dictionary
    -     		- -
    A list of tags to add to the Auto Scale Group.
    -
    Optional key is propagate_at_launch, which defaults to true.
    -
    When propagate_at_launch is true the tags will be propagated to the Instances created.
    -
    -
    - target_group_arns - -
    - list - / elements=string
    -     		- -
    List of target group ARNs to use for the group. Use for application load balancers.
    -
    -
    - termination_policies - -
    - list - / elements=string
    -     		- Default:
    "Default"
    -     		-
    An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.
    -
    Using termination_policies=Default when modifying an existing AutoScalingGroup will result in the existing policy being retained instead of changed to Default.
    -
    Valid values include: Default, OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour
    -
    Full documentation of valid values can be found in the AWS documentation:
    - -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_zone_identifier - -
    - list - / elements=string
    -     		- -
    List of VPC subnets to use
    -
    -
    - wait_for_instances - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of "InService" and a health_status of "Healthy".
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    How long to wait for instances to become viable when replaced. If you experience the error "Waited too long for ELB instances to be healthy", try increasing this value.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Basic configuration with Launch Configuration - - - community.aws.ec2_asg: - name: special - load_balancers: [ 'lb1', 'lb2' ] - availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] - launch_config_name: 'lc-1' - min_size: 1 - max_size: 10 - desired_capacity: 5 - vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] - tags: - - environment: production - propagate_at_launch: no - - # Rolling ASG Updates - - # Below is an example of how to assign a new launch config to an ASG and terminate old instances. - # - # All instances in "myasg" that do not have the launch configuration named "my_new_lc" will be terminated in - # a rolling fashion with instances using the current launch configuration, "my_new_lc". - # - # This could also be considered a rolling deploy of a pre-baked AMI. - # - # If this is a newly created group, the instances will not be replaced since all instances - # will have the current launch configuration. - - - name: create launch config - community.aws.ec2_lc: - name: my_new_lc - image_id: ami-lkajsf - key_name: mykey - region: us-east-1 - security_groups: sg-23423 - instance_type: m1.small - assign_public_ip: yes - - - community.aws.ec2_asg: - name: myasg - launch_config_name: my_new_lc - health_check_period: 60 - health_check_type: ELB - replace_all_instances: yes - min_size: 5 - max_size: 5 - desired_capacity: 5 - region: us-east-1 - - # To only replace a couple of instances instead of all of them, supply a list - # to "replace_instances": - - - community.aws.ec2_asg: - name: myasg - launch_config_name: my_new_lc - health_check_period: 60 - health_check_type: ELB - replace_instances: - - i-b345231 - - i-24c2931 - min_size: 5 - max_size: 5 - desired_capacity: 5 - region: us-east-1 - - # Basic Configuration with Launch Template - - - community.aws.ec2_asg: - name: special - load_balancers: [ 'lb1', 'lb2' ] - availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] - launch_template: - version: '1' - launch_template_name: 'lt-example' - launch_template_id: 'lt-123456' - min_size: 1 - max_size: 10 - desired_capacity: 5 - vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] - tags: - - environment: production - propagate_at_launch: no - - # Basic Configuration with Launch Template using mixed instance policy - - - community.aws.ec2_asg: - name: special - load_balancers: [ 'lb1', 'lb2' ] - availability_zones: [ 'eu-west-1a', 'eu-west-1b' ] - launch_template: - version: '1' - launch_template_name: 'lt-example' - launch_template_id: 'lt-123456' - mixed_instances_policy: - instance_types: - - t3a.large - - t3.large - - t2.large - min_size: 1 - max_size: 10 - desired_capacity: 5 - vpc_zone_identifier: [ 'subnet-abcd1234', 'subnet-1a2b3c4d' ] - tags: - - environment: production - propagate_at_launch: no - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - auto_scaling_group_arn - -
    - string -
    -     		success -
    The unique ARN of the autoscaling group
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:123456789012:autoScalingGroup:6a09ad6d-eeee-1234-b987-ee123ced01ad:autoScalingGroupName/myasg
    -
    -
    - auto_scaling_group_name - -
    - string -
    -     		success -
    The unique name of the auto scaling group
    -
    -
    Sample:
    -
    myasg
    -
    -
    - availability_zones - -
    - list -
    -     		success -
    The availability zones for the auto scaling group
    -
    -
    Sample:
    -
    ['us-east-1d']
    -
    -
    - created_time - -
    - string -
    -     		success -
    Timestamp of create time of the auto scaling group
    -
    -
    Sample:
    -
    2017-11-08T14:41:48.272000+00:00
    -
    -
    - default_cooldown - -
    - integer -
    -     		success -
    The default cooldown time in seconds.
    -
    -
    Sample:
    -
    300
    -
    -
    - desired_capacity - -
    - integer -
    -     		success -
    The number of EC2 instances that should be running in this group.
    -
    -
    Sample:
    -
    3
    -
    -
    - healthcheck_period - -
    - integer -
    -     		success -
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    -
    -
    Sample:
    -
    30
    -
    -
    - healthcheck_type - -
    - string -
    -     		success -
    The service you want the health status from, one of "EC2" or "ELB".
    -
    -
    Sample:
    -
    ELB
    -
    -
    - healthy_instances - -
    - integer -
    -     		success -
    Number of instances in a healthy state
    -
    -
    Sample:
    -
    5
    -
    -
    - in_service_instances - -
    - integer -
    -     		success -
    Number of instances in service
    -
    -
    Sample:
    -
    3
    -
    -
    - instance_facts - -
    - dictionary -
    -     		success -
    Dictionary of EC2 instances and their status as it relates to the ASG.
    -
    -
    Sample:
    -
    {'i-0123456789012': {'health_status': 'Healthy', 'launch_config_name': 'public-webapp-production-1', 'lifecycle_state': 'InService'}}
    -
    -
    - instances - -
    - list -
    -     		success -
    list of instance IDs in the ASG
    -
    -
    Sample:
    -
    ['i-0123456789012']
    -
    -
    - launch_config_name - -
    - string -
    -     		success -
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    -
    -
    Sample:
    -
    public-webapp-production-1
    -
    -
    - load_balancers - -
    - list -
    -     		success -
    List of load balancers names attached to the ASG.
    -
    -
    Sample:
    -
    ['elb-webapp-prod']
    -
    -
    - max_instance_lifetime - -
    - integer -
    -     		success -
    The maximum amount of time, in seconds, that an instance can be in service.
    -
    -
    Sample:
    -
    604800
    -
    -
    - max_size - -
    - integer -
    -     		success -
    Maximum size of group
    -
    -
    Sample:
    -
    3
    -
    -
    - metrics_collection - -
    - list -
    -     		success -
    List of enabled AutosSalingGroup metrics
    -
    -
    Sample:
    -
    [{'Granularity': '1Minute', 'Metric': 'GroupInServiceInstances'}]
    -
    -
    - min_size - -
    - integer -
    -     		success -
    Minimum size of group
    -
    -
    Sample:
    -
    1
    -
    -
    - mixed_instance_policy - -
    - list -
    -     		success -
    Returns the list of instance types if a mixed instance policy is set.
    -
    -
    Sample:
    -
    ['t3.micro', 't3a.micro']
    -
    -
    - pending_instances - -
    - integer -
    -     		success -
    Number of instances in pending state
    -
    -
    Sample:
    -
    1
    -
    -
    - tags - -
    - list -
    -     		success -
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    -
    -
    Sample:
    -
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    -
    -
    - target_group_arns - -
    - list -
    -     		success -
    List of ARNs of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    -
    -
    - target_group_names - -
    - list -
    -     		success -
    List of names of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['target-group-host-hello', 'target-group-path-world']
    -
    -
    - termination_policies - -
    - list -
    -     		success -
    A list of termination policies for the group.
    -
    -
    Sample:
    -
    ['Default']
    -
    -
    - unhealthy_instances - -
    - integer -
    -     		success -
    Number of instances in an unhealthy state
    -
    -
    -
    - viable_instances - -
    - integer -
    -     		success -
    Number of instances in a viable state
    -
    -
    Sample:
    -
    1
    -
    -
    - vpc_zone_identifier - -
    - string -
    -     		success -
    VPC zone ID / subnet id for the auto scaling group
    -
    -
    Sample:
    -
    subnet-a31ef45f
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Gareth Rushgrove (@garethr) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_asg_info.rst b/docs/community.aws.ec2_asg_info.rst deleted file mode 100644 index f7ecdf32f6d..00000000000 --- a/docs/community.aws.ec2_asg_info.rst +++ /dev/null @@ -1,670 +0,0 @@ -:orphan: - -.. _community.aws.ec2_asg_info_module: - - -************************** -community.aws.ec2_asg_info -************************** - -**Gather information about ec2 Auto Scaling Groups (ASGs) in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about ec2 Auto Scaling Groups (ASGs) in AWS -- This module was called ``ec2_asg_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    The prefix or name of the auto scaling group(s) you are searching for.
    -
    Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Find all groups - community.aws.ec2_asg_info: - register: asgs - - - name: Find a group with matching name/prefix - community.aws.ec2_asg_info: - name: public-webserver-asg - register: asgs - - - name: Find a group with matching tags - community.aws.ec2_asg_info: - tags: - project: webapp - env: production - register: asgs - - - name: Find a group with matching name/prefix and tags - community.aws.ec2_asg_info: - name: myproject - tags: - env: production - register: asgs - - - name: Fail if no groups are found - community.aws.ec2_asg_info: - name: public-webserver-asg - register: asgs - failed_when: "{{ asgs.results | length == 0 }}" - - - name: Fail if more than 1 group is found - community.aws.ec2_asg_info: - name: public-webserver-asg - register: asgs - failed_when: "{{ asgs.results | length > 1 }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - auto_scaling_group_arn - -
    - string -
    -     		success -
    The Amazon Resource Name of the ASG
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-west-2:1234567890:autoScalingGroup:10787c52-0bcb-427d-82ba-c8e4b008ed2e:autoScalingGroupName/public-webapp-production-1
    -
    -
    - auto_scaling_group_name - -
    - string -
    -     		success -
    Name of autoscaling group
    -
    -
    Sample:
    -
    public-webapp-production-1
    -
    -
    - availability_zones - -
    - list -
    -     		success -
    List of Availability Zones that are enabled for this ASG.
    -
    -
    Sample:
    -
    ['us-west-2a', 'us-west-2b', 'us-west-2a']
    -
    -
    - created_time - -
    - string -
    -     		success -
    The date and time this ASG was created, in ISO 8601 format.
    -
    -
    Sample:
    -
    2015-11-25T00:05:36.309Z
    -
    -
    - default_cooldown - -
    - integer -
    -     		success -
    The default cooldown time in seconds.
    -
    -
    Sample:
    -
    300
    -
    -
    - desired_capacity - -
    - integer -
    -     		success -
    The number of EC2 instances that should be running in this group.
    -
    -
    Sample:
    -
    3
    -
    -
    - health_check_period - -
    - integer -
    -     		success -
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    -
    -
    Sample:
    -
    30
    -
    -
    - health_check_type - -
    - string -
    -     		success -
    The service you want the health status from, one of "EC2" or "ELB".
    -
    -
    Sample:
    -
    ELB
    -
    -
    - instances - -
    - list -
    -     		success -
    List of EC2 instances and their status as it relates to the ASG.
    -
    -
    Sample:
    -
    [{'availability_zone': 'us-west-2a', 'health_status': 'Healthy', 'instance_id': 'i-es22ad25', 'launch_configuration_name': 'public-webapp-production-1', 'lifecycle_state': 'InService', 'protected_from_scale_in': 'false'}]
    -
    -
    - launch_config_name - -
    - string -
    -     		success -
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    -
    -
    Sample:
    -
    public-webapp-production-1
    -
    -
    - launch_configuration_name - -
    - string -
    -     		success -
    Name of launch configuration associated with the ASG.
    -
    -
    Sample:
    -
    public-webapp-production-1
    -
    -
    - load_balancer_names - -
    - list -
    -     		success -
    List of load balancers names attached to the ASG.
    -
    -
    Sample:
    -
    ['elb-webapp-prod']
    -
    -
    - max_size - -
    - integer -
    -     		success -
    Maximum size of group
    -
    -
    Sample:
    -
    3
    -
    -
    - min_size - -
    - integer -
    -     		success -
    Minimum size of group
    -
    -
    Sample:
    -
    1
    -
    -
    - new_instances_protected_from_scale_in - -
    - boolean -
    -     		success -
    Whether or not new instances a protected from automatic scaling in.
    -
    -
    Sample:
    -
    false
    -
    -
    - placement_group - -
    - string -
    -     		success -
    Placement group into which instances are launched, if any.
    -
    -
    Sample:
    -
    None
    -
    -
    - status - -
    - string -
    -     		success -
    The current state of the group when DeleteAutoScalingGroup is in progress.
    -
    -
    Sample:
    -
    None
    -
    -
    - tags - -
    - list -
    -     		success -
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    -
    -
    Sample:
    -
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    -
    -
    - target_group_arns - -
    - list -
    -     		success -
    List of ARNs of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    -
    -
    - target_group_names - -
    - list -
    -     		success -
    List of names of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['target-group-host-hello', 'target-group-path-world']
    -
    -
    - termination_policies - -
    - string -
    -     		success -
    A list of termination policies for the group.
    -
    -
    Sample:
    -
    ['Default']
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_asg_lifecycle_hook.rst b/docs/community.aws.ec2_asg_lifecycle_hook.rst deleted file mode 100644 index 4f06c50104e..00000000000 --- a/docs/community.aws.ec2_asg_lifecycle_hook.rst +++ /dev/null @@ -1,401 +0,0 @@ -:orphan: - -.. _community.aws.ec2_asg_lifecycle_hook_module: - - -************************************ -community.aws.ec2_asg_lifecycle_hook -************************************ - -**Create, delete or update AWS ASG Lifecycle Hooks.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Will create a new hook when *state=present* and no given Hook is found. -- Will update an existing hook when *state=present* and a Hook is found, but current and provided parameters differ. -- Will delete the hook when *state=absent* and a Hook is found. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3>=1.4.4 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - autoscaling_group_name - -
    - string - / required
    -     		- -
    The name of the Auto Scaling group to which you want to assign the lifecycle hook.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - default_result - -
    - string -
    -     		-
      Choices: -
    • ABANDON ←
      • -
    • CONTINUE
      • -
    -     		-
    Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - heartbeat_timeout - -
    - integer -
    -     		- -
    The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
    -
    By default Amazon AWS will use 3600 (1 hour)
    -
    -
    - lifecycle_hook_name - -
    - string - / required
    -     		- -
    The name of the lifecycle hook.
    -
    -
    - notification_meta_data - -
    - string -
    -     		- -
    Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
    -
    -
    - notification_target_arn - -
    - string -
    -     		- -
    The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook.
    -
    This target can be either an SQS queue or an SNS topic.
    -
    If you specify an empty string, this overrides the current ARN.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string -
    -     		- -
    The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete Lifecycle Hook.
    -
    When state=present updates existing hook or creates a new hook if not found.
    -
    -
    - transition - -
    - string -
    -     		-
      Choices: -
    • autoscaling:EC2_INSTANCE_TERMINATING
      • -
    • autoscaling:EC2_INSTANCE_LAUNCHING
      • -
    -     		-
    The instance state to which you want to attach the lifecycle hook.
    -
    Required when state=present.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create / Update lifecycle hook - community.aws.ec2_asg_lifecycle_hook: - region: eu-central-1 - state: present - autoscaling_group_name: example - lifecycle_hook_name: example - transition: autoscaling:EC2_INSTANCE_LAUNCHING - heartbeat_timeout: 7000 - default_result: ABANDON - - - name: Delete lifecycle hook - community.aws.ec2_asg_lifecycle_hook: - region: eu-central-1 - state: absent - autoscaling_group_name: example - lifecycle_hook_name: example - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Igor 'Tsigankov' Eyrich (@tsiganenok) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_customer_gateway.rst b/docs/community.aws.ec2_customer_gateway.rst deleted file mode 100644 index dcc8dff0510..00000000000 --- a/docs/community.aws.ec2_customer_gateway.rst +++ /dev/null @@ -1,468 +0,0 @@ -:orphan: - -.. _community.aws.ec2_customer_gateway_module: - - -********************************** -community.aws.ec2_customer_gateway -********************************** - -**Manage an AWS customer gateway** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS customer gateway. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bgp_asn - -
    - integer -
    -     		- -
    Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - ip_address - -
    - string - / required
    -     		- -
    Internet-routable IP address for customers gateway, must be a static address.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the customer gateway.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - routing - -
    - string -
    -     		-
      Choices: -
    • static
      • -
    • dynamic ←
      • -
    -     		-
    The type of routing.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or terminate the Customer Gateway.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - You cannot create more than one customer gateway with the same IP address. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources. - - Return values contain customer_gateway and customer_gateways keys which are identical dicts. You should use customer_gateway. See https://github.com/ansible/ansible-modules-extras/issues/2773 for details. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create Customer Gateway - community.aws.ec2_customer_gateway: - bgp_asn: 12345 - ip_address: 1.2.3.4 - name: IndianapolisOffice - region: us-east-1 - register: cgw - - - name: Delete Customer Gateway - community.aws.ec2_customer_gateway: - ip_address: 1.2.3.4 - name: IndianapolisOffice - state: absent - region: us-east-1 - register: cgw - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - gateway.customer_gateways - -
    - complex -
    -     		success -
    details about the gateway that was created.
    -
    -
      -
    - bgp_asn - -
    - string -
    -     		when exists and gateway is available. -
    The Border Gateway Autonomous System Number.
    -
    -
    Sample:
    -
    65123
    -
      -
    - customer_gateway_id - -
    - string -
    -     		when exists and gateway is available. -
    gateway id assigned by amazon.
    -
    -
    Sample:
    -
    cgw-cb6386a2
    -
      -
    - ip_address - -
    - string -
    -     		when exists and gateway is available. -
    ip address of your gateway device.
    -
    -
    Sample:
    -
    1.2.3.4
    -
      -
    - state - -
    - string -
    -     		when gateway exists and is available. -
    state of gateway.
    -
    -
    Sample:
    -
    available
    -
      -
    - tags - -
    - list -
    -     		when gateway exists and is available, and when tags exist. -
    Any tags on the gateway.
    -
    -
      -
    - type - -
    - string -
    -     		when gateway exists and is available. -
    encryption type.
    -
    -
    Sample:
    -
    ipsec.1
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael Baydoun (@MichaelBaydoun) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_customer_gateway_info.rst b/docs/community.aws.ec2_customer_gateway_info.rst deleted file mode 100644 index 1caf6ef7338..00000000000 --- a/docs/community.aws.ec2_customer_gateway_info.rst +++ /dev/null @@ -1,313 +0,0 @@ -:orphan: - -.. _community.aws.ec2_customer_gateway_info_module: - - -*************************************** -community.aws.ec2_customer_gateway_info -*************************************** - -**Gather information about customer gateways in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about customer gateways in AWS. -- This module was called ``ec2_customer_gateway_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - customer_gateway_ids - -
    - list - / elements=string
    -     		- -
    Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html for possible filters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all customer gateways - community.aws.ec2_customer_gateway_info: - - - name: Gather information about a filtered list of customer gateways, based on tags - community.aws.ec2_customer_gateway_info: - region: ap-southeast-2 - filters: - "tag:Name": test-customer-gateway - "tag:AltName": test-customer-gateway-alt - register: cust_gw_info - - - name: Gather information about a specific customer gateway by specifying customer gateway ID - community.aws.ec2_customer_gateway_info: - region: ap-southeast-2 - customer_gateway_ids: - - 'cgw-48841a09' - - 'cgw-fec021ce' - register: cust_gw_info - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - customer_gateways - -
    - list -
    -     		always -
    List of one or more customer gateways.
    -
    -
    Sample:
    -
    [{'bgp_asn': '65000', 'customer_gateway_id': 'cgw-fec844ce', 'customer_gateway_name': 'test-customer-gw', 'ip_address': '110.112.113.120', 'state': 'available', 'tags': [{'key': 'Name', 'value': 'test-customer-gw'}], 'type': 'ipsec.1'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Madhura Naniwadekar (@Madhura-CSI) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_eip.rst b/docs/community.aws.ec2_eip.rst deleted file mode 100644 index 4107f13c1e2..00000000000 --- a/docs/community.aws.ec2_eip.rst +++ /dev/null @@ -1,592 +0,0 @@ -:orphan: - -.. _community.aws.ec2_eip_module: - - -********************* -community.aws.ec2_eip -********************* - -**manages EC2 elastic IP (EIP) addresses.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module can allocate or release an EIP. -- This module can associate/disassociate an EIP with instances or network interfaces. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - allow_reassociation - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - device_id - -
    - string -
    -     		- -
    The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.
    -

    aliases: instance_id
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - in_vpc - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Allocate an EIP inside a VPC or not.
    -
    Required if specifying an ENI with device_id.
    -
    -
    - private_ip_address - -
    - string -
    -     		- -
    The primary or secondary private IP address to associate with the Elastic IP address.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - public_ip - -
    - string -
    -     		- -
    The IP address of a previously allocated EIP.
    -
    When public_ip=present and device is specified, the EIP is associated with the device.
    -
    When public_ip=absent and device is specified, the EIP is disassociated from the device.
    -

    aliases: ip
    -
    -
    - public_ipv4_pool - -
    - string -
    -     		- -
    Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when reuse_existing_ip_allowed=true.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - release_on_disassociation - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to automatically release the EIP when it is disassociated.
    -
    -
    - reuse_existing_ip_allowed - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    When state=present, allocate an EIP or associate an existing EIP with a device.
    -
    When state=absent, disassociate the EIP from the device and optionally release it.
    -
    -
    - tag_name - -
    - string -
    -     		- -
    When reuse_existing_ip_allowed=true, supplement with this option to only reuse an Elastic IP if it is tagged with tag_name.
    -
    -
    - tag_value - -
    - string -
    -     		- -
    Supplements tag_name but also checks that the value of the tag provided in tag_name matches tag_value.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- -
    The wait_timeout option does nothing and will be removed after 2022-06-01
    -
    -
    - - -Notes ------ - -.. note:: - - There may be a delay between the time the EIP is assigned and when the cloud instance is reachable via the new address. Use wait_for and pause to delay further playbook execution until the instance is reachable, if necessary. - - This module returns multiple changed statuses on disassociation or release. It returns an overall status based on any changes occurring. It also returns individual changed statuses for disassociation and release. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: associate an elastic IP with an instance - community.aws.ec2_eip: - device_id: i-1212f003 - ip: 93.184.216.119 - - - name: associate an elastic IP with a device - community.aws.ec2_eip: - device_id: eni-c8ad70f3 - ip: 93.184.216.119 - - - name: associate an elastic IP with a device and allow reassociation - community.aws.ec2_eip: - device_id: eni-c8ad70f3 - public_ip: 93.184.216.119 - allow_reassociation: true - - - name: disassociate an elastic IP from an instance - community.aws.ec2_eip: - device_id: i-1212f003 - ip: 93.184.216.119 - state: absent - - - name: disassociate an elastic IP with a device - community.aws.ec2_eip: - device_id: eni-c8ad70f3 - ip: 93.184.216.119 - state: absent - - - name: allocate a new elastic IP and associate it with an instance - community.aws.ec2_eip: - device_id: i-1212f003 - - - name: allocate a new elastic IP without associating it to anything - community.aws.ec2_eip: - state: present - register: eip - - - name: output the IP - debug: - msg: "Allocated IP is {{ eip.public_ip }}" - - - name: provision new instances with ec2 - amazon.aws.ec2: - keypair: mykey - instance_type: c1.medium - image: ami-40603AD1 - wait: true - group: webserver - count: 3 - register: ec2 - - - name: associate new elastic IPs with each of the instances - community.aws.ec2_eip: - device_id: "{{ item }}" - loop: "{{ ec2.instance_ids }}" - - - name: allocate a new elastic IP inside a VPC in us-west-2 - community.aws.ec2_eip: - region: us-west-2 - in_vpc: true - register: eip - - - name: output the IP - debug: - msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" - - - name: allocate eip - reuse unallocated ips (if found) with FREE tag - community.aws.ec2_eip: - region: us-east-1 - in_vpc: true - reuse_existing_ip_allowed: true - tag_name: FREE - - - name: allocate eip - reuse unallocated ips if tag reserved is nope - community.aws.ec2_eip: - region: us-east-1 - in_vpc: true - reuse_existing_ip_allowed: true - tag_name: reserved - tag_value: nope - - - name: allocate new eip - from servers given ipv4 pool - community.aws.ec2_eip: - region: us-east-1 - in_vpc: true - public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - - - name: allocate eip - from a given pool (if no free addresses where dev-servers tag is dynamic) - community.aws.ec2_eip: - region: us-east-1 - in_vpc: true - reuse_existing_ip_allowed: true - tag_name: dev-servers - public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - - - name: allocate eip from pool - check if tag reserved_for exists and value is our hostname - community.aws.ec2_eip: - region: us-east-1 - in_vpc: true - reuse_existing_ip_allowed: true - tag_name: reserved_for - tag_value: "{{ inventory_hostname }}" - public_ipv4_pool: ipv4pool-ec2-0588c9b75a25d1a02 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - allocation_id - -
    - string -
    -     		on success -
    allocation_id of the elastic ip
    -
    -
    Sample:
    -
    eipalloc-51aa3a6c
    -
    -
    - public_ip - -
    - string -
    -     		on success -
    an elastic ip address
    -
    -
    Sample:
    -
    52.88.159.209
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rick Mendes (@rickmendes) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_eip_info.rst b/docs/community.aws.ec2_eip_info.rst deleted file mode 100644 index d01533a7504..00000000000 --- a/docs/community.aws.ec2_eip_info.rst +++ /dev/null @@ -1,320 +0,0 @@ -:orphan: - -.. _community.aws.ec2_eip_info_module: - - -************************** -community.aws.ec2_eip_info -************************** - -**List EC2 EIP details** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- List details of EC2 Elastic IP addresses. -- This module was called ``ec2_eip_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and filter value. See https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-addresses.html#options for possible filters. Filter names and values are case sensitive.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details or the AWS region, - # see the AWS Guide for details. - - - name: List all EIP addresses in the current region. - community.aws.ec2_eip_info: - register: regional_eip_addresses - - - name: List all EIP addresses for a VM. - community.aws.ec2_eip_info: - filters: - instance-id: i-123456789 - register: my_vm_eips - - - debug: - msg: "{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" - - - name: List all EIP addresses for several VMs. - community.aws.ec2_eip_info: - filters: - instance-id: - - i-123456789 - - i-987654321 - register: my_vms_eips - - - name: List all EIP addresses using the 'Name' tag as a filter. - community.aws.ec2_eip_info: - filters: - tag:Name: www.example.com - register: my_vms_eips - - - name: List all EIP addresses using the Allocation-id as a filter - community.aws.ec2_eip_info: - filters: - allocation-id: eipalloc-64de1b01 - register: my_vms_eips - - # Set the variable eip_alloc to the value of the first allocation_id - # and set the variable my_pub_ip to the value of the first public_ip - - set_fact: - eip_alloc: my_vms_eips.addresses[0].allocation_id - my_pub_ip: my_vms_eips.addresses[0].public_ip - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - addresses - -
    - list -
    -     		on success -
    Properties of all Elastic IP addresses matching the provided filters. Each element is a dict with all the information related to an EIP.
    -
    -
    Sample:
    -
    [{'allocation_id': 'eipalloc-64de1b01', 'association_id': 'eipassoc-0fe9ce90d6e983e97', 'domain': 'vpc', 'instance_id': 'i-01020cfeb25b0c84f', 'network_interface_id': 'eni-02fdeadfd4beef9323b', 'network_interface_owner_id': '0123456789', 'private_ip_address': '10.0.0.1', 'public_ip': '54.81.104.1', 'tags': {'Name': 'test-vm-54.81.104.1'}}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Brad Macpherson (@iiibrad) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_elb.rst b/docs/community.aws.ec2_elb.rst deleted file mode 100644 index a9ee12dd160..00000000000 --- a/docs/community.aws.ec2_elb.rst +++ /dev/null @@ -1,349 +0,0 @@ -:orphan: - -.. _community.aws.ec2_elb_module: - - -********************* -community.aws.ec2_elb -********************* - -**De-registers or registers instances from EC2 ELBs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module de-registers or registers an AWS EC2 instance from the ELBs that it belongs to. -- Returns fact "ec2_elbs" which is a list of elbs attached to the instance if state=absent is passed as an argument. -- Will be marked changed when called only if there are ELBs found to operate on. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_elbs - -
    - list -
    -     		- -
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - enable_availability_zone - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    -
    -
    - instance_id - -
    - string - / required
    -     		- -
    EC2 Instance ID
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    register or deregister the instance
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for instance registration or deregistration to complete successfully before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    0
    -     		-
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # basic pre_task and post_task example - pre_tasks: - - name: Instance De-register - community.aws.ec2_elb: - instance_id: "{{ ansible_ec2_instance_id }}" - state: absent - roles: - - myrole - post_tasks: - - name: Instance Register - community.aws.ec2_elb: - instance_id: "{{ ansible_ec2_instance_id }}" - ec2_elbs: "{{ item }}" - state: present - loop: "{{ ec2_elbs }}" - - - - - -Status ------- - - -Authors -~~~~~~~ - -- John Jarvis (@jarv) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_elb_info.rst b/docs/community.aws.ec2_elb_info.rst deleted file mode 100644 index 48e49d55a56..00000000000 --- a/docs/community.aws.ec2_elb_info.rst +++ /dev/null @@ -1,275 +0,0 @@ -:orphan: - -.. _community.aws.ec2_elb_info_module: - - -************************** -community.aws.ec2_elb_info -************************** - -**Gather information about EC2 Elastic Load Balancers in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about EC2 Elastic Load Balancers in AWS -- This module was called ``ec2_elb_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - names - -
    - list -
    -     		- -
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - # Output format tries to match amazon.aws.ec2_elb_lb module input parameters - - - name: Gather information about all ELBs - ec2_elb_info: - register: elb_info - - debug: - msg: "{{ item.dns_name }}" - loop: "{{ elb_info.elbs }}" - - - name: Gather information about a particular ELB - community.aws.ec2_elb_info: - names: frontend-prod-elb - register: elb_info - - - debug: - msg: "{{ elb_info.elbs.0.dns_name }}" - - - name: Gather information about a set of ELBs - ec2_elb_info: - names: - - frontend-prod-elb - - backend-prod-elb - register: elb_info - - - debug: - msg: "{{ item.dns_name }}" - loop: "{{ elb_info.elbs }}" - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Michael Schultz (@mjschultz) -- Fernando Jose Pando (@nand0p) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_instance.rst b/docs/community.aws.ec2_instance.rst deleted file mode 100644 index 53d08ea60ed..00000000000 --- a/docs/community.aws.ec2_instance.rst +++ /dev/null @@ -1,2708 +0,0 @@ -:orphan: - -.. _community.aws.ec2_instance_module: - - -************************** -community.aws.ec2_instance -************************** - -**Create & manage EC2 instances** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create and manage AWS EC2 instances. -- Note: This module does not support creating `EC2 Spot instances `_. The :ref:`amazon.aws.ec2 ` module can create and manage spot instances. - - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - availability_zone - -
    - string -
    -     		- -
    Specify an availability zone to use the default subnet it. Useful if not specifying the vpc_subnet_id parameter.
    -
    If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cpu_credit_specification - -
    - string -
    -     		-
      Choices: -
    • unlimited
      • -
    • standard
      • -
    -     		-
    For T series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.
    -
    Choose unlimited to enable buying additional CPU credits.
    -
    -
    - cpu_options - -
    - dictionary -
    -     		- -
    Reduce the number of vCPU exposed to the instance.
    -
    Those parameters can only be set at instance launch. The two suboptions threads_per_core and core_count are mandatory.
    - -
    Requires botocore >= 1.10.16
    -
    -
    - core_count - -
    - integer - / required
    -     		- -
    Set the number of core to enable.
    -
    -
    - threads_per_core - -
    - integer - / required
    -     		-
      Choices: -
    • 1
      • -
    • 2
      • -
    -     		-
    Select the number of threads per core to enable. Disable or Enable Intel HT.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - detailed_monitoring - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
    -
    -
    - ebs_optimized - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether instance is should use optimized EBS volumes, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html. for possible filters. Filter names and values are case sensitive.
    -
    By default, instances are filtered for counting by their "Name" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
    -
    -
    - image - -
    - dictionary -
    -     		- -
    An image to use for the instance. The amazon.aws.ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
    -
    -
    - id - -
    - string -
    -     		- -
    The AMI ID.
    -
    -
    - kernel - -
    - - -
    -     		- -
    a string AKI to override the AMI kernel.
    -
    -
    - ramdisk - -
    - string -
    -     		- -
    Overrides the AMI's default ramdisk ID.
    -
    -
    - image_id - -
    - string -
    -     		- -
    ami ID to use for the instance. One of image or image_id are required when instance is not already present.
    -
    This is an alias for image.id.
    -
    -
    - instance_ids - -
    - list -
    -     		- -
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    -
    -
    - instance_initiated_shutdown_behavior - -
    - string -
    -     		-
      Choices: -
    • stop
      • -
    • terminate
      • -
    -     		-
    Whether to stop or terminate an instance upon shutdown.
    -
    -
    - instance_role - -
    - string -
    -     		- -
    The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html If no full ARN is provided, the role with a matching name will be used from the active AWS account.
    -
    -
    - instance_type - -
    - string -
    -     		- Default:
    "t2.micro"
    -     		-
    Instance type to use for the instance, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html Only required when instance is not already present.
    -
    -
    - key_name - -
    - string -
    -     		- -
    Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
    -
    -
    - launch_template - -
    - dictionary -
    -     		- -
    The EC2 launch template to base instance configuration on.
    -
    -
    - id - -
    - string -
    -     		- -
    the ID of the launch template (optional if name is specified).
    -
    -
    - name - -
    - string -
    -     		- -
    the pretty name of the launch template (optional if id is specified).
    -
    -
    - version - -
    - - -
    -     		- -
    the specific version of the launch template to use. If unspecified, the template default is chosen.
    -
    -
    - name - -
    - string -
    -     		- -
    The Name tag for the instance.
    -
    -
    - network - -
    - dictionary -
    -     		- -
    Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.
    -
    Use the amazon.aws.ec2_eni module to create ENIs with special settings.
    -
    -
    - assign_public_ip - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    when true assigns a public IP address to the interface
    -
    -
    - delete_on_termination - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Delete the interface when the instance it is attached to is terminated.
    -
    -
    - description - -
    - string -
    -     		- -
    a description for the network interface
    -
    -
    - device_index - -
    - integer -
    -     		- -
    The index of the interface to modify
    -
    -
    - groups - -
    - list -
    -     		- -
    a list of security group IDs to attach to the interface
    -
    -
    - interfaces - -
    - list -
    -     		- -
    a list of ENI IDs (strings) or a list of objects containing the key id.
    -
    -
    - ipv6_addresses - -
    - list -
    -     		- -
    a list of IPv6 addresses to assign to the network interface
    -
    -
    - private_ip_address - -
    - string -
    -     		- -
    an IPv4 address to assign to the interface
    -
    -
    - private_ip_addresses - -
    - list -
    -     		- -
    a list of IPv4 addresses to assign to the network interface
    -
    -
    - source_dest_check - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    controls whether source/destination checking is enabled on the interface
    -
    -
    - subnet_id - -
    - string -
    -     		- -
    the subnet to connect the network interface to
    -
    -
    - placement_group - -
    - string -
    -     		- -
    The placement group that needs to be assigned to the instance
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_group - -
    - string -
    -     		- -
    A security group ID or name. Mutually exclusive with security_groups.
    -
    -
    - security_groups - -
    - list -
    -     		- -
    A list of security group IDs or names (strings). Mutually exclusive with security_group.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • terminated
      • -
    • running
      • -
    • started
      • -
    • stopped
      • -
    • restarted
      • -
    • rebooted
      • -
    • absent
      • -
    -     		-
    Goal state for the instances.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
    -
    -
    - tenancy - -
    - string -
    -     		-
      Choices: -
    • dedicated
      • -
    • default
      • -
    -     		-
    What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
    -
    -
    - termination_protection - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
    -
    -
    - tower_callback - -
    - dictionary -
    -     		- -
    Preconfigured user-data to enable an instance to perform a Tower callback (Linux only).
    -
    Mutually exclusive with user_data.
    -
    For Windows instances, to enable remote access via Ansible set tower_callback.windows to true, and optionally set an admin password.
    -
    If using 'windows' and 'set_password', callback to Tower will not be performed but the instance will be ready to receive winrm connections from Ansible.
    -
    -
    - host_config_key - -
    - string -
    -     		- -
    Host configuration secret key generated by the Tower job template.
    -
    -
    - job_template_id - -
    - string -
    -     		- -
    Either the integer ID of the Tower Job Template, or the name (name supported only for Tower 3.2+).
    -
    -
    - tower_address - -
    - string -
    -     		- -
    IP address or DNS name of Tower server. Must be accessible via this address from the VPC that this instance will be launched in.
    -
    -
    - user_data - -
    - string -
    -     		- -
    Opaque blob of data which is made available to the ec2 instance
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - volumes - -
    - list -
    -     		- -
    A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.
    -
    A mapping contains the (optional) keys device_name, virtual_name, ebs.volume_type, ebs.volume_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.
    - -
    -
    - vpc_subnet_id - -
    - string -
    -     		- -
    The subnet ID in which to launch the instance (VPC) If none is provided, community.aws.ec2_instance will chose the default zone of the default VPC.
    -

    aliases: subnet_id
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to wait for the desired state (use wait_timeout to customize this).
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    600
    -     		-
    How long to wait (in seconds) for the instance to finish booting/terminating.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Terminate every running instance in a region. Use with EXTREME caution. - community.aws.ec2_instance: - state: absent - filters: - instance-state-name: running - - - name: restart a particular instance by its ID - community.aws.ec2_instance: - state: restarted - instance_ids: - - i-12345678 - - - name: start an instance with a public IP address - community.aws.ec2_instance: - name: "public-compute-instance" - key_name: "prod-ssh-key" - vpc_subnet_id: subnet-5ca1ab1e - instance_type: c5.large - security_group: default - network: - assign_public_ip: true - image_id: ami-123456 - tags: - Environment: Testing - - - name: start an instance and Add EBS - community.aws.ec2_instance: - name: "public-withebs-instance" - vpc_subnet_id: subnet-5ca1ab1e - instance_type: t2.micro - key_name: "prod-ssh-key" - security_group: default - volumes: - - device_name: /dev/sda1 - ebs: - volume_size: 16 - delete_on_termination: true - - - name: start an instance with a cpu_options - community.aws.ec2_instance: - name: "public-cpuoption-instance" - vpc_subnet_id: subnet-5ca1ab1e - tags: - Environment: Testing - instance_type: c4.large - volumes: - - device_name: /dev/sda1 - ebs: - delete_on_termination: true - cpu_options: - core_count: 1 - threads_per_core: 1 - - - name: start an instance and have it begin a Tower callback on boot - community.aws.ec2_instance: - name: "tower-callback-test" - key_name: "prod-ssh-key" - vpc_subnet_id: subnet-5ca1ab1e - security_group: default - tower_callback: - # IP or hostname of tower server - tower_address: 1.2.3.4 - job_template_id: 876 - host_config_key: '[secret config key goes here]' - network: - assign_public_ip: true - image_id: ami-123456 - cpu_credit_specification: unlimited - tags: - SomeThing: "A value" - - - name: start an instance with ENI (An existing ENI ID is required) - community.aws.ec2_instance: - name: "public-eni-instance" - key_name: "prod-ssh-key" - vpc_subnet_id: subnet-5ca1ab1e - network: - interfaces: - - id: "eni-12345" - tags: - Env: "eni_on" - volumes: - - device_name: /dev/sda1 - ebs: - delete_on_termination: true - instance_type: t2.micro - image_id: ami-123456 - - - name: add second ENI interface - community.aws.ec2_instance: - name: "public-eni-instance" - network: - interfaces: - - id: "eni-12345" - - id: "eni-67890" - image_id: ami-123456 - tags: - Env: "eni_on" - instance_type: t2.micro - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - instances - -
    - complex -
    -     		when wait == true -
    a list of ec2 instances
    -
    -
      -
    - ami_launch_index - -
    - integer -
    -     		always -
    The AMI launch index, which can be used to find this instance in the launch group.
    -
    -
      -
    - architecture - -
    - string -
    -     		always -
    The architecture of the image
    -
    -
    Sample:
    -
    x86_64
    -
      -
    - block_device_mappings - -
    - complex -
    -     		always -
    Any block device mapping entries for the instance.
    -
    -
       -
    - device_name - -
    - string -
    -     		always -
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    -
    -
    Sample:
    -
    /dev/sdh
    -
       -
    - ebs - -
    - complex -
    -     		always -
    Parameters used to automatically set up EBS volumes when the instance is launched.
    -
    -
        -
    - attach_time - -
    - string -
    -     		always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    -
        -
    - delete_on_termination - -
    - boolean -
    -     		always -
    Indicates whether the volume is deleted on instance termination.
    -
    -
    Sample:
    -
    True
    -
        -
    - status - -
    - string -
    -     		always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    -
        -
    - volume_id - -
    - string -
    -     		always -
    The ID of the EBS volume
    -
    -
    Sample:
    -
    vol-12345678
    -
      -
    - client_token - -
    - string -
    -     		always -
    The idempotency token you provided when you launched the instance, if applicable.
    -
    -
    Sample:
    -
    mytoken
    -
      -
    - ebs_optimized - -
    - boolean -
    -     		always -
    Indicates whether the instance is optimized for EBS I/O.
    -
    -
      -
    - hypervisor - -
    - string -
    -     		always -
    The hypervisor type of the instance.
    -
    -
    Sample:
    -
    xen
    -
      -
    - iam_instance_profile - -
    - complex -
    -     		always -
    The IAM instance profile associated with the instance, if applicable.
    -
    -
       -
    - arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the instance profile.
    -
    -
    Sample:
    -
    arn:aws:iam::000012345678:instance-profile/myprofile
    -
       -
    - id - -
    - string -
    -     		always -
    The ID of the instance profile
    -
    -
    Sample:
    -
    JFJ397FDG400FG9FD1N
    -
      -
    - image_id - -
    - string -
    -     		always -
    The ID of the AMI used to launch the instance.
    -
    -
    Sample:
    -
    ami-0011223344
    -
      -
    - instance_id - -
    - string -
    -     		always -
    The ID of the instance.
    -
    -
    Sample:
    -
    i-012345678
    -
      -
    - instance_type - -
    - string -
    -     		always -
    The instance type size of the running instance.
    -
    -
    Sample:
    -
    t2.micro
    -
      -
    - key_name - -
    - string -
    -     		always -
    The name of the key pair, if this instance was launched with an associated key pair.
    -
    -
    Sample:
    -
    my-key
    -
      -
    - launch_time - -
    - string -
    -     		always -
    The time the instance was launched.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    -
      -
    - monitoring - -
    - complex -
    -     		always -
    The monitoring for the instance.
    -
    -
       -
    - state - -
    - string -
    -     		always -
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    -
    -
    Sample:
    -
    disabled
    -
      -
    - network.source_dest_check - -
    - boolean -
    -     		always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    -
      -
    - network_interfaces - -
    - complex -
    -     		always -
    One or more network interfaces for the instance.
    -
    -
       -
    - association - -
    - complex -
    -     		always -
    The association information for an Elastic IPv4 associated with the network interface.
    -
    -
        -
    - ip_owner_id - -
    - string -
    -     		always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    -
        -
    - public_dns_name - -
    - string -
    -     		always -
    The public DNS name.
    -
    -
        -
    - public_ip - -
    - string -
    -     		always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    -
       -
    - attachment - -
    - complex -
    -     		always -
    The network interface attachment.
    -
    -
        -
    - attach_time - -
    - string -
    -     		always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    -
        -
    - attachment_id - -
    - string -
    -     		always -
    The ID of the network interface attachment.
    -
    -
    Sample:
    -
    eni-attach-3aff3f
    -
        -
    - delete_on_termination - -
    - boolean -
    -     		always -
    Indicates whether the network interface is deleted when the instance is terminated.
    -
    -
    Sample:
    -
    True
    -
        -
    - device_index - -
    - integer -
    -     		always -
    The index of the device on the instance for the network interface attachment.
    -
    -
        -
    - status - -
    - string -
    -     		always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    -
       -
    - description - -
    - string -
    -     		always -
    The description.
    -
    -
    Sample:
    -
    My interface
    -
       -
    - groups - -
    - list - / elements=dictionary
    -     		always -
    One or more security groups.
    -
    -
        -
    - group_id - -
    - string -
    -     		always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-abcdef12
    -
        -
    - group_name - -
    - string -
    -     		always -
    The name of the security group.
    -
    -
    Sample:
    -
    mygroup
    -
       -
    - ipv6_addresses - -
    - list - / elements=dictionary
    -     		always -
    One or more IPv6 addresses associated with the network interface.
    -
    -
        -
    - ipv6_address - -
    - string -
    -     		always -
    The IPv6 address.
    -
    -
    Sample:
    -
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    -
       -
    - mac_address - -
    - string -
    -     		always -
    The MAC address.
    -
    -
    Sample:
    -
    00:11:22:33:44:55
    -
       -
    - network_interface_id - -
    - string -
    -     		always -
    The ID of the network interface.
    -
    -
    Sample:
    -
    eni-01234567
    -
       -
    - owner_id - -
    - string -
    -     		always -
    The AWS account ID of the owner of the network interface.
    -
    -
    Sample:
    -
    01234567890
    -
       -
    - private_ip_address - -
    - string -
    -     		always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    -
       -
    - private_ip_addresses - -
    - list - / elements=dictionary
    -     		always -
    The private IPv4 addresses associated with the network interface.
    -
    -
        -
    - association - -
    - complex -
    -     		always -
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    -
    -
         -
    - ip_owner_id - -
    - string -
    -     		always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    -
         -
    - public_dns_name - -
    - string -
    -     		always -
    The public DNS name.
    -
    -
         -
    - public_ip - -
    - string -
    -     		always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    -
        -
    - primary - -
    - boolean -
    -     		always -
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    -
    -
    Sample:
    -
    True
    -
        -
    - private_ip_address - -
    - string -
    -     		always -
    The private IPv4 address of the network interface.
    -
    -
    Sample:
    -
    10.0.0.1
    -
       -
    - source_dest_check - -
    - boolean -
    -     		always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    -
       -
    - status - -
    - string -
    -     		always -
    The status of the network interface.
    -
    -
    Sample:
    -
    in-use
    -
       -
    - subnet_id - -
    - string -
    -     		always -
    The ID of the subnet for the network interface.
    -
    -
    Sample:
    -
    subnet-0123456
    -
       -
    - vpc_id - -
    - string -
    -     		always -
    The ID of the VPC for the network interface.
    -
    -
    Sample:
    -
    vpc-0123456
    -
      -
    - placement - -
    - complex -
    -     		always -
    The location where the instance launched, if applicable.
    -
    -
       -
    - availability_zone - -
    - string -
    -     		always -
    The Availability Zone of the instance.
    -
    -
    Sample:
    -
    ap-southeast-2a
    -
       -
    - group_name - -
    - string -
    -     		always -
    The name of the placement group the instance is in (for cluster compute instances).
    -
    -
       -
    - tenancy - -
    - string -
    -     		always -
    The tenancy of the instance (if the instance is running in a VPC).
    -
    -
    Sample:
    -
    default
    -
      -
    - private_dns_name - -
    - string -
    -     		always -
    The private DNS name.
    -
    -
    Sample:
    -
    ip-10-0-0-1.ap-southeast-2.compute.internal
    -
      -
    - private_ip_address - -
    - string -
    -     		always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    -
      -
    - product_codes - -
    - list - / elements=dictionary
    -     		always -
    One or more product codes.
    -
    -
       -
    - product_code_id - -
    - string -
    -     		always -
    The product code.
    -
    -
    Sample:
    -
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    -
       -
    - product_code_type - -
    - string -
    -     		always -
    The type of product code.
    -
    -
    Sample:
    -
    marketplace
    -
      -
    - public_dns_name - -
    - string -
    -     		always -
    The public DNS name assigned to the instance.
    -
    -
      -
    - public_ip_address - -
    - string -
    -     		always -
    The public IPv4 address assigned to the instance
    -
    -
    Sample:
    -
    52.0.0.1
    -
      -
    - root_device_name - -
    - string -
    -     		always -
    The device name of the root device
    -
    -
    Sample:
    -
    /dev/sda1
    -
      -
    - root_device_type - -
    - string -
    -     		always -
    The type of root device used by the AMI.
    -
    -
    Sample:
    -
    ebs
    -
      -
    - security_groups - -
    - list - / elements=dictionary
    -     		always -
    One or more security groups for the instance.
    -
    -
       -
    - group_id - -
    - string -
    -     		always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-0123456
    -
       -
    - group_name - -
    - string -
    -     		always -
    The name of the security group.
    -
    -
    Sample:
    -
    my-security-group
    -
      -
    - state - -
    - complex -
    -     		always -
    The current state of the instance.
    -
    -
       -
    - code - -
    - integer -
    -     		always -
    The low byte represents the state.
    -
    -
    Sample:
    -
    16
    -
       -
    - name - -
    - string -
    -     		always -
    The name of the state.
    -
    -
    Sample:
    -
    running
    -
      -
    - state_transition_reason - -
    - string -
    -     		always -
    The reason for the most recent state transition.
    -
    -
      -
    - subnet_id - -
    - string -
    -     		always -
    The ID of the subnet in which the instance is running.
    -
    -
    Sample:
    -
    subnet-00abcdef
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    Any tags assigned to the instance.
    -
    -
      -
    - virtualization_type - -
    - string -
    -     		always -
    The type of virtualization of the AMI.
    -
    -
    Sample:
    -
    hvm
    -
      -
    - vpc_id - -
    - dictionary -
    -     		always -
    The ID of the VPC the instance is in.
    -
    -
    Sample:
    -
    vpc-0011223344
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ryan Scott Brown (@ryansb) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_instance_info.rst b/docs/community.aws.ec2_instance_info.rst deleted file mode 100644 index 40fc70c319d..00000000000 --- a/docs/community.aws.ec2_instance_info.rst +++ /dev/null @@ -1,1837 +0,0 @@ -:orphan: - -.. _community.aws.ec2_instance_info_module: - - -******************************* -community.aws.ec2_instance_info -******************************* - -**Gather information about ec2 instances in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about ec2 instances in AWS -- This module was called ``ec2_instance_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for possible filters. Filter names and values are case sensitive.
    -
    -
    - instance_ids - -
    - list -
    -     		- -
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all instances - community.aws.ec2_instance_info: - - - name: Gather information about all instances in AZ ap-southeast-2a - community.aws.ec2_instance_info: - filters: - availability-zone: ap-southeast-2a - - - name: Gather information about a particular instance using ID - community.aws.ec2_instance_info: - instance_ids: - - i-12345678 - - - name: Gather information about any instance with a tag key Name and value Example - community.aws.ec2_instance_info: - filters: - "tag:Name": Example - - - name: Gather information about any instance in states "shutting-down", "stopping", "stopped" - community.aws.ec2_instance_info: - filters: - instance-state-name: [ "shutting-down", "stopping", "stopped" ] - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - instances - -
    - complex -
    -     		always -
    a list of ec2 instances
    -
    -
      -
    - ami_launch_index - -
    - integer -
    -     		always -
    The AMI launch index, which can be used to find this instance in the launch group.
    -
    -
      -
    - architecture - -
    - string -
    -     		always -
    The architecture of the image
    -
    -
    Sample:
    -
    x86_64
    -
      -
    - block_device_mappings - -
    - complex -
    -     		always -
    Any block device mapping entries for the instance.
    -
    -
       -
    - device_name - -
    - string -
    -     		always -
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    -
    -
    Sample:
    -
    /dev/sdh
    -
       -
    - ebs - -
    - complex -
    -     		always -
    Parameters used to automatically set up EBS volumes when the instance is launched.
    -
    -
        -
    - attach_time - -
    - string -
    -     		always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    -
        -
    - delete_on_termination - -
    - boolean -
    -     		always -
    Indicates whether the volume is deleted on instance termination.
    -
    -
    Sample:
    -
    True
    -
        -
    - status - -
    - string -
    -     		always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    -
        -
    - volume_id - -
    - string -
    -     		always -
    The ID of the EBS volume
    -
    -
    Sample:
    -
    vol-12345678
    -
      -
    - client_token - -
    - string -
    -     		always -
    The idempotency token you provided when you launched the instance, if applicable.
    -
    -
    Sample:
    -
    mytoken
    -
      -
    - cpu_options - -
    - complex -
    -     		always if botocore version >= 1.10.16 -
    The CPU options set for the instance.
    -
    -
       -
    - core_count - -
    - integer -
    -     		always -
    The number of CPU cores for the instance.
    -
    -
    Sample:
    -
    1
    -
       -
    - threads_per_core - -
    - integer -
    -     		always -
    The number of threads per CPU core. On supported instance, a value of 1 means Intel Hyper-Threading Technology is disabled.
    -
    -
    Sample:
    -
    1
    -
      -
    - ebs_optimized - -
    - boolean -
    -     		always -
    Indicates whether the instance is optimized for EBS I/O.
    -
    -
      -
    - hypervisor - -
    - string -
    -     		always -
    The hypervisor type of the instance.
    -
    -
    Sample:
    -
    xen
    -
      -
    - iam_instance_profile - -
    - complex -
    -     		always -
    The IAM instance profile associated with the instance, if applicable.
    -
    -
       -
    - arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the instance profile.
    -
    -
    Sample:
    -
    arn:aws:iam::000012345678:instance-profile/myprofile
    -
       -
    - id - -
    - string -
    -     		always -
    The ID of the instance profile
    -
    -
    Sample:
    -
    JFJ397FDG400FG9FD1N
    -
      -
    - image_id - -
    - string -
    -     		always -
    The ID of the AMI used to launch the instance.
    -
    -
    Sample:
    -
    ami-0011223344
    -
      -
    - instance_id - -
    - string -
    -     		always -
    The ID of the instance.
    -
    -
    Sample:
    -
    i-012345678
    -
      -
    - instance_type - -
    - string -
    -     		always -
    The instance type size of the running instance.
    -
    -
    Sample:
    -
    t2.micro
    -
      -
    - key_name - -
    - string -
    -     		always -
    The name of the key pair, if this instance was launched with an associated key pair.
    -
    -
    Sample:
    -
    my-key
    -
      -
    - launch_time - -
    - string -
    -     		always -
    The time the instance was launched.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    -
      -
    - monitoring - -
    - complex -
    -     		always -
    The monitoring for the instance.
    -
    -
       -
    - state - -
    - string -
    -     		always -
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    -
    -
    Sample:
    -
    disabled
    -
      -
    - network_interfaces - -
    - complex -
    -     		always -
    One or more network interfaces for the instance.
    -
    -
       -
    - association - -
    - complex -
    -     		always -
    The association information for an Elastic IPv4 associated with the network interface.
    -
    -
        -
    - ip_owner_id - -
    - string -
    -     		always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    -
        -
    - public_dns_name - -
    - string -
    -     		always -
    The public DNS name.
    -
    -
        -
    - public_ip - -
    - string -
    -     		always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    -
       -
    - attachment - -
    - complex -
    -     		always -
    The network interface attachment.
    -
    -
        -
    - attach_time - -
    - string -
    -     		always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    -
        -
    - attachment_id - -
    - string -
    -     		always -
    The ID of the network interface attachment.
    -
    -
    Sample:
    -
    eni-attach-3aff3f
    -
        -
    - delete_on_termination - -
    - boolean -
    -     		always -
    Indicates whether the network interface is deleted when the instance is terminated.
    -
    -
    Sample:
    -
    True
    -
        -
    - device_index - -
    - integer -
    -     		always -
    The index of the device on the instance for the network interface attachment.
    -
    -
        -
    - status - -
    - string -
    -     		always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    -
       -
    - description - -
    - string -
    -     		always -
    The description.
    -
    -
    Sample:
    -
    My interface
    -
       -
    - groups - -
    - list - / elements=dictionary
    -     		always -
    One or more security groups.
    -
    -
        -
    - group_id - -
    - string -
    -     		always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-abcdef12
    -
        -
    - group_name - -
    - string -
    -     		always -
    The name of the security group.
    -
    -
    Sample:
    -
    mygroup
    -
       -
    - ipv6_addresses - -
    - list - / elements=dictionary
    -     		always -
    One or more IPv6 addresses associated with the network interface.
    -
    -
        -
    - ipv6_address - -
    - string -
    -     		always -
    The IPv6 address.
    -
    -
    Sample:
    -
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    -
       -
    - mac_address - -
    - string -
    -     		always -
    The MAC address.
    -
    -
    Sample:
    -
    00:11:22:33:44:55
    -
       -
    - network_interface_id - -
    - string -
    -     		always -
    The ID of the network interface.
    -
    -
    Sample:
    -
    eni-01234567
    -
       -
    - owner_id - -
    - string -
    -     		always -
    The AWS account ID of the owner of the network interface.
    -
    -
    Sample:
    -
    01234567890
    -
       -
    - private_ip_address - -
    - string -
    -     		always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    -
       -
    - private_ip_addresses - -
    - list - / elements=dictionary
    -     		always -
    The private IPv4 addresses associated with the network interface.
    -
    -
        -
    - association - -
    - complex -
    -     		always -
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    -
    -
         -
    - ip_owner_id - -
    - string -
    -     		always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    -
         -
    - public_dns_name - -
    - string -
    -     		always -
    The public DNS name.
    -
    -
         -
    - public_ip - -
    - string -
    -     		always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    -
        -
    - primary - -
    - boolean -
    -     		always -
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    -
    -
    Sample:
    -
    True
    -
        -
    - private_ip_address - -
    - string -
    -     		always -
    The private IPv4 address of the network interface.
    -
    -
    Sample:
    -
    10.0.0.1
    -
       -
    - source_dest_check - -
    - boolean -
    -     		always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    -
       -
    - status - -
    - string -
    -     		always -
    The status of the network interface.
    -
    -
    Sample:
    -
    in-use
    -
       -
    - subnet_id - -
    - string -
    -     		always -
    The ID of the subnet for the network interface.
    -
    -
    Sample:
    -
    subnet-0123456
    -
       -
    - vpc_id - -
    - string -
    -     		always -
    The ID of the VPC for the network interface.
    -
    -
    Sample:
    -
    vpc-0123456
    -
      -
    - placement - -
    - complex -
    -     		always -
    The location where the instance launched, if applicable.
    -
    -
       -
    - availability_zone - -
    - string -
    -     		always -
    The Availability Zone of the instance.
    -
    -
    Sample:
    -
    ap-southeast-2a
    -
       -
    - group_name - -
    - string -
    -     		always -
    The name of the placement group the instance is in (for cluster compute instances).
    -
    -
       -
    - tenancy - -
    - string -
    -     		always -
    The tenancy of the instance (if the instance is running in a VPC).
    -
    -
    Sample:
    -
    default
    -
      -
    - private_dns_name - -
    - string -
    -     		always -
    The private DNS name.
    -
    -
    Sample:
    -
    ip-10-0-0-1.ap-southeast-2.compute.internal
    -
      -
    - private_ip_address - -
    - string -
    -     		always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    -
      -
    - product_codes - -
    - list - / elements=dictionary
    -     		always -
    One or more product codes.
    -
    -
       -
    - product_code_id - -
    - string -
    -     		always -
    The product code.
    -
    -
    Sample:
    -
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    -
       -
    - product_code_type - -
    - string -
    -     		always -
    The type of product code.
    -
    -
    Sample:
    -
    marketplace
    -
      -
    - public_dns_name - -
    - string -
    -     		always -
    The public DNS name assigned to the instance.
    -
    -
      -
    - public_ip_address - -
    - string -
    -     		always -
    The public IPv4 address assigned to the instance
    -
    -
    Sample:
    -
    52.0.0.1
    -
      -
    - root_device_name - -
    - string -
    -     		always -
    The device name of the root device
    -
    -
    Sample:
    -
    /dev/sda1
    -
      -
    - root_device_type - -
    - string -
    -     		always -
    The type of root device used by the AMI.
    -
    -
    Sample:
    -
    ebs
    -
      -
    - security_groups - -
    - list - / elements=dictionary
    -     		always -
    One or more security groups for the instance.
    -
    -
       -
    - group_id - -
    - string -
    -     		always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-0123456
    -
       -
    - group_name - -
    - string -
    -     		always -
    The name of the security group.
    -
    -
    Sample:
    -
    my-security-group
    -
      -
    - source_dest_check - -
    - boolean -
    -     		always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    -
      -
    - state - -
    - complex -
    -     		always -
    The current state of the instance.
    -
    -
       -
    - code - -
    - integer -
    -     		always -
    The low byte represents the state.
    -
    -
    Sample:
    -
    16
    -
       -
    - name - -
    - string -
    -     		always -
    The name of the state.
    -
    -
    Sample:
    -
    running
    -
      -
    - state_transition_reason - -
    - string -
    -     		always -
    The reason for the most recent state transition.
    -
    -
      -
    - subnet_id - -
    - string -
    -     		always -
    The ID of the subnet in which the instance is running.
    -
    -
    Sample:
    -
    subnet-00abcdef
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    Any tags assigned to the instance.
    -
    -
      -
    - virtualization_type - -
    - string -
    -     		always -
    The type of virtualization of the AMI.
    -
    -
    Sample:
    -
    hvm
    -
      -
    - vpc_id - -
    - dictionary -
    -     		always -
    The ID of the VPC the instance is in.
    -
    -
    Sample:
    -
    vpc-0011223344
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael Schuett (@michaeljs1990) -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_launch_template.rst b/docs/community.aws.ec2_launch_template.rst deleted file mode 100644 index d821039be7b..00000000000 --- a/docs/community.aws.ec2_launch_template.rst +++ /dev/null @@ -1,1343 +0,0 @@ -:orphan: - -.. _community.aws.ec2_launch_template_module: - - -********************************* -community.aws.ec2_launch_template -********************************* - -**Manage EC2 launch templates** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, modify, and delete EC2 Launch Templates, which can be used to create individual instances or with Autoscaling Groups. -- The :ref:`community.aws.ec2_instance ` and :ref:`community.aws.ec2_asg ` modules can, instead of specifying all parameters on those tasks, be passed a Launch Template which contains settings like instance size, disk type, subnet, and more. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.6.0 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - block_device_mappings - -
    - list - / elements=dictionary
    -     		- -
    The block device mapping. Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.
    -
    -
    - device_name - -
    - string -
    -     		- -
    The device name (for example, /dev/sdh or xvdh).
    -
    -
    - ebs - -
    - dictionary -
    -     		- -
    Parameters used to automatically set up EBS volumes when the instance is launched.
    -
    -
    - delete_on_termination - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the EBS volume is deleted on instance termination.
    -
    -
    - encrypted - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
    -
    -
    - iops - -
    - integer -
    -     		- -
    The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide.
    -
    Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
    -
    -
    - snapshot_id - -
    - string -
    -     		- -
    The ID of the snapshot to create the volume from.
    -
    -
    - volume_size - -
    - integer -
    -     		- -
    The size of the volume, in GiB.
    -
    Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.
    -
    -
    - volume_type - -
    - string -
    -     		- -
    The volume type
    -
    -
    - no_device - -
    - string -
    -     		- -
    Suppresses the specified device included in the block device mapping of the AMI.
    -
    -
    - virtual_name - -
    - string -
    -     		- -
    The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
    -
    -
    - cpu_options - -
    - dictionary -
    -     		- -
    Choose CPU settings for the EC2 instances that will be created with this template.
    - -
    -
    - core_count - -
    - integer -
    -     		- -
    The number of CPU cores for the instance.
    -
    -
    - threads_per_core - -
    - integer -
    -     		- -
    The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.
    -
    -
    - credit_specification - -
    - dictionary -
    -     		- -
    The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.
    -
    -
    - cpu_credits - -
    - string -
    -     		- -
    The credit option for CPU usage of a T2 or T3 instance. Valid values are standard and unlimited.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - default_version - -
    - string -
    -     		- Default:
    "latest"
    -     		-
    Which version should be the default when users spin up new instances based on this template? By default, the latest version will be made the default.
    -
    -
    - disable_api_termination - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    This helps protect instances from accidental termination. If set to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute.
    -
    -
    - ebs_optimized - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - elastic_gpu_specifications - -
    - list - / elements=dictionary
    -     		- -
    Settings for Elastic GPU attachments. See https://aws.amazon.com/ec2/elastic-gpus/ for details.
    -
    -
    - type - -
    - string -
    -     		- -
    The type of Elastic GPU to attach
    -
    -
    - iam_instance_profile - -
    - string -
    -     		- -
    The name or ARN of an IAM instance profile. Requires permissions to describe existing instance roles to confirm ARN is properly formed.
    -
    -
    - image_id - -
    - string -
    -     		- -
    The AMI ID to use for new instances launched with this template. This value is region-dependent since AMIs are not global resources.
    -
    -
    - instance_initiated_shutdown_behavior - -
    - string -
    -     		-
      Choices: -
    • stop
      • -
    • terminate
      • -
    -     		-
    Indicates whether an instance stops or terminates when you initiate shutdown from the instance using the operating system shutdown command.
    -
    -
    - instance_market_options - -
    - dictionary -
    -     		- -
    Options for alternative instance markets, currently only the spot market is supported.
    -
    -
    - market_type - -
    - string -
    -     		- -
    The market type. This should always be 'spot'.
    -
    -
    - spot_options - -
    - dictionary -
    -     		- -
    Spot-market specific settings.
    -
    -
    - block_duration_minutes - -
    - integer -
    -     		- -
    The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
    -
    -
    - instance_interruption_behavior - -
    - string -
    -     		-
      Choices: -
    • hibernate
      • -
    • stop
      • -
    • terminate
      • -
    -     		-
    The behavior when a Spot Instance is interrupted. The default is terminate.
    -
    -
    - max_price - -
    - string -
    -     		- -
    The highest hourly price you're willing to pay for this Spot Instance.
    -
    -
    - spot_instance_type - -
    - string -
    -     		-
      Choices: -
    • one-time
      • -
    • persistent
      • -
    -     		-
    The request type to send.
    -
    -
    - instance_type - -
    - string -
    -     		- -
    The instance type, such as c5.2xlarge. For a full list of instance types, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html.
    -
    -
    - kernel_id - -
    - string -
    -     		- -
    The ID of the kernel. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    -
    -
    - key_name - -
    - string -
    -     		- -
    The name of the key pair. You can create a key pair using amazon.aws.ec2_key.
    -
    If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
    -
    -
    - monitoring - -
    - dictionary -
    -     		- -
    Settings for instance monitoring.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to turn on detailed monitoring for new instances. This will incur extra charges.
    -
    -
    - network_interfaces - -
    - list - / elements=dictionary
    -     		- -
    One or more network interfaces.
    -
    -
    - associate_public_ip_address - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Associates a public IPv4 address with eth0 for a new network interface.
    -
    -
    - delete_on_termination - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the network interface is deleted when the instance is terminated.
    -
    -
    - description - -
    - string -
    -     		- -
    A description for the network interface.
    -
    -
    - device_index - -
    - integer -
    -     		- -
    The device index for the network interface attachment.
    -
    -
    - groups - -
    - list - / elements=string
    -     		- -
    List of security group IDs to include on this instance.
    -
    -
    - ipv6_address_count - -
    - integer -
    -     		- -
    The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying the ipv6_addresses option.
    -
    -
    - ipv6_addresses - -
    - list - / elements=string
    -     		- -
    A list of one or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying the ipv6_address_count option.
    -
    -
    - network_interface_id - -
    - string -
    -     		- -
    The eni ID of a network interface to attach.
    -
    -
    - private_ip_address - -
    - string -
    -     		- -
    The primary private IPv4 address of the network interface.
    -
    -
    - subnet_id - -
    - string -
    -     		- -
    The ID of the subnet for the network interface.
    -
    -
    - placement - -
    - dictionary -
    -     		- -
    The placement group settings for the instance.
    -
    -
    - affinity - -
    - string -
    -     		- -
    The affinity setting for an instance on a Dedicated Host.
    -
    -
    - availability_zone - -
    - string -
    -     		- -
    The Availability Zone for the instance.
    -
    -
    - group_name - -
    - string -
    -     		- -
    The name of the placement group for the instance.
    -
    -
    - host_id - -
    - string -
    -     		- -
    The ID of the Dedicated Host for the instance.
    -
    -
    - tenancy - -
    - string -
    -     		- -
    The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - ram_disk_id - -
    - string -
    -     		- -
    The ID of the RAM disk to launch the instance with. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_group_ids - -
    - list - / elements=string
    -     		- -
    A list of security group IDs (VPC or EC2-Classic) that the new instances will be added to.
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the launch template should exist or not.
    -
    Deleting specific versions of a launch template is not supported at this time.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A set of key-value pairs to be applied to resources when this Launch Template is used.
    -
    Tag key constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:
    -
    Tag value constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
    -
    -
    - template_id - -
    - string -
    -     		- -
    The ID for the launch template, can be used for all cases except creating a new Launch Template.
    -

    aliases: id
    -
    -
    - template_name - -
    - string -
    -     		- -
    The template name. This must be unique in the region-account combination you are using.
    -

    aliases: name
    -
    -
    - user_data - -
    - string -
    -     		- -
    The Base64-encoded user data to make available to the instance. For more information, see the Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html and Windows http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data documentation on user-data.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create an ec2 launch template - community.aws.ec2_launch_template: - name: "my_template" - image_id: "ami-04b762b4289fba92b" - key_name: my_ssh_key - instance_type: t2.micro - iam_instance_profile: myTestProfile - disable_api_termination: true - - - name: > - Create a new version of an existing ec2 launch template with a different instance type, - while leaving an older version as the default version - community.aws.ec2_launch_template: - name: "my_template" - default_version: 1 - instance_type: c5.4xlarge - - - name: Delete an ec2 launch template - community.aws.ec2_launch_template: - name: "my_template" - state: absent - - # This module does not yet allow deletion of specific versions of launch templates - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - default_version - -
    - integer -
    -     		when state=present -
    The version that will be used if only the template name is specified. Often this is the same as the latest version, but not always.
    -
    -
    -
    - latest_version - -
    - integer -
    -     		when state=present -
    Latest available version of the launch template
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ryan Scott Brown (@ryansb) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_lc.rst b/docs/community.aws.ec2_lc.rst deleted file mode 100644 index 7ff86b20144..00000000000 --- a/docs/community.aws.ec2_lc.rst +++ /dev/null @@ -1,1472 +0,0 @@ -:orphan: - -.. _community.aws.ec2_lc_module: - - -******************** -community.aws.ec2_lc -******************** - -**Create or delete AWS Autoscaling Launch Configurations** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Can create or delete AWS Autoscaling Configurations. -- Works with the ec2_asg module to manage Autoscaling Groups. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.4.4 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - assign_public_ip - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
    -
    -
    - associate_public_ip_address - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The associate_public_ip_address option does nothing and will be removed after 2022-06-01
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - classic_link_vpc_id - -
    - string -
    -     		- -
    Id of ClassicLink enabled VPC
    -
    -
    - classic_link_vpc_security_groups - -
    - list - / elements=string
    -     		- -
    A list of security group IDs with which to associate the ClassicLink VPC instances.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ebs_optimized - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether the instance is optimized for EBS I/O (true) or not (false).
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - image_id - -
    - string -
    -     		- -
    The AMI unique identifier to be used for the group.
    -
    -
    - instance_id - -
    - string -
    -     		- -
    The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
    -
    -
    - instance_monitoring - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether instances are launched with detailed monitoring.
    -
    -
    - instance_profile_name - -
    - string -
    -     		- -
    The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
    -
    -
    - instance_type - -
    - string -
    -     		- -
    Instance type to use for the instance.
    -
    Required when creating a new Launch Configuration.
    -
    -
    - kernel_id - -
    - string -
    -     		- -
    Kernel id for the EC2 instance.
    -
    -
    - key_name - -
    - string -
    -     		- -
    The SSH key name to be used for access to managed instances.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Unique name for configuration.
    -
    -
    - placement_tenancy - -
    - string -
    -     		-
      Choices: -
    • default
      • -
    • dedicated
      • -
    -     		-
    Determines whether the instance runs on single-tenant hardware or not.
    -
    When not set AWS will default to default.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - ramdisk_id - -
    - string -
    -     		- -
    A RAM disk id for the instances.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - spot_price - -
    - float -
    -     		- -
    The spot price you are bidding. Only applies for an autoscaling group with spot instances.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the instance.
    -
    -
    - user_data - -
    - string -
    -     		- -
    Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with user_data_path.
    -
    -
    - user_data_path - -
    - path -
    -     		- -
    Path to the file that contains userdata for the ec2 instances. Mutually exclusive with user_data.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - volumes - -
    - list - / elements=dictionary
    -     		- -
    A list dictionaries defining the volumes to create.
    -
    For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
    -
    -
    - delete_on_termination - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the volume should be automatically deleted when the instance is terminated.
    -
    -
    - device_name - -
    - string - / required
    -     		- -
    The name for the volume (For example /dev/sda).
    -
    -
    - encrypted - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the volume should be encrypted using the 'aws/ebs' KMS CMK.
    -
    -
    - ephemeral - -
    - string -
    -     		- -
    Whether the volume should be ephemeral.
    -
    Data on ephemeral volumes is lost when the instance is stopped.
    -
    Mutually exclusive with the snapshot parameter.
    -
    -
    - iops - -
    - integer -
    -     		- -
    The number of IOPS per second to provision for the volume.
    -
    Required when volume_type=io1.
    -
    -
    - no_device - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When no_device=true the device will not be created.
    -
    -
    - snapshot - -
    - string -
    -     		- -
    The ID of an EBS snapshot to copy when creating the volume.
    -
    Mutually exclusive with the ephemeral parameter.
    -
    -
    - volume_size - -
    - integer -
    -     		- -
    The size of the volume (in GiB).
    -
    Required unless one of ephemeral, snapshot or no_device is set.
    -
    -
    - volume_type - -
    - string -
    -     		- -
    The type of volume to create.
    -
    See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html for more information on the available volume types.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    VPC ID, used when resolving security group names to IDs.
    -
    -
    - - -Notes ------ - -.. note:: - - Amazon ASG Autoscaling Launch Configurations are immutable once created, so modifying the configuration after it is changed will not modify the launch configuration on AWS. You must create a new config and assign it to the ASG instead. - - encrypted volumes are supported on versions >= 2.4 - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - # create a launch configuration using an AMI image and instance type as a basis - - - name: note that encrypted volumes are only supported in >= Ansible 2.4 - community.aws.ec2_lc: - name: special - image_id: ami-XXX - key_name: default - security_groups: ['group', 'group2' ] - instance_type: t1.micro - volumes: - - device_name: /dev/sda1 - volume_size: 100 - volume_type: io1 - iops: 3000 - delete_on_termination: true - encrypted: true - - device_name: /dev/sdb - ephemeral: ephemeral0 - - - name: create a launch configuration using a running instance id as a basis - community.aws.ec2_lc: - name: special - instance_id: i-00a48b207ec59e948 - key_name: default - security_groups: ['launch-wizard-2' ] - volumes: - - device_name: /dev/sda1 - volume_size: 120 - volume_type: io1 - iops: 3000 - delete_on_termination: true - - - name: create a launch configuration to omit the /dev/sdf EBS device that is included in the AMI image - community.aws.ec2_lc: - name: special - image_id: ami-XXX - key_name: default - security_groups: ['group', 'group2' ] - instance_type: t1.micro - volumes: - - device_name: /dev/sdf - no_device: true - - - name: Use EBS snapshot ID for volume - block: - - name: Set Volume Facts - set_fact: - volumes: - - device_name: /dev/sda1 - volume_size: 20 - ebs: - snapshot: snap-XXXX - volume_type: gp2 - delete_on_termination: true - encrypted: no - - - name: Create launch configuration - community.aws.ec2_lc: - name: lc1 - image_id: ami-xxxx - assign_public_ip: yes - instance_type: t2.medium - key_name: my-key - security_groups: "['sg-xxxx']" - volumes: "{{ volumes }}" - register: lc_info - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - arn - -
    - string -
    -     		when state=present -
    The Amazon Resource Name of the launch configuration.
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    -
    -
    - changed - -
    - boolean -
    -     		always -
    Whether the state of the launch configuration has changed.
    -
    -
    -
    - created_time - -
    - string -
    -     		when state=present -
    The creation date and time for the launch configuration.
    -
    -
    Sample:
    -
    2017-11-03 23:46:44.841000
    -
    -
    - image_id - -
    - string -
    -     		when state=present -
    The ID of the Amazon Machine Image used by the launch configuration.
    -
    -
    Sample:
    -
    ami-9be6f38c
    -
    -
    - instance_type - -
    - string -
    -     		when state=present -
    The instance type for the instances.
    -
    -
    Sample:
    -
    t1.micro
    -
    -
    - name - -
    - string -
    -     		when state=present -
    The name of the launch configuration.
    -
    -
    Sample:
    -
    launch_config_name
    -
    -
    - result - -
    - complex -
    -     		when state=present -
    The specification details for the launch configuration.
    -
    -
      -
    - associate_public_ip_address - -
    - boolean -
    -     		when state=present -
    (EC2-VPC) Indicates whether to assign a public IP address to each instance.
    -
    -
      -
    - block_device_mappings - -
    - complex -
    -     		when state=present -
    A block device mapping, which specifies the block devices.
    -
    -
       -
    - device_name - -
    - string -
    -     		when state=present -
    The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).
    -
    -
    Sample:
    -
    /dev/sda1
    -
       -
    - ebs - -
    - complex -
    -     		when state=present -
    The information about the Amazon EBS volume.
    -
    -
        -
    - snapshot_id - -
    - string -
    -     		when state=present -
    The ID of the snapshot.
    -
    -
        -
    - volume_size - -
    - string -
    -     		when state=present -
    The volume size, in GiB.
    -
    -
    Sample:
    -
    100
    -
       -
    - virtual_name - -
    - string -
    -     		when state=present -
    The name of the virtual device (for example, ephemeral0).
    -
    -
    Sample:
    -
    ephemeral0
    -
      -
    - classic_link_vpc_id - -
    - string -
    -     		when state=present -
    The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
    -
    -
      -
    - classic_link_vpc_security_groups - -
    - list -
    -     		when state=present -
    The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId.
    -
    -
      -
    - created_time - -
    - string -
    -     		when state=present -
    The creation date and time for the launch configuration.
    -
    -
    Sample:
    -
    2017-11-03 23:46:44.841000
    -
      -
    - delete_on_termination - -
    - boolean -
    -     		when state=present -
    Indicates whether the volume is deleted on instance termination.
    -
    -
    Sample:
    -
    True
    -
      -
    - ebs_optimized - -
    - boolean -
    -     		when state=present -
    Indicates whether the instance is optimized for EBS I/O (true) or not (false).
    -
    -
      -
    - image_id - -
    - string -
    -     		when state=present -
    The ID of the Amazon Machine Image used by the launch configuration.
    -
    -
    Sample:
    -
    ami-9be6f38c
    -
      -
    - instance_monitoring - -
    - boolean -
    -     		when state=present -
    Indicates whether instances in this group are launched with detailed (true) or basic (false) monitoring.
    -
    -
    Sample:
    -
    True
    -
      -
    - instance_profile_name - -
    - string -
    -     		when state=present -
    The name or Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance.
    -
    -
      -
    - instance_type - -
    - string -
    -     		when state=present -
    The instance type for the instances.
    -
    -
    Sample:
    -
    t1.micro
    -
      -
    - iops - -
    - integer -
    -     		when state=present -
    The number of I/O operations per second (IOPS) to provision for the volume.
    -
    -
      -
    - kernel_id - -
    - string -
    -     		when state=present -
    The ID of the kernel associated with the AMI.
    -
    -
      -
    - key_name - -
    - string -
    -     		when state=present -
    The name of the key pair.
    -
    -
    Sample:
    -
    testkey
    -
      -
    - launch_configuration_arn - -
    - string -
    -     		when state=present -
    The Amazon Resource Name (ARN) of the launch configuration.
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    -
      -
    - member - -
    - string -
    -     		when state=present -
    -
    -
    Sample:
    -
    -
      -
    - name - -
    - string -
    -     		when state=present -
    The name of the launch configuration.
    -
    -
    Sample:
    -
    launch_config_name
    -
      -
    - PlacementTenancy - -
    - string -
    -     		when state=present -
    The tenancy of the instances, either default or dedicated.
    -
    -
    Sample:
    -
    default
    -
      -
    - ramdisk_id - -
    - string -
    -     		when state=present -
    The ID of the RAM disk associated with the AMI.
    -
    -
      -
    - security_groups - -
    - list -
    -     		when state=present -
    The security groups to associate with the instances.
    -
    -
    Sample:
    -
    ['sg-5e27db2f']
    -
      -
    - spot_price - -
    - float -
    -     		when state=present -
    The price to bid when launching Spot Instances.
    -
    -
      -
    - use_block_device_types - -
    - boolean -
    -     		when state=present -
    Indicates whether to suppress a device mapping.
    -
    -
      -
    - user_data - -
    - string -
    -     		when state=present -
    The user data available to the instances.
    -
    -
      -
    - volume_type - -
    - string -
    -     		when state=present -
    The volume type (one of standard, io1, gp2).
    -
    -
    Sample:
    -
    io1
    -
    -
    - security_groups - -
    - list -
    -     		when state=present -
    The security groups to associate with the instances.
    -
    -
    Sample:
    -
    ['sg-5e27db2f']
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Gareth Rushgrove (@garethr) -- Willem van Ketwich (@wilvk) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_lc_find.rst b/docs/community.aws.ec2_lc_find.rst deleted file mode 100644 index f7c7f4883cb..00000000000 --- a/docs/community.aws.ec2_lc_find.rst +++ /dev/null @@ -1,549 +0,0 @@ -:orphan: - -.. _community.aws.ec2_lc_find_module: - - -************************* -community.aws.ec2_lc_find -************************* - -**Find AWS Autoscaling Launch Configurations** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Returns list of matching Launch Configurations for a given name, along with other useful information. -- Results can be sorted and sliced. -- It depends on boto. -- Based on the work by Tom Bamford https://github.com/tombamford - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - limit - -
    - integer -
    -     		- -
    How many results to show.
    -
    Corresponds to Python slice notation like list[:limit].
    -
    -
    - name_regex - -
    - string - / required
    -     		- -
    A Launch Configuration to match.
    -
    It'll be compiled as regex.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - sort_order - -
    - string -
    -     		-
      Choices: -
    • ascending ←
      • -
    • descending
      • -
    -     		-
    Order in which to sort results.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Search for the Launch Configurations that start with "app" - community.aws.ec2_lc_find: - name_regex: app.* - sort_order: descending - limit: 2 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - arn - -
    - string -
    -     		when Launch Configuration was found -
    Name of the AMI
    -
    -
    Sample:
    -
    arn:aws:autoscaling:eu-west-1:12345:launchConfiguration:d82f050e-e315:launchConfigurationName/yourproject
    -
    -
    - associate_public_address - -
    - boolean -
    -     		when Launch Configuration was found -
    Assign public address or not
    -
    -
    Sample:
    -
    True
    -
    -
    - block_device_mappings - -
    - list -
    -     		when Launch Configuration was found -
    Launch Configuration block device mappings property
    -
    -
    -
    - classic_link_vpc_security_groups - -
    - list -
    -     		when Launch Configuration was found -
    Launch Configuration classic link vpc security groups property
    -
    -
    -
    - created_time - -
    - string -
    -     		when Launch Configuration was found -
    When it was created
    -
    -
    Sample:
    -
    2016-06-29T14:59:22.222000+00:00
    -
    -
    - ebs_optimized - -
    - boolean -
    -     		when Launch Configuration was found -
    Launch Configuration EBS optimized property
    -
    -
    -
    - image_id - -
    - string -
    -     		when Launch Configuration was found -
    AMI id
    -
    -
    Sample:
    -
    ami-0d75df7e
    -
    -
    - instance_monitoring - -
    - string -
    -     		when Launch Configuration was found -
    Launch Configuration instance monitoring property
    -
    -
    Sample:
    -
    {'Enabled': False}
    -
    -
    - instance_type - -
    - string -
    -     		when Launch Configuration was found -
    Type of ec2 instance
    -
    -
    Sample:
    -
    t2.small
    -
    -
    - kernel_id - -
    - string -
    -     		when Launch Configuration was found -
    Launch Configuration kernel to use
    -
    -
    -
    - keyname - -
    - string -
    -     		when Launch Configuration was found -
    Launch Configuration ssh key
    -
    -
    Sample:
    -
    mykey
    -
    -
    - name - -
    - string -
    -     		when Launch Configuration was found -
    Name of the Launch Configuration
    -
    -
    Sample:
    -
    myapp-v123
    -
    -
    - ram_disk_id - -
    - string -
    -     		when Launch Configuration was found -
    Launch Configuration ram disk property
    -
    -
    -
    - security_groups - -
    - list -
    -     		when Launch Configuration was found -
    Launch Configuration security groups
    -
    -
    -
    - user_data - -
    - string -
    -     		when Launch Configuration was found -
    User data used to start instance
    -
    -
    Sample:
    -
    ZXhwb3J0IENMT1VE
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jose Armesto (@fiunchinho) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_lc_info.rst b/docs/community.aws.ec2_lc_info.rst deleted file mode 100644 index 289f84dc214..00000000000 --- a/docs/community.aws.ec2_lc_info.rst +++ /dev/null @@ -1,581 +0,0 @@ -:orphan: - -.. _community.aws.ec2_lc_info_module: - - -************************* -community.aws.ec2_lc_info -************************* - -**Gather information about AWS Autoscaling Launch Configurations.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about AWS Autoscaling Launch Configurations. -- This module was called ``ec2_lc_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - list - / elements=string
    -     		- Default:
    []
    -     		-
    A name or a list of name to match.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - sort - -
    - string -
    -     		-
      Choices: -
    • launch_configuration_name
      • -
    • image_id
      • -
    • created_time
      • -
    • instance_type
      • -
    • kernel_id
      • -
    • ramdisk_id
      • -
    • key_name
      • -
    -     		-
    Optional attribute which with to sort the results.
    -
    -
    - sort_end - -
    - integer -
    -     		- -
    Which result to end with (when sorting).
    -
    Corresponds to Python slice notation.
    -
    -
    - sort_order - -
    - string -
    -     		-
      Choices: -
    • ascending ←
      • -
    • descending
      • -
    -     		-
    Order in which to sort results.
    -
    Only used when the 'sort' parameter is specified.
    -
    -
    - sort_start - -
    - integer -
    -     		- -
    Which result to start with (when sorting).
    -
    Corresponds to Python slice notation.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all launch configurations - community.aws.ec2_lc_info: - - - name: Gather information about launch configuration with name "example" - community.aws.ec2_lc_info: - name: example - - - name: Gather information sorted by created_time from most recent to least recent - community.aws.ec2_lc_info: - sort: created_time - sort_order: descending - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - block_device_mapping - -
    - list -
    -     		always -
    Block device mapping for the instances of launch configuration
    -
    -
    Sample:
    -
    [{ 'device_name': '/dev/xvda':, 'ebs': { 'delete_on_termination': true, 'volume_size': 8, 'volume_type': 'gp2' }]
    -
    -
    - classic_link_vpc_security_groups - -
    - string -
    -     		always -
    IDs of one or more security groups for the VPC specified in classic_link_vpc_id
    -
    -
    -
    - created_time - -
    - string -
    -     		always -
    The creation date and time for the launch configuration
    -
    -
    Sample:
    -
    2016-05-27T13:47:44.216000+00:00
    -
    -
    - ebs_optimized - -
    - boolean -
    -     		always -
    EBS I/O optimized (true ) or not (false )
    -
    -
    Sample:
    -
    true,
    -
    -
    - image_id - -
    - string -
    -     		always -
    ID of the Amazon Machine Image (AMI)
    -
    -
    Sample:
    -
    ami-12345678
    -
    -
    - instance_monitoring - -
    - dictionary -
    -     		always -
    Launched with detailed monitoring or not
    -
    -
    Sample:
    -
    { 'enabled': true }
    -
    -
    - instance_type - -
    - string -
    -     		always -
    Instance type
    -
    -
    Sample:
    -
    t2.micro
    -
    -
    - kernel_id - -
    - string -
    -     		always -
    ID of the kernel associated with the AMI
    -
    -
    -
    - key_name - -
    - string -
    -     		always -
    Name of the key pair
    -
    -
    Sample:
    -
    user_app
    -
    -
    - launch_configuration_arn - -
    - string -
    -     		always -
    Amazon Resource Name (ARN) of the launch configuration
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:666612345678:launchConfiguration:ba785e3a-dd42-6f02-4585-ea1a2b458b3d:launchConfigurationName/lc-app
    -
    -
    - launch_configuration_name - -
    - string -
    -     		always -
    Name of the launch configuration
    -
    -
    Sample:
    -
    lc-app
    -
    -
    - ramdisk_id - -
    - string -
    -     		always -
    ID of the RAM disk associated with the AMI
    -
    -
    -
    - security_groups - -
    - list -
    -     		always -
    Security groups to associated
    -
    -
    Sample:
    -
    [ 'web' ]
    -
    -
    - user_data - -
    - string -
    -     		always -
    User data available
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Loïc Latreille (@psykotox) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_metric_alarm.rst b/docs/community.aws.ec2_metric_alarm.rst deleted file mode 100644 index cd2cefa799c..00000000000 --- a/docs/community.aws.ec2_metric_alarm.rst +++ /dev/null @@ -1,565 +0,0 @@ -:orphan: - -.. _community.aws.ec2_metric_alarm_module: - - -****************************** -community.aws.ec2_metric_alarm -****************************** - -**Create/update or delete AWS Cloudwatch 'metric alarms'** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Can create or delete AWS metric alarms. -- Metrics you wish to alarm on must already exist. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - alarm_actions - -
    - list - / elements=string
    -     		- -
    A list of the names action(s) taken when the alarm is in the alarm status, denoted as Amazon Resource Name(s).
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - comparison - -
    - string -
    -     		-
      Choices: -
    • GreaterThanOrEqualToThreshold
      • -
    • GreaterThanThreshold
      • -
    • LessThanThreshold
      • -
    • LessThanOrEqualToThreshold
      • -
    • <=
      • -
    • <
      • -
    • >=
      • -
    • >
      • -
    -     		-
    Determines how the threshold value is compared
    -
    Symbolic comparison operators have been deprecated, and will be removed after 2022-06-22.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A longer description of the alarm.
    -
    -
    - dimensions - -
    - dictionary -
    -     		- -
    A dictionary describing which metric the alarm is applied to.
    -
    For more information see the AWS documentation:
    - -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - evaluation_periods - -
    - integer -
    -     		- -
    The number of times in which the metric is evaluated before final calculation.
    -
    -
    - insufficient_data_actions - -
    - list - / elements=string
    -     		- -
    A list of the names of action(s) to take when the alarm is in the insufficient_data status.
    -
    -
    - metric - -
    - string -
    -     		- -
    Name of the monitored metric (e.g. CPUUtilization).
    -
    Metric must already exist.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Unique name for the alarm.
    -
    -
    - namespace - -
    - string -
    -     		- -
    Name of the appropriate namespace (AWS/EC2, System/Linux, etc.), which determines the category it will appear under in cloudwatch.
    -
    -
    - ok_actions - -
    - list - / elements=string
    -     		- -
    A list of the names of action(s) to take when the alarm is in the ok status, denoted as Amazon Resource Name(s).
    -
    -
    - period - -
    - integer -
    -     		- -
    The time (in seconds) between metric evaluations.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the alarm.
    -
    -
    - statistic - -
    - string -
    -     		-
      Choices: -
    • SampleCount
      • -
    • Average
      • -
    • Sum
      • -
    • Minimum
      • -
    • Maximum
      • -
    -     		-
    Operation applied to the metric.
    -
    Works in conjunction with period and evaluation_periods to determine the comparison value.
    -
    -
    - threshold - -
    - float -
    -     		- -
    Sets the min/max bound for triggering the alarm.
    -
    -
    - treat_missing_data - -
    - string -
    -     		-
      Choices: -
    • breaching
      • -
    • notBreaching
      • -
    • ignore
      • -
    • missing ←
      • -
    -     		-
    Sets how the alarm handles missing data points.
    -
    -
    - unit - -
    - string -
    -     		-
      Choices: -
    • Seconds
      • -
    • Microseconds
      • -
    • Milliseconds
      • -
    • Bytes
      • -
    • Kilobytes
      • -
    • Megabytes
      • -
    • Gigabytes
      • -
    • Terabytes
      • -
    • Bits
      • -
    • Kilobits
      • -
    • Megabits
      • -
    • Gigabits
      • -
    • Terabits
      • -
    • Percent
      • -
    • Count
      • -
    • Bytes/Second
      • -
    • Kilobytes/Second
      • -
    • Megabytes/Second
      • -
    • Gigabytes/Second
      • -
    • Terabytes/Second
      • -
    • Bits/Second
      • -
    • Kilobits/Second
      • -
    • Megabits/Second
      • -
    • Gigabits/Second
      • -
    • Terabits/Second
      • -
    • Count/Second
      • -
    • None
      • -
    -     		-
    The threshold's unit of measurement.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: create alarm - community.aws.ec2_metric_alarm: - state: present - region: ap-southeast-2 - name: "cpu-low" - metric: "CPUUtilization" - namespace: "AWS/EC2" - statistic: Average - comparison: "LessThanOrEqualToThreshold" - threshold: 5.0 - period: 300 - evaluation_periods: 3 - unit: "Percent" - description: "This will alarm when a bamboo slave's cpu usage average is lower than 5% for 15 minutes " - dimensions: {'InstanceId':'i-XXX'} - alarm_actions: ["action1","action2"] - - - name: Create an alarm to recover a failed instance - community.aws.ec2_metric_alarm: - state: present - region: us-west-1 - name: "recover-instance" - metric: "StatusCheckFailed_System" - namespace: "AWS/EC2" - statistic: "Minimum" - comparison: ">=" - threshold: 1.0 - period: 60 - evaluation_periods: 2 - unit: "Count" - description: "This will recover an instance when it fails" - dimensions: {"InstanceId":'i-XXX'} - alarm_actions: ["arn:aws:automate:us-west-1:ec2:recover"] - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Zacharie Eakin (@Zeekin) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_placement_group.rst b/docs/community.aws.ec2_placement_group.rst deleted file mode 100644 index c6259a3d65c..00000000000 --- a/docs/community.aws.ec2_placement_group.rst +++ /dev/null @@ -1,386 +0,0 @@ -:orphan: - -.. _community.aws.ec2_placement_group_module: - - -********************************* -community.aws.ec2_placement_group -********************************* - -**Create or delete an EC2 Placement Group** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create an EC2 Placement Group; if the placement group already exists, nothing is done. Or, delete an existing placement group. If the placement group is absent, do nothing. See also https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name for the placement group.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete placement group.
    -
    -
    - strategy - -
    - string -
    -     		-
      Choices: -
    • cluster ←
      • -
    • spread
      • -
    -     		-
    Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide - # for details. - - - name: Create a placement group. - community.aws.ec2_placement_group: - name: my-cluster - state: present - - - name: Create a Spread placement group. - community.aws.ec2_placement_group: - name: my-cluster - state: present - strategy: spread - - - name: Delete a placement group. - community.aws.ec2_placement_group: - name: my-cluster - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - placement_group - -
    - complex -
    -     		when state != absent -
    Placement group attributes
    -
    -
      -
    - name - -
    - string -
    -     		-
    PG name
    -
    -
    Sample:
    -
    my-cluster
    -
      -
    - state - -
    - string -
    -     		-
    PG state
    -
    -
    Sample:
    -
    available
    -
      -
    - strategy - -
    - string -
    -     		-
    PG strategy
    -
    -
    Sample:
    -
    cluster
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Brad Macpherson (@iiibrad) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_placement_group_info.rst b/docs/community.aws.ec2_placement_group_info.rst deleted file mode 100644 index 64d9338dc2d..00000000000 --- a/docs/community.aws.ec2_placement_group_info.rst +++ /dev/null @@ -1,348 +0,0 @@ -:orphan: - -.. _community.aws.ec2_placement_group_info_module: - - -************************************** -community.aws.ec2_placement_group_info -************************************** - -**List EC2 Placement Group(s) details** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- List details of EC2 Placement Group(s). -- This module was called ``ec2_placement_group_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - names - -
    - list - / elements=string
    -     		- Default:
    []
    -     		-
    A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details or the AWS region, - # see the AWS Guide for details. - - - name: List all placement groups. - community.aws.ec2_placement_group_info: - register: all_ec2_placement_groups - - - name: List two placement groups. - community.aws.ec2_placement_group_info: - names: - - my-cluster - - my-other-cluster - register: specific_ec2_placement_groups - - - debug: - msg: "{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - placement_groups - -
    - complex -
    -     		always -
    Placement group attributes
    -
    -
      -
    - name - -
    - string -
    -     		-
    PG name
    -
    -
    Sample:
    -
    my-cluster
    -
      -
    - state - -
    - string -
    -     		-
    PG state
    -
    -
    Sample:
    -
    available
    -
      -
    - strategy - -
    - string -
    -     		-
    PG strategy
    -
    -
    Sample:
    -
    cluster
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Brad Macpherson (@iiibrad) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_scaling_policy.rst b/docs/community.aws.ec2_scaling_policy.rst deleted file mode 100644 index 9e58b97bdbc..00000000000 --- a/docs/community.aws.ec2_scaling_policy.rst +++ /dev/null @@ -1,353 +0,0 @@ -:orphan: - -.. _community.aws.ec2_scaling_policy_module: - - -******************************** -community.aws.ec2_scaling_policy -******************************** - -**Create or delete AWS scaling policies for Autoscaling groups** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Can create or delete scaling policies for autoscaling groups. -- Referenced autoscaling groups must already exist. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - adjustment_type - -
    - string -
    -     		-
      Choices: -
    • ChangeInCapacity
      • -
    • ExactCapacity
      • -
    • PercentChangeInCapacity
      • -
    -     		-
    The type of change in capacity of the autoscaling group.
    -
    -
    - asg_name - -
    - string - / required
    -     		- -
    Name of the associated autoscaling group.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cooldown - -
    - integer -
    -     		- -
    The minimum period of time (in seconds) between which autoscaling actions can take place.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - min_adjustment_step - -
    - integer -
    -     		- -
    Minimum amount of adjustment when policy is triggered.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Unique name for the scaling policy.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - scaling_adjustment - -
    - integer -
    -     		- -
    The amount by which the autoscaling group is adjusted by the policy.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the policy.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - community.aws.ec2_scaling_policy: - state: present - region: US-XXX - name: "scaledown-policy" - adjustment_type: "ChangeInCapacity" - asg_name: "slave-pool" - scaling_adjustment: -1 - min_adjustment_step: 1 - cooldown: 300 - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Zacharie Eakin (@Zeekin) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_snapshot_copy.rst b/docs/community.aws.ec2_snapshot_copy.rst deleted file mode 100644 index 5d7b94bb55e..00000000000 --- a/docs/community.aws.ec2_snapshot_copy.rst +++ /dev/null @@ -1,428 +0,0 @@ -:orphan: - -.. _community.aws.ec2_snapshot_copy_module: - - -******************************* -community.aws.ec2_snapshot_copy -******************************* - -**Copies an EC2 snapshot and returns the new Snapshot ID.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Copies an EC2 Snapshot from a source region to a destination region. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    An optional human-readable string describing purpose of the new Snapshot.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - encrypted - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not the destination Snapshot should be encrypted.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    KMS key id used to encrypt snapshot. If not specified, AWS defaults to alias/aws/ebs.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - source_region - -
    - string - / required
    -     		- -
    The source region the Snapshot should be copied from.
    -
    -
    - source_snapshot_id - -
    - string - / required
    -     		- -
    The ID of the Snapshot in source region that should be copied.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new Snapshot; '{"key":"value"}' and '{"key":"value","key":"value"}'
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for the copied Snapshot to be in 'Available' state before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    600
    -     		-
    How long before wait gives up, in seconds.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Basic Snapshot Copy - community.aws.ec2_snapshot_copy: - source_region: eu-central-1 - region: eu-west-1 - source_snapshot_id: snap-xxxxxxx - - - name: Copy Snapshot and wait until available - community.aws.ec2_snapshot_copy: - source_region: eu-central-1 - region: eu-west-1 - source_snapshot_id: snap-xxxxxxx - wait: yes - wait_timeout: 1200 # Default timeout is 600 - register: snapshot_id - - - name: Tagged Snapshot copy - community.aws.ec2_snapshot_copy: - source_region: eu-central-1 - region: eu-west-1 - source_snapshot_id: snap-xxxxxxx - tags: - Name: Snapshot-Name - - - name: Encrypted Snapshot copy - community.aws.ec2_snapshot_copy: - source_region: eu-central-1 - region: eu-west-1 - source_snapshot_id: snap-xxxxxxx - encrypted: yes - - - name: Encrypted Snapshot copy with specified key - community.aws.ec2_snapshot_copy: - source_region: eu-central-1 - region: eu-west-1 - source_snapshot_id: snap-xxxxxxx - encrypted: yes - kms_key_id: arn:aws:kms:eu-central-1:XXXXXXXXXXXX:key/746de6ea-50a4-4bcb-8fbc-e3b29f2d367b - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - snapshot_id - -
    - string -
    -     		when snapshot copy is successful -
    snapshot id of the newly created snapshot
    -
    -
    Sample:
    -
    snap-e9095e8c
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Deepak Kothandan (@Deepakkothandan) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_transit_gateway.rst b/docs/community.aws.ec2_transit_gateway.rst deleted file mode 100644 index 8058b6e05f9..00000000000 --- a/docs/community.aws.ec2_transit_gateway.rst +++ /dev/null @@ -1,822 +0,0 @@ -:orphan: - -.. _community.aws.ec2_transit_gateway_module: - - -********************************* -community.aws.ec2_transit_gateway -********************************* - -**Create and delete AWS Transit Gateways** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates AWS Transit Gateways. -- Deletes AWS Transit Gateways. -- Updates tags on existing transit gateways. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - asn - -
    - integer -
    -     		- -
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
    -
    The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    -
    -
    - auto_associate - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Enable or disable automatic association with the default association route table.
    -
    -
    - auto_attach - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enable or disable automatic acceptance of attachment requests.
    -
    -
    - auto_propagate - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Enable or disable automatic propagation of routes to the default propagation route table.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    The description of the transit gateway.
    -
    -
    - dns_support - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to enable AWS DNS support.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to purge existing tags not included with tags argument.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    present to ensure resource is created.
    -
    absent to remove resource.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of resource tags
    -
    -
    - transit_gateway_id - -
    - string -
    -     		- -
    The ID of the transit gateway.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpn_ecmp_support - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Enable or disable Equal Cost Multipath Protocol support.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to wait for status
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    number of seconds to wait for status
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a new transit gateway using defaults - community.aws.ec2_transit_gateway: - state: present - region: us-east-1 - description: personal-testing - register: created_tgw - - - name: Create a new transit gateway with options - community.aws.ec2_transit_gateway: - asn: 64514 - auto_associate: no - auto_propagate: no - dns_support: True - description: "nonprod transit gateway" - purge_tags: False - state: present - region: us-east-1 - tags: - Name: nonprod transit gateway - status: testing - - - name: Remove a transit gateway by description - community.aws.ec2_transit_gateway: - state: absent - region: us-east-1 - description: personal-testing - - - name: Remove a transit gateway by id - community.aws.ec2_transit_gateway: - state: absent - region: ap-southeast-2 - transit_gateway_id: tgw-3a9aa123 - register: deleted_tgw - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - transit_gateway - -
    - complex -
    -     		state=present -
    The attributes of the transit gateway.
    -
    -
      -
    - creation_time - -
    - string -
    -     		always -
    The creation time of the transit gateway.
    -
    -
    Sample:
    -
    2019-03-06T17:13:51+00:00
    -
      -
    - description - -
    - string -
    -     		always -
    The description of the transit gateway.
    -
    -
    Sample:
    -
    my test tgw
    -
      -
    - options - -
    - complex -
    -     		always -
    The options attributes of the transit gateway
    -
    -
       -
    - amazon_side_asn - -
    - string -
    -     		always -
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    -
    -
    Sample:
    -
    64512
    -
       -
    - association_default_route_table_id - -
    - string -
    -     		Iwhen exists -
    The ID of the default association route table.
    -
    -
    Sample:
    -
    tgw-rtb-abc123444
    -
       -
    - auto_accept_shared_attachements - -
    - string -
    -     		always -
    Indicates whether attachment requests are automatically accepted.
    -
    -
    Sample:
    -
    disable
    -
       -
    - default_route_table_association - -
    - string -
    -     		always -
    Indicates whether resource attachments are automatically associated with the default association route table.
    -
    -
    Sample:
    -
    enable
    -
       -
    - default_route_table_propagation - -
    - string -
    -     		always -
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    -
    -
    Sample:
    -
    disable
    -
       -
    - dns_support - -
    - string -
    -     		always -
    Indicates whether DNS support is enabled.
    -
    -
    Sample:
    -
    enable
    -
       -
    - propagation_default_route_table_id - -
    - string -
    -     		when exists -
    The ID of the default propagation route table.
    -
    -
    Sample:
    -
    tgw-rtb-def456777
    -
       -
    - vpn_ecmp_support - -
    - string -
    -     		always -
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    -
    -
    Sample:
    -
    enable
    -
      -
    - owner_id - -
    - string -
    -     		always -
    The account that owns the transit gateway.
    -
    -
    Sample:
    -
    123456789012
    -
      -
    - state - -
    - string -
    -     		always -
    The state of the transit gateway.
    -
    -
    Sample:
    -
    pending
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    A dictionary of resource tags
    -
    -
    Sample:
    -
    {'tags': {'Name': 'nonprod_tgw'}}
    -
      -
    - transit_gateway_arn - -
    - string -
    -     		always -
    The ID of the transit_gateway.
    -
    -
    Sample:
    -
    tgw-3a9aa123
    -
      -
    - transit_gateway_id - -
    - string -
    -     		always -
    The ID of the transit_gateway.
    -
    -
    Sample:
    -
    tgw-3a9aa123
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Bob Boldin (@BobBoldin) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_transit_gateway_info.rst b/docs/community.aws.ec2_transit_gateway_info.rst deleted file mode 100644 index 1cb197c78a7..00000000000 --- a/docs/community.aws.ec2_transit_gateway_info.rst +++ /dev/null @@ -1,609 +0,0 @@ -:orphan: - -.. _community.aws.ec2_transit_gateway_info_module: - - -************************************** -community.aws.ec2_transit_gateway_info -************************************** - -**Gather information about ec2 transit gateways in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about ec2 transit gateways in AWS - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html for filters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - transit_gateway_ids - -
    - list -
    -     		- -
    A list of transit gateway IDs to gather information for.
    -

    aliases: transit_gateway_id
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather info about all transit gateways - community.aws.ec2_transit_gateway_info: - - - name: Gather info about a particular transit gateway using filter transit gateway ID - community.aws.ec2_transit_gateway_info: - filters: - transit-gateway-id: tgw-02c42332e6b7da829 - - - name: Gather info about a particular transit gateway using multiple option filters - community.aws.ec2_transit_gateway_info: - filters: - options.dns-support: enable - options.vpn-ecmp-support: enable - - - name: Gather info about multiple transit gateways using module param - community.aws.ec2_transit_gateway_info: - transit_gateway_ids: - - tgw-02c42332e6b7da829 - - tgw-03c53443d5a8cb716 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - transit_gateways - -
    - complex -
    -     		on success -
    Transit gateways that match the provided filters. Each element consists of a dict with all the information related to that transit gateway.
    -
    -
      -
    - creation_time - -
    - string -
    -     		always -
    The creation time.
    -
    -
    Sample:
    -
    2019-02-05T16:19:58+00:00
    -
      -
    - description - -
    - string -
    -     		always -
    The description of the transit gateway.
    -
    -
    Sample:
    -
    A transit gateway
    -
      -
    - options - -
    - complex -
    -     		always -
    A dictionary of the transit gateway options.
    -
    -
       -
    - amazon_side_asn - -
    - integer -
    -     		always -
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    -
    -
    Sample:
    -
    64512
    -
       -
    - association_default_route_table_id - -
    - string -
    -     		when present -
    The ID of the default association route table.
    -
    -
    Sample:
    -
    rtb-11223344
    -
       -
    - auto_accept_shared_attachments - -
    - string -
    -     		always -
    Indicates whether attachment requests are automatically accepted.
    -
    -
    Sample:
    -
    enable
    -
       -
    - default_route_table_association - -
    - string -
    -     		always -
    Indicates whether resource attachments are automatically associated with the default association route table.
    -
    -
    Sample:
    -
    disable
    -
       -
    - default_route_table_propagation - -
    - string -
    -     		always -
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    -
    -
    Sample:
    -
    disable
    -
       -
    - dns_support - -
    - string -
    -     		always -
    Indicates whether DNS support is enabled.
    -
    -
    Sample:
    -
    enable
    -
       -
    - propagation_default_route_table_id - -
    - string -
    -     		when present -
    The ID of the default propagation route table.
    -
    -
    Sample:
    -
    rtb-11223344
    -
       -
    - vpn_ecmp_support - -
    - string -
    -     		always -
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    -
    -
    Sample:
    -
    enable
    -
      -
    - owner_id - -
    - string -
    -     		always -
    The AWS account number ID which owns the transit gateway.
    -
    -
    Sample:
    -
    1234567654323
    -
      -
    - state - -
    - string -
    -     		always -
    The state of the transit gateway.
    -
    -
    Sample:
    -
    available
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    A dict of tags associated with the transit gateway.
    -
    -
    Sample:
    -
    { "Name": "A sample TGW" }
    -
      -
    - transit_gateway_arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the transit gateway.
    -
    -
    Sample:
    -
    arn:aws:ec2:us-west-2:1234567654323:transit-gateway/tgw-02c42332e6b7da829
    -
      -
    - transit_gateway_id - -
    - string -
    -     		always -
    The ID of the transit gateway.
    -
    -
    Sample:
    -
    tgw-02c42332e6b7da829
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Bob Boldin (@BobBoldin) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_egress_igw.rst b/docs/community.aws.ec2_vpc_egress_igw.rst deleted file mode 100644 index 2519abe3800..00000000000 --- a/docs/community.aws.ec2_vpc_egress_igw.rst +++ /dev/null @@ -1,321 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_egress_igw_module: - - -******************************** -community.aws.ec2_vpc_egress_igw -******************************** - -**Manage an AWS VPC Egress Only Internet gateway** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS VPC Egress Only Internet gateway - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete the EIGW.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string - / required
    -     		- -
    The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Ensure that the VPC has an Internet Gateway. - # The Internet Gateway ID is can be accessed via {{eigw.gateway_id}} for use in setting up NATs etc. - - community.aws.ec2_vpc_egress_igw: - vpc_id: vpc-abcdefgh - state: present - register: eigw - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - gateway_id - -
    - string -
    -     		always -
    The ID of the Egress Only Internet Gateway or Null.
    -
    -
    Sample:
    -
    eigw-0e00cf111ba5bc11e
    -
    -
    - vpc_id - -
    - string -
    -     		always -
    The ID of the VPC to attach or detach gateway from.
    -
    -
    Sample:
    -
    vpc-012345678
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Daniel Shepherd (@shepdelacreme) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_endpoint.rst b/docs/community.aws.ec2_vpc_endpoint.rst deleted file mode 100644 index 020d1362d27..00000000000 --- a/docs/community.aws.ec2_vpc_endpoint.rst +++ /dev/null @@ -1,470 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_endpoint_module: - - -****************************** -community.aws.ec2_vpc_endpoint -****************************** - -**Create and delete AWS VPC Endpoints.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates AWS VPC endpoints. -- Deletes AWS VPC endpoints. -- This module supports check mode. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - client_token - -
    - string -
    -     		- -
    Optional client token to ensure idempotency
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - policy - -
    - json -
    -     		- -
    A properly formatted json policy as string, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813. Cannot be used with policy_file.
    -
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    -
    -
    - policy_file - -
    - path -
    -     		- -
    The path to the properly json formatted policy file, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly. Cannot be used with policy.
    -
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    -

    aliases: policy_path
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - route_table_ids - -
    - list - / elements=string
    -     		- -
    List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - service - -
    - string -
    -     		- -
    An AWS supported vpc endpoint service. Use the community.aws.ec2_vpc_endpoint_info module to describe the supported endpoint services.
    -
    Required when creating an endpoint.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    present to ensure resource is created.
    -
    absent to remove resource
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_endpoint_id - -
    - string -
    -     		- -
    One or more vpc endpoint ids to remove from the AWS account
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    Required when creating a VPC endpoint.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    320
    -     		-
    Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create new vpc endpoint with a json template for policy - community.aws.ec2_vpc_endpoint: - state: present - region: ap-southeast-2 - vpc_id: vpc-12345678 - service: com.amazonaws.ap-southeast-2.s3 - policy: " {{ lookup( 'template', 'endpoint_policy.json.j2') }} " - route_table_ids: - - rtb-12345678 - - rtb-87654321 - register: new_vpc_endpoint - - - name: Create new vpc endpoint with the default policy - community.aws.ec2_vpc_endpoint: - state: present - region: ap-southeast-2 - vpc_id: vpc-12345678 - service: com.amazonaws.ap-southeast-2.s3 - route_table_ids: - - rtb-12345678 - - rtb-87654321 - register: new_vpc_endpoint - - - name: Create new vpc endpoint with json file - community.aws.ec2_vpc_endpoint: - state: present - region: ap-southeast-2 - vpc_id: vpc-12345678 - service: com.amazonaws.ap-southeast-2.s3 - policy_file: "{{ role_path }}/files/endpoint_policy.json" - route_table_ids: - - rtb-12345678 - - rtb-87654321 - register: new_vpc_endpoint - - - name: Delete newly created vpc endpoint - community.aws.ec2_vpc_endpoint: - state: absent - vpc_endpoint_id: "{{ new_vpc_endpoint.result['VpcEndpointId'] }}" - region: ap-southeast-2 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - endpoints - -
    - list -
    -     		success -
    The resulting endpoints from the module call
    -
    -
    Sample:
    -
    [{'creation_timestamp': '2017-02-20T05:04:15+00:00', 'policy_document': {'Id': 'Policy1450910922815', 'Statement': [{'Action': 's3:*', 'Effect': 'Allow', 'Principal': '*', 'Resource': ['arn:aws:s3:::*/*', 'arn:aws:s3:::*'], 'Sid': 'Stmt1450910920641'}], 'Version': '2012-10-17'}, 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'vpc_endpoint_id': 'vpce-a1b2c3d4', 'vpc_id': 'vpc-abbad0d0'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Karen Cheng (@Etherdaemon) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_endpoint_info.rst b/docs/community.aws.ec2_vpc_endpoint_info.rst deleted file mode 100644 index 02e5a72000b..00000000000 --- a/docs/community.aws.ec2_vpc_endpoint_info.rst +++ /dev/null @@ -1,362 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_endpoint_info_module: - - -*********************************** -community.aws.ec2_vpc_endpoint_info -*********************************** - -**Retrieves AWS VPC endpoints details using AWS methods.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gets various details related to AWS VPC Endpoints. -- This module was called ``ec2_vpc_endpoint_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html for possible filters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - query - -
    - string - / required
    -     		-
      Choices: -
    • services
      • -
    • endpoints
      • -
    -     		-
    Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_endpoint_ids - -
    - list - / elements=string
    -     		- -
    Get details of specific endpoint IDs
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Simple example of listing all support AWS services for VPC endpoints - - name: List supported AWS endpoint services - community.aws.ec2_vpc_endpoint_info: - query: services - region: ap-southeast-2 - register: supported_endpoint_services - - - name: Get all endpoints in ap-southeast-2 region - community.aws.ec2_vpc_endpoint_info: - query: endpoints - region: ap-southeast-2 - register: existing_endpoints - - - name: Get all endpoints with specific filters - community.aws.ec2_vpc_endpoint_info: - query: endpoints - region: ap-southeast-2 - filters: - vpc-id: - - vpc-12345678 - - vpc-87654321 - vpc-endpoint-state: - - available - - pending - register: existing_endpoints - - - name: Get details on specific endpoint - community.aws.ec2_vpc_endpoint_info: - query: endpoints - region: ap-southeast-2 - vpc_endpoint_ids: - - vpce-12345678 - register: endpoint_details - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - service_names - -
    - list -
    -     		query is services -
    AWS VPC endpoint service names
    -
    -
    Sample:
    -
    {'service_names': ['com.amazonaws.ap-southeast-2.s3']}
    -
    -
    - vpc_endpoints - -
    - list -
    -     		query is endpoints -
    A list of endpoints that match the query. Each endpoint has the keys creation_timestamp, policy_document, route_table_ids, service_name, state, vpc_endpoint_id, vpc_id.
    -
    -
    Sample:
    -
    {'vpc_endpoints': [{'creation_timestamp': '2017-02-16T11:06:48+00:00', 'policy_document': '"{"Version":"2012-10-17","Id":"Policy1450910922815", "Statement":[{"Sid":"Stmt1450910920641","Effect":"Allow", "Principal":"*","Action":"s3:*","Resource":["arn:aws:s3:::*/*","arn:aws:s3:::*"]}]}"\n', 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'state': 'available', 'vpc_endpoint_id': 'vpce-abbad0d0', 'vpc_id': 'vpc-1111ffff'}]}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Karen Cheng (@Etherdaemon) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_igw.rst b/docs/community.aws.ec2_vpc_igw.rst deleted file mode 100644 index 637824128f3..00000000000 --- a/docs/community.aws.ec2_vpc_igw.rst +++ /dev/null @@ -1,373 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_igw_module: - - -************************* -community.aws.ec2_vpc_igw -************************* - -**Manage an AWS VPC Internet gateway** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS VPC Internet gateway - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or terminate the IGW
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
    -

    aliases: resource_tags
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string - / required
    -     		- -
    The VPC ID for the VPC in which to manage the Internet Gateway.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Ensure that the VPC has an Internet Gateway. - # The Internet Gateway ID is can be accessed via {{igw.gateway_id}} for use in setting up NATs etc. - - community.aws.ec2_vpc_igw: - vpc_id: vpc-abcdefgh - state: present - register: igw - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    If any changes have been made to the Internet Gateway.
    -
    -
    Sample:
    -
    {'changed': False}
    -
    -
    - gateway_id - -
    - string -
    -     		state=present -
    The unique identifier for the Internet Gateway.
    -
    -
    Sample:
    -
    {'gateway_id': 'igw-XXXXXXXX'}
    -
    -
    - tags - -
    - dictionary -
    -     		state=present -
    The tags associated the Internet Gateway.
    -
    -
    Sample:
    -
    {'tags': {'Ansible': 'Test'}}
    -
    -
    - vpc_id - -
    - string -
    -     		state=present -
    The VPC ID associated with the Internet Gateway.
    -
    -
    Sample:
    -
    {'vpc_id': 'vpc-XXXXXXXX'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Robert Estelle (@erydo) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_igw_info.rst b/docs/community.aws.ec2_vpc_igw_info.rst deleted file mode 100644 index 4734a81e1cc..00000000000 --- a/docs/community.aws.ec2_vpc_igw_info.rst +++ /dev/null @@ -1,332 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_igw_info_module: - - -****************************** -community.aws.ec2_vpc_igw_info -****************************** - -**Gather information about internet gateways in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about internet gateways in AWS. -- This module was called ``ec2_vpc_igw_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html for possible filters.
    -
    -
    - internet_gateway_ids - -
    - list - / elements=string
    -     		- -
    Get details of specific Internet Gateway ID. Provide this value as a list.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all Internet Gateways for an account or profile - community.aws.ec2_vpc_igw_info: - region: ap-southeast-2 - profile: production - register: igw_info - - - name: Gather information about a filtered list of Internet Gateways - community.aws.ec2_vpc_igw_info: - region: ap-southeast-2 - profile: production - filters: - "tag:Name": "igw-123" - register: igw_info - - - name: Gather information about a specific internet gateway by InternetGatewayId - community.aws.ec2_vpc_igw_info: - region: ap-southeast-2 - profile: production - internet_gateway_ids: igw-c1231234 - register: igw_info - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    True if listing the internet gateways succeeds.
    -
    -
    Sample:
    -
    false
    -
    -
    - internet_gateways - -
    - list -
    -     		always -
    The internet gateways for the account.
    -
    -
    Sample:
    -
    [{'attachments': [{'state': 'available', 'vpc_id': 'vpc-02123b67'}], 'internet_gateway_id': 'igw-2123634d', 'tags': [{'key': 'Name', 'value': 'test-vpc-20-igw'}]}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Nick Aslanidis (@naslanidis) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nacl.rst b/docs/community.aws.ec2_vpc_nacl.rst deleted file mode 100644 index 3cc3c58ff06..00000000000 --- a/docs/community.aws.ec2_vpc_nacl.rst +++ /dev/null @@ -1,465 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_nacl_module: - - -************************** -community.aws.ec2_vpc_nacl -************************** - -**create and delete Network ACLs.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Read the AWS documentation for Network ACLS https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - egress - -
    - list -
    -     		- Default:
    []
    -     		-
    A list of rules for outgoing traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    -
    -
    - ingress - -
    - list -
    -     		- Default:
    []
    -     		-
    List of rules for incoming traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    -
    -
    - nacl_id - -
    - string -
    -     		- -
    NACL id identifying a network ACL.
    -
    One and only one of the name or nacl_id is required.
    -
    -
    - name - -
    - string -
    -     		- -
    Tagged name identifying a network ACL.
    -
    One and only one of the name or nacl_id is required.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Creates or modifies an existing NACL
    -
    Deletes a NACL and reassociates subnets to the default NACL
    -
    -
    - subnets - -
    - list -
    -     		- -
    The list of subnets that should be associated with the network ACL.
    -
    Must be specified as a list
    -
    Each subnet can be specified as subnet ID, or its tagged name.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Dictionary of tags to look for and apply when creating a network ACL.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    VPC id of the requesting VPC.
    -
    Required when state present.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - # Complete example to create and delete a network ACL - # that allows SSH, HTTP and ICMP in, and all traffic out. - - name: "Create and associate production DMZ network ACL with DMZ subnets" - community.aws.ec2_vpc_nacl: - vpc_id: vpc-12345678 - name: prod-dmz-nacl - region: ap-southeast-2 - subnets: ['prod-dmz-1', 'prod-dmz-2'] - tags: - CostCode: CC1234 - Project: phoenix - Description: production DMZ - ingress: - # rule no, protocol, allow/deny, cidr, icmp_type, icmp_code, - # port from, port to - - [100, 'tcp', 'allow', '0.0.0.0/0', null, null, 22, 22] - - [200, 'tcp', 'allow', '0.0.0.0/0', null, null, 80, 80] - - [300, 'icmp', 'allow', '0.0.0.0/0', 0, 8] - egress: - - [100, 'all', 'allow', '0.0.0.0/0', null, null, null, null] - state: 'present' - - - name: "Remove the ingress and egress rules - defaults to deny all" - community.aws.ec2_vpc_nacl: - vpc_id: vpc-12345678 - name: prod-dmz-nacl - region: ap-southeast-2 - subnets: - - prod-dmz-1 - - prod-dmz-2 - tags: - CostCode: CC1234 - Project: phoenix - Description: production DMZ - state: present - - - name: "Remove the NACL subnet associations and tags" - community.aws.ec2_vpc_nacl: - vpc_id: 'vpc-12345678' - name: prod-dmz-nacl - region: ap-southeast-2 - state: present - - - name: "Delete nacl and subnet associations" - community.aws.ec2_vpc_nacl: - vpc_id: vpc-12345678 - name: prod-dmz-nacl - state: absent - - - name: "Delete nacl by its id" - community.aws.ec2_vpc_nacl: - nacl_id: acl-33b4ee5b - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - nacl_id - -
    - string -
    -     		success -
    The id of the NACL (when creating or updating an ACL)
    -
    -
    Sample:
    -
    acl-123456789abcdef01
    -
    -
    - task - -
    - dictionary -
    -     		success -
    The result of the create, or delete action.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mike Mochan (@mmochan) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nacl_info.rst b/docs/community.aws.ec2_vpc_nacl_info.rst deleted file mode 100644 index 36f816b0e3b..00000000000 --- a/docs/community.aws.ec2_vpc_nacl_info.rst +++ /dev/null @@ -1,429 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_nacl_info_module: - - -******************************* -community.aws.ec2_vpc_nacl_info -******************************* - -**Gather information about Network ACLs in an AWS VPC** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about Network ACLs in an AWS VPC -- This module was called ``ec2_vpc_nacl_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html for possible filters. Filter names and values are case sensitive.
    -
    -
    - nacl_ids - -
    - list -
    -     		- Default:
    []
    -     		-
    A list of Network ACL IDs to retrieve information about.
    -

    aliases: nacl_id
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - By default, the module will return all Network ACLs. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Gather information about all Network ACLs: - - name: Get All NACLs - community.aws.ec2_vpc_nacl_info: - region: us-west-2 - register: all_nacls - - # Retrieve default Network ACLs: - - name: Get Default NACLs - community.aws.ec2_vpc_nacl_info: - region: us-west-2 - filters: - 'default': 'true' - register: default_nacls - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - nacls - -
    - complex -
    -     		success -
    Returns an array of complex objects as described below.
    -
    -
      -
    - egress - -
    - list - / elements=list
    -     		always -
    A list of NACL egress rules with the following format.
    -
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    -
    -
    Sample:
    -
    [[100, 'all', 'allow', '0.0.0.0/0', None, None, None, None]]
    -
      -
    - ingress - -
    - list - / elements=list
    -     		always -
    A list of NACL ingress rules with the following format.
    -
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    -
    -
    Sample:
    -
    [[100, 'tcp', 'allow', '0.0.0.0/0', None, None, 22, 22]]
    -
      -
    - is_default - -
    - boolean -
    -     		always -
    True if the NACL is the default for its VPC.
    -
    -
      -
    - nacl_id - -
    - string -
    -     		always -
    The ID of the Network Access Control List.
    -
    -
      -
    - subnets - -
    - list - / elements=string
    -     		always -
    A list of subnet IDs that are associated with the NACL.
    -
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    A dict of tags associated with the NACL.
    -
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    The ID of the VPC that the NACL is attached to.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Brad Davidson (@brandond) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nat_gateway.rst b/docs/community.aws.ec2_vpc_nat_gateway.rst deleted file mode 100644 index c049e04b738..00000000000 --- a/docs/community.aws.ec2_vpc_nat_gateway.rst +++ /dev/null @@ -1,590 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_nat_gateway_module: - - -********************************* -community.aws.ec2_vpc_nat_gateway -********************************* - -**Manage AWS VPC NAT Gateways.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Ensure the state of AWS VPC NAT Gateways based on their id, allocation and subnet ids. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - allocation_id - -
    - string -
    -     		- -
    The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - client_token - -
    - string -
    -     		- -
    Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - eip_address - -
    - string -
    -     		- -
    The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
    -
    -
    - if_exist_do_not_create - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    if a NAT Gateway exists already in the subnet_id, then do not create a new one.
    -
    -
    - nat_gateway_id - -
    - string -
    -     		- -
    The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - release_eip - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Deallocate the EIP from the VPC.
    -
    Option is only valid with the absent state.
    -
    You should use this with the wait option. Since you can not release an address while a delete operation is happening.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Ensure NAT Gateway is present or absent.
    -
    -
    - subnet_id - -
    - string -
    -     		- -
    The id of the subnet to create the NAT Gateway in. This is required with the present option.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for operation to complete before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    320
    -     		-
    How many seconds to wait for an operation to complete before timing out.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create new nat gateway with client token. - community.aws.ec2_vpc_nat_gateway: - state: present - subnet_id: subnet-12345678 - eip_address: 52.1.1.1 - region: ap-southeast-2 - client_token: abcd-12345678 - register: new_nat_gateway - - - name: Create new nat gateway using an allocation-id. - community.aws.ec2_vpc_nat_gateway: - state: present - subnet_id: subnet-12345678 - allocation_id: eipalloc-12345678 - region: ap-southeast-2 - register: new_nat_gateway - - - name: Create new nat gateway, using an EIP address and wait for available status. - community.aws.ec2_vpc_nat_gateway: - state: present - subnet_id: subnet-12345678 - eip_address: 52.1.1.1 - wait: true - region: ap-southeast-2 - register: new_nat_gateway - - - name: Create new nat gateway and allocate new EIP. - community.aws.ec2_vpc_nat_gateway: - state: present - subnet_id: subnet-12345678 - wait: true - region: ap-southeast-2 - register: new_nat_gateway - - - name: Create new nat gateway and allocate new EIP if a nat gateway does not yet exist in the subnet. - community.aws.ec2_vpc_nat_gateway: - state: present - subnet_id: subnet-12345678 - wait: true - region: ap-southeast-2 - if_exist_do_not_create: true - register: new_nat_gateway - - - name: Delete nat gateway using discovered nat gateways from facts module. - community.aws.ec2_vpc_nat_gateway: - state: absent - region: ap-southeast-2 - wait: true - nat_gateway_id: "{{ item.NatGatewayId }}" - release_eip: true - register: delete_nat_gateway_result - loop: "{{ gateways_to_remove.result }}" - - - name: Delete nat gateway and wait for deleted status. - community.aws.ec2_vpc_nat_gateway: - state: absent - nat_gateway_id: nat-12345678 - wait: true - wait_timeout: 500 - region: ap-southeast-2 - - - name: Delete nat gateway and release EIP. - community.aws.ec2_vpc_nat_gateway: - state: absent - nat_gateway_id: nat-12345678 - release_eip: true - wait: yes - wait_timeout: 300 - region: ap-southeast-2 - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - create_time - -
    - string -
    -     		In all cases. -
    The ISO 8601 date time format in UTC.
    -
    -
    Sample:
    -
    2016-03-05T05:19:20.282000+00:00'
    -
    -
    - nat_gateway_addresses - -
    - string -
    -     		In all cases. -
    List of dictionaries containing the public_ip, network_interface_id, private_ip, and allocation_id.
    -
    -
    Sample:
    -
    [{'public_ip': '52.52.52.52', 'network_interface_id': 'eni-12345', 'private_ip': '10.0.0.100', 'allocation_id': 'eipalloc-12345'}]
    -
    -
    - nat_gateway_id - -
    - string -
    -     		In all cases. -
    id of the VPC NAT Gateway
    -
    -
    Sample:
    -
    nat-0d1e3a878585988f8
    -
    -
    - state - -
    - string -
    -     		In all cases. -
    The current state of the NAT Gateway.
    -
    -
    Sample:
    -
    available
    -
    -
    - subnet_id - -
    - string -
    -     		In all cases. -
    id of the Subnet
    -
    -
    Sample:
    -
    subnet-12345
    -
    -
    - vpc_id - -
    - string -
    -     		In all cases. -
    id of the VPC.
    -
    -
    Sample:
    -
    vpc-12345
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Allen Sanabria (@linuxdynasty) -- Jon Hadfield (@jonhadfield) -- Karen Cheng (@Etherdaemon) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info.rst b/docs/community.aws.ec2_vpc_nat_gateway_info.rst deleted file mode 100644 index 760c7227202..00000000000 --- a/docs/community.aws.ec2_vpc_nat_gateway_info.rst +++ /dev/null @@ -1,323 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_nat_gateway_info_module: - - -************************************** -community.aws.ec2_vpc_nat_gateway_info -************************************** - -**Retrieves AWS VPC Managed Nat Gateway details using AWS methods.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gets various details related to AWS VPC Managed Nat Gateways -- This module was called ``ec2_vpc_nat_gateway_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html for possible filters.
    -
    -
    - nat_gateway_ids - -
    - list - / elements=string
    -     		- -
    List of specific nat gateway IDs to fetch details for.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Simple example of listing all nat gateways - - name: List all managed nat gateways in ap-southeast-2 - community.aws.ec2_vpc_nat_gateway_info: - region: ap-southeast-2 - register: all_ngws - - - name: Debugging the result - debug: - msg: "{{ all_ngws.result }}" - - - name: Get details on specific nat gateways - community.aws.ec2_vpc_nat_gateway_info: - nat_gateway_ids: - - nat-1234567891234567 - - nat-7654321987654321 - region: ap-southeast-2 - register: specific_ngws - - - name: Get all nat gateways with specific filters - community.aws.ec2_vpc_nat_gateway_info: - region: ap-southeast-2 - filters: - state: ['pending'] - register: pending_ngws - - - name: Get nat gateways with specific filter - community.aws.ec2_vpc_nat_gateway_info: - region: ap-southeast-2 - filters: - subnet-id: subnet-12345678 - state: ['available'] - register: existing_nat_gateways - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - result - -
    - list -
    -     		success -
    The result of the describe, converted to ansible snake case style. See http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_nat_gateways for the response.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Karen Cheng (@Etherdaemon) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_peer.rst b/docs/community.aws.ec2_vpc_peer.rst deleted file mode 100644 index 1ecd146eb58..00000000000 --- a/docs/community.aws.ec2_vpc_peer.rst +++ /dev/null @@ -1,521 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_peer_module: - - -************************** -community.aws.ec2_vpc_peer -************************** - -**create, delete, accept, and reject VPC peering connections between two VPCs.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Read the AWS documentation for VPC Peering Connections https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-peering.html. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - peer_owner_id - -
    - string -
    -     		- -
    The AWS account number for cross account peering.
    -
    -
    - peer_region - -
    - string -
    -     		- -
    Region of the accepting VPC.
    -
    -
    - peer_vpc_id - -
    - string -
    -     		- -
    VPC id of the accepting VPC.
    -
    -
    - peering_id - -
    - string -
    -     		- -
    Peering connection id.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • accept
      • -
    • reject
      • -
    -     		-
    Create, delete, accept, reject a peering connection.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Dictionary of tags to look for and apply when creating a Peering Connection.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    VPC id of the requesting VPC.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Complete example to create and accept a local peering connection. - - name: Create local account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-87654321 - state: present - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: Accept local VPC peering request - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - peering_id: "{{ vpc_peer.peering_id }}" - state: accept - register: action_peer - - # Complete example to delete a local peering connection. - - name: Create local account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-87654321 - state: present - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: delete a local VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - peering_id: "{{ vpc_peer.peering_id }}" - state: absent - register: vpc_peer - - # Complete example to create and accept a cross account peering connection. - - name: Create cross account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-12345678 - peer_owner_id: 123456789102 - state: present - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: Accept peering connection from remote account - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - peering_id: "{{ vpc_peer.peering_id }}" - profile: bot03_profile_for_cross_account - state: accept - register: vpc_peer - - # Complete example to create and accept an intra-region peering connection. - - name: Create intra-region VPC peering Connection - community.aws.ec2_vpc_peer: - region: us-east-1 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-87654321 - peer_region: us-west-2 - state: present - tags: - Name: Peering connection for us-east-1 VPC to us-west-2 VPC - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: Accept peering connection from peer region - community.aws.ec2_vpc_peer: - region: us-west-2 - peering_id: "{{ vpc_peer.peering_id }}" - state: accept - register: vpc_peer - - # Complete example to create and reject a local peering connection. - - name: Create local account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-87654321 - state: present - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: Reject a local VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - peering_id: "{{ vpc_peer.peering_id }}" - state: reject - - # Complete example to create and accept a cross account peering connection. - - name: Create cross account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-12345678 - peer_owner_id: 123456789102 - state: present - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: Accept a cross account VPC peering connection request - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - peering_id: "{{ vpc_peer.peering_id }}" - profile: bot03_profile_for_cross_account - state: accept - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - - # Complete example to create and reject a cross account peering connection. - - name: Create cross account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - vpc_id: vpc-12345678 - peer_vpc_id: vpc-12345678 - peer_owner_id: 123456789102 - state: present - tags: - Name: Peering connection for VPC 21 to VPC 22 - CostCode: CC1234 - Project: phoenix - register: vpc_peer - - - name: Reject a cross account VPC peering Connection - community.aws.ec2_vpc_peer: - region: ap-southeast-2 - peering_id: "{{ vpc_peer.peering_id }}" - profile: bot03_profile_for_cross_account - state: reject - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - task - -
    - dictionary -
    -     		success -
    The result of the create, accept, reject or delete action.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mike Mochan (@mmochan) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_peering_info.rst b/docs/community.aws.ec2_vpc_peering_info.rst deleted file mode 100644 index 99fca05f714..00000000000 --- a/docs/community.aws.ec2_vpc_peering_info.rst +++ /dev/null @@ -1,315 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_peering_info_module: - - -********************************** -community.aws.ec2_vpc_peering_info -********************************** - -**Retrieves AWS VPC Peering details using AWS methods.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gets various details related to AWS VPC Peers -- This module was called ``ec2_vpc_peering_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html for possible filters.
    -
    -
    - peer_connection_ids - -
    - list - / elements=string
    -     		- -
    List of specific VPC peer IDs to get details for.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Simple example of listing all VPC Peers - - name: List all vpc peers - community.aws.ec2_vpc_peering_info: - region: ap-southeast-2 - register: all_vpc_peers - - - name: Debugging the result - debug: - msg: "{{ all_vpc_peers.result }}" - - - name: Get details on specific VPC peer - community.aws.ec2_vpc_peering_info: - peer_connection_ids: - - pcx-12345678 - - pcx-87654321 - region: ap-southeast-2 - register: all_vpc_peers - - - name: Get all vpc peers with specific filters - community.aws.ec2_vpc_peering_info: - region: ap-southeast-2 - filters: - status-code: ['pending-acceptance'] - register: pending_vpc_peers - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - result - -
    - list -
    -     		success -
    The result of the describe.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Karen Cheng (@Etherdaemon) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_route_table.rst b/docs/community.aws.ec2_vpc_route_table.rst deleted file mode 100644 index af09fa00f12..00000000000 --- a/docs/community.aws.ec2_vpc_route_table.rst +++ /dev/null @@ -1,820 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_route_table_module: - - -********************************* -community.aws.ec2_vpc_route_table -********************************* - -**Manage route tables for AWS virtual private clouds** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage route tables for AWS virtual private clouds - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - lookup - -
    - string -
    -     		-
      Choices: -
    • tag ←
      • -
    • id
      • -
    -     		-
    Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - propagating_vgw_ids - -
    - list - / elements=string
    -     		- -
    Enable route propagation from virtual gateways specified by ID.
    -
    -
    - purge_routes - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Purge existing routes that are not found in routes.
    -
    -
    - purge_subnets - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    - Default:
    "true"
    -     		-
    Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing tags that are not found in route table.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - route_table_id - -
    - string -
    -     		- -
    The ID of the route table to update or delete.
    -
    Required when lookup=id.
    -
    -
    - routes - -
    - list - / elements=dictionary
    -     		- -
    List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or destroy the VPC route table.
    -
    -
    - subnets - -
    - list - / elements=string
    -     		- -
    An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.
    -

    aliases: resource_tags
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    VPC ID of the VPC in which to create the route table.
    -
    Required when state=present or lookup=tag.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Basic creation example: - - name: Set up public subnet route table - community.aws.ec2_vpc_route_table: - vpc_id: vpc-1245678 - region: us-west-1 - tags: - Name: Public - subnets: - - "{{ jumpbox_subnet.subnet.id }}" - - "{{ frontend_subnet.subnet.id }}" - - "{{ vpn_subnet.subnet_id }}" - routes: - - dest: 0.0.0.0/0 - gateway_id: "{{ igw.gateway_id }}" - register: public_route_table - - - name: Set up NAT-protected route table - community.aws.ec2_vpc_route_table: - vpc_id: vpc-1245678 - region: us-west-1 - tags: - Name: Internal - subnets: - - "{{ application_subnet.subnet.id }}" - - 'Database Subnet' - - '10.0.0.0/8' - routes: - - dest: 0.0.0.0/0 - instance_id: "{{ nat.instance_id }}" - register: nat_route_table - - - name: delete route table - community.aws.ec2_vpc_route_table: - vpc_id: vpc-1245678 - region: us-west-1 - route_table_id: "{{ route_table.id }}" - lookup: id - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - route_table - -
    - complex -
    -     		always -
    Route Table result
    -
    -
      -
    - associations - -
    - complex -
    -     		always -
    List of subnets associated with the route table
    -
    -
       -
    - main - -
    - boolean -
    -     		always -
    Whether this is the main route table
    -
    -
       -
    - route_table_association_id - -
    - string -
    -     		always -
    ID of association between route table and subnet
    -
    -
    Sample:
    -
    rtbassoc-ab47cfc3
    -
       -
    - route_table_id - -
    - string -
    -     		always -
    ID of the route table
    -
    -
    Sample:
    -
    rtb-bf779ed7
    -
       -
    - subnet_id - -
    - string -
    -     		always -
    ID of the subnet
    -
    -
    Sample:
    -
    subnet-82055af9
    -
      -
    - id - -
    - string -
    -     		always -
    ID of the route table (same as route_table_id for backwards compatibility)
    -
    -
    Sample:
    -
    rtb-bf779ed7
    -
      -
    - propagating_vgws - -
    - list -
    -     		always -
    List of Virtual Private Gateways propagating routes
    -
    -
      -
    - route_table_id - -
    - string -
    -     		always -
    ID of the route table
    -
    -
    Sample:
    -
    rtb-bf779ed7
    -
      -
    - routes - -
    - complex -
    -     		always -
    List of routes in the route table
    -
    -
       -
    - destination_cidr_block - -
    - string -
    -     		always -
    CIDR block of destination
    -
    -
    Sample:
    -
    10.228.228.0/22
    -
       -
    - gateway_id - -
    - string -
    -     		when gateway is local or internet gateway -
    ID of the gateway
    -
    -
    Sample:
    -
    local
    -
       -
    - instance_id - -
    - string -
    -     		when the route is via an EC2 instance -
    ID of a NAT instance
    -
    -
    Sample:
    -
    i-abcd123456789
    -
       -
    - instance_owner_id - -
    - string -
    -     		when the route is via an EC2 instance -
    AWS account owning the NAT instance
    -
    -
    Sample:
    -
    123456789012
    -
       -
    - nat_gateway_id - -
    - string -
    -     		when the route is via a NAT gateway -
    ID of the NAT gateway
    -
    -
    Sample:
    -
    local
    -
       -
    - origin - -
    - string -
    -     		always -
    mechanism through which the route is in the table
    -
    -
    Sample:
    -
    CreateRouteTable
    -
       -
    - state - -
    - string -
    -     		always -
    state of the route
    -
    -
    Sample:
    -
    active
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    Tags applied to the route table
    -
    -
    Sample:
    -
    {'Name': 'Public route table', 'Public': 'true'}
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    ID for the VPC in which the route lives
    -
    -
    Sample:
    -
    vpc-6e2d2407
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Robert Estelle (@erydo) -- Rob White (@wimnat) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_route_table_info.rst b/docs/community.aws.ec2_vpc_route_table_info.rst deleted file mode 100644 index 47670f25bf3..00000000000 --- a/docs/community.aws.ec2_vpc_route_table_info.rst +++ /dev/null @@ -1,265 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_route_table_info_module: - - -************************************** -community.aws.ec2_vpc_route_table_info -************************************** - -**Gather information about ec2 VPC route tables in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about ec2 VPC route tables in AWS -- This module was called ``ec2_vpc_route_table_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html for possible filters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all VPC route tables - community.aws.ec2_vpc_route_table_info: - - - name: Gather information about a particular VPC route table using route table ID - community.aws.ec2_vpc_route_table_info: - filters: - route-table-id: rtb-00112233 - - - name: Gather information about any VPC route table with a tag key Name and value Example - community.aws.ec2_vpc_route_table_info: - filters: - "tag:Name": Example - - - name: Gather information about any VPC route table within VPC with ID vpc-abcdef00 - community.aws.ec2_vpc_route_table_info: - filters: - vpc-id: vpc-abcdef00 - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vgw.rst b/docs/community.aws.ec2_vpc_vgw.rst deleted file mode 100644 index 3e8cdad632c..00000000000 --- a/docs/community.aws.ec2_vpc_vgw.rst +++ /dev/null @@ -1,431 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_vgw_module: - - -************************* -community.aws.ec2_vpc_vgw -************************* - -**Create and delete AWS VPN Virtual Gateways.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates AWS VPN Virtual Gateways -- Deletes AWS VPN Virtual Gateways -- Attaches Virtual Gateways to VPCs -- Detaches Virtual Gateways from VPCs - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - asn - -
    - integer -
    -     		- -
    the BGP ASN of the amazon side
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    name of the vgw to be created or deleted
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    present to ensure resource is created.
    -
    absent to remove resource
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    dictionary of resource tags
    -

    aliases: resource_tags
    -
    -
    - type - -
    - string -
    -     		-
      Choices: -
    • ipsec.1 ←
      • -
    -     		-
    type of the virtual gateway to be created
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    the vpc-id of a vpc to attach or detach
    -
    -
    - vpn_gateway_id - -
    - string -
    -     		- -
    vpn gateway id of an existing virtual gateway
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    320
    -     		-
    number of seconds to wait for status during vpc attach and detach
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a new vgw attached to a specific VPC - community.aws.ec2_vpc_vgw: - state: present - region: ap-southeast-2 - profile: personal - vpc_id: vpc-12345678 - name: personal-testing - type: ipsec.1 - register: created_vgw - - - name: Create a new unattached vgw - community.aws.ec2_vpc_vgw: - state: present - region: ap-southeast-2 - profile: personal - name: personal-testing - type: ipsec.1 - tags: - environment: production - owner: ABC - register: created_vgw - - - name: Remove a new vgw using the name - community.aws.ec2_vpc_vgw: - state: absent - region: ap-southeast-2 - profile: personal - name: personal-testing - type: ipsec.1 - register: deleted_vgw - - - name: Remove a new vgw using the vpn_gateway_id - community.aws.ec2_vpc_vgw: - state: absent - region: ap-southeast-2 - profile: personal - vpn_gateway_id: vgw-3a9aa123 - register: deleted_vgw - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - result - -
    - dictionary -
    -     		success -
    The result of the create, or delete action.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Nick Aslanidis (@naslanidis) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vgw_info.rst b/docs/community.aws.ec2_vpc_vgw_info.rst deleted file mode 100644 index 5eb15889137..00000000000 --- a/docs/community.aws.ec2_vpc_vgw_info.rst +++ /dev/null @@ -1,332 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_vgw_info_module: - - -****************************** -community.aws.ec2_vpc_vgw_info -****************************** - -**Gather information about virtual gateways in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about virtual gateways in AWS. -- This module was called ``ec2_vpc_vgw_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html for possible filters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpn_gateway_ids - -
    - list - / elements=string
    -     		- -
    Get details of a specific Virtual Gateway ID. This value should be provided as a list.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all virtual gateways for an account or profile - community.aws.ec2_vpc_vgw_info: - region: ap-southeast-2 - profile: production - register: vgw_info - - - name: Gather information about a filtered list of Virtual Gateways - community.aws.ec2_vpc_vgw_info: - region: ap-southeast-2 - profile: production - filters: - "tag:Name": "main-virt-gateway" - register: vgw_info - - - name: Gather information about a specific virtual gateway by VpnGatewayIds - community.aws.ec2_vpc_vgw_info: - region: ap-southeast-2 - profile: production - vpn_gateway_ids: vgw-c432f6a7 - register: vgw_info - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    True if listing the virtual gateways succeeds.
    -
    -
    Sample:
    -
    false
    -
    -
    - virtual_gateways - -
    - list -
    -     		always -
    The virtual gateways for the account.
    -
    -
    Sample:
    -
    [{'state': 'available', 'tags': [{'key': 'Name', 'value': 'TEST-VGW'}], 'type': 'ipsec.1', 'vpc_attachments': [{'state': 'attached', 'vpc_id': 'vpc-22a93c74'}], 'vpn_gateway_id': 'vgw-23e3d64e'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Nick Aslanidis (@naslanidis) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vpn.rst b/docs/community.aws.ec2_vpc_vpn.rst deleted file mode 100644 index c145a56ade8..00000000000 --- a/docs/community.aws.ec2_vpc_vpn.rst +++ /dev/null @@ -1,942 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_vpn_module: - - -************************* -community.aws.ec2_vpc_vpn -************************* - -**Create, modify, and delete EC2 VPN connections.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module creates, modifies, and deletes VPN connections. Idempotence is achieved by using the filters option or specifying the VPN connection identifier. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - connection_type - -
    - string -
    -     		- Default:
    "ipsec.1"
    -     		-
    The type of VPN connection.
    -
    At this time only 'ipsec.1' is supported.
    -
    -
    - customer_gateway_id - -
    - string -
    -     		- -
    The ID of the customer gateway.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delay - -
    - integer -
    -     		- Default:
    15
    -     		-
    The time to wait before checking operation again. in seconds.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
    -
    -
    - bgp - -
    - - -
    -     		- -
    The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
    -
    -
    - cgw - -
    - - -
    -     		- -
    The customer gateway id as a string or a list of those strings.
    -
    -
    - cgw-config - -
    - - -
    -     		- -
    The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
    -
    -
    - cidr - -
    - - -
    -     		- -
    The destination cidr of the VPN's route as a string or a list of those strings.
    -
    -
    - static-routes-only - -
    - - -
    -     		- -
    The type of routing; true or false.
    -
    -
    - tag-keys - -
    - - -
    -     		- -
    The key of a tag as a string or a list of those strings.
    -
    -
    - tag-values - -
    - - -
    -     		- -
    The value of a tag as a string or a list of those strings.
    -
    -
    - tags - -
    - - -
    -     		- -
    A dict of key value pairs.
    -
    -
    - vgw - -
    - - -
    -     		- -
    The virtual private gateway as a string or a list of those strings.
    -
    -
    - vpn - -
    - - -
    -     		- -
    The VPN connection id as a string or a list of those strings.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_routes - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to delete VPN connections routes that are not specified in the task.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - routes - -
    - list - / elements=string
    -     		- -
    Routes to add to the connection.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    The desired state of the VPN connection.
    -
    -
    - static_only - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Tags to attach to the VPN connection.
    -
    -
    - tunnel_options - -
    - list - / elements=dictionary
    -     		- -
    An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
    -
    -
    - PreSharedKey - -
    - string -
    -     		- -
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
    -
    -
    - TunnelInsideCidr - -
    - string -
    -     		- -
    The range of inside IP addresses for the tunnel.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpn_connection_id - -
    - string -
    -     		- -
    The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
    -
    -
    - vpn_gateway_id - -
    - string -
    -     		- -
    The ID of the virtual private gateway.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    600
    -     		-
    How long before wait gives up, in seconds.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: None of these examples set aws_access_key, aws_secret_key, or region. - # It is assumed that their matching environment variables are set. - - - name: create a VPN connection - community.aws.ec2_vpc_vpn: - state: present - vpn_gateway_id: vgw-XXXXXXXX - customer_gateway_id: cgw-XXXXXXXX - - - name: modify VPN connection tags - community.aws.ec2_vpc_vpn: - state: present - vpn_connection_id: vpn-XXXXXXXX - tags: - Name: ansible-tag-1 - Other: ansible-tag-2 - - - name: delete a connection - community.aws.ec2_vpc_vpn: - vpn_connection_id: vpn-XXXXXXXX - state: absent - - - name: modify VPN tags (identifying VPN by filters) - community.aws.ec2_vpc_vpn: - state: present - filters: - cidr: 194.168.1.0/24 - tag-keys: - - Ansible - - Other - tags: - New: Tag - purge_tags: true - static_only: true - - - name: set up VPN with tunnel options utilizing 'TunnelInsideCidr' only - community.aws.ec2_vpc_vpn: - state: present - filters: - vpn: vpn-XXXXXXXX - static_only: true - tunnel_options: - - - TunnelInsideCidr: '169.254.100.1/30' - - - TunnelInsideCidr: '169.254.100.5/30' - - - name: add routes and remove any preexisting ones - community.aws.ec2_vpc_vpn: - state: present - filters: - vpn: vpn-XXXXXXXX - routes: - - 195.168.2.0/24 - - 196.168.2.0/24 - purge_routes: true - - - name: remove all routes - community.aws.ec2_vpc_vpn: - state: present - vpn_connection_id: vpn-XXXXXXXX - routes: [] - purge_routes: true - - - name: delete a VPN identified by filters - community.aws.ec2_vpc_vpn: - state: absent - filters: - tags: - Ansible: Tag - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    If the VPN connection has changed.
    -
    -
    Sample:
    -
    {'changed': True}
    -
    -
    - customer_gateway_configuration - -
    - string -
    -     		state=present -
    The configuration of the VPN connection.
    -
    -
    -
    - customer_gateway_id - -
    - string -
    -     		state=present -
    The customer gateway connected via the connection.
    -
    -
    Sample:
    -
    {'customer_gateway_id': 'cgw-1220c87b'}
    -
    -
    - options - -
    - complex -
    -     		state=present -
    The VPN connection options (currently only containing static_routes_only).
    -
    -
      -
    - static_routes_only - -
    - string -
    -     		state=present -
    If the VPN connection only allows static routes.
    -
    -
    Sample:
    -
    {'static_routes_only': True}
    -
    -
    - routes - -
    - list -
    -     		state=present -
    The routes of the VPN connection.
    -
    -
    Sample:
    -
    {'routes': [{'destination_cidr_block': '192.168.1.0/24', 'state': 'available'}]}
    -
    -
    - state - -
    - string -
    -     		state=present -
    The status of the VPN connection.
    -
    -
    Sample:
    -
    {'state': 'available'}
    -
    -
    - tags - -
    - dictionary -
    -     		state=present -
    The tags associated with the connection.
    -
    -
    Sample:
    -
    {'tags': {'name': 'ansible-test', 'other': 'tag'}}
    -
    -
    - type - -
    - string -
    -     		state=present -
    The type of VPN connection (currently only ipsec.1 is available).
    -
    -
    Sample:
    -
    {'type': 'ipsec.1'}
    -
    -
    - vgw_telemetry - -
    - list -
    -     		state=present -
    The telemetry for the VPN tunnel.
    -
    -
    Sample:
    -
    {'vgw_telemetry': [{'outside_ip_address': 'string', 'status': 'up', 'last_status_change': 'datetime(2015, 1, 1)', 'status_message': 'string', 'accepted_route_count': 123}]}
    -
    -
    - vpn_connection_id - -
    - string -
    -     		state=present -
    The identifier for the VPN connection.
    -
    -
    Sample:
    -
    {'vpn_connection_id': 'vpn-781e0e19'}
    -
    -
    - vpn_gateway_id - -
    - string -
    -     		state=present -
    The virtual private gateway connected via the connection.
    -
    -
    Sample:
    -
    {'vpn_gateway_id': 'vgw-cb0ae2a2'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_vpc_vpn_info.rst b/docs/community.aws.ec2_vpc_vpn_info.rst deleted file mode 100644 index 741295496f5..00000000000 --- a/docs/community.aws.ec2_vpc_vpn_info.rst +++ /dev/null @@ -1,651 +0,0 @@ -:orphan: - -.. _community.aws.ec2_vpc_vpn_info_module: - - -****************************** -community.aws.ec2_vpc_vpn_info -****************************** - -**Gather information about VPN Connections in AWS.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about VPN Connections in AWS. -- This module was called ``ec2_vpc_vpn_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html for possible filters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpn_connection_ids - -
    - list - / elements=string
    -     		- -
    Get details of a specific VPN connections using vpn connection ID/IDs. This value should be provided as a list.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # # Note: These examples do not set authentication details, see the AWS Guide for details. - - name: Gather information about all vpn connections - community.aws.ec2_vpc_vpn_info: - - - name: Gather information about a filtered list of vpn connections, based on tags - community.aws.ec2_vpc_vpn_info: - filters: - "tag:Name": test-connection - register: vpn_conn_info - - - name: Gather information about vpn connections by specifying connection IDs. - community.aws.ec2_vpc_vpn_info: - filters: - vpn-gateway-id: vgw-cbe66beb - register: vpn_conn_info - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - vpn_connections - -
    - complex -
    -     		always -
    List of one or more VPN Connections.
    -
    -
      -
    - category - -
    - string -
    -     		always -
    The category of the VPN connection.
    -
    -
    Sample:
    -
    VPN
    -
      -
    - customer_gateway_id - -
    - string -
    -     		always -
    The ID of the customer gateway at your end of the VPN connection.
    -
    -
    Sample:
    -
    cgw-17a53c37
    -
      -
    - customer_gatway_configuration - -
    - string -
    -     		always -
    The configuration information for the VPN connection's customer gateway (in the native XML format).
    -
    -
      -
    - options - -
    - dictionary -
    -     		always -
    The VPN connection options.
    -
    -
    Sample:
    -
    {'static_routes_only': False}
    -
      -
    - routes - -
    - complex -
    -     		always -
    List of static routes associated with the VPN connection.
    -
    -
       -
    - destination_cidr_block - -
    - string -
    -     		always -
    The CIDR block associated with the local subnet of the customer data center.
    -
    -
    Sample:
    -
    10.0.0.0/16
    -
       -
    - state - -
    - string -
    -     		always -
    The current state of the static route.
    -
    -
    Sample:
    -
    available
    -
      -
    - state - -
    - string -
    -     		always -
    The current state of the VPN connection.
    -
    -
    Sample:
    -
    available
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    Any tags assigned to the VPN connection.
    -
    -
    Sample:
    -
    {'Name': 'test-conn'}
    -
      -
    - type - -
    - string -
    -     		always -
    The type of VPN connection.
    -
    -
    Sample:
    -
    ipsec.1
    -
      -
    - vgw_telemetry - -
    - complex -
    -     		always -
    Information about the VPN tunnel.
    -
    -
       -
    - accepted_route_count - -
    - integer -
    -     		always -
    The number of accepted routes.
    -
    -
       -
    - certificate_arn - -
    - string -
    -     		when a private certificate is used for authentication -
    The Amazon Resource Name of the virtual private gateway tunnel endpoint certificate.
    -
    -
    Sample:
    -
    arn:aws:acm:us-east-1:123456789101:certificate/c544d8ce-20b8-4fff-98b0-example
    -
       -
    - last_status_change - -
    - string -
    -     		always -
    The date and time of the last change in status.
    -
    -
    Sample:
    -
    2018-02-09T14:35:27+00:00
    -
       -
    - outside_ip_address - -
    - string -
    -     		always -
    The Internet-routable IP address of the virtual private gateway's outside interface.
    -
    -
    Sample:
    -
    13.127.79.191
    -
       -
    - status - -
    - string -
    -     		always -
    The status of the VPN tunnel.
    -
    -
    Sample:
    -
    DOWN
    -
       -
    - status_message - -
    - string -
    -     		always -
    If an error occurs, a description of the error.
    -
    -
    Sample:
    -
    IPSEC IS DOWN
    -
      -
    - vpn_connection_id - -
    - string -
    -     		always -
    The ID of the VPN connection.
    -
    -
    Sample:
    -
    vpn-f700d5c0
    -
      -
    - vpn_gateway_id - -
    - string -
    -     		always -
    The ID of the virtual private gateway at the AWS side of the VPN connection.
    -
    -
    Sample:
    -
    vgw-cbe56bfb
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Madhura Naniwadekar (@Madhura-CSI) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ec2_win_password.rst b/docs/community.aws.ec2_win_password.rst deleted file mode 100644 index 3bba8eafc9b..00000000000 --- a/docs/community.aws.ec2_win_password.rst +++ /dev/null @@ -1,363 +0,0 @@ -:orphan: - -.. _community.aws.ec2_win_password_module: - - -****************************** -community.aws.ec2_win_password -****************************** - -**Gets the default administrator password for ec2 windows instances** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gets the default administrator password from any EC2 Windows instance. The instance is referenced by its id (e.g. ``i-XXXXXXX``). -- This module has a dependency on python-boto. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- cryptography -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - instance_id - -
    - string - / required
    -     		- -
    The instance id to get the password data from.
    -
    -
    - key_data - -
    - string -
    -     		- -
    The private key (usually stored in vault).
    -
    Conflicts with key_file,
    -
    -
    - key_file - -
    - path -
    -     		- -
    Path to the file containing the key pair used on the instance.
    -
    Conflicts with key_data.
    -
    -
    - key_passphrase - -
    - string -
    -     		- -
    The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) openssl rsa -in current_key -out new_key -des3.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the password to be available before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    120
    -     		-
    Number of seconds to wait before giving up.
    -
    -
    - - -Notes ------ - -.. note:: - - As of Ansible 2.4, this module requires the python cryptography module rather than the older pycrypto module. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Example of getting a password - - name: get the Administrator password - community.aws.ec2_win_password: - profile: my-boto-profile - instance_id: i-XXXXXX - region: us-east-1 - key_file: "~/aws-creds/my_test_key.pem" - - # Example of getting a password using a variable - - name: get the Administrator password - community.aws.ec2_win_password: - profile: my-boto-profile - instance_id: i-XXXXXX - region: us-east-1 - key_data: "{{ ec2_private_key }}" - - # Example of getting a password with a password protected key - - name: get the Administrator password - community.aws.ec2_win_password: - profile: my-boto-profile - instance_id: i-XXXXXX - region: us-east-1 - key_file: "~/aws-creds/my_protected_test_key.pem" - key_passphrase: "secret" - - # Example of waiting for a password - - name: get the Administrator password - community.aws.ec2_win_password: - profile: my-boto-profile - instance_id: i-XXXXXX - region: us-east-1 - key_file: "~/aws-creds/my_test_key.pem" - wait: yes - wait_timeout: 45 - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rick Mendes (@rickmendes) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_attribute.rst b/docs/community.aws.ecs_attribute.rst deleted file mode 100644 index 7d07aef6340..00000000000 --- a/docs/community.aws.ecs_attribute.rst +++ /dev/null @@ -1,463 +0,0 @@ -:orphan: - -.. _community.aws.ecs_attribute_module: - - -*************************** -community.aws.ecs_attribute -*************************** - -**manage ecs attributes** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, update or delete ECS container instance attributes. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - attributes - -
    - list - / elements=dictionary / required
    -     		- -
    List of attributes.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, and periods are allowed.
    -
    -
    - value - -
    - string -
    -     		- -
    The value of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, periods, at signs (@), forward slashes, colons, and spaces are allowed.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster - -
    - string - / required
    -     		- -
    The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_instance_id - -
    - string - / required
    -     		- -
    EC2 instance ID of ECS cluster container instance.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    The desired state of the attributes.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Set attributes - community.aws.ecs_attribute: - state: present - cluster: test-cluster - ec2_instance_id: "{{ ec2_id }}" - attributes: - - flavor: test - - migrated - delegate_to: localhost - - - name: Delete attributes - community.aws.ecs_attribute: - state: absent - cluster: test-cluster - ec2_instance_id: "{{ ec2_id }}" - attributes: - - flavor: test - - migrated - delegate_to: localhost - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - attributes - -
    - complex -
    -     		always -
    attributes
    -
    -
      -
    - attributes - -
    - list - / elements=dictionary
    -     		-
    list of attributes
    -
    -
       -
    - name - -
    - string -
    -     		-
    name of the attribute
    -
    -
       -
    - value - -
    - string -
    -     		if present -
    value of the attribute
    -
    -
      -
    - cluster - -
    - string -
    -     		-
    cluster name
    -
    -
      -
    - ec2_instance_id - -
    - string -
    -     		-
    ec2 instance id of ecs container instance
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Andrej Svenke (@anryko) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_cluster.rst b/docs/community.aws.ecs_cluster.rst deleted file mode 100644 index 66f2420f9db..00000000000 --- a/docs/community.aws.ecs_cluster.rst +++ /dev/null @@ -1,445 +0,0 @@ -:orphan: - -.. _community.aws.ecs_cluster_module: - - -************************* -community.aws.ecs_cluster -************************* - -**Create or terminate ECS clusters.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates or terminates ecs clusters. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delay - -
    - integer -
    -     		- Default:
    10
    -     		-
    Number of seconds to wait.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The cluster name.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - repeat - -
    - integer -
    -     		- Default:
    10
    -     		-
    The number of times to wait for the cluster to have an instance.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • has_instances
      • -
    -     		-
    The desired state of the cluster.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - When deleting a cluster, the information returned is the state of the cluster prior to deletion. - - It will also wait for a cluster to have instances registered to it. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Cluster creation - community.aws.ecs_cluster: - name: default - state: present - - - name: Cluster deletion - community.aws.ecs_cluster: - name: default - state: absent - - - name: Wait for register - community.aws.ecs_cluster: - name: "{{ new_cluster }}" - state: has_instances - delay: 10 - repeat: 10 - register: task_output - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - activeServicesCount - -
    - integer -
    -     		0 if a new cluster -
    how many services are active in this cluster
    -
    -
    -
    - clusterArn - -
    - string -
    -     		0 if a new cluster -
    the ARN of the cluster just created
    -
    -
    Sample:
    -
    arn:aws:ecs:us-west-2:172139249013:cluster/test-cluster-mfshcdok
    -
    -
    - clusterName - -
    - string -
    -     		always -
    name of the cluster just created (should match the input argument)
    -
    -
    Sample:
    -
    test-cluster-mfshcdok
    -
    -
    - pendingTasksCount - -
    - integer -
    -     		0 if a new cluster -
    how many tasks are waiting to run in this cluster
    -
    -
    -
    - registeredContainerInstancesCount - -
    - integer -
    -     		0 if a new cluster -
    how many container instances are available in this cluster
    -
    -
    -
    - runningTasksCount - -
    - integer -
    -     		0 if a new cluster -
    how many tasks are running in this cluster
    -
    -
    -
    - status - -
    - string -
    -     		always -
    the status of the new cluster
    -
    -
    Sample:
    -
    ACTIVE
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mark Chance (@Java1Guy) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_ecr.rst b/docs/community.aws.ecs_ecr.rst deleted file mode 100644 index 60ee57ef7fa..00000000000 --- a/docs/community.aws.ecs_ecr.rst +++ /dev/null @@ -1,530 +0,0 @@ -:orphan: - -.. _community.aws.ecs_ecr_module: - - -********************* -community.aws.ecs_ecr -********************* - -**Manage Elastic Container Registry repositories** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage Elastic Container Registry repositories. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - force_set_policy - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If force_set_policy=false, it prevents setting a policy that would prevent you from setting another policy in the future.
    -
    -
    - image_tag_mutability - -
    - string -
    -     		-
      Choices: -
    • mutable ←
      • -
    • immutable
      • -
    -     		-
    Configure whether repository should be mutable (ie. an already existing tag can be overwritten) or not.
    -
    -
    - lifecycle_policy - -
    - json -
    -     		- -
    JSON or dict that represents the new lifecycle policy
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the repository.
    -
    -
    - policy - -
    - json -
    -     		- -
    JSON or dict that represents the new policy.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_lifecycle_policy - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    if yes, remove the lifecycle policy from the repository
    -
    -
    - purge_policy - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If yes, remove the policy from the repository.
    -
    Alias delete_policy has been deprecated and will be removed after 2022-06-01.
    -

    aliases: delete_policy
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - registry_id - -
    - string -
    -     		- -
    AWS account id associated with the registry.
    -
    If not specified, the default registry is assumed.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or destroy the repository.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # If the repository does not exist, it is created. If it does exist, would not - # affect any policies already on it. - - name: ecr-repo - community.aws.ecs_ecr: - name: super/cool - - - name: destroy-ecr-repo - community.aws.ecs_ecr: - name: old/busted - state: absent - - - name: Cross account ecr-repo - community.aws.ecs_ecr: - registry_id: 999999999999 - name: cross/account - - - name: set-policy as object - community.aws.ecs_ecr: - name: needs-policy-object - policy: - Version: '2008-10-17' - Statement: - - Sid: read-only - Effect: Allow - Principal: - AWS: '{{ read_only_arn }}' - Action: - - ecr:GetDownloadUrlForLayer - - ecr:BatchGetImage - - ecr:BatchCheckLayerAvailability - - - name: set-policy as string - community.aws.ecs_ecr: - name: needs-policy-string - policy: "{{ lookup('template', 'policy.json.j2') }}" - - - name: delete-policy - community.aws.ecs_ecr: - name: needs-no-policy - purge_policy: yes - - - name: create immutable ecr-repo - community.aws.ecs_ecr: - name: super/cool - image_tag_mutability: immutable - - - name: set-lifecycle-policy - community.aws.ecs_ecr: - name: needs-lifecycle-policy - lifecycle_policy: - rules: - - rulePriority: 1 - description: new policy - selection: - tagStatus: untagged - countType: sinceImagePushed - countUnit: days - countNumber: 365 - action: - type: expire - - - name: purge-lifecycle-policy - community.aws.ecs_ecr: - name: needs-no-lifecycle-policy - purge_lifecycle_policy: true - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - created - -
    - boolean -
    -     		always -
    If true, the repository was created
    -
    -
    -
    - name - -
    - string -
    -     		when state == 'absent' -
    The name of the repository
    -
    -
    -
    - repository - -
    - dictionary -
    -     		when state == 'present' -
    The created or updated repository
    -
    -
    Sample:
    -
    {'createdAt': '2017-01-17T08:41:32-06:00', 'registryId': '999999999999', 'repositoryArn': 'arn:aws:ecr:us-east-1:999999999999:repository/ecr-test-1484664090', 'repositoryName': 'ecr-test-1484664090', 'repositoryUri': '999999999999.dkr.ecr.us-east-1.amazonaws.com/ecr-test-1484664090'}
    -
    -
    - state - -
    - string -
    -     		always -
    The asserted state of the repository (present, absent)
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- David M. Lee (@leedm777) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_service.rst b/docs/community.aws.ecs_service.rst deleted file mode 100644 index 76d7dae0c66..00000000000 --- a/docs/community.aws.ecs_service.rst +++ /dev/null @@ -1,1645 +0,0 @@ -:orphan: - -.. _community.aws.ecs_service_module: - - -************************* -community.aws.ecs_service -************************* - -**Create, terminate, start or stop a service in ECS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates or terminates ECS. services. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - client_token - -
    - string -
    -     		- -
    Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
    -
    -
    - cluster - -
    - string -
    -     		- -
    The name of the cluster in which the service exists.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delay - -
    - integer -
    -     		- Default:
    10
    -     		-
    The time to wait before checking that the service is available.
    -
    -
    - deployment_configuration - -
    - dictionary -
    -     		- -
    Optional parameters that control the deployment_configuration.
    -
    Format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
    -
    -
    - maximum_percent - -
    - integer -
    -     		- -
    Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment.
    -
    -
    - minimum_healthy_percent - -
    - integer -
    -     		- -
    A lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment.
    -
    -
    - desired_count - -
    - integer -
    -     		- -
    The count of how many instances of the service.
    -
    This parameter is required when state=present.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - force_new_deployment - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Force deployment of service even if there are no changes.
    -
    -
    - health_check_grace_period_seconds - -
    - integer -
    -     		- -
    Seconds to wait before health checking the freshly added/updated services.
    -
    This option requires botocore >= 1.8.20.
    -
    -
    - launch_type - -
    - string -
    -     		-
      Choices: -
    • EC2
      • -
    • FARGATE
      • -
    -     		-
    The launch type on which to run your service.
    -
    -
    - load_balancers - -
    - list - / elements=string
    -     		- -
    The list of ELBs defined for this service.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the service.
    -
    -
    - network_configuration - -
    - dictionary -
    -     		- -
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    -
    assign_public_ip requires botocore >= 1.8.4
    -
    -
    - assign_public_ip - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the task's elastic network interface receives a public IP address.
    -
    This option requires botocore >= 1.8.4.
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    A list of security group names or group IDs to associate with the task
    -
    -
    - subnets - -
    - list - / elements=string
    -     		- -
    A list of subnet IDs to associate with the task
    -
    -
    - placement_constraints - -
    - list - / elements=dictionary
    -     		- -
    The placement constraints for the tasks in the service.
    - -
    -
    - expression - -
    - string -
    -     		- -
    A cluster query language expression to apply to the constraint.
    -
    -
    - type - -
    - string -
    -     		- -
    The type of constraint.
    -
    -
    - placement_strategy - -
    - list - / elements=dictionary
    -     		- -
    The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service.
    -
    -
    - field - -
    - string -
    -     		- -
    The field to apply the placement strategy against.
    -
    -
    - type - -
    - string -
    -     		- -
    The type of placement strategy.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - repeat - -
    - integer -
    -     		- Default:
    10
    -     		-
    The number of times to check that the service is available.
    -
    -
    - role - -
    - string -
    -     		- -
    The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf.
    -
    This parameter is only required if you are using a load balancer with your service in a network mode other than awsvpc.
    -
    -
    - scheduling_strategy - -
    - string -
    -     		-
      Choices: -
    • DAEMON
      • -
    • REPLICA
      • -
    -     		-
    The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - service_registries - -
    - list - / elements=dictionary
    -     		- -
    Describes service discovery registries this service will register with.
    -
    -
    - arn - -
    - string -
    -     		- -
    Service discovery registry ARN
    -
    -
    - container_name - -
    - string -
    -     		- -
    container name for service discovery registration
    -
    -
    - container_port - -
    - integer -
    -     		- -
    container port for service discovery registration
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • deleting
      • -
    -     		-
    The desired state of the service.
    -
    -
    - task_definition - -
    - string -
    -     		- -
    The task definition the service will run.
    -
    This parameter is required when state=present.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - The service role specified must be assumable. (i.e. have a trust relationship for the ecs service, ecs.amazonaws.com) - - For details of the parameters and returns see https://boto3.readthedocs.io/en/latest/reference/services/ecs.html. - - An IAM role must have been previously created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Basic provisioning example - - community.aws.ecs_service: - state: present - name: console-test-service - cluster: new_cluster - task_definition: 'new_cluster-task:1' - desired_count: 0 - - - name: create ECS service on VPC network - community.aws.ecs_service: - state: present - name: console-test-service - cluster: new_cluster - task_definition: 'new_cluster-task:1' - desired_count: 0 - network_configuration: - subnets: - - subnet-abcd1234 - security_groups: - - sg-aaaa1111 - - my_security_group - - # Simple example to delete - - community.aws.ecs_service: - name: default - state: absent - cluster: new_cluster - - # With custom deployment configuration (added in version 2.3), placement constraints and strategy (added in version 2.4) - - community.aws.ecs_service: - state: present - name: test-service - cluster: test-cluster - task_definition: test-task-definition - desired_count: 3 - deployment_configuration: - minimum_healthy_percent: 75 - maximum_percent: 150 - placement_constraints: - - type: memberOf - expression: 'attribute:flavor==test' - placement_strategy: - - type: binpack - field: memory - - - -Returned Facts --------------- -Facts returned by this module are added/updated in the ``hostvars`` host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them. - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    FactReturnedDescription
    -
    - service - -
    - complex -
    -     		when service existed and was deleted -
    Details of deleted service. -
    -
    -
    -
    - clusterArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service. -
    -
    -
    -
    - deploymentConfiguration - -
    - complex -
    -     		always -
    dictionary of deploymentConfiguration -
    -
    -
    -
    - maximumPercent - -
    - integer -
    -     		always -
    maximumPercent param -
    -
    -
    -
    - minimumHealthyPercent - -
    - integer -
    -     		always -
    minimumHealthyPercent param -
    -
    -
    -
    - deployments - -
    - list - / elements=dictionary
    -     		always -
    list of service deployments -
    -
    -
    -
    - desiredCount - -
    - integer -
    -     		always -
    The desired number of instantiations of the task definition to keep running on the service. -
    -
    -
    -
    - events - -
    - list - / elements=dictionary
    -     		always -
    list of service events -
    -
    -
    -
    - loadBalancers - -
    - complex -
    -     		always -
    A list of load balancer objects -
    -
    -
    -
    - containerName - -
    - string -
    -     		always -
    The name of the container to associate with the load balancer. -
    -
    -
    -
    - containerPort - -
    - integer -
    -     		always -
    The port on the container to associate with the load balancer. -
    -
    -
    -
    - loadBalancerName - -
    - string -
    -     		always -
    the name -
    -
    -
    -
    - pendingCount - -
    - integer -
    -     		always -
    The number of tasks in the cluster that are in the PENDING state. -
    -
    -
    -
    - placementConstraints - -
    - list - / elements=dictionary
    -     		always -
    List of placement constraints objects -
    -
    -
    -
    - expression - -
    - string -
    -     		always -
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance. -
    -
    -
    -
    - type - -
    - string -
    -     		always -
    The type of constraint. Valid values are distinctInstance and memberOf. -
    -
    -
    -
    - placementStrategy - -
    - list - / elements=dictionary
    -     		always -
    List of placement strategy objects -
    -
    -
    -
    - field - -
    - string -
    -     		always -
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY. -
    -
    -
    -
    - type - -
    - string -
    -     		always -
    The type of placement strategy. Valid values are random, spread and binpack. -
    -
    -
    -
    - runningCount - -
    - integer -
    -     		always -
    The number of tasks in the cluster that are in the RUNNING state. -
    -
    -
    -
    - serviceArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service . -
    -
    -
    -
    - serviceName - -
    - string -
    -     		always -
    A user-generated string used to identify the service -
    -
    -
    -
    - status - -
    - string -
    -     		always -
    The valid values are ACTIVE, DRAINING, or INACTIVE. -
    -
    -
    -
    - taskDefinition - -
    - string -
    -     		always -
    The ARN of a task definition to use for tasks in the service. -
    -
    -
    -

    - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - service - -
    - complex -
    -     		when creating a service -
    Details of created service.
    -
    -
      -
    - clusterArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    -
    -
      -
    - deploymentConfiguration - -
    - complex -
    -     		always -
    dictionary of deploymentConfiguration
    -
    -
       -
    - maximumPercent - -
    - integer -
    -     		always -
    maximumPercent param
    -
    -
       -
    - minimumHealthyPercent - -
    - integer -
    -     		always -
    minimumHealthyPercent param
    -
    -
      -
    - deployments - -
    - list - / elements=dictionary
    -     		always -
    list of service deployments
    -
    -
      -
    - desiredCount - -
    - integer -
    -     		always -
    The desired number of instantiations of the task definition to keep running on the service.
    -
    -
      -
    - events - -
    - list - / elements=dictionary
    -     		always -
    list of service events
    -
    -
      -
    - loadBalancers - -
    - complex -
    -     		always -
    A list of load balancer objects
    -
    -
       -
    - containerName - -
    - string -
    -     		always -
    The name of the container to associate with the load balancer.
    -
    -
       -
    - containerPort - -
    - integer -
    -     		always -
    The port on the container to associate with the load balancer.
    -
    -
       -
    - loadBalancerName - -
    - string -
    -     		always -
    the name
    -
    -
      -
    - pendingCount - -
    - integer -
    -     		always -
    The number of tasks in the cluster that are in the PENDING state.
    -
    -
      -
    - placementConstraints - -
    - list - / elements=dictionary
    -     		always -
    List of placement constraints objects
    -
    -
       -
    - expression - -
    - string -
    -     		always -
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.
    -
    -
       -
    - type - -
    - string -
    -     		always -
    The type of constraint. Valid values are distinctInstance and memberOf.
    -
    -
      -
    - placementStrategy - -
    - list - / elements=dictionary
    -     		always -
    List of placement strategy objects
    -
    -
       -
    - field - -
    - string -
    -     		always -
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.
    -
    -
       -
    - type - -
    - string -
    -     		always -
    The type of placement strategy. Valid values are random, spread and binpack.
    -
    -
      -
    - runningCount - -
    - integer -
    -     		always -
    The number of tasks in the cluster that are in the RUNNING state.
    -
    -
      -
    - serviceArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    -
    -
      -
    - serviceName - -
    - string -
    -     		always -
    A user-generated string used to identify the service
    -
    -
      -
    - status - -
    - string -
    -     		always -
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    -
    -
      -
    - taskDefinition - -
    - string -
    -     		always -
    The ARN of a task definition to use for tasks in the service.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mark Chance (@Java1Guy) -- Darek Kaczynski (@kaczynskid) -- Stephane Maarek (@simplesteph) -- Zac Blazic (@zacblazic) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_service_info.rst b/docs/community.aws.ecs_service_info.rst deleted file mode 100644 index c9f67c08bf6..00000000000 --- a/docs/community.aws.ecs_service_info.rst +++ /dev/null @@ -1,574 +0,0 @@ -:orphan: - -.. _community.aws.ecs_service_info_module: - - -****************************** -community.aws.ecs_service_info -****************************** - -**List or describe services in ECS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Lists or describes services in ECS. -- This module was called ``ecs_service_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.ecs_service_info ` module no longer returns ``ansible_facts``! - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster - -
    - string -
    -     		- -
    The cluster ARNS in which to list the services.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - details - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Set this to true if you want detailed information about the services.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - events - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to return ECS service events. Only has an effect if details=true.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - service - -
    - list - / elements=string
    -     		- -
    One or more services to get details for
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Basic listing example - - community.aws.ecs_service_info: - cluster: test-cluster - service: console-test-service - details: true - register: output - - # Basic listing example - - community.aws.ecs_service_info: - cluster: test-cluster - register: output - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - services - -
    - complex -
    -     		success -
    When details is false, returns an array of service ARNs, otherwise an array of complex objects as described below.
    -
    -
      -
    - clusterArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    -
    -
      -
    - deployments - -
    - list - / elements=dictionary
    -     		always -
    list of service deployments
    -
    -
      -
    - desiredCount - -
    - integer -
    -     		always -
    The desired number of instantiations of the task definition to keep running on the service.
    -
    -
      -
    - events - -
    - list - / elements=dictionary
    -     		when events is true -
    list of service events
    -
    -
      -
    - loadBalancers - -
    - complex -
    -     		always -
    A list of load balancer objects
    -
    -
       -
    - containerName - -
    - string -
    -     		always -
    The name of the container to associate with the load balancer.
    -
    -
       -
    - containerPort - -
    - integer -
    -     		always -
    The port on the container to associate with the load balancer.
    -
    -
       -
    - loadBalancerName - -
    - string -
    -     		always -
    the name
    -
    -
      -
    - pendingCount - -
    - integer -
    -     		always -
    The number of tasks in the cluster that are in the PENDING state.
    -
    -
      -
    - runningCount - -
    - integer -
    -     		always -
    The number of tasks in the cluster that are in the RUNNING state.
    -
    -
      -
    - serviceArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    -
    -
      -
    - serviceName - -
    - string -
    -     		always -
    A user-generated string used to identify the service
    -
    -
      -
    - status - -
    - string -
    -     		always -
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    -
    -
      -
    - taskDefinition - -
    - string -
    -     		always -
    The ARN of a task definition to use for tasks in the service.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mark Chance (@Java1Guy) -- Darek Kaczynski (@kaczynskid) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_tag.rst b/docs/community.aws.ecs_tag.rst deleted file mode 100644 index fb7d1d7a5a8..00000000000 --- a/docs/community.aws.ecs_tag.rst +++ /dev/null @@ -1,434 +0,0 @@ -:orphan: - -.. _community.aws.ecs_tag_module: - - -********************* -community.aws.ecs_tag -********************* - -**create and remove tags on Amazon ECS resources** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates and removes tags for Amazon ECS resources. -- Resources are referenced by their cluster name. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster_name - -
    - string - / required
    -     		- -
    The name of the cluster whose resources we are tagging.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether unspecified tags should be removed from the resource.
    -
    Note that when combined with state=absent, specified tags with non-matching values are not purged.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - resource - -
    - string -
    -     		- -
    The ECS resource name.
    -
    Required unless resource_type=cluster.
    -
    -
    - resource_type - -
    - string -
    -     		-
      Choices: -
    • cluster ←
      • -
    • task
      • -
    • service
      • -
    • task_definition
      • -
    • container
      • -
    -     		-
    The type of resource.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the tags should be present or absent on the resource.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of tags to add or remove from the resource.
    -
    If the value provided for a tag is null and state=absent, the tag will be removed regardless of its current value.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - none - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Ensure tags are present on a resource - community.aws.ecs_tag: - cluster_name: mycluster - resource_type: cluster - state: present - tags: - Name: ubervol - env: prod - - - name: Remove the Env tag - community.aws.ecs_tag: - cluster_name: mycluster - resource_type: cluster - tags: - Env: - state: absent - - - name: Remove the Env tag if it's currently 'development' - community.aws.ecs_tag: - cluster_name: mycluster - resource_type: cluster - tags: - Env: development - state: absent - - - name: Remove all tags except for Name from a cluster - community.aws.ecs_tag: - cluster_name: mycluster - resource_type: cluster - tags: - Name: foo - state: absent - purge_tags: true - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - added_tags - -
    - dictionary -
    -     		If tags were added -
    A dict of tags that were added to the resource
    -
    -
    -
    - removed_tags - -
    - dictionary -
    -     		If tags were removed -
    A dict of tags that were removed from the resource
    -
    -
    -
    - tags - -
    - dictionary -
    -     		always -
    A dict containing the tags on the resource
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael Pechner (@mpechner) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_task.rst b/docs/community.aws.ecs_task.rst deleted file mode 100644 index 2bc839d2e78..00000000000 --- a/docs/community.aws.ecs_task.rst +++ /dev/null @@ -1,750 +0,0 @@ -:orphan: - -.. _community.aws.ecs_task_module: - - -********************** -community.aws.ecs_task -********************** - -**Run, start or stop a task in ecs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates or deletes instances of task definitions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster - -
    - string -
    -     		- -
    The name of the cluster to run the task on.
    -
    -
    - container_instances - -
    - list - / elements=string
    -     		- -
    The list of container instances on which to deploy the task.
    -
    -
    - count - -
    - integer -
    -     		- -
    How many new instances to start.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - launch_type - -
    - string -
    -     		-
      Choices: -
    • EC2
      • -
    • FARGATE
      • -
    -     		-
    The launch type on which to run your service.
    -
    -
    - network_configuration - -
    - dictionary -
    -     		- -
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    A list of group names or group IDs for the task.
    -
    -
    - subnets - -
    - list - / elements=string
    -     		- -
    A list of subnet IDs to which the task is attached.
    -
    -
    - operation - -
    - string - / required
    -     		-
      Choices: -
    • run
      • -
    • start
      • -
    • stop
      • -
    -     		-
    Which task operation to execute.
    -
    -
    - overrides - -
    - dictionary -
    -     		- -
    A dictionary of values to pass to the new instances.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - started_by - -
    - string -
    -     		- -
    A value showing who or what started the task (for informational purposes).
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Tags that will be added to ecs tasks on start and run
    -
    -
    - task - -
    - string -
    -     		- -
    The task to stop.
    -
    -
    - task_definition - -
    - string -
    -     		- -
    The task definition to start or run.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Simple example of run task - - name: Run task - community.aws.ecs_task: - operation: run - cluster: console-sample-app-static-cluster - task_definition: console-sample-app-static-taskdef - count: 1 - started_by: ansible_user - register: task_output - - # Simple example of start task - - - name: Start a task - community.aws.ecs_task: - operation: start - cluster: console-sample-app-static-cluster - task_definition: console-sample-app-static-taskdef - task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" - tags: - resourceName: a_task_for_ansible_to_run - type: long_running_task - network: internal - version: 1.4 - container_instances: - - arn:aws:ecs:us-west-2:172139249013:container-instance/79c23f22-876c-438a-bddf-55c98a3538a8 - started_by: ansible_user - network_configuration: - subnets: - - subnet-abcd1234 - security_groups: - - sg-aaaa1111 - - my_security_group - register: task_output - - - name: RUN a task on Fargate - community.aws.ecs_task: - operation: run - cluster: console-sample-app-static-cluster - task_definition: console-sample-app-static-taskdef - task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" - started_by: ansible_user - launch_type: FARGATE - network_configuration: - subnets: - - subnet-abcd1234 - security_groups: - - sg-aaaa1111 - - my_security_group - register: task_output - - - name: Stop a task - community.aws.ecs_task: - operation: stop - cluster: console-sample-app-static-cluster - task_definition: console-sample-app-static-taskdef - task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - task - -
    - complex -
    -     		success -
    details about the task that was started
    -
    -
      -
    - clusterArn - -
    - string -
    -     		only when details is true -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the task.
    -
    -
      -
    - containerInstanceArn - -
    - string -
    -     		only when details is true -
    The Amazon Resource Name (ARN) of the container running the task.
    -
    -
      -
    - containers - -
    - list - / elements=dictionary
    -     		only when details is true -
    The container details.
    -
    -
      -
    - createdAt - -
    - string -
    -     		only when details is true -
    The timestamp of when the task was created.
    -
    -
      -
    - desiredStatus - -
    - string -
    -     		only when details is true -
    The desired status of the task.
    -
    -
      -
    - lastStatus - -
    - string -
    -     		only when details is true -
    The last recorded status of the task.
    -
    -
      -
    - launchType - -
    - string -
    -     		always -
    The launch type on which to run your task.
    -
    -
      -
    - overrides - -
    - list - / elements=dictionary
    -     		only when details is true -
    The container overrides set for this task.
    -
    -
      -
    - startedAt - -
    - string -
    -     		only when details is true -
    The timestamp of when the task was started.
    -
    -
      -
    - startedBy - -
    - string -
    -     		only when details is true -
    The used who started the task.
    -
    -
      -
    - stoppedAt - -
    - string -
    -     		only when details is true -
    The timestamp of when the task was stopped.
    -
    -
      -
    - stoppedReason - -
    - string -
    -     		only when details is true -
    The reason why the task was stopped.
    -
    -
      -
    - taskArn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) that identifies the task.
    -
    -
      -
    - taskDefinitionArn - -
    - string -
    -     		only when details is true -
    The Amazon Resource Name (ARN) of the task definition.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mark Chance (@Java1Guy) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_taskdefinition.rst b/docs/community.aws.ecs_taskdefinition.rst deleted file mode 100644 index fe8eb2a125a..00000000000 --- a/docs/community.aws.ecs_taskdefinition.rst +++ /dev/null @@ -1,592 +0,0 @@ -:orphan: - -.. _community.aws.ecs_taskdefinition_module: - - -******************************** -community.aws.ecs_taskdefinition -******************************** - -**register a task definition in ecs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Registers or deregisters task definitions in the Amazon Web Services (AWS) EC2 Container Service (ECS). - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - arn - -
    - string -
    -     		- -
    The ARN of the task description to delete.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - containers - -
    - list - / elements=string
    -     		- -
    A list of containers definitions.
    -
    -
    - cpu - -
    - string -
    -     		- -
    The number of cpu units used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    -
    If using the Fargate launch type, this field is required and you must use one of 256, 512, 1024, 2048, 4096.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - execution_role_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.
    -
    -
    - family - -
    - string -
    -     		- -
    A Name that would be given to the task definition.
    -
    -
    - force_create - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Always create new task definition.
    -
    -
    - launch_type - -
    - string -
    -     		-
      Choices: -
    • EC2
      • -
    • FARGATE
      • -
    -     		-
    The launch type on which to run your task.
    -
    -
    - memory - -
    - string -
    -     		- -
    The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    -
    If using the Fargate launch type, this field is required and is limited by the cpu.
    -
    -
    - network_mode - -
    - string -
    -     		-
      Choices: -
    • default
      • -
    • bridge ←
      • -
    • host
      • -
    • none
      • -
    • awsvpc
      • -
    -     		-
    The Docker networking mode to use for the containers in the task.
    -
    awsvpc mode was added in Ansible 2.5
    -
    Windows containers must use network_mode=default, which will utilize docker NAT networking.
    -
    Setting network_mode=default for a Linux container will use bridge mode.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - revision - -
    - integer -
    -     		- -
    A revision number for the task definition.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    State whether the task definition should exist or be deleted.
    -
    -
    - task_role_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - volumes - -
    - list - / elements=dictionary
    -     		- -
    A list of names of volumes to be attached.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the volume.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create task definition - community.aws.ecs_taskdefinition: - containers: - - name: simple-app - cpu: 10 - essential: true - image: "httpd:2.4" - memory: 300 - mountPoints: - - containerPath: /usr/local/apache2/htdocs - sourceVolume: my-vol - portMappings: - - containerPort: 80 - hostPort: 80 - logConfiguration: - logDriver: awslogs - options: - awslogs-group: /ecs/test-cluster-taskdef - awslogs-region: us-west-2 - awslogs-stream-prefix: ecs - - name: busybox - command: - - > - /bin/sh -c "while true; do echo 'Amazon ECS Sample App

    Amazon ECS Sample App

    Congratulations! -

    Your application is now running on a container in Amazon ECS.

    ' > top; /bin/date > date ; echo '
    ' > bottom; - cat top date bottom > /usr/local/apache2/htdocs/index.html ; sleep 1; done" - cpu: 10 - entryPoint: - - sh - - "-c" - essential: false - image: busybox - memory: 200 - volumesFrom: - - sourceContainer: simple-app - volumes: - - name: my-vol - family: test-cluster-taskdef - state: present - register: task_output - - - name: Create task definition - community.aws.ecs_taskdefinition: - family: nginx - containers: - - name: nginx - essential: true - image: "nginx" - portMappings: - - containerPort: 8080 - hostPort: 8080 - cpu: 512 - memory: 1024 - state: present - - - name: Create task definition - community.aws.ecs_taskdefinition: - family: nginx - containers: - - name: nginx - essential: true - image: "nginx" - portMappings: - - containerPort: 8080 - hostPort: 8080 - launch_type: FARGATE - cpu: 512 - memory: 1024 - state: present - network_mode: awsvpc - - # Create Task Definition with Environment Variables and Secrets - - name: Create task definition - community.aws.ecs_taskdefinition: - family: nginx - containers: - - name: nginx - essential: true - image: "nginx" - environment: - - name: "PORT" - value: "8080" - secrets: - # For variables stored in Secrets Manager - - name: "NGINX_HOST" - valueFrom: "arn:aws:secretsmanager:us-west-2:123456789012:secret:nginx/NGINX_HOST" - # For variables stored in Parameter Store - - name: "API_KEY" - valueFrom: "arn:aws:ssm:us-west-2:123456789012:parameter/nginx/API_KEY" - launch_type: FARGATE - cpu: 512 - memory: 1GB - state: present - network_mode: awsvpc - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - taskdefinition - -
    - dictionary -
    -     		always -
    a reflection of the input parameters
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mark Chance (@Java1Guy) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.ecs_taskdefinition_info.rst b/docs/community.aws.ecs_taskdefinition_info.rst deleted file mode 100644 index 12b4085cb91..00000000000 --- a/docs/community.aws.ecs_taskdefinition_info.rst +++ /dev/null @@ -1,1245 +0,0 @@ -:orphan: - -.. _community.aws.ecs_taskdefinition_info_module: - - -************************************* -community.aws.ecs_taskdefinition_info -************************************* - -**Describe a task definition in ECS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Describes a task definition in ECS. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- json -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - task_definition - -
    - string - / required
    -     		- -
    The name of the task definition to get details for
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition - - This module was called ``ecs_taskdefinition_facts`` before Ansible 2.9. The usage did not change. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - community.aws.ecs_taskdefinition_info: - task_definition: test-td - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - container_definitions - -
    - complex -
    -     		success -
    Returns a list of complex objects representing the containers
    -
    -
      -
    - command - -
    - string -
    -     		when present -
    The command that is passed to the container.
    -
    -
      -
    - cpu - -
    - integer -
    -     		always -
    The number of cpu units reserved for the container.
    -
    -
      -
    - disableNetworking - -
    - boolean -
    -     		when present -
    When this parameter is true, networking is disabled within the container.
    -
    -
      -
    - dnsSearchDomains - -
    - string -
    -     		when present -
    A list of DNS search domains that are presented to the container.
    -
    -
      -
    - dnsServers - -
    - string -
    -     		when present -
    A list of DNS servers that are presented to the container.
    -
    -
      -
    - dockerLabels - -
    - string -
    -     		when present -
    A key/value map of labels to add to the container.
    -
    -
      -
    - dockerSecurityOptions - -
    - string -
    -     		when present -
    A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems.
    -
    -
      -
    - entryPoint - -
    - string -
    -     		when present -
    The entry point that is passed to the container.
    -
    -
      -
    - environment - -
    - complex -
    -     		always -
    The environment variables to pass to a container.
    -
    -
       -
    - name - -
    - string -
    -     		when present -
    The name of the environment variable.
    -
    -
       -
    - value - -
    - string -
    -     		when present -
    The value of the environment variable.
    -
    -
      -
    - essential - -
    - boolean -
    -     		always -
    Whether this is an essential container or not.
    -
    -
      -
    - extraHosts - -
    - complex -
    -     		when present -
    A list of hostnames and IP address mappings to append to the /etc/hosts file on the container.
    -
    -
       -
    - hostname - -
    - string -
    -     		when present -
    The hostname to use in the /etc/hosts entry.
    -
    -
       -
    - ipAddress - -
    - string -
    -     		when present -
    The IP address to use in the /etc/hosts entry.
    -
    -
      -
    - hostname - -
    - string -
    -     		when present -
    The hostname to use for your container.
    -
    -
      -
    - image - -
    - string -
    -     		always -
    The image used to start a container.
    -
    -
      -
    - links - -
    - string -
    -     		when present -
    Links to other containers.
    -
    -
      -
    - logConfiguration - -
    - string -
    -     		when present -
    The log configuration specification for the container.
    -
    -
      -
    - memoryReservation - -
    - integer -
    -     		when present -
    The soft limit (in MiB) of memory to reserve for the container.
    -
    -
      -
    - mountPoints - -
    - complex -
    -     		always -
    The mount points for data volumes in your container.
    -
    -
       -
    - containerPath - -
    - string -
    -     		when present -
    The path on the container to mount the host volume at.
    -
    -
       -
    - readOnly - -
    - boolean -
    -     		when present -
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    -
    -
       -
    - sourceVolume - -
    - string -
    -     		when present -
    The name of the volume to mount.
    -
    -
      -
    - name - -
    - string -
    -     		always -
    The name of a container.
    -
    -
      -
    - options - -
    - string -
    -     		when present -
    The configuration options to send to the log driver.
    -
    -
      -
    - portMappings - -
    - complex -
    -     		always -
    The list of port mappings for the container.
    -
    -
       -
    - containerPort - -
    - integer -
    -     		when present -
    The port number on the container.
    -
    -
       -
    - hostPort - -
    - integer -
    -     		when present -
    The port number on the container instance to reserve for your container.
    -
    -
       -
    - protocol - -
    - string -
    -     		when present -
    The protocol used for the port mapping.
    -
    -
      -
    - privileged - -
    - boolean -
    -     		when present -
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
    -
    -
      -
    - readonlyRootFilesystem - -
    - boolean -
    -     		when present -
    When this parameter is true, the container is given read-only access to its root file system.
    -
    -
      -
    - ulimits - -
    - complex -
    -     		when present -
    A list of ulimits to set in the container.
    -
    -
       -
    - hardLimit - -
    - integer -
    -     		when present -
    The hard limit for the ulimit type.
    -
    -
       -
    - name - -
    - string -
    -     		when present -
    The type of the ulimit .
    -
    -
       -
    - softLimit - -
    - integer -
    -     		when present -
    The soft limit for the ulimit type.
    -
    -
      -
    - user - -
    - string -
    -     		when present -
    The user name to use inside the container.
    -
    -
      -
    - volumesFrom - -
    - complex -
    -     		always -
    Data volumes to mount from another container.
    -
    -
       -
    - readOnly - -
    - boolean -
    -     		when present -
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    -
    -
       -
    - sourceContainer - -
    - string -
    -     		when present -
    The name of another container within the same task definition to mount volumes from.
    -
    -
      -
    - workingDirectory - -
    - string -
    -     		when present -
    The working directory in which to run commands inside the container.
    -
    -
    -
    - family - -
    - string -
    -     		always -
    The family of your task definition, used as the definition name
    -
    -
    -
    - network_mode - -
    - string -
    -     		always -
    Network mode for the containers
    -
    -
    -
    - placement_constraints - -
    - complex -
    -     		always -
    A list of placement constraint objects to use for tasks
    -
    -
      -
    - expression - -
    - string -
    -     		when present -
    A cluster query language expression to apply to the constraint.
    -
    -
      -
    - type - -
    - string -
    -     		when present -
    The type of constraint.
    -
    -
    -
    - requires_attributes - -
    - complex -
    -     		when present -
    The container instance attributes required by your task
    -
    -
      -
    - name - -
    - string -
    -     		when present -
    The name of the attribute.
    -
    -
      -
    - targetId - -
    - string -
    -     		when present -
    The ID of the target.
    -
    -
      -
    - targetType - -
    - string -
    -     		when present -
    The type of the target with which to attach the attribute.
    -
    -
      -
    - value - -
    - string -
    -     		when present -
    The value of the attribute.
    -
    -
    -
    - revision - -
    - integer -
    -     		always -
    Revision number that was queried
    -
    -
    -
    - status - -
    - string -
    -     		always -
    The status of the task definition
    -
    -
    -
    - task_definition_arn - -
    - string -
    -     		always -
    ARN of the task definition
    -
    -
    -
    - task_role_arn - -
    - string -
    -     		when role is set -
    The ARN of the IAM role that containers in this task can assume
    -
    -
    -
    - volumes - -
    - complex -
    -     		always -
    The list of volumes in a task
    -
    -
      -
    - host - -
    - boolean -
    -     		when present -
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored.
    -
    -
      -
    - name - -
    - string -
    -     		when present -
    The name of the volume.
    -
    -
      -
    - source_path - -
    - string -
    -     		when present -
    The path on the host container instance that is presented to the container.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Gustavo Maia (@gurumaia) -- Mark Chance (@Java1Guy) -- Darek Kaczynski (@kaczynskid) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.efs.rst b/docs/community.aws.efs.rst deleted file mode 100644 index 0fb7ed9e5ca..00000000000 --- a/docs/community.aws.efs.rst +++ /dev/null @@ -1,763 +0,0 @@ -:orphan: - -.. _community.aws.efs_module: - - -***************** -community.aws.efs -***************** - -**create and maintain EFS file systems** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module allows create, search and destroy Amazon EFS file systems. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - encrypt - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If encrypt=true creates an encrypted file system. This can not be modified after the file system is created.
    -
    -
    - id - -
    - string -
    -     		- -
    ID of Amazon EFS. Either name or ID required for delete.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
    -
    -
    - name - -
    - string -
    -     		- -
    Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
    -
    -
    - performance_mode - -
    - string -
    -     		-
      Choices: -
    • general_purpose ←
      • -
    • max_io
      • -
    -     		-
    File system's performance mode to use. Only takes effect during creation.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - provisioned_throughput_in_mibps - -
    - float -
    -     		- -
    If the throughput_mode is provisioned, select the amount of throughput to provisioned in Mibps.
    -
    Requires botocore >= 1.10.57
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Allows to create, search and destroy Amazon EFS file system.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
    -
    -
    - targets - -
    - list - / elements=dictionary
    -     		- -
    List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: This data may be modified for existing EFS using state 'present' and new list of mount targets.
    -
    -
    - ip_address - -
    - string -
    -     		- -
    A valid IPv4 address within the address range of the specified subnet.
    -
    -
    - security_groups - -
    - list - / elements=string
    -     		- -
    List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified
    -
    -
    - subnet_id - -
    - - - / required
    -     		- -
    The ID of the subnet to add the mount target in.
    -
    -
    - throughput_mode - -
    - string -
    -     		-
      Choices: -
    • bursting
      • -
    • provisioned
      • -
    -     		-
    The throughput_mode for the file system to be created.
    -
    Requires botocore >= 1.10.57
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    0
    -     		-
    How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: EFS provisioning - community.aws.efs: - state: present - name: myTestEFS - tags: - Name: myTestNameTag - purpose: file-storage - targets: - - subnet_id: subnet-748c5d03 - security_groups: [ "sg-1a2b3c4d" ] - - - name: Modifying EFS data - community.aws.efs: - state: present - name: myTestEFS - tags: - name: myAnotherTestTag - targets: - - subnet_id: subnet-7654fdca - security_groups: [ "sg-4c5d6f7a" ] - - - name: Deleting EFS - community.aws.efs: - state: absent - name: myTestEFS - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - creation_time - -
    - string -
    -     		always -
    timestamp of creation date
    -
    -
    Sample:
    -
    2015-11-16 07:30:57-05:00
    -
    -
    - creation_token - -
    - string -
    -     		always -
    EFS creation token
    -
    -
    Sample:
    -
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    -
    -
    - file_system_id - -
    - string -
    -     		always -
    ID of the file system
    -
    -
    Sample:
    -
    fs-xxxxxxxx
    -
    -
    - filesystem_address - -
    - string -
    -     		always -
    url of file system valid for use with mount
    -
    -
    Sample:
    -
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    -
    -
    - life_cycle_state - -
    - string -
    -     		always -
    state of the EFS file system
    -
    -
    Sample:
    -
    creating, available, deleting, deleted
    -
    -
    - mount_point - -
    - string -
    -     		always -
    url of file system with leading dot from the time when AWS EFS required to add a region suffix to the address
    -
    -
    Sample:
    -
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    -
    -
    - mount_targets - -
    - list -
    -     		always -
    list of mount targets
    -
    -
    Sample:
    -
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    -
    -
    - name - -
    - string -
    -     		always -
    name of the file system
    -
    -
    Sample:
    -
    my-efs
    -
    -
    - number_of_mount_targets - -
    - integer -
    -     		always -
    the number of targets mounted
    -
    -
    Sample:
    -
    3
    -
    -
    - owner_id - -
    - string -
    -     		always -
    AWS account ID of EFS owner
    -
    -
    Sample:
    -
    XXXXXXXXXXXX
    -
    -
    - performance_mode - -
    - string -
    -     		always -
    performance mode of the file system
    -
    -
    Sample:
    -
    generalPurpose
    -
    -
    - size_in_bytes - -
    - dictionary -
    -     		always -
    size of the file system in bytes as of a timestamp
    -
    -
    Sample:
    -
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    -
    -
    - tags - -
    - dictionary -
    -     		always -
    tags on the efs instance
    -
    -
    Sample:
    -
    {'name': 'my-efs', 'key': 'Value'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ryan Sydnor (@ryansydnor) -- Artem Kazakov (@akazakov) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.efs_info.rst b/docs/community.aws.efs_info.rst deleted file mode 100644 index 683e88a7800..00000000000 --- a/docs/community.aws.efs_info.rst +++ /dev/null @@ -1,583 +0,0 @@ -:orphan: - -.. _community.aws.efs_info_module: - - -********************** -community.aws.efs_info -********************** - -**Get information about Amazon EFS file systems** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module can be used to search Amazon EFS file systems. -- This module was called ``efs_facts`` before Ansible 2.9, returning ``ansible_facts``. Note that the :ref:`community.aws.efs_info ` module no longer returns ``ansible_facts``! - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - id - -
    - string -
    -     		- -
    ID of Amazon EFS.
    -
    -
    - name - -
    - string -
    -     		- -
    Creation Token of Amazon EFS file system.
    -

    aliases: creation_token
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    List of tags of Amazon EFS. Should be defined as dictionary.
    -
    -
    - targets - -
    - list - / elements=string
    -     		- -
    List of targets on which to filter the returned results.
    -
    Result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Find all existing efs - community.aws.efs_info: - register: result - - - name: Find efs using id - community.aws.efs_info: - id: fs-1234abcd - register: result - - - name: Searching all EFS instances with tag Name = 'myTestNameTag', in subnet 'subnet-1a2b3c4d' and with security group 'sg-4d3c2b1a' - community.aws.efs_info: - tags: - Name: myTestNameTag - targets: - - subnet-1a2b3c4d - - sg-4d3c2b1a - register: result - - - debug: - msg: "{{ result['efs'] }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - creation_time - -
    - string -
    -     		always -
    timestamp of creation date
    -
    -
    Sample:
    -
    2015-11-16 07:30:57-05:00
    -
    -
    - creation_token - -
    - string -
    -     		always -
    EFS creation token
    -
    -
    Sample:
    -
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    -
    -
    - file_system_id - -
    - string -
    -     		always -
    ID of the file system
    -
    -
    Sample:
    -
    fs-xxxxxxxx
    -
    -
    - filesystem_address - -
    - string -
    -     		always -
    url of file system
    -
    -
    Sample:
    -
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    -
    -
    - life_cycle_state - -
    - string -
    -     		always -
    state of the EFS file system
    -
    -
    Sample:
    -
    creating, available, deleting, deleted
    -
    -
    - mount_point - -
    - string -
    -     		always -
    url of file system with leading dot from the time AWS EFS required to add network suffix to EFS address
    -
    -
    Sample:
    -
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    -
    -
    - mount_targets - -
    - list -
    -     		always -
    list of mount targets
    -
    -
    Sample:
    -
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    -
    -
    - name - -
    - string -
    -     		always -
    name of the file system
    -
    -
    Sample:
    -
    my-efs
    -
    -
    - number_of_mount_targets - -
    - integer -
    -     		always -
    the number of targets mounted
    -
    -
    Sample:
    -
    3
    -
    -
    - owner_id - -
    - string -
    -     		always -
    AWS account ID of EFS owner
    -
    -
    Sample:
    -
    XXXXXXXXXXXX
    -
    -
    - performance_mode - -
    - string -
    -     		always -
    performance mode of the file system
    -
    -
    Sample:
    -
    generalPurpose
    -
    -
    - provisioned_throughput_in_mibps - -
    - float -
    -     		when botocore >= 1.10.57 and throughput_mode is set to "provisioned" -
    throughput provisioned in Mibps
    -
    -
    Sample:
    -
    15.0
    -
    -
    - size_in_bytes - -
    - dictionary -
    -     		always -
    size of the file system in bytes as of a timestamp
    -
    -
    Sample:
    -
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    -
    -
    - tags - -
    - dictionary -
    -     		always -
    tags on the efs instance
    -
    -
    Sample:
    -
    {'name': 'my-efs', 'key': 'Value'}
    -
    -
    - throughput_mode - -
    - string -
    -     		when botocore >= 1.10.57 -
    mode of throughput for the file system
    -
    -
    Sample:
    -
    bursting
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ryan Sydnor (@ryansydnor) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache.rst b/docs/community.aws.elasticache.rst deleted file mode 100644 index b6257d3afbc..00000000000 --- a/docs/community.aws.elasticache.rst +++ /dev/null @@ -1,489 +0,0 @@ -:orphan: - -.. _community.aws.elasticache_module: - - -************************* -community.aws.elasticache -************************* - -**Manage cache clusters in Amazon ElastiCache** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage cache clusters in Amazon ElastiCache. -- Returns information about the specified cache cluster. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cache_engine_version - -
    - string -
    -     		- -
    The version number of the cache engine.
    -
    -
    - cache_parameter_group - -
    - string -
    -     		- -
    The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.
    -

    aliases: parameter_group
    -
    -
    - cache_port - -
    - integer -
    -     		- -
    The port number on which each of the cache nodes will accept connections.
    -
    -
    - cache_security_groups - -
    - list - / elements=string
    -     		- -
    A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
    -
    -
    - cache_subnet_group - -
    - string -
    -     		- -
    The subnet group name to associate with. Only use if inside a vpc.
    -
    Required if inside a vpc
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - engine - -
    - string -
    -     		- Default:
    "memcached"
    -     		-
    Name of the cache engine to be used.
    -
    Supported values are redis and memcached.
    -
    -
    - hard_modify - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The cache cluster identifier.
    -
    -
    - node_type - -
    - string -
    -     		- Default:
    "cache.t2.small"
    -     		-
    The compute and memory capacity of the nodes in the cache cluster.
    -
    -
    - num_nodes - -
    - integer -
    -     		- Default:
    1
    -     		-
    The initial number of cache nodes that the cache cluster will have.
    -
    Required when state=present.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_group_ids - -
    - list - / elements=string
    -     		- -
    A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • rebooted
      • -
    -     		-
    absent or present are idempotent actions that will create or destroy a cache cluster as needed.
    -
    rebooted will reboot the cluster, resulting in a momentary outage.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for cache cluster result before returning.
    -
    -
    - zone - -
    - string -
    -     		- -
    The EC2 Availability Zone in which the cache cluster will be created.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: None of these examples set aws_access_key, aws_secret_key, or region. - # It is assumed that their matching environment variables are set. - - - name: Basic example - community.aws.elasticache: - name: "test-please-delete" - state: present - engine: memcached - cache_engine_version: 1.4.14 - node_type: cache.m1.small - num_nodes: 1 - cache_port: 11211 - cache_security_groups: - - default - zone: us-east-1d - - - - name: Ensure cache cluster is gone - community.aws.elasticache: - name: "test-please-delete" - state: absent - - - name: Reboot cache cluster - community.aws.elasticache: - name: "test-please-delete" - state: rebooted - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Jim Dalton (@jsdalton) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_info.rst b/docs/community.aws.elasticache_info.rst deleted file mode 100644 index deedb563a8d..00000000000 --- a/docs/community.aws.elasticache_info.rst +++ /dev/null @@ -1,920 +0,0 @@ -:orphan: - -.. _community.aws.elasticache_info_module: - - -****************************** -community.aws.elasticache_info -****************************** - -**Retrieve information for AWS ElastiCache clusters** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Retrieve information from AWS ElastiCache clusters -- This module was called ``elasticache_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of an ElastiCache cluster.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: obtain all ElastiCache information - community.aws.elasticache_info: - - - name: obtain all information for a single ElastiCache cluster - community.aws.elasticache_info: - name: test_elasticache - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - elasticache_clusters - -
    - complex -
    -     		always -
    List of ElastiCache clusters
    -
    -
      -
    - auto_minor_version_upgrade - -
    - boolean -
    -     		always -
    Whether to automatically upgrade to minor versions
    -
    -
    Sample:
    -
    True
    -
      -
    - cache_cluster_create_time - -
    - string -
    -     		always -
    Date and time cluster was created
    -
    -
    Sample:
    -
    2017-09-15T05:43:46.038000+00:00
    -
      -
    - cache_cluster_id - -
    - string -
    -     		always -
    ID of the cache cluster
    -
    -
    Sample:
    -
    abcd-1234-001
    -
      -
    - cache_cluster_status - -
    - string -
    -     		always -
    Status of ElastiCache cluster
    -
    -
    Sample:
    -
    available
    -
      -
    - cache_node_type - -
    - string -
    -     		always -
    Instance type of ElastiCache nodes
    -
    -
    Sample:
    -
    cache.t2.micro
    -
      -
    - cache_nodes - -
    - complex -
    -     		always -
    List of ElastiCache nodes in the cluster
    -
    -
       -
    - cache_node_create_time - -
    - string -
    -     		always -
    Date and time node was created
    -
    -
    Sample:
    -
    2017-09-15T05:43:46.038000+00:00
    -
       -
    - cache_node_id - -
    - string -
    -     		always -
    ID of the cache node
    -
    -
    Sample:
    -
    0001
    -
       -
    - cache_node_status - -
    - string -
    -     		always -
    Status of the cache node
    -
    -
    Sample:
    -
    available
    -
       -
    - customer_availability_zone - -
    - string -
    -     		always -
    Availability Zone in which the cache node was created
    -
    -
    Sample:
    -
    ap-southeast-2b
    -
       -
    - endpoint - -
    - complex -
    -     		always -
    Connection details for the cache node
    -
    -
        -
    - address - -
    - string -
    -     		always -
    URL of the cache node endpoint
    -
    -
    Sample:
    -
    abcd-1234-001.bgiz2p.0001.apse2.cache.amazonaws.com
    -
        -
    - port - -
    - integer -
    -     		always -
    Port of the cache node endpoint
    -
    -
    Sample:
    -
    6379
    -
       -
    - parameter_group_status - -
    - string -
    -     		always -
    Status of the Cache Parameter Group
    -
    -
    Sample:
    -
    in-sync
    -
      -
    - cache_parameter_group - -
    - complex -
    -     		always -
    Contents of the Cache Parameter Group
    -
    -
       -
    - cache_node_ids_to_reboot - -
    - list -
    -     		always -
    Cache nodes which need to be rebooted for parameter changes to be applied
    -
    -
       -
    - cache_parameter_group_name - -
    - string -
    -     		always -
    Name of the cache parameter group
    -
    -
    Sample:
    -
    default.redis3.2
    -
       -
    - parameter_apply_status - -
    - string -
    -     		always -
    Status of parameter updates
    -
    -
    Sample:
    -
    in-sync
    -
      -
    - cache_security_groups - -
    - list -
    -     		always -
    Security Groups used by the cache
    -
    -
    Sample:
    -
    ['sg-abcd1234']
    -
      -
    - cache_subnet_group_name - -
    - string -
    -     		always -
    ElastiCache Subnet Group used by the cache
    -
    -
    Sample:
    -
    abcd-subnet-group
    -
      -
    - client_download_landing_page - -
    - string -
    -     		always -
    URL of client download web page
    -
    -
    Sample:
    -
    https://console.aws.amazon.com/elasticache/home#client-download:
    -
      -
    - engine - -
    - string -
    -     		always -
    Engine used by ElastiCache
    -
    -
    Sample:
    -
    redis
    -
      -
    - engine_version - -
    - string -
    -     		always -
    Version of ElastiCache engine
    -
    -
    Sample:
    -
    3.2.4
    -
      -
    - notification_configuration - -
    - complex -
    -     		if notifications are enabled -
    Configuration of notifications
    -
    -
       -
    - topic_arn - -
    - string -
    -     		if notifications are enabled -
    ARN of notification destination topic
    -
    -
    Sample:
    -
    arn:aws:sns:*:123456789012:my_topic
    -
       -
    - topic_name - -
    - string -
    -     		if notifications are enabled -
    Name of notification destination topic
    -
    -
    Sample:
    -
    MyTopic
    -
      -
    - num_cache_nodes - -
    - integer -
    -     		always -
    Number of Cache Nodes
    -
    -
    Sample:
    -
    1
    -
      -
    - pending_modified_values - -
    - complex -
    -     		always -
    Values that are pending modification
    -
    -
      -
    - preferred_availability_zone - -
    - string -
    -     		always -
    Preferred Availability Zone
    -
    -
    Sample:
    -
    ap-southeast-2b
    -
      -
    - preferred_maintenance_window - -
    - string -
    -     		always -
    Time slot for preferred maintenance window
    -
    -
    Sample:
    -
    sat:12:00-sat:13:00
    -
      -
    - replication_group_id - -
    - string -
    -     		always -
    Replication Group Id
    -
    -
    Sample:
    -
    replication-001
    -
      -
    - security_groups - -
    - complex -
    -     		always -
    List of Security Groups associated with ElastiCache
    -
    -
       -
    - security_group_id - -
    - string -
    -     		always -
    Security Group ID
    -
    -
    Sample:
    -
    sg-abcd1234
    -
       -
    - status - -
    - string -
    -     		always -
    Status of Security Group
    -
    -
    Sample:
    -
    active
    -
      -
    - tags - -
    - complex -
    -     		always -
    Tags applied to the ElastiCache cluster
    -
    -
    Sample:
    -
    {'Application': 'web', 'Environment': 'test'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_parameter_group.rst b/docs/community.aws.elasticache_parameter_group.rst deleted file mode 100644 index d00d127345f..00000000000 --- a/docs/community.aws.elasticache_parameter_group.rst +++ /dev/null @@ -1,397 +0,0 @@ -:orphan: - -.. _community.aws.elasticache_parameter_group_module: - - -***************************************** -community.aws.elasticache_parameter_group -***************************************** - -**Manage cache parameter groups in Amazon ElastiCache.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage cache security groups in Amazon ElastiCache. -- Returns information about the specified cache cluster. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A user-specified description for the cache parameter group.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - group_family - -
    - string -
    -     		-
      Choices: -
    • memcached1.4
      • -
    • memcached1.5
      • -
    • redis2.6
      • -
    • redis2.8
      • -
    • redis3.2
      • -
    • redis4.0
      • -
    • redis5.0
      • -
    -     		-
    The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
    -
    -
    - name - -
    - string - / required
    -     		- -
    A user-specified name for the cache parameter group.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • reset
      • -
    -     		-
    Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - values - -
    - dictionary -
    -     		- -
    A user-specified dictionary of parameters to reset or modify for the cache parameter group.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: None of these examples set aws_access_key, aws_secret_key, or region. - # It is assumed that their matching environment variables are set. - --- - - hosts: localhost - connection: local - tasks: - - name: 'Create a test parameter group' - community.aws.elasticache_parameter_group: - name: 'test-param-group' - group_family: 'redis3.2' - description: 'This is a cache parameter group' - state: 'present' - - name: 'Modify a test parameter group' - community.aws.elasticache_parameter_group: - name: 'test-param-group' - values: - activerehashing: yes - client-output-buffer-limit-normal-hard-limit: 4 - state: 'present' - - name: 'Reset all modifiable parameters for the test parameter group' - community.aws.elasticache_parameter_group: - name: 'test-param-group' - state: reset - - name: 'Delete a test parameter group' - community.aws.elasticache_parameter_group: - name: 'test-param-group' - state: 'absent' - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    if the cache parameter group has changed
    -
    -
    Sample:
    -
    {'changed': True}
    -
    -
    - elasticache - -
    - dictionary -
    -     		always -
    cache parameter group information and response metadata
    -
    -
    Sample:
    -
    {'cache_parameter_group': {'cache_parameter_group_family': 'redis3.2', 'cache_parameter_group_name': 'test-please-delete', 'description': 'initial description'}, 'response_metadata': {'http_headers': {'content-length': '562', 'content-type': 'text/xml', 'date': 'Mon, 06 Feb 2017 22:14:08 GMT', 'x-amzn-requestid': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1'}, 'http_status_code': 200, 'request_id': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1', 'retry_attempts': 0}}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_snapshot.rst b/docs/community.aws.elasticache_snapshot.rst deleted file mode 100644 index ddbf3210d4a..00000000000 --- a/docs/community.aws.elasticache_snapshot.rst +++ /dev/null @@ -1,402 +0,0 @@ -:orphan: - -.. _community.aws.elasticache_snapshot_module: - - -********************************** -community.aws.elasticache_snapshot -********************************** - -**Manage cache snapshots in Amazon ElastiCache** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage cache snapshots in Amazon ElastiCache. -- Returns information about the specified snapshot. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bucket - -
    - string -
    -     		- -
    The s3 bucket to which the snapshot is exported.
    -
    -
    - cluster_id - -
    - string -
    -     		- -
    The name of an existing cache cluster in the replication group to make the snapshot.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the snapshot we want to create, copy, delete.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - replication_id - -
    - string -
    -     		- -
    The name of the existing replication group to make the snapshot.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • copy
      • -
    -     		-
    Actions that will create, destroy, or copy a snapshot.
    -
    -
    - target - -
    - string -
    -     		- -
    The name of a snapshot copy.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: None of these examples set aws_access_key, aws_secret_key, or region. - # It is assumed that their matching environment variables are set. - - - name: 'Create a snapshot' - community.aws.elasticache_snapshot: - name: 'test-snapshot' - state: 'present' - cluster_id: '{{ cluster }}' - replication_id: '{{ replication }}' - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    if a snapshot has been created, deleted, or copied
    -
    -
    Sample:
    -
    {'changed': True}
    -
    -
    - response_metadata - -
    - dictionary -
    -     		always -
    response metadata about the snapshot
    -
    -
    Sample:
    -
    {'http_headers': {'content-length': 1490, 'content-type': 'text/xml', 'date': 'Tue, 07 Feb 2017 16:43:04 GMT', 'x-amzn-requestid': '7f436dea-ed54-11e6-a04c-ab2372a1f14d'}, 'http_status_code': 200, 'request_id': '7f436dea-ed54-11e6-a04c-ab2372a1f14d', 'retry_attempts': 0}
    -
    -
    - snapshot - -
    - dictionary -
    -     		always -
    snapshot data
    -
    -
    Sample:
    -
    {'auto_minor_version_upgrade': True, 'cache_cluster_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_cluster_id': 'test-please-delete', 'cache_node_type': 'cache.m1.small', 'cache_parameter_group_name': 'default.redis3.2', 'cache_subnet_group_name': 'default', 'engine': 'redis', 'engine_version': '3.2.4', 'node_snapshots': {'cache_node_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_node_id': 1, 'cache_size': None}, 'num_cache_nodes': 1, 'port': 11211, 'preferred_availability_zone': 'us-east-1d', 'preferred_maintenance_window': 'wed:03:00-wed:04:00', 'snapshot_name': 'deletesnapshot', 'snapshot_retention_limit': 0, 'snapshot_source': 'manual', 'snapshot_status': 'creating', 'snapshot_window': '10:00-11:00', 'vpc_id': 'vpc-c248fda4'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elasticache_subnet_group.rst b/docs/community.aws.elasticache_subnet_group.rst deleted file mode 100644 index 4167a2f63c8..00000000000 --- a/docs/community.aws.elasticache_subnet_group.rst +++ /dev/null @@ -1,306 +0,0 @@ -:orphan: - -.. _community.aws.elasticache_subnet_group_module: - - -************************************** -community.aws.elasticache_subnet_group -************************************** - -**manage ElastiCache subnet groups** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, modifies, and deletes ElastiCache subnet groups. This module has a dependency on python-boto >= 2.5. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    ElastiCache subnet group description. Only set when a new group is added.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Database subnet group identifier.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the subnet should be present or absent.
    -
    -
    - subnets - -
    - list - / elements=string
    -     		- -
    List of subnet IDs that make up the ElastiCache subnet group.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Add or change a subnet group - community.aws.elasticache_subnet_group: - state: present - name: norwegian-blue - description: My Fancy Ex Parrot Subnet Group - subnets: - - subnet-aaaaaaaa - - subnet-bbbbbbbb - - - name: Remove a subnet group - community.aws.elasticache_subnet_group: - state: absent - name: norwegian-blue - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Tim Mahoney (@timmahoney) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_application_lb.rst b/docs/community.aws.elb_application_lb.rst deleted file mode 100644 index f46ea59efc2..00000000000 --- a/docs/community.aws.elb_application_lb.rst +++ /dev/null @@ -1,1389 +0,0 @@ -:orphan: - -.. _community.aws.elb_application_lb_module: - - -******************************** -community.aws.elb_application_lb -******************************** - -**Manage an Application load balancer** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS Application Elastic Load Balancer. See https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/ for details. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - access_logs_enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to enable access logs.
    -
    When set, access_logs_s3_bucket must also be set.
    -
    -
    - access_logs_s3_bucket - -
    - string -
    -     		- -
    The name of the S3 bucket for the access logs.
    -
    The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
    -
    Required if access logs in Amazon S3 are enabled.
    -
    When set, access_logs_enabled must also be set.
    -
    -
    - access_logs_s3_prefix - -
    - string -
    -     		- -
    The prefix for the log location in the S3 bucket.
    -
    If you don't specify a prefix, the access logs are stored in the root of the bucket.
    -
    Cannot begin or end with a slash.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - deletion_protection - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether deletion protection for the ELB is enabled.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - http2 - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether to enable HTTP2 routing.
    -
    -
    - idle_timeout - -
    - integer -
    -     		- -
    The number of seconds to wait before an idle connection is closed.
    -
    -
    - listeners - -
    - list -
    -     		- -
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    -
    -
    - Certificates - -
    - list -
    -     		- -
    The SSL server certificate.
    -
    -
    - CertificateArn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the certificate.
    -
    -
    - DefaultActions - -
    - list - / required
    -     		- -
    The default actions for the listener.
    -
    -
    - TargetGroupArn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
    - Type - -
    - string -
    -     		- -
    The type of action.
    -
    -
    - Port - -
    - integer - / required
    -     		- -
    The port on which the load balancer is listening.
    -
    -
    - Protocol - -
    - string - / required
    -     		- -
    The protocol for connections from clients to the load balancer.
    -
    -
    - Rules - -
    - list -
    -     		- -
    A list of ALB Listener Rules.
    -
    For the complete documentation of possible Conditions and Actions please see the boto3 documentation:
    -
    https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_rule
    -
    -
    - Actions - -
    - list -
    -     		- -
    Actions to apply if all of the rule's conditions are met.
    -
    -
    - Conditions - -
    - list -
    -     		- -
    Conditions which must be met for the actions to be applied.
    -
    -
    - Priority - -
    - integer -
    -     		- -
    The rule priority.
    -
    -
    - SslPolicy - -
    - string -
    -     		- -
    The security policy that defines which ciphers and protocols are supported.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_listeners - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
    -
    -
    - purge_rules - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - scheme - -
    - string -
    -     		-
      Choices: -
    • internet-facing ←
      • -
    • internal
      • -
    -     		-
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    -
    -
    - security_groups - -
    - list -
    -     		- Default:
    []
    -     		-
    A list of the names or IDs of the security groups to assign to the load balancer.
    -
    Required if state=present.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or destroy the load balancer.
    -
    -
    - subnets - -
    - list -
    -     		- -
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    -
    Required if state=present.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of one or more tags to assign to the load balancer.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- -
    The time in seconds to use in conjunction with wait.
    -
    -
    - - -Notes ------ - -.. note:: - - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Create an ELB and attach a listener - - community.aws.elb_application_lb: - name: myelb - security_groups: - - sg-12345678 - - my-sec-group - subnets: - - subnet-012345678 - - subnet-abcdef000 - listeners: - - Protocol: HTTP # Required. The protocol for connections from clients to the load balancer (HTTP or HTTPS) (case-sensitive). - Port: 80 # Required. The port on which the load balancer is listening. - # The security policy that defines which ciphers and protocols are supported. The default is the current predefined security policy. - SslPolicy: ELBSecurityPolicy-2015-05 - Certificates: # The ARN of the certificate (only one certficate ARN should be provided) - - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com - DefaultActions: - - Type: forward # Required. - TargetGroupName: # Required. The name of the target group - state: present - - # Create an ELB and attach a listener with logging enabled - - community.aws.elb_application_lb: - access_logs_enabled: yes - access_logs_s3_bucket: mybucket - access_logs_s3_prefix: "logs" - name: myelb - security_groups: - - sg-12345678 - - my-sec-group - subnets: - - subnet-012345678 - - subnet-abcdef000 - listeners: - - Protocol: HTTP # Required. The protocol for connections from clients to the load balancer (HTTP or HTTPS) (case-sensitive). - Port: 80 # Required. The port on which the load balancer is listening. - # The security policy that defines which ciphers and protocols are supported. The default is the current predefined security policy. - SslPolicy: ELBSecurityPolicy-2015-05 - Certificates: # The ARN of the certificate (only one certficate ARN should be provided) - - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com - DefaultActions: - - Type: forward # Required. - TargetGroupName: # Required. The name of the target group - state: present - - # Create an ALB with listeners and rules - - community.aws.elb_application_lb: - name: test-alb - subnets: - - subnet-12345678 - - subnet-87654321 - security_groups: - - sg-12345678 - scheme: internal - listeners: - - Protocol: HTTPS - Port: 443 - DefaultActions: - - Type: forward - TargetGroupName: test-target-group - Certificates: - - CertificateArn: arn:aws:iam::12345678987:server-certificate/test.domain.com - SslPolicy: ELBSecurityPolicy-2015-05 - Rules: - - Conditions: - - Field: path-pattern - Values: - - '/test' - Priority: '1' - Actions: - - TargetGroupName: test-target-group - Type: forward - - Conditions: - - Field: path-pattern - Values: - - "/redirect-path/*" - Priority: '2' - Actions: - - Type: redirect - RedirectConfig: - Host: "#{host}" - Path: "/example/redir" # or /#{path} - Port: "#{port}" - Protocol: "#{protocol}" - Query: "#{query}" - StatusCode: "HTTP_302" # or HTTP_301 - - Conditions: - - Field: path-pattern - Values: - - "/fixed-response-path/" - Priority: '3' - Actions: - - Type: fixed-response - FixedResponseConfig: - ContentType: "text/plain" - MessageBody: "This is the page you're looking for" - StatusCode: "200" - - Conditions: - - Field: host-header - Values: - - "hostname.domain.com" - - "alternate.domain.com" - Priority: '4' - Actions: - - TargetGroupName: test-target-group - Type: forward - state: present - - # Remove an ELB - - community.aws.elb_application_lb: - name: myelb - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - access_logs_s3_bucket - -
    - string -
    -     		when state is present -
    The name of the S3 bucket for the access logs.
    -
    -
    Sample:
    -
    mys3bucket
    -
    -
    - access_logs_s3_enabled - -
    - string -
    -     		when state is present -
    Indicates whether access logs stored in Amazon S3 are enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - access_logs_s3_prefix - -
    - string -
    -     		when state is present -
    The prefix for the location in the S3 bucket.
    -
    -
    Sample:
    -
    my/logs
    -
    -
    - availability_zones - -
    - list -
    -     		when state is present -
    The Availability Zones for the load balancer.
    -
    -
    Sample:
    -
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    -
    -
    - canonical_hosted_zone_id - -
    - string -
    -     		when state is present -
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    -
    -
    Sample:
    -
    ABCDEF12345678
    -
    -
    - created_time - -
    - string -
    -     		when state is present -
    The date and time the load balancer was created.
    -
    -
    Sample:
    -
    2015-02-12T02:14:02+00:00
    -
    -
    - deletion_protection_enabled - -
    - string -
    -     		when state is present -
    Indicates whether deletion protection is enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - dns_name - -
    - string -
    -     		when state is present -
    The public DNS name of the load balancer.
    -
    -
    Sample:
    -
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    -
    -
    - idle_timeout_timeout_seconds - -
    - integer -
    -     		when state is present -
    The idle timeout value, in seconds.
    -
    -
    Sample:
    -
    60
    -
    -
    - ip_address_type - -
    - string -
    -     		when state is present -
    The type of IP addresses used by the subnets for the load balancer.
    -
    -
    Sample:
    -
    ipv4
    -
    -
    - listeners - -
    - complex -
    -     		when state is present -
    Information about the listeners.
    -
    -
      -
    - certificates - -
    - complex -
    -     		when state is present -
    The SSL server certificate.
    -
    -
       -
    - certificate_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the certificate.
    -
    -
      -
    - default_actions - -
    - string -
    -     		when state is present -
    The default actions for the listener.
    -
    -
       -
    - target_group_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
       -
    - type - -
    - string -
    -     		when state is present -
    The type of action.
    -
    -
      -
    - listener_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the listener.
    -
    -
      -
    - load_balancer_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
      -
    - port - -
    - integer -
    -     		when state is present -
    The port on which the load balancer is listening.
    -
    -
    Sample:
    -
    80
    -
      -
    - protocol - -
    - string -
    -     		when state is present -
    The protocol for connections from clients to the load balancer.
    -
    -
    Sample:
    -
    HTTPS
    -
      -
    - ssl_policy - -
    - string -
    -     		when state is present -
    The security policy that defines which ciphers and protocols are supported.
    -
    -
    -
    - load_balancer_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    -
    -
    - load_balancer_name - -
    - string -
    -     		when state is present -
    The name of the load balancer.
    -
    -
    Sample:
    -
    my-elb
    -
    -
    - routing_http2_enabled - -
    - string -
    -     		when state is present -
    Indicates whether HTTP/2 is enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - scheme - -
    - string -
    -     		when state is present -
    Internet-facing or internal load balancer.
    -
    -
    Sample:
    -
    internal
    -
    -
    - security_groups - -
    - list -
    -     		when state is present -
    The IDs of the security groups for the load balancer.
    -
    -
    Sample:
    -
    ['sg-0011223344']
    -
    -
    - state - -
    - dictionary -
    -     		when state is present -
    The state of the load balancer.
    -
    -
    Sample:
    -
    {'code': 'active'}
    -
    -
    - tags - -
    - dictionary -
    -     		when state is present -
    The tags attached to the load balancer.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    -
    -
    - type - -
    - string -
    -     		when state is present -
    The type of load balancer.
    -
    -
    Sample:
    -
    application
    -
    -
    - vpc_id - -
    - string -
    -     		when state is present -
    The ID of the VPC for the load balancer.
    -
    -
    Sample:
    -
    vpc-0011223344
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_application_lb_info.rst b/docs/community.aws.elb_application_lb_info.rst deleted file mode 100644 index df6e86ba520..00000000000 --- a/docs/community.aws.elb_application_lb_info.rst +++ /dev/null @@ -1,639 +0,0 @@ -:orphan: - -.. _community.aws.elb_application_lb_info_module: - - -************************************* -community.aws.elb_application_lb_info -************************************* - -**Gather information about application ELBs in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about application ELBs in AWS -- This module was called ``elb_application_lb_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - load_balancer_arns - -
    - list -
    -     		- -
    The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
    -
    -
    - names - -
    - list -
    -     		- -
    The names of the load balancers.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all target groups - community.aws.elb_application_lb_info: - - - name: Gather information about the target group attached to a particular ELB - community.aws.elb_application_lb_info: - load_balancer_arns: - - "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" - - - name: Gather information about a target groups named 'tg1' and 'tg2' - community.aws.elb_application_lb_info: - names: - - elb1 - - elb2 - - - name: Gather information about specific ALB - community.aws.elb_application_lb_info: - names: "alb-name" - region: "aws-region" - register: alb_info - - debug: - var: alb_info - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - load_balancers - -
    - complex -
    -     		always -
    a list of load balancers
    -
    -
      -
    - access_logs_s3_bucket - -
    - string -
    -     		when status is present -
    The name of the S3 bucket for the access logs.
    -
    -
    Sample:
    -
    mys3bucket
    -
      -
    - access_logs_s3_enabled - -
    - string -
    -     		when status is present -
    Indicates whether access logs stored in Amazon S3 are enabled.
    -
    -
    Sample:
    -
    True
    -
      -
    - access_logs_s3_prefix - -
    - string -
    -     		when status is present -
    The prefix for the location in the S3 bucket.
    -
    -
    Sample:
    -
    /my/logs
    -
      -
    - availability_zones - -
    - list -
    -     		when status is present -
    The Availability Zones for the load balancer.
    -
    -
    Sample:
    -
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    -
      -
    - canonical_hosted_zone_id - -
    - string -
    -     		when status is present -
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    -
    -
    Sample:
    -
    ABCDEF12345678
    -
      -
    - created_time - -
    - string -
    -     		when status is present -
    The date and time the load balancer was created.
    -
    -
    Sample:
    -
    2015-02-12T02:14:02+00:00
    -
      -
    - deletion_protection_enabled - -
    - string -
    -     		when status is present -
    Indicates whether deletion protection is enabled.
    -
    -
    Sample:
    -
    True
    -
      -
    - dns_name - -
    - string -
    -     		when status is present -
    The public DNS name of the load balancer.
    -
    -
    Sample:
    -
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    -
      -
    - idle_timeout_timeout_seconds - -
    - string -
    -     		when status is present -
    The idle timeout value, in seconds.
    -
    -
    Sample:
    -
    60
    -
      -
    - ip_address_type - -
    - string -
    -     		when status is present -
    The type of IP addresses used by the subnets for the load balancer.
    -
    -
    Sample:
    -
    ipv4
    -
      -
    - load_balancer_arn - -
    - string -
    -     		when status is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    -
      -
    - load_balancer_name - -
    - string -
    -     		when status is present -
    The name of the load balancer.
    -
    -
    Sample:
    -
    my-elb
    -
      -
    - scheme - -
    - string -
    -     		when status is present -
    Internet-facing or internal load balancer.
    -
    -
    Sample:
    -
    internal
    -
      -
    - security_groups - -
    - list -
    -     		when status is present -
    The IDs of the security groups for the load balancer.
    -
    -
    Sample:
    -
    ['sg-0011223344']
    -
      -
    - state - -
    - dictionary -
    -     		when status is present -
    The state of the load balancer.
    -
    -
    Sample:
    -
    {'code': 'active'}
    -
      -
    - tags - -
    - dictionary -
    -     		when status is present -
    The tags attached to the load balancer.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    -
      -
    - type - -
    - string -
    -     		when status is present -
    The type of load balancer.
    -
    -
    Sample:
    -
    application
    -
      -
    - vpc_id - -
    - string -
    -     		when status is present -
    The ID of the VPC for the load balancer.
    -
    -
    Sample:
    -
    vpc-0011223344
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_classic_lb.rst b/docs/community.aws.elb_classic_lb.rst deleted file mode 100644 index af9cb4e1cfc..00000000000 --- a/docs/community.aws.elb_classic_lb.rst +++ /dev/null @@ -1,812 +0,0 @@ -:orphan: - -.. _community.aws.elb_classic_lb_module: - - -**************************** -community.aws.elb_classic_lb -**************************** - -**Creates or destroys Amazon ELB.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Returns information about the load balancer. -- Will be marked changed when called only if state is changed. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - access_logs - -
    - dictionary -
    -     		- -
    An associative array of access logs configuration settings (see example)
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - connection_draining_timeout - -
    - integer -
    -     		- -
    Wait a specified timeout allowing connections to drain before terminating an instance
    -
    -
    - cross_az_load_balancing - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Distribute load across all configured Availability Zones
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - health_check - -
    - dictionary -
    -     		- -
    An associative array of health check configuration settings (see example)
    -
    -
    - idle_timeout - -
    - integer -
    -     		- -
    ELB connections from clients and to servers are timed out after this amount of time
    -
    -
    - instance_ids - -
    - list -
    -     		- -
    List of instance ids to attach to this ELB
    -
    -
    - listeners - -
    - list -
    -     		- -
    List of ports/protocols for this ELB to listen on (see example)
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the ELB
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_instance_ids - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing instance ids on ELB that are not found in instance_ids
    -
    -
    - purge_listeners - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Purge existing listeners on ELB that are not found in listeners
    -
    -
    - purge_subnets - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing subnet on ELB that are not found in subnets
    -
    -
    - purge_zones - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing availability zones on ELB that are not found in zones
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - scheme - -
    - string -
    -     		-
      Choices: -
    • internal
      • -
    • internet-facing ←
      • -
    -     		-
    The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
    -
    -
    - security_group_ids - -
    - list -
    -     		- -
    A list of security groups to apply to the elb
    -
    -
    - security_group_names - -
    - list -
    -     		- -
    A list of security group names to apply to the elb
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or destroy the ELB
    -
    -
    - stickiness - -
    - dictionary -
    -     		- -
    An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
    -
    -
    - subnets - -
    - list -
    -     		- -
    A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    An associative array of tags. To delete all tags, supply an empty dict.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    60
    -     		-
    Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
    -
    -
    - zones - -
    - list -
    -     		- -
    List of availability zones to enable on this ELB
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: None of these examples set aws_access_key, aws_secret_key, or region. - # It is assumed that their matching environment variables are set. - - # Basic provisioning example (non-VPC) - - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: present - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http # options are http, https, ssl, tcp - load_balancer_port: 80 - instance_port: 80 - proxy_protocol: True - - protocol: https - load_balancer_port: 443 - instance_protocol: http # optional, defaults to value of protocol setting - instance_port: 80 - # ssl certificate required for https or ssl - ssl_certificate_id: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert" - delegate_to: localhost - - # Internal ELB example - - - community.aws.elb_classic_lb: - name: "test-vpc" - scheme: internal - state: present - instance_ids: - - i-abcd1234 - purge_instance_ids: true - subnets: - - subnet-abcd1234 - - subnet-1a2b3c4d - listeners: - - protocol: http # options are http, https, ssl, tcp - load_balancer_port: 80 - instance_port: 80 - delegate_to: localhost - - # Configure a health check and the access logs - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: present - zones: - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - health_check: - ping_protocol: http # options are http, https, ssl, tcp - ping_port: 80 - ping_path: "/index.html" # not required for tcp or ssl - response_timeout: 5 # seconds - interval: 30 # seconds - unhealthy_threshold: 2 - healthy_threshold: 10 - access_logs: - interval: 5 # minutes (defaults to 60) - s3_location: "my-bucket" # This value is required if access_logs is set - s3_prefix: "logs" - delegate_to: localhost - - # Ensure ELB is gone - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: absent - delegate_to: localhost - - # Ensure ELB is gone and wait for check (for default timeout) - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: absent - wait: yes - delegate_to: localhost - - # Ensure ELB is gone and wait for check with timeout value - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: absent - wait: yes - wait_timeout: 600 - delegate_to: localhost - - # Normally, this module will purge any listeners that exist on the ELB - # but aren't specified in the listeners parameter. If purge_listeners is - # false it leaves them alone - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: present - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - purge_listeners: no - delegate_to: localhost - - # Normally, this module will leave availability zones that are enabled - # on the ELB alone. If purge_zones is true, then any extraneous zones - # will be removed - - community.aws.elb_classic_lb: - name: "test-please-delete" - state: present - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - purge_zones: yes - delegate_to: localhost - - # Creates a ELB and assigns a list of subnets to it. - - community.aws.elb_classic_lb: - state: present - name: 'New ELB' - security_group_ids: 'sg-123456, sg-67890' - region: us-west-2 - subnets: 'subnet-123456,subnet-67890' - purge_subnets: yes - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - delegate_to: localhost - - # Create an ELB with connection draining, increased idle timeout and cross availability - # zone load balancing - - community.aws.elb_classic_lb: - name: "New ELB" - state: present - connection_draining_timeout: 60 - idle_timeout: 300 - cross_az_load_balancing: "yes" - region: us-east-1 - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - delegate_to: localhost - - # Create an ELB with load balancer stickiness enabled - - community.aws.elb_classic_lb: - name: "New ELB" - state: present - region: us-east-1 - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - stickiness: - type: loadbalancer - enabled: yes - expiration: 300 - delegate_to: localhost - - # Create an ELB with application stickiness enabled - - community.aws.elb_classic_lb: - name: "New ELB" - state: present - region: us-east-1 - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - stickiness: - type: application - enabled: yes - cookie: SESSIONID - delegate_to: localhost - - # Create an ELB and add tags - - community.aws.elb_classic_lb: - name: "New ELB" - state: present - region: us-east-1 - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - tags: - Name: "New ELB" - stack: "production" - client: "Bob" - delegate_to: localhost - - # Delete all tags from an ELB - - community.aws.elb_classic_lb: - name: "New ELB" - state: present - region: us-east-1 - zones: - - us-east-1a - - us-east-1d - listeners: - - protocol: http - load_balancer_port: 80 - instance_port: 80 - tags: {} - delegate_to: localhost - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Jim Dalton (@jsdalton) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_classic_lb_info.rst b/docs/community.aws.elb_classic_lb_info.rst deleted file mode 100644 index 1a8b292150a..00000000000 --- a/docs/community.aws.elb_classic_lb_info.rst +++ /dev/null @@ -1,310 +0,0 @@ -:orphan: - -.. _community.aws.elb_classic_lb_info_module: - - -********************************* -community.aws.elb_classic_lb_info -********************************* - -**Gather information about EC2 Elastic Load Balancers in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about EC2 Elastic Load Balancers in AWS -- This module was called ``elb_classic_lb_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - names - -
    - list -
    -     		- -
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - # Output format tries to match amazon.aws.ec2_elb_lb module input parameters - - # Gather information about all ELBs - - community.aws.elb_classic_lb_info: - register: elb_info - - - debug: - msg: "{{ item.dns_name }}" - loop: "{{ elb_info.elbs }}" - - # Gather information about a particular ELB - - community.aws.elb_classic_lb_info: - names: frontend-prod-elb - register: elb_info - - - debug: - msg: "{{ elb_info.elbs.0.dns_name }}" - - # Gather information about a set of ELBs - - community.aws.elb_classic_lb_info: - names: - - frontend-prod-elb - - backend-prod-elb - register: elb_info - - - debug: - msg: "{{ item.dns_name }}" - loop: "{{ elb_info.elbs }}" - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - elbs - -
    - list -
    -     		always -
    a list of load balancers
    -
    -
    Sample:
    -
    {'elbs': [{'attributes': {'access_log': {'enabled': False}, 'connection_draining': {'enabled': True, 'timeout': 300}, 'connection_settings': {'idle_timeout': 60}, 'cross_zone_load_balancing': {'enabled': True}}, 'availability_zones': ['us-east-1a', 'us-east-1b', 'us-east-1c', 'us-east-1d', 'us-east-1e'], 'backend_server_description': [], 'canonical_hosted_zone_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'canonical_hosted_zone_name_id': 'XXXXXXXXXXXXXX', 'created_time': '2017-08-23T18:25:03.280000+00:00', 'dns_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'health_check': {'healthy_threshold': 10, 'interval': 30, 'target': 'HTTP:80/index.html', 'timeout': 5, 'unhealthy_threshold': 2}, 'instances': [], 'instances_inservice': [], 'instances_inservice_count': 0, 'instances_outofservice': [], 'instances_outofservice_count': 0, 'instances_unknownservice': [], 'instances_unknownservice_count': 0, 'listener_descriptions': [{'listener': {'instance_port': 80, 'instance_protocol': 'HTTP', 'load_balancer_port': 80, 'protocol': 'HTTP'}, 'policy_names': []}], 'load_balancer_name': 'test-lb', 'policies': {'app_cookie_stickiness_policies': [], 'lb_cookie_stickiness_policies': [], 'other_policies': []}, 'scheme': 'internet-facing', 'security_groups': ['sg-29d13055'], 'source_security_group': {'group_name': 'default', 'owner_alias': 'XXXXXXXXXXXX'}, 'subnets': ['subnet-XXXXXXXX', 'subnet-XXXXXXXX'], 'tags': {}, 'vpc_id': 'vpc-c248fda4'}]}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael Schultz (@mjschultz) -- Fernando Jose Pando (@nand0p) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_instance.rst b/docs/community.aws.elb_instance.rst deleted file mode 100644 index 872568d8bbe..00000000000 --- a/docs/community.aws.elb_instance.rst +++ /dev/null @@ -1,351 +0,0 @@ -:orphan: - -.. _community.aws.elb_instance_module: - - -************************** -community.aws.elb_instance -************************** - -**De-registers or registers instances from EC2 ELBs** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module de-registers or registers an AWS EC2 instance from the ELBs that it belongs to. -- Returns fact "ec2_elbs" which is a list of elbs attached to the instance if state=absent is passed as an argument. -- Will be marked changed when called only if there are ELBs found to operate on. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_elbs - -
    - list -
    -     		- -
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - enable_availability_zone - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    -
    -
    - instance_id - -
    - string - / required
    -     		- -
    EC2 Instance ID
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    register or deregister the instance
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for instance registration or deregistration to complete successfully before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    0
    -     		-
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # basic pre_task and post_task example - pre_tasks: - - name: Instance De-register - community.aws.elb_instance: - instance_id: "{{ ansible_ec2_instance_id }}" - state: absent - delegate_to: localhost - roles: - - myrole - post_tasks: - - name: Instance Register - community.aws.elb_instance: - instance_id: "{{ ansible_ec2_instance_id }}" - ec2_elbs: "{{ item }}" - state: present - delegate_to: localhost - loop: "{{ ec2_elbs }}" - - - - - -Status ------- - - -Authors -~~~~~~~ - -- John Jarvis (@jarv) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_network_lb.rst b/docs/community.aws.elb_network_lb.rst deleted file mode 100644 index 7e9b7535bde..00000000000 --- a/docs/community.aws.elb_network_lb.rst +++ /dev/null @@ -1,1085 +0,0 @@ -:orphan: - -.. _community.aws.elb_network_lb_module: - - -**************************** -community.aws.elb_network_lb -**************************** - -**Manage a Network Load Balancer** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS Network Elastic Load Balancer. See https://aws.amazon.com/blogs/aws/new-network-load-balancer-effortless-scaling-to-millions-of-requests-per-second/ for details. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cross_zone_load_balancing - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether cross-zone load balancing is enabled.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - deletion_protection - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether deletion protection for the ELB is enabled.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - listeners - -
    - list - / elements=dictionary
    -     		- -
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    -
    -
    - Certificates - -
    - list - / elements=dictionary
    -     		- -
    The SSL server certificate.
    -
    -
    - CertificateArn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the certificate.
    -
    -
    - DefaultActions - -
    - list - / elements=dictionary / required
    -     		- -
    The default actions for the listener.
    -
    -
    - TargetGroupArn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
    - Type - -
    - string -
    -     		- -
    The type of action.
    -
    -
    - Port - -
    - integer - / required
    -     		- -
    The port on which the load balancer is listening.
    -
    -
    - Protocol - -
    - string - / required
    -     		- -
    The protocol for connections from clients to the load balancer.
    -
    -
    - SslPolicy - -
    - string -
    -     		- -
    The security policy that defines which ciphers and protocols are supported.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_listeners - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If purge_listeners=true, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
    -
    If the listeners parameter is not set then listeners will not be modified.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If purge_tags=true, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
    -
    If the tags parameter is not set then tags will not be modified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - scheme - -
    - string -
    -     		-
      Choices: -
    • internet-facing ←
      • -
    • internal
      • -
    -     		-
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or destroy the load balancer.
    -
    The current default is absent. However, this behavior is inconsistent with other modules and as such the default will change to present in 2.14. To maintain the existing behavior explicitly set state=absent.
    -
    -
    - subnet_mappings - -
    - list - / elements=dictionary
    -     		- -
    A list of dicts containing the IDs of the subnets to attach to the load balancer. You can also specify the allocation ID of an Elastic IP to attach to the load balancer. You can specify one Elastic IP address per subnet.
    -
    This parameter is mutually exclusive with subnets.
    -
    -
    - subnets - -
    - list -
    -     		- -
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    -
    Required when state=present.
    -
    This parameter is mutually exclusive with subnet_mappings.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of one or more tags to assign to the load balancer.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the network load balancer to reach the desired state.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- -
    The duration in seconds to wait, used in conjunction with wait.
    -
    -
    - - -Notes ------ - -.. note:: - - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create an ELB and attach a listener - community.aws.elb_network_lb: - name: myelb - subnets: - - subnet-012345678 - - subnet-abcdef000 - listeners: - - Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP, TLS, UDP or TCP_UDP) (case-sensitive). - Port: 80 # Required. The port on which the load balancer is listening. - DefaultActions: - - Type: forward # Required. Only 'forward' is accepted at this time - TargetGroupName: mytargetgroup # Required. The name of the target group - state: present - - - name: Create an ELB with an attached Elastic IP address - community.aws.elb_network_lb: - name: myelb - subnet_mappings: - - SubnetId: subnet-012345678 - AllocationId: eipalloc-aabbccdd - listeners: - - Protocol: TCP # Required. The protocol for connections from clients to the load balancer (TCP, TLS, UDP or TCP_UDP) (case-sensitive). - Port: 80 # Required. The port on which the load balancer is listening. - DefaultActions: - - Type: forward # Required. Only 'forward' is accepted at this time - TargetGroupName: mytargetgroup # Required. The name of the target group - state: present - - - name: Remove an ELB - community.aws.elb_network_lb: - name: myelb - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - availability_zones - -
    - list -
    -     		when state is present -
    The Availability Zones for the load balancer.
    -
    -
    Sample:
    -
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a', 'load_balancer_addresses': []}]
    -
    -
    - canonical_hosted_zone_id - -
    - string -
    -     		when state is present -
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    -
    -
    Sample:
    -
    ABCDEF12345678
    -
    -
    - created_time - -
    - string -
    -     		when state is present -
    The date and time the load balancer was created.
    -
    -
    Sample:
    -
    2015-02-12T02:14:02+00:00
    -
    -
    - deletion_protection_enabled - -
    - string -
    -     		when state is present -
    Indicates whether deletion protection is enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - dns_name - -
    - string -
    -     		when state is present -
    The public DNS name of the load balancer.
    -
    -
    Sample:
    -
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    -
    -
    - idle_timeout_timeout_seconds - -
    - string -
    -     		when state is present -
    The idle timeout value, in seconds.
    -
    -
    Sample:
    -
    60
    -
    -
    - ip_address_type - -
    - string -
    -     		when state is present -
    The type of IP addresses used by the subnets for the load balancer.
    -
    -
    Sample:
    -
    ipv4
    -
    -
    - listeners - -
    - complex -
    -     		when state is present -
    Information about the listeners.
    -
    -
      -
    - certificates - -
    - complex -
    -     		when state is present -
    The SSL server certificate.
    -
    -
       -
    - certificate_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the certificate.
    -
    -
      -
    - default_actions - -
    - string -
    -     		when state is present -
    The default actions for the listener.
    -
    -
       -
    - target_group_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
       -
    - type - -
    - string -
    -     		when state is present -
    The type of action.
    -
    -
      -
    - listener_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the listener.
    -
    -
      -
    - load_balancer_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
      -
    - port - -
    - integer -
    -     		when state is present -
    The port on which the load balancer is listening.
    -
    -
    Sample:
    -
    80
    -
      -
    - protocol - -
    - string -
    -     		when state is present -
    The protocol for connections from clients to the load balancer.
    -
    -
    Sample:
    -
    HTTPS
    -
      -
    - ssl_policy - -
    - string -
    -     		when state is present -
    The security policy that defines which ciphers and protocols are supported.
    -
    -
    -
    - load_balancer_arn - -
    - string -
    -     		when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    -
    -
    - load_balancer_name - -
    - string -
    -     		when state is present -
    The name of the load balancer.
    -
    -
    Sample:
    -
    my-elb
    -
    -
    - load_balancing_cross_zone_enabled - -
    - string -
    -     		when state is present -
    Indicates whether cross-zone load balancing is enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - scheme - -
    - string -
    -     		when state is present -
    Internet-facing or internal load balancer.
    -
    -
    Sample:
    -
    internal
    -
    -
    - state - -
    - dictionary -
    -     		when state is present -
    The state of the load balancer.
    -
    -
    Sample:
    -
    {'code': 'active'}
    -
    -
    - tags - -
    - dictionary -
    -     		when state is present -
    The tags attached to the load balancer.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    -
    -
    - type - -
    - string -
    -     		when state is present -
    The type of load balancer.
    -
    -
    Sample:
    -
    network
    -
    -
    - vpc_id - -
    - string -
    -     		when state is present -
    The ID of the VPC for the load balancer.
    -
    -
    Sample:
    -
    vpc-0011223344
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target.rst b/docs/community.aws.elb_target.rst deleted file mode 100644 index 4e878b68337..00000000000 --- a/docs/community.aws.elb_target.rst +++ /dev/null @@ -1,411 +0,0 @@ -:orphan: - -.. _community.aws.elb_target_module: - - -************************ -community.aws.elb_target -************************ - -**Manage a target in a target group** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Used to register or deregister a target in a target group - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - deregister_unused - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Register or deregister the target.
    -
    -
    - target_az - -
    - string -
    -     		- -
    An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
    -
    -
    - target_group_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
    -
    -
    - target_group_name - -
    - string -
    -     		- -
    The name of the target group. Mutually exclusive of target_group_arn.
    -
    -
    - target_id - -
    - string - / required
    -     		- -
    The ID of the target.
    -
    -
    - target_port - -
    - integer -
    -     		- -
    The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
    -
    The default port for a target is the port for the target group.
    -
    -
    - target_status - -
    - string -
    -     		-
      Choices: -
    • initial
      • -
    • healthy
      • -
    • unhealthy
      • -
    • unused
      • -
    • draining
      • -
    • unavailable
      • -
    -     		-
    Blocks and waits for the target status to equal given value. For more detail on target status see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states
    -
    -
    - target_status_timeout - -
    - integer -
    -     		- Default:
    60
    -     		-
    Maximum time in seconds to wait for target_status change
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If you specified a port override when you registered a target, you must specify both the target ID and the port when you deregister it. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Register an IP address target to a target group - community.aws.elb_target: - target_group_name: myiptargetgroup - target_id: i-1234567 - state: present - - - name: Register an instance target to a target group - community.aws.elb_target: - target_group_name: mytargetgroup - target_id: i-1234567 - state: present - - - name: Deregister a target from a target group - community.aws.elb_target: - target_group_name: mytargetgroup - target_id: i-1234567 - state: absent - - # Modify a target to use a different port - - name: Register a target to a target group - community.aws.elb_target: - target_group_name: mytargetgroup - target_id: i-1234567 - target_port: 8080 - state: present - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target_group.rst b/docs/community.aws.elb_target_group.rst deleted file mode 100644 index 147d3911c44..00000000000 --- a/docs/community.aws.elb_target_group.rst +++ /dev/null @@ -1,1087 +0,0 @@ -:orphan: - -.. _community.aws.elb_target_group_module: - - -****************************** -community.aws.elb_target_group -****************************** - -**Manage a target group for an Application or Network load balancer** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage an AWS Elastic Load Balancer target group. See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html or https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html for details. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - deregistration_delay_timeout - -
    - integer -
    -     		- -
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - health_check_interval - -
    - integer -
    -     		- -
    The approximate amount of time, in seconds, between health checks of an individual target.
    -
    -
    - health_check_path - -
    - string -
    -     		- -
    The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
    -
    Requires the health_check_protocol parameter to be set.
    -
    -
    - health_check_port - -
    - string -
    -     		- -
    The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
    -
    When not defined will default to the port on which each target receives traffic from the load balancer.
    -
    -
    - health_check_protocol - -
    - string -
    -     		-
      Choices: -
    • http
      • -
    • https
      • -
    • tcp
      • -
    • tls
      • -
    • udp
      • -
    • tcp_udp
      • -
    • HTTP
      • -
    • HTTPS
      • -
    • TCP
      • -
    • TLS
      • -
    • UDP
      • -
    • TCP_UDP
      • -
    -     		-
    The protocol the load balancer uses when performing health checks on targets.
    -
    -
    - health_check_timeout - -
    - integer -
    -     		- -
    The amount of time, in seconds, during which no response from a target means a failed health check.
    -
    -
    - healthy_threshold_count - -
    - integer -
    -     		- -
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    -
    -
    - modify_targets - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to alter existing targets in the group to match what is passed with the module
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the target group.
    -
    -
    - port - -
    - integer -
    -     		- -
    The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if state is present.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - protocol - -
    - string -
    -     		-
      Choices: -
    • http
      • -
    • https
      • -
    • tcp
      • -
    • tls
      • -
    • udp
      • -
    • tcp_udp
      • -
    • HTTP
      • -
    • HTTPS
      • -
    • TCP
      • -
    • TLS
      • -
    • UDP
      • -
    • TCP_UDP
      • -
    -     		-
    The protocol to use for routing traffic to the targets. Required when state is present.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tag parameter is not set then tags will not be modified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or destroy the target group.
    -
    -
    - stickiness_enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether sticky sessions are enabled.
    -
    -
    - stickiness_lb_cookie_duration - -
    - integer -
    -     		- -
    The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
    -
    -
    - stickiness_type - -
    - string -
    -     		- -
    The type of sticky sessions.
    -
    If not set AWS will default to lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
    -
    -
    - successful_response_codes - -
    - string -
    -     		- -
    The HTTP codes to use when checking for a successful response from a target.
    -
    Accepts multiple values (for example, "200,202") or a range of values (for example, "200-299").
    -
    Requires the health_check_protocol parameter to be set.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of one or more tags to assign to the target group.
    -
    -
    - target_type - -
    - string -
    -     		-
      Choices: -
    • instance
      • -
    • ip
      • -
    • lambda
      • -
    -     		-
    The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID), ip (targets are specified by IP address) or lambda (target is specified by ARN). Note that you can't specify targets for a target group using more than one type. Target type lambda only accept one target. When more than one target is specified, only the first one is used. All additional targets are ignored. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
    -
    The default behavior is instance.
    -
    -
    - targets - -
    - list -
    -     		- -
    A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
    -
    -
    - unhealthy_threshold_count - -
    - integer -
    -     		- -
    The number of consecutive health check failures required before considering a target unhealthy.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    The identifier of the virtual private cloud (VPC). Required when state is present.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the target group.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    200
    -     		-
    The time to wait for the target group.
    -
    -
    - - -Notes ------ - -.. note:: - - Once a target group has been created, only its health check can then be modified using subsequent calls - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create a target group with a default health check - community.aws.elb_target_group: - name: mytargetgroup - protocol: http - port: 80 - vpc_id: vpc-01234567 - state: present - - - name: Modify the target group with a custom health check - community.aws.elb_target_group: - name: mytargetgroup - protocol: http - port: 80 - vpc_id: vpc-01234567 - health_check_protocol: http - health_check_path: /health_check - health_check_port: 80 - successful_response_codes: 200 - health_check_interval: 15 - health_check_timeout: 3 - healthy_threshold_count: 4 - unhealthy_threshold_count: 3 - state: present - - - name: Delete a target group - community.aws.elb_target_group: - name: mytargetgroup - state: absent - - - name: Create a target group with instance targets - community.aws.elb_target_group: - name: mytargetgroup - protocol: http - port: 81 - vpc_id: vpc-01234567 - health_check_protocol: http - health_check_path: / - successful_response_codes: "200,250-260" - targets: - - Id: i-01234567 - Port: 80 - - Id: i-98765432 - Port: 80 - state: present - wait_timeout: 200 - wait: True - - - name: Create a target group with IP address targets - community.aws.elb_target_group: - name: mytargetgroup - protocol: http - port: 81 - vpc_id: vpc-01234567 - health_check_protocol: http - health_check_path: / - successful_response_codes: "200,250-260" - target_type: ip - targets: - - Id: 10.0.0.10 - Port: 80 - AvailabilityZone: all - - Id: 10.0.0.20 - Port: 80 - state: present - wait_timeout: 200 - wait: True - - # Using lambda as targets require that the target group - # itself is allow to invoke the lambda function. - # therefore you need first to create an empty target group - # to receive its arn, second, allow the target group - # to invoke the lambda function and third, add the target - # to the target group - - name: first, create empty target group - community.aws.elb_target_group: - name: my-lambda-targetgroup - target_type: lambda - state: present - modify_targets: False - register: out - - - name: second, allow invoke of the lambda - community.aws.lambda_policy: - state: "{{ state | default('present') }}" - function_name: my-lambda-function - statement_id: someID - action: lambda:InvokeFunction - principal: elasticloadbalancing.amazonaws.com - source_arn: "{{ out.target_group_arn }}" - - - name: third, add target - community.aws.elb_target_group: - name: my-lambda-targetgroup - target_type: lambda - state: present - targets: - - Id: arn:aws:lambda:eu-central-1:123456789012:function:my-lambda-function - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - deregistration_delay_timeout_seconds - -
    - integer -
    -     		when state present -
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    -
    -
    Sample:
    -
    300
    -
    -
    - health_check_interval_seconds - -
    - integer -
    -     		when state present -
    The approximate amount of time, in seconds, between health checks of an individual target.
    -
    -
    Sample:
    -
    30
    -
    -
    - health_check_path - -
    - string -
    -     		when state present -
    The destination for the health check request.
    -
    -
    Sample:
    -
    /index.html
    -
    -
    - health_check_port - -
    - string -
    -     		when state present -
    The port to use to connect with the target.
    -
    -
    Sample:
    -
    traffic-port
    -
    -
    - health_check_protocol - -
    - string -
    -     		when state present -
    The protocol to use to connect with the target.
    -
    -
    Sample:
    -
    HTTP
    -
    -
    - health_check_timeout_seconds - -
    - integer -
    -     		when state present -
    The amount of time, in seconds, during which no response means a failed health check.
    -
    -
    Sample:
    -
    5
    -
    -
    - healthy_threshold_count - -
    - integer -
    -     		when state present -
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    -
    -
    Sample:
    -
    5
    -
    -
    - load_balancer_arns - -
    - list -
    -     		when state present -
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    -
    -
    -
    - matcher - -
    - dictionary -
    -     		when state present -
    The HTTP codes to use when checking for a successful response from a target.
    -
    -
    Sample:
    -
    {'http_code': '200'}
    -
    -
    - port - -
    - integer -
    -     		when state present -
    The port on which the targets are listening.
    -
    -
    Sample:
    -
    80
    -
    -
    - protocol - -
    - string -
    -     		when state present -
    The protocol to use for routing traffic to the targets.
    -
    -
    Sample:
    -
    HTTP
    -
    -
    - stickiness_enabled - -
    - boolean -
    -     		when state present -
    Indicates whether sticky sessions are enabled.
    -
    -
    Sample:
    -
    True
    -
    -
    - stickiness_lb_cookie_duration_seconds - -
    - integer -
    -     		when state present -
    The time period, in seconds, during which requests from a client should be routed to the same target.
    -
    -
    Sample:
    -
    86400
    -
    -
    - stickiness_type - -
    - string -
    -     		when state present -
    The type of sticky sessions.
    -
    -
    Sample:
    -
    lb_cookie
    -
    -
    - tags - -
    - dictionary -
    -     		when state present -
    The tags attached to the target group.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    -
    -
    - target_group_arn - -
    - string -
    -     		when state present -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    -
    -
    - target_group_name - -
    - string -
    -     		when state present -
    The name of the target group.
    -
    -
    Sample:
    -
    mytargetgroup
    -
    -
    - unhealthy_threshold_count - -
    - integer -
    -     		when state present -
    The number of consecutive health check failures required before considering the target unhealthy.
    -
    -
    Sample:
    -
    2
    -
    -
    - vpc_id - -
    - string -
    -     		when state present -
    The ID of the VPC for the targets.
    -
    -
    Sample:
    -
    vpc-0123456
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target_group_info.rst b/docs/community.aws.elb_target_group_info.rst deleted file mode 100644 index 0d941faeac4..00000000000 --- a/docs/community.aws.elb_target_group_info.rst +++ /dev/null @@ -1,813 +0,0 @@ -:orphan: - -.. _community.aws.elb_target_group_info_module: - - -*********************************** -community.aws.elb_target_group_info -*********************************** - -**Gather information about ELB target groups in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about ELB target groups in AWS -- This module was called ``elb_target_group_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - collect_targets_health - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When set to "yes", output contains targets health description
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - load_balancer_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    - names - -
    - list -
    -     		- -
    The names of the target groups.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - target_group_arns - -
    - list -
    -     		- -
    The Amazon Resource Names (ARN) of the target groups.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Gather information about all target groups - community.aws.elb_target_group_info: - - - name: Gather information about the target group attached to a particular ELB - community.aws.elb_target_group_info: - load_balancer_arn: "arn:aws:elasticloadbalancing:ap-southeast-2:001122334455:loadbalancer/app/my-elb/aabbccddeeff" - - - name: Gather information about a target groups named 'tg1' and 'tg2' - community.aws.elb_target_group_info: - names: - - tg1 - - tg2 - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - target_groups - -
    - complex -
    -     		always -
    a list of target groups
    -
    -
      -
    - deregistration_delay_timeout_seconds - -
    - integer -
    -     		always -
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    -
    -
    Sample:
    -
    300
    -
      -
    - health_check_interval_seconds - -
    - integer -
    -     		always -
    The approximate amount of time, in seconds, between health checks of an individual target.
    -
    -
    Sample:
    -
    30
    -
      -
    - health_check_path - -
    - string -
    -     		always -
    The destination for the health check request.
    -
    -
    Sample:
    -
    /index.html
    -
      -
    - health_check_port - -
    - string -
    -     		always -
    The port to use to connect with the target.
    -
    -
    Sample:
    -
    traffic-port
    -
      -
    - health_check_protocol - -
    - string -
    -     		always -
    The protocol to use to connect with the target.
    -
    -
    Sample:
    -
    HTTP
    -
      -
    - health_check_timeout_seconds - -
    - integer -
    -     		always -
    The amount of time, in seconds, during which no response means a failed health check.
    -
    -
    Sample:
    -
    5
    -
      -
    - healthy_threshold_count - -
    - integer -
    -     		always -
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    -
    -
    Sample:
    -
    5
    -
      -
    - load_balancer_arns - -
    - list -
    -     		always -
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    -
    -
      -
    - matcher - -
    - dictionary -
    -     		always -
    The HTTP codes to use when checking for a successful response from a target.
    -
    -
    Sample:
    -
    {'http_code': '200'}
    -
      -
    - port - -
    - integer -
    -     		always -
    The port on which the targets are listening.
    -
    -
    Sample:
    -
    80
    -
      -
    - protocol - -
    - string -
    -     		always -
    The protocol to use for routing traffic to the targets.
    -
    -
    Sample:
    -
    HTTP
    -
      -
    - stickiness_enabled - -
    - boolean -
    -     		always -
    Indicates whether sticky sessions are enabled.
    -
    -
    Sample:
    -
    True
    -
      -
    - stickiness_lb_cookie_duration_seconds - -
    - integer -
    -     		always -
    Indicates whether sticky sessions are enabled.
    -
    -
    Sample:
    -
    86400
    -
      -
    - stickiness_type - -
    - string -
    -     		always -
    The type of sticky sessions.
    -
    -
    Sample:
    -
    lb_cookie
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    The tags attached to the target group.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    -
      -
    - target_group_arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    -
      -
    - target_group_name - -
    - string -
    -     		always -
    The name of the target group.
    -
    -
    Sample:
    -
    mytargetgroup
    -
      -
    - targets_health_description - -
    - complex -
    -     		when collect_targets_health is enabled -
    Targets health description.
    -
    -
       -
    - health_check_port - -
    - string -
    -     		always -
    The port to check target health.
    -
    -
    Sample:
    -
    80
    -
       -
    - target - -
    - complex -
    -     		always -
    The target metadata.
    -
    -
        -
    - id - -
    - string -
    -     		always -
    The ID of the target.
    -
    -
    Sample:
    -
    i-0123456789
    -
        -
    - port - -
    - integer -
    -     		always -
    The port to use to connect with the target.
    -
    -
    Sample:
    -
    80
    -
       -
    - target_health - -
    - complex -
    -     		always -
    The target health status.
    -
    -
        -
    - state - -
    - string -
    -     		always -
    The state of the target health.
    -
    -
    Sample:
    -
    healthy
    -
      -
    - unhealthy_threshold_count - -
    - integer -
    -     		always -
    The number of consecutive health check failures required before considering the target unhealthy.
    -
    -
    Sample:
    -
    2
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    The ID of the VPC for the targets.
    -
    -
    Sample:
    -
    vpc-0123456
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.elb_target_info.rst b/docs/community.aws.elb_target_info.rst deleted file mode 100644 index 7177a7ea2d8..00000000000 --- a/docs/community.aws.elb_target_info.rst +++ /dev/null @@ -1,578 +0,0 @@ -:orphan: - -.. _community.aws.elb_target_info_module: - - -***************************** -community.aws.elb_target_info -***************************** - -**Gathers which target groups a target is associated with.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module will search through every target group in a region to find which ones have registered a given instance ID or IP. -- This module was called ``elb_target_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - get_unused_target_groups - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to get target groups not used by any load balancers.
    -
    -
    - instance_id - -
    - string - / required
    -     		- -
    What instance ID to get information for.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # practical use case - dynamically de-registering and re-registering nodes - - - name: Get EC2 Metadata - amazon.aws.ec2_metadata_facts: - - - name: Get initial list of target groups - delegate_to: localhost - community.aws.elb_target_info: - instance_id: "{{ ansible_ec2_instance_id }}" - region: "{{ ansible_ec2_placement_region }}" - register: target_info - - - name: save fact for later - set_fact: - original_tgs: "{{ target_info.instance_target_groups }}" - - - name: Deregister instance from all target groups - delegate_to: localhost - community.aws.elb_target: - target_group_arn: "{{ item.0.target_group_arn }}" - target_port: "{{ item.1.target_port }}" - target_az: "{{ item.1.target_az }}" - target_id: "{{ item.1.target_id }}" - state: absent - target_status: "draining" - region: "{{ ansible_ec2_placement_region }}" - with_subelements: - - "{{ original_tgs }}" - - "targets" - - # This avoids having to wait for 'elb_target' to serially deregister each - # target group. An alternative would be to run all of the 'elb_target' - # tasks async and wait for them to finish. - - - name: wait for all targets to deregister simultaneously - delegate_to: localhost - community.aws.elb_target_info: - get_unused_target_groups: false - instance_id: "{{ ansible_ec2_instance_id }}" - region: "{{ ansible_ec2_placement_region }}" - register: target_info - until: (target_info.instance_target_groups | length) == 0 - retries: 60 - delay: 10 - - - name: reregister in elbv2s - community.aws.elb_target: - region: "{{ ansible_ec2_placement_region }}" - target_group_arn: "{{ item.0.target_group_arn }}" - target_port: "{{ item.1.target_port }}" - target_az: "{{ item.1.target_az }}" - target_id: "{{ item.1.target_id }}" - state: present - target_status: "initial" - with_subelements: - - "{{ original_tgs }}" - - "targets" - - # wait until all groups associated with this instance are 'healthy' or - # 'unused' - - name: wait for registration - community.aws.elb_target_info: - get_unused_target_groups: false - instance_id: "{{ ansible_ec2_instance_id }}" - region: "{{ ansible_ec2_placement_region }}" - register: target_info - until: (target_info.instance_target_groups | - map(attribute='targets') | - flatten | - map(attribute='target_health') | - rejectattr('state', 'equalto', 'healthy') | - rejectattr('state', 'equalto', 'unused') | - list | - length) == 0 - retries: 61 - delay: 10 - - # using the target groups to generate AWS CLI commands to reregister the - # instance - useful in case the playbook fails mid-run and manual - # rollback is required - - name: "reregistration commands: ELBv2s" - debug: - msg: > - aws --region {{ansible_ec2_placement_region}} elbv2 - register-targets --target-group-arn {{item.target_group_arn}} - --targets{%for target in item.targets%} - Id={{target.target_id}}, - Port={{target.target_port}}{%if target.target_az%},AvailabilityZone={{target.target_az}} - {%endif%} - {%endfor%} - loop: "{{target_info.instance_target_groups}}" - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - instance_target_groups - -
    - complex -
    -     		always -
    a list of target groups to which the instance is registered to
    -
    -
      -
    - target_group_arn - -
    - string -
    -     		always -
    The ARN of the target group
    -
    -
    Sample:
    -
    ['arn:aws:elasticloadbalancing:eu-west-1:111111111111:targetgroup/target-group/deadbeefdeadbeef']
    -
      -
    - target_group_type - -
    - string -
    -     		always -
    Which target type is used for this group
    -
    -
    Sample:
    -
    ['ip', 'instance']
    -
      -
    - targets - -
    - complex -
    -     		always -
    A list of targets that point to this instance ID
    -
    -
       -
    - target_az - -
    - string -
    -     		when an AZ is associated with this instance -
    which availability zone is explicitly associated with this target
    -
    -
    Sample:
    -
    ['us-west-2a']
    -
       -
    - target_health - -
    - complex -
    -     		always -
    The target health description.
    - -
    -
        -
    - description - -
    - string -
    -     		if state!=present -
    description of target health
    -
    -
    Sample:
    -
    ['Target desregistration is in progress']
    -
        -
    - reason - -
    - string -
    -     		if state!=healthy -
    reason code for target health
    -
    -
    Sample:
    -
    ['Target.Deregistration in progress']
    -
        -
    - state - -
    - string -
    -     		always -
    health state
    -
    -
    Sample:
    -
    ['healthy', 'draining', 'initial', 'unhealthy', 'unused', 'unavailable']
    -
       -
    - target_id - -
    - string -
    -     		always -
    the target ID referring to this instance
    -
    -
    Sample:
    -
    ['i-deadbeef', '1.2.3.4']
    -
       -
    - target_port - -
    - string -
    -     		always -
    which port this target is listening on
    -
    -
    Sample:
    -
    [80]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Yaakov Kuperman (@yaakov-github) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.execute_lambda.rst b/docs/community.aws.execute_lambda.rst deleted file mode 100644 index f277aa9c789..00000000000 --- a/docs/community.aws.execute_lambda.rst +++ /dev/null @@ -1,447 +0,0 @@ -:orphan: - -.. _community.aws.execute_lambda_module: - - -**************************** -community.aws.execute_lambda -**************************** - -**Execute an AWS Lambda function** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module executes AWS Lambda functions, allowing synchronous and asynchronous invocation. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - dry_run - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Do not *actually* invoke the function. A DryRun call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - function_arn - -
    - string -
    -     		- -
    The name of the function to be invoked
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use function_arn to specify the full ARN.
    -
    -
    - payload - -
    - dictionary -
    -     		- Default:
    {}
    -     		-
    A dictionary in any form to be provided as input to the Lambda function.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - tail_log - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If tail_log=yes, the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation wait=yes. This is usually used for development or testing Lambdas.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - version_qualifier - -
    - string -
    -     		- -
    Which version/alias of the function to run. This defaults to the LATEST revision, but can be set to any existing version or alias. See https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to wait for the function results or not. If wait=no the task will not return any results. To wait for the Lambda function to complete, set wait=yes and the result will be available in the output key.
    -
    -
    - - -Notes ------ - -.. note:: - - Async invocation will always return an empty ``output`` key. - - Synchronous invocation may result in a function timeout, resulting in an empty ``output`` key. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - community.aws.execute_lambda: - name: test-function - # the payload is automatically serialized and sent to the function - payload: - foo: bar - value: 8 - register: response - - # Test that you have sufficient permissions to execute a Lambda function in - # another account - - community.aws.execute_lambda: - function_arn: arn:aws:lambda:us-east-1:123456789012:function/some-function - dry_run: true - - - community.aws.execute_lambda: - name: test-function - payload: - foo: bar - value: 8 - wait: true - tail_log: true - register: response - # the response will have a `logs` key that will contain a log (up to 4KB) of the function execution in Lambda - - # Pass the Lambda event payload as a json file. - - community.aws.execute_lambda: - name: test-function - payload: "{{ lookup('file','lambda_event.json') }}" - register: response - - - community.aws.execute_lambda: - name: test-function - version_qualifier: PRODUCTION - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - logs - -
    - string -
    -     		if tail_log == true -
    The last 4KB of the function logs. Only provided if tail_log is true
    -
    -
    -
    - output - -
    - dictionary -
    -     		success -
    Function output if wait=true and the function returns a value
    -
    -
    Sample:
    -
    { 'output': 'something' }
    -
    -
    - status - -
    - integer -
    -     		always -
    StatusCode of API call exit (200 for synchronous invokes, 202 for async)
    -
    -
    Sample:
    -
    200
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ryan Scott Brown (@ryansb) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam.rst b/docs/community.aws.iam.rst deleted file mode 100644 index fd71bc0ffe7..00000000000 --- a/docs/community.aws.iam.rst +++ /dev/null @@ -1,568 +0,0 @@ -:orphan: - -.. _community.aws.iam_module: - - -***************** -community.aws.iam -***************** - -**Manage IAM users, groups, roles and keys** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for the management of IAM users, user API keys, groups, roles. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - access_key_ids - -
    - list -
    -     		- -
    A list of the keys that you want affected by the access_key_state parameter.
    -
    -
    - access_key_state - -
    - string -
    -     		-
      Choices: -
    • create
      • -
    • remove
      • -
    • active
      • -
    • inactive
      • -
    • Create
      • -
    • Remove
      • -
    • Active
      • -
    • Inactive
      • -
    -     		-
    When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - groups - -
    - list -
    -     		- -
    A list of groups the user should belong to. When state=update, will gracefully remove groups not listed.
    -
    -
    - iam_type - -
    - string - / required
    -     		-
      Choices: -
    • user
      • -
    • group
      • -
    • role
      • -
    -     		-
    Type of IAM resource.
    -
    -
    - key_count - -
    - integer -
    -     		- Default:
    1
    -     		-
    When access_key_state=create it will ensure this quantity of keys are present.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of IAM resource to create or identify.
    -
    -
    - new_name - -
    - string -
    -     		- -
    When state=update, will replace name with new_name on IAM resource.
    -
    -
    - new_path - -
    - string -
    -     		- -
    When state=update, will replace the path with new_path on the IAM resource.
    -
    -
    - password - -
    - string -
    -     		- -
    When type=user and either state=present or state=update, define the users login password.
    -
    Note that this will always return 'changed'.
    -
    -
    - path - -
    - string -
    -     		- Default:
    "/"
    -     		-
    When creating or updating, specify the desired path of the resource.
    -
    If state=present, it will replace the current path to match what is passed in when they do not match.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • update
      • -
    -     		-
    Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
    -
    -
    - trust_policy - -
    - dictionary -
    -     		- -
    The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role.
    -
    Mutually exclusive with trust_policy_filepath.
    -
    -
    - trust_policy_filepath - -
    - string -
    -     		- -
    The path to the trust policy document that grants an entity permission to assume the role.
    -
    Mutually exclusive with trust_policy.
    -
    -
    - update_password - -
    - string -
    -     		-
      Choices: -
    • always ←
      • -
    • on_create
      • -
    -     		-
    When to update user passwords.
    -
    update_password=always will ensure the password is set to password.
    -
    update_password=on_create will only set the password for newly created users.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - Currently boto does not support the removal of Managed Policies, the module will error out if your user/group/role has managed policies when you try to do state=absent. They will need to be removed manually. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Basic user creation example - - name: Create two new IAM users with API keys - community.aws.iam: - iam_type: user - name: "{{ item }}" - state: present - password: "{{ temp_pass }}" - access_key_state: create - loop: - - jcleese - - mpython - - # Advanced example, create two new groups and add the pre-existing user - # jdavila to both groups. - - name: Create Two Groups, Mario and Luigi - community.aws.iam: - iam_type: group - name: "{{ item }}" - state: present - loop: - - Mario - - Luigi - register: new_groups - - - name: Update user - community.aws.iam: - iam_type: user - name: jdavila - state: update - groups: "{{ item.created_group.group_name }}" - loop: "{{ new_groups.results }}" - - # Example of role with custom trust policy for Lambda service - - name: Create IAM role with custom trust relationship - community.aws.iam: - iam_type: role - name: AAALambdaTestRole - state: present - trust_policy: - Version: '2012-10-17' - Statement: - - Action: sts:AssumeRole - Effect: Allow - Principal: - Service: lambda.amazonaws.com - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - role_result - -
    - string -
    -     		if iam_type=role and state=present -
    the IAM.role dict returned by Boto
    -
    -
    Sample:
    -
    {'arn': 'arn:aws:iam::A1B2C3D4E5F6:role/my-new-role', 'assume_role_policy_document': '...truncated...', 'create_date': '2017-09-02T14:32:23Z', 'path': '/', 'role_id': 'AROAA1B2C3D4E5F6G7H8I', 'role_name': 'my-new-role'}
    -
    -
    - roles - -
    - list -
    -     		if iam_type=role and state=present -
    a list containing the name of the currently defined roles
    -
    -
    Sample:
    -
    ['my-new-role', 'my-existing-role-1', 'my-existing-role-2', 'my-existing-role-3', 'my-existing-role-...']
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jonathan I. Davila (@defionscode) -- Paul Seiffert (@seiffert) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_cert.rst b/docs/community.aws.iam_cert.rst deleted file mode 100644 index 6bb711c9382..00000000000 --- a/docs/community.aws.iam_cert.rst +++ /dev/null @@ -1,408 +0,0 @@ -:orphan: - -.. _community.aws.iam_cert_module: - - -********************** -community.aws.iam_cert -********************** - -**Manage server certificates for use on ELBs and CloudFront** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for the management of server certificates. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cert - -
    - string -
    -     		- -
    The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    -
    -
    - cert_chain - -
    - string -
    -     		- -
    The path to, or content of, the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - dup_ok - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    By default the module will not upload a certificate that is already uploaded into AWS.
    -
    If dup_ok=True, it will upload the certificate as long as the name is unique.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - key - -
    - string -
    -     		- -
    The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of certificate to add, update or remove.
    -
    -
    - new_name - -
    - string -
    -     		- -
    When state is present, this will update the name of the cert.
    -
    The cert, key and cert_chain parameters will be ignored if this is defined.
    -
    -
    - new_path - -
    - string -
    -     		- -
    When state is present, this will update the path of the cert.
    -
    The cert, key and cert_chain parameters will be ignored if this is defined.
    -
    -
    - path - -
    - string -
    -     		- Default:
    "/"
    -     		-
    When creating or updating, specify the desired path of the certificate.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Whether to create(or update) or delete the certificate.
    -
    If new_path or new_name is defined, specifying present will attempt to make an update these.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Basic server certificate upload from local file - community.aws.iam_cert: - name: very_ssl - state: present - cert: "{{ lookup('file', 'path/to/cert') }}" - key: "{{ lookup('file', 'path/to/key') }}" - cert_chain: "{{ lookup('file', 'path/to/certchain') }}" - - - name: Basic server certificate upload - community.aws.iam_cert: - name: very_ssl - state: present - cert: path/to/cert - key: path/to/key - cert_chain: path/to/certchain - - - name: Server certificate upload using key string - community.aws.iam_cert: - name: very_ssl - state: present - path: "/a/cert/path/" - cert: body_of_somecert - key: vault_body_of_privcertkey - cert_chain: body_of_myverytrustedchain - - - name: Basic rename of existing certificate - community.aws.iam_cert: - name: very_ssl - new_name: new_very_ssl - state: present - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Jonathan I. Davila (@defionscode) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_group.rst b/docs/community.aws.iam_group.rst deleted file mode 100644 index 5c93f298cca..00000000000 --- a/docs/community.aws.iam_group.rst +++ /dev/null @@ -1,635 +0,0 @@ -:orphan: - -.. _community.aws.iam_group_module: - - -*********************** -community.aws.iam_group -*********************** - -**Manage AWS IAM groups** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage AWS IAM groups. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - managed_policies - -
    - list - / elements=string
    -     		- -
    A list of managed policy ARNs or friendly names to attach to the role.
    -
    To embed an inline policy, use community.aws.iam_policy.
    -

    aliases: managed_policy
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the group to create.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_policies - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    -

    aliases: purge_policy, purge_managed_policies
    -
    -
    - purge_users - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When purge_users=true users which are not included in users will be detached.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or remove the IAM group.
    -
    -
    - users - -
    - list - / elements=string
    -     		- -
    A list of existing users to add as members of the group.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create a group - community.aws.iam_group: - name: testgroup1 - state: present - - - name: Create a group and attach a managed policy using its ARN - community.aws.iam_group: - name: testgroup1 - managed_policies: - - arn:aws:iam::aws:policy/AmazonSNSFullAccess - state: present - - - name: Create a group with users as members and attach a managed policy using its ARN - community.aws.iam_group: - name: testgroup1 - managed_policies: - - arn:aws:iam::aws:policy/AmazonSNSFullAccess - users: - - test_user1 - - test_user2 - state: present - - - name: Remove all managed policies from an existing group with an empty list - community.aws.iam_group: - name: testgroup1 - state: present - purge_policies: true - - - name: Remove all group members from an existing group - community.aws.iam_group: - name: testgroup1 - managed_policies: - - arn:aws:iam::aws:policy/AmazonSNSFullAccess - purge_users: true - state: present - - - name: Delete the group - community.aws.iam_group: - name: testgroup1 - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - iam_group - -
    - complex -
    -     		success -
    dictionary containing all the group information including group membership
    -
    -
      -
    - group - -
    - complex -
    -     		success -
    dictionary containing all the group information
    -
    -
       -
    - arn - -
    - string -
    -     		-
    the Amazon Resource Name (ARN) specifying the group
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:group/testgroup1
    -
       -
    - create_date - -
    - string -
    -     		-
    the date and time, in ISO 8601 date-time format, when the group was created
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    -
       -
    - group_id - -
    - string -
    -     		-
    the stable and unique string identifying the group
    -
    -
    Sample:
    -
    AGPAIDBWE12NSFINE55TM
    -
       -
    - group_name - -
    - string -
    -     		-
    the friendly name that identifies the group
    -
    -
    Sample:
    -
    testgroup1
    -
       -
    - path - -
    - string -
    -     		-
    the path to the group
    -
    -
    Sample:
    -
    /
    -
      -
    - users - -
    - complex -
    -     		success -
    list containing all the group members
    -
    -
       -
    - arn - -
    - string -
    -     		-
    the Amazon Resource Name (ARN) specifying the user
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:user/test_user1
    -
       -
    - create_date - -
    - string -
    -     		-
    the date and time, in ISO 8601 date-time format, when the user was created
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    -
       -
    - path - -
    - string -
    -     		-
    the path to the user
    -
    -
    Sample:
    -
    /
    -
       -
    - user_id - -
    - string -
    -     		-
    the stable and unique string identifying the user
    -
    -
    Sample:
    -
    AIDAIZTPY123YQRS22YU2
    -
       -
    - user_name - -
    - string -
    -     		-
    the friendly name that identifies the user
    -
    -
    Sample:
    -
    testgroup1
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Nick Aslanidis (@naslanidis) -- Maksym Postument (@infectsoldier) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_managed_policy.rst b/docs/community.aws.iam_managed_policy.rst deleted file mode 100644 index fe3a0002147..00000000000 --- a/docs/community.aws.iam_managed_policy.rst +++ /dev/null @@ -1,421 +0,0 @@ -:orphan: - -.. _community.aws.iam_managed_policy_module: - - -******************************** -community.aws.iam_managed_policy -******************************** - -**Manage User Managed IAM policies** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows creating and removing managed IAM policies - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - fail_on_delete - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The fail_on_delete option does nothing and will be removed after 2022-06-01
    -
    -
    - make_default - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Make this revision the default revision.
    -
    -
    - only_version - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Remove all other non default revisions, if this is used with make_default it will result in all other versions of this policy being deleted.
    -
    -
    - policy - -
    - json -
    -     		- -
    A properly json formatted policy
    -
    -
    - policy_description - -
    - string -
    -     		- Default:
    ""
    -     		-
    A helpful description of this policy, this value is immutable and only set when creating a new policy.
    -
    -
    - policy_name - -
    - string - / required
    -     		- -
    The name of the managed policy.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Create Policy ex nihilo - - name: Create IAM Managed Policy - community.aws.iam_managed_policy: - policy_name: "ManagedPolicy" - policy_description: "A Helpful managed policy" - policy: "{{ lookup('template', 'managed_policy.json.j2') }}" - state: present - - # Update a policy with a new default version - - name: Create IAM Managed Policy - community.aws.iam_managed_policy: - policy_name: "ManagedPolicy" - policy: "{{ lookup('file', 'managed_policy_update.json') }}" - state: present - - # Update a policy with a new non default version - - name: Create IAM Managed Policy - community.aws.iam_managed_policy: - policy_name: "ManagedPolicy" - policy: "{{ lookup('file', 'managed_policy_update.json') }}" - make_default: false - state: present - - # Update a policy and make it the only version and the default version - - name: Create IAM Managed Policy - community.aws.iam_managed_policy: - policy_name: "ManagedPolicy" - policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" - only_version: true - state: present - - # Remove a policy - - name: Create IAM Managed Policy - community.aws.iam_managed_policy: - policy_name: "ManagedPolicy" - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - policy - -
    - string -
    -     		success -
    Returns the policy json structure, when state == absent this will return the value of the removed policy.
    -
    -
    Sample:
    -
    { "arn": "arn:aws:iam::aws:policy/AdministratorAccess " "attachment_count": 0, "create_date": "2017-03-01T15:42:55.981000+00:00", "default_version_id": "v1", "is_attachable": true, "path": "/", "policy_id": "ANPALM4KLDMTFXGOOJIHL", "policy_name": "AdministratorAccess", "update_date": "2017-03-01T15:42:55.981000+00:00" }
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Dan Kozlowski (@dkhenry) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_mfa_device_info.rst b/docs/community.aws.iam_mfa_device_info.rst deleted file mode 100644 index bb838d5d866..00000000000 --- a/docs/community.aws.iam_mfa_device_info.rst +++ /dev/null @@ -1,293 +0,0 @@ -:orphan: - -.. _community.aws.iam_mfa_device_info_module: - - -********************************* -community.aws.iam_mfa_device_info -********************************* - -**List the MFA (Multi-Factor Authentication) devices registered for a user** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- List the MFA (Multi-Factor Authentication) devices registered for a user -- This module was called ``iam_mfa_device_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - user_name - -
    - string -
    -     		- -
    The name of the user whose MFA devices will be listed
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html - - name: List MFA devices - community.aws.iam_mfa_device_info: - register: mfa_devices - - # more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html - - name: Assume an existing role - community.aws.sts_assume_role: - mfa_serial_number: "{{ mfa_devices.mfa_devices[0].serial_number }}" - role_arn: "arn:aws:iam::123456789012:role/someRole" - role_session_name: "someRoleSession" - register: assumed_role - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - mfa_devices - -
    - list -
    -     		always -
    The MFA devices registered for the given user
    -
    -
    Sample:
    -
    [{'enable_date': '2016-03-11T23:25:36+00:00', 'serial_number': 'arn:aws:iam::085120003701:mfa/pwnall', 'user_name': 'pwnall'}, {'enable_date': '2016-03-11T23:25:37+00:00', 'serial_number': 'arn:aws:iam::085120003702:mfa/pwnall', 'user_name': 'pwnall'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Victor Costan (@pwnall) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_password_policy.rst b/docs/community.aws.iam_password_policy.rst deleted file mode 100644 index 68c4238d9dc..00000000000 --- a/docs/community.aws.iam_password_policy.rst +++ /dev/null @@ -1,429 +0,0 @@ -:orphan: - -.. _community.aws.iam_password_policy_module: - - -********************************* -community.aws.iam_password_policy -********************************* - -**Update an IAM Password Policy** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Module updates an IAM Password Policy on a given AWS account - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - allow_pw_change - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Allow users to change their password.
    -

    aliases: allow_password_change
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - min_pw_length - -
    - integer -
    -     		- Default:
    6
    -     		-
    Minimum password length.
    -

    aliases: minimum_password_length
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - pw_expire - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Prevents users from change an expired password.
    -

    aliases: password_expire, expire
    -
    -
    - pw_max_age - -
    - integer -
    -     		- Default:
    0
    -     		-
    Maximum age for a password in days. When this option is 0 then passwords do not expire automatically.
    -

    aliases: password_max_age
    -
    -
    - pw_reuse_prevent - -
    - integer -
    -     		- Default:
    0
    -     		-
    Prevent re-use of passwords.
    -

    aliases: password_reuse_prevent, prevent_reuse
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - require_lowercase - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require lowercase letters in password.
    -
    -
    - require_numbers - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require numbers in password.
    -
    -
    - require_symbols - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require symbols in password.
    -
    -
    - require_uppercase - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require uppercase letters in password.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies the overall state of the password policy.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Password policy for AWS account - community.aws.iam_password_policy: - state: present - min_pw_length: 8 - require_symbols: false - require_numbers: true - require_uppercase: true - require_lowercase: true - allow_pw_change: true - pw_max_age: 60 - pw_reuse_prevent: 5 - pw_expire: false - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Aaron Smith (@slapula) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_policy.rst b/docs/community.aws.iam_policy.rst deleted file mode 100644 index 2a70eab5c83..00000000000 --- a/docs/community.aws.iam_policy.rst +++ /dev/null @@ -1,396 +0,0 @@ -:orphan: - -.. _community.aws.iam_policy_module: - - -************************ -community.aws.iam_policy -************************ - -**Manage inline IAM policies for users, groups, and roles** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows uploading or removing inline IAM policies for IAM users, groups or roles. -- To administer managed policies please see :ref:`community.aws.iam_user `, :ref:`community.aws.iam_role `, :ref:`community.aws.iam_group ` and :ref:`community.aws.iam_managed_policy ` - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - iam_name - -
    - string - / required
    -     		- -
    Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
    -
    -
    - iam_type - -
    - string - / required
    -     		-
      Choices: -
    • user
      • -
    • group
      • -
    • role
      • -
    -     		-
    Type of IAM resource.
    -
    -
    - policy_document - -
    - string -
    -     		- -
    The path to the properly json formatted policy file.
    -
    Mutually exclusive with policy_json.
    -
    This option has been deprecated and will be removed in 2.14. The existing behavior can be reproduced by using the policy_json option and reading the file using the lookup plugin.
    -
    -
    - policy_json - -
    - json -
    -     		- -
    A properly json formatted policy as string.
    -
    Mutually exclusive with policy_document.
    - -
    -
    - policy_name - -
    - string - / required
    -     		- -
    The name label for the policy to create or remove.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - skip_duplicates - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When skip_duplicates=true the module looks for any policies that match the document you pass in. If there is a match it will not make a new policy object with the same rules.
    -
    The current default is true. However, this behavior can be confusing and as such the default will change to false in 2.14. To maintain the existing behavior explicitly set skip_duplicates=true.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create or delete the IAM policy.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Create a policy with the name of 'Admin' to the group 'administrators' - - name: Assign a policy called Admin to the administrators group - community.aws.iam_policy: - iam_type: group - iam_name: administrators - policy_name: Admin - state: present - policy_document: admin_policy.json - - # Advanced example, create two new groups and add a READ-ONLY policy to both - # groups. - - name: Create Two Groups, Mario and Luigi - community.aws.iam: - iam_type: group - name: "{{ item }}" - state: present - loop: - - Mario - - Luigi - register: new_groups - - - name: Apply READ-ONLY policy to new groups that have been recently created - community.aws.iam_policy: - iam_type: group - iam_name: "{{ item.created_group.group_name }}" - policy_name: "READ-ONLY" - policy_document: readonlypolicy.json - state: present - loop: "{{ new_groups.results }}" - - # Create a new S3 policy with prefix per user - - name: Create S3 policy from template - community.aws.iam_policy: - iam_type: user - iam_name: "{{ item.user }}" - policy_name: "s3_limited_access_{{ item.prefix }}" - state: present - policy_json: " {{ lookup( 'template', 's3_policy.json.j2') }} " - loop: - - user: s3_user - prefix: s3_user_prefix - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Jonathan I. Davila (@defionscode) -- Dennis Podkovyrin (@sbj-ss) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_policy_info.rst b/docs/community.aws.iam_policy_info.rst deleted file mode 100644 index 1a073988b5f..00000000000 --- a/docs/community.aws.iam_policy_info.rst +++ /dev/null @@ -1,383 +0,0 @@ -:orphan: - -.. _community.aws.iam_policy_info_module: - - -***************************** -community.aws.iam_policy_info -***************************** - -**Retrieve inline IAM policies for users, groups, and roles** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Supports fetching of inline IAM policies for IAM users, groups and roles. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - iam_name - -
    - string - / required
    -     		- -
    Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name.
    -
    -
    - iam_type - -
    - string - / required
    -     		-
      Choices: -
    • user
      • -
    • group
      • -
    • role
      • -
    -     		-
    Type of IAM resource you wish to retrieve inline policies for.
    -
    -
    - policy_name - -
    - string -
    -     		- -
    Name of a specific IAM inline policy you with to retrieve.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Describe all inline IAM policies on an IAM User - community.aws.iam_policy_info: - iam_type: user - iam_name: example_user - - - name: Describe a specific inline policy on an IAM Role - community.aws.iam_policy_info: - iam_type: role - iam_name: example_role - policy_name: example_policy - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - all_policy_names - -
    - list -
    -     		success -
    A list of names of all of the IAM inline policies on the queried object
    -
    -
    -
    - policies - -
    - complex -
    -     		success -
    A list containing the matching IAM inline policy names and their data
    -
    -
      -
    - policy_document - -
    - list -
    -     		success -
    The JSON document representing the inline IAM policy
    -
    -
      -
    - policy_name - -
    - string -
    -     		success -
    The Name of the inline policy
    -
    -
    -
    - policy_names - -
    - list -
    -     		success -
    A list of matching names of the IAM inline policies on the queried object
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Mark Chappell (@tremble) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_role.rst b/docs/community.aws.iam_role.rst deleted file mode 100644 index fc40c6cdefd..00000000000 --- a/docs/community.aws.iam_role.rst +++ /dev/null @@ -1,665 +0,0 @@ -:orphan: - -.. _community.aws.iam_role_module: - - -********************** -community.aws.iam_role -********************** - -**Manage AWS IAM roles** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage AWS IAM roles. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - assume_role_policy_document - -
    - json -
    -     		- -
    The trust relationship policy document that grants an entity permission to assume the role.
    -
    This parameter is required when state=present.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - boundary - -
    - string -
    -     		- -
    The ARN of an IAM managed policy to use to restrict the permissions this role can pass on to IAM roles/users that it creates.
    -
    Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
    -
    This is intended for roles/users that have permissions to create new IAM objects.
    - -
    Requires botocore 1.10.57 or above.
    -

    aliases: boundary_policy_arn
    -
    -
    - create_instance_profile - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Creates an IAM instance profile along with the role.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delete_instance_profile - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When delete_instance_profile=true and state=absent deleting a role will also delete the instance profile created with the same name as the role.
    -
    Only applies when state=absent.
    -
    -
    - description - -
    - string -
    -     		- -
    Provides a description of the role.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - managed_policies - -
    - list -
    -     		- -
    A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
    -
    To remove all policies set purge_polices=true and managed_policies=[None].
    -
    To embed an inline policy, use community.aws.iam_policy.
    -

    aliases: managed_policy
    -
    -
    - max_session_duration - -
    - integer -
    -     		- -
    The maximum duration (in seconds) of a session when assuming the role.
    -
    Valid values are between 1 and 12 hours (3600 and 43200 seconds).
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the role to create.
    -
    -
    - path - -
    - string -
    -     		- Default:
    "/"
    -     		-
    The path to the role. For more information about paths, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_policies - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    -
    By default purge_policies=true. In Ansible 2.14 this will be changed to purge_policies=false.
    -

    aliases: purge_policy, purge_managed_policies
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Remove tags not listed in tags when tags is specified.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove the IAM role.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Tag dict to apply to the queue.
    -
    Requires botocore 1.12.46 or above.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Create a role with description and tags - community.aws.iam_role: - name: mynewrole - assume_role_policy_document: "{{ lookup('file','policy.json') }}" - description: This is My New Role - tags: - env: dev - - - name: "Create a role and attach a managed policy called 'PowerUserAccess'" - community.aws.iam_role: - name: mynewrole - assume_role_policy_document: "{{ lookup('file','policy.json') }}" - managed_policies: - - arn:aws:iam::aws:policy/PowerUserAccess - - - name: Keep the role created above but remove all managed policies - community.aws.iam_role: - name: mynewrole - assume_role_policy_document: "{{ lookup('file','policy.json') }}" - managed_policies: [] - - - name: Delete the role - community.aws.iam_role: - name: mynewrole - assume_role_policy_document: "{{ lookup('file', 'policy.json') }}" - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - iam_role - -
    - complex -
    -     		success -
    dictionary containing the IAM Role data
    -
    -
      -
    - arn - -
    - string -
    -     		always -
    the Amazon Resource Name (ARN) specifying the role
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:role/mynewrole
    -
      -
    - assume_role_policy_document - -
    - string -
    -     		always -
    the policy that grants an entity permission to assume the role
    -
    -
    Sample:
    -
    {'statement': [{'action': 'sts:AssumeRole', 'effect': 'Allow', 'principal': {'service': 'ec2.amazonaws.com'}, 'sid': ''}], 'version': '2012-10-17'}
    -
      -
    - attached_policies - -
    - list -
    -     		always -
    a list of dicts containing the name and ARN of the managed IAM policies attached to the role
    -
    -
    Sample:
    -
    [{'policy_arn': 'arn:aws:iam::aws:policy/PowerUserAccess', 'policy_name': 'PowerUserAccess'}]
    -
      -
    - create_date - -
    - string -
    -     		always -
    the date and time, in ISO 8601 date-time format, when the role was created
    -
    -
    Sample:
    -
    2016-08-14T04:36:28+00:00
    -
      -
    - path - -
    - string -
    -     		always -
    the path to the role
    -
    -
    Sample:
    -
    /
    -
      -
    - role_id - -
    - string -
    -     		always -
    the stable and unique string identifying the role
    -
    -
    Sample:
    -
    ABCDEFF4EZ4ABCDEFV4ZC
    -
      -
    - role_name - -
    - string -
    -     		always -
    the friendly name that identifies the role
    -
    -
    Sample:
    -
    myrole
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    role tags
    -
    -
    Sample:
    -
    {"Env": "Prod"}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_role_info.rst b/docs/community.aws.iam_role_info.rst deleted file mode 100644 index aa131328e84..00000000000 --- a/docs/community.aws.iam_role_info.rst +++ /dev/null @@ -1,630 +0,0 @@ -:orphan: - -.. _community.aws.iam_role_info_module: - - -*************************** -community.aws.iam_role_info -*************************** - -**Gather information on IAM roles** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gathers information about IAM roles. -- This module was called ``iam_role_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    Name of a role to search for.
    -
    Mutually exclusive with path_prefix.
    -

    aliases: role_name
    -
    -
    - path_prefix - -
    - string -
    -     		- -
    Prefix of role to restrict IAM role search for.
    -
    Mutually exclusive with name.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: find all existing IAM roles - community.aws.iam_role_info: - register: result - - - name: describe a single role - community.aws.iam_role_info: - name: MyIAMRole - - - name: describe all roles matching a path prefix - community.aws.iam_role_info: - path_prefix: /application/path - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - iam_roles - -
    - complex -
    -     		always -
    List of IAM roles
    -
    -
      -
    - arn - -
    - string -
    -     		always -
    Amazon Resource Name for IAM role.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:role/AnsibleTestRole
    -
      -
    - assume_role_policy_document - -
    - string -
    -     		always -
    Policy Document describing what can assume the role.
    -
    -
      -
    - create_date - -
    - string -
    -     		always -
    Date IAM role was created.
    -
    -
    Sample:
    -
    2017-10-23T00:05:08+00:00
    -
      -
    - inline_policies - -
    - list -
    -     		always -
    List of names of inline policies.
    -
    -
      -
    - instance_profiles - -
    - complex -
    -     		always -
    List of attached instance profiles.
    -
    -
       -
    - arn - -
    - string -
    -     		always -
    Amazon Resource Name for the instance profile.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:instance-profile/AnsibleTestEC2Policy
    -
       -
    - create_date - -
    - string -
    -     		always -
    Date instance profile was created.
    -
    -
    Sample:
    -
    2017-10-23T00:05:08+00:00
    -
       -
    - instance_profile_id - -
    - string -
    -     		always -
    Amazon Identifier for the instance profile.
    -
    -
    Sample:
    -
    AROAII7ABCD123456EFGH
    -
       -
    - instance_profile_name - -
    - string -
    -     		always -
    Name of instance profile.
    -
    -
    Sample:
    -
    AnsibleTestEC2Policy
    -
       -
    - path - -
    - string -
    -     		always -
    Path of instance profile.
    -
    -
    Sample:
    -
    /
    -
       -
    - roles - -
    - list -
    -     		always -
    List of roles associated with this instance profile.
    -
    -
      -
    - managed_policies - -
    - complex -
    -     		always -
    List of attached managed policies.
    -
    -
       -
    - policy_arn - -
    - string -
    -     		always -
    Amazon Resource Name for the policy.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:policy/AnsibleTestEC2Policy
    -
       -
    - policy_name - -
    - string -
    -     		always -
    Name of managed policy.
    -
    -
    Sample:
    -
    AnsibleTestEC2Policy
    -
      -
    - path - -
    - string -
    -     		always -
    Path of role.
    -
    -
    Sample:
    -
    /
    -
      -
    - role_id - -
    - string -
    -     		always -
    Amazon Identifier for the role.
    -
    -
    Sample:
    -
    AROAII7ABCD123456EFGH
    -
      -
    - role_name - -
    - string -
    -     		always -
    Name of the role.
    -
    -
    Sample:
    -
    AnsibleTestRole
    -
      -
    - tags - -
    - dictionary -
    -     		always -
    Role tags.
    -
    -
    Sample:
    -
    {"Env": "Prod"}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_saml_federation.rst b/docs/community.aws.iam_saml_federation.rst deleted file mode 100644 index 1533912e7cf..00000000000 --- a/docs/community.aws.iam_saml_federation.rst +++ /dev/null @@ -1,402 +0,0 @@ -:orphan: - -.. _community.aws.iam_saml_federation_module: - - -********************************* -community.aws.iam_saml_federation -********************************* - -**Maintain IAM SAML federation configuration.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Provides a mechanism to manage AWS IAM SAML Identity Federation providers (create/update/delete metadata). - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the provider to create.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - saml_metadata_document - -
    - string -
    -     		- -
    The XML document generated by an identity provider (IdP) that supports SAML 2.0.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create or delete identity provider. If 'present' is specified it will attempt to update the identity provider matching the name field.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - # It is assumed that their matching environment variables are set. - # Creates a new iam saml identity provider if not present - - name: saml provider - community.aws.iam_saml_federation: - name: example1 - # the > below opens an indented block, so no escaping/quoting is needed when in the indentation level under this key - saml_metadata_document: > - ... - `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - saml_provider - -
    - complex -
    -     		present -
    Details of the SAML Identity Provider that was created/modified.
    -
    -
      -
    - arn - -
    - string -
    -     		present -
    The ARN of the identity provider.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:saml-provider/my_saml_provider
    -
      -
    - create_date - -
    - string -
    -     		present -
    The date and time when the SAML provider was created in ISO 8601 date-time format.
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    -
      -
    - expire_date - -
    - string -
    -     		present -
    The expiration date and time for the SAML provider in ISO 8601 date-time format.
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    -
      -
    - metadata_document - -
    - string -
    -     		present -
    The XML metadata document that includes information about an identity provider.
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Tony (@axc450) -- Aidan Rowe (@aidan-) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_server_certificate_info.rst b/docs/community.aws.iam_server_certificate_info.rst deleted file mode 100644 index 09500a81ca3..00000000000 --- a/docs/community.aws.iam_server_certificate_info.rst +++ /dev/null @@ -1,391 +0,0 @@ -:orphan: - -.. _community.aws.iam_server_certificate_info_module: - - -***************************************** -community.aws.iam_server_certificate_info -***************************************** - -**Retrieve the information of a server certificate** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Retrieve the attributes of a server certificate. -- This module was called ``iam_server_certificate_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the server certificate you are retrieving attributes for.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Retrieve server certificate - community.aws.iam_server_certificate_info: - name: production-cert - register: server_cert - - - name: Fail if the server certificate name was not found - community.aws.iam_server_certificate_info: - name: production-cert - register: server_cert - failed_when: "{{ server_cert.results | length == 0 }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - arn - -
    - string -
    -     		success -
    The Amazon resource name of the server certificate
    -
    -
    Sample:
    -
    arn:aws:iam::911277865346:server-certificate/server-cert-name
    -
    -
    - certificate_body - -
    - string -
    -     		success -
    The asn1der encoded PEM string
    -
    -
    Sample:
    -
    -----BEGIN CERTIFICATE----- bunch of random data -----END CERTIFICATE-----
    -
    -
    - expiration - -
    - string -
    -     		success -
    The date and time this server certificate will expire, in ISO 8601 format.
    -
    -
    Sample:
    -
    2017-06-15T12:00:00+00:00
    -
    -
    - path - -
    - string -
    -     		success -
    The path of the server certificate
    -
    -
    Sample:
    -
    /
    -
    -
    - server_certificate_id - -
    - string -
    -     		success -
    The 21 character certificate id
    -
    -
    Sample:
    -
    ADWAJXWTZAXIPIMQHMJPO
    -
    -
    - server_certificate_name - -
    - string -
    -     		success -
    The name of the server certificate
    -
    -
    Sample:
    -
    server-cert-name
    -
    -
    - upload_date - -
    - string -
    -     		success -
    The date and time this server certificate was uploaded, in ISO 8601 format.
    -
    -
    Sample:
    -
    2015-04-25T00:36:40+00:00
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Allen Sanabria (@linuxdynasty) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_user.rst b/docs/community.aws.iam_user.rst deleted file mode 100644 index ff064875f06..00000000000 --- a/docs/community.aws.iam_user.rst +++ /dev/null @@ -1,451 +0,0 @@ -:orphan: - -.. _community.aws.iam_user_module: - - -********************** -community.aws.iam_user -********************** - -**Manage AWS IAM users** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage AWS IAM users. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - managed_policies - -
    - list -
    -     		- -
    A list of managed policy ARNs or friendly names to attach to the user.
    -
    To embed an inline policy, use community.aws.iam_policy.
    -

    aliases: managed_policy
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the user to create.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_policies - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    -

    aliases: purge_policy, purge_managed_policies
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or remove the IAM user.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - # Note: This module does not allow management of groups that users belong to. - # Groups should manage their membership directly using `iam_group`, - # as users belong to them. - - - name: Create a user - community.aws.iam_user: - name: testuser1 - state: present - - - name: Create a user and attach a managed policy using its ARN - community.aws.iam_user: - name: testuser1 - managed_policies: - - arn:aws:iam::aws:policy/AmazonSNSFullAccess - state: present - - - name: Remove all managed policies from an existing user with an empty list - community.aws.iam_user: - name: testuser1 - state: present - purge_policies: true - - - name: Delete the user - community.aws.iam_user: - name: testuser1 - state: absent - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - user - -
    - complex -
    -     		success -
    dictionary containing all the user information
    -
    -
      -
    - arn - -
    - string -
    -     		-
    the Amazon Resource Name (ARN) specifying the user
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:user/testuser1
    -
      -
    - create_date - -
    - string -
    -     		-
    the date and time, in ISO 8601 date-time format, when the user was created
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    -
      -
    - path - -
    - string -
    -     		-
    the path to the user
    -
    -
    Sample:
    -
    /
    -
      -
    - user_id - -
    - string -
    -     		-
    the stable and unique string identifying the user
    -
    -
    Sample:
    -
    AGPAIDBWE12NSFINE55TM
    -
      -
    - user_name - -
    - string -
    -     		-
    the friendly name that identifies the user
    -
    -
    Sample:
    -
    testuser1
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Josh Souza (@joshsouza) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.iam_user_info.rst b/docs/community.aws.iam_user_info.rst deleted file mode 100644 index 7502298b913..00000000000 --- a/docs/community.aws.iam_user_info.rst +++ /dev/null @@ -1,433 +0,0 @@ -:orphan: - -.. _community.aws.iam_user_info_module: - - -*************************** -community.aws.iam_user_info -*************************** - -**Gather IAM user(s) facts in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module can be used to gather IAM user(s) facts in AWS. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - group - -
    - string -
    -     		- -
    The group name name of the IAM user to look for. Mutually exclusive with path.
    -
    -
    - name - -
    - string -
    -     		- -
    The name of the IAM user to look for.
    -
    -
    - path - -
    - string -
    -     		- Default:
    "/"
    -     		-
    The path to the IAM user. Mutually exclusive with group.
    -
    If specified, then would get all user names whose path starts with user provided value.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - # Gather facts about "test" user. - - name: Get IAM user facts - community.aws.iam_user_info: - name: "test" - - # Gather facts about all users in the "dev" group. - - name: Get IAM user facts - community.aws.iam_user_info: - group: "dev" - - # Gather facts about all users with "/division_abc/subdivision_xyz/" path. - - name: Get IAM user facts - community.aws.iam_user_info: - path: "/division_abc/subdivision_xyz/" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - iam_users - -
    - complex -
    -     		success -
    list of maching iam users
    -
    -
      -
    - arn - -
    - string -
    -     		if user exists -
    the ARN of the user
    -
    -
    Sample:
    -
    arn:aws:iam::156360693172:user/dev/test_user
    -
      -
    - create_date - -
    - string -
    -     		if user exists -
    the datetime user was created
    -
    -
    Sample:
    -
    2016-05-24T12:24:59+00:00
    -
      -
    - password_last_used - -
    - string -
    -     		if password was used at least once -
    the last datetime the password was used by user
    -
    -
    Sample:
    -
    2016-05-25T13:39:11+00:00
    -
      -
    - path - -
    - string -
    -     		if user exists -
    the path to user
    -
    -
    Sample:
    -
    /dev/
    -
      -
    - user_id - -
    - string -
    -     		if user exists -
    the unique user id
    -
    -
    Sample:
    -
    AIDUIOOCQKTUGI6QJLGH2
    -
      -
    - user_name - -
    - string -
    -     		if user exists -
    the user name
    -
    -
    Sample:
    -
    test_user
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Constantin Bugneac (@Constantin07) -- Abhijeet Kasurde (@Akasurde) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.kinesis_stream.rst b/docs/community.aws.kinesis_stream.rst deleted file mode 100644 index 288a44936f2..00000000000 --- a/docs/community.aws.kinesis_stream.rst +++ /dev/null @@ -1,572 +0,0 @@ -:orphan: - -.. _community.aws.kinesis_stream_module: - - -**************************** -community.aws.kinesis_stream -**************************** - -**Manage a Kinesis Stream.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create or Delete a Kinesis Stream. -- Update the retention period of a Kinesis Stream. -- Update Tags on a Kinesis Stream. -- Enable/disable server side encryption on a Kinesis Stream. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - encryption_state - -
    - string -
    -     		-
      Choices: -
    • enabled
      • -
    • disabled
      • -
    -     		-
    Enable or Disable encryption on the Kinesis Stream.
    -
    -
    - encryption_type - -
    - string -
    -     		-
      Choices: -
    • KMS
      • -
    • NONE
      • -
    -     		-
    The type of encryption.
    -
    Defaults to KMS
    -
    -
    - key_id - -
    - string -
    -     		- -
    The GUID or alias for the KMS key.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name of the Kinesis Stream you are managing.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - retention_period - -
    - integer -
    -     		- -
    The length of time (in hours) data records are accessible after they are added to the stream.
    -
    The default retention period is 24 hours and can not be less than 24 hours.
    -
    The maximum retention period is 168 hours.
    -
    The retention period can be modified during any point in time.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - shards - -
    - integer -
    -     		- -
    The number of shards you want to have with this stream.
    -
    This is required when state=present
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or Delete the Kinesis Stream.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.
    -

    aliases: resource_tags
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for operation to complete before returning.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    How many seconds to wait for an operation to complete before timing out.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Basic creation example: - - name: Set up Kinesis Stream with 10 shards and wait for the stream to become ACTIVE - community.aws.kinesis_stream: - name: test-stream - shards: 10 - wait: yes - wait_timeout: 600 - register: test_stream - - # Basic creation example with tags: - - name: Set up Kinesis Stream with 10 shards, tag the environment, and wait for the stream to become ACTIVE - community.aws.kinesis_stream: - name: test-stream - shards: 10 - tags: - Env: development - wait: yes - wait_timeout: 600 - register: test_stream - - # Basic creation example with tags and increase the retention period from the default 24 hours to 48 hours: - - name: Set up Kinesis Stream with 10 shards, tag the environment, increase the retention period and wait for the stream to become ACTIVE - community.aws.kinesis_stream: - name: test-stream - retention_period: 48 - shards: 10 - tags: - Env: development - wait: yes - wait_timeout: 600 - register: test_stream - - # Basic delete example: - - name: Delete Kinesis Stream test-stream and wait for it to finish deleting. - community.aws.kinesis_stream: - name: test-stream - state: absent - wait: yes - wait_timeout: 600 - register: test_stream - - # Basic enable encryption example: - - name: Encrypt Kinesis Stream test-stream. - community.aws.kinesis_stream: - name: test-stream - state: present - encryption_state: enabled - encryption_type: KMS - key_id: alias/aws/kinesis - wait: yes - wait_timeout: 600 - register: test_stream - - # Basic disable encryption example: - - name: Encrypt Kinesis Stream test-stream. - community.aws.kinesis_stream: - name: test-stream - state: present - encryption_state: disabled - encryption_type: KMS - key_id: alias/aws/kinesis - wait: yes - wait_timeout: 600 - register: test_stream - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - retention_period_hours - -
    - integer -
    -     		when state == present. -
    Number of hours messages will be kept for a Kinesis Stream.
    -
    -
    Sample:
    -
    24
    -
    -
    - stream_arn - -
    - string -
    -     		when state == present. -
    The amazon resource identifier
    -
    -
    Sample:
    -
    arn:aws:kinesis:east-side:123456789:stream/test-stream
    -
    -
    - stream_name - -
    - string -
    -     		when state == present. -
    The name of the Kinesis Stream.
    -
    -
    Sample:
    -
    test-stream
    -
    -
    - stream_status - -
    - string -
    -     		when state == present. -
    The current state of the Kinesis Stream.
    -
    -
    Sample:
    -
    ACTIVE
    -
    -
    - tags - -
    - dictionary -
    -     		when state == present. -
    Dictionary containing all the tags associated with the Kinesis stream.
    -
    -
    Sample:
    -
    {'Name': 'Splunk', 'Env': 'development'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Allen Sanabria (@linuxdynasty) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda.rst b/docs/community.aws.lambda.rst deleted file mode 100644 index 70d91ee084f..00000000000 --- a/docs/community.aws.lambda.rst +++ /dev/null @@ -1,620 +0,0 @@ -:orphan: - -.. _community.aws.lambda_module: - - -******************** -community.aws.lambda -******************** - -**Manage AWS Lambda functions** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Allows for the management of Lambda functions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - dead_letter_arn - -
    - string -
    -     		- -
    The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - environment_variables - -
    - dictionary -
    -     		- -
    A dictionary of environment variables the Lambda function is given.
    -
    -
    - handler - -
    - string -
    -     		- -
    The function within your code that Lambda calls to begin execution.
    -
    -
    - memory_size - -
    - integer -
    -     		- Default:
    128
    -     		-
    The amount of memory, in MB, your Lambda function is given.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name you want to assign to the function you are uploading. Cannot be changed.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.
    -
    Required when state=present.
    -
    -
    - runtime - -
    - string -
    -     		- -
    The runtime environment for the Lambda function you are uploading.
    -
    Required when creating a function. Uses parameters as described in boto3 docs.
    -
    Required when state=present.
    - -
    -
    - s3_bucket - -
    - string -
    -     		- -
    Amazon S3 bucket name where the .zip file containing your deployment package is stored.
    -
    If state=present then either zip_file or s3_bucket must be present.
    -
    s3_bucket and s3_key are required together.
    -
    -
    - s3_key - -
    - string -
    -     		- -
    The Amazon S3 object (the deployment package) key name you want to upload.
    -
    s3_bucket and s3_key are required together.
    -
    -
    - s3_object_version - -
    - string -
    -     		- -
    The Amazon S3 object (the deployment package) version you want to upload.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete Lambda function.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    tag dict to apply to the function (requires botocore 1.5.40 or above).
    -
    -
    - timeout - -
    - integer -
    -     		- Default:
    3
    -     		-
    The function maximum execution time in seconds after which Lambda should terminate the function.
    -
    -
    - tracing_mode - -
    - string -
    -     		-
      Choices: -
    • Active
      • -
    • PassThrough
      • -
    -     		-
    Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_security_group_ids - -
    - list - / elements=string
    -     		- -
    List of VPC security group IDs to associate with the Lambda function.
    -
    Required when vpc_subnet_ids is used.
    -
    -
    - vpc_subnet_ids - -
    - list - / elements=string
    -     		- -
    List of subnet IDs to run Lambda function in.
    -
    Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
    -
    If set, vpc_security_group_ids must also be set.
    -
    -
    - zip_file - -
    - string -
    -     		- -
    A .zip file containing your deployment package
    -
    If state=present then either zip_file or s3_bucket must be present.
    -

    aliases: src
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Create Lambda functions - - name: looped creation - community.aws.lambda: - name: '{{ item.name }}' - state: present - zip_file: '{{ item.zip_file }}' - runtime: 'python2.7' - role: 'arn:aws:iam::987654321012:role/lambda_basic_execution' - handler: 'hello_python.my_handler' - vpc_subnet_ids: - - subnet-123abcde - - subnet-edcba321 - vpc_security_group_ids: - - sg-123abcde - - sg-edcba321 - environment_variables: '{{ item.env_vars }}' - tags: - key1: 'value1' - loop: - - name: HelloWorld - zip_file: hello-code.zip - env_vars: - key1: "first" - key2: "second" - - name: ByeBye - zip_file: bye-code.zip - env_vars: - key1: "1" - key2: "2" - - # To remove previously added tags pass an empty dict - - name: remove tags - community.aws.lambda: - name: 'Lambda function' - state: present - zip_file: 'code.zip' - runtime: 'python2.7' - role: 'arn:aws:iam::987654321012:role/lambda_basic_execution' - handler: 'hello_python.my_handler' - tags: {} - - # Basic Lambda function deletion - - name: Delete Lambda functions HelloWorld and ByeBye - community.aws.lambda: - name: '{{ item }}' - state: absent - loop: - - HelloWorld - - ByeBye - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - code - -
    - dictionary -
    -     		success -
    the lambda function location returned by get_function in boto3
    -
    -
    Sample:
    -
    {'location': 'a presigned S3 URL', 'repository_type': 'S3'}
    -
    -
    - configuration - -
    - dictionary -
    -     		success -
    the lambda function metadata returned by get_function in boto3
    -
    -
    Sample:
    -
    {'code_sha256': 'zOAGfF5JLFuzZoSNirUtOrQp+S341IOA3BcoXXoaIaU=', 'code_size': 123, 'description': 'My function', 'environment': {'variables': {'key': 'value'}}, 'function_arn': 'arn:aws:lambda:us-east-1:123456789012:function:myFunction:1', 'function_name': 'myFunction', 'handler': 'index.handler', 'last_modified': '2017-08-01T00:00:00.000+0000', 'memory_size': 128, 'revision_id': 'a2x9886d-d48a-4a0c-ab64-82abc005x80c', 'role': 'arn:aws:iam::123456789012:role/lambda_basic_execution', 'runtime': 'nodejs6.10', 'tracing_config': {'mode': 'Active'}, 'timeout': 3, 'version': '1', 'vpc_config': {'security_group_ids': [], 'subnet_ids': [], 'vpc_id': '123'}}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Steyn Huizinga (@steynovich) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_alias.rst b/docs/community.aws.lambda_alias.rst deleted file mode 100644 index 1eadc88000c..00000000000 --- a/docs/community.aws.lambda_alias.rst +++ /dev/null @@ -1,454 +0,0 @@ -:orphan: - -.. _community.aws.lambda_alias_module: - - -************************** -community.aws.lambda_alias -************************** - -**Creates, updates or deletes AWS Lambda function aliases** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Lambda functions aliases via the Ansible framework. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.lambda ` to manage the lambda function itself and :ref:`community.aws.lambda_event ` to manage event source mappings. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    A short, user-defined function alias description.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - function_name - -
    - string - / required
    -     		- -
    The name of the function alias.
    -
    -
    - function_version - -
    - integer -
    -     		- -
    Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
    -

    aliases: version
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the function alias.
    -

    aliases: alias_name
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - # Simple example to create a lambda function and publish a version - - hosts: localhost - gather_facts: no - vars: - state: present - project_folder: /path/to/deployment/package - deployment_package: lambda.zip - account: 123456789012 - production_version: 5 - tasks: - - name: AWS Lambda Function - lambda: - state: "{{ state | default('present') }}" - name: myLambdaFunction - publish: True - description: lambda function description - code_s3_bucket: package-bucket - code_s3_key: "lambda/{{ deployment_package }}" - local_path: "{{ project_folder }}/{{ deployment_package }}" - runtime: python2.7 - timeout: 5 - handler: lambda.handler - memory_size: 128 - role: "arn:aws:iam::{{ account }}:role/API2LambdaExecRole" - - - name: Get information - lambda_info: - name: myLambdaFunction - register: lambda_info - - name: show results - debug: - msg: "{{ lambda_info['lambda_facts'] }}" - - # The following will set the Dev alias to the latest version ($LATEST) since version is omitted (or = 0) - - name: "alias 'Dev' for function {{ lambda_info.lambda_facts.FunctionName }} " - community.aws.lambda_alias: - state: "{{ state | default('present') }}" - function_name: "{{ lambda_info.lambda_facts.FunctionName }}" - name: Dev - description: Development is $LATEST version - - # The QA alias will only be created when a new version is published (i.e. not = '$LATEST') - - name: "alias 'QA' for function {{ lambda_info.lambda_facts.FunctionName }} " - community.aws.lambda_alias: - state: "{{ state | default('present') }}" - function_name: "{{ lambda_info.lambda_facts.FunctionName }}" - name: QA - version: "{{ lambda_info.lambda_facts.Version }}" - description: "QA is version {{ lambda_info.lambda_facts.Version }}" - when: lambda_info.lambda_facts.Version != "$LATEST" - - # The Prod alias will have a fixed version based on a variable - - name: "alias 'Prod' for function {{ lambda_info.lambda_facts.FunctionName }} " - community.aws.lambda_alias: - state: "{{ state | default('present') }}" - function_name: "{{ lambda_info.lambda_facts.FunctionName }}" - name: Prod - version: "{{ production_version }}" - description: "Production is version {{ production_version }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - alias_arn - -
    - string -
    -     		success -
    Full ARN of the function, including the alias
    -
    -
    Sample:
    -
    arn:aws:lambda:us-west-2:123456789012:function:myFunction:dev
    -
    -
    - description - -
    - string -
    -     		success -
    A short description of the alias
    -
    -
    Sample:
    -
    The development stage for my hot new app
    -
    -
    - function_version - -
    - string -
    -     		success -
    The qualifier that the alias refers to
    -
    -
    Sample:
    -
    $LATEST
    -
    -
    - name - -
    - string -
    -     		success -
    The name of the alias assigned
    -
    -
    Sample:
    -
    dev
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Pierre Jodouin (@pjodouin), Ryan Scott Brown (@ryansb) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_event.rst b/docs/community.aws.lambda_event.rst deleted file mode 100644 index fb2bb7cda88..00000000000 --- a/docs/community.aws.lambda_event.rst +++ /dev/null @@ -1,456 +0,0 @@ -:orphan: - -.. _community.aws.lambda_event_module: - - -************************** -community.aws.lambda_event -************************** - -**Creates, updates or deletes AWS Lambda function event mappings** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Lambda function event source mappings such as DynamoDB and Kinesis stream events via the Ansible framework. These event source mappings are relevant only in the AWS Lambda pull model, where AWS Lambda invokes the function. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.lambda ` to manage the lambda function itself and :ref:`community.aws.lambda_alias ` to manage function aliases. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - alias - -
    - string -
    -     		- -
    Name of the function alias.
    -
    Mutually exclusive with version.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - event_source - -
    - string -
    -     		-
      Choices: -
    • stream ←
      • -
    • sqs
      • -
    -     		-
    Source of the event that triggers the lambda function.
    -
    For DynamoDB and Kinesis events, select stream
    -
    For SQS queues, select sqs
    -
    -
    - lambda_function_arn - -
    - string - / required
    -     		- -
    The name or ARN of the lambda function.
    -

    aliases: function_name, function_arn
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - source_params - -
    - dictionary - / required
    -     		- -
    Sub-parameters required for event source.
    -
    -
    - batch_size - -
    - integer -
    -     		- Default:
    100
    -     		-
    The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
    -
    -
    - enabled - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    - Default:
    "true."
    -     		-
    Indicates whether AWS Lambda should begin polling or readin from the event source.
    -
    -
    - source_arn - -
    - string - / required
    -     		- -
    The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
    -
    -
    - starting_position - -
    - string -
    -     		-
      Choices: -
    • TRIM_HORIZON
      • -
    • LATEST
      • -
    -     		-
    The position in the stream where AWS Lambda should start reading.
    -
    Required when event_source=stream.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - version - -
    - integer -
    -     		- -
    Version of the Lambda function.
    -
    Mutually exclusive with alias.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Example that creates a lambda event notification for a DynamoDB stream - - name: DynamoDB stream event mapping - community.aws.lambda_event: - state: present - event_source: stream - function_name: "{{ function_name }}" - alias: Dev - source_params: - source_arn: arn:aws:dynamodb:us-east-1:123456789012:table/tableName/stream/2016-03-19T19:51:37.457 - enabled: True - batch_size: 100 - starting_position: TRIM_HORIZON - register: event - - - name: Show source event - debug: - var: event.lambda_stream_events - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - lambda_stream_events - -
    - list -
    -     		success -
    list of dictionaries returned by the API describing stream event mappings
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Pierre Jodouin (@pjodouin), Ryan Brown (@ryansb) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_facts.rst b/docs/community.aws.lambda_facts.rst deleted file mode 100644 index 5549a6799ea..00000000000 --- a/docs/community.aws.lambda_facts.rst +++ /dev/null @@ -1,378 +0,0 @@ -:orphan: - -.. _community.aws.lambda_facts_module: - - -************************** -community.aws.lambda_facts -************************** - -**Gathers AWS Lambda function details as Ansible facts** - - - -.. contents:: - :local: - :depth: 1 - -DEPRECATED ----------- -:Removed in collection release after 2021-12-01 -:Why: Deprecated in favour of ``_info`` module. -:Alternative: Use :ref:`community.aws.lambda_info ` instead. - - - -Synopsis --------- -- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_event ` to manage lambda event source mappings. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - event_source_arn - -
    - string -
    -     		- -
    For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    -
    -
    - function_name - -
    - string -
    -     		- -
    The name of the lambda function for which facts are requested.
    -

    aliases: function, name
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - query - -
    - string -
    -     		-
      Choices: -
    • aliases
      • -
    • all ←
      • -
    • config
      • -
    • mappings
      • -
    • policy
      • -
    • versions
      • -
    -     		-
    Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - # Simple example of listing all info for a function - - name: List all for a specific function - community.aws.lambda_facts: - query: all - function_name: myFunction - register: my_function_details - - # List all versions of a function - - name: List function versions - community.aws.lambda_facts: - query: versions - function_name: myFunction - register: my_function_versions - - # List all lambda function versions - - name: List all function - community.aws.lambda_facts: - query: all - max_items: 20 - - name: show Lambda facts - debug: - var: lambda_facts - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - lambda_facts - -
    - dictionary -
    -     		success -
    lambda facts
    -
    -
    -
    - lambda_facts.function - -
    - dictionary -
    -     		success -
    lambda function list
    -
    -
    -
    - lambda_facts.function.TheName - -
    - dictionary -
    -     		success -
    lambda function information, including event, mapping, and version information
    -
    -
    -

    - - -Status ------- - - -- This module will be removed in version . *[deprecated]* -- For more information see `DEPRECATED`_. - - -Authors -~~~~~~~ - -- Pierre Jodouin (@pjodouin) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_info.rst b/docs/community.aws.lambda_info.rst deleted file mode 100644 index 17fc6e9f302..00000000000 --- a/docs/community.aws.lambda_info.rst +++ /dev/null @@ -1,352 +0,0 @@ -:orphan: - -.. _community.aws.lambda_info_module: - - -************************* -community.aws.lambda_info -************************* - -**Gathers AWS Lambda function details** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gathers various details related to Lambda functions, including aliases, versions and event source mappings. -- Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_event ` to manage lambda event source mappings. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - event_source_arn - -
    - string -
    -     		- -
    When query=mappings, this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    -
    -
    - function_name - -
    - string -
    -     		- -
    The name of the lambda function for which information is requested.
    -

    aliases: function, name
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - query - -
    - string -
    -     		-
      Choices: -
    • aliases
      • -
    • all ←
      • -
    • config
      • -
    • mappings
      • -
    • policy
      • -
    • versions
      • -
    -     		-
    Specifies the resource type for which to gather information. Leave blank to retrieve all information.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - # Simple example of listing all info for a function - - name: List all for a specific function - community.aws.lambda_info: - query: all - function_name: myFunction - register: my_function_details - # List all versions of a function - - name: List function versions - community.aws.lambda_info: - query: versions - function_name: myFunction - register: my_function_versions - # List all lambda function versions - - name: List all function - community.aws.lambda_info: - query: all - max_items: 20 - register: output - - name: show Lambda information - debug: - msg: "{{ output['function'] }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - function - -
    - dictionary -
    -     		success -
    lambda function list
    -
    -
    -
    - function.TheName - -
    - dictionary -
    -     		success -
    lambda function information, including event, mapping, and version information
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Pierre Jodouin (@pjodouin) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lambda_policy.rst b/docs/community.aws.lambda_policy.rst deleted file mode 100644 index f534779edc4..00000000000 --- a/docs/community.aws.lambda_policy.rst +++ /dev/null @@ -1,439 +0,0 @@ -:orphan: - -.. _community.aws.lambda_policy_module: - - -*************************** -community.aws.lambda_policy -*************************** - -**Creates, updates or deletes AWS Lambda policy statements.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Lambda policy statements. -- It is idempotent and supports "Check" mode. -- Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases, :ref:`community.aws.lambda_event ` to manage event source mappings such as Kinesis streams, :ref:`community.aws.execute_lambda ` to execute a lambda function and :ref:`community.aws.lambda_info ` to gather information relating to one or more lambda functions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - action - -
    - string - / required
    -     		- -
    The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:*) to grant permission for all AWS Lambda actions.
    -
    -
    - alias - -
    - string -
    -     		- -
    Name of the function alias. Mutually exclusive with version.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - event_source_token - -
    - string -
    -     		- -
    Token string representing source ARN or account. Mutually exclusive with source_arn or source_account.
    -
    -
    - function_name - -
    - string - / required
    -     		- -
    Name of the Lambda function whose resource policy you are updating by adding a new permission.
    -
    You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the
    -
    function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to
    -
    specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the
    -
    ARN. If you specify only the function name, it is limited to 64 character in length.
    -

    aliases: lambda_function_arn, function_arn
    -
    -
    - principal - -
    - string - / required
    -     		- -
    The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - source_account - -
    - string -
    -     		- -
    The AWS account ID (without a hyphen) of the source owner. For example, if source_arn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the source_arn ) owned by a specific account.
    -
    -
    - source_arn - -
    - string -
    -     		- -
    This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - statement_id - -
    - string - / required
    -     		- -
    A unique statement identifier.
    -

    aliases: sid
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - version - -
    - integer -
    -     		- -
    Version of the Lambda function. Mutually exclusive with alias.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - - name: Lambda S3 event notification - community.aws.lambda_policy: - state: present - function_name: functionName - alias: Dev - statement_id: lambda-s3-myBucket-create-data-log - action: lambda:InvokeFunction - principal: s3.amazonaws.com - source_arn: arn:aws:s3:eu-central-1:123456789012:bucketName - source_account: 123456789012 - register: lambda_policy_action - - - name: show results - debug: - var: lambda_policy_action - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - lambda_policy_action - -
    - string -
    -     		success -
    describes what action was taken
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Pierre Jodouin (@pjodouin) -- Michael De La Rue (@mikedlr) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.lightsail.rst b/docs/community.aws.lightsail.rst deleted file mode 100644 index efcff58e801..00000000000 --- a/docs/community.aws.lightsail.rst +++ /dev/null @@ -1,454 +0,0 @@ -:orphan: - -.. _community.aws.lightsail_module: - - -*********************** -community.aws.lightsail -*********************** - -**Manage instances in AWS Lightsail** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage instances in AWS Lightsail. -- Instance tagging is not yet supported in this module. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - blueprint_id - -
    - string -
    -     		- -
    ID of the instance blueprint image.
    -
    Required when state=present
    -
    -
    - bundle_id - -
    - string -
    -     		- -
    Bundle of specification info for the instance.
    -
    Required when state=present.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - key_pair_name - -
    - string -
    -     		- -
    Name of the key pair to use with the instance.
    -
    If state=present and a key_pair_name is not provided, the default keypair from the region will be used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the instance.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • running
      • -
    • restarted
      • -
    • rebooted
      • -
    • stopped
      • -
    -     		-
    Indicate desired state of the target.
    -
    rebooted and restarted are aliases.
    -
    -
    - user_data - -
    - string -
    -     		- -
    Launch script that can configure the instance with additional data.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for the instance to be in state 'running' before returning.
    -
    If wait=false an ip_address may not be returned.
    -
    Has no effect when state=rebooted or state=absent.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    How long before wait gives up, in seconds.
    -
    -
    - zone - -
    - string -
    -     		- -
    AWS availability zone in which to launch the instance.
    -
    Required when state=present
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a new Lightsail instance - community.aws.lightsail: - state: present - name: my_instance - region: us-east-1 - zone: us-east-1a - blueprint_id: ubuntu_16_04 - bundle_id: nano_1_0 - key_pair_name: id_rsa - user_data: " echo 'hello world' > /home/ubuntu/test.txt" - register: my_instance - - - name: Delete an instance - community.aws.lightsail: - state: absent - region: us-east-1 - name: my_instance - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    if a snapshot has been modified/created
    -
    -
    Sample:
    -
    {'changed': True}
    -
    -
    - instance - -
    - dictionary -
    -     		always -
    instance data
    -
    -
    Sample:
    -
    {'arn': 'arn:aws:lightsail:us-east-1:448830907657:Instance/1fef0175-d6c8-480e-84fa-214f969cda87', 'blueprint_id': 'ubuntu_16_04', 'blueprint_name': 'Ubuntu', 'bundle_id': 'nano_1_0', 'created_at': '2017-03-27T08:38:59.714000-04:00', 'hardware': {'cpu_count': 1, 'ram_size_in_gb': 0.5}, 'is_static_ip': False, 'location': {'availability_zone': 'us-east-1a', 'region_name': 'us-east-1'}, 'name': 'my_instance', 'networking': {'monthly_transfer': {'gb_per_month_allocated': 1024}, 'ports': [{'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 80, 'protocol': 'tcp', 'to_port': 80}, {'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 22, 'protocol': 'tcp', 'to_port': 22}]}, 'private_ip_address': '172.26.8.14', 'public_ip_address': '34.207.152.202', 'resource_type': 'Instance', 'ssh_key_name': 'keypair', 'state': {'code': 16, 'name': 'running'}, 'support_code': '588307843083/i-0997c97831ee21e33', 'username': 'ubuntu'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Nick Ball (@nickball) -- Prasad Katti (@prasadkatti) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds.rst b/docs/community.aws.rds.rst deleted file mode 100644 index 97f2528550e..00000000000 --- a/docs/community.aws.rds.rst +++ /dev/null @@ -1,1684 +0,0 @@ -:orphan: - -.. _community.aws.rds_module: - - -***************** -community.aws.rds -***************** - -**create, delete, or modify Amazon rds instances, rds snapshots, and related facts** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, deletes, or modifies rds resources. -- When creating an instance it can be either a new instance or a read-only replica of an existing instance. -- This module has a dependency on python-boto >= 2.5 and will soon be deprecated. -- The 'promote' command requires boto >= 2.18.0. Certain features such as tags rely on boto.rds2 (boto >= 2.26.0). -- Please use boto3 based :ref:`community.aws.rds_instance ` instead. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - apply_immediately - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When apply_immediately=trye, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
    -
    Used only when command=modify.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - backup_retention - -
    - string -
    -     		- -
    Number of days backups are retained.
    -
    Set to 0 to disable backups.
    -
    Default is 1 day.
    -
    Valid range: 0-35.
    -
    Used only when command=create or command=modify.
    -
    -
    - backup_window - -
    - string -
    -     		- -
    Backup window in format of hh24:mi-hh24:mi. (Example: 18:00-20:30)
    -
    Times are specified in UTC.
    -
    If not specified then a random backup window is assigned.
    -
    Used only when command=create or command=modify.
    -
    -
    - character_set_name - -
    - string -
    -     		- -
    Associate the DB instance with a specified character set.
    -
    Used with command=create.
    -
    -
    - command - -
    - string - / required
    -     		-
      Choices: -
    • create
      • -
    • replicate
      • -
    • delete
      • -
    • facts
      • -
    • modify
      • -
    • promote
      • -
    • snapshot
      • -
    • reboot
      • -
    • restore
      • -
    -     		-
    Specifies the action to take. The 'reboot' option is available starting at version 2.0.
    -
    -
    - db_engine - -
    - string -
    -     		-
      Choices: -
    • mariadb
      • -
    • MySQL
      • -
    • oracle-se1
      • -
    • oracle-se2
      • -
    • oracle-se
      • -
    • oracle-ee
      • -
    • sqlserver-ee
      • -
    • sqlserver-se
      • -
    • sqlserver-ex
      • -
    • sqlserver-web
      • -
    • postgres
      • -
    • aurora
      • -
    -     		-
    The type of database.
    -
    Used only when command=create.
    -
    mariadb was added in version 2.2.
    -
    -
    - db_name - -
    - string -
    -     		- -
    Name of a database to create within the instance.
    -
    If not specified then no database is created.
    -
    Used only when command=create.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - engine_version - -
    - string -
    -     		- -
    Version number of the database engine to use.
    -
    If not specified then the current Amazon RDS default engine version is used
    -
    Used only when command=create.
    -
    -
    - force_failover - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If enabled, the reboot is done using a MultiAZ failover.
    -
    Used only when command=reboot.
    -
    -
    - instance_name - -
    - string -
    -     		- -
    Database instance identifier.
    -
    Required except when using command=facts or command=delete on just a snapshot.
    -
    -
    - instance_type - -
    - string -
    -     		- -
    The instance type of the database.
    -
    If not specified then the replica inherits the same instance type as the source instance.
    -
    Required when command=create.
    -
    Optional when command=replicate, command=modify or command=restore.
    -

    aliases: type
    -
    -
    - iops - -
    - string -
    -     		- -
    Specifies the number of IOPS for the instance.
    -
    Used only when command=create or command=modify.
    -
    Must be an integer greater than 1000.
    -
    -
    - license_model - -
    - string -
    -     		-
      Choices: -
    • license-included
      • -
    • bring-your-own-license
      • -
    • general-public-license
      • -
    • postgresql-license
      • -
    -     		-
    The license model for this DB instance.
    -
    Used only when command=create or command=restore.
    -
    -
    - maint_window - -
    - string -
    -     		- -
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    -
    Times are specified in UTC.
    -
    If not specified then a random maintenance window is assigned.
    -
    Used only when command=create or command=modify.
    -
    -
    - multi_zone - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies if this is a Multi-availability-zone deployment.
    -
    Can not be used in conjunction with zone parameter.
    -
    Used only when command=create or command=modify.
    -
    -
    - new_instance_name - -
    - string -
    -     		- -
    Name to rename an instance to.
    -
    Used only when command=modify.
    -
    -
    - option_group - -
    - string -
    -     		- -
    The name of the option group to use.
    -
    If not specified then the default option group is used.
    -
    Used only when command=create.
    -
    -
    - parameter_group - -
    - string -
    -     		- -
    Name of the DB parameter group to associate with this instance.
    -
    If omitted then the RDS default DBParameterGroup will be used.
    -
    Used only when command=create or command=modify.
    -
    -
    - password - -
    - string -
    -     		- -
    Password for the master database username.
    -
    Used only when command=create or command=modify.
    -
    -
    - port - -
    - integer -
    -     		- -
    Port number that the DB instance uses for connections.
    -
    Used only when command=create or command=replicate.
    -
    Defaults to the standard ports for each db_engine: 3306 for MySQL and MariaDB, 1521 for Oracle 1433 for SQL Server, 5432 for PostgreSQL.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - publicly_accessible - -
    - string -
    -     		- -
    Explicitly set whether the resource should be publicly accessible or not.
    -
    Used with command=create, command=replicate.
    -
    Requires boto >= 2.26.0
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_groups - -
    - string -
    -     		- -
    Comma separated list of one or more security groups.
    -
    Used only when command=create or command=modify.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - size - -
    - string -
    -     		- -
    Size in gigabytes of the initial storage for the DB instance.
    -
    Used only when command=create or command=modify.
    -
    -
    - snapshot - -
    - string -
    -     		- -
    Name of snapshot to take.
    -
    When command=delete, if no snapshot name is provided then no snapshot is taken.
    -
    When command=delete, if no instance_name is provided the snapshot is deleted.
    -
    Used with command=facts, command=delete or command=snapshot.
    -
    -
    - source_instance - -
    - string -
    -     		- -
    Name of the database to replicate.
    -
    Used only when command=replicate.
    -
    -
    - subnet - -
    - string -
    -     		- -
    VPC subnet group.
    -
    If specified then a VPC instance is created.
    -
    Used only when command=create.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    tags dict to apply to a resource.
    -
    Used with command=create, command=replicate, command=restore.
    -
    Requires boto >= 2.26.0
    -
    -
    - upgrade - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates that minor version upgrades should be applied automatically.
    -
    Used only when command=create or command=modify or command=restore or command=replicate.
    -
    -
    - username - -
    - string -
    -     		- -
    Master database username.
    -
    Used only when command=create.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_security_groups - -
    - list - / elements=string
    -     		- -
    Comma separated list of one or more vpc security group ids.
    -
    Also requires subnet to be specified.
    -
    Used only when command=create or command=modify.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When command=create, replicate, modify or restore then wait for the database to enter the 'available' state.
    -
    When command=delete, wait for the database to be terminated.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    How long before wait gives up, in seconds.
    -
    Used when wait=true.
    -
    -
    - zone - -
    - string -
    -     		- -
    availability zone in which to launch the instance.
    -
    Used only when command=create, command=replicate or command=restore.
    -
    Can not be used in conjunction with multi_zone parameter.
    -

    aliases: aws_zone, ec2_zone
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Basic mysql provisioning example - community.aws.rds: - command: create - instance_name: new-database - db_engine: MySQL - size: 10 - instance_type: db.m1.small - username: mysql_admin - password: 1nsecure - tags: - Environment: testing - Application: cms - - - name: Create a read-only replica and wait for it to become available - community.aws.rds: - command: replicate - instance_name: new-database-replica - source_instance: new_database - wait: yes - wait_timeout: 600 - - - name: Delete an instance, but create a snapshot before doing so - community.aws.rds: - command: delete - instance_name: new-database - snapshot: new_database_snapshot - - - name: Get facts about an instance - community.aws.rds: - command: facts - instance_name: new-database - register: new_database_facts - - - name: Rename an instance and wait for the change to take effect - community.aws.rds: - command: modify - instance_name: new-database - new_instance_name: renamed-database - wait: yes - - - name: Reboot an instance and wait for it to become available again - community.aws.rds: - command: reboot - instance_name: database - wait: yes - - # Restore a Postgres db instance from a snapshot, wait for it to become available again, and - # then modify it to add your security group. Also, display the new endpoint. - # Note that the "publicly_accessible" option is allowed here just as it is in the AWS CLI - - community.aws.rds: - command: restore - snapshot: mypostgres-snapshot - instance_name: MyNewInstanceName - region: us-west-2 - zone: us-west-2b - subnet: default-vpc-xx441xxx - publicly_accessible: yes - wait: yes - wait_timeout: 600 - tags: - Name: pg1_test_name_tag - register: rds - - - community.aws.rds: - command: modify - instance_name: MyNewInstanceName - region: us-west-2 - vpc_security_groups: sg-xxx945xx - - - debug: - msg: "The new db endpoint is {{ rds.instance.endpoint }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - instance - -
    - complex -
    -     		always -
    the rds instance
    -
    -
      -
    - allocated_storage - -
    - string -
    -     		when RDS instance exists -
    the allocated storage size in gigabytes (GB)
    -
    -
    Sample:
    -
    100
    -
      -
    - auto_minor_version_upgrade - -
    - boolean -
    -     		when RDS instance exists -
    indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window
    -
    -
    Sample:
    -
    true
    -
      -
    - backup_window - -
    - string -
    -     		when RDS instance exists and automated backups are enabled -
    the daily time range during which automated backups are created if automated backups are enabled
    -
    -
    Sample:
    -
    03:00-03:30
    -
      -
    - character_set_name - -
    - string -
    -     		when RDS instance exists -
    the name of the character set that this instance is associated with
    -
    -
    Sample:
    -
    AL32UTF8
    -
      -
    - db_name - -
    - string -
    -     		when RDS instance exists -
    the name of the database to create when the DB instance is created
    -
    -
    Sample:
    -
    ASERTG
    -
      -
    - db_subnet_groups - -
    - complex -
    -     		when RDS instance exists -
    information on the subnet group associated with this RDS instance
    -
    -
       -
    - description - -
    - string -
    -     		when RDS instance exists -
    the subnet group associated with the DB instance
    -
    -
    Sample:
    -
    Subnets for the UAT RDS SQL DB Instance
    -
       -
    - name - -
    - string -
    -     		when RDS instance exists -
    the name of the DB subnet group
    -
    -
    Sample:
    -
    samplesubnetgrouprds-j6paiqkxqp4z
    -
       -
    - status - -
    - string -
    -     		when RDS instance exists -
    the status of the DB subnet group
    -
    -
    Sample:
    -
    complete
    -
       -
    - subnets - -
    - complex -
    -     		when RDS instance exists -
    the description of the DB subnet group
    -
    -
        -
    - availability_zone - -
    - complex -
    -     		when RDS instance exists -
    subnet availability zone information
    -
    -
         -
    - name - -
    - string -
    -     		when RDS instance exists -
    availability zone
    -
    -
    Sample:
    -
    eu-west-1b
    -
         -
    - provisioned_iops_capable - -
    - boolean -
    -     		when RDS instance exists -
    whether provisioned iops are available in AZ subnet
    -
    -
    Sample:
    -
    false
    -
        -
    - identifier - -
    - string -
    -     		when RDS instance exists -
    the identifier of the subnet
    -
    -
    Sample:
    -
    subnet-3fdba63e
    -
        -
    - status - -
    - string -
    -     		when RDS instance exists -
    the status of the subnet
    -
    -
    Sample:
    -
    active
    -
      -
    - endpoint - -
    - string -
    -     		when RDS instance exists -
    the endpoint uri of the database instance
    -
    -
    Sample:
    -
    my-ansible-database.asdfaosdgih.us-east-1.rds.amazonaws.com
    -
      -
    - engine - -
    - string -
    -     		when RDS instance exists -
    the name of the database engine
    -
    -
    Sample:
    -
    oracle-se
    -
      -
    - engine_version - -
    - string -
    -     		when RDS instance exists -
    the version of the database engine
    -
    -
    Sample:
    -
    11.2.0.4.v6
    -
      -
    - latest_restorable_time - -
    - string -
    -     		when RDS instance exists -
    the latest time to which a database can be restored with point-in-time restore
    -
    -
    Sample:
    -
    1489707802.0
    -
      -
    - license_model - -
    - string -
    -     		when RDS instance exists -
    the license model information
    -
    -
    Sample:
    -
    bring-your-own-license
    -
      -
    - option_groups - -
    - complex -
    -     		when RDS instance exists -
    the list of option group memberships for this RDS instance
    -
    -
       -
    - option_group_name - -
    - string -
    -     		when RDS instance exists -
    the option group name for this RDS instance
    -
    -
    Sample:
    -
    default:oracle-se-11-2
    -
       -
    - status - -
    - string -
    -     		when RDS instance exists -
    the status of the RDS instance's option group membership
    -
    -
    Sample:
    -
    in-sync
    -
      -
    - parameter_groups - -
    - complex -
    -     		when RDS instance exists and parameter groups are defined -
    the list of DB parameter groups applied to this RDS instance
    -
    -
       -
    - parameter_apply_status - -
    - string -
    -     		when RDS instance exists -
    the status of parameter updates
    -
    -
    Sample:
    -
    in-sync
    -
       -
    - parameter_group_name - -
    - string -
    -     		when RDS instance exists -
    the name of the DP parameter group
    -
    -
    Sample:
    -
    testawsrpprodb01spfile-1ujg7nrs7sgyz
    -
      -
    - pending_modified_values - -
    - complex -
    -     		when RDS instance exists -
    a dictionary of changes to the RDS instance that are pending
    -
    -
       -
    - allocated_storage - -
    - string -
    -     		when RDS instance exists -
    the new allocated storage size for this RDS instance that will be applied or is in progress
    -
    -
    Sample:
    -
    null
    -
       -
    - backup_retention_period - -
    - string -
    -     		when RDS instance exists -
    the pending number of days for which automated backups are retained
    -
    -
    Sample:
    -
    null
    -
       -
    - db_instance_class - -
    - string -
    -     		when RDS instance exists -
    the new DB instance class for this RDS instance that will be applied or is in progress
    -
    -
    Sample:
    -
    null
    -
       -
    - db_instance_identifier - -
    - string -
    -     		when RDS instance exists -
    the new DB instance identifier this RDS instance that will be applied or is in progress
    -
    -
    Sample:
    -
    null
    -
       -
    - engine_version - -
    - string -
    -     		when RDS instance exists -
    indicates the database engine version
    -
    -
    Sample:
    -
    null
    -
       -
    - iops - -
    - string -
    -     		when RDS instance exists -
    the new provisioned IOPS value for this RDS instance that will be applied or is being applied
    -
    -
    Sample:
    -
    null
    -
       -
    - master_user_password - -
    - string -
    -     		when RDS instance exists -
    the pending or in-progress change of the master credentials for this RDS instance
    -
    -
    Sample:
    -
    null
    -
       -
    - multi_az - -
    - string -
    -     		when RDS instance exists -
    indicates that the single-AZ RDS instance is to change to a multi-AZ deployment
    -
    -
    Sample:
    -
    null
    -
       -
    - port - -
    - string -
    -     		when RDS instance exists -
    specifies the pending port for this RDS instance
    -
    -
    Sample:
    -
    null
    -
      -
    - port - -
    - integer -
    -     		when RDS instance exists -
    the listening port of the database instance
    -
    -
    Sample:
    -
    3306
    -
      -
    - publicly_accessible - -
    - boolean -
    -     		when RDS instance exists -
    the accessibility options for the DB instance
    -
    -
    Sample:
    -
    true
    -
      -
    - read_replica_source_dbinstance_identifier - -
    - string -
    -     		when read replica RDS instance exists -
    the identifier of the source DB instance if this RDS instance is a read replica
    -
    -
    Sample:
    -
    null
    -
      -
    - secondary_availability_zone - -
    - string -
    -     		when RDS instance exists and is multy-AZ -
    the name of the secondary AZ for a DB instance with multi-AZ support
    -
    -
    Sample:
    -
    eu-west-1b
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Bruce Pennypacker (@bpennypacker) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_instance.rst b/docs/community.aws.rds_instance.rst deleted file mode 100644 index 4909d1bb915..00000000000 --- a/docs/community.aws.rds_instance.rst +++ /dev/null @@ -1,2435 +0,0 @@ -:orphan: - -.. _community.aws.rds_instance_module: - - -************************** -community.aws.rds_instance -************************** - -**Manage RDS instances** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, modify, and delete RDS instances. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.5.0 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - allocated_storage - -
    - integer -
    -     		- -
    The amount of storage (in gibibytes) to allocate for the DB instance.
    -
    -
    - allow_major_version_upgrade - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to allow major version upgrades.
    -
    -
    - apply_immediately - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    A value that specifies whether modifying a cluster with new_db_instance_identifier and master_user_password should be applied as soon as possible, regardless of the preferred_maintenance_window setting. If false, changes are applied during the next maintenance window.
    -
    -
    - auto_minor_version_upgrade - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether minor version upgrades are applied automatically to the DB instance during the maintenance window.
    -
    -
    - availability_zone - -
    - string -
    -     		- -
    A list of EC2 Availability Zones that instances in the DB cluster can be created in. May be used when creating a cluster or when restoring from S3 or a snapshot. Mutually exclusive with multi_az.
    -

    aliases: az, zone
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - backup_retention_period - -
    - integer -
    -     		- -
    The number of days for which automated backups are retained (must be greater or equal to 1). May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    -
    -
    - ca_certificate_identifier - -
    - string -
    -     		- -
    The identifier of the CA certificate for the DB instance.
    -
    -
    - character_set_name - -
    - string -
    -     		- -
    The character set to associate with the DB cluster.
    -
    -
    - copy_tags_to_snapshot - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to copy all tags from the DB instance to snapshots of the instance. When initially creating a DB instance the RDS API defaults this to false if unspecified.
    -
    -
    - creation_source - -
    - string -
    -     		-
      Choices: -
    • snapshot
      • -
    • s3
      • -
    • instance
      • -
    -     		-
    Which source to use if restoring from a template (an existing instance, S3 bucket, or snapshot).
    -
    -
    - db_cluster_identifier - -
    - string -
    -     		- -
    The DB cluster (lowercase) identifier to add the aurora DB instance to. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    -

    aliases: cluster_id
    -
    -
    - db_instance_class - -
    - string -
    -     		- -
    The compute and memory capacity of the DB instance, for example db.t2.micro.
    -

    aliases: class, instance_type
    -
    -
    - db_instance_identifier - -
    - string - / required
    -     		- -
    The DB instance (lowercase) identifier. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    -

    aliases: instance_id, id
    -
    -
    - db_name - -
    - string -
    -     		- -
    The name for your database. If a name is not provided Amazon RDS will not create a database.
    -
    -
    - db_parameter_group_name - -
    - string -
    -     		- -
    The name of the DB parameter group to associate with this DB instance. When creating the DB instance if this argument is omitted the default DBParameterGroup for the specified engine is used.
    -
    -
    - db_security_groups - -
    - list -
    -     		- -
    (EC2-Classic platform) A list of DB security groups to associate with this DB instance.
    -
    -
    - db_snapshot_identifier - -
    - string -
    -     		- -
    The identifier for the DB snapshot to restore from if using creation_source=snapshot.
    -
    -
    - db_subnet_group_name - -
    - string -
    -     		- -
    The DB subnet group name to use for the DB instance.
    -

    aliases: subnet_group
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - domain - -
    - string -
    -     		- -
    The Active Directory Domain to restore the instance in.
    -
    -
    - domain_iam_role_name - -
    - string -
    -     		- -
    The name of the IAM role to be used when making API calls to the Directory Service.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - enable_cloudwatch_logs_exports - -
    - list -
    -     		- -
    A list of log types that need to be enabled for exporting to CloudWatch Logs.
    -

    aliases: cloudwatch_log_exports
    -
    -
    - enable_iam_database_authentication - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. If this option is omitted when creating the cluster, Amazon RDS sets this to False.
    -
    -
    - enable_performance_insights - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to enable Performance Insights for the DB instance.
    -
    -
    - engine - -
    - string -
    -     		- -
    The name of the database engine to be used for this DB instance. This is required to create an instance. Valid choices are aurora | aurora-mysql | aurora-postgresql | mariadb | mysql | oracle-ee | oracle-se | oracle-se1 | oracle-se2 | postgres | sqlserver-ee | sqlserver-ex | sqlserver-se | sqlserver-web
    -
    -
    - engine_version - -
    - string -
    -     		- -
    The version number of the database engine to use. For Aurora MySQL that could be 5.6.10a , 5.7.12. Aurora PostgreSQL example, 9.6.3
    -
    -
    - final_db_snapshot_identifier - -
    - string -
    -     		- -
    The DB instance snapshot identifier of the new DB instance snapshot created when skip_final_snapshot is false.
    -

    aliases: final_snapshot_identifier
    -
    -
    - force_failover - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Set to true to conduct the reboot through a MultiAZ failover.
    -
    -
    - force_update_password - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Set to True to update your cluster password with master_user_password. Since comparing passwords to determine if it needs to be updated is not possible this is set to False by default to allow idempotence.
    -
    -
    - iops - -
    - integer -
    -     		- -
    The Provisioned IOPS (I/O operations per second) value. Is only set when using storage_type is set to io1.
    -
    -
    - kms_key_id - -
    - string -
    -     		- -
    The ARN of the AWS KMS key identifier for an encrypted DB instance. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
    -
    If storage_encrypted is true and and this option is not provided, the default encryption key is used.
    -
    -
    - license_model - -
    - string -
    -     		- -
    The license model for the DB instance.
    -
    Several options are license-included, bring-your-own-license, and general-public-license.
    -
    This option can also be omitted to default to an accepted value.
    -
    -
    - master_user_password - -
    - string -
    -     		- -
    An 8-41 character password for the master database user. The password can contain any printable ASCII character except "/", """, or "@". To modify the password use force_password_update. Use apply immediately to change the password immediately, otherwise it is updated during the next maintenance window.
    -

    aliases: password
    -
    -
    - master_username - -
    - string -
    -     		- -
    The name of the master user for the DB cluster. Must be 1-16 letters or numbers and begin with a letter.
    -

    aliases: username
    -
    -
    - max_allocated_storage - -
    - integer -
    -     		- -
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    -
    -
    - monitoring_interval - -
    - integer -
    -     		- -
    The interval, in seconds, when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting metrics, specify 0. Amazon RDS defaults this to 0 if omitted when initially creating a DB instance.
    -
    -
    - monitoring_role_arn - -
    - string -
    -     		- -
    The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
    -
    -
    - multi_az - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies if the DB instance is a Multi-AZ deployment. Mutually exclusive with availability_zone.
    -
    -
    - new_db_instance_identifier - -
    - string -
    -     		- -
    The new DB cluster (lowercase) identifier for the DB cluster when renaming a DB instance. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens. Use apply_immediately to rename immediately, otherwise it is updated during the next maintenance window.
    -

    aliases: new_instance_id, new_id
    -
    -
    - option_group_name - -
    - string -
    -     		- -
    The option group to associate with the DB instance.
    -
    -
    - performance_insights_kms_key_id - -
    - string -
    -     		- -
    The AWS KMS key identifier (ARN, name, or alias) for encryption of Performance Insights data.
    -
    -
    - performance_insights_retention_period - -
    - integer -
    -     		- -
    The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731.
    -
    -
    - port - -
    - integer -
    -     		- -
    The port number on which the instances accept connections.
    -
    -
    - preferred_backup_window - -
    - string -
    -     		- -
    The daily time range (in UTC) of at least 30 minutes, during which automated backups are created if automated backups are enabled using backup_retention_period. The option must be in the format of "hh24:mi-hh24:mi" and not conflict with preferred_maintenance_window.
    -

    aliases: backup_window
    -
    -
    - preferred_maintenance_window - -
    - string -
    -     		- -
    The weekly time range (in UTC) of at least 30 minutes, during which system maintenance can occur. The option must be in the format "ddd:hh24:mi-ddd:hh24:mi" where ddd is one of Mon, Tue, Wed, Thu, Fri, Sat, Sun.
    -

    aliases: maintenance_window
    -
    -
    - processor_features - -
    - dictionary -
    -     		- -
    A dictionary of Name, Value pairs to indicate the number of CPU cores and the number of threads per core for the DB instance class of the DB instance. Names are threadsPerCore and coreCount. Set this option to an empty dictionary to use the default processor features.
    -
    -
    - coreCount - -
    - - -
    -     		- -
    The number of CPU cores
    -
    -
    - threadsPerCore - -
    - - -
    -     		- -
    The number of threads per core
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - promotion_tier - -
    - string -
    -     		- -
    An integer that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
    -
    -
    - publicly_accessible - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
    -
    -
    - purge_cloudwatch_logs_exports - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Set to False to retain any enabled cloudwatch logs that aren't specified in the task and are associated with the instance.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Set to False to retain any tags that aren't specified in task and are associated with the instance.
    -
    -
    - read_replica - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Set to False to promote a read replica cluster or true to create one. When creating a read replica creation_source should be set to 'instance' or not provided. source_db_instance_identifier must be provided with this option.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - restore_time - -
    - string -
    -     		- -
    If using creation_source=instance this indicates the UTC date and time to restore from the source instance. For example, "2009-09-07T23:45:00Z".
    -
    May alternatively set use_latest_restore_time=True.
    -
    Only one of use_latest_restorable_time and restore_time may be provided.
    -
    -
    - s3_bucket_name - -
    - string -
    -     		- -
    The name of the Amazon S3 bucket that contains the data used to create the Amazon DB instance.
    -
    -
    - s3_ingestion_role_arn - -
    - string -
    -     		- -
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.
    -
    -
    - s3_prefix - -
    - string -
    -     		- -
    The prefix for all of the file names that contain the data used to create the Amazon DB instance. If you do not specify a SourceS3Prefix value, then the Amazon DB instance is created by using all of the files in the Amazon S3 bucket.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - skip_final_snapshot - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether a final DB cluster snapshot is created before the DB cluster is deleted. If this is false final_db_snapshot_identifier must be provided.
    -
    -
    - snapshot_identifier - -
    - string -
    -     		- -
    The ARN of the DB snapshot to restore from when using creation_source=snapshot.
    -
    -
    - source_db_instance_identifier - -
    - string -
    -     		- -
    The identifier or ARN of the source DB instance from which to restore when creating a read replica or spinning up a point-in-time DB instance using creation_source=instance. If the source DB is not in the same region this should be an ARN.
    -
    -
    - source_engine - -
    - string -
    -     		-
      Choices: -
    • mysql
      • -
    -     		-
    The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.
    -
    -
    - source_engine_version - -
    - string -
    -     		- -
    The version of the database that the backup files were created from.
    -
    -
    - source_region - -
    - string -
    -     		- -
    The region of the DB instance from which the replica is created.
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • terminated
      • -
    • running
      • -
    • started
      • -
    • stopped
      • -
    • rebooted
      • -
    • restarted
      • -
    -     		-
    Whether the snapshot should exist or not. rebooted is not idempotent and will leave the DB instance in a running state and start it prior to rebooting if it was stopped. present will leave the DB instance in the current running/stopped state, (running if creating the DB instance).
    -
    state=running and state=started are synonyms, as are state=rebooted and state=restarted. Note - rebooting the instance is not idempotent.
    -
    -
    - storage_encrypted - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the DB instance is encrypted.
    -
    -
    - storage_type - -
    - string -
    -     		-
      Choices: -
    • standard
      • -
    • gp2
      • -
    • io1
      • -
    -     		-
    The storage type to be associated with the DB instance. storage_type does not apply to Aurora DB instances.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary of key value pairs to assign the DB cluster.
    -
    -
    - tde_credential_arn - -
    - string -
    -     		- -
    The ARN from the key store with which to associate the instance for Transparent Data Encryption. This is supported by Oracle or SQL Server DB instances and may be used in conjunction with storage_encrypted though it might slightly affect the performance of your database.
    -

    aliases: transparent_data_encryption_arn
    -
    -
    - tde_credential_password - -
    - string -
    -     		- -
    The password for the given ARN from the key store in order to access the device.
    -

    aliases: transparent_data_encryption_password
    -
    -
    - timezone - -
    - string -
    -     		- -
    The time zone of the DB instance.
    -
    -
    - use_latest_restorable_time - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to restore the DB instance to the latest restorable backup time.
    -
    Only one of use_latest_restorable_time and restore_time may be provided.
    -

    aliases: restore_from_latest
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_security_group_ids - -
    - list -
    -     		- -
    A list of EC2 VPC security groups to associate with the DB cluster.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to wait for the cluster to be available, stopped, or deleted. At a later time a wait_timeout option may be added. Following each API call to create/modify/delete the instance a waiter is used with a 60 second delay 30 times until the instance reaches the expected state (available/stopped/deleted). The total task time may also be influenced by AWSRetry which helps stabilize if the instance is in an invalid state to operate on to begin with (such as if you try to stop it when it is in the process of rebooting). If setting this to False task retries and delays may make your playbook execution better handle timeouts for major modifications.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - name: create minimal aurora instance in default VPC and default subnet group - community.aws.rds_instance: - engine: aurora - db_instance_identifier: ansible-test-aurora-db-instance - instance_type: db.t2.small - password: "{{ password }}" - username: "{{ username }}" - cluster_id: ansible-test-cluster # This cluster must exist - see rds_cluster to manage it - - - name: Create a DB instance using the default AWS KMS encryption key - community.aws.rds_instance: - id: test-encrypted-db - state: present - engine: mariadb - storage_encrypted: True - db_instance_class: db.t2.medium - username: "{{ username }}" - password: "{{ password }}" - allocated_storage: "{{ allocated_storage }}" - - - name: remove the DB instance without a final snapshot - community.aws.rds_instance: - id: "{{ instance_id }}" - state: absent - skip_final_snapshot: True - - - name: remove the DB instance with a final snapshot - community.aws.rds_instance: - id: "{{ instance_id }}" - state: absent - final_snapshot_identifier: "{{ snapshot_id }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - allocated_storage - -
    - integer -
    -     		always -
    The allocated storage size in gibibytes. This is always 1 for aurora database engines.
    -
    -
    Sample:
    -
    20
    -
    -
    - auto_minor_version_upgrade - -
    - boolean -
    -     		always -
    Whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
    -
    -
    Sample:
    -
    True
    -
    -
    - availability_zone - -
    - string -
    -     		always -
    The availability zone for the DB instance.
    -
    -
    Sample:
    -
    us-east-1f
    -
    -
    - backup_retention_period - -
    - integer -
    -     		always -
    The number of days for which automated backups are retained.
    -
    -
    Sample:
    -
    1
    -
    -
    - ca_certificate_identifier - -
    - string -
    -     		always -
    The identifier of the CA certificate for the DB instance.
    -
    -
    Sample:
    -
    rds-ca-2015
    -
    -
    - copy_tags_to_snapshot - -
    - boolean -
    -     		always -
    Whether tags are copied from the DB instance to snapshots of the DB instance.
    -
    -
    -
    - db_instance_arn - -
    - string -
    -     		always -
    The Amazon Resource Name (ARN) for the DB instance.
    -
    -
    Sample:
    -
    arn:aws:rds:us-east-1:123456789012:db:ansible-test
    -
    -
    - db_instance_class - -
    - string -
    -     		always -
    The name of the compute and memory capacity class of the DB instance.
    -
    -
    Sample:
    -
    db.m4.large
    -
    -
    - db_instance_identifier - -
    - string -
    -     		always -
    The identifier of the DB instance
    -
    -
    Sample:
    -
    ansible-test
    -
    -
    - db_instance_port - -
    - integer -
    -     		always -
    The port that the DB instance listens on.
    -
    -
    -
    - db_instance_status - -
    - string -
    -     		always -
    The current state of this database.
    -
    -
    Sample:
    -
    stopped
    -
    -
    - db_parameter_groups - -
    - complex -
    -     		always -
    The list of DB parameter groups applied to this DB instance.
    -
    -
      -
    - db_parameter_group_name - -
    - string -
    -     		always -
    The name of the DP parameter group.
    -
    -
    Sample:
    -
    default.mariadb10.0
    -
      -
    - parameter_apply_status - -
    - string -
    -     		always -
    The status of parameter updates.
    -
    -
    Sample:
    -
    in-sync
    -
    -
    - db_security_groups - -
    - list -
    -     		always -
    A list of DB security groups associated with this DB instance.
    -
    -
    -
    - db_subnet_group - -
    - complex -
    -     		always -
    The subnet group associated with the DB instance.
    -
    -
      -
    - db_subnet_group_description - -
    - string -
    -     		always -
    The description of the DB subnet group.
    -
    -
    Sample:
    -
    default
    -
      -
    - db_subnet_group_name - -
    - string -
    -     		always -
    The name of the DB subnet group.
    -
    -
    Sample:
    -
    default
    -
      -
    - subnet_group_status - -
    - string -
    -     		always -
    The status of the DB subnet group.
    -
    -
    Sample:
    -
    Complete
    -
      -
    - subnets - -
    - complex -
    -     		always -
    A list of Subnet elements.
    -
    -
       -
    - subnet_availability_zone - -
    - complex -
    -     		always -
    The availability zone of the subnet.
    -
    -
        -
    - name - -
    - string -
    -     		always -
    The name of the Availability Zone.
    -
    -
    Sample:
    -
    us-east-1c
    -
       -
    - subnet_identifier - -
    - string -
    -     		always -
    The ID of the subnet.
    -
    -
    Sample:
    -
    subnet-12345678
    -
       -
    - subnet_status - -
    - string -
    -     		always -
    The status of the subnet.
    -
    -
    Sample:
    -
    Active
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    The VpcId of the DB subnet group.
    -
    -
    Sample:
    -
    vpc-12345678
    -
    -
    - dbi_resource_id - -
    - string -
    -     		always -
    The AWS Region-unique, immutable identifier for the DB instance.
    -
    -
    Sample:
    -
    db-UHV3QRNWX4KB6GALCIGRML6QFA
    -
    -
    - domain_memberships - -
    - list -
    -     		always -
    The Active Directory Domain membership records associated with the DB instance.
    -
    -
    -
    - endpoint - -
    - complex -
    -     		always -
    The connection endpoint.
    -
    -
      -
    - address - -
    - string -
    -     		always -
    The DNS address of the DB instance.
    -
    -
    Sample:
    -
    ansible-test.cvlrtwiennww.us-east-1.rds.amazonaws.com
    -
      -
    - hosted_zone_id - -
    - string -
    -     		always -
    The ID that Amazon Route 53 assigns when you create a hosted zone.
    -
    -
    Sample:
    -
    ZTR2ITUGPA61AM
    -
      -
    - port - -
    - integer -
    -     		always -
    The port that the database engine is listening on.
    -
    -
    Sample:
    -
    3306
    -
    -
    - engine - -
    - string -
    -     		always -
    The database engine version.
    -
    -
    Sample:
    -
    mariadb
    -
    -
    - engine_version - -
    - string -
    -     		always -
    The database engine version.
    -
    -
    Sample:
    -
    10.0.35
    -
    -
    - iam_database_authentication_enabled - -
    - boolean -
    -     		always -
    Whether mapping of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.
    -
    -
    -
    - instance_create_time - -
    - string -
    -     		always -
    The date and time the DB instance was created.
    -
    -
    Sample:
    -
    2018-07-04T16:48:35.332000+00:00
    -
    -
    - kms_key_id - -
    - string -
    -     		When storage_encrypted is true -
    The AWS KMS key identifier for the encrypted DB instance when storage_encrypted is true.
    -
    -
    Sample:
    -
    arn:aws:kms:us-east-1:123456789012:key/70c45553-ad2e-4a85-9f14-cfeb47555c33
    -
    -
    - latest_restorable_time - -
    - string -
    -     		always -
    The latest time to which a database can be restored with point-in-time restore.
    -
    -
    Sample:
    -
    2018-07-04T16:50:50.642000+00:00
    -
    -
    - license_model - -
    - string -
    -     		always -
    The License model information for this DB instance.
    -
    -
    Sample:
    -
    general-public-license
    -
    -
    - master_username - -
    - string -
    -     		always -
    The master username for the DB instance.
    -
    -
    Sample:
    -
    test
    -
    -
    - max_allocated_storage - -
    - integer -
    -     		When max allocated storage is present. -
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    -
    -
    Sample:
    -
    100
    -
    -
    - monitoring_interval - -
    - integer -
    -     		always -
    The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. 0 means collecting Enhanced Monitoring metrics is disabled.
    -
    -
    -
    - multi_az - -
    - boolean -
    -     		always -
    Whether the DB instance is a Multi-AZ deployment.
    -
    -
    -
    - option_group_memberships - -
    - complex -
    -     		always -
    The list of option group memberships for this DB instance.
    -
    -
      -
    - option_group_name - -
    - string -
    -     		always -
    The name of the option group that the instance belongs to.
    -
    -
    Sample:
    -
    default:mariadb-10-0
    -
      -
    - status - -
    - string -
    -     		always -
    The status of the DB instance's option group membership.
    -
    -
    Sample:
    -
    in-sync
    -
    -
    - pending_modified_values - -
    - complex -
    -     		always -
    The changes to the DB instance that are pending.
    -
    -
    -
    - performance_insights_enabled - -
    - boolean -
    -     		always -
    True if Performance Insights is enabled for the DB instance, and otherwise false.
    -
    -
    -
    - preferred_backup_window - -
    - string -
    -     		always -
    The daily time range during which automated backups are created if automated backups are enabled.
    -
    -
    Sample:
    -
    07:01-07:31
    -
    -
    - preferred_maintenance_window - -
    - string -
    -     		always -
    The weekly time range (in UTC) during which system maintenance can occur.
    -
    -
    Sample:
    -
    sun:09:31-sun:10:01
    -
    -
    - publicly_accessible - -
    - boolean -
    -     		always -
    True for an Internet-facing instance with a publicly resolvable DNS name, False to indicate an internal instance with a DNS name that resolves to a private IP address.
    -
    -
    Sample:
    -
    True
    -
    -
    - read_replica_db_instance_identifiers - -
    - list -
    -     		always -
    Identifiers of the Read Replicas associated with this DB instance.
    -
    -
    -
    - storage_encrypted - -
    - boolean -
    -     		always -
    Whether the DB instance is encrypted.
    -
    -
    -
    - storage_type - -
    - string -
    -     		always -
    The storage type to be associated with the DB instance.
    -
    -
    Sample:
    -
    standard
    -
    -
    - tags - -
    - complex -
    -     		always -
    A dictionary of tags associated with the DB instance.
    -
    -
    -
    - vpc_security_groups - -
    - complex -
    -     		always -
    A list of VPC security group elements that the DB instance belongs to.
    -
    -
      -
    - status - -
    - string -
    -     		always -
    The status of the VPC security group.
    -
    -
    Sample:
    -
    active
    -
      -
    - vpc_security_group_id - -
    - string -
    -     		always -
    The name of the VPC security group.
    -
    -
    Sample:
    -
    sg-12345678
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Sloane Hertel (@s-hertel) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_instance_info.rst b/docs/community.aws.rds_instance_info.rst deleted file mode 100644 index d71a43b5181..00000000000 --- a/docs/community.aws.rds_instance_info.rst +++ /dev/null @@ -1,1320 +0,0 @@ -:orphan: - -.. _community.aws.rds_instance_info_module: - - -******************************* -community.aws.rds_instance_info -******************************* - -**obtain information about one or more RDS instances** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Obtain information about one or more RDS instances. -- This module was called ``rds_instance_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 -- python >= 2.7 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - db_instance_identifier - -
    - string -
    -     		- -
    The RDS instance's unique identifier.
    -

    aliases: id
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - filters - -
    - dictionary -
    -     		- -
    A filter that specifies one or more DB instances to describe. See https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Get information about an instance - community.aws.rds_instance_info: - db_instance_identifier: new-database - register: new_database_info - - - name: Get all RDS instances - community.aws.rds_instance_info: - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - instances - -
    - complex -
    -     		always -
    List of RDS instances
    -
    -
      -
    - allocated_storage - -
    - integer -
    -     		always -
    Gigabytes of storage allocated to the database
    -
    -
    Sample:
    -
    10
    -
      -
    - auto_minor_version_upgrade - -
    - boolean -
    -     		always -
    Whether minor version upgrades happen automatically
    -
    -
    Sample:
    -
    True
    -
      -
    - availability_zone - -
    - string -
    -     		always -
    Availability Zone in which the database resides
    -
    -
    Sample:
    -
    us-west-2b
    -
      -
    - backup_retention_period - -
    - integer -
    -     		always -
    Days for which backups are retained
    -
    -
    Sample:
    -
    7
    -
      -
    - ca_certificate_identifier - -
    - string -
    -     		always -
    ID for the CA certificate
    -
    -
    Sample:
    -
    rds-ca-2015
    -
      -
    - copy_tags_to_snapshot - -
    - boolean -
    -     		always -
    Whether DB tags should be copied to the snapshot
    -
    -
      -
    - db_instance_arn - -
    - string -
    -     		always -
    ARN of the database instance
    -
    -
    Sample:
    -
    arn:aws:rds:us-west-2:111111111111:db:helloworld-rds
    -
      -
    - db_instance_class - -
    - string -
    -     		always -
    Instance class of the database instance
    -
    -
    Sample:
    -
    db.t2.small
    -
      -
    - db_instance_identifier - -
    - string -
    -     		always -
    Database instance identifier
    -
    -
    Sample:
    -
    helloworld-rds
    -
      -
    - db_instance_port - -
    - integer -
    -     		always -
    Port used by the database instance
    -
    -
      -
    - db_instance_status - -
    - string -
    -     		always -
    Status of the database instance
    -
    -
    Sample:
    -
    available
    -
      -
    - db_name - -
    - string -
    -     		always -
    Name of the database
    -
    -
    Sample:
    -
    management
    -
      -
    - db_parameter_groups - -
    - complex -
    -     		always -
    List of database parameter groups
    -
    -
       -
    - db_parameter_group_name - -
    - string -
    -     		always -
    Name of the database parameter group
    -
    -
    Sample:
    -
    psql-pg-helloworld
    -
       -
    - parameter_apply_status - -
    - string -
    -     		always -
    Whether the parameter group has been applied
    -
    -
    Sample:
    -
    in-sync
    -
      -
    - db_security_groups - -
    - list -
    -     		always -
    List of security groups used by the database instance
    -
    -
      -
    - db_subnet_group - -
    - complex -
    -     		always -
    list of subnet groups
    -
    -
       -
    - db_subnet_group_description - -
    - string -
    -     		always -
    Description of the DB subnet group
    -
    -
    Sample:
    -
    My database subnet group
    -
       -
    - db_subnet_group_name - -
    - string -
    -     		always -
    Name of the database subnet group
    -
    -
    Sample:
    -
    my-subnet-group
    -
       -
    - subnet_group_status - -
    - string -
    -     		always -
    Subnet group status
    -
    -
    Sample:
    -
    Complete
    -
       -
    - subnets - -
    - complex -
    -     		always -
    List of subnets in the subnet group
    -
    -
        -
    - subnet_availability_zone - -
    - complex -
    -     		always -
    Availability zone of the subnet
    -
    -
         -
    - name - -
    - string -
    -     		always -
    Name of the availability zone
    -
    -
    Sample:
    -
    us-west-2c
    -
        -
    - subnet_identifier - -
    - string -
    -     		always -
    Subnet ID
    -
    -
    Sample:
    -
    subnet-abcd1234
    -
        -
    - subnet_status - -
    - string -
    -     		always -
    Subnet status
    -
    -
    Sample:
    -
    Active
    -
       -
    - vpc_id - -
    - string -
    -     		always -
    VPC id of the subnet group
    -
    -
    Sample:
    -
    vpc-abcd1234
    -
      -
    - dbi_resource_id - -
    - string -
    -     		always -
    AWS Region-unique, immutable identifier for the DB instance
    -
    -
    Sample:
    -
    db-AAAAAAAAAAAAAAAAAAAAAAAAAA
    -
      -
    - domain_memberships - -
    - list -
    -     		always -
    List of domain memberships
    -
    -
      -
    - endpoint - -
    - complex -
    -     		always -
    Database endpoint
    -
    -
       -
    - address - -
    - string -
    -     		always -
    Database endpoint address
    -
    -
    Sample:
    -
    helloworld-rds.ctrqpe3so1sf.us-west-2.rds.amazonaws.com
    -
       -
    - hosted_zone_id - -
    - string -
    -     		always -
    Route53 hosted zone ID
    -
    -
    Sample:
    -
    Z1PABCD0000000
    -
       -
    - port - -
    - integer -
    -     		always -
    Database endpoint port
    -
    -
    Sample:
    -
    5432
    -
      -
    - engine - -
    - string -
    -     		always -
    Database engine
    -
    -
    Sample:
    -
    postgres
    -
      -
    - engine_version - -
    - string -
    -     		always -
    Database engine version
    -
    -
    Sample:
    -
    9.5.10
    -
      -
    - iam_database_authentication_enabled - -
    - boolean -
    -     		always -
    Whether database authentication through IAM is enabled
    -
    -
      -
    - instance_create_time - -
    - string -
    -     		always -
    Date and time the instance was created
    -
    -
    Sample:
    -
    2017-10-10T04:00:07.434000+00:00
    -
      -
    - kms_key_id - -
    - string -
    -     		always -
    KMS Key ID
    -
    -
    Sample:
    -
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-0000-abcd-1111-0123456789ab
    -
      -
    - latest_restorable_time - -
    - string -
    -     		always -
    Latest time to which a database can be restored with point-in-time restore
    -
    -
    Sample:
    -
    2018-05-17T00:03:56+00:00
    -
      -
    - license_model - -
    - string -
    -     		always -
    License model
    -
    -
    Sample:
    -
    postgresql-license
    -
      -
    - master_username - -
    - string -
    -     		always -
    Database master username
    -
    -
    Sample:
    -
    dbadmin
    -
      -
    - monitoring_interval - -
    - integer -
    -     		always -
    Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance
    -
    -
      -
    - multi_az - -
    - boolean -
    -     		always -
    Whether Multi-AZ is on
    -
    -
      -
    - option_group_memberships - -
    - complex -
    -     		always -
    List of option groups
    -
    -
       -
    - option_group_name - -
    - string -
    -     		always -
    Option group name
    -
    -
    Sample:
    -
    default:postgres-9-5
    -
       -
    - status - -
    - string -
    -     		always -
    Status of option group
    -
    -
    Sample:
    -
    in-sync
    -
      -
    - pending_modified_values - -
    - complex -
    -     		always -
    Modified values pending application
    -
    -
      -
    - performance_insights_enabled - -
    - boolean -
    -     		always -
    Whether performance insights are enabled
    -
    -
      -
    - preferred_backup_window - -
    - string -
    -     		always -
    Preferred backup window
    -
    -
    Sample:
    -
    04:00-05:00
    -
      -
    - preferred_maintenance_window - -
    - string -
    -     		always -
    Preferred maintenance window
    -
    -
    Sample:
    -
    mon:05:00-mon:05:30
    -
      -
    - publicly_accessible - -
    - boolean -
    -     		always -
    Whether the DB is publicly accessible
    -
    -
      -
    - read_replica_db_instance_identifiers - -
    - list -
    -     		always -
    List of database instance read replicas
    -
    -
      -
    - storage_encrypted - -
    - boolean -
    -     		always -
    Whether the storage is encrypted
    -
    -
    Sample:
    -
    True
    -
      -
    - storage_type - -
    - string -
    -     		always -
    Storage type of the Database instance
    -
    -
    Sample:
    -
    gp2
    -
      -
    - tags - -
    - complex -
    -     		always -
    Tags used by the database instance
    -
    -
      -
    - vpc_security_groups - -
    - complex -
    -     		always -
    List of VPC security groups
    -
    -
       -
    - status - -
    - string -
    -     		always -
    Status of the VPC security group
    -
    -
    Sample:
    -
    active
    -
       -
    - vpc_security_group_id - -
    - string -
    -     		always -
    VPC Security Group ID
    -
    -
    Sample:
    -
    sg-abcd1234
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) -- Michael De La Rue (@mikedlr) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_param_group.rst b/docs/community.aws.rds_param_group.rst deleted file mode 100644 index beac7a784ff..00000000000 --- a/docs/community.aws.rds_param_group.rst +++ /dev/null @@ -1,489 +0,0 @@ -:orphan: - -.. _community.aws.rds_param_group_module: - - -***************************** -community.aws.rds_param_group -***************************** - -**manage RDS parameter groups** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, modifies, and deletes RDS parameter groups. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    Database parameter group description. Only set when a new group is added.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - engine - -
    - string -
    -     		- -
    The type of database for this group.
    -
    Please use following command to get list of all supported db engines and their respective versions.
    -
    # aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
    -
    Required for state=present.
    -
    -
    - immediate - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to apply the changes immediately, or after the next reboot of any associated instances.
    -

    aliases: apply_immediately
    -
    -
    - name - -
    - string - / required
    -     		- -
    Database parameter group identifier.
    -
    -
    - params - -
    - dictionary -
    -     		- -
    Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
    -

    aliases: parameters
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to remove tags that do not appear in the tags list.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the group should be present or absent.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Dictionary of tags to attach to the parameter group.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 - community.aws.rds_param_group: - state: present - name: norwegian-blue - description: 'My Fancy Ex Parrot Group' - engine: 'mysql5.6' - params: - auto_increment_increment: "42K" - tags: - Environment: production - Application: parrot - - - name: Remove a parameter group - community.aws.rds_param_group: - state: absent - name: norwegian-blue - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - db_parameter_group_arn - -
    - string -
    -     		when state is present -
    ARN of the DB parameter group
    -
    -
    -
    - db_parameter_group_family - -
    - string -
    -     		when state is present -
    DB parameter group family that this DB parameter group is compatible with.
    -
    -
    -
    - db_parameter_group_name - -
    - string -
    -     		when state is present -
    Name of DB parameter group
    -
    -
    -
    - description - -
    - string -
    -     		when state is present -
    description of the DB parameter group
    -
    -
    -
    - errors - -
    - list -
    -     		when state is present -
    list of errors from attempting to modify parameters that are not modifiable
    -
    -
    -
    - tags - -
    - dictionary -
    -     		when state is present -
    dictionary of tags
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Scott Anderson (@tastychutney) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_snapshot.rst b/docs/community.aws.rds_snapshot.rst deleted file mode 100644 index 3ef5c5e15dc..00000000000 --- a/docs/community.aws.rds_snapshot.rst +++ /dev/null @@ -1,758 +0,0 @@ -:orphan: - -.. _community.aws.rds_snapshot_module: - - -************************** -community.aws.rds_snapshot -************************** - -**manage Amazon RDS snapshots.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates or deletes RDS snapshots. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - db_instance_identifier - -
    - string -
    -     		- -
    Database instance identifier. Required when state is present.
    -

    aliases: instance_id
    -
    -
    - db_snapshot_identifier - -
    - string - / required
    -     		- -
    The snapshot to manage.
    -

    aliases: id, snapshot_id
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    whether to remove tags not present in the tags parameter.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Specify the desired state of the snapshot.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    tags dict to apply to a snapshot.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for snapshot creation or deletion.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    how long before wait gives up, in seconds.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create snapshot - community.aws.rds_snapshot: - db_instance_identifier: new-database - db_snapshot_identifier: new-database-snapshot - - - name: Delete snapshot - community.aws.rds_snapshot: - db_snapshot_identifier: new-database-snapshot - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - allocated_storage - -
    - integer -
    -     		always -
    How much storage is allocated in GB.
    -
    -
    Sample:
    -
    20
    -
    -
    - availability_zone - -
    - string -
    -     		always -
    Availability zone of the database from which the snapshot was created.
    -
    -
    Sample:
    -
    us-west-2a
    -
    -
    - db_instance_identifier - -
    - string -
    -     		always -
    Database from which the snapshot was created.
    -
    -
    Sample:
    -
    ansible-test-16638696
    -
    -
    - db_snapshot_arn - -
    - string -
    -     		always -
    Amazon Resource Name for the snapshot.
    -
    -
    Sample:
    -
    arn:aws:rds:us-west-2:123456789012:snapshot:ansible-test-16638696-test-snapshot
    -
    -
    - db_snapshot_identifier - -
    - string -
    -     		always -
    Name of the snapshot.
    -
    -
    Sample:
    -
    ansible-test-16638696-test-snapshot
    -
    -
    - dbi_resource_id - -
    - string -
    -     		always -
    The identifier for the source DB instance, which can't be changed and which is unique to an AWS Region.
    -
    -
    Sample:
    -
    db-MM4P2U35RQRAMWD3QDOXWPZP4U
    -
    -
    - encrypted - -
    - boolean -
    -     		always -
    Whether the snapshot is encrypted.
    -
    -
    -
    - engine - -
    - string -
    -     		always -
    Engine of the database from which the snapshot was created.
    -
    -
    Sample:
    -
    mariadb
    -
    -
    - engine_version - -
    - string -
    -     		always -
    Version of the database from which the snapshot was created.
    -
    -
    Sample:
    -
    10.2.21
    -
    -
    - iam_database_authentication_enabled - -
    - boolean -
    -     		always -
    Whether IAM database authentication is enabled.
    -
    -
    -
    - instance_create_time - -
    - string -
    -     		always -
    Creation time of the instance from which the snapshot was created.
    -
    -
    Sample:
    -
    2019-06-15T10:15:56.221000+00:00
    -
    -
    - license_model - -
    - string -
    -     		always -
    License model of the database.
    -
    -
    Sample:
    -
    general-public-license
    -
    -
    - master_username - -
    - string -
    -     		always -
    Master username of the database.
    -
    -
    Sample:
    -
    test
    -
    -
    - option_group_name - -
    - string -
    -     		always -
    Option group of the database.
    -
    -
    Sample:
    -
    default:mariadb-10-2
    -
    -
    - percent_progress - -
    - integer -
    -     		always -
    How much progress has been made taking the snapshot. Will be 100 for an available snapshot.
    -
    -
    Sample:
    -
    100
    -
    -
    - port - -
    - integer -
    -     		always -
    Port on which the database is listening.
    -
    -
    Sample:
    -
    3306
    -
    -
    - processor_features - -
    - list -
    -     		always -
    List of processor features of the database.
    -
    -
    -
    - snapshot_create_time - -
    - string -
    -     		always -
    Creation time of the snapshot.
    -
    -
    Sample:
    -
    2019-06-15T10:46:23.776000+00:00
    -
    -
    - snapshot_type - -
    - string -
    -     		always -
    How the snapshot was created (always manual for this module!).
    -
    -
    Sample:
    -
    manual
    -
    -
    - status - -
    - string -
    -     		always -
    Status of the snapshot.
    -
    -
    Sample:
    -
    available
    -
    -
    - storage_type - -
    - string -
    -     		always -
    Storage type of the database.
    -
    -
    Sample:
    -
    gp2
    -
    -
    - tags - -
    - complex -
    -     		always -
    Tags applied to the snapshot.
    -
    -
    -
    - vpc_id - -
    - string -
    -     		always -
    ID of the VPC in which the DB lives.
    -
    -
    Sample:
    -
    vpc-09ff232e222710ae0
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) -- Michael De La Rue (@mikedlr) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_snapshot_info.rst b/docs/community.aws.rds_snapshot_info.rst deleted file mode 100644 index 5b0f598c789..00000000000 --- a/docs/community.aws.rds_snapshot_info.rst +++ /dev/null @@ -1,1100 +0,0 @@ -:orphan: - -.. _community.aws.rds_snapshot_info_module: - - -******************************* -community.aws.rds_snapshot_info -******************************* - -**obtain information about one or more RDS snapshots** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Obtain information about one or more RDS snapshots. These can be for unclustered snapshots or snapshots of clustered DBs (Aurora). -- Aurora snapshot information may be obtained if no identifier parameters are passed or if one of the cluster parameters are passed. -- This module was called ``rds_snapshot_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - db_cluster_identifier - -
    - string -
    -     		- -
    RDS cluster name for which to find snapshots.
    -
    Mutually exclusive with db_snapshot_identifier, db_instance_identifier, db_cluster_snapshot_identifier
    -
    -
    - db_cluster_snapshot_identifier - -
    - string -
    -     		- -
    Name of an RDS cluster snapshot.
    -
    Mutually exclusive with db_instance_identifier, db_snapshot_identifier, db_cluster_identifier
    -
    -
    - db_instance_identifier - -
    - string -
    -     		- -
    RDS instance name for which to find snapshots.
    -
    Mutually exclusive with db_snapshot_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    -
    -
    - db_snapshot_identifier - -
    - string -
    -     		- -
    Name of an RDS (unclustered) snapshot.
    -
    Mutually exclusive with db_instance_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    -

    aliases: snapshot_name
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - snapshot_type - -
    - string -
    -     		-
      Choices: -
    • automated
      • -
    • manual
      • -
    • shared
      • -
    • public
      • -
    -     		-
    Type of snapshot to find.
    -
    By default both automated and manual snapshots will be returned.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Get information about an snapshot - community.aws.rds_snapshot_info: - db_snapshot_identifier: snapshot_name - register: new_database_info - - - name: Get all RDS snapshots for an RDS instance - community.aws.rds_snapshot_info: - db_instance_identifier: helloworld-rds-master - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - cluster_snapshots - -
    - complex -
    -     		always -
    List of cluster snapshots
    -
    -
      -
    - allocated_storage - -
    - integer -
    -     		always -
    How many gigabytes of storage are allocated
    -
    -
    Sample:
    -
    1
    -
      -
    - availability_zones - -
    - list -
    -     		always -
    The availability zones of the database from which the snapshot was taken
    -
    -
    Sample:
    -
    ['ca-central-1a', 'ca-central-1b']
    -
      -
    - cluster_create_time - -
    - string -
    -     		always -
    Date and time the cluster was created
    -
    -
    Sample:
    -
    2018-05-17T00:13:40.223000+00:00
    -
      -
    - db_cluster_identifier - -
    - string -
    -     		always -
    Database cluster identifier
    -
    -
    Sample:
    -
    test-aurora-cluster
    -
      -
    - db_cluster_snapshot_arn - -
    - string -
    -     		always -
    ARN of the database snapshot
    -
    -
    Sample:
    -
    arn:aws:rds:ca-central-1:111111111111:cluster-snapshot:test-aurora-snapshot
    -
      -
    - db_cluster_snapshot_identifier - -
    - string -
    -     		always -
    Snapshot identifier
    -
    -
    Sample:
    -
    test-aurora-snapshot
    -
      -
    - engine - -
    - string -
    -     		always -
    Database engine
    -
    -
    Sample:
    -
    aurora
    -
      -
    - engine_version - -
    - string -
    -     		always -
    Database engine version
    -
    -
    Sample:
    -
    5.6.10a
    -
      -
    - iam_database_authentication_enabled - -
    - boolean -
    -     		always -
    Whether database authentication through IAM is enabled
    -
    -
      -
    - kms_key_id - -
    - string -
    -     		always -
    ID of the KMS Key encrypting the snapshot
    -
    -
    Sample:
    -
    arn:aws:kms:ca-central-1:111111111111:key/abcd1234-abcd-1111-aaaa-0123456789ab
    -
      -
    - license_model - -
    - string -
    -     		always -
    License model
    -
    -
    Sample:
    -
    aurora
    -
      -
    - master_username - -
    - string -
    -     		always -
    Database master username
    -
    -
    Sample:
    -
    shertel
    -
      -
    - percent_progress - -
    - integer -
    -     		always -
    Percent progress of snapshot
    -
    -
      -
    - port - -
    - integer -
    -     		always -
    Database port
    -
    -
      -
    - snapshot_create_time - -
    - string -
    -     		always -
    Date and time when the snapshot was created
    -
    -
    Sample:
    -
    2018-05-17T00:23:23.731000+00:00
    -
      -
    - snapshot_type - -
    - string -
    -     		always -
    Type of snapshot
    -
    -
    Sample:
    -
    manual
    -
      -
    - status - -
    - string -
    -     		always -
    Status of snapshot
    -
    -
    Sample:
    -
    creating
    -
      -
    - storage_encrypted - -
    - boolean -
    -     		always -
    Whether the snapshot is encrypted
    -
    -
    Sample:
    -
    True
    -
      -
    - tags - -
    - complex -
    -     		when snapshot is not shared -
    Tags of the snapshot
    -
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    VPC of the database
    -
    -
    Sample:
    -
    vpc-abcd1234
    -
    -
    - snapshots - -
    - complex -
    -     		When cluster parameters are not passed -
    List of non-clustered snapshots
    -
    -
      -
    - allocated_storage - -
    - integer -
    -     		always -
    How many gigabytes of storage are allocated
    -
    -
    Sample:
    -
    10
    -
      -
    - availability_zone - -
    - string -
    -     		always -
    The availability zone of the database from which the snapshot was taken
    -
    -
    Sample:
    -
    us-west-2b
    -
      -
    - db_instance_identifier - -
    - string -
    -     		always -
    Database instance identifier
    -
    -
    Sample:
    -
    hello-world-rds
    -
      -
    - db_snapshot_arn - -
    - string -
    -     		always -
    Snapshot ARN
    -
    -
    Sample:
    -
    arn:aws:rds:us-west-2:111111111111:snapshot:rds:hello-world-rds-us1-2018-05-16-04-03
    -
      -
    - db_snapshot_identifier - -
    - string -
    -     		always -
    Snapshot name
    -
    -
    Sample:
    -
    rds:hello-world-rds-us1-2018-05-16-04-03
    -
      -
    - encrypted - -
    - boolean -
    -     		always -
    Whether the snapshot was encrypted
    -
    -
    Sample:
    -
    True
    -
      -
    - engine - -
    - string -
    -     		always -
    Database engine
    -
    -
    Sample:
    -
    postgres
    -
      -
    - engine_version - -
    - string -
    -     		always -
    Database engine version
    -
    -
    Sample:
    -
    9.5.10
    -
      -
    - iam_database_authentication_enabled - -
    - boolean -
    -     		always -
    Whether database authentication through IAM is enabled
    -
    -
      -
    - instance_create_time - -
    - string -
    -     		always -
    Time the Instance was created
    -
    -
    Sample:
    -
    2017-10-10T04:00:07.434000+00:00
    -
      -
    - kms_key_id - -
    - string -
    -     		always -
    ID of the KMS Key encrypting the snapshot
    -
    -
    Sample:
    -
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-1234-aaaa-0000-1234567890ab
    -
      -
    - license_model - -
    - string -
    -     		always -
    License model
    -
    -
    Sample:
    -
    postgresql-license
    -
      -
    - master_username - -
    - string -
    -     		always -
    Database master username
    -
    -
    Sample:
    -
    dbadmin
    -
      -
    - option_group_name - -
    - string -
    -     		always -
    Database option group name
    -
    -
    Sample:
    -
    default:postgres-9-5
    -
      -
    - percent_progress - -
    - integer -
    -     		always -
    Percent progress of snapshot
    -
    -
    Sample:
    -
    100
    -
      -
    - snapshot_create_time - -
    - string -
    -     		always -
    Time snapshot was created
    -
    -
    Sample:
    -
    2018-05-16T04:03:33.871000+00:00
    -
      -
    - snapshot_type - -
    - string -
    -     		always -
    Type of snapshot
    -
    -
    Sample:
    -
    automated
    -
      -
    - status - -
    - string -
    -     		always -
    Status of snapshot
    -
    -
    Sample:
    -
    available
    -
      -
    - storage_type - -
    - string -
    -     		always -
    Storage type of underlying DB
    -
    -
    Sample:
    -
    gp2
    -
      -
    - tags - -
    - complex -
    -     		when snapshot is not shared -
    Snapshot tags
    -
    -
      -
    - vpc_id - -
    - string -
    -     		always -
    ID of VPC containing the DB
    -
    -
    Sample:
    -
    vpc-abcd1234
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.rds_subnet_group.rst b/docs/community.aws.rds_subnet_group.rst deleted file mode 100644 index 487bddf87c8..00000000000 --- a/docs/community.aws.rds_subnet_group.rst +++ /dev/null @@ -1,419 +0,0 @@ -:orphan: - -.. _community.aws.rds_subnet_group_module: - - -****************************** -community.aws.rds_subnet_group -****************************** - -**manage RDS database subnet groups** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, modifies, and deletes RDS database subnet groups. This module has a dependency on python-boto >= 2.5. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - description - -
    - string -
    -     		- -
    Database subnet group description.
    -
    Required when state=present.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Database subnet group identifier.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the subnet should be present or absent.
    -
    -
    - subnets - -
    - list -
    -     		- -
    List of subnet IDs that make up the database subnet group.
    -
    Required when state=present.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Add or change a subnet group - community.aws.rds_subnet_group: - state: present - name: norwegian-blue - description: My Fancy Ex Parrot Subnet Group - subnets: - - subnet-aaaaaaaa - - subnet-bbbbbbbb - - - name: Remove a subnet group - community.aws.rds_subnet_group: - state: absent - name: norwegian-blue - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - subnet_group - -
    - complex -
    -     		state=present -
    Dictionary of DB subnet group values
    -
    -
      -
    - description - -
    - string -
    -     		state=present -
    The description of the DB subnet group
    -
    -
      -
    - name - -
    - string -
    -     		state=present -
    The name of the DB subnet group
    -
    -
      -
    - status - -
    - string -
    -     		state=present -
    The status of the DB subnet group
    -
    -
      -
    - subnet_ids - -
    - list -
    -     		state=present -
    Contains a list of Subnet IDs
    -
    -
      -
    - vpc_id - -
    - string -
    -     		state=present -
    The VpcId of the DB subnet group
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Scott Anderson (@tastychutney) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift.rst b/docs/community.aws.redshift.rst deleted file mode 100644 index f26b3ba96c8..00000000000 --- a/docs/community.aws.redshift.rst +++ /dev/null @@ -1,950 +0,0 @@ -:orphan: - -.. _community.aws.redshift_module: - - -********************** -community.aws.redshift -********************** - -**create, delete, or modify an Amazon Redshift instance** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates, deletes, or modifies Amazon Redshift cluster instances. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - allow_version_upgrade - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When allow_version_upgrade=true the cluster may be automatically upgraded during the maintenance window.
    -

    aliases: version_upgrade
    -
    -
    - automated_snapshot_retention_period - -
    - integer -
    -     		- -
    The number of days that automated snapshots are retained.
    -

    aliases: retention_period
    -
    -
    - availability_zone - -
    - string -
    -     		- -
    Availability zone in which to launch cluster.
    -

    aliases: zone, aws_zone
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster_parameter_group_name - -
    - string -
    -     		- -
    Name of the cluster parameter group.
    -

    aliases: param_group_name
    -
    -
    - cluster_security_groups - -
    - list - / elements=string
    -     		- -
    In which security group the cluster belongs.
    -

    aliases: security_groups
    -
    -
    - cluster_subnet_group_name - -
    - string -
    -     		- -
    Which subnet to place the cluster.
    -

    aliases: subnet
    -
    -
    - cluster_type - -
    - string -
    -     		-
      Choices: -
    • multi-node
      • -
    • single-node ←
      • -
    -     		-
    The type of cluster.
    -
    -
    - cluster_version - -
    - string -
    -     		-
      Choices: -
    • 1.0
      • -
    -     		-
    Which version the cluster should have.
    -

    aliases: version
    -
    -
    - command - -
    - string - / required
    -     		-
      Choices: -
    • create
      • -
    • facts
      • -
    • delete
      • -
    • modify
      • -
    -     		-
    Specifies the action to take.
    -
    -
    - db_name - -
    - string -
    -     		- -
    Name of the database.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - elastic_ip - -
    - string -
    -     		- -
    An Elastic IP to use for the cluster.
    -
    -
    - encrypted - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If the cluster is encrypted or not.
    -
    -
    - enhanced_vpc_routing - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the cluster should have enhanced VPC routing enabled.
    -
    -
    - final_cluster_snapshot_identifier - -
    - string -
    -     		- -
    Identifier of the final snapshot to be created before deleting the cluster.
    -
    If this parameter is provided, skip_final_cluster_snapshot must be false.
    -
    Used only when command=delete.
    -

    aliases: final_snapshot_id
    -
    -
    - identifier - -
    - string - / required
    -     		- -
    Redshift cluster identifier.
    -
    -
    - new_cluster_identifier - -
    - string -
    -     		- -
    Only used when command=modify.
    -

    aliases: new_identifier
    -
    -
    - node_type - -
    - string -
    -     		-
      Choices: -
    • ds1.xlarge
      • -
    • ds1.8xlarge
      • -
    • ds2.xlarge
      • -
    • ds2.8xlarge
      • -
    • dc1.large
      • -
    • dc2.large
      • -
    • dc1.8xlarge
      • -
    • dw1.xlarge
      • -
    • dw1.8xlarge
      • -
    • dw2.large
      • -
    • dw2.8xlarge
      • -
    -     		-
    The node type of the cluster.
    -
    Require when command=create.
    -
    -
    - number_of_nodes - -
    - integer -
    -     		- -
    Number of nodes.
    -
    Only used when cluster_type=multi-node.
    -
    -
    - password - -
    - string -
    -     		- -
    Master database password.
    -
    Used only when command=create.
    -
    -
    - port - -
    - integer -
    -     		- -
    Which port the cluster is listening on.
    -
    -
    - preferred_maintenance_window - -
    - string -
    -     		- -
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    -
    Times are specified in UTC.
    -
    If not specified then a random 30 minute maintenance window is assigned.
    -

    aliases: maintance_window, maint_window
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - publicly_accessible - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If the cluster is accessible publicly or not.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - skip_final_cluster_snapshot - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Skip a final snapshot before deleting the cluster.
    -
    Used only when command=delete.
    -

    aliases: skip_final_snapshot
    -
    -
    - username - -
    - string -
    -     		- -
    Master database username.
    -
    Used only when command=create.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_security_group_ids - -
    - list - / elements=string
    -     		- -
    VPC security group
    -

    aliases: vpc_security_groups
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When command=create, command=modify or command=restore then wait for the database to enter the 'available' state.
    -
    When command=delete wait for the database to be terminated.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    When wait=true defines how long in seconds before giving up.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Basic cluster provisioning example - community.aws.redshift: - command: create - node_type: ds1.xlarge - identifier: new_cluster - username: cluster_admin - password: 1nsecure - - - name: Cluster delete example - community.aws.redshift: - command: delete - identifier: new_cluster - skip_final_cluster_snapshot: true - wait: true - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - cluster - -
    - complex -
    -     		success -
    dictionary containing all the cluster information
    -
    -
      -
    - availability_zone - -
    - string -
    -     		success -
    Amazon availability zone where the cluster is located. "None" until cluster is available.
    -
    -
    Sample:
    -
    us-east-1b
    -
      -
    - create_time - -
    - float -
    -     		success -
    Time of the cluster creation as timestamp.
    -
    -
    Sample:
    -
    1430158536.308
    -
      -
    - db_name - -
    - string -
    -     		success -
    Name of the database.
    -
    -
    Sample:
    -
    new_db_name
    -
      -
    - enhanced_vpc_routing - -
    - boolean -
    -     		success -
    status of the enhanced vpc routing feature.
    -
    -
      -
    - identifier - -
    - string -
    -     		success -
    Id of the cluster.
    -
    -
    Sample:
    -
    new_redshift_cluster
    -
      -
    - maintenance_window - -
    - string -
    -     		success -
    Time frame when maintenance/upgrade are done.
    -
    -
    Sample:
    -
    sun:09:30-sun:10:00
    -
      -
    - port - -
    - integer -
    -     		success -
    Port of the cluster. "None" until cluster is available.
    -
    -
    Sample:
    -
    5439
    -
      -
    - private_ip_address - -
    - string -
    -     		success -
    Private IP address of the main node.
    -
    -
    Sample:
    -
    10.10.10.10
    -
      -
    - public_ip_address - -
    - string -
    -     		success -
    Public IP address of the main node. "None" when enhanced_vpc_routing is enabled.
    -
    -
    Sample:
    -
    0.0.0.0
    -
      -
    - status - -
    - string -
    -     		success -
    Status of the cluster.
    -
    -
    Sample:
    -
    available
    -
      -
    - url - -
    - string -
    -     		success -
    FQDN of the main cluster node. "None" until cluster is available.
    -
    -
    Sample:
    -
    new-redshift_cluster.jfkdjfdkj.us-east-1.redshift.amazonaws.com
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jens Carl (@j-carl), Hothead Games Inc. -- Rafael Driutti (@rafaeldriutti) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift_cross_region_snapshots.rst b/docs/community.aws.redshift_cross_region_snapshots.rst deleted file mode 100644 index 44ad28008e2..00000000000 --- a/docs/community.aws.redshift_cross_region_snapshots.rst +++ /dev/null @@ -1,339 +0,0 @@ -:orphan: - -.. _community.aws.redshift_cross_region_snapshots_module: - - -********************************************* -community.aws.redshift_cross_region_snapshots -********************************************* - -**Manage Redshift Cross Region Snapshots** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage Redshift Cross Region Snapshots. Supports KMS-Encrypted Snapshots. -- For more information, see https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html#cross-region-snapshot-copy - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster_name - -
    - string - / required
    -     		- -
    The name of the cluster to configure cross-region snapshots for.
    -

    aliases: cluster
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - destination_region - -
    - string - / required
    -     		- -
    The region to copy snapshots to.
    -

    aliases: destination
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string - / required
    -     		- -
    The cluster's region.
    -

    aliases: source
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - snapshot_copy_grant - -
    - string -
    -     		- -
    A grant for Amazon Redshift to use a master key in the destination_region.
    - -

    aliases: copy_grant
    -
    -
    - snapshot_retention_period - -
    - integer - / required
    -     		- -
    The number of days to keep cross-region snapshots for.
    -

    aliases: retention_period
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove the cross-region snapshot configuration.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: configure cross-region snapshot on cluster `johniscool` - community.aws.redshift_cross_region_snapshots: - cluster_name: johniscool - state: present - region: us-east-1 - destination_region: us-west-2 - retention_period: 1 - - - name: configure cross-region snapshot on kms-encrypted cluster - community.aws.redshift_cross_region_snapshots: - cluster_name: whatever - state: present - region: us-east-1 - destination: us-west-2 - copy_grant: 'my-grant-in-destination' - retention_period: 10 - - - name: disable cross-region snapshots, necessary before most cluster modifications (rename, resize) - community.aws.redshift_cross_region_snapshots: - cluster_name: whatever - state: absent - region: us-east-1 - destination_region: us-west-2 - - - - - -Status ------- - - -Authors -~~~~~~~ - -- JR Kerkstra (@captainkerk) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift_info.rst b/docs/community.aws.redshift_info.rst deleted file mode 100644 index 8e5b96afa4e..00000000000 --- a/docs/community.aws.redshift_info.rst +++ /dev/null @@ -1,847 +0,0 @@ -:orphan: - -.. _community.aws.redshift_info_module: - - -*************************** -community.aws.redshift_info -*************************** - -**Gather information about Redshift cluster(s)** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gather information about Redshift cluster(s). -- This module was called ``redshift_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - cluster_identifier - -
    - string -
    -     		- -
    The prefix of cluster identifier of the Redshift cluster you are searching for.
    -
    This is a regular expression match with implicit '^'. Append '$' for a complete match.
    -

    aliases: name, identifier
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do net set authentication details, see the AWS guide for details. - - - name: Find all clusters - community.aws.redshift_info: - register: redshift - - - name: Find cluster(s) with matching tags - community.aws.redshift_info: - tags: - env: prd - stack: monitoring - register: redshift_tags - - - name: Find cluster(s) with matching name/prefix and tags - community.aws.redshift_info: - tags: - env: dev - stack: web - name: user- - register: redshift_web - - - name: Fail if no cluster(s) is/are found - community.aws.redshift_info: - tags: - env: stg - stack: db - register: redshift_user - failed_when: "{{ redshift_user.results | length == 0 }}" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - allow_version_upgrade - -
    - boolean -
    -     		success -
    A Boolean value that, if true, indicates that major version upgrades will be applied automatically to the cluster during the maintenance window.
    -
    -
    Sample:
    -
    true|false
    -
    -
    - automated_snapshot_retention_period - -
    - integer -
    -     		success -
    The number of days that automatic cluster snapshots are retained.
    -
    -
    Sample:
    -
    1
    -
    -
    - availability_zone - -
    - string -
    -     		success -
    The name of the Availability Zone in which the cluster is located.
    -
    -
    Sample:
    -
    us-east-1b
    -
    -
    - cluster_create_time - -
    - string -
    -     		success -
    The date and time that the cluster was created.
    -
    -
    Sample:
    -
    2016-05-10T08:33:16.629000+00:00
    -
    -
    - cluster_identifier - -
    - string -
    -     		success -
    Unique key to identify the cluster.
    -
    -
    Sample:
    -
    redshift-identifier
    -
    -
    - cluster_nodes - -
    - list -
    -     		success -
    The nodes in the cluster.
    -
    -
    Sample:
    -
    [{'node_role': 'LEADER', 'private_ip_address': '10.0.0.1', 'public_ip_address': 'x.x.x.x'}, {'node_role': 'COMPUTE-1', 'private_ip_address': '10.0.0.3', 'public_ip_address': 'x.x.x.x'}]
    -
    -
    - cluster_paramater_groups - -
    - list -
    -     		success -
    The list of cluster parameters that are associated with this cluster.
    -
    -
    Sample:
    -
    [{'cluster_parameter_status_list': [{'parameter_apply_status': 'in-sync', 'parameter_name': 'statement_timeout'}, {'parameter_apply_status': 'in-sync', 'parameter_name': 'require_ssl'}], 'parameter_apply_status': 'in-sync', 'parameter_group_name': 'tuba'}]
    -
    -
    - cluster_public_keys - -
    - string -
    -     		success -
    The public key for the cluster.
    -
    -
    Sample:
    -
    ssh-rsa anjigfam Amazon-Redshift
    -
    -
    - cluster_revision_number - -
    - string -
    -     		success -
    The specific revision number of the database in the cluster.
    -
    -
    Sample:
    -
    1231
    -
    -
    - cluster_security_groups - -
    - list -
    -     		success -
    A list of cluster security groups that are associated with the cluster.
    -
    -
    -
    - cluster_snapshot_copy_status - -
    - dictionary -
    -     		success -
    A value that returns the destination region and retention period that are configured for cross-region snapshot copy.
    -
    -
    -
    - cluster_status - -
    - string -
    -     		success -
    Current state of the cluster.
    -
    -
    Sample:
    -
    available
    -
    -
    - cluster_subnet_group_name - -
    - string -
    -     		success -
    The name of the subnet group that is associated with the cluster.
    -
    -
    Sample:
    -
    redshift-subnet
    -
    -
    - cluster_version - -
    - string -
    -     		success -
    The version ID of the Amazon Redshift engine that is running on the cluster.
    -
    -
    Sample:
    -
    1.0
    -
    -
    - db_name - -
    - string -
    -     		success -
    The name of the initial database that was created when the cluster was created.
    -
    -
    Sample:
    -
    dev
    -
    -
    - elastic_ip_status - -
    - dictionary -
    -     		success -
    The status of the elastic IP (EIP) address.
    -
    -
    -
    - encrypted - -
    - boolean -
    -     		success -
    Boolean value that, if true , indicates that data in the cluster is encrypted at rest.
    -
    -
    Sample:
    -
    true|false
    -
    -
    - endpoint - -
    - string -
    -     		success -
    The connection endpoint.
    -
    -
    Sample:
    -
    {'address': 'cluster-ds2.ocmugla0rf.us-east-1.redshift.amazonaws.com', 'port': 5439}
    -
    -
    - enhanced_vpc_routing - -
    - boolean -
    -     		success -
    An option that specifies whether to create the cluster with enhanced VPC routing enabled.
    -
    -
    Sample:
    -
    true|false
    -
    -
    - hsm_status - -
    - dictionary -
    -     		success -
    A value that reports whether the Amazon Redshift cluster has finished applying any hardware security module (HSM) settings changes specified in a modify cluster command.
    -
    -
    -
    - iam_roles - -
    - list -
    -     		success -
    List of IAM roles attached to the cluster.
    -
    -
    -
    - kms_key_id - -
    - string -
    -     		success -
    The AWS Key Management Service (AWS KMS) key ID of the encryption key used to encrypt data in the cluster.
    -
    -
    -
    - master_username - -
    - string -
    -     		success -
    The master user name for the cluster.
    -
    -
    Sample:
    -
    admin
    -
    -
    - modify_status - -
    - string -
    -     		optional -
    The status of a modify operation.
    -
    -
    -
    - node_type - -
    - string -
    -     		success -
    The node type for nodes in the cluster.
    -
    -
    Sample:
    -
    ds2.xlarge
    -
    -
    - number_of_nodes - -
    - integer -
    -     		success -
    The number of compute nodes in the cluster.
    -
    -
    Sample:
    -
    12
    -
    -
    - pending_modified_values - -
    - dictionary -
    -     		success -
    A value that, if present, indicates that changes to the cluster are pending.
    -
    -
    -
    - preferred_maintenance_window - -
    - string -
    -     		success -
    The weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur.
    -
    -
    Sample:
    -
    tue:07:30-tue:08:00
    -
    -
    - publicly_accessible - -
    - boolean -
    -     		success -
    A Boolean value that, if true , indicates that the cluster can be accessed from a public network.
    -
    -
    Sample:
    -
    true|false
    -
    -
    - restore_status - -
    - dictionary -
    -     		success -
    A value that describes the status of a cluster restore action.
    -
    -
    -
    - tags - -
    - list -
    -     		success -
    The list of tags for the cluster.
    -
    -
    -
    - vpc_id - -
    - string -
    -     		success -
    The identifier of the VPC the cluster is in, if the cluster is in a VPC.
    -
    -
    Sample:
    -
    vpc-1234567
    -
    -
    - vpc_security_groups - -
    - list -
    -     		success -
    A list of VPC security groups the are associated with the cluster.
    -
    -
    Sample:
    -
    [{'status': 'active', 'vpc_security_group_id': 'sg-12cghhg'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jens Carl (@j-carl) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.redshift_subnet_group.rst b/docs/community.aws.redshift_subnet_group.rst deleted file mode 100644 index e53a5117fd0..00000000000 --- a/docs/community.aws.redshift_subnet_group.rst +++ /dev/null @@ -1,376 +0,0 @@ -:orphan: - -.. _community.aws.redshift_subnet_group_module: - - -*********************************** -community.aws.redshift_subnet_group -*********************************** - -**manage Redshift cluster subnet groups** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create, modifies, and deletes Redshift cluster subnet groups. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - group_description - -
    - string -
    -     		- -
    Database subnet group description.
    -

    aliases: description
    -
    -
    - group_name - -
    - string - / required
    -     		- -
    Cluster subnet group name.
    -

    aliases: name
    -
    -
    - group_subnets - -
    - list - / elements=string
    -     		- -
    List of subnet IDs that make up the cluster subnet group.
    -

    aliases: subnets
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the subnet should be present or absent.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a Redshift subnet group - community.aws.redshift_subnet_group: - state: present - group_name: redshift-subnet - group_description: Redshift subnet - group_subnets: - - 'subnet-aaaaa' - - 'subnet-bbbbb' - - - name: Remove subnet group - community.aws.redshift_subnet_group: - state: absent - group_name: redshift-subnet - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - group - -
    - complex -
    -     		success -
    dictionary containing all Redshift subnet group information
    -
    -
      -
    - name - -
    - string -
    -     		success -
    name of the Redshift subnet group
    -
    -
    Sample:
    -
    redshift_subnet_group_name
    -
      -
    - vpc_id - -
    - string -
    -     		success -
    Id of the VPC where the subnet is located
    -
    -
    Sample:
    -
    vpc-aabb1122
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Jens Carl (@j-carl), Hothead Games Inc. - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53.rst b/docs/community.aws.route53.rst deleted file mode 100644 index f59997c108f..00000000000 --- a/docs/community.aws.route53.rst +++ /dev/null @@ -1,985 +0,0 @@ -:orphan: - -.. _community.aws.route53_module: - - -********************* -community.aws.route53 -********************* - -**add or delete entries in Amazons Route53 DNS service** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates and deletes DNS records in Amazons Route53 service - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - alias - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates if this is an alias record.
    -
    -
    - alias_evaluate_target_health - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
    -
    -
    - alias_hosted_zone_id - -
    - string -
    -     		- -
    The hosted zone identifier.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - failover - -
    - string -
    -     		-
      Choices: -
    • SECONDARY
      • -
    • PRIMARY
      • -
    -     		-
    Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
    -
    -
    - health_check - -
    - string -
    -     		- -
    Health check to associate with this record
    -
    -
    - hosted_zone_id - -
    - string -
    -     		- -
    The Hosted Zone ID of the DNS zone to modify.
    -
    This is a required parameter, if parameter zone is not supplied.
    -
    -
    - identifier - -
    - string -
    -     		- -
    Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    -
    -
    - overwrite - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether an existing record should be overwritten on create if values do not match.
    -
    -
    - private_zone - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - record - -
    - string - / required
    -     		- -
    The full DNS record to create or delete.
    -
    -
    - region - -
    - string -
    -     		- -
    Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
    -
    -
    - retry_interval - -
    - integer -
    -     		- Default:
    500
    -     		-
    In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • get
      • -
    • create
      • -
    • delete
      • -
    -     		-
    Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.
    -

    aliases: command
    -
    -
    - ttl - -
    - integer -
    -     		- Default:
    3600
    -     		-
    The TTL, in second, to give the new record.
    -
    -
    - type - -
    - string - / required
    -     		-
      Choices: -
    • A
      • -
    • CNAME
      • -
    • MX
      • -
    • AAAA
      • -
    • TXT
      • -
    • PTR
      • -
    • SRV
      • -
    • SPF
      • -
    • CAA
      • -
    • NS
      • -
    • SOA
      • -
    -     		-
    The type of DNS record to create.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - value - -
    - list -
    -     		- -
    The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
    -
    When deleting a record all values for the record must be specified or Route53 will not delete it.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.
    -
    This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
    -
    -
    - wait - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
    -
    -
    - wait_timeout - -
    - integer -
    -     		- Default:
    300
    -     		-
    How long to wait for the changes to be replicated, in seconds.
    -
    -
    - weight - -
    - integer -
    -     		- -
    Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
    -
    -
    - zone - -
    - string -
    -     		- -
    The DNS zone to modify.
    -
    This is a required parameter, if parameter hosted_zone_id is not supplied.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated - community.aws.route53: - state: present - zone: foo.com - record: new.foo.com - type: A - ttl: 7200 - value: 1.1.1.1,2.2.2.2,3.3.3.3 - wait: yes - - - name: Update new.foo.com as an A record with a list of 3 IPs and wait until the changes have been replicated - community.aws.route53: - state: present - zone: foo.com - record: new.foo.com - type: A - ttl: 7200 - value: - - 1.1.1.1 - - 2.2.2.2 - - 3.3.3.3 - wait: yes - - - name: Retrieve the details for new.foo.com - community.aws.route53: - state: get - zone: foo.com - record: new.foo.com - type: A - register: rec - - - name: Delete new.foo.com A record using the results from the get command - community.aws.route53: - state: absent - zone: foo.com - record: "{{ rec.set.record }}" - ttl: "{{ rec.set.ttl }}" - type: "{{ rec.set.type }}" - value: "{{ rec.set.value }}" - - # Add an AAAA record. Note that because there are colons in the value - # that the IPv6 address must be quoted. Also shows using the old form command=create. - - name: Add an AAAA record - community.aws.route53: - command: create - zone: foo.com - record: localhost.foo.com - type: AAAA - ttl: 7200 - value: "::1" - - # For more information on SRV records see: - # https://en.wikipedia.org/wiki/SRV_record - - name: Add a SRV record with multiple fields for a service on port 22222 - community.aws.route53: - state: present - zone: foo.com - record: "_example-service._tcp.foo.com" - type: SRV - value: "0 0 22222 host1.foo.com,0 0 22222 host2.foo.com" - - # Note that TXT and SPF records must be surrounded - # by quotes when sent to Route 53: - - name: Add a TXT record. - community.aws.route53: - state: present - zone: foo.com - record: localhost.foo.com - type: TXT - ttl: 7200 - value: '"bar"' - - - name: Add an alias record that points to an Amazon ELB - community.aws.route53: - state: present - zone: foo.com - record: elb.foo.com - type: A - value: "{{ elb_dns_name }}" - alias: True - alias_hosted_zone_id: "{{ elb_zone_id }}" - - - name: Retrieve the details for elb.foo.com - community.aws.route53: - state: get - zone: foo.com - record: elb.foo.com - type: A - register: rec - - - name: Delete an alias record using the results from the get command - community.aws.route53: - state: absent - zone: foo.com - record: "{{ rec.set.record }}" - ttl: "{{ rec.set.ttl }}" - type: "{{ rec.set.type }}" - value: "{{ rec.set.value }}" - alias: True - alias_hosted_zone_id: "{{ rec.set.alias_hosted_zone_id }}" - - - name: Add an alias record that points to an Amazon ELB and evaluates it health - community.aws.route53: - state: present - zone: foo.com - record: elb.foo.com - type: A - value: "{{ elb_dns_name }}" - alias: True - alias_hosted_zone_id: "{{ elb_zone_id }}" - alias_evaluate_target_health: True - - - name: Add an AAAA record with Hosted Zone ID - community.aws.route53: - state: present - zone: foo.com - hosted_zone_id: Z2AABBCCDDEEFF - record: localhost.foo.com - type: AAAA - ttl: 7200 - value: "::1" - - - name: Use a routing policy to distribute traffic - community.aws.route53: - state: present - zone: foo.com - record: www.foo.com - type: CNAME - value: host1.foo.com - ttl: 30 - # Routing policy - identifier: "host1@www" - weight: 100 - health_check: "d994b780-3150-49fd-9205-356abdd42e75" - - - name: Add a CAA record (RFC 6844) - community.aws.route53: - state: present - zone: example.com - record: example.com - type: CAA - value: - - 0 issue "ca.example.net" - - 0 issuewild ";" - - 0 iodef "mailto:security@example.com" - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - nameservers - -
    - list -
    -     		when state is 'get' -
    Nameservers associated with the zone.
    -
    -
    Sample:
    -
    ['ns-1036.awsdns-00.org.', 'ns-516.awsdns-00.net.', 'ns-1504.awsdns-00.co.uk.', 'ns-1.awsdns-00.com.']
    -
    -
    - set - -
    - complex -
    -     		when state is 'get' -
    Info specific to the resource record.
    -
    -
      -
    - alias - -
    - boolean -
    -     		always -
    Whether this is an alias.
    -
    -
      -
    - failover - -
    - string -
    -     		always -
    Whether this is the primary or secondary resource record set.
    -
    -
    Sample:
    -
    PRIMARY
    -
      -
    - health_check - -
    - string -
    -     		always -
    health_check associated with this record.
    -
    -
      -
    - identifier - -
    - string -
    -     		always -
    An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    -
    -
      -
    - record - -
    - string -
    -     		always -
    Domain name for the record set.
    -
    -
    Sample:
    -
    new.foo.com.
    -
      -
    - region - -
    - string -
    -     		always -
    Which region this should be associated with for latency-based routing.
    -
    -
    Sample:
    -
    us-west-2
    -
      -
    - ttl - -
    - string -
    -     		always -
    Resource record cache TTL.
    -
    -
    Sample:
    -
    3600
    -
      -
    - type - -
    - string -
    -     		always -
    Resource record set type.
    -
    -
    Sample:
    -
    A
    -
      -
    - value - -
    - string -
    -     		always -
    Record value.
    -
    -
    Sample:
    -
    52.43.18.27
    -
      -
    - values - -
    - list -
    -     		always -
    Record Values.
    -
    -
    Sample:
    -
    ['52.43.18.27']
    -
      -
    - weight - -
    - string -
    -     		always -
    Weight of the record.
    -
    -
    Sample:
    -
    3
    -
      -
    - zone - -
    - string -
    -     		always -
    Zone this record set belongs to.
    -
    -
    Sample:
    -
    foo.bar.com.
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Bruce Pennypacker (@bpennypacker) -- Mike Buzzetti (@jimbydamonk) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53_health_check.rst b/docs/community.aws.route53_health_check.rst deleted file mode 100644 index d2c7ced3b07..00000000000 --- a/docs/community.aws.route53_health_check.rst +++ /dev/null @@ -1,423 +0,0 @@ -:orphan: - -.. _community.aws.route53_health_check_module: - - -********************************** -community.aws.route53_health_check -********************************** - -**Add or delete health-checks in Amazons Route53 DNS service** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates and deletes DNS Health checks in Amazons Route53 service. -- Only the port, resource_path, string_match and request_interval are considered when updating existing health-checks. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - failure_threshold - -
    - integer -
    -     		-
      Choices: -
    • 1
      • -
    • 2
      • -
    • 3 ←
      • -
    • 4
      • -
    • 5
      • -
    • 6
      • -
    • 7
      • -
    • 8
      • -
    • 9
      • -
    • 10
      • -
    -     		-
    The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
    -
    -
    - fqdn - -
    - string -
    -     		- -
    Domain name of the endpoint to check. Either this or ip_address has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
    -
    -
    - ip_address - -
    - string -
    -     		- -
    IP address of the end-point to check. Either this or fqdn has to be provided.
    -
    -
    - port - -
    - integer -
    -     		- -
    The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - request_interval - -
    - integer -
    -     		-
      Choices: -
    • 10
      • -
    • 30 ←
      • -
    -     		-
    The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
    -
    -
    - resource_path - -
    - string -
    -     		- -
    The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.
    -
    Required for all checks except TCP.
    -
    The path must begin with a /
    -
    Maximum 255 characters.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Specifies the action to take.
    -
    -
    - string_match - -
    - string -
    -     		- -
    If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
    -
    -
    - type - -
    - string - / required
    -     		-
      Choices: -
    • HTTP
      • -
    • HTTPS
      • -
    • HTTP_STR_MATCH
      • -
    • HTTPS_STR_MATCH
      • -
    • TCP
      • -
    -     		-
    The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create a health-check for host1.example.com and use it in record - community.aws.route53_health_check: - state: present - fqdn: host1.example.com - type: HTTP_STR_MATCH - resource_path: / - string_match: "Hello" - request_interval: 10 - failure_threshold: 2 - register: my_health_check - - - community.aws.route53: - action: create - zone: "example.com" - type: CNAME - record: "www.example.com" - value: host1.example.com - ttl: 30 - # Routing policy - identifier: "host1@www" - weight: 100 - health_check: "{{ my_health_check.health_check.id }}" - - - name: Delete health-check - community.aws.route53_health_check: - state: absent - fqdn: host1.example.com - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- zimbatm (@zimbatm) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53_info.rst b/docs/community.aws.route53_info.rst deleted file mode 100644 index e9d71c3f34c..00000000000 --- a/docs/community.aws.route53_info.rst +++ /dev/null @@ -1,536 +0,0 @@ -:orphan: - -.. _community.aws.route53_info_module: - - -************************** -community.aws.route53_info -************************** - -**Retrieves route53 details using AWS methods** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Gets various details related to Route53 zone, record set or health check details. -- This module was called ``route53_facts`` before Ansible 2.9. The usage did not change. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - change_id - -
    - string -
    -     		- -
    The ID of the change batch request.
    -
    The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
    -
    Required if query=change.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delegation_set_id - -
    - string -
    -     		- -
    The DNS Zone delegation set ID.
    -
    -
    - dns_name - -
    - string -
    -     		- -
    The first name in the lexicographic ordering of domain names that you want the list_command to start listing from.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - health_check_id - -
    - string -
    -     		- -
    The ID of the health check.
    -
    Required if query is set to health_check and health_check_method is set to details or status or failure_reason.
    -
    -
    - health_check_method - -
    - string -
    -     		-
      Choices: -
    • list ←
      • -
    • details
      • -
    • status
      • -
    • failure_reason
      • -
    • count
      • -
    • tags
      • -
    -     		-
    This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
    -
    -
    - hosted_zone_id - -
    - string -
    -     		- -
    The Hosted Zone ID of the DNS zone.
    -
    Required if query is set to hosted_zone and hosted_zone_method is set to details.
    -
    Required if query is set to record_sets.
    -
    -
    - hosted_zone_method - -
    - string -
    -     		-
      Choices: -
    • details
      • -
    • list ←
      • -
    • list_by_name
      • -
    • count
      • -
    • tags
      • -
    -     		-
    This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
    -
    -
    - max_items - -
    - string -
    -     		- -
    Maximum number of items to return for various get/list requests.
    -
    -
    - next_marker - -
    - string -
    -     		- -
    Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - query - -
    - string - / required
    -     		-
      Choices: -
    • change
      • -
    • checker_ip_range
      • -
    • health_check
      • -
    • hosted_zone
      • -
    • record_sets
      • -
    • reusable_delegation_set
      • -
    -     		-
    Specifies the query action to take.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - resource_id - -
    - list - / elements=string
    -     		- -
    The ID/s of the specified resource/s.
    -
    Required if query=health_check and health_check_method=tags.
    -
    Required if query=hosted_zone and hosted_zone_method=tags.
    -

    aliases: resource_ids
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - start_record_name - -
    - string -
    -     		- -
    The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from.
    -
    -
    - type - -
    - string -
    -     		-
      Choices: -
    • A
      • -
    • CNAME
      • -
    • MX
      • -
    • AAAA
      • -
    • TXT
      • -
    • PTR
      • -
    • SRV
      • -
    • SPF
      • -
    • CAA
      • -
    • NS
      • -
    -     		-
    The type of DNS record.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Simple example of listing all hosted zones - - name: List all hosted zones - community.aws.route53_info: - query: hosted_zone - register: hosted_zones - - # Getting a count of hosted zones - - name: Return a count of all hosted zones - community.aws.route53_info: - query: hosted_zone - hosted_zone_method: count - register: hosted_zone_count - - - name: List the first 20 resource record sets in a given hosted zone - community.aws.route53_info: - profile: account_name - query: record_sets - hosted_zone_id: ZZZ1111112222 - max_items: 20 - register: record_sets - - - name: List first 20 health checks - community.aws.route53_info: - query: health_check - health_check_method: list - max_items: 20 - register: health_checks - - - name: Get health check last failure_reason - community.aws.route53_info: - query: health_check - health_check_method: failure_reason - health_check_id: 00000000-1111-2222-3333-12345678abcd - register: health_check_failure_reason - - - name: Retrieve reusable delegation set details - community.aws.route53_info: - query: reusable_delegation_set - delegation_set_id: delegation id - register: delegation_sets - - - name: setup of example for using next_marker - community.aws.route53_info: - query: hosted_zone - max_items: 1 - register: first_info - - - name: example for using next_marker - community.aws.route53_info: - query: hosted_zone - next_marker: "{{ first_info.NextMarker }}" - max_items: 1 - when: "{{ 'NextMarker' in first_info }}" - - - name: retrieve host entries starting with host1.workshop.test.io - block: - - name: grab zone id - community.aws.route53_zone: - zone: "test.io" - register: AWSINFO - - - name: grab Route53 record information - community.aws.route53_info: - type: A - query: record_sets - hosted_zone_id: "{{ AWSINFO.zone_id }}" - start_record_name: "host1.workshop.test.io" - register: RECORDS - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Karen Cheng (@Etherdaemon) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.route53_zone.rst b/docs/community.aws.route53_zone.rst deleted file mode 100644 index cc7aea34529..00000000000 --- a/docs/community.aws.route53_zone.rst +++ /dev/null @@ -1,498 +0,0 @@ -:orphan: - -.. _community.aws.route53_zone_module: - - -************************** -community.aws.route53_zone -************************** - -**add or delete Route53 zones** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Creates and deletes Route53 private and public zones. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - comment - -
    - string -
    -     		- Default:
    ""
    -     		-
    Comment associated with the zone.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delegation_set_id - -
    - string -
    -     		- -
    The reusable delegation set ID to be associated with the zone.
    -
    Note that you can't associate a reusable delegation set with a private hosted zone.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - hosted_zone_id - -
    - string -
    -     		- -
    The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
    -
    Required if there are multiple zones identified with the above options.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether or not the zone should exist or not.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - vpc_id - -
    - string -
    -     		- -
    The VPC ID the zone should be a part of (if this is going to be a private zone).
    -
    -
    - vpc_region - -
    - string -
    -     		- -
    The VPC Region the zone should be a part of (if this is going to be a private zone).
    -
    -
    - zone - -
    - string - / required
    -     		- -
    The DNS zone record (eg: foo.com.)
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: create a public zone - community.aws.route53_zone: - zone: example.com - comment: this is an example - - - name: delete a public zone - community.aws.route53_zone: - zone: example.com - state: absent - - - name: create a private zone - community.aws.route53_zone: - zone: devel.example.com - vpc_id: '{{ myvpc_id }}' - vpc_region: us-west-2 - comment: developer domain - - - name: create a public zone associated with a specific reusable delegation set - community.aws.route53_zone: - zone: example.com - comment: reusable delegation set example - delegation_set_id: A1BCDEF2GHIJKL - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - comment - -
    - string -
    -     		when hosted zone exists -
    optional hosted zone comment
    -
    -
    Sample:
    -
    Private zone
    -
    -
    - delegation_set_id - -
    - string -
    -     		for public hosted zones, if they have been associated with a reusable delegation set -
    id of the associated reusable delegation set
    -
    -
    Sample:
    -
    A1BCDEF2GHIJKL
    -
    -
    - name - -
    - string -
    -     		when hosted zone exists -
    hosted zone name
    -
    -
    Sample:
    -
    private.local.
    -
    -
    - private_zone - -
    - boolean -
    -     		when hosted zone exists -
    whether hosted zone is private or public
    -
    -
    Sample:
    -
    True
    -
    -
    - vpc_id - -
    - string -
    -     		for private hosted zone -
    id of vpc attached to private hosted zone
    -
    -
    Sample:
    -
    vpc-1d36c84f
    -
    -
    - vpc_region - -
    - string -
    -     		for private hosted zone -
    region of vpc attached to private hosted zone
    -
    -
    Sample:
    -
    eu-west-1
    -
    -
    - zone_id - -
    - string -
    -     		when hosted zone exists -
    hosted zone id
    -
    -
    Sample:
    -
    Z6JQG9820BEFMW
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Christopher Troup (@minichate) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_bucket_notification.rst b/docs/community.aws.s3_bucket_notification.rst deleted file mode 100644 index 7107ff5fd62..00000000000 --- a/docs/community.aws.s3_bucket_notification.rst +++ /dev/null @@ -1,430 +0,0 @@ -:orphan: - -.. _community.aws.s3_bucket_notification_module: - - -************************************ -community.aws.s3_bucket_notification -************************************ - -**Creates, updates or deletes S3 Bucket notification for lambda** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This module allows the management of AWS Lambda function bucket event mappings via the Ansible framework. Use module :ref:`community.aws.lambda ` to manage the lambda function itself, :ref:`community.aws.lambda_alias ` to manage function aliases and :ref:`community.aws.lambda_policy ` to modify lambda permissions. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bucket_name - -
    - string - / required
    -     		- -
    S3 bucket name.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - event_name - -
    - string - / required
    -     		- -
    Unique name for event notification on bucket.
    -
    -
    - events - -
    - list - / elements=string
    -     		-
      Choices: -
    • s3:ObjectCreated:*
      • -
    • s3:ObjectCreated:Put
      • -
    • s3:ObjectCreated:Post
      • -
    • s3:ObjectCreated:Copy
      • -
    • s3:ObjectCreated:CompleteMultipartUpload
      • -
    • s3:ObjectRemoved:*
      • -
    • s3:ObjectRemoved:Delete
      • -
    • s3:ObjectRemoved:DeleteMarkerCreated
      • -
    • s3:ObjectRestore:Post
      • -
    • s3:ObjectRestore:Completed
      • -
    • s3:ReducedRedundancyLostObject
      • -
    -     		-
    Events that you want to be triggering notifications. You can select multiple events to send to the same destination, you can set up different events to send to different destinations, and you can set up a prefix or suffix for an event. However, for each bucket, individual events cannot have multiple configurations with overlapping prefixes or suffixes that could match the same object key.
    -
    Required when state=present.
    -
    -
    - lambda_alias - -
    - string -
    -     		- -
    Name of the Lambda function alias.
    -
    Mutually exclusive with lambda_version.
    -
    -
    - lambda_function_arn - -
    - string -
    -     		- -
    The ARN of the lambda function.
    -

    aliases: function_arn
    -
    -
    - lambda_version - -
    - integer -
    -     		- -
    Version of the Lambda function.
    -
    Mutually exclusive with lambda_alias.
    -
    -
    - prefix - -
    - string -
    -     		- -
    Optional prefix to limit the notifications to objects with keys that start with matching characters.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -
    -
    - suffix - -
    - string -
    -     		- -
    Optional suffix to limit the notifications to objects with keys that end with matching characters.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - This module heavily depends on :ref:`community.aws.lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - --- - # Example that creates a lambda event notification for a bucket - - name: Process jpg image - community.aws.s3_bucket_notification: - state: present - event_name: on_file_add_or_remove - bucket_name: test-bucket - function_name: arn:aws:lambda:us-east-2:526810320200:function:test-lambda - events: ["s3:ObjectCreated:*", "s3:ObjectRemoved:*"] - prefix: images/ - suffix: .jpg - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - notification_configuration - -
    - list -
    -     		success -
    list of currently applied notifications
    -
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- XLAB d.o.o. (@xlab-si) -- Aljaz Kosir (@aljazkosir) -- Miha Plesko (@miha-plesko) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_lifecycle.rst b/docs/community.aws.s3_lifecycle.rst deleted file mode 100644 index d686f7eebb5..00000000000 --- a/docs/community.aws.s3_lifecycle.rst +++ /dev/null @@ -1,579 +0,0 @@ -:orphan: - -.. _community.aws.s3_lifecycle_module: - - -************************** -community.aws.s3_lifecycle -************************** - -**Manage s3 bucket lifecycle rules in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage s3 bucket lifecycle rules in AWS - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- python >= 2.6 -- python-dateutil - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - expiration_date - -
    - string -
    -     		- -
    Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.
    -
    -
    - expiration_days - -
    - integer -
    -     		- -
    Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the s3 bucket
    -
    -
    - noncurrent_version_expiration_days - -
    - integer -
    -     		- -
    Delete noncurrent versions this many days after they become noncurrent
    -
    -
    - noncurrent_version_storage_class - -
    - string -
    -     		-
      Choices: -
    • glacier ←
      • -
    • onezone_ia
      • -
    • standard_ia
      • -
    -     		-
    Transition noncurrent versions to this storage class
    -
    -
    - noncurrent_version_transition_days - -
    - integer -
    -     		- -
    Transition noncurrent versions this many days after they become noncurrent
    -
    -
    - noncurrent_version_transitions - -
    - list -
    -     		- -
    A list of transition behaviors to be applied to noncurrent versions for the rule. Each storage class may be used only once. Each transition behavior contains these elements - transition_days - storage_class
    -
    -
    - prefix - -
    - string -
    -     		- -
    Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_transitions - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    "Whether to replace all the current transition(s) with the new transition(s). When false, the provided transition(s) will be added, replacing transitions with the same storage_class. When true, existing transitions will be removed and replaced with the new transition(s)
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - requester_pays - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The requester_pays option does nothing and will be removed after 2022-06-01
    -
    -
    - rule_id - -
    - string -
    -     		- -
    Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove the lifecycle rule
    -
    -
    - status - -
    - string -
    -     		-
      Choices: -
    • enabled ←
      • -
    • disabled
      • -
    -     		-
    If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
    -
    -
    - storage_class - -
    - string -
    -     		-
      Choices: -
    • glacier ←
      • -
    • onezone_ia
      • -
    • standard_ia
      • -
    -     		-
    The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
    -
    The 'standard_ia' class is only being available from Ansible version 2.2.
    -
    -
    - transition_date - -
    - string -
    -     		- -
    Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required."
    -
    -
    - transition_days - -
    - integer -
    -     		- -
    Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
    -
    -
    - transitions - -
    - list -
    -     		- -
    A list of transition behaviors to be applied to the rule. Each storage class may be used only once. Each transition behavior may contain these elements transition_days transition_date storage_class
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If specifying expiration time as days then transition time must also be specified in days - - If specifying expiration time as a date then transition time must also be specified as a date - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days - community.aws.s3_lifecycle: - name: mybucket - expiration_days: 30 - prefix: logs/ - status: enabled - state: present - - - name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier after 7 days and then delete after 90 days - community.aws.s3_lifecycle: - name: mybucket - transition_days: 7 - expiration_days: 90 - prefix: logs/ - status: enabled - state: present - - # Note that midnight GMT must be specified. - # Be sure to quote your date strings - - name: Configure a lifecycle rule to transition all items with a prefix of /logs/ to glacier on 31 Dec 2020 and then delete on 31 Dec 2030. - community.aws.s3_lifecycle: - name: mybucket - transition_date: "2020-12-30T00:00:00.000Z" - expiration_date: "2030-12-30T00:00:00.000Z" - prefix: logs/ - status: enabled - state: present - - - name: Disable the rule created above - community.aws.s3_lifecycle: - name: mybucket - prefix: logs/ - status: disabled - state: present - - - name: Delete the lifecycle rule created above - community.aws.s3_lifecycle: - name: mybucket - prefix: logs/ - state: absent - - - name: Configure a lifecycle rule to transition all backup files older than 31 days in /backups/ to standard infrequent access class. - community.aws.s3_lifecycle: - name: mybucket - prefix: backups/ - storage_class: standard_ia - transition_days: 31 - state: present - status: enabled - - - name: Configure a lifecycle rule to transition files to infrequent access after 30 days and glacier after 90 - community.aws.s3_lifecycle: - name: mybucket - prefix: logs/ - state: present - status: enabled - transitions: - - transition_days: 30 - storage_class: standard_ia - - transition_days: 90 - storage_class: glacier - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_logging.rst b/docs/community.aws.s3_logging.rst deleted file mode 100644 index f9e897ae21a..00000000000 --- a/docs/community.aws.s3_logging.rst +++ /dev/null @@ -1,308 +0,0 @@ -:orphan: - -.. _community.aws.s3_logging_module: - - -************************ -community.aws.s3_logging -************************ - -**Manage logging facility of an s3 bucket in AWS** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Manage logging facility of an s3 bucket in AWS - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- python >= 2.6 -- boto - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the s3 bucket.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Enable or disable logging.
    -
    -
    - target_bucket - -
    - string -
    -     		- -
    The bucket to log to. Required when state=present.
    -
    -
    - target_prefix - -
    - string -
    -     		- Default:
    ""
    -     		-
    The prefix that should be prepended to the generated log files written to the target_bucket.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Enable logging of s3 bucket mywebsite.com to s3 bucket mylogs - community.aws.s3_logging: - name: mywebsite.com - target_bucket: mylogs - target_prefix: logs/mywebsite.com - state: present - - - name: Remove logging on an s3 bucket - community.aws.s3_logging: - name: mywebsite.com - state: absent - - - - - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_sync.rst b/docs/community.aws.s3_sync.rst deleted file mode 100644 index 48065f84c1c..00000000000 --- a/docs/community.aws.s3_sync.rst +++ /dev/null @@ -1,580 +0,0 @@ -:orphan: - -.. _community.aws.s3_sync_module: - - -********************* -community.aws.s3_sync -********************* - -**Efficiently upload multiple files to S3** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- The S3 module is great, but it is very slow for a large volume of files- even a dozen will be noticeable. In addition to speed, it handles globbing, inclusions/exclusions, mime types, expiration mapping, recursion, cache control and smart directory mapping. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 >= 1.4.4 -- botocore -- python >= 2.6 -- python-dateutil - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - bucket - -
    - string - / required
    -     		- -
    Bucket name.
    -
    -
    - cache_control - -
    - string -
    -     		- -
    Cache-Control header set on uploaded objects.
    -
    Directives are separated by commas.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delete - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Remove remote files that exist in bucket but are not present in the file root.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - exclude - -
    - string -
    -     		- Default:
    ".*"
    -     		-
    Shell pattern-style file matching.
    -
    Used after include to remove files (for instance, skip "*.txt")
    -
    For multiple patterns, comma-separate them.
    -
    -
    - file_change_strategy - -
    - string -
    -     		-
      Choices: -
    • force
      • -
    • checksum
      • -
    • date_size ←
      • -
    -     		-
    Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.
    -
    date_size will upload if file sizes don't match or if local file modified date is newer than s3's version
    -
    checksum will compare etag values based on s3's implementation of chunked md5s.
    -
    force will always upload all files.
    -
    -
    - file_root - -
    - path - / required
    -     		- -
    File/directory path for synchronization. This is a local path.
    -
    This root path is scrubbed from the key name, so subdirectories will remain as keys.
    -
    -
    - include - -
    - string -
    -     		- Default:
    "*"
    -     		-
    Shell pattern-style file matching.
    -
    Used before exclude to determine eligible files (for instance, only "*.gif")
    -
    For multiple patterns, comma-separate them.
    -
    -
    - key_prefix - -
    - string -
    -     		- -
    In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
    -
    -
    - mime_map - -
    - dictionary -
    -     		- -
    Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example {".txt": "application/text", ".yml": "application/text"}
    -
    -
    - mode - -
    - string -
    -     		-
      Choices: -
    • push ←
      • -
    -     		-
    sync direction.
    -
    -
    - permission - -
    - string -
    -     		-
      Choices: -
    • private
      • -
    • public-read
      • -
    • public-read-write
      • -
    • authenticated-read
      • -
    • aws-exec-read
      • -
    • bucket-owner-read
      • -
    • bucket-owner-full-control
      • -
    -     		-
    Canned ACL to apply to synced files.
    -
    Changing this ACL only changes newly synced files, it does not trigger a full reupload.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - retries - -
    - string -
    -     		- -
    The retries option does nothing and will be removed after 2022-06-01
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: basic upload - community.aws.s3_sync: - bucket: tedder - file_root: roles/s3/files/ - - - name: all the options - community.aws.s3_sync: - bucket: tedder - file_root: roles/s3/files - mime_map: - .yml: application/text - .json: application/text - key_prefix: config_files/web - file_change_strategy: force - permission: public-read - cache_control: "public, max-age=31536000" - include: "*" - exclude: "*.txt,.*" - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - filelist_actionable - -
    - list -
    -     		always -
    file listing (dicts) of files that will be uploaded after the strategy decision
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477931256, 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931256 / 1477929260'}]
    -
    -
    - filelist_initial - -
    - list -
    -     		always -
    file listing (dicts) from initial globbing
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'modified_epoch': 1477416706}]
    -
    -
    - filelist_local_etag - -
    - list -
    -     		always -
    file listing (dicts) including calculated local etag
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    -
    -
    - filelist_s3 - -
    - list -
    -     		always -
    file listing (dicts) including information about previously-uploaded versions
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    -
    -
    - filelist_typed - -
    - list -
    -     		always -
    file listing (dicts) with calculated or overridden mime types
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706}]
    -
    -
    - uploaded - -
    - list -
    -     		always -
    file listing (dicts) of files that were actually uploaded
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931637 / 1477931489'}]
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Ted Timmons (@tedder) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.s3_website.rst b/docs/community.aws.s3_website.rst deleted file mode 100644 index af8606e2b26..00000000000 --- a/docs/community.aws.s3_website.rst +++ /dev/null @@ -1,644 +0,0 @@ -:orphan: - -.. _community.aws.s3_website_module: - - -************************ -community.aws.s3_website -************************ - -**Configure an s3 bucket as a website** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Configure an s3 bucket as a website - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - error_key - -
    - string -
    -     		- -
    The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the s3 bucket
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - redirect_all_requests - -
    - string -
    -     		- -
    Describes the redirect behavior for every request to this s3 bucket website endpoint
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Add or remove s3 website configuration
    -
    -
    - suffix - -
    - string -
    -     		- Default:
    "index.html"
    -     		-
    Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - - name: Configure an s3 bucket to redirect all requests to example.com - community.aws.s3_website: - name: mybucket.com - redirect_all_requests: example.com - state: present - - - name: Remove website configuration from an s3 bucket - community.aws.s3_website: - name: mybucket.com - state: absent - - - name: Configure an s3 bucket as a website with index and error pages - community.aws.s3_website: - name: mybucket.com - suffix: home.htm - error_key: errors/404.htm - state: present - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - error_document - -
    - complex -
    -     		always -
    error document
    -
    -
      -
    - key - -
    - string -
    -     		when error_document parameter set -
    object key name to use when a 4XX class error occurs
    -
    -
    Sample:
    -
    error.html
    -
    -
    - index_document - -
    - complex -
    -     		always -
    index document
    -
    -
      -
    - suffix - -
    - string -
    -     		success -
    suffix that is appended to a request that is for a directory on the website endpoint
    -
    -
    Sample:
    -
    index.html
    -
    -
    - redirect_all_requests_to - -
    - complex -
    -     		always -
    where to redirect requests
    -
    -
      -
    - host_name - -
    - string -
    -     		when redirect all requests parameter set -
    name of the host where requests will be redirected.
    -
    -
    Sample:
    -
    ansible.com
    -
      -
    - protocol - -
    - string -
    -     		when redirect all requests parameter set -
    protocol to use when redirecting requests.
    -
    -
    Sample:
    -
    https
    -
    -
    - routing_rules - -
    - list -
    -     		always -
    routing rules
    -
    -
      -
    - condition - -
    - complex -
    -     		-
    A container for describing a condition that must be met for the specified redirect to apply.
    -
    -
       -
    - http_error_code_returned_equals - -
    - string -
    -     		always -
    The HTTP error code when the redirect is applied.
    -
    -
       -
    - key_prefix_equals - -
    - string -
    -     		when routing rule present -
    object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html
    -
    -
    Sample:
    -
    docs/
    -
      -
    - redirect - -
    - complex -
    -     		always -
    Container for redirect information.
    -
    -
       -
    - host_name - -
    - string -
    -     		when host name set as part of redirect rule -
    name of the host where requests will be redirected.
    -
    -
    Sample:
    -
    ansible.com
    -
       -
    - http_redirect_code - -
    - string -
    -     		when routing rule present -
    The HTTP redirect code to use on the response.
    -
    -
       -
    - protocol - -
    - string -
    -     		when routing rule present -
    Protocol to use when redirecting requests.
    -
    -
    Sample:
    -
    http
    -
       -
    - replace_key_prefix_with - -
    - string -
    -     		when routing rule present -
    object key prefix to use in the redirect request
    -
    -
    Sample:
    -
    documents/
    -
       -
    - replace_key_with - -
    - string -
    -     		when routing rule present -
    object key prefix to use in the redirect request
    -
    -
    Sample:
    -
    documents/
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Rob White (@wimnat) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sns.rst b/docs/community.aws.sns.rst deleted file mode 100644 index 8f1a2d98661..00000000000 --- a/docs/community.aws.sns.rst +++ /dev/null @@ -1,511 +0,0 @@ -:orphan: - -.. _community.aws.sns_module: - - -***************** -community.aws.sns -***************** - -**Send Amazon Simple Notification Service messages** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Sends a notification to a topic on your Amazon SNS account. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - application - -
    - string -
    -     		- -
    Message to send to application subscriptions.
    -
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - email - -
    - string -
    -     		- -
    Message to send to email subscriptions.
    -
    -
    - email_json - -
    - string -
    -     		- -
    Message to send to email-json subscriptions.
    -
    -
    - http - -
    - string -
    -     		- -
    Message to send to HTTP subscriptions.
    -
    -
    - https - -
    - string -
    -     		- -
    Message to send to HTTPS subscriptions.
    -
    -
    - lambda - -
    - string -
    -     		- -
    Message to send to Lambda subscriptions.
    -
    -
    - message_attributes - -
    - dictionary -
    -     		- -
    Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
    -
    This is in AWS's distinct Name/Type/Value format; see example below.
    -
    -
    - message_structure - -
    - string -
    -     		-
      Choices: -
    • json ←
      • -
    • string
      • -
    -     		-
    The payload format to use for the message.
    -
    This must be 'json' to support protocol-specific messages (http, https, email, sms, sqs).
    -
    It must be 'string' to support message_attributes.
    -
    -
    - msg - -
    - string - / required
    -     		- -
    Default message for subscriptions without a more specific message.
    -

    aliases: default
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - sms - -
    - string -
    -     		- -
    Message to send to SMS subscriptions.
    -
    -
    - sqs - -
    - string -
    -     		- -
    Message to send to SQS subscriptions.
    -
    -
    - subject - -
    - string -
    -     		- -
    Message subject
    -
    -
    - topic - -
    - string - / required
    -     		- -
    The name or ARN of the topic to publish to.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Send default notification message via SNS - community.aws.sns: - msg: '{{ inventory_hostname }} has completed the play.' - subject: Deploy complete! - topic: deploy - delegate_to: localhost - - - name: Send notification messages via SNS with short message for SMS - community.aws.sns: - msg: '{{ inventory_hostname }} has completed the play.' - sms: deployed! - subject: Deploy complete! - topic: deploy - delegate_to: localhost - - - name: Send message with message_attributes - community.aws.sns: - topic: "deploy" - msg: "message with extra details!" - message_attributes: - channel: - data_type: String - string_value: "mychannel" - color: - data_type: String - string_value: "green" - delegate_to: localhost - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - message_id - -
    - string -
    -     		when success -
    The message ID of the submitted message
    -
    -
    Sample:
    -
    2f681ef0-6d76-5c94-99b2-4ae3996ce57b
    -
    -
    - msg - -
    - string -
    -     		always -
    Human-readable diagnostic information
    -
    -
    Sample:
    -
    OK
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Michael J. Schultz (@mjschultz) -- Paul Arthur (@flowerysong) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sns_topic.rst b/docs/community.aws.sns_topic.rst deleted file mode 100644 index 3a7b464ce7e..00000000000 --- a/docs/community.aws.sns_topic.rst +++ /dev/null @@ -1,776 +0,0 @@ -:orphan: - -.. _community.aws.sns_topic_module: - - -*********************** -community.aws.sns_topic -*********************** - -**Manages AWS SNS topics and subscriptions** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- The :ref:`community.aws.sns_topic ` module allows you to create, delete, and manage subscriptions for AWS SNS topics. -- As of 2.6, this module can be use to subscribe and unsubscribe to topics outside of your AWS account. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delivery_policy - -
    - dictionary -
    -     		- -
    Delivery policy to apply to the SNS topic.
    -
    -
    - display_name - -
    - string -
    -     		- -
    Display name of the topic.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - name - -
    - string - / required
    -     		- -
    The name or ARN of the SNS topic to manage.
    -
    -
    - policy - -
    - dictionary -
    -     		- -
    Policy to apply to the SNS topic.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_subscriptions - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    Whether to create or destroy an SNS topic.
    -
    -
    - subscriptions - -
    - list - / elements=dictionary
    -     		- Default:
    []
    -     		-
    List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
    -
    -
    - endpoint - -
    - - - / required
    -     		- -
    Endpoint of subscription.
    -
    -
    - protocol - -
    - - - / required
    -     		- -
    Protocol of subscription.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - - name: Create alarm SNS topic - community.aws.sns_topic: - name: "alarms" - state: present - display_name: "alarm SNS topic" - delivery_policy: - http: - defaultHealthyRetryPolicy: - minDelayTarget: 2 - maxDelayTarget: 4 - numRetries: 3 - numMaxDelayRetries: 5 - backoffFunction: "" - disableSubscriptionOverrides: True - defaultThrottlePolicy: - maxReceivesPerSecond: 10 - subscriptions: - - endpoint: "my_email_address@example.com" - protocol: "email" - - endpoint: "my_mobile_number" - protocol: "sms" - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - community.aws.sns_topic - -
    - complex -
    -     		always -
    Dict of sns topic details
    -
    -
      -
    - attributes_set - -
    - list -
    -     		always -
    list of attributes set during this run
    -
    -
      -
    - check_mode - -
    - boolean -
    -     		always -
    whether check mode was on
    -
    -
      -
    - delivery_policy - -
    - string -
    -     		when topic is owned by this AWS account -
    Delivery policy for the SNS topic
    -
    -
    Sample:
    -
    {"http":{"defaultHealthyRetryPolicy":{"minDelayTarget":20,"maxDelayTarget":20,"numRetries":3,"numMaxDelayRetries":0, "numNoDelayRetries":0,"numMinDelayRetries":0,"backoffFunction":"linear"},"disableSubscriptionOverrides":false}}
    -
      -
    - display_name - -
    - string -
    -     		when topic is owned by this AWS account -
    Display name for SNS topic
    -
    -
    Sample:
    -
    My topic name
    -
      -
    - name - -
    - string -
    -     		always -
    Topic name
    -
    -
    Sample:
    -
    ansible-test-dummy-topic
    -
      -
    - owner - -
    - string -
    -     		when topic is owned by this AWS account -
    AWS account that owns the topic
    -
    -
    Sample:
    -
    111111111111
    -
      -
    - policy - -
    - string -
    -     		when topic is owned by this AWS account -
    Policy for the SNS topic
    -
    -
    Sample:
    -
    {"Version":"2012-10-17","Id":"SomePolicyId","Statement":[{"Sid":"ANewSid","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111111111111:root"}, "Action":"sns:Subscribe","Resource":"arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic","Condition":{"StringEquals":{"sns:Protocol":"email"}}}]}
    -
      -
    - state - -
    - string -
    -     		always -
    whether the topic is present or absent
    -
    -
    Sample:
    -
    present
    -
      -
    - subscriptions - -
    - list -
    -     		always -
    List of subscribers to the topic in this AWS account
    -
    -
      -
    - subscriptions_added - -
    - list -
    -     		always -
    List of subscribers added in this run
    -
    -
      -
    - subscriptions_confirmed - -
    - string -
    -     		when topic is owned by this AWS account -
    Count of confirmed subscriptions
    -
    -
    Sample:
    -
    0
    -
      -
    - subscriptions_deleted - -
    - string -
    -     		when topic is owned by this AWS account -
    Count of deleted subscriptions
    -
    -
    Sample:
    -
    0
    -
      -
    - subscriptions_existing - -
    - list -
    -     		always -
    List of existing subscriptions
    -
    -
      -
    - subscriptions_new - -
    - list -
    -     		always -
    List of new subscriptions
    -
    -
      -
    - subscriptions_pending - -
    - string -
    -     		when topic is owned by this AWS account -
    Count of pending subscriptions
    -
    -
    Sample:
    -
    0
    -
      -
    - subscriptions_purge - -
    - boolean -
    -     		always -
    Whether or not purge_subscriptions was set
    -
    -
    Sample:
    -
    True
    -
      -
    - topic_arn - -
    - string -
    -     		when topic is owned by this AWS account -
    ARN of the SNS topic (equivalent to sns_arn)
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic
    -
      -
    - topic_created - -
    - boolean -
    -     		always -
    Whether the topic was created
    -
    -
      -
    - topic_deleted - -
    - boolean -
    -     		always -
    Whether the topic was deleted
    -
    -
    -
    - sns_arn - -
    - string -
    -     		always -
    The ARN of the topic you are modifying
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-2:111111111111:my_topic_name
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Joel Thompson (@joelthompson) -- Fernando Jose Pando (@nand0p) -- Will Thames (@willthames) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sqs_queue.rst b/docs/community.aws.sqs_queue.rst deleted file mode 100644 index 5116099ba41..00000000000 --- a/docs/community.aws.sqs_queue.rst +++ /dev/null @@ -1,759 +0,0 @@ -:orphan: - -.. _community.aws.sqs_queue_module: - - -*********************** -community.aws.sqs_queue -*********************** - -**Creates or deletes AWS SQS queues.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Create or delete AWS SQS queues. -- Update attributes on existing queues. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - content_based_deduplication - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enables content-based deduplication. Used for FIFOs only.
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - delay_seconds - -
    - integer -
    -     		- -
    The delivery delay in seconds.
    -

    aliases: delivery_delay
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - kms_data_key_reuse_period_seconds - -
    - integer -
    -     		- -
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    -

    aliases: kms_data_key_reuse_period
    -
    -
    - kms_master_key_id - -
    - string -
    -     		- -
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    -
    -
    - maximum_message_size - -
    - integer -
    -     		- -
    The maximum message size in bytes.
    -
    -
    - message_retention_period - -
    - integer -
    -     		- -
    The message retention period in seconds.
    -
    -
    - name - -
    - string - / required
    -     		- -
    Name of the queue.
    -
    -
    - policy - -
    - dictionary -
    -     		- -
    The JSON dict policy to attach to queue.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - purge_tags - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Remove tags not listed in tags.
    -
    -
    - queue_type - -
    - string -
    -     		-
      Choices: -
    • standard ←
      • -
    • fifo
      • -
    -     		-
    Standard or FIFO queue.
    -
    queue_type can only be set at queue creation and will otherwise be ignored.
    -
    -
    - receive_message_wait_time_seconds - -
    - integer -
    -     		- -
    The receive message wait time in seconds.
    -

    aliases: receive_message_wait_time
    -
    -
    - redrive_policy - -
    - dictionary -
    -     		- -
    JSON dict with the redrive_policy (see example).
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - state - -
    - string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete the queue.
    -
    -
    - tags - -
    - dictionary -
    -     		- -
    Tag dict to apply to the queue (requires botocore 1.5.40 or above).
    -
    To remove all tags set tags={} and purge_tags=true.
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - visibility_timeout - -
    - integer -
    -     		- -
    The default visibility timeout in seconds.
    -

    aliases: default_visibility_timeout
    -
    -
    - - -Notes ------ - -.. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - - name: Create SQS queue with redrive policy - community.aws.sqs_queue: - name: my-queue - region: ap-southeast-2 - default_visibility_timeout: 120 - message_retention_period: 86400 - maximum_message_size: 1024 - delivery_delay: 30 - receive_message_wait_time: 20 - policy: "{{ json_dict }}" - redrive_policy: - maxReceiveCount: 5 - deadLetterTargetArn: arn:aws:sqs:eu-west-1:123456789012:my-dead-queue - - - name: Drop redrive policy - community.aws.sqs_queue: - name: my-queue - region: ap-southeast-2 - redrive_policy: {} - - - name: Create FIFO queue - community.aws.sqs_queue: - name: fifo-queue - region: ap-southeast-2 - queue_type: fifo - content_based_deduplication: yes - - - name: Tag queue - community.aws.sqs_queue: - name: fifo-queue - region: ap-southeast-2 - tags: - example: SomeValue - - - name: Configure Encryption, automatically uses a new data key every hour - community.aws.sqs_queue: - name: fifo-queue - region: ap-southeast-2 - kms_master_key_id: alias/MyQueueKey - kms_data_key_reuse_period_seconds: 3600 - - - name: Delete SQS queue - community.aws.sqs_queue: - name: my-queue - region: ap-southeast-2 - state: absent - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - content_based_deduplication - -
    - boolean -
    -     		always -
    Enables content-based deduplication. Used for FIFOs only.
    -
    -
    Sample:
    -
    True
    -
    -
    - delay_seconds - -
    - integer -
    -     		always -
    The delivery delay in seconds.
    -
    -
    -
    - kms_data_key_reuse_period_seconds - -
    - integer -
    -     		always -
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    -
    -
    Sample:
    -
    300
    -
    -
    - kms_master_key_id - -
    - string -
    -     		always -
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    -
    -
    Sample:
    -
    alias/MyAlias
    -
    -
    - maximum_message_size - -
    - integer -
    -     		always -
    The maximum message size in bytes.
    -
    -
    Sample:
    -
    262144
    -
    -
    - message_retention_period - -
    - integer -
    -     		always -
    The message retention period in seconds.
    -
    -
    Sample:
    -
    345600
    -
    -
    - name - -
    - string -
    -     		always -
    Name of the SQS Queue
    -
    -
    Sample:
    -
    queuename-987d2de0
    -
    -
    - queue_arn - -
    - string -
    -     		on success -
    The queue's Amazon resource name (ARN).
    -
    -
    Sample:
    -
    arn:aws:sqs:us-east-1:199999999999:queuename-987d2de0
    -
    -
    - queue_url - -
    - string -
    -     		on success -
    URL to access the queue
    -
    -
    Sample:
    -
    https://queue.amazonaws.com/123456789012/MyQueue
    -
    -
    - receive_message_wait_time_seconds - -
    - integer -
    -     		always -
    The receive message wait time in seconds.
    -
    -
    -
    - region - -
    - string -
    -     		always -
    Region that the queue was created within
    -
    -
    Sample:
    -
    us-east-1
    -
    -
    - tags - -
    - dictionary -
    -     		always -
    List of queue tags
    -
    -
    Sample:
    -
    {"Env": "prod"}
    -
    -
    - visibility_timeout - -
    - integer -
    -     		always -
    The default visibility timeout in seconds.
    -
    -
    Sample:
    -
    30
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Alan Loi (@loia) -- Fernando Jose Pando (@nand0p) -- Nadir Lloret (@nadirollo) -- Dennis Podkovyrin (@sbj-ss) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sts_assume_role.rst b/docs/community.aws.sts_assume_role.rst deleted file mode 100644 index 5228395856b..00000000000 --- a/docs/community.aws.sts_assume_role.rst +++ /dev/null @@ -1,422 +0,0 @@ -:orphan: - -.. _community.aws.sts_assume_role_module: - - -***************************** -community.aws.sts_assume_role -***************************** - -**Assume a role using AWS Security Token Service and obtain temporary credentials** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Assume a role using AWS Security Token Service and obtain temporary credentials. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - duration_seconds - -
    - integer -
    -     		- -
    The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
    -
    The max depends on the IAM role's sessions duration setting.
    -
    By default, the value is set to 3600 seconds.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - external_id - -
    - string -
    -     		- -
    A unique identifier that is used by third parties to assume a role in their customers' accounts.
    -
    -
    - mfa_serial_number - -
    - string -
    -     		- -
    The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
    -
    -
    - mfa_token - -
    - string -
    -     		- -
    The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
    -
    -
    - policy - -
    - string -
    -     		- -
    Supplemental policy to use in addition to assumed role's policies.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - role_arn - -
    - string - / required
    -     		- -
    The Amazon Resource Name (ARN) of the role that the caller is assuming https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs.
    -
    -
    - role_session_name - -
    - string - / required
    -     		- -
    Name of the role's session - will be used by CloudTrail.
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) - - community.aws.sts_assume_role: - role_arn: "arn:aws:iam::123456789012:role/someRole" - role_session_name: "someRoleSession" - register: assumed_role - - # Use the assumed role above to tag an instance in account 123456789012 - - amazon.aws.ec2_tag: - aws_access_key: "{{ assumed_role.sts_creds.access_key }}" - aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}" - security_token: "{{ assumed_role.sts_creds.session_token }}" - resource: i-xyzxyz01 - state: present - tags: - MyNewTag: value - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    True if obtaining the credentials succeeds
    -
    -
    -
    - sts_creds - -
    - dictionary -
    -     		always -
    The temporary security credentials, which include an access key ID, a secret access key, and a security (or session) token
    -
    -
    Sample:
    -
    {'access_key': 'XXXXXXXXXXXXXXXXXXXX', 'expiration': '2017-11-11T11:11:11+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    -
    -
    - sts_user - -
    - dictionary -
    -     		always -
    The Amazon Resource Name (ARN) and the assumed role ID
    -
    -
    Sample:
    -
    {'assumed_role_id': 'arn:aws:sts::123456789012:assumed-role/demo/Bob', 'arn': 'ARO123EXAMPLE123:Bob'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Boris Ekelchik (@bekelchik) -- Marek Piatek (@piontas) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/community.aws.sts_session_token.rst b/docs/community.aws.sts_session_token.rst deleted file mode 100644 index 29f1c51e932..00000000000 --- a/docs/community.aws.sts_session_token.rst +++ /dev/null @@ -1,342 +0,0 @@ -:orphan: - -.. _community.aws.sts_session_token_module: - - -******************************* -community.aws.sts_session_token -******************************* - -**Obtain a session token from the AWS Security Token Service** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- Obtain a session token from the AWS Security Token Service. - - - -Requirements ------------- -The below requirements are needed on the host that executes this module. - -- boto -- boto3 -- botocore -- python >= 2.6 - - -Parameters ----------- - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ParameterChoices/DefaultsComments
    -
    - aws_access_key - -
    - string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    -
    - aws_config - -
    - dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    -
    - aws_secret_key - -
    - string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    -
    - debug_botocore_endpoint_logs - -
    - boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    -
    - duration_seconds - -
    - integer -
    -     		- -
    The duration, in seconds, of the session token. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
    -
    -
    - ec2_url - -
    - string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    -
    - mfa_serial_number - -
    - string -
    -     		- -
    The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
    -
    -
    - mfa_token - -
    - string -
    -     		- -
    The value provided by the MFA device, if the trust policy of the user requires MFA.
    -
    -
    - profile - -
    - string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    -
    - region - -
    - string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    -
    - security_token - -
    - string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    -
    - validate_certs - -
    - boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    -
    - - -Notes ------ - -.. note:: - - In order to use the session token in a following playbook task you must pass the *access_key*, *access_secret* and *access_token*. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` - - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file - - - -Examples --------- - -.. code-block:: yaml+jinja - - - # Note: These examples do not set authentication details, see the AWS Guide for details. - - # (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) - - name: Get a session token - community.aws.sts_session_token: - duration_seconds: 3600 - register: session_credentials - - - name: Use the session token obtained above to tag an instance in account 123456789012 - amazon.aws.ec2_tag: - aws_access_key: "{{ session_credentials.sts_creds.access_key }}" - aws_secret_key: "{{ session_credentials.sts_creds.secret_key }}" - security_token: "{{ session_credentials.sts_creds.session_token }}" - resource: i-xyzxyz01 - state: present - tags: - MyNewTag: value - - - - - -Return Values -------------- -Common return values are documented `here `_, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
    KeyReturnedDescription
    -
    - changed - -
    - boolean -
    -     		always -
    True if obtaining the credentials succeeds
    -
    -
    -
    - sts_creds - -
    - list -
    -     		always -
    The Credentials object returned by the AWS Security Token Service
    -
    -
    Sample:
    -
    {'access_key': 'ASXXXXXXXXXXXXXXXXXX', 'expiration': '2016-04-08T11:59:47+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    -
    -

    - - -Status ------- - - -Authors -~~~~~~~ - -- Victor Costan (@pwnall) - - -.. hint:: - Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. From afe026f9f22f301851e1a01d7410dc19112d1dd0 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 2 Jul 2020 23:52:05 -0700 Subject: [PATCH 032/129] Branch rename readme (#125) * Update readme links for new default branch * ci_complete --- README.md | 350 ++++++++++++++++++++++++++--------------------------- galaxy.yml | 2 +- 2 files changed, 176 insertions(+), 176 deletions(-) diff --git a/README.md b/README.md index 783bbe19e1d..b3a6ddaff73 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # Community AWS Collection -[![Shippable build status](https://api.shippable.com/projects//5e5ed2ae0fcc0d0006d2c037badge?branch=master)](https://api.shippable.com/projects/i5e5ed2ae0fcc0d0006d2c037/badge?branch=master) +[![Shippable build status](https://api.shippable.com/projects//5e5ed2ae0fcc0d0006d2c037badge?branch=main)](https://api.shippable.com/projects/i5e5ed2ae0fcc0d0006d2c037/badge?branch=main) The Ansible Community AWS collection includes a variety of Ansible content to help automate the management of AWS instances. This collection is maintained by the Ansible community. @@ -19,183 +19,183 @@ PEP440 is the schema used to describe the versions of Ansible. ### Connection plugins Name | Description --- | --- -[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm_connection.rst)|execute via AWS Systems Manager +[community.aws.aws_ssm](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_ssm_connection.rst)|execute via AWS Systems Manager ### Modules Name | Description --- | --- -[community.aws.aws_acm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm_module.rst)|Upload and delete certificates in the AWS Certificate Manager service -[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_acm_info_module.rst)|Retrieve certificate information from AWS Certificate Manager service -[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_api_gateway_module.rst)|Manage AWS API Gateway APIs -[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_application_scaling_policy_module.rst)|Manage Application Auto Scaling Scaling Policies -[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_compute_environment_module.rst)|Manage AWS Batch Compute Environments -[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_definition_module.rst)|Manage AWS Batch Job Definitions -[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_batch_job_queue_module.rst)|Manage AWS Batch Job Queues -[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codebuild_module.rst)|Create or delete an AWS CodeBuild project -[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codecommit_module.rst)|Manage repositories in AWS CodeCommit -[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_codepipeline_module.rst)|Create or delete AWS CodePipelines -[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregation_authorization_module.rst)|Manage cross-account AWS Config authorizations -[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_aggregator_module.rst)|Manage AWS Config aggregations across multiple accounts -[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_delivery_channel_module.rst)|Manage AWS Config delivery channels -[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_recorder_module.rst)|Manage AWS Config Recorders -[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_config_rule_module.rst)|Manage AWS Config resources -[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_connection_module.rst)|Creates, deletes, modifies a DirectConnect connection -[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_gateway_module.rst)|Manage AWS Direct Connect gateway -[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst)|Manage Direct Connect LAG bundles -[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_direct_connect_virtual_interface_module.rst)|Manage Direct Connect virtual interfaces -[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_eks_cluster_module.rst)|Manage Elastic Kubernetes Service Clusters -[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_elasticbeanstalk_app_module.rst)|Create, update, and delete an elastic beanstalk application -[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_connection_module.rst)|Manage an AWS Glue connection -[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_glue_job_module.rst)|Manage an AWS Glue job -[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_inspector_target_module.rst)|Create, Update and Delete Amazon Inspector Assessment Targets -[community.aws.aws_kms](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms_module.rst)|Perform various KMS management tasks. -[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_kms_info_module.rst)|Gather information about AWS KMS keys -[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_region_info_module.rst)|Gather information about AWS regions. -[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_bucket_info_module.rst)|Lists S3 buckets in AWS -[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_s3_cors_module.rst)|Manage CORS for S3 buckets in AWS -[community.aws.aws_secret](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_secret_module.rst)|Manage secrets stored in AWS Secrets Manager. -[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity_module.rst)|Manages SES email and domain identity -[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_identity_policy_module.rst)|Manages SES sending authorization policies -[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ses_rule_set_module.rst)|Manages SES inbound receipt rule sets -[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_sgw_info_module.rst)|Fetch AWS Storage Gateway information -[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_ssm_parameter_store_module.rst)|Manage key-value pairs in aws parameter store. -[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine_module.rst)|Manage AWS Step Functions state machines -[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_step_functions_state_machine_execution_module.rst)|Start or stop execution of an AWS Step Functions state machine. -[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_condition_module.rst)|Create and delete WAF Conditions -[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_info_module.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. -[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_rule_module.rst)|Create and delete WAF Rules -[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.aws_waf_web_acl_module.rst)|Create and delete WAF Web ACLs. -[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_exports_info_module.rst)|Read a value from CloudFormation Exports -[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudformation_stack_set_module.rst)|Manage groups of CloudFormation stacks -[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_distribution_module.rst)|Create, update and delete AWS CloudFront distributions. -[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_info_module.rst)|Obtain facts about an AWS CloudFront distribution -[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_invalidation_module.rst)|create invalidations for AWS CloudFront distributions -[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudfront_origin_access_identity_module.rst)|Create, update and delete origin access identities for a CloudFront distribution -[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudtrail_module.rst)|manage CloudTrail create, delete, update -[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchevent_rule_module.rst)|Manage CloudWatch Event rules and targets -[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_module.rst)|create or delete log_group in CloudWatchLogs -[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_info_module.rst)|Get information about log_group in CloudWatchLogs -[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst)|Manage CloudWatch log group metric filter -[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.data_pipeline_module.rst)|Create and manage AWS Datapipelines -[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_endpoint_module.rst)|Creates or destroys a data migration services endpoint -[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dms_replication_subnet_group_module.rst)|creates or destroys a data migration services subnet group -[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_table_module.rst)|Create, update or delete AWS Dynamo DB tables -[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.dynamodb_ttl_module.rst)|Set TTL for a given DynamoDB table -[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_ami_copy_module.rst)|copies AMI between AWS regions, return new image id -[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_module.rst)|Create or delete AWS AutoScaling Groups (ASGs) -[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_info_module.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS -[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_asg_lifecycle_hook_module.rst)|Create, delete or update AWS ASG Lifecycle Hooks. -[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway_module.rst)|Manage an AWS customer gateway -[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_customer_gateway_info_module.rst)|Gather information about customer gateways in AWS -[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip_module.rst)|manages EC2 elastic IP (EIP) addresses. -[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_eip_info_module.rst)|List EC2 EIP details -[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb_module.rst)|De-registers or registers instances from EC2 ELBs -[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_elb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS -[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance_module.rst)|Create & manage EC2 instances -[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_instance_info_module.rst)|Gather information about ec2 instances in AWS -[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_launch_template_module.rst)|Manage EC2 launch templates -[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_module.rst)|Create or delete AWS Autoscaling Launch Configurations -[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_find_module.rst)|Find AWS Autoscaling Launch Configurations -[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_lc_info_module.rst)|Gather information about AWS Autoscaling Launch Configurations. -[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_metric_alarm_module.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' -[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group_module.rst)|Create or delete an EC2 Placement Group -[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_placement_group_info_module.rst)|List EC2 Placement Group(s) details -[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_scaling_policy_module.rst)|Create or delete AWS scaling policies for Autoscaling groups -[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_snapshot_copy_module.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. -[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway_module.rst)|Create and delete AWS Transit Gateways -[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_transit_gateway_info_module.rst)|Gather information about ec2 transit gateways in AWS -[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_egress_igw_module.rst)|Manage an AWS VPC Egress Only Internet gateway -[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint_module.rst)|Create and delete AWS VPC Endpoints. -[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_endpoint_info_module.rst)|Retrieves AWS VPC endpoints details using AWS methods. -[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw_module.rst)|Manage an AWS VPC Internet gateway -[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_igw_info_module.rst)|Gather information about internet gateways in AWS -[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl_module.rst)|create and delete Network ACLs. -[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nacl_info_module.rst)|Gather information about Network ACLs in an AWS VPC -[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway_module.rst)|Manage AWS VPC NAT Gateways. -[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. -[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peer_module.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. -[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_peering_info_module.rst)|Retrieves AWS VPC Peering details using AWS methods. -[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table_module.rst)|Manage route tables for AWS virtual private clouds -[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_route_table_info_module.rst)|Gather information about ec2 VPC route tables in AWS -[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw_module.rst)|Create and delete AWS VPN Virtual Gateways. -[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vgw_info_module.rst)|Gather information about virtual gateways in AWS -[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn_module.rst)|Create, modify, and delete EC2 VPN connections. -[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_vpc_vpn_info_module.rst)|Gather information about VPN Connections in AWS. -[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ec2_win_password_module.rst)|Gets the default administrator password for ec2 windows instances -[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_attribute_module.rst)|manage ecs attributes -[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_cluster_module.rst)|Create or terminate ECS clusters. -[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_ecr_module.rst)|Manage Elastic Container Registry repositories -[community.aws.ecs_service](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service_module.rst)|Create, terminate, start or stop a service in ECS -[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_service_info_module.rst)|List or describe services in ECS -[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_tag_module.rst)|create and remove tags on Amazon ECS resources -[community.aws.ecs_task](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_task_module.rst)|Run, start or stop a task in ecs -[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition_module.rst)|register a task definition in ecs -[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.ecs_taskdefinition_info_module.rst)|Describe a task definition in ECS -[community.aws.efs](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs_module.rst)|create and maintain EFS file systems -[community.aws.efs_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.efs_info_module.rst)|Get information about Amazon EFS file systems -[community.aws.elasticache](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_module.rst)|Manage cache clusters in Amazon ElastiCache -[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_info_module.rst)|Retrieve information for AWS ElastiCache clusters -[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_parameter_group_module.rst)|Manage cache parameter groups in Amazon ElastiCache. -[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_snapshot_module.rst)|Manage cache snapshots in Amazon ElastiCache -[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elasticache_subnet_group_module.rst)|manage ElastiCache subnet groups -[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb_module.rst)|Manage an Application load balancer -[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_application_lb_info_module.rst)|Gather information about application ELBs in AWS -[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb_module.rst)|Creates or destroys Amazon ELB. -[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_classic_lb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS -[community.aws.elb_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_instance_module.rst)|De-registers or registers instances from EC2 ELBs -[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_network_lb_module.rst)|Manage a Network Load Balancer -[community.aws.elb_target](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_module.rst)|Manage a target in a target group -[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group_module.rst)|Manage a target group for an Application or Network load balancer -[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_group_info_module.rst)|Gather information about ELB target groups in AWS -[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.elb_target_info_module.rst)|Gathers which target groups a target is associated with. -[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.execute_lambda_module.rst)|Execute an AWS Lambda function -[community.aws.iam](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_module.rst)|Manage IAM users, groups, roles and keys -[community.aws.iam_cert](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_cert_module.rst)|Manage server certificates for use on ELBs and CloudFront -[community.aws.iam_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_group_module.rst)|Manage AWS IAM groups -[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_managed_policy_module.rst)|Manage User Managed IAM policies -[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_mfa_device_info_module.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user -[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_password_policy_module.rst)|Update an IAM Password Policy -[community.aws.iam_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy_module.rst)|Manage inline IAM policies for users, groups, and roles -[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_policy_info_module.rst)|Retrieve inline IAM policies for users, groups, and roles -[community.aws.iam_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role_module.rst)|Manage AWS IAM roles -[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_role_info_module.rst)|Gather information on IAM roles -[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_saml_federation_module.rst)|Maintain IAM SAML federation configuration. -[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_server_certificate_info_module.rst)|Retrieve the information of a server certificate -[community.aws.iam_user](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user_module.rst)|Manage AWS IAM users -[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.iam_user_info_module.rst)|Gather IAM user(s) facts in AWS -[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.kinesis_stream_module.rst)|Manage a Kinesis Stream. -[community.aws.lambda](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_module.rst)|Manage AWS Lambda functions -[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_alias_module.rst)|Creates, updates or deletes AWS Lambda function aliases -[community.aws.lambda_event](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_event_module.rst)|Creates, updates or deletes AWS Lambda function event mappings -[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_facts_module.rst)|Gathers AWS Lambda function details as Ansible facts -[community.aws.lambda_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_info_module.rst)|Gathers AWS Lambda function details -[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lambda_policy_module.rst)|Creates, updates or deletes AWS Lambda policy statements. -[community.aws.lightsail](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.lightsail_module.rst)|Manage instances in AWS Lightsail -[community.aws.rds](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_module.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts -[community.aws.rds_instance](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance_module.rst)|Manage RDS instances -[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_instance_info_module.rst)|obtain information about one or more RDS instances -[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_param_group_module.rst)|manage RDS parameter groups -[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot_module.rst)|manage Amazon RDS snapshots. -[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_snapshot_info_module.rst)|obtain information about one or more RDS snapshots -[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.rds_subnet_group_module.rst)|manage RDS database subnet groups -[community.aws.redshift](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_module.rst)|create, delete, or modify an Amazon Redshift instance -[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_cross_region_snapshots_module.rst)|Manage Redshift Cross Region Snapshots -[community.aws.redshift_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_info_module.rst)|Gather information about Redshift cluster(s) -[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.redshift_subnet_group_module.rst)|manage Redshift cluster subnet groups -[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_module.rst)|add or delete entries in Amazons Route53 DNS service -[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_health_check_module.rst)|Add or delete health-checks in Amazons Route53 DNS service -[community.aws.route53_info](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_info_module.rst)|Retrieves route53 details using AWS methods -[community.aws.route53_zone](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.route53_zone_module.rst)|add or delete Route53 zones -[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_bucket_notification_module.rst)|Creates, updates or deletes S3 Bucket notification for lambda -[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_lifecycle_module.rst)|Manage s3 bucket lifecycle rules in AWS -[community.aws.s3_logging](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_logging_module.rst)|Manage logging facility of an s3 bucket in AWS -[community.aws.s3_sync](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_sync_module.rst)|Efficiently upload multiple files to S3 -[community.aws.s3_website](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.s3_website_module.rst)|Configure an s3 bucket as a website -[community.aws.sns](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns_module.rst)|Send Amazon Simple Notification Service messages -[community.aws.sns_topic](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sns_topic_module.rst)|Manages AWS SNS topics and subscriptions -[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sqs_queue_module.rst)|Creates or deletes AWS SQS queues. -[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_assume_role_module.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials -[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/master/docs/community.aws.sts_session_token_module.rst)|Obtain a session token from the AWS Security Token Service +[community.aws.aws_acm](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_acm_module.rst)|Upload and delete certificates in the AWS Certificate Manager service +[community.aws.aws_acm_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_acm_info_module.rst)|Retrieve certificate information from AWS Certificate Manager service +[community.aws.aws_api_gateway](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_api_gateway_module.rst)|Manage AWS API Gateway APIs +[community.aws.aws_application_scaling_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_application_scaling_policy_module.rst)|Manage Application Auto Scaling Scaling Policies +[community.aws.aws_batch_compute_environment](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_batch_compute_environment_module.rst)|Manage AWS Batch Compute Environments +[community.aws.aws_batch_job_definition](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_batch_job_definition_module.rst)|Manage AWS Batch Job Definitions +[community.aws.aws_batch_job_queue](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_batch_job_queue_module.rst)|Manage AWS Batch Job Queues +[community.aws.aws_codebuild](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_codebuild_module.rst)|Create or delete an AWS CodeBuild project +[community.aws.aws_codecommit](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_codecommit_module.rst)|Manage repositories in AWS CodeCommit +[community.aws.aws_codepipeline](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_codepipeline_module.rst)|Create or delete AWS CodePipelines +[community.aws.aws_config_aggregation_authorization](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_aggregation_authorization_module.rst)|Manage cross-account AWS Config authorizations +[community.aws.aws_config_aggregator](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_aggregator_module.rst)|Manage AWS Config aggregations across multiple accounts +[community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_delivery_channel_module.rst)|Manage AWS Config delivery channels +[community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_recorder_module.rst)|Manage AWS Config Recorders +[community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_rule_module.rst)|Manage AWS Config resources +[community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_connection_module.rst)|Creates, deletes, modifies a DirectConnect connection +[community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_gateway_module.rst)|Manage AWS Direct Connect gateway +[community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst)|Manage Direct Connect LAG bundles +[community.aws.aws_direct_connect_virtual_interface](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_virtual_interface_module.rst)|Manage Direct Connect virtual interfaces +[community.aws.aws_eks_cluster](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_eks_cluster_module.rst)|Manage Elastic Kubernetes Service Clusters +[community.aws.aws_elasticbeanstalk_app](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_elasticbeanstalk_app_module.rst)|Create, update, and delete an elastic beanstalk application +[community.aws.aws_glue_connection](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_glue_connection_module.rst)|Manage an AWS Glue connection +[community.aws.aws_glue_job](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_glue_job_module.rst)|Manage an AWS Glue job +[community.aws.aws_inspector_target](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_inspector_target_module.rst)|Create, Update and Delete Amazon Inspector Assessment Targets +[community.aws.aws_kms](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_kms_module.rst)|Perform various KMS management tasks. +[community.aws.aws_kms_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_kms_info_module.rst)|Gather information about AWS KMS keys +[community.aws.aws_region_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_region_info_module.rst)|Gather information about AWS regions. +[community.aws.aws_s3_bucket_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_s3_bucket_info_module.rst)|Lists S3 buckets in AWS +[community.aws.aws_s3_cors](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_s3_cors_module.rst)|Manage CORS for S3 buckets in AWS +[community.aws.aws_secret](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_secret_module.rst)|Manage secrets stored in AWS Secrets Manager. +[community.aws.aws_ses_identity](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_ses_identity_module.rst)|Manages SES email and domain identity +[community.aws.aws_ses_identity_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_ses_identity_policy_module.rst)|Manages SES sending authorization policies +[community.aws.aws_ses_rule_set](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_ses_rule_set_module.rst)|Manages SES inbound receipt rule sets +[community.aws.aws_sgw_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_sgw_info_module.rst)|Fetch AWS Storage Gateway information +[community.aws.aws_ssm_parameter_store](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_ssm_parameter_store_module.rst)|Manage key-value pairs in aws parameter store. +[community.aws.aws_step_functions_state_machine](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_step_functions_state_machine_module.rst)|Manage AWS Step Functions state machines +[community.aws.aws_step_functions_state_machine_execution](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_step_functions_state_machine_execution_module.rst)|Start or stop execution of an AWS Step Functions state machine. +[community.aws.aws_waf_condition](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_condition_module.rst)|Create and delete WAF Conditions +[community.aws.aws_waf_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_info_module.rst)|Retrieve information for WAF ACLs, Rule , Conditions and Filters. +[community.aws.aws_waf_rule](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_rule_module.rst)|Create and delete WAF Rules +[community.aws.aws_waf_web_acl](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_waf_web_acl_module.rst)|Create and delete WAF Web ACLs. +[community.aws.cloudformation_exports_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudformation_exports_info_module.rst)|Read a value from CloudFormation Exports +[community.aws.cloudformation_stack_set](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudformation_stack_set_module.rst)|Manage groups of CloudFormation stacks +[community.aws.cloudfront_distribution](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudfront_distribution_module.rst)|Create, update and delete AWS CloudFront distributions. +[community.aws.cloudfront_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudfront_info_module.rst)|Obtain facts about an AWS CloudFront distribution +[community.aws.cloudfront_invalidation](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudfront_invalidation_module.rst)|create invalidations for AWS CloudFront distributions +[community.aws.cloudfront_origin_access_identity](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudfront_origin_access_identity_module.rst)|Create, update and delete origin access identities for a CloudFront distribution +[community.aws.cloudtrail](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudtrail_module.rst)|manage CloudTrail create, delete, update +[community.aws.cloudwatchevent_rule](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudwatchevent_rule_module.rst)|Manage CloudWatch Event rules and targets +[community.aws.cloudwatchlogs_log_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudwatchlogs_log_group_module.rst)|create or delete log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudwatchlogs_log_group_info_module.rst)|Get information about log_group in CloudWatchLogs +[community.aws.cloudwatchlogs_log_group_metric_filter](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst)|Manage CloudWatch log group metric filter +[community.aws.data_pipeline](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.data_pipeline_module.rst)|Create and manage AWS Datapipelines +[community.aws.dms_endpoint](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.dms_endpoint_module.rst)|Creates or destroys a data migration services endpoint +[community.aws.dms_replication_subnet_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.dms_replication_subnet_group_module.rst)|creates or destroys a data migration services subnet group +[community.aws.dynamodb_table](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.dynamodb_table_module.rst)|Create, update or delete AWS Dynamo DB tables +[community.aws.dynamodb_ttl](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.dynamodb_ttl_module.rst)|Set TTL for a given DynamoDB table +[community.aws.ec2_ami_copy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_ami_copy_module.rst)|copies AMI between AWS regions, return new image id +[community.aws.ec2_asg](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_asg_module.rst)|Create or delete AWS AutoScaling Groups (ASGs) +[community.aws.ec2_asg_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_asg_info_module.rst)|Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +[community.aws.ec2_asg_lifecycle_hook](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_asg_lifecycle_hook_module.rst)|Create, delete or update AWS ASG Lifecycle Hooks. +[community.aws.ec2_customer_gateway](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_customer_gateway_module.rst)|Manage an AWS customer gateway +[community.aws.ec2_customer_gateway_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_customer_gateway_info_module.rst)|Gather information about customer gateways in AWS +[community.aws.ec2_eip](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_eip_module.rst)|manages EC2 elastic IP (EIP) addresses. +[community.aws.ec2_eip_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_eip_info_module.rst)|List EC2 EIP details +[community.aws.ec2_elb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_elb_module.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.ec2_elb_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_elb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.ec2_instance](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_instance_module.rst)|Create & manage EC2 instances +[community.aws.ec2_instance_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_instance_info_module.rst)|Gather information about ec2 instances in AWS +[community.aws.ec2_launch_template](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_launch_template_module.rst)|Manage EC2 launch templates +[community.aws.ec2_lc](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_lc_module.rst)|Create or delete AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_find](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_lc_find_module.rst)|Find AWS Autoscaling Launch Configurations +[community.aws.ec2_lc_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_lc_info_module.rst)|Gather information about AWS Autoscaling Launch Configurations. +[community.aws.ec2_metric_alarm](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_metric_alarm_module.rst)|Create/update or delete AWS Cloudwatch 'metric alarms' +[community.aws.ec2_placement_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_placement_group_module.rst)|Create or delete an EC2 Placement Group +[community.aws.ec2_placement_group_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_placement_group_info_module.rst)|List EC2 Placement Group(s) details +[community.aws.ec2_scaling_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_scaling_policy_module.rst)|Create or delete AWS scaling policies for Autoscaling groups +[community.aws.ec2_snapshot_copy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_snapshot_copy_module.rst)|Copies an EC2 snapshot and returns the new Snapshot ID. +[community.aws.ec2_transit_gateway](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_transit_gateway_module.rst)|Create and delete AWS Transit Gateways +[community.aws.ec2_transit_gateway_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_transit_gateway_info_module.rst)|Gather information about ec2 transit gateways in AWS +[community.aws.ec2_vpc_egress_igw](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_egress_igw_module.rst)|Manage an AWS VPC Egress Only Internet gateway +[community.aws.ec2_vpc_endpoint](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_endpoint_module.rst)|Create and delete AWS VPC Endpoints. +[community.aws.ec2_vpc_endpoint_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_endpoint_info_module.rst)|Retrieves AWS VPC endpoints details using AWS methods. +[community.aws.ec2_vpc_igw](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_igw_module.rst)|Manage an AWS VPC Internet gateway +[community.aws.ec2_vpc_igw_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_igw_info_module.rst)|Gather information about internet gateways in AWS +[community.aws.ec2_vpc_nacl](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_nacl_module.rst)|create and delete Network ACLs. +[community.aws.ec2_vpc_nacl_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_nacl_info_module.rst)|Gather information about Network ACLs in an AWS VPC +[community.aws.ec2_vpc_nat_gateway](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_nat_gateway_module.rst)|Manage AWS VPC NAT Gateways. +[community.aws.ec2_vpc_nat_gateway_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst)|Retrieves AWS VPC Managed Nat Gateway details using AWS methods. +[community.aws.ec2_vpc_peer](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_peer_module.rst)|create, delete, accept, and reject VPC peering connections between two VPCs. +[community.aws.ec2_vpc_peering_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_peering_info_module.rst)|Retrieves AWS VPC Peering details using AWS methods. +[community.aws.ec2_vpc_route_table](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_route_table_module.rst)|Manage route tables for AWS virtual private clouds +[community.aws.ec2_vpc_route_table_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_route_table_info_module.rst)|Gather information about ec2 VPC route tables in AWS +[community.aws.ec2_vpc_vgw](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_vgw_module.rst)|Create and delete AWS VPN Virtual Gateways. +[community.aws.ec2_vpc_vgw_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_vgw_info_module.rst)|Gather information about virtual gateways in AWS +[community.aws.ec2_vpc_vpn](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_vpn_module.rst)|Create, modify, and delete EC2 VPN connections. +[community.aws.ec2_vpc_vpn_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_vpc_vpn_info_module.rst)|Gather information about VPN Connections in AWS. +[community.aws.ec2_win_password](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ec2_win_password_module.rst)|Gets the default administrator password for ec2 windows instances +[community.aws.ecs_attribute](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_attribute_module.rst)|manage ecs attributes +[community.aws.ecs_cluster](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_cluster_module.rst)|Create or terminate ECS clusters. +[community.aws.ecs_ecr](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_ecr_module.rst)|Manage Elastic Container Registry repositories +[community.aws.ecs_service](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_service_module.rst)|Create, terminate, start or stop a service in ECS +[community.aws.ecs_service_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_service_info_module.rst)|List or describe services in ECS +[community.aws.ecs_tag](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_tag_module.rst)|create and remove tags on Amazon ECS resources +[community.aws.ecs_task](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_task_module.rst)|Run, start or stop a task in ecs +[community.aws.ecs_taskdefinition](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_taskdefinition_module.rst)|register a task definition in ecs +[community.aws.ecs_taskdefinition_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.ecs_taskdefinition_info_module.rst)|Describe a task definition in ECS +[community.aws.efs](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.efs_module.rst)|create and maintain EFS file systems +[community.aws.efs_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.efs_info_module.rst)|Get information about Amazon EFS file systems +[community.aws.elasticache](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_module.rst)|Manage cache clusters in Amazon ElastiCache +[community.aws.elasticache_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_info_module.rst)|Retrieve information for AWS ElastiCache clusters +[community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_parameter_group_module.rst)|Manage cache parameter groups in Amazon ElastiCache. +[community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_snapshot_module.rst)|Manage cache snapshots in Amazon ElastiCache +[community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_subnet_group_module.rst)|manage ElastiCache subnet groups +[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_application_lb_module.rst)|Manage an Application load balancer +[community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_application_lb_info_module.rst)|Gather information about application ELBs in AWS +[community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_classic_lb_module.rst)|Creates or destroys Amazon ELB. +[community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_classic_lb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS +[community.aws.elb_instance](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_instance_module.rst)|De-registers or registers instances from EC2 ELBs +[community.aws.elb_network_lb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_network_lb_module.rst)|Manage a Network Load Balancer +[community.aws.elb_target](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_target_module.rst)|Manage a target in a target group +[community.aws.elb_target_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_target_group_module.rst)|Manage a target group for an Application or Network load balancer +[community.aws.elb_target_group_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_target_group_info_module.rst)|Gather information about ELB target groups in AWS +[community.aws.elb_target_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_target_info_module.rst)|Gathers which target groups a target is associated with. +[community.aws.execute_lambda](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.execute_lambda_module.rst)|Execute an AWS Lambda function +[community.aws.iam](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_module.rst)|Manage IAM users, groups, roles and keys +[community.aws.iam_cert](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_cert_module.rst)|Manage server certificates for use on ELBs and CloudFront +[community.aws.iam_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_group_module.rst)|Manage AWS IAM groups +[community.aws.iam_managed_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_managed_policy_module.rst)|Manage User Managed IAM policies +[community.aws.iam_mfa_device_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_mfa_device_info_module.rst)|List the MFA (Multi-Factor Authentication) devices registered for a user +[community.aws.iam_password_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_password_policy_module.rst)|Update an IAM Password Policy +[community.aws.iam_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_policy_module.rst)|Manage inline IAM policies for users, groups, and roles +[community.aws.iam_policy_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_policy_info_module.rst)|Retrieve inline IAM policies for users, groups, and roles +[community.aws.iam_role](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_role_module.rst)|Manage AWS IAM roles +[community.aws.iam_role_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_role_info_module.rst)|Gather information on IAM roles +[community.aws.iam_saml_federation](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_saml_federation_module.rst)|Maintain IAM SAML federation configuration. +[community.aws.iam_server_certificate_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_server_certificate_info_module.rst)|Retrieve the information of a server certificate +[community.aws.iam_user](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_user_module.rst)|Manage AWS IAM users +[community.aws.iam_user_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.iam_user_info_module.rst)|Gather IAM user(s) facts in AWS +[community.aws.kinesis_stream](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.kinesis_stream_module.rst)|Manage a Kinesis Stream. +[community.aws.lambda](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lambda_module.rst)|Manage AWS Lambda functions +[community.aws.lambda_alias](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lambda_alias_module.rst)|Creates, updates or deletes AWS Lambda function aliases +[community.aws.lambda_event](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lambda_event_module.rst)|Creates, updates or deletes AWS Lambda function event mappings +[community.aws.lambda_facts](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lambda_facts_module.rst)|Gathers AWS Lambda function details as Ansible facts +[community.aws.lambda_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lambda_info_module.rst)|Gathers AWS Lambda function details +[community.aws.lambda_policy](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lambda_policy_module.rst)|Creates, updates or deletes AWS Lambda policy statements. +[community.aws.lightsail](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.lightsail_module.rst)|Manage instances in AWS Lightsail +[community.aws.rds](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_module.rst)|create, delete, or modify Amazon rds instances, rds snapshots, and related facts +[community.aws.rds_instance](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_instance_module.rst)|Manage RDS instances +[community.aws.rds_instance_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_instance_info_module.rst)|obtain information about one or more RDS instances +[community.aws.rds_param_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_param_group_module.rst)|manage RDS parameter groups +[community.aws.rds_snapshot](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_snapshot_module.rst)|manage Amazon RDS snapshots. +[community.aws.rds_snapshot_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_snapshot_info_module.rst)|obtain information about one or more RDS snapshots +[community.aws.rds_subnet_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.rds_subnet_group_module.rst)|manage RDS database subnet groups +[community.aws.redshift](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_module.rst)|create, delete, or modify an Amazon Redshift instance +[community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_cross_region_snapshots_module.rst)|Manage Redshift Cross Region Snapshots +[community.aws.redshift_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_info_module.rst)|Gather information about Redshift cluster(s) +[community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_subnet_group_module.rst)|manage Redshift cluster subnet groups +[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_module.rst)|add or delete entries in Amazons Route53 DNS service +[community.aws.route53_health_check](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_health_check_module.rst)|Add or delete health-checks in Amazons Route53 DNS service +[community.aws.route53_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_info_module.rst)|Retrieves route53 details using AWS methods +[community.aws.route53_zone](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_zone_module.rst)|add or delete Route53 zones +[community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_bucket_notification_module.rst)|Creates, updates or deletes S3 Bucket notification for lambda +[community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_lifecycle_module.rst)|Manage s3 bucket lifecycle rules in AWS +[community.aws.s3_logging](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_logging_module.rst)|Manage logging facility of an s3 bucket in AWS +[community.aws.s3_sync](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_sync_module.rst)|Efficiently upload multiple files to S3 +[community.aws.s3_website](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_website_module.rst)|Configure an s3 bucket as a website +[community.aws.sns](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sns_module.rst)|Send Amazon Simple Notification Service messages +[community.aws.sns_topic](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sns_topic_module.rst)|Manages AWS SNS topics and subscriptions +[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sqs_queue_module.rst)|Creates or deletes AWS SQS queues. +[community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sts_assume_role_module.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials +[community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sts_session_token_module.rst)|Obtain a session token from the AWS Security Token Service @@ -275,4 +275,4 @@ See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/commun GNU General Public License v3.0 or later. -See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. \ No newline at end of file +See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. diff --git a/galaxy.yml b/galaxy.yml index 88d277a6bc1..b56d493151d 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -10,7 +10,7 @@ tags: [community, aws, cloud, amazon] dependencies: amazon.aws: '>=0.1.0' repository: https://github.com/ansible-collections/community.aws -documentation: https://github.com/ansible-collections/community.aws/tree/master/docs +documentation: https://github.com/ansible-collections/community.aws/tree/main/docs homepage: https://github.com/ansible-collections/community.aws issues: https://github.com/ansible-collections/community.aws/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc build_ignore: From 3b56fbdef774f26d9e2564507a0e686367224b11 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Tue, 7 Jul 2020 04:46:56 +0530 Subject: [PATCH 033/129] sanity: Add future-import boilerplate (#118) Signed-off-by: Abhijeet Kasurde --- .../sanity_fix_future_boilerplate.yml | 2 ++ scripts/inventory/ec2.py | 22 +++++-------------- .../targets/aws_lambda/files/mini_lambda.py | 6 ++++- .../lambda_policy/files/mini_http_lambda.py | 6 ++++- .../files/mini_lambda.py | 5 +++++ .../sns_topic_lambda/sns_topic_lambda.py | 5 ++++- tests/sanity/ignore-2.10.txt | 18 --------------- tests/sanity/ignore-2.11.txt | 18 --------------- tests/sanity/ignore-2.9.txt | 18 --------------- tests/unit/mock/path.py | 5 +++++ tests/unit/mock/vault_helper.py | 16 ++------------ tests/unit/mock/yaml_helper.py | 5 +++++ tests/unit/modules/conftest.py | 3 +++ tests/unit/modules/utils.py | 5 +++++ 14 files changed, 46 insertions(+), 88 deletions(-) create mode 100644 changelogs/fragments/sanity_fix_future_boilerplate.yml diff --git a/changelogs/fragments/sanity_fix_future_boilerplate.yml b/changelogs/fragments/sanity_fix_future_boilerplate.yml new file mode 100644 index 00000000000..f8b85045a50 --- /dev/null +++ b/changelogs/fragments/sanity_fix_future_boilerplate.yml @@ -0,0 +1,2 @@ +minor_changes: +- sanity - add future imports in all missing places. diff --git a/scripts/inventory/ec2.py b/scripts/inventory/ec2.py index e6bf6651247..aa1a2d53eaf 100644 --- a/scripts/inventory/ec2.py +++ b/scripts/inventory/ec2.py @@ -136,23 +136,11 @@ ''' # (c) 2012, Peter Sankauskas -# -# This file is part of Ansible, -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . - -###################################################################### + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import sys import os diff --git a/tests/integration/targets/aws_lambda/files/mini_lambda.py b/tests/integration/targets/aws_lambda/files/mini_lambda.py index b499888ed94..901f6b55a77 100644 --- a/tests/integration/targets/aws_lambda/files/mini_lambda.py +++ b/tests/integration/targets/aws_lambda/files/mini_lambda.py @@ -1,4 +1,8 @@ -from __future__ import print_function +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import json import os diff --git a/tests/integration/targets/lambda_policy/files/mini_http_lambda.py b/tests/integration/targets/lambda_policy/files/mini_http_lambda.py index 5ac0bf5e8de..caccac9084c 100644 --- a/tests/integration/targets/lambda_policy/files/mini_http_lambda.py +++ b/tests/integration/targets/lambda_policy/files/mini_http_lambda.py @@ -1,4 +1,8 @@ -from __future__ import print_function +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import json diff --git a/tests/integration/targets/s3_bucket_notification/files/mini_lambda.py b/tests/integration/targets/s3_bucket_notification/files/mini_lambda.py index 0ba9e0d3009..d0d08dae90f 100644 --- a/tests/integration/targets/s3_bucket_notification/files/mini_lambda.py +++ b/tests/integration/targets/s3_bucket_notification/files/mini_lambda.py @@ -1,3 +1,8 @@ +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import json diff --git a/tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py b/tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py index c3d31c26eb0..98f65783689 100644 --- a/tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py +++ b/tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py @@ -1,4 +1,7 @@ -from __future__ import print_function +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type def handler(event, context): diff --git a/tests/sanity/ignore-2.10.txt b/tests/sanity/ignore-2.10.txt index 124e45a250a..dd21d26881e 100644 --- a/tests/sanity/ignore-2.10.txt +++ b/tests/sanity/ignore-2.10.txt @@ -1,5 +1,3 @@ -scripts/inventory/ec2.py future-import-boilerplate -scripts/inventory/ec2.py metaclass-boilerplate plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch @@ -134,21 +132,5 @@ plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-ele plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements -tests/integration/targets/aws_lambda/files/mini_lambda.py future-import-boilerplate -tests/integration/targets/aws_lambda/files/mini_lambda.py metaclass-boilerplate -tests/integration/targets/lambda_policy/files/mini_http_lambda.py future-import-boilerplate -tests/integration/targets/lambda_policy/files/mini_http_lambda.py metaclass-boilerplate -tests/integration/targets/s3_bucket_notification/files/mini_lambda.py future-import-boilerplate -tests/integration/targets/s3_bucket_notification/files/mini_lambda.py metaclass-boilerplate -tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py future-import-boilerplate -tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py metaclass-boilerplate -tests/unit/mock/path.py future-import-boilerplate -tests/unit/mock/path.py metaclass-boilerplate -tests/unit/mock/yaml_helper.py future-import-boilerplate -tests/unit/mock/yaml_helper.py metaclass-boilerplate -tests/unit/modules/conftest.py future-import-boilerplate -tests/unit/modules/conftest.py metaclass-boilerplate -tests/unit/modules/utils.py future-import-boilerplate -tests/unit/modules/utils.py metaclass-boilerplate tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.11.txt b/tests/sanity/ignore-2.11.txt index 124e45a250a..dd21d26881e 100644 --- a/tests/sanity/ignore-2.11.txt +++ b/tests/sanity/ignore-2.11.txt @@ -1,5 +1,3 @@ -scripts/inventory/ec2.py future-import-boilerplate -scripts/inventory/ec2.py metaclass-boilerplate plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch @@ -134,21 +132,5 @@ plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-ele plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements -tests/integration/targets/aws_lambda/files/mini_lambda.py future-import-boilerplate -tests/integration/targets/aws_lambda/files/mini_lambda.py metaclass-boilerplate -tests/integration/targets/lambda_policy/files/mini_http_lambda.py future-import-boilerplate -tests/integration/targets/lambda_policy/files/mini_http_lambda.py metaclass-boilerplate -tests/integration/targets/s3_bucket_notification/files/mini_lambda.py future-import-boilerplate -tests/integration/targets/s3_bucket_notification/files/mini_lambda.py metaclass-boilerplate -tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py future-import-boilerplate -tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py metaclass-boilerplate -tests/unit/mock/path.py future-import-boilerplate -tests/unit/mock/path.py metaclass-boilerplate -tests/unit/mock/yaml_helper.py future-import-boilerplate -tests/unit/mock/yaml_helper.py metaclass-boilerplate -tests/unit/modules/conftest.py future-import-boilerplate -tests/unit/modules/conftest.py metaclass-boilerplate -tests/unit/modules/utils.py future-import-boilerplate -tests/unit/modules/utils.py metaclass-boilerplate tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index a3fc20f62c9..df2549f3415 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -1,5 +1,3 @@ -scripts/inventory/ec2.py future-import-boilerplate -scripts/inventory/ec2.py metaclass-boilerplate plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch @@ -132,22 +130,6 @@ plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-ele plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements -tests/integration/targets/aws_lambda/files/mini_lambda.py future-import-boilerplate -tests/integration/targets/aws_lambda/files/mini_lambda.py metaclass-boilerplate -tests/integration/targets/lambda_policy/files/mini_http_lambda.py future-import-boilerplate -tests/integration/targets/lambda_policy/files/mini_http_lambda.py metaclass-boilerplate -tests/integration/targets/s3_bucket_notification/files/mini_lambda.py future-import-boilerplate -tests/integration/targets/s3_bucket_notification/files/mini_lambda.py metaclass-boilerplate -tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py future-import-boilerplate -tests/integration/targets/sns_topic/files/sns_topic_lambda/sns_topic_lambda.py metaclass-boilerplate -tests/unit/mock/path.py future-import-boilerplate -tests/unit/mock/path.py metaclass-boilerplate -tests/unit/mock/yaml_helper.py future-import-boilerplate -tests/unit/mock/yaml_helper.py metaclass-boilerplate -tests/unit/modules/conftest.py future-import-boilerplate -tests/unit/modules/conftest.py metaclass-boilerplate -tests/unit/modules/utils.py future-import-boilerplate -tests/unit/modules/utils.py metaclass-boilerplate tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang plugins/modules/aws_acm_info.py pylint:ansible-deprecated-no-version diff --git a/tests/unit/mock/path.py b/tests/unit/mock/path.py index fc51751fe62..676b35ab8b5 100644 --- a/tests/unit/mock/path.py +++ b/tests/unit/mock/path.py @@ -1,3 +1,8 @@ +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + from ansible_collections.community.aws.tests.unit.compat.mock import MagicMock from ansible.utils.path import unfrackpath diff --git a/tests/unit/mock/vault_helper.py b/tests/unit/mock/vault_helper.py index dcce9c78415..b54629da49a 100644 --- a/tests/unit/mock/vault_helper.py +++ b/tests/unit/mock/vault_helper.py @@ -1,17 +1,5 @@ -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . - -# Make coding more python3-ish +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + from __future__ import (absolute_import, division, print_function) __metaclass__ = type diff --git a/tests/unit/mock/yaml_helper.py b/tests/unit/mock/yaml_helper.py index cc095fea1a5..a646c0241c7 100644 --- a/tests/unit/mock/yaml_helper.py +++ b/tests/unit/mock/yaml_helper.py @@ -1,3 +1,8 @@ +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import io import yaml diff --git a/tests/unit/modules/conftest.py b/tests/unit/modules/conftest.py index 3bbfe0b7a85..a7d1e0475f2 100644 --- a/tests/unit/modules/conftest.py +++ b/tests/unit/modules/conftest.py @@ -1,6 +1,9 @@ # Copyright (c) 2017 Ansible Project # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import json import pytest diff --git a/tests/unit/modules/utils.py b/tests/unit/modules/utils.py index fd63ed68ae0..026bf2549d2 100644 --- a/tests/unit/modules/utils.py +++ b/tests/unit/modules/utils.py @@ -1,3 +1,8 @@ +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + import json from ansible_collections.community.aws.tests.unit.compat import unittest From b62f68d10c286fa7f2a159d9d1466ae11c37a5f6 Mon Sep 17 00:00:00 2001 From: flowerysong Date: Wed, 8 Jul 2020 06:36:08 -0400 Subject: [PATCH 034/129] Fix documentation YAML for redshift and redshift_subnet_group (#128) --- plugins/modules/redshift.py | 2 +- plugins/modules/redshift_subnet_group.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 01e604ff30f..f6308392694 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -11,10 +11,10 @@ DOCUMENTATION = ''' --- author: -version_added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." - "Rafael Driutti (@rafaeldriutti)" module: redshift +version_added: 1.0.0 short_description: create, delete, or modify an Amazon Redshift instance description: - Creates, deletes, or modifies Amazon Redshift cluster instances. diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py index eded969cb76..615e667b9c8 100644 --- a/plugins/modules/redshift_subnet_group.py +++ b/plugins/modules/redshift_subnet_group.py @@ -10,9 +10,9 @@ DOCUMENTATION = ''' --- author: -version_added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." module: redshift_subnet_group +version_added: 1.0.0 short_description: manage Redshift cluster subnet groups description: - Create, modifies, and deletes Redshift cluster subnet groups. From eaabb3e8c6d2ccad5b5045b63cabf8a628facbc3 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Thu, 9 Jul 2020 02:46:44 +0530 Subject: [PATCH 035/129] sanity: Doc fixes (#130) Signed-off-by: Abhijeet Kasurde --- plugins/modules/aws_acm_info.py | 12 ++- .../modules/aws_batch_compute_environment.py | 89 +++++++++---------- plugins/modules/aws_batch_job_definition.py | 21 +++-- plugins/modules/aws_batch_job_queue.py | 51 +++++------ plugins/modules/aws_codebuild.py | 8 +- plugins/modules/aws_codepipeline.py | 8 +- plugins/modules/aws_config_aggregator.py | 8 +- .../aws_direct_connect_virtual_interface.py | 8 +- plugins/modules/aws_eks_cluster.py | 10 +-- plugins/modules/aws_glue_connection.py | 10 +-- plugins/modules/aws_glue_job.py | 8 +- plugins/modules/aws_kms.py | 10 +-- plugins/modules/aws_s3_cors.py | 9 +- plugins/modules/aws_waf_condition.py | 8 +- plugins/modules/aws_waf_rule.py | 12 +-- plugins/modules/aws_waf_web_acl.py | 8 +- scripts/inventory/ec2.py | 12 ++- 17 files changed, 140 insertions(+), 152 deletions(-) diff --git a/plugins/modules/aws_acm_info.py b/plugins/modules/aws_acm_info.py index 16656021f36..97d9a879152 100644 --- a/plugins/modules/aws_acm_info.py +++ b/plugins/modules/aws_acm_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: aws_acm_info short_description: Retrieve certificate information from AWS Certificate Manager service version_added: 1.0.0 @@ -49,7 +49,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: obtain all ACM certificates community.aws.aws_acm_info: @@ -76,7 +76,7 @@ ''' -RETURN = ''' +RETURN = r''' certificates: description: A list of certificates returned: always @@ -268,7 +268,11 @@ def main(): argument_spec = dict( certificate_arn=dict(aliases=['arn']), domain_name=dict(aliases=['name']), - statuses=dict(type='list', choices=['PENDING_VALIDATION', 'ISSUED', 'INACTIVE', 'EXPIRED', 'VALIDATION_TIMED_OUT', 'REVOKED', 'FAILED']), + statuses=dict( + type='list', + elements='str', + choices=['PENDING_VALIDATION', 'ISSUED', 'INACTIVE', 'EXPIRED', 'VALIDATION_TIMED_OUT', 'REVOKED', 'FAILED'] + ), tags=dict(type='dict'), ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) diff --git a/plugins/modules/aws_batch_compute_environment.py b/plugins/modules/aws_batch_compute_environment.py index 3ead4a8512b..21eb4808f62 100644 --- a/plugins/modules/aws_batch_compute_environment.py +++ b/plugins/modules/aws_batch_compute_environment.py @@ -6,14 +6,15 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_batch_compute_environment version_added: 1.0.0 short_description: Manage AWS Batch Compute Environments description: - This module allows the management of AWS Batch Compute Environments. - It is idempotent and supports "Check" mode. Use module M(community.aws.aws_batch_compute_environment) to manage the compute + - It is idempotent and supports "Check" mode. + - Use module M(community.aws.aws_batch_compute_environment) to manage the compute environment, M(community.aws.aws_batch_job_queue) to manage job queues, M(community.aws.aws_batch_job_definition) to manage job definitions. @@ -21,8 +22,8 @@ options: compute_environment_name: description: - - The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores - are allowed. + - The name for your compute environment. + - Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. required: true type: str type: @@ -39,7 +40,8 @@ type: str compute_environment_state: description: - - The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs + - The state of the compute environment. + - If the state is C(ENABLED), then the compute environment accepts jobs from a queue and can scale out automatically based on queues. default: "ENABLED" choices: ["ENABLED", "DISABLED"] @@ -108,7 +110,8 @@ bid_percentage: description: - The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that - instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price + instance type before instances are launched. + - For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance. type: int spot_iam_fleet_role: @@ -124,45 +127,39 @@ ''' -EXAMPLES = ''' ---- -- hosts: localhost - gather_facts: no - vars: +EXAMPLES = r''' +- name: My Batch Compute Environment + community.aws.aws_batch_compute_environment: + compute_environment_name: computeEnvironmentName state: present - tasks: - - name: My Batch Compute Environment - community.aws.aws_batch_compute_environment: - compute_environment_name: computeEnvironmentName - state: present - region: us-east-1 - compute_environment_state: ENABLED - type: MANAGED - compute_resource_type: EC2 - minv_cpus: 0 - maxv_cpus: 2 - desiredv_cpus: 1 - instance_types: - - optimal - subnets: - - my-subnet1 - - my-subnet2 - security_group_ids: - - my-sg1 - - my-sg2 - instance_role: arn:aws:iam:::instance-profile/ - tags: - tag1: value1 - tag2: value2 - service_role: arn:aws:iam:::role/service-role/ - register: aws_batch_compute_environment_action - - - name: show results - debug: - var: aws_batch_compute_environment_action + region: us-east-1 + compute_environment_state: ENABLED + type: MANAGED + compute_resource_type: EC2 + minv_cpus: 0 + maxv_cpus: 2 + desiredv_cpus: 1 + instance_types: + - optimal + subnets: + - my-subnet1 + - my-subnet2 + security_group_ids: + - my-sg1 + - my-sg2 + instance_role: arn:aws:iam:::instance-profile/ + tags: + tag1: value1 + tag2: value2 + service_role: arn:aws:iam:::role/service-role/ + register: aws_batch_compute_environment_action + +- name: show results + debug: + var: aws_batch_compute_environment_action ''' -RETURN = ''' +RETURN = r''' --- output: description: "returns what action was taken, whether something was changed, invocation and response" @@ -229,9 +226,9 @@ type: dict ''' +import re from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict, camel_dict_to_snake_dict -import re try: from botocore.exceptions import ClientError, BotoCoreError @@ -459,10 +456,10 @@ def main(): minv_cpus=dict(type='int', required=True), maxv_cpus=dict(type='int', required=True), desiredv_cpus=dict(type='int'), - instance_types=dict(type='list', required=True), + instance_types=dict(type='list', required=True, elements='str'), image_id=dict(), - subnets=dict(type='list', required=True), - security_group_ids=dict(type='list', required=True), + subnets=dict(type='list', required=True, elements='str'), + security_group_ids=dict(type='list', required=True, elements='str'), ec2_key_pair=dict(), instance_role=dict(required=True), tags=dict(type='dict'), diff --git a/plugins/modules/aws_batch_job_definition.py b/plugins/modules/aws_batch_job_definition.py index b93ff5febe7..1c30d72efc5 100644 --- a/plugins/modules/aws_batch_job_definition.py +++ b/plugins/modules/aws_batch_job_definition.py @@ -6,17 +6,16 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_batch_job_definition version_added: 1.0.0 short_description: Manage AWS Batch Job Definitions description: - This module allows the management of AWS Batch Job Definitions. - It is idempotent and supports "Check" mode. Use module M(community.aws.aws_batch_compute_environment) to manage the compute + - It is idempotent and supports "Check" mode. + - Use module M(community.aws.aws_batch_compute_environment) to manage the compute environment, M(community.aws.aws_batch_job_queue) to manage job queues, M(community.aws.aws_batch_job_definition) to manage job definitions. - - author: Jon Meran (@jonmer85) options: job_definition_arn: @@ -178,7 +177,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' --- - hosts: localhost gather_facts: no @@ -208,7 +207,7 @@ debug: var=job_definition_create_result ''' -RETURN = ''' +RETURN = r''' --- output: description: "returns what action was taken, whether something was changed, invocation and response" @@ -427,14 +426,14 @@ def main(): image=dict(required=True), vcpus=dict(type='int', required=True), memory=dict(type='int', required=True), - command=dict(type='list', default=[]), + command=dict(type='list', default=[], elements='str'), job_role_arn=dict(), - volumes=dict(type='list', default=[]), - environment=dict(type='list', default=[]), - mount_points=dict(type='list', default=[]), + volumes=dict(type='list', default=[], elements='dict'), + environment=dict(type='list', default=[], elements='dict'), + mount_points=dict(type='list', default=[], elements='dict'), readonly_root_filesystem=dict(), privileged=dict(), - ulimits=dict(type='list', default=[]), + ulimits=dict(type='list', default=[], elements='dict'), user=dict(), attempts=dict(type='int') ) diff --git a/plugins/modules/aws_batch_job_queue.py b/plugins/modules/aws_batch_job_queue.py index afc49015397..e95940dbb8f 100644 --- a/plugins/modules/aws_batch_job_queue.py +++ b/plugins/modules/aws_batch_job_queue.py @@ -6,17 +6,16 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_batch_job_queue version_added: 1.0.0 short_description: Manage AWS Batch Job Queues description: - This module allows the management of AWS Batch Job Queues. - It is idempotent and supports "Check" mode. Use module M(community.aws.aws_batch_compute_environment) to manage the compute + - It is idempotent and supports "Check" mode. + - Use module M(community.aws.aws_batch_compute_environment) to manage the compute environment, M(community.aws.aws_batch_job_queue) to manage job queues, M(community.aws.aws_batch_job_definition) to manage job definitions. - - author: Jon Meran (@jonmer85) options: job_queue_name: @@ -32,7 +31,7 @@ type: str job_queue_state: description: - - The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs. + - The state of the job queue. If the job queue state is ENABLED, it is able to accept jobs. default: "ENABLED" choices: ["ENABLED", "DISABLED"] type: str @@ -69,32 +68,26 @@ ''' EXAMPLES = ''' ---- -- hosts: localhost - gather_facts: no - vars: +- name: My Batch Job Queue + community.aws.aws_batch_job_queue: + job_queue_name: jobQueueName state: present - tasks: - - name: My Batch Job Queue - community.aws.aws_batch_job_queue: - job_queue_name: jobQueueName - state: present - region: us-east-1 - job_queue_state: ENABLED - priority: 1 - compute_environment_order: - - order: 1 - compute_environment: my_compute_env1 - - order: 2 - compute_environment: my_compute_env2 - register: batch_job_queue_action - - - name: show results - debug: - var: batch_job_queue_action + region: us-east-1 + job_queue_state: ENABLED + priority: 1 + compute_environment_order: + - order: 1 + compute_environment: my_compute_env1 + - order: 2 + compute_environment: my_compute_env2 + register: batch_job_queue_action + +- name: show results + debug: + var: batch_job_queue_action ''' -RETURN = ''' +RETURN = r''' --- output: description: "returns what action was taken, whether something was changed, invocation and response" @@ -293,7 +286,7 @@ def main(): job_queue_name=dict(required=True), job_queue_state=dict(required=False, default='ENABLED', choices=['ENABLED', 'DISABLED']), priority=dict(type='int', required=True), - compute_environment_order=dict(type='list', required=True), + compute_environment_order=dict(type='list', required=True, elements='dict'), ) module = AnsibleAWSModule( diff --git a/plugins/modules/aws_codebuild.py b/plugins/modules/aws_codebuild.py index 22011422229..7c5e7500a50 100644 --- a/plugins/modules/aws_codebuild.py +++ b/plugins/modules/aws_codebuild.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_codebuild version_added: 1.0.0 @@ -163,7 +163,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - community.aws.aws_codebuild: @@ -191,7 +191,7 @@ state: present ''' -RETURN = ''' +RETURN = r''' project: description: Returns the dictionary describing the code project configuration. returned: success @@ -379,7 +379,7 @@ def main(): service_role=dict(), timeout_in_minutes=dict(type='int', default=60), encryption_key=dict(), - tags=dict(type='list'), + tags=dict(type='list', elements='dict'), vpc_config=dict(type='dict'), state=dict(choices=['present', 'absent'], default='present') ) diff --git a/plugins/modules/aws_codepipeline.py b/plugins/modules/aws_codepipeline.py index 5406389a129..8b44dc7614e 100644 --- a/plugins/modules/aws_codepipeline.py +++ b/plugins/modules/aws_codepipeline.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_codepipeline version_added: 1.0.0 @@ -79,7 +79,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) @@ -148,7 +148,7 @@ state: present ''' -RETURN = ''' +RETURN = r''' pipeline: description: Returns the dictionary describing the code pipeline configuration. returned: success @@ -266,7 +266,7 @@ def main(): name=dict(required=True, type='str'), role_arn=dict(required=True, type='str'), artifact_store=dict(required=True, type='dict'), - stages=dict(required=True, type='list'), + stages=dict(required=True, type='list', elements='dict'), version=dict(type='int'), state=dict(choices=['present', 'absent'], default='present') ) diff --git a/plugins/modules/aws_config_aggregator.py b/plugins/modules/aws_config_aggregator.py index fac17574c4b..250f004a0f7 100644 --- a/plugins/modules/aws_config_aggregator.py +++ b/plugins/modules/aws_config_aggregator.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_config_aggregator version_added: 1.0.0 @@ -75,7 +75,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Create cross-account aggregator community.aws.aws_config_aggregator: name: test_config_rule @@ -88,7 +88,7 @@ all_aws_regions: yes ''' -RETURN = '''#''' +RETURN = r'''#''' try: @@ -165,7 +165,7 @@ def main(): argument_spec={ 'name': dict(type='str', required=True), 'state': dict(type='str', choices=['present', 'absent'], default='present'), - 'account_sources': dict(type='list', required=True), + 'account_sources': dict(type='list', required=True, elements='dict'), 'organization_source': dict(type='dict', required=True) }, supports_check_mode=False, diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index 3c4cd886a81..7547b027f0c 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_direct_connect_virtual_interface version_added: 1.0.0 @@ -83,7 +83,7 @@ ''' -RETURN = ''' +RETURN = r''' address_family: description: The address family for the BGP peer. returned: always @@ -217,7 +217,7 @@ sample: 100 ''' -EXAMPLES = ''' +EXAMPLES = r''' --- - name: create an association between a LAG and connection community.aws.aws_direct_connect_virtual_interface: @@ -467,7 +467,7 @@ def main(): amazon_address=dict(), customer_address=dict(), address_type=dict(), - cidr=dict(type='list'), + cidr=dict(type='list', elements='str'), virtual_gateway_id=dict(), virtual_interface_id=dict() ) diff --git a/plugins/modules/aws_eks_cluster.py b/plugins/modules/aws_eks_cluster.py index c39f8464bec..d6df16093f3 100644 --- a/plugins/modules/aws_eks_cluster.py +++ b/plugins/modules/aws_eks_cluster.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_eks_cluster version_added: 1.0.0 @@ -62,7 +62,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create an EKS cluster @@ -84,7 +84,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' arn: description: ARN of the EKS cluster returned: when state is present @@ -270,8 +270,8 @@ def main(): name=dict(required=True), version=dict(), role_arn=dict(), - subnets=dict(type='list'), - security_groups=dict(type='list'), + subnets=dict(type='list', elements='str'), + security_groups=dict(type='list', elements='str'), state=dict(choices=['absent', 'present'], default='present'), wait=dict(default=False, type='bool'), wait_timeout=dict(default=1200, type='int') diff --git a/plugins/modules/aws_glue_connection.py b/plugins/modules/aws_glue_connection.py index 7502af6f9e6..0df4ab915d1 100644 --- a/plugins/modules/aws_glue_connection.py +++ b/plugins/modules/aws_glue_connection.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_glue_connection version_added: 1.0.0 @@ -67,7 +67,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue connection @@ -86,7 +86,7 @@ ''' -RETURN = ''' +RETURN = r''' connection_properties: description: A dict of key-value pairs used as parameters for this connection. returned: when state is present @@ -306,9 +306,9 @@ def main(): connection_properties=dict(type='dict'), connection_type=dict(type='str', default='JDBC', choices=['JDBC', 'SFTP']), description=dict(type='str'), - match_criteria=dict(type='list'), + match_criteria=dict(type='list', elements='str'), name=dict(required=True, type='str'), - security_groups=dict(type='list'), + security_groups=dict(type='list', elements='str'), state=dict(required=True, choices=['present', 'absent'], type='str'), subnet_id=dict(type='str') ) diff --git a/plugins/modules/aws_glue_job.py b/plugins/modules/aws_glue_job.py index c0edd59328c..1d991f52f41 100644 --- a/plugins/modules/aws_glue_job.py +++ b/plugins/modules/aws_glue_job.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_glue_job version_added: 1.0.0 @@ -81,7 +81,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue job @@ -98,7 +98,7 @@ ''' -RETURN = ''' +RETURN = r''' allocated_capacity: description: The number of AWS Glue data processing units (DPUs) allocated to runs of this job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power @@ -337,7 +337,7 @@ def main(): allocated_capacity=dict(type='int'), command_name=dict(type='str', default='glueetl'), command_script_location=dict(type='str'), - connections=dict(type='list'), + connections=dict(type='list', elements='str'), default_arguments=dict(type='dict'), description=dict(type='str'), max_concurrent_runs=dict(type='int'), diff --git a/plugins/modules/aws_kms.py b/plugins/modules/aws_kms.py index be4394f2caf..b86686cd264 100644 --- a/plugins/modules/aws_kms.py +++ b/plugins/modules/aws_kms.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_kms version_added: 1.0.0 @@ -174,7 +174,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile # and has been deprecated in favour of the policy option. - name: grant user-style access to production secrets @@ -235,7 +235,7 @@ state: present ''' -RETURN = ''' +RETURN = r''' key_id: description: ID of key type: str @@ -1022,14 +1022,14 @@ def main(): policy_mode=dict(aliases=['mode'], choices=['grant', 'deny'], default='grant'), policy_role_name=dict(aliases=['role_name']), policy_role_arn=dict(aliases=['role_arn']), - policy_grant_types=dict(aliases=['grant_types'], type='list'), + policy_grant_types=dict(aliases=['grant_types'], type='list', elements='str'), policy_clean_invalid_entries=dict(aliases=['clean_invalid_entries'], type='bool', default=True), key_id=dict(aliases=['key_arn']), description=dict(), enabled=dict(type='bool', default=True), tags=dict(type='dict', default={}), purge_tags=dict(type='bool', default=False), - grants=dict(type='list', default=[]), + grants=dict(type='list', default=[], elements='dict'), policy=dict(type='json'), purge_grants=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent']), diff --git a/plugins/modules/aws_s3_cors.py b/plugins/modules/aws_s3_cors.py index f56f9ce06b5..0577c955e91 100644 --- a/plugins/modules/aws_s3_cors.py +++ b/plugins/modules/aws_s3_cors.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: aws_s3_cors version_added: 1.0.0 @@ -25,6 +25,7 @@ description: - Cors rules to put on the s3 bucket type: list + elements: str state: description: - Create or remove cors on the s3 bucket @@ -37,7 +38,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Create a simple cors for s3 bucket @@ -63,7 +64,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' changed: description: check to see if a change was made to the rules returned: always @@ -146,7 +147,7 @@ def main(): argument_spec = dict( name=dict(required=True, type='str'), - rules=dict(type='list'), + rules=dict(type='list', elements='str'), state=dict(type='str', choices=['present', 'absent'], required=True) ) diff --git a/plugins/modules/aws_waf_condition.py b/plugins/modules/aws_waf_condition.py index e0f4dea2cc5..006caaad7cd 100644 --- a/plugins/modules/aws_waf_condition.py +++ b/plugins/modules/aws_waf_condition.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: aws_waf_condition short_description: Create and delete WAF Conditions version_added: 1.0.0 @@ -137,7 +137,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: create WAF byte condition community.aws.aws_waf_condition: name: my_byte_condition @@ -205,7 +205,7 @@ ''' -RETURN = ''' +RETURN = r''' condition: description: Condition returned by operation. returned: always @@ -705,7 +705,7 @@ def main(): argument_spec = dict( name=dict(required=True), type=dict(required=True, choices=['byte', 'geo', 'ip', 'regex', 'size', 'sql', 'xss']), - filters=dict(type='list'), + filters=dict(type='list', elements='dict'), purge_filters=dict(type='bool', default=False), waf_regional=dict(type='bool', default=False), state=dict(default='present', choices=['present', 'absent']), diff --git a/plugins/modules/aws_waf_rule.py b/plugins/modules/aws_waf_rule.py index 3ce660a3cbe..ce28559b35f 100644 --- a/plugins/modules/aws_waf_rule.py +++ b/plugins/modules/aws_waf_rule.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: aws_waf_rule short_description: Create and delete WAF Rules version_added: 1.0.0 @@ -73,8 +73,7 @@ type: bool ''' -EXAMPLES = ''' - +EXAMPLES = r''' - name: create WAF rule community.aws.aws_waf_rule: name: my_waf_rule @@ -93,10 +92,9 @@ community.aws.aws_waf_rule: name: "my_waf_rule" state: absent - ''' -RETURN = ''' +RETURN = r''' rule: description: WAF rule contents returned: always @@ -153,8 +151,6 @@ list_regional_rules_with_backoff, list_rules_with_backoff, run_func_with_change_token_backoff, -) -from ansible_collections.amazon.aws.plugins.module_utils.waf import ( get_web_acl_with_backoff, list_web_acls_with_backoff, list_regional_web_acls_with_backoff, @@ -340,7 +336,7 @@ def main(): name=dict(required=True), metric_name=dict(), state=dict(default='present', choices=['present', 'absent']), - conditions=dict(type='list'), + conditions=dict(type='list', elements='dict'), purge_conditions=dict(type='bool', default=False), waf_regional=dict(type='bool', default=False), ) diff --git a/plugins/modules/aws_waf_web_acl.py b/plugins/modules/aws_waf_web_acl.py index da7b378a55c..7cdf770aa38 100644 --- a/plugins/modules/aws_waf_web_acl.py +++ b/plugins/modules/aws_waf_web_acl.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: aws_waf_web_acl short_description: Create and delete WAF Web ACLs. version_added: 1.0.0 @@ -84,7 +84,7 @@ type: bool ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: create web ACL community.aws.aws_waf_web_acl: name: my_web_acl @@ -102,7 +102,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' web_acl: description: contents of the Web ACL. returned: always @@ -339,7 +339,7 @@ def main(): default_action=dict(choices=['block', 'allow', 'count']), metric_name=dict(), state=dict(default='present', choices=['present', 'absent']), - rules=dict(type='list'), + rules=dict(type='list', elements='dict'), purge_rules=dict(type='bool', default=False), waf_regional=dict(type='bool', default=False) ) diff --git a/scripts/inventory/ec2.py b/scripts/inventory/ec2.py index aa1a2d53eaf..d47a67e9308 100644 --- a/scripts/inventory/ec2.py +++ b/scripts/inventory/ec2.py @@ -1,4 +1,9 @@ #!/usr/bin/env python +# Copyright: (c) 2012, Peter Sankauskas + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type ''' EC2 external inventory script @@ -135,13 +140,6 @@ 'webserver-ansible-blue-172.31.0.1' ''' -# (c) 2012, Peter Sankauskas - -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -from __future__ import (absolute_import, division, print_function) -__metaclass__ = type - - import sys import os import argparse From 3fd595d2e2afd29e4649eda4378d88c3c971bbb5 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 8 Jul 2020 15:15:25 -0700 Subject: [PATCH 036/129] Cleanup sanity items that were not previously caught (#131) --- plugins/modules/rds_param_group.py | 2 +- tests/sanity/ignore-2.10.txt | 31 ------------------------------ tests/sanity/ignore-2.11.txt | 31 ------------------------------ tests/sanity/ignore-2.9.txt | 31 ------------------------------ 4 files changed, 1 insertion(+), 94 deletions(-) diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index ce271712211..4870d0657fb 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -55,7 +55,7 @@ type: dict purge_tags: description: - - Whether or not to remove tags that do not appear in the M(tags) list. + - Whether or not to remove tags that do not appear in the C(tags) list. type: bool default: False author: diff --git a/tests/sanity/ignore-2.10.txt b/tests/sanity/ignore-2.10.txt index dd21d26881e..763fac478ee 100644 --- a/tests/sanity/ignore-2.10.txt +++ b/tests/sanity/ignore-2.10.txt @@ -1,34 +1,3 @@ -plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch -plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_compute_environment.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_job_definition.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_job_definition.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_job_queue.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_job_queue.py validate-modules:parameter-list-no-elements -plugins/modules/aws_codebuild.py validate-modules:doc-elements-mismatch -plugins/modules/aws_codebuild.py validate-modules:parameter-list-no-elements -plugins/modules/aws_codepipeline.py validate-modules:doc-elements-mismatch -plugins/modules/aws_codepipeline.py validate-modules:parameter-list-no-elements -plugins/modules/aws_config_aggregator.py validate-modules:doc-elements-mismatch -plugins/modules/aws_config_aggregator.py validate-modules:parameter-list-no-elements -plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:doc-elements-mismatch -plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:parameter-list-no-elements -plugins/modules/aws_eks_cluster.py validate-modules:doc-elements-mismatch -plugins/modules/aws_eks_cluster.py validate-modules:parameter-list-no-elements -plugins/modules/aws_glue_connection.py validate-modules:doc-elements-mismatch -plugins/modules/aws_glue_connection.py validate-modules:parameter-list-no-elements -plugins/modules/aws_glue_job.py validate-modules:doc-elements-mismatch -plugins/modules/aws_glue_job.py validate-modules:parameter-list-no-elements -plugins/modules/aws_kms.py validate-modules:doc-elements-mismatch -plugins/modules/aws_kms.py validate-modules:parameter-list-no-elements -plugins/modules/aws_s3_cors.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_condition.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_condition.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_rule.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_rule.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_web_acl.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_web_acl.py validate-modules:parameter-list-no-elements plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch diff --git a/tests/sanity/ignore-2.11.txt b/tests/sanity/ignore-2.11.txt index dd21d26881e..763fac478ee 100644 --- a/tests/sanity/ignore-2.11.txt +++ b/tests/sanity/ignore-2.11.txt @@ -1,34 +1,3 @@ -plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch -plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_compute_environment.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_job_definition.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_job_definition.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_job_queue.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_job_queue.py validate-modules:parameter-list-no-elements -plugins/modules/aws_codebuild.py validate-modules:doc-elements-mismatch -plugins/modules/aws_codebuild.py validate-modules:parameter-list-no-elements -plugins/modules/aws_codepipeline.py validate-modules:doc-elements-mismatch -plugins/modules/aws_codepipeline.py validate-modules:parameter-list-no-elements -plugins/modules/aws_config_aggregator.py validate-modules:doc-elements-mismatch -plugins/modules/aws_config_aggregator.py validate-modules:parameter-list-no-elements -plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:doc-elements-mismatch -plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:parameter-list-no-elements -plugins/modules/aws_eks_cluster.py validate-modules:doc-elements-mismatch -plugins/modules/aws_eks_cluster.py validate-modules:parameter-list-no-elements -plugins/modules/aws_glue_connection.py validate-modules:doc-elements-mismatch -plugins/modules/aws_glue_connection.py validate-modules:parameter-list-no-elements -plugins/modules/aws_glue_job.py validate-modules:doc-elements-mismatch -plugins/modules/aws_glue_job.py validate-modules:parameter-list-no-elements -plugins/modules/aws_kms.py validate-modules:doc-elements-mismatch -plugins/modules/aws_kms.py validate-modules:parameter-list-no-elements -plugins/modules/aws_s3_cors.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_condition.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_condition.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_rule.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_rule.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_web_acl.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_web_acl.py validate-modules:parameter-list-no-elements plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index df2549f3415..870c78e01c8 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -1,34 +1,3 @@ -plugins/modules/aws_acm_info.py validate-modules:doc-elements-mismatch -plugins/modules/aws_acm_info.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_compute_environment.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_compute_environment.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_job_definition.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_job_definition.py validate-modules:parameter-list-no-elements -plugins/modules/aws_batch_job_queue.py validate-modules:doc-elements-mismatch -plugins/modules/aws_batch_job_queue.py validate-modules:parameter-list-no-elements -plugins/modules/aws_codebuild.py validate-modules:doc-elements-mismatch -plugins/modules/aws_codebuild.py validate-modules:parameter-list-no-elements -plugins/modules/aws_codepipeline.py validate-modules:doc-elements-mismatch -plugins/modules/aws_codepipeline.py validate-modules:parameter-list-no-elements -plugins/modules/aws_config_aggregator.py validate-modules:doc-elements-mismatch -plugins/modules/aws_config_aggregator.py validate-modules:parameter-list-no-elements -plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:doc-elements-mismatch -plugins/modules/aws_direct_connect_virtual_interface.py validate-modules:parameter-list-no-elements -plugins/modules/aws_eks_cluster.py validate-modules:doc-elements-mismatch -plugins/modules/aws_eks_cluster.py validate-modules:parameter-list-no-elements -plugins/modules/aws_glue_connection.py validate-modules:doc-elements-mismatch -plugins/modules/aws_glue_connection.py validate-modules:parameter-list-no-elements -plugins/modules/aws_glue_job.py validate-modules:doc-elements-mismatch -plugins/modules/aws_glue_job.py validate-modules:parameter-list-no-elements -plugins/modules/aws_kms.py validate-modules:doc-elements-mismatch -plugins/modules/aws_kms.py validate-modules:parameter-list-no-elements -plugins/modules/aws_s3_cors.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_condition.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_condition.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_rule.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_rule.py validate-modules:parameter-list-no-elements -plugins/modules/aws_waf_web_acl.py validate-modules:doc-elements-mismatch -plugins/modules/aws_waf_web_acl.py validate-modules:parameter-list-no-elements plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch From f0e7d330943686416775103dd75c9deec0ee9bff Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Thu, 9 Jul 2020 00:52:13 +0200 Subject: [PATCH 037/129] Enable all sanity tests (#129) * Enable all sanity tests. * Update ignore.txt. Co-authored-by: Jill R <4121322+jillr@users.noreply.github.com> --- tests/sanity/ignore-2.9.txt | 111 ++------------------------------ tests/utils/shippable/sanity.sh | 15 +---- 2 files changed, 7 insertions(+), 119 deletions(-) diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index 870c78e01c8..45e370f6e1d 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -1,109 +1,6 @@ -plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch -plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements -plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch -plugins/modules/cloudfront_distribution.py validate-modules:parameter-list-no-elements -plugins/modules/cloudfront_invalidation.py validate-modules:doc-elements-mismatch -plugins/modules/cloudfront_invalidation.py validate-modules:parameter-list-no-elements -plugins/modules/cloudwatchevent_rule.py validate-modules:doc-elements-mismatch -plugins/modules/cloudwatchevent_rule.py validate-modules:parameter-list-no-elements -plugins/modules/data_pipeline.py validate-modules:doc-elements-mismatch -plugins/modules/data_pipeline.py validate-modules:parameter-list-no-elements -plugins/modules/dynamodb_table.py validate-modules:doc-elements-mismatch -plugins/modules/dynamodb_table.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_asg.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_asg.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_customer_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_customer_gateway_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_elb.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_elb_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_instance.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_instance_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_launch_template.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_launch_template.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_lc.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_lc.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_lc_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_lc_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_metric_alarm.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_metric_alarm.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_placement_group_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_placement_group_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_transit_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_endpoint_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_igw_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_igw_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nacl.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nacl_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_peering_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_peering_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_route_table.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_route_table.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vgw_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vgw_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vpn.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vpn.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vpn_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vpn_info.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_attribute.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_attribute.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_service_info.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_service_info.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_task.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_task.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_taskdefinition.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_taskdefinition.py validate-modules:parameter-list-no-elements -plugins/modules/efs.py validate-modules:doc-elements-mismatch -plugins/modules/efs.py validate-modules:parameter-list-no-elements -plugins/modules/efs_info.py validate-modules:doc-elements-mismatch -plugins/modules/efs_info.py validate-modules:parameter-list-no-elements -plugins/modules/elasticache.py validate-modules:doc-elements-mismatch -plugins/modules/elasticache.py validate-modules:parameter-list-no-elements -plugins/modules/elasticache_subnet_group.py validate-modules:doc-elements-mismatch -plugins/modules/elasticache_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/elb_application_lb.py validate-modules:doc-elements-mismatch -plugins/modules/elb_application_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_application_lb_info.py validate-modules:parameter-list-no-elements -plugins/modules/elb_classic_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_classic_lb_info.py validate-modules:parameter-list-no-elements -plugins/modules/elb_instance.py validate-modules:parameter-list-no-elements -plugins/modules/elb_network_lb.py validate-modules:doc-elements-mismatch -plugins/modules/elb_network_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_target_group.py validate-modules:parameter-list-no-elements -plugins/modules/elb_target_group_info.py validate-modules:parameter-list-no-elements -plugins/modules/iam.py validate-modules:parameter-list-no-elements -plugins/modules/iam_group.py validate-modules:doc-elements-mismatch -plugins/modules/iam_group.py validate-modules:parameter-list-no-elements -plugins/modules/iam_role.py validate-modules:parameter-list-no-elements -plugins/modules/iam_user.py validate-modules:parameter-list-no-elements -plugins/modules/lambda.py validate-modules:doc-elements-mismatch -plugins/modules/lambda.py validate-modules:parameter-list-no-elements -plugins/modules/rds.py validate-modules:doc-elements-mismatch -plugins/modules/rds.py validate-modules:parameter-list-no-elements -plugins/modules/rds_instance.py validate-modules:parameter-list-no-elements -plugins/modules/rds_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/redshift.py validate-modules:doc-elements-mismatch -plugins/modules/redshift.py validate-modules:parameter-list-no-elements -plugins/modules/redshift_subnet_group.py validate-modules:doc-elements-mismatch -plugins/modules/redshift_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/route53.py validate-modules:parameter-list-no-elements -plugins/modules/route53.py validate-modules:parameter-state-invalid-choice -plugins/modules/route53_info.py validate-modules:doc-elements-mismatch -plugins/modules/route53_info.py validate-modules:parameter-list-no-elements -plugins/modules/s3_bucket_notification.py validate-modules:doc-elements-mismatch -plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-elements -plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements -plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch -plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements -tests/utils/shippable/check_matrix.py replace-urlopen -tests/utils/shippable/timing.py shebang plugins/modules/aws_acm_info.py pylint:ansible-deprecated-no-version -plugins/modules/aws_kms_info.py pylint:ansible-deprecated-no-version plugins/modules/aws_kms.py pylint:ansible-deprecated-no-version +plugins/modules/aws_kms_info.py pylint:ansible-deprecated-no-version plugins/modules/aws_region_info.py pylint:ansible-deprecated-no-version plugins/modules/aws_s3_bucket_info.py pylint:ansible-deprecated-no-version plugins/modules/aws_sgw_info.py pylint:ansible-deprecated-no-version @@ -137,10 +34,14 @@ plugins/modules/elb_target_group_info.py pylint:ansible-deprecated-no-version plugins/modules/elb_target_info.py pylint:ansible-deprecated-no-version plugins/modules/iam_mfa_device_info.py pylint:ansible-deprecated-no-version plugins/modules/iam_policy.py pylint:ansible-deprecated-no-version -plugins/modules/iam_role_info.py pylint:ansible-deprecated-no-version plugins/modules/iam_role.py pylint:ansible-deprecated-no-version +plugins/modules/iam_role_info.py pylint:ansible-deprecated-no-version plugins/modules/iam_server_certificate_info.py pylint:ansible-deprecated-no-version +plugins/modules/lambda_facts.py validate-modules:deprecation-mismatch +plugins/modules/lambda_facts.py validate-modules:invalid-documentation plugins/modules/rds_instance_info.py pylint:ansible-deprecated-no-version plugins/modules/rds_snapshot_info.py pylint:ansible-deprecated-no-version plugins/modules/redshift_info.py pylint:ansible-deprecated-no-version plugins/modules/route53_info.py pylint:ansible-deprecated-no-version +tests/utils/shippable/check_matrix.py replace-urlopen +tests/utils/shippable/timing.py shebang diff --git a/tests/utils/shippable/sanity.sh b/tests/utils/shippable/sanity.sh index d5aa1fe5568..dd1e68b9357 100755 --- a/tests/utils/shippable/sanity.sh +++ b/tests/utils/shippable/sanity.sh @@ -2,26 +2,13 @@ set -o pipefail -eux -declare -a args -IFS='/:' read -ra args <<< "$1" - -group="${args[1]}" - if [ "${BASE_BRANCH:-}" ]; then base_branch="origin/${BASE_BRANCH}" else base_branch="" fi -case "${group}" in - 1) options=(--skip-test pylint --skip-test ansible-doc --skip-test validate-modules) ;; - 2) options=( --test ansible-doc) ;; - 3) options=(--test pylint --exclude test/units/ --exclude lib/ansible/module_utils/) ;; - 4) options=(--test pylint test/units/ lib/ansible/module_utils/) ;; - 5) options=( --test validate-modules) ;; -esac - # shellcheck disable=SC2086 ansible-test sanity --color -v --junit ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} \ --docker --base-branch "${base_branch}" \ - "${options[@]}" --allow-disabled + --allow-disabled From 0b9b2dc7d5b3e9f71af3f372254fdff24c24b9ac Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 9 Jul 2020 01:42:48 +0200 Subject: [PATCH 038/129] use module.region to get aws region instead of get_aws_connection_info (#4) --- plugins/modules/aws_ses_identity.py | 5 +++-- plugins/modules/efs_info.py | 9 +++++---- plugins/modules/elasticache_info.py | 10 ++++------ 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/plugins/modules/aws_ses_identity.py b/plugins/modules/aws_ses_identity.py index 710ec01817e..d3c88156114 100644 --- a/plugins/modules/aws_ses_identity.py +++ b/plugins/modules/aws_ses_identity.py @@ -218,8 +218,9 @@ type: bool ''' +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry import time @@ -530,7 +531,7 @@ def main(): state = module.params.get("state") if state == 'present': - region = get_aws_connection_info(module, boto3=True)[0] + region = module.region account_id = get_account_id(module) validate_params_for_identity_present(module) create_or_update_identity(connection, module, region, account_id) diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index 95e82926486..00f74e677b2 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -177,10 +177,11 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info, AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, boto3_tag_list_to_ansible_dict from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict class EFSConnection(object): @@ -196,7 +197,7 @@ def __init__(self, module): except Exception as e: module.fail_json(msg="Failed to connect to AWS: %s" % to_native(e)) - self.region = get_aws_connection_info(module, boto3=True)[0] + self.region = module.region @AWSRetry.exponential_backoff(catch_extra_error_codes=['ThrottlingException']) def list_file_systems(self, **kwargs): diff --git a/plugins/modules/elasticache_info.py b/plugins/modules/elasticache_info.py index 8f3850ddf96..5b22c5cec1c 100644 --- a/plugins/modules/elasticache_info.py +++ b/plugins/modules/elasticache_info.py @@ -223,12 +223,10 @@ Environment: test ''' +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (get_aws_connection_info, - camel_dict_to_snake_dict, - AWSRetry, - boto3_tag_list_to_ansible_dict, - ) +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict try: @@ -272,7 +270,7 @@ def get_aws_account_id(module): def get_elasticache_clusters(client, module): - region = get_aws_connection_info(module, boto3=True)[0] + region = module.region try: clusters = describe_cache_clusters_with_backoff(client, cluster_id=module.params.get('name')) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: From 059cf9efc95bb976de21ab4f8e4d9ddd001983fc Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Thu, 16 Jul 2020 01:31:41 +0530 Subject: [PATCH 039/129] Docs: sanity fixes (#133) Signed-off-by: Abhijeet Kasurde --- plugins/modules/cloudformation_stack_set.py | 12 +-- plugins/modules/cloudfront_distribution.py | 18 ++-- plugins/modules/cloudfront_invalidation.py | 8 +- plugins/modules/cloudwatchevent_rule.py | 6 +- plugins/modules/data_pipeline.py | 14 +-- plugins/modules/dynamodb_table.py | 10 +- plugins/modules/ec2_asg.py | 30 +++--- plugins/modules/ec2_customer_gateway_info.py | 8 +- plugins/modules/ec2_elb.py | 10 +- plugins/modules/ec2_elb_info.py | 17 ++-- plugins/modules/ec2_instance.py | 11 +- plugins/modules/ec2_instance_info.py | 9 +- plugins/modules/ec2_launch_template.py | 13 ++- plugins/modules/ec2_lc.py | 12 +-- plugins/modules/ec2_lc_info.py | 8 +- plugins/modules/ec2_metric_alarm.py | 10 +- plugins/modules/ec2_placement_group_info.py | 6 +- plugins/modules/ec2_transit_gateway_info.py | 7 +- plugins/modules/ec2_vpc_endpoint.py | 8 +- plugins/modules/ec2_vpc_endpoint_info.py | 8 +- plugins/modules/ec2_vpc_igw_info.py | 8 +- plugins/modules/ec2_vpc_nacl.py | 15 +-- plugins/modules/ec2_vpc_nacl_info.py | 9 +- plugins/modules/ec2_vpc_nat_gateway_info.py | 8 +- plugins/modules/ec2_vpc_peering_info.py | 8 +- plugins/modules/ec2_vpc_route_table.py | 12 +-- plugins/modules/ec2_vpc_vgw_info.py | 8 +- plugins/modules/ec2_vpc_vpn.py | 10 +- plugins/modules/ec2_vpc_vpn_info.py | 8 +- plugins/modules/ecs_attribute.py | 8 +- plugins/modules/ecs_service.py | 42 +++++--- plugins/modules/ecs_service_info.py | 8 +- plugins/modules/ecs_task.py | 8 +- plugins/modules/ecs_taskdefinition.py | 10 +- plugins/modules/efs.py | 8 +- plugins/modules/efs_info.py | 8 +- plugins/modules/elasticache.py | 8 +- plugins/modules/elasticache_subnet_group.py | 6 +- plugins/modules/elb_application_lb.py | 22 ++-- plugins/modules/elb_application_lb_info.py | 12 ++- plugins/modules/elb_classic_lb.py | 22 ++-- plugins/modules/elb_classic_lb_info.py | 9 +- plugins/modules/elb_instance.py | 7 +- plugins/modules/elb_network_lb.py | 15 +-- plugins/modules/elb_target_group.py | 9 +- plugins/modules/elb_target_group_info.py | 12 ++- plugins/modules/iam.py | 12 ++- plugins/modules/iam_group.py | 10 +- plugins/modules/iam_role.py | 11 +- plugins/modules/iam_user.py | 9 +- plugins/modules/lambda.py | 10 +- plugins/modules/rds.py | 12 +-- plugins/modules/rds_instance.py | 15 +-- plugins/modules/rds_subnet_group.py | 9 +- plugins/modules/redshift.py | 10 +- plugins/modules/redshift_subnet_group.py | 8 +- plugins/modules/route53.py | 7 +- plugins/modules/route53_info.py | 6 +- plugins/modules/s3_bucket_notification.py | 8 +- plugins/modules/s3_lifecycle.py | 10 +- plugins/modules/sns_topic.py | 8 +- tests/sanity/ignore-2.10.txt | 102 ------------------- tests/sanity/ignore-2.11.txt | 102 ------------------- 63 files changed, 362 insertions(+), 512 deletions(-) diff --git a/plugins/modules/cloudformation_stack_set.py b/plugins/modules/cloudformation_stack_set.py index 990dfdc33c8..148cbe61047 100644 --- a/plugins/modules/cloudformation_stack_set.py +++ b/plugins/modules/cloudformation_stack_set.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: cloudformation_stack_set version_added: 1.0.0 @@ -176,7 +176,7 @@ requirements: [ boto3>=1.6, botocore>=1.10.26 ] ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Create a stack set with instances in two accounts community.aws.cloudformation_stack_set: name: my-stack @@ -215,7 +215,7 @@ - us-east-1 ''' -RETURN = ''' +RETURN = r''' operations_log: type: list description: Most recent events in CloudFormation's event log. This may be from a previous run in some cases. @@ -505,9 +505,9 @@ def main(): template=dict(type='path'), template_url=dict(), template_body=dict(), - capabilities=dict(type='list', choices=['CAPABILITY_IAM', 'CAPABILITY_NAMED_IAM']), - regions=dict(type='list'), - accounts=dict(type='list'), + capabilities=dict(type='list', elements='str', choices=['CAPABILITY_IAM', 'CAPABILITY_NAMED_IAM']), + regions=dict(type='list', elements='str'), + accounts=dict(type='list', elements='str'), failure_tolerance=dict( type='dict', default={}, diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index f5abb2a0d8e..36e8e6bd1b8 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- version_added: 1.0.0 @@ -220,7 +220,7 @@ whitelisted_names: type: list elements: str - description: A list of coockies to forward to the origin for this cache behavior. + description: A list of cookies to forward to the origin for this cache behavior. headers: description: - A list of headers to forward to the origin for this cache behavior. @@ -337,7 +337,7 @@ whitelisted_names: type: list elements: str - description: A list of coockies to forward to the origin for this cache behavior. + description: A list of cookies to forward to the origin for this cache behavior. headers: description: - A list of headers to forward to the origin for this cache behavior. @@ -534,7 +534,7 @@ - A config element that is a complex object that describes how a distribution should restrict it's content. suboptions: geo_restriction: - description: Apply a restriciton based on the location of the requester. + description: Apply a restriction based on the location of the requester. type: dict suboptions: restriction_type: @@ -673,7 +673,7 @@ caller_reference: replaceable distribution ''' -RETURN = ''' +RETURN = r''' active_trusted_signers: description: Key pair IDs that CloudFront is aware of for each trusted signer. returned: always @@ -2093,15 +2093,15 @@ def main(): tags=dict(type='dict', default={}), purge_tags=dict(type='bool', default=False), alias=dict(), - aliases=dict(type='list', default=[]), + aliases=dict(type='list', default=[], elements='str'), purge_aliases=dict(type='bool', default=False), default_root_object=dict(), - origins=dict(type='list'), + origins=dict(type='list', elements='dict'), purge_origins=dict(type='bool', default=False), default_cache_behavior=dict(type='dict'), - cache_behaviors=dict(type='list'), + cache_behaviors=dict(type='list', elements='dict'), purge_cache_behaviors=dict(type='bool', default=False), - custom_error_responses=dict(type='list'), + custom_error_responses=dict(type='list', elements='dict'), purge_custom_error_responses=dict(type='bool', default=False), logging=dict(type='dict'), price_class=dict(), diff --git a/plugins/modules/cloudfront_invalidation.py b/plugins/modules/cloudfront_invalidation.py index 1f3e50331ca..52e3aea1873 100644 --- a/plugins/modules/cloudfront_invalidation.py +++ b/plugins/modules/cloudfront_invalidation.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- version_added: 1.0.0 @@ -58,7 +58,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: create a batch of invalidations using a distribution_id for a reference community.aws.cloudfront_invalidation: @@ -80,7 +80,7 @@ ''' -RETURN = ''' +RETURN = r''' invalidation: description: The invalidation's information. returned: always @@ -247,7 +247,7 @@ def main(): caller_reference=dict(), distribution_id=dict(), alias=dict(), - target_paths=dict(required=True, type='list') + target_paths=dict(required=True, type='list', elements='str') ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False, mutually_exclusive=[['distribution_id', 'alias']]) diff --git a/plugins/modules/cloudwatchevent_rule.py b/plugins/modules/cloudwatchevent_rule.py index b90b7feca6c..0ba66909d25 100644 --- a/plugins/modules/cloudwatchevent_rule.py +++ b/plugins/modules/cloudwatchevent_rule.py @@ -107,7 +107,7 @@ required: false ''' -EXAMPLES = ''' +EXAMPLES = r''' - community.aws.cloudwatchevent_rule: name: MyCronTask schedule_expression: "cron(0 20 * * ? *)" @@ -131,7 +131,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' rule: description: CloudWatch Event rule data. returned: success @@ -430,7 +430,7 @@ def main(): default='present'), description=dict(), role_arn=dict(), - targets=dict(type='list', default=[]), + targets=dict(type='list', default=[], elements='dict'), ) module = AnsibleAWSModule(argument_spec=argument_spec) diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index d25563e45ac..8394078fe68 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: data_pipeline version_added: 1.0.0 @@ -128,7 +128,7 @@ type: str ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Create pipeline @@ -180,7 +180,7 @@ ''' -RETURN = ''' +RETURN = r''' changed: description: whether the data pipeline has been modified type: bool @@ -278,7 +278,7 @@ def pipeline_field(client, dp_id, field): def run_with_timeout(timeout, func, *func_args, **func_kwargs): - """Run func with the provided args and kwargs, and wait utill + """Run func with the provided args and kwargs, and wait until timeout for truthy return value :param int timeout: time to wait for status @@ -607,13 +607,13 @@ def main(): name=dict(required=True), version=dict(removed_at_date='2022-06-01', removed_from_collection='community.aws'), description=dict(required=False, default=''), - objects=dict(required=False, type='list', default=[]), - parameters=dict(required=False, type='list', default=[]), + objects=dict(required=False, type='list', default=[], elements='dict'), + parameters=dict(required=False, type='list', default=[], elements='dict'), timeout=dict(required=False, type='int', default=300), state=dict(default='present', choices=['present', 'absent', 'active', 'inactive']), tags=dict(required=False, type='dict', default={}), - values=dict(required=False, type='list', default=[]) + values=dict(required=False, type='list', default=[], elements='dict') ) ) module = AnsibleModule(argument_spec, supports_check_mode=False) diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py index d528e460078..e6ae5b1af1f 100644 --- a/plugins/modules/dynamodb_table.py +++ b/plugins/modules/dynamodb_table.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: dynamodb_table version_added: 1.0.0 @@ -121,7 +121,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Create dynamo table with hash and range primary key community.aws.dynamodb_table: name: my-table @@ -164,7 +164,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' table_status: description: The current status of the table. returned: success @@ -196,12 +196,12 @@ try: import botocore - from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, boto3_conn HAS_BOTO3 = True except ImportError: HAS_BOTO3 = False from ansible.module_utils.basic import AnsibleModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError, connect_to_aws, ec2_argument_spec, get_aws_connection_info @@ -467,7 +467,7 @@ def main(): range_key_type=dict(default='STRING', type='str', choices=['STRING', 'NUMBER', 'BINARY']), read_capacity=dict(default=1, type='int'), write_capacity=dict(default=1, type='int'), - indexes=dict(default=[], type='list'), + indexes=dict(default=[], type='list', elements='dict'), tags=dict(type='dict'), wait_for_active_timeout=dict(default=60, type='int'), )) diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index 43afa725385..f466a8664f4 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_asg version_added: 1.0.0 @@ -241,7 +241,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Basic configuration with Launch Configuration - community.aws.ec2_asg: @@ -348,7 +348,7 @@ propagate_at_launch: no ''' -RETURN = ''' +RETURN = r''' --- auto_scaling_group_name: description: The unique name of the auto scaling group @@ -540,8 +540,6 @@ except ImportError: pass # will be detected by imported HAS_BOTO3 -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule - ASG_ATTRIBUTES = ('AvailabilityZones', 'DefaultCooldown', 'DesiredCapacity', 'HealthCheckGracePeriod', 'HealthCheckType', 'LaunchConfigurationName', 'LoadBalancerNames', 'MaxInstanceLifetime', 'MaxSize', 'MinSize', @@ -1678,9 +1676,9 @@ def asg_exists(connection): def main(): argument_spec = dict( name=dict(required=True, type='str'), - load_balancers=dict(type='list'), - target_group_arns=dict(type='list'), - availability_zones=dict(type='list'), + load_balancers=dict(type='list', elements='str'), + target_group_arns=dict(type='list', elements='str'), + availability_zones=dict(type='list', elements='str'), launch_config_name=dict(type='str'), launch_template=dict( type='dict', @@ -1706,20 +1704,20 @@ def main(): ), placement_group=dict(type='str'), desired_capacity=dict(type='int'), - vpc_zone_identifier=dict(type='list'), + vpc_zone_identifier=dict(type='list', elements='str'), replace_batch_size=dict(type='int', default=1), replace_all_instances=dict(type='bool', default=False), - replace_instances=dict(type='list', default=[]), + replace_instances=dict(type='list', default=[], elements='str'), lc_check=dict(type='bool', default=True), lt_check=dict(type='bool', default=True), wait_timeout=dict(type='int', default=300), state=dict(default='present', choices=['present', 'absent']), - tags=dict(type='list', default=[]), + tags=dict(type='list', default=[], elements='dict'), health_check_period=dict(type='int', default=300), health_check_type=dict(default='EC2', choices=['EC2', 'ELB']), default_cooldown=dict(type='int', default=300), wait_for_instances=dict(type='bool', default=True), - termination_policies=dict(type='list', default='Default'), + termination_policies=dict(type='list', default='Default', elements='str'), notification_topic=dict(type='str', default=None), notification_types=dict( type='list', @@ -1728,9 +1726,10 @@ def main(): 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR', 'autoscaling:EC2_INSTANCE_TERMINATE', 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR' - ] + ], + elements='str' ), - suspend_processes=dict(type='list', default=[]), + suspend_processes=dict(type='list', default=[], elements='str'), metrics_collection=dict(type='bool', default=False), metrics_granularity=dict(type='str', default='1Minute'), metrics_list=dict( @@ -1744,7 +1743,8 @@ def main(): 'GroupStandbyInstances', 'GroupTerminatingInstances', 'GroupTotalInstances' - ] + ], + elements='str' ) ) diff --git a/plugins/modules/ec2_customer_gateway_info.py b/plugins/modules/ec2_customer_gateway_info.py index 1526cb639d9..12c6320e6a8 100644 --- a/plugins/modules/ec2_customer_gateway_info.py +++ b/plugins/modules/ec2_customer_gateway_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_customer_gateway_info version_added: 1.0.0 @@ -33,7 +33,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all customer gateways @@ -56,7 +56,7 @@ register: cust_gw_info ''' -RETURN = ''' +RETURN = r''' customer_gateways: description: List of one or more customer gateways. returned: always @@ -119,7 +119,7 @@ def list_customer_gateways(connection, module): def main(): argument_spec = dict( - customer_gateway_ids=dict(default=[], type='list'), + customer_gateway_ids=dict(default=[], type='list', elements='str'), filters=dict(default={}, type='dict') ) diff --git a/plugins/modules/ec2_elb.py b/plugins/modules/ec2_elb.py index 06fcc9601e2..349002d5852 100644 --- a/plugins/modules/ec2_elb.py +++ b/plugins/modules/ec2_elb.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_elb version_added: 1.0.0 @@ -32,8 +32,10 @@ type: str ec2_elbs: description: - - List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register. + - List of ELB names, required for registration. + - The ec2_elbs fact should be used if there was a previous de-register. type: list + elements: str enable_availability_zone: description: - Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already @@ -57,7 +59,7 @@ ''' -EXAMPLES = """ +EXAMPLES = r""" # basic pre_task and post_task example pre_tasks: - name: Instance De-register @@ -316,7 +318,7 @@ def main(): argument_spec.update(dict( state={'required': True, 'choices': ['present', 'absent']}, instance_id={'required': True}, - ec2_elbs={'default': None, 'required': False, 'type': 'list'}, + ec2_elbs={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, enable_availability_zone={'default': True, 'required': False, 'type': 'bool'}, wait={'required': False, 'default': True, 'type': 'bool'}, wait_timeout={'required': False, 'default': 0, 'type': 'int'} diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index 57cd296d262..a66d130deb1 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -17,7 +17,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_elb_info version_added: 1.0.0 @@ -33,18 +33,19 @@ description: - List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned. type: list + elements: str extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Output format tries to match amazon.aws.ec2_elb_lb module input parameters - name: Gather information about all ELBs - ec2_elb_info: + community.aws.ec2_elb_info: register: elb_info - debug: msg: "{{ item.dns_name }}" @@ -59,7 +60,7 @@ msg: "{{ elb_info.elbs.0.dns_name }}" - name: Gather information about a set of ELBs - ec2_elb_info: + community.aws.ec2_elb_info: names: - frontend-prod-elb - backend-prod-elb @@ -93,11 +94,7 @@ class ElbInformation(object): """Handles ELB information.""" - def __init__(self, - module, - names, - region, - **aws_connect_params): + def __init__(self, module, names, region, **aws_connect_params): self.module = module self.names = names @@ -227,7 +224,7 @@ def list_elbs(self): def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( - names={'default': [], 'type': 'list'} + names={'default': [], 'type': 'list', 'elements': 'str'} ) ) module = AnsibleModule(argument_spec=argument_spec, diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index 9382659f71b..bbaa092bd5c 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_instance version_added: 1.0.0 @@ -25,6 +25,7 @@ description: - If you specify one or more instance IDs, only instances that have the specified IDs are returned. type: list + elements: str state: description: - Goal state for the instances. @@ -107,6 +108,7 @@ description: - A list of security group IDs or names (strings). Mutually exclusive with I(security_group). type: list + elements: str security_group: description: - A security group ID or name. Mutually exclusive with I(security_groups). @@ -180,6 +182,7 @@ ebs.iops, and ebs.delete_on_termination. - For more information about each parameter, see U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html). type: list + elements: dict launch_template: description: - The EC2 launch template to base instance configuration on. @@ -1681,7 +1684,7 @@ def main(): ebs_optimized=dict(type='bool'), vpc_subnet_id=dict(type='str', aliases=['subnet_id']), availability_zone=dict(type='str'), - security_groups=dict(default=[], type='list'), + security_groups=dict(default=[], type='list', elements='str'), security_group=dict(type='str'), instance_role=dict(type='str'), name=dict(type='str'), @@ -1700,9 +1703,9 @@ def main(): instance_initiated_shutdown_behavior=dict(type='str', choices=['stop', 'terminate']), termination_protection=dict(type='bool'), detailed_monitoring=dict(type='bool'), - instance_ids=dict(default=[], type='list'), + instance_ids=dict(default=[], type='list', elements='str'), network=dict(default=None, type='dict'), - volumes=dict(default=None, type='list'), + volumes=dict(default=None, type='list', elements='dict'), ) # running/present are synonyms # as are terminated/absent diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index 8883be6923d..c9820a58f59 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_instance_info version_added: 1.0.0 @@ -24,6 +24,7 @@ - If you specify one or more instance IDs, only instances that have the specified IDs are returned. required: false type: list + elements: str filters: description: - A dict of filters to apply. Each dict item consists of a filter key and a filter value. See @@ -39,7 +40,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all instances @@ -67,7 +68,7 @@ ''' -RETURN = ''' +RETURN = r''' instances: description: a list of ec2 instances returned: always @@ -540,7 +541,7 @@ def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( - instance_ids=dict(default=[], type='list'), + instance_ids=dict(default=[], type='list', elements='str'), filters=dict(default={}, type='dict') ) ) diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index 6ac54a1fee3..2f7b529146e 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -5,7 +5,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_launch_template version_added: 1.0.0 @@ -567,6 +567,7 @@ def main(): template_options = dict( block_device_mappings=dict( type='list', + elements='dict', options=dict( device_name=dict(), ebs=dict( @@ -603,6 +604,7 @@ def main(): elastic_gpu_specifications=dict( options=dict(type=dict()), type='list', + elements='dict', ), iam_instance_profile=dict(), image_id=dict(), @@ -633,14 +635,15 @@ def main(): ), network_interfaces=dict( type='list', + elements='dict', options=dict( associate_public_ip_address=dict(type='bool'), delete_on_termination=dict(type='bool'), description=dict(), device_index=dict(type='int'), - groups=dict(type='list'), + groups=dict(type='list', elements='str'), ipv6_address_count=dict(type='int'), - ipv6_addresses=dict(type='list'), + ipv6_addresses=dict(type='list', elements='str'), network_interface_id=dict(), private_ip_address=dict(), subnet_id=dict(), @@ -657,8 +660,8 @@ def main(): type='dict', ), ram_disk_id=dict(), - security_group_ids=dict(type='list'), - security_groups=dict(type='list'), + security_group_ids=dict(type='list', elements='str'), + security_groups=dict(type='list', elements='str'), tags=dict(type='dict'), user_data=dict(), ) diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index 46e125a19ce..deb6633adeb 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_lc version_added: 1.0.0 @@ -190,7 +190,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # create a launch configuration using an AMI image and instance type as a basis @@ -260,7 +260,7 @@ register: lc_info ''' -RETURN = ''' +RETURN = r''' arn: description: The Amazon Resource Name of the launch configuration. returned: when I(state=present) @@ -657,11 +657,11 @@ def main(): image_id=dict(), instance_id=dict(), key_name=dict(), - security_groups=dict(default=[], type='list'), + security_groups=dict(default=[], type='list', elements='str'), user_data=dict(), user_data_path=dict(type='path'), kernel_id=dict(), - volumes=dict(type='list'), + volumes=dict(type='list', elements='dict'), instance_type=dict(), state=dict(default='present', choices=['present', 'absent']), spot_price=dict(type='float'), @@ -671,7 +671,7 @@ def main(): associate_public_ip_address=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), instance_monitoring=dict(default=False, type='bool'), assign_public_ip=dict(type='bool'), - classic_link_vpc_security_groups=dict(type='list'), + classic_link_vpc_security_groups=dict(type='list', elements='str'), classic_link_vpc_id=dict(), vpc_id=dict(), placement_tenancy=dict(choices=['default', 'dedicated']) diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 899db903fd9..d3e46cc298e 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_lc_info version_added: 1.0.0 @@ -52,7 +52,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all launch configurations @@ -68,7 +68,7 @@ sort_order: descending ''' -RETURN = ''' +RETURN = r''' block_device_mapping: description: Block device mapping for the instances of launch configuration type: list @@ -206,7 +206,7 @@ def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( - name=dict(required=False, default=[], type='list'), + name=dict(required=False, default=[], type='list', elements='str'), sort=dict(required=False, default=None, choices=['launch_configuration_name', 'image_id', 'created_time', 'instance_type', 'kernel_id', 'ramdisk_id', 'key_name']), sort_order=dict(required=False, default='ascending', diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index 3aef6799b23..09e95d2fd6c 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -18,7 +18,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_metric_alarm short_description: "Create/update or delete AWS Cloudwatch 'metric alarms'" version_added: 1.0.0 @@ -166,7 +166,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: create alarm community.aws.ec2_metric_alarm: state: present @@ -383,9 +383,9 @@ def main(): evaluation_periods=dict(type='int'), description=dict(type='str'), dimensions=dict(type='dict', default={}), - alarm_actions=dict(type='list', default=[]), - insufficient_data_actions=dict(type='list', default=[]), - ok_actions=dict(type='list', default=[]), + alarm_actions=dict(type='list', default=[], elements='str'), + insufficient_data_actions=dict(type='list', default=[], elements='str'), + ok_actions=dict(type='list', default=[], elements='str'), treat_missing_data=dict(type='str', choices=['breaching', 'notBreaching', 'ignore', 'missing'], default='missing'), state=dict(default='present', choices=['present', 'absent']), ) diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index 96451d69ce5..7ec7f62fd92 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_placement_group_info version_added: 1.0.0 @@ -51,7 +51,7 @@ ''' -RETURN = ''' +RETURN = r''' placement_groups: description: Placement group attributes returned: always @@ -107,7 +107,7 @@ def get_placement_groups_details(connection, module): def main(): argument_spec = dict( - names=dict(type='list', default=[]) + names=dict(type='list', default=[], elements='str') ) module = AnsibleAWSModule( diff --git a/plugins/modules/ec2_transit_gateway_info.py b/plugins/modules/ec2_transit_gateway_info.py index ddae796cf47..676862185b4 100644 --- a/plugins/modules/ec2_transit_gateway_info.py +++ b/plugins/modules/ec2_transit_gateway_info.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_transit_gateway_info short_description: Gather information about ec2 transit gateways in AWS version_added: 1.0.0 @@ -23,6 +23,7 @@ - A list of transit gateway IDs to gather information for. aliases: [transit_gateway_id] type: list + elements: str filters: description: - A dict of filters to apply. Each dict item consists of a filter key and a filter value. @@ -34,7 +35,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather info about all transit gateways @@ -58,7 +59,7 @@ - tgw-03c53443d5a8cb716 ''' -RETURN = ''' +RETURN = r''' transit_gateways: description: > Transit gateways that match the provided filters. Each element consists of a dict with all the information diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 920cf45ca6e..833e64ae1db 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_vpc_endpoint short_description: Create and delete AWS VPC Endpoints. version_added: 1.0.0 @@ -96,7 +96,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new vpc endpoint with a json template for policy @@ -141,7 +141,7 @@ region: ap-southeast-2 ''' -RETURN = ''' +RETURN = r''' endpoints: description: The resulting endpoints from the module call returned: success @@ -345,7 +345,7 @@ def main(): state=dict(default='present', choices=['present', 'absent']), wait=dict(type='bool', default=False), wait_timeout=dict(type='int', default=320, required=False), - route_table_ids=dict(type='list'), + route_table_ids=dict(type='list', elements='str'), vpc_endpoint_id=dict(), client_token=dict(), ) diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index a1f3ff0a901..eeb7a7d80d1 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -5,7 +5,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_vpc_endpoint_info short_description: Retrieves AWS VPC endpoints details using AWS methods. version_added: 1.0.0 @@ -41,7 +41,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Simple example of listing all support AWS services for VPC endpoints - name: List supported AWS endpoint services community.aws.ec2_vpc_endpoint_info: @@ -77,7 +77,7 @@ register: endpoint_details ''' -RETURN = ''' +RETURN = r''' service_names: description: AWS VPC endpoint service names returned: I(query) is C(services) @@ -169,7 +169,7 @@ def main(): dict( query=dict(choices=['services', 'endpoints'], required=True), filters=dict(default={}, type='dict'), - vpc_endpoint_ids=dict(type='list'), + vpc_endpoint_ids=dict(type='list', elements='str'), ) ) diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index f33020e0c24..2d8244f1282 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_vpc_igw_info version_added: 1.0.0 @@ -33,7 +33,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all Internet Gateways for an account or profile @@ -58,7 +58,7 @@ register: igw_info ''' -RETURN = ''' +RETURN = r''' internet_gateways: description: The internet gateways for the account. returned: always @@ -132,7 +132,7 @@ def main(): argument_spec.update( dict( filters=dict(type='dict', default=dict()), - internet_gateway_ids=dict(type='list', default=None) + internet_gateway_ids=dict(type='list', default=None, elements='str') ) ) diff --git a/plugins/modules/ec2_vpc_nacl.py b/plugins/modules/ec2_vpc_nacl.py index f2ca5cda6f6..387ceb48f26 100644 --- a/plugins/modules/ec2_vpc_nacl.py +++ b/plugins/modules/ec2_vpc_nacl.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_vpc_nacl short_description: create and delete Network ACLs. version_added: 1.0.0 @@ -39,6 +39,7 @@ - Each subnet can be specified as subnet ID, or its tagged name. required: false type: list + elements: str egress: description: - A list of rules for outgoing traffic. Each rule must be specified as a list. @@ -50,6 +51,7 @@ default: [] required: false type: list + elements: list ingress: description: - List of rules for incoming traffic. Each rule must be specified as a list. @@ -61,6 +63,7 @@ default: [] required: false type: list + elements: list tags: description: - Dictionary of tags to look for and apply when creating a network ACL. @@ -82,7 +85,7 @@ requirements: [ botocore, boto3, json ] ''' -EXAMPLES = ''' +EXAMPLES = r''' # Complete example to create and delete a network ACL # that allows SSH, HTTP and ICMP in, and all traffic out. @@ -138,7 +141,7 @@ nacl_id: acl-33b4ee5b state: absent ''' -RETURN = ''' +RETURN = r''' task: description: The result of the create, or delete action. returned: success @@ -602,10 +605,10 @@ def main(): vpc_id=dict(), name=dict(), nacl_id=dict(), - subnets=dict(required=False, type='list', default=list()), + subnets=dict(required=False, type='list', default=list(), elements='str'), tags=dict(required=False, type='dict'), - ingress=dict(required=False, type='list', default=list()), - egress=dict(required=False, type='list', default=list()), + ingress=dict(required=False, type='list', default=list(), elements='list'), + egress=dict(required=False, type='list', default=list(), elements='list'), state=dict(default='present', choices=['present', 'absent']), ) module = AnsibleAWSModule(argument_spec=argument_spec, diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index 337a91d1c93..aabe489c112 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -5,7 +5,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_vpc_nacl_info version_added: 1.0.0 @@ -23,6 +23,7 @@ default: [] aliases: [nacl_id] type: list + elements: str filters: description: - A dict of filters to apply. Each dict item consists of a filter key and a filter value. See @@ -40,7 +41,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all Network ACLs: @@ -58,7 +59,7 @@ register: default_nacls ''' -RETURN = ''' +RETURN = r''' nacls: description: Returns an array of complex objects as described below. returned: success @@ -205,7 +206,7 @@ def nacl_entry_to_list(entry): def main(): argument_spec = dict( - nacl_ids=dict(default=[], type='list', aliases=['nacl_id']), + nacl_ids=dict(default=[], type='list', aliases=['nacl_id'], elements='str'), filters=dict(default={}, type='dict')) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index b734721b5ea..bb164a2b50b 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_vpc_nat_gateway_info short_description: Retrieves AWS VPC Managed Nat Gateway details using AWS methods. version_added: 1.0.0 @@ -33,7 +33,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Simple example of listing all nat gateways - name: List all managed nat gateways in ap-southeast-2 community.aws.ec2_vpc_nat_gateway_info: @@ -68,7 +68,7 @@ register: existing_nat_gateways ''' -RETURN = ''' +RETURN = r''' result: description: The result of the describe, converted to ansible snake case style. See http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_nat_gateways for the response. @@ -127,7 +127,7 @@ def main(): argument_spec.update( dict( filters=dict(default={}, type='dict'), - nat_gateway_ids=dict(default=[], type='list'), + nat_gateway_ids=dict(default=[], type='list', elements='str'), ) ) diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index f552358e362..2d577227fac 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_vpc_peering_info short_description: Retrieves AWS VPC Peering details using AWS methods. version_added: 1.0.0 @@ -33,7 +33,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Simple example of listing all VPC Peers - name: List all vpc peers community.aws.ec2_vpc_peering_info: @@ -60,7 +60,7 @@ register: pending_vpc_peers ''' -RETURN = ''' +RETURN = r''' result: description: The result of the describe. returned: success @@ -107,7 +107,7 @@ def main(): argument_spec.update( dict( filters=dict(default=dict(), type='dict'), - peer_connection_ids=dict(default=None, type='list'), + peer_connection_ids=dict(default=None, type='list', elements='str'), ) ) diff --git a/plugins/modules/ec2_vpc_route_table.py b/plugins/modules/ec2_vpc_route_table.py index 39f0ffc42bf..ca5d586b2e7 100644 --- a/plugins/modules/ec2_vpc_route_table.py +++ b/plugins/modules/ec2_vpc_route_table.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_vpc_route_table version_added: 1.0.0 @@ -81,7 +81,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic creation example: @@ -124,7 +124,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' route_table: description: Route Table result returned: always @@ -710,14 +710,14 @@ def ensure_route_table_present(connection, module): def main(): argument_spec = dict( lookup=dict(default='tag', choices=['tag', 'id']), - propagating_vgw_ids=dict(type='list'), + propagating_vgw_ids=dict(type='list', elements='str'), purge_routes=dict(default=True, type='bool'), purge_subnets=dict(default=True, type='bool'), purge_tags=dict(default=False, type='bool'), route_table_id=dict(), - routes=dict(default=[], type='list'), + routes=dict(default=[], type='list', elements='dict'), state=dict(default='present', choices=['present', 'absent']), - subnets=dict(type='list'), + subnets=dict(type='list', elements='str'), tags=dict(type='dict', aliases=['resource_tags']), vpc_id=dict() ) diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index 5c7b866c7d6..43a5c2f8c4e 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_vpc_vgw_info version_added: 1.0.0 @@ -33,7 +33,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all virtual gateways for an account or profile @@ -58,7 +58,7 @@ register: vgw_info ''' -RETURN = ''' +RETURN = r''' virtual_gateways: description: The virtual gateways for the account. returned: always @@ -138,7 +138,7 @@ def main(): argument_spec.update( dict( filters=dict(type='dict', default=dict()), - vpn_gateway_ids=dict(type='list', default=None) + vpn_gateway_ids=dict(type='list', default=None, elements='str') ) ) diff --git a/plugins/modules/ec2_vpc_vpn.py b/plugins/modules/ec2_vpc_vpn.py index 1ac818485bb..9067d522129 100644 --- a/plugins/modules/ec2_vpc_vpn.py +++ b/plugins/modules/ec2_vpc_vpn.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_vpc_vpn version_added: 1.0.0 @@ -141,7 +141,7 @@ default: 15 ''' -EXAMPLES = """ +EXAMPLES = r""" # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -214,7 +214,7 @@ Ansible: Tag """ -RETURN = """ +RETURN = r""" changed: description: If the VPN connection has changed. type: bool @@ -742,12 +742,12 @@ def main(): vpn_gateway_id=dict(type='str'), tags=dict(default={}, type='dict'), connection_type=dict(default='ipsec.1', type='str'), - tunnel_options=dict(no_log=True, type='list', default=[]), + tunnel_options=dict(no_log=True, type='list', default=[], elements='dict'), static_only=dict(default=False, type='bool'), customer_gateway_id=dict(type='str'), vpn_connection_id=dict(type='str'), purge_tags=dict(type='bool', default=False), - routes=dict(type='list', default=[]), + routes=dict(type='list', default=[], elements='str'), purge_routes=dict(type='bool', default=False), wait_timeout=dict(type='int', default=600), delay=dict(type='int', default=15), diff --git a/plugins/modules/ec2_vpc_vpn_info.py b/plugins/modules/ec2_vpc_vpn_info.py index 1ba8210a722..e96583f669e 100644 --- a/plugins/modules/ec2_vpc_vpn_info.py +++ b/plugins/modules/ec2_vpc_vpn_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ec2_vpc_vpn_info version_added: 1.0.0 @@ -35,7 +35,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all vpn connections community.aws.ec2_vpc_vpn_info: @@ -53,7 +53,7 @@ register: vpn_conn_info ''' -RETURN = ''' +RETURN = r''' vpn_connections: description: List of one or more VPN Connections. returned: always @@ -198,7 +198,7 @@ def list_vpn_connections(connection, module): def main(): argument_spec = dict( - vpn_connection_ids=dict(default=[], type='list'), + vpn_connection_ids=dict(default=[], type='list', elements='str'), filters=dict(default={}, type='dict') ) diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index 24e71a29bdb..db9de79b480 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ecs_attribute version_added: 1.0.0 @@ -60,7 +60,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Set attributes @@ -84,7 +84,7 @@ delegate_to: localhost ''' -RETURN = ''' +RETURN = r''' attributes: description: attributes type: complex @@ -259,7 +259,7 @@ def main(): state=dict(required=False, default='present', choices=['present', 'absent']), cluster=dict(required=True, type='str'), ec2_instance_id=dict(required=True, type='str'), - attributes=dict(required=True, type='list'), + attributes=dict(required=True, type='list', elements='dict'), )) required_together = [['cluster', 'ec2_instance_id', 'attributes']] diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index b3995f7e8c9..462f60cb946 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ecs_service version_added: 1.0.0 @@ -192,7 +192,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic provisioning example @@ -241,7 +241,7 @@ field: memory ''' -RETURN = ''' +RETURN = r''' service: description: Details of created service. returned: when creating a service @@ -648,7 +648,7 @@ def main(): name=dict(required=True, type='str'), cluster=dict(required=False, type='str'), task_definition=dict(required=False, type='str'), - load_balancers=dict(required=False, default=[], type='list'), + load_balancers=dict(required=False, default=[], type='list', elements='str'), desired_count=dict(required=False, type='int'), client_token=dict(required=False, default='', type='str'), role=dict(required=False, default='', type='str'), @@ -656,22 +656,34 @@ def main(): repeat=dict(required=False, type='int', default=10), force_new_deployment=dict(required=False, default=False, type='bool'), deployment_configuration=dict(required=False, default={}, type='dict'), - placement_constraints=dict(required=False, default=[], type='list', options=dict( - type=dict(type='str'), - expression=dict(type='str') - )), - placement_strategy=dict(required=False, default=[], type='list', options=dict( - type=dict(type='str'), - field=dict(type='str'), - )), + placement_constraints=dict( + required=False, + default=[], + type='list', + elements='dict', + options=dict( + type=dict(type='str'), + expression=dict(type='str') + ) + ), + placement_strategy=dict( + required=False, + default=[], + type='list', + elements='dict', + options=dict( + type=dict(type='str'), + field=dict(type='str'), + ) + ), health_check_grace_period_seconds=dict(required=False, type='int'), network_configuration=dict(required=False, type='dict', options=dict( - subnets=dict(type='list'), - security_groups=dict(type='list'), + subnets=dict(type='list', elements='str'), + security_groups=dict(type='list', elements='str'), assign_public_ip=dict(type='bool') )), launch_type=dict(required=False, choices=['EC2', 'FARGATE']), - service_registries=dict(required=False, type='list', default=[]), + service_registries=dict(required=False, type='list', default=[], elements='dict'), scheduling_strategy=dict(required=False, choices=['DAEMON', 'REPLICA']) ) diff --git a/plugins/modules/ecs_service_info.py b/plugins/modules/ecs_service_info.py index 4d04fdf4986..d428dde8835 100644 --- a/plugins/modules/ecs_service_info.py +++ b/plugins/modules/ecs_service_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ecs_service_info version_added: 1.0.0 @@ -49,7 +49,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic listing example @@ -65,7 +65,7 @@ register: output ''' -RETURN = ''' +RETURN = r''' services: description: When details is false, returns an array of service ARNs, otherwise an array of complex objects as described below. returned: success @@ -219,7 +219,7 @@ def main(): details=dict(type='bool', default=False), events=dict(type='bool', default=True), cluster=dict(), - service=dict(type='list') + service=dict(type='list', elements='str') ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) diff --git a/plugins/modules/ecs_task.py b/plugins/modules/ecs_task.py index 2039b8c69d0..f43cd700d27 100644 --- a/plugins/modules/ecs_task.py +++ b/plugins/modules/ecs_task.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ecs_task version_added: 1.0.0 @@ -88,7 +88,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Simple example of run task - name: Run task community.aws.ecs_task: @@ -146,7 +146,7 @@ task_definition: console-sample-app-static-taskdef task: "arn:aws:ecs:us-west-2:172139249013:task/3f8353d1-29a8-4689-bbf6-ad79937ffe8a" ''' -RETURN = ''' +RETURN = r''' task: description: details about the task that was started returned: success @@ -340,7 +340,7 @@ def main(): overrides=dict(required=False, type='dict'), # R S count=dict(required=False, type='int'), # R task=dict(required=False, type='str'), # P* - container_instances=dict(required=False, type='list'), # S* + container_instances=dict(required=False, type='list', elements='str'), # S* started_by=dict(required=False, type='str'), # R S network_configuration=dict(required=False, type='dict'), launch_type=dict(required=False, choices=['EC2', 'FARGATE']), diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index f48a442ab1f..98831a850e8 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: ecs_taskdefinition version_added: 1.0.0 @@ -104,7 +104,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Create task definition community.aws.ecs_taskdefinition: containers: @@ -200,7 +200,7 @@ state: present network_mode: awsvpc ''' -RETURN = ''' +RETURN = r''' taskdefinition: description: a reflection of the input parameters type: dict @@ -321,11 +321,11 @@ def main(): family=dict(required=False, type='str'), revision=dict(required=False, type='int'), force_create=dict(required=False, default=False, type='bool'), - containers=dict(required=False, type='list'), + containers=dict(required=False, type='list', elements='str'), network_mode=dict(required=False, default='bridge', choices=['default', 'bridge', 'host', 'none', 'awsvpc'], type='str'), task_role_arn=dict(required=False, default='', type='str'), execution_role_arn=dict(required=False, default='', type='str'), - volumes=dict(required=False, type='list'), + volumes=dict(required=False, type='list', elements='dict'), launch_type=dict(required=False, choices=['EC2', 'FARGATE']), cpu=dict(), memory=dict(required=False, type='str') diff --git a/plugins/modules/efs.py b/plugins/modules/efs.py index 43c81d9d0d1..56ec6980e56 100644 --- a/plugins/modules/efs.py +++ b/plugins/modules/efs.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: efs version_added: 1.0.0 @@ -106,7 +106,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: EFS provisioning community.aws.efs: state: present @@ -134,7 +134,7 @@ name: myTestEFS ''' -RETURN = ''' +RETURN = r''' creation_time: description: timestamp of creation date returned: always @@ -692,7 +692,7 @@ def main(): id=dict(required=False, type='str', default=None), name=dict(required=False, type='str', default=None), tags=dict(required=False, type="dict", default={}), - targets=dict(required=False, type="list", default=[]), + targets=dict(required=False, type="list", default=[], elements='dict'), performance_mode=dict(required=False, type='str', choices=["general_purpose", "max_io"], default="general_purpose"), throughput_mode=dict(required=False, type='str', choices=["bursting", "provisioned"], default=None), provisioned_throughput_in_mibps=dict(required=False, type='float'), diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index 00f74e677b2..a1b310fe7bc 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: efs_info version_added: 1.0.0 @@ -44,7 +44,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Find all existing efs community.aws.efs_info: register: result @@ -67,7 +67,7 @@ msg: "{{ result['efs'] }}" ''' -RETURN = ''' +RETURN = r''' creation_time: description: timestamp of creation date returned: always @@ -359,7 +359,7 @@ def main(): id=dict(), name=dict(aliases=['creation_token']), tags=dict(type="dict", default={}), - targets=dict(type="list", default=[]) + targets=dict(type="list", default=[], elements='str') ) module = AnsibleAWSModule(argument_spec=argument_spec, diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index b6b52302baa..a1e0f88be89 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elasticache version_added: 1.0.0 @@ -97,7 +97,7 @@ ''' -EXAMPLES = """ +EXAMPLES = r""" # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -497,8 +497,8 @@ def main(): cache_parameter_group=dict(default="", aliases=['parameter_group']), cache_port=dict(type='int'), cache_subnet_group=dict(default=""), - cache_security_groups=dict(default=[], type='list'), - security_group_ids=dict(default=[], type='list'), + cache_security_groups=dict(default=[], type='list', elements='str'), + security_group_ids=dict(default=[], type='list', elements='str'), zone=dict(), wait=dict(default=True, type='bool'), hard_modify=dict(type='bool') diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py index 7a874f3b1ae..29e7afa65d3 100644 --- a/plugins/modules/elasticache_subnet_group.py +++ b/plugins/modules/elasticache_subnet_group.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elasticache_subnet_group version_added: 1.0.0 @@ -41,7 +41,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Add or change a subnet group community.aws.elasticache_subnet_group: state: present @@ -75,7 +75,7 @@ def main(): state=dict(required=True, choices=['present', 'absent']), name=dict(required=True), description=dict(required=False), - subnets=dict(required=False, type='list'), + subnets=dict(required=False, type='list', elements='str'), ) ) module = AnsibleModule(argument_spec=argument_spec) diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index 3f8c44c9f36..dc138fb2294 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -18,7 +18,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_application_lb version_added: 1.0.0 @@ -66,6 +66,7 @@ - A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased. type: list + elements: dict suboptions: Port: description: The port on which the load balancer is listening. @@ -78,6 +79,7 @@ Certificates: description: The SSL server certificate. type: list + elements: dict suboptions: CertificateArn: description: The Amazon Resource Name (ARN) of the certificate. @@ -89,6 +91,7 @@ description: The default actions for the listener. required: true type: list + elements: dict suboptions: Type: description: The type of action. @@ -98,6 +101,7 @@ type: str Rules: type: list + elements: dict description: - A list of ALB Listener Rules. - 'For the complete documentation of possible Conditions and Actions please see the boto3 documentation:' @@ -136,12 +140,14 @@ at least two Availability Zones. - Required if I(state=present). type: list + elements: str security_groups: description: - A list of the names or IDs of the security groups to assign to the load balancer. - Required if I(state=present). default: [] type: list + elements: str scheme: description: - Internet-facing or internal load balancer. An ELB scheme can not be modified after creation. @@ -182,7 +188,7 @@ - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an ELB and attach a listener @@ -300,7 +306,7 @@ ''' -RETURN = ''' +RETURN = r''' access_logs_s3_bucket: description: The name of the S3 bucket for the access logs. returned: when state is present @@ -603,16 +609,16 @@ def main(): Protocol=dict(type='str', required=True), Port=dict(type='int', required=True), SslPolicy=dict(type='str'), - Certificates=dict(type='list'), - DefaultActions=dict(type='list', required=True), - Rules=dict(type='list') + Certificates=dict(type='list', elements='dict'), + DefaultActions=dict(type='list', required=True, elements='dict'), + Rules=dict(type='list', elements='dict') ) ), name=dict(required=True, type='str'), purge_listeners=dict(default=True, type='bool'), purge_tags=dict(default=True, type='bool'), - subnets=dict(type='list'), - security_groups=dict(type='list'), + subnets=dict(type='list', elements='str'), + security_groups=dict(type='list', elements='str'), scheme=dict(default='internet-facing', choices=['internet-facing', 'internal']), state=dict(choices=['present', 'absent'], default='present'), tags=dict(type='dict'), diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index c9300f5ed01..21952633a43 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_application_lb_info version_added: 1.0.0 @@ -22,11 +22,13 @@ - The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call. required: false type: list + elements: str names: description: - The names of the load balancers. required: false type: list + elements: str extends_documentation_fragment: - amazon.aws.aws @@ -34,7 +36,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all target groups @@ -60,7 +62,7 @@ var: alb_info ''' -RETURN = ''' +RETURN = r''' load_balancers: description: a list of load balancers returned: always @@ -264,8 +266,8 @@ def main(): argument_spec = ec2_argument_spec() argument_spec.update( dict( - load_balancer_arns=dict(type='list'), - names=dict(type='list') + load_balancer_arns=dict(type='list', elements='str'), + names=dict(type='list', elements='str') ) ) diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index 1f8679b30d2..9c5f1641677 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_classic_lb version_added: 1.0.0 @@ -32,6 +32,7 @@ description: - List of ports/protocols for this ELB to listen on (see example) type: list + elements: dict purge_listeners: description: - Purge existing listeners on ELB that are not found in listeners @@ -41,6 +42,7 @@ description: - List of instance ids to attach to this ELB type: list + elements: str purge_instance_ids: description: - Purge existing instance ids on ELB that are not found in instance_ids @@ -50,6 +52,7 @@ description: - List of availability zones to enable on this ELB type: list + elements: str purge_zones: description: - Purge existing availability zones on ELB that are not found in zones @@ -59,10 +62,12 @@ description: - A list of security groups to apply to the elb type: list + elements: str security_group_names: description: - A list of security group names to apply to the elb type: list + elements: str health_check: description: - An associative array of health check configuration settings (see example) @@ -75,6 +80,7 @@ description: - A list of VPC subnets to use when creating ELB. Zones should be empty if using this. type: list + elements: str purge_subnets: description: - Purge existing subnet on ELB that are not found in subnets @@ -133,7 +139,7 @@ ''' -EXAMPLES = """ +EXAMPLES = r""" # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -1221,16 +1227,16 @@ def main(): argument_spec.update(dict( state={'required': True, 'choices': ['present', 'absent']}, name={'required': True}, - listeners={'default': None, 'required': False, 'type': 'list'}, + listeners={'default': None, 'required': False, 'type': 'list', 'elements': 'dict'}, purge_listeners={'default': True, 'required': False, 'type': 'bool'}, - instance_ids={'default': None, 'required': False, 'type': 'list'}, + instance_ids={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, purge_instance_ids={'default': False, 'required': False, 'type': 'bool'}, - zones={'default': None, 'required': False, 'type': 'list'}, + zones={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, purge_zones={'default': False, 'required': False, 'type': 'bool'}, - security_group_ids={'default': None, 'required': False, 'type': 'list'}, - security_group_names={'default': None, 'required': False, 'type': 'list'}, + security_group_ids={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, + security_group_names={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, health_check={'default': None, 'required': False, 'type': 'dict'}, - subnets={'default': None, 'required': False, 'type': 'list'}, + subnets={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, purge_subnets={'default': False, 'required': False, 'type': 'bool'}, scheme={'default': 'internet-facing', 'required': False, 'choices': ['internal', 'internet-facing']}, connection_draining_timeout={'default': None, 'required': False, 'type': 'int'}, diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index da8f6c5af11..88d44ee8125 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -17,7 +17,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_classic_lb_info version_added: 1.0.0 @@ -33,6 +33,7 @@ description: - List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned. type: list + elements: str extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 @@ -42,7 +43,7 @@ - boto3 ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Output format tries to match amazon.aws.ec2_elb_lb module input parameters @@ -75,7 +76,7 @@ ''' -RETURN = ''' +RETURN = r''' elbs: description: a list of load balancers returned: always @@ -193,7 +194,7 @@ def lb_instance_health(connection, load_balancer_name, instances, state): def main(): argument_spec = dict( - names={'default': [], 'type': 'list'} + names={'default': [], 'type': 'list', 'elements': 'str'} ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) diff --git a/plugins/modules/elb_instance.py b/plugins/modules/elb_instance.py index dd541ef2e58..187f6bee136 100644 --- a/plugins/modules/elb_instance.py +++ b/plugins/modules/elb_instance.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_instance version_added: 1.0.0 @@ -34,6 +34,7 @@ description: - List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register. type: list + elements: str enable_availability_zone: description: - Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already @@ -62,7 +63,7 @@ ''' -EXAMPLES = """ +EXAMPLES = r""" # basic pre_task and post_task example pre_tasks: - name: Instance De-register @@ -319,7 +320,7 @@ def main(): argument_spec.update(dict( state={'required': True, 'choices': ['present', 'absent']}, instance_id={'required': True}, - ec2_elbs={'default': None, 'required': False, 'type': 'list'}, + ec2_elbs={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, enable_availability_zone={'default': True, 'required': False, 'type': 'bool'}, wait={'required': False, 'default': True, 'type': 'bool'}, wait_timeout={'required': False, 'default': 0, 'type': 'int'} diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index 2f824c09b59..83e1ea416dc 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_network_lb version_added: 1.0.0 @@ -98,6 +98,7 @@ - Required when I(state=present). - This parameter is mutually exclusive with I(subnet_mappings). type: list + elements: str scheme: description: - Internet-facing or internal load balancer. An ELB scheme can not be modified after creation. @@ -133,7 +134,7 @@ - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create an ELB and attach a listener @@ -171,7 +172,7 @@ ''' -RETURN = ''' +RETURN = r''' availability_zones: description: The Availability Zones for the load balancer. returned: when state is present @@ -411,15 +412,15 @@ def main(): Protocol=dict(type='str', required=True), Port=dict(type='int', required=True), SslPolicy=dict(type='str'), - Certificates=dict(type='list'), - DefaultActions=dict(type='list', required=True) + Certificates=dict(type='list', elements='dict'), + DefaultActions=dict(type='list', required=True, elements='dict') ) ), name=dict(required=True, type='str'), purge_listeners=dict(default=True, type='bool'), purge_tags=dict(default=True, type='bool'), - subnets=dict(type='list'), - subnet_mappings=dict(type='list'), + subnets=dict(type='list', elements='str'), + subnet_mappings=dict(type='list', elements='dict'), scheme=dict(default='internet-facing', choices=['internet-facing', 'internal']), state=dict(choices=['present', 'absent'], type='str'), tags=dict(type='dict'), diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index e0c8e57bfac..fe4b749a63a 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_target_group version_added: 1.0.0 @@ -138,6 +138,7 @@ all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail. required: false type: list + elements: dict unhealthy_threshold_count: description: - The number of consecutive health check failures required before considering a target unhealthy. @@ -166,7 +167,7 @@ - Once a target group has been created, only its health check can then be modified using subsequent calls ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a target group with a default health check @@ -269,7 +270,7 @@ ''' -RETURN = ''' +RETURN = r''' deregistration_delay_timeout_seconds: description: The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. returned: when state present @@ -828,7 +829,7 @@ def main(): successful_response_codes=dict(), tags=dict(default={}, type='dict'), target_type=dict(choices=['instance', 'ip', 'lambda']), - targets=dict(type='list'), + targets=dict(type='list', elements='dict'), unhealthy_threshold_count=dict(type='int'), vpc_id=dict(), wait_timeout=dict(type='int', default=200), diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 78ce88613bc..7ab462c26a7 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: elb_target_group_info version_added: 1.0.0 @@ -27,11 +27,13 @@ - The Amazon Resource Names (ARN) of the target groups. required: false type: list + elements: str names: description: - The names of the target groups. required: false type: list + elements: str collect_targets_health: description: - When set to "yes", output contains targets health description @@ -45,7 +47,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all target groups @@ -63,7 +65,7 @@ ''' -RETURN = ''' +RETURN = r''' target_groups: description: a list of target groups returned: always @@ -299,8 +301,8 @@ def main(): argument_spec.update( dict( load_balancer_arn=dict(type='str'), - target_group_arns=dict(type='list'), - names=dict(type='list'), + target_group_arns=dict(type='list', elements='str'), + names=dict(type='list', elements='str'), collect_targets_health=dict(default=False, type='bool', required=False) ) ) diff --git a/plugins/modules/iam.py b/plugins/modules/iam.py index 74cf77d3c7f..b4c1bcb68d7 100644 --- a/plugins/modules/iam.py +++ b/plugins/modules/iam.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: iam version_added: 1.0.0 @@ -69,10 +69,12 @@ description: - A list of the keys that you want affected by the I(access_key_state) parameter. type: list + elements: str groups: description: - A list of groups the user should belong to. When I(state=update), will gracefully remove groups not listed. type: list + elements: str password: description: - When I(type=user) and either I(state=present) or I(state=update), define the users login password. @@ -98,7 +100,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Basic user creation example - name: Create two new IAM users with API keys community.aws.iam: @@ -146,7 +148,7 @@ Service: lambda.amazonaws.com ''' -RETURN = ''' +RETURN = r''' role_result: description: the IAM.role dict returned by Boto type: str @@ -620,14 +622,14 @@ def main(): argument_spec = ec2_argument_spec() argument_spec.update(dict( iam_type=dict(required=True, choices=['user', 'group', 'role']), - groups=dict(type='list', default=None, required=False), + groups=dict(type='list', default=None, required=False, elements='str'), state=dict(required=True, choices=['present', 'absent', 'update']), password=dict(default=None, required=False, no_log=True), update_password=dict(default='always', required=False, choices=['always', 'on_create']), access_key_state=dict(default=None, required=False, choices=[ 'active', 'inactive', 'create', 'remove', 'Active', 'Inactive', 'Create', 'Remove']), - access_key_ids=dict(type='list', default=None, required=False), + access_key_ids=dict(type='list', default=None, required=False, elements='str'), key_count=dict(type='int', default=1, required=False), name=dict(required=True), trust_policy_filepath=dict(default=None, required=False), diff --git a/plugins/modules/iam_group.py b/plugins/modules/iam_group.py index 7a9da3e6f57..b55e32218a2 100644 --- a/plugins/modules/iam_group.py +++ b/plugins/modules/iam_group.py @@ -18,7 +18,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: iam_group version_added: 1.0.0 @@ -74,7 +74,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a group @@ -119,7 +119,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' iam_group: description: dictionary containing all the group information including group membership returned: success @@ -410,8 +410,8 @@ def main(): argument_spec = dict( name=dict(required=True), - managed_policies=dict(default=[], type='list', aliases=['managed_policy']), - users=dict(default=[], type='list'), + managed_policies=dict(default=[], type='list', aliases=['managed_policy'], elements='str'), + users=dict(default=[], type='list', elements='str'), state=dict(choices=['present', 'absent'], required=True), purge_users=dict(default=False, type='bool'), purge_policies=dict(default=False, type='bool', aliases=['purge_policy', 'purge_managed_policies']) diff --git a/plugins/modules/iam_role.py b/plugins/modules/iam_role.py index b20c564734a..9a2eaca8cfe 100644 --- a/plugins/modules/iam_role.py +++ b/plugins/modules/iam_role.py @@ -5,7 +5,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: iam_role version_added: 1.0.0 @@ -49,6 +49,7 @@ - To embed an inline policy, use M(community.aws.iam_policy). aliases: ['managed_policy'] type: list + elements: str max_session_duration: description: - The maximum duration (in seconds) of a session when assuming the role. @@ -95,7 +96,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a role with description and tags @@ -126,7 +127,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' iam_role: description: dictionary containing the IAM Role data returned: success @@ -613,7 +614,7 @@ def main(): name=dict(type='str', required=True), path=dict(type='str', default="/"), assume_role_policy_document=dict(type='json'), - managed_policies=dict(type='list', aliases=['managed_policy']), + managed_policies=dict(type='list', aliases=['managed_policy'], elements='str'), max_session_duration=dict(type='int'), state=dict(type='str', choices=['present', 'absent'], default='present'), description=dict(type='str'), @@ -630,7 +631,7 @@ def main(): if module.params.get('purge_policies') is None: module.deprecate('In Ansible 2.14 the default value of purge_policies will change from true to false.' - ' To maintain the existing behaviour explicity set purge_policies=true', date='2022-06-01', collection_name='community.aws') + ' To maintain the existing behaviour explicitly set purge_policies=true', date='2022-06-01', collection_name='community.aws') if module.params.get('boundary'): if module.params.get('create_instance_profile'): diff --git a/plugins/modules/iam_user.py b/plugins/modules/iam_user.py index 9dc9eb45eca..6b8efcda811 100644 --- a/plugins/modules/iam_user.py +++ b/plugins/modules/iam_user.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: iam_user version_added: 1.0.0 @@ -26,6 +26,7 @@ - To embed an inline policy, use M(community.aws.iam_policy). required: false type: list + elements: str aliases: ['managed_policy'] state: description: @@ -47,7 +48,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Note: This module does not allow management of groups that users belong to. # Groups should manage their membership directly using `iam_group`, @@ -77,7 +78,7 @@ state: absent ''' -RETURN = ''' +RETURN = r''' user: description: dictionary containing all the user information returned: success @@ -344,7 +345,7 @@ def main(): argument_spec = dict( name=dict(required=True, type='str'), - managed_policies=dict(default=[], type='list', aliases=['managed_policy']), + managed_policies=dict(default=[], type='list', aliases=['managed_policy'], elements='str'), state=dict(choices=['present', 'absent'], required=True), purge_policies=dict(default=False, type='bool', aliases=['purge_policy', 'purge_managed_policies']) ) diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py index 2f417469c15..8975163cc30 100644 --- a/plugins/modules/lambda.py +++ b/plugins/modules/lambda.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: lambda version_added: 1.0.0 @@ -116,7 +116,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Create Lambda functions - name: looped creation community.aws.lambda: @@ -168,7 +168,7 @@ - ByeBye ''' -RETURN = ''' +RETURN = r''' code: description: the lambda function location returned by get_function in boto3 returned: success @@ -344,8 +344,8 @@ def main(): description=dict(default=''), timeout=dict(type='int', default=3), memory_size=dict(type='int', default=128), - vpc_subnet_ids=dict(type='list'), - vpc_security_group_ids=dict(type='list'), + vpc_subnet_ids=dict(type='list', elements='str'), + vpc_security_group_ids=dict(type='list', elements='str'), environment_variables=dict(type='dict'), dead_letter_arn=dict(), tracing_mode=dict(choices=['Active', 'PassThrough']), diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index 5b15934fc03..87dd07f518c 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: rds version_added: 1.0.0 @@ -188,7 +188,7 @@ type: int apply_immediately: description: - - When I(apply_immediately=trye), the modifications will be applied as soon as possible rather than waiting for the + - When I(apply_immediately=true), the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window. - Used only when I(command=modify). type: bool @@ -235,7 +235,7 @@ # FIXME: the command stuff needs a 'state' like alias to make things consistent -- MPD -EXAMPLES = ''' +EXAMPLES = r''' - name: Basic mysql provisioning example community.aws.rds: command: create @@ -309,7 +309,7 @@ msg: "The new db endpoint is {{ rds.instance.endpoint }}" ''' -RETURN = ''' +RETURN = r''' instance: description: the rds instance returned: always @@ -352,7 +352,7 @@ sample: "1489707802.0" secondary_availability_zone: description: the name of the secondary AZ for a DB instance with multi-AZ support - returned: when RDS instance exists and is multy-AZ + returned: when RDS instance exists and is multi-AZ type: str sample: "eu-west-1b" backup_window: @@ -1329,7 +1329,7 @@ def main(): multi_zone=dict(type='bool', required=False), iops=dict(required=False), security_groups=dict(required=False), - vpc_security_groups=dict(type='list', required=False), + vpc_security_groups=dict(type='list', required=False, elements='str'), port=dict(required=False, type='int'), upgrade=dict(type='bool', default=False), option_group=dict(required=False), diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index f4018a3d6c1..95781a48d54 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: rds_instance version_added: 1.0.0 @@ -152,6 +152,7 @@ description: - (EC2-Classic platform) A list of DB security groups to associate with this DB instance. type: list + elements: str db_snapshot_identifier: description: - The identifier for the DB snapshot to restore from if using I(creation_source=snapshot). @@ -176,6 +177,7 @@ aliases: - cloudwatch_log_exports type: list + elements: str enable_iam_database_authentication: description: - Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. @@ -412,9 +414,10 @@ description: - A list of EC2 VPC security groups to associate with the DB cluster. type: list + elements: str ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: create minimal aurora instance in default VPC and default subnet group community.aws.rds_instance: @@ -449,7 +452,7 @@ final_snapshot_identifier: "{{ snapshot_id }}" ''' -RETURN = ''' +RETURN = r''' allocated_storage: description: The allocated storage size in gibibytes. This is always 1 for aurora database engines. returned: always @@ -1094,12 +1097,12 @@ def main(): db_instance_identifier=dict(required=True, aliases=['instance_id', 'id']), db_name=dict(), db_parameter_group_name=dict(), - db_security_groups=dict(type='list'), + db_security_groups=dict(type='list', elements='str'), db_snapshot_identifier=dict(), db_subnet_group_name=dict(aliases=['subnet_group']), domain=dict(), domain_iam_role_name=dict(), - enable_cloudwatch_logs_exports=dict(type='list', aliases=['cloudwatch_log_exports']), + enable_cloudwatch_logs_exports=dict(type='list', aliases=['cloudwatch_log_exports'], elements='str'), enable_iam_database_authentication=dict(type='bool'), enable_performance_insights=dict(type='bool'), engine=dict(), @@ -1142,7 +1145,7 @@ def main(): tde_credential_password=dict(no_log=True, aliases=['transparent_data_encryption_password']), timezone=dict(), use_latest_restorable_time=dict(type='bool', aliases=['restore_from_latest']), - vpc_security_group_ids=dict(type='list') + vpc_security_group_ids=dict(type='list', elements='str') ) arg_spec.update(parameter_options) diff --git a/plugins/modules/rds_subnet_group.py b/plugins/modules/rds_subnet_group.py index 3e207468e8e..818b46bd6fe 100644 --- a/plugins/modules/rds_subnet_group.py +++ b/plugins/modules/rds_subnet_group.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: rds_subnet_group version_added: 1.0.0 @@ -35,6 +35,7 @@ - List of subnet IDs that make up the database subnet group. - Required when I(state=present). type: list + elements: str author: "Scott Anderson (@tastychutney)" extends_documentation_fragment: - amazon.aws.aws @@ -42,7 +43,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Add or change a subnet group community.aws.rds_subnet_group: state: present @@ -58,7 +59,7 @@ name: norwegian-blue ''' -RETURN = ''' +RETURN = r''' subnet_group: description: Dictionary of DB subnet group values returned: I(state=present) @@ -125,7 +126,7 @@ def main(): state=dict(required=True, choices=['present', 'absent']), name=dict(required=True), description=dict(required=False), - subnets=dict(required=False, type='list'), + subnets=dict(required=False, type='list', elements='str'), ) ) module = AnsibleModule(argument_spec=argument_spec) diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index f6308392694..2b74c5f1fd0 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -8,7 +8,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- author: - "Jens Carl (@j-carl), Hothead Games Inc." @@ -174,7 +174,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Basic cluster provisioning example community.aws.redshift: command: create @@ -191,7 +191,7 @@ wait: true ''' -RETURN = ''' +RETURN = r''' cluster: description: dictionary containing all the cluster information returned: success @@ -556,8 +556,8 @@ def main(): password=dict(no_log=True, required=False), db_name=dict(required=False), cluster_type=dict(choices=['multi-node', 'single-node'], default='single-node'), - cluster_security_groups=dict(aliases=['security_groups'], type='list'), - vpc_security_group_ids=dict(aliases=['vpc_security_groups'], type='list'), + cluster_security_groups=dict(aliases=['security_groups'], type='list', elements='str'), + vpc_security_group_ids=dict(aliases=['vpc_security_groups'], type='list', elements='str'), skip_final_cluster_snapshot=dict(aliases=['skip_final_snapshot'], type='bool', default=False), final_cluster_snapshot_identifier=dict(aliases=['final_snapshot_id'], required=False), diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py index 615e667b9c8..68eb42496c3 100644 --- a/plugins/modules/redshift_subnet_group.py +++ b/plugins/modules/redshift_subnet_group.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- author: - "Jens Carl (@j-carl), Hothead Games Inc." @@ -47,7 +47,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Create a Redshift subnet group community.aws.redshift_subnet_group: state: present @@ -63,7 +63,7 @@ group_name: redshift-subnet ''' -RETURN = ''' +RETURN = r''' group: description: dictionary containing all Redshift subnet group information returned: success @@ -98,7 +98,7 @@ def main(): state=dict(required=True, choices=['present', 'absent']), group_name=dict(required=True, aliases=['name']), group_description=dict(required=False, aliases=['description']), - group_subnets=dict(required=False, aliases=['subnets'], type='list'), + group_subnets=dict(required=False, aliases=['subnets'], type='list', elements='str'), )) module = AnsibleModule(argument_spec=argument_spec) diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py index 72ca73faeb1..ad25e38ecd0 100644 --- a/plugins/modules/route53.py +++ b/plugins/modules/route53.py @@ -8,7 +8,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: route53 version_added: 1.0.0 @@ -69,6 +69,7 @@ - The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records. - When deleting a record all values for the record must be specified or Route53 will not delete it. type: list + elements: str overwrite: description: - Whether an existing record should be overwritten on create if values do not match. @@ -137,7 +138,7 @@ ''' -RETURN = ''' +RETURN = r''' nameservers: description: Nameservers associated with the zone. returned: when state is 'get' @@ -501,7 +502,7 @@ def main(): alias=dict(type='bool'), alias_hosted_zone_id=dict(type='str'), alias_evaluate_target_health=dict(type='bool', default=False), - value=dict(type='list'), + value=dict(type='list', elements='str'), overwrite=dict(type='bool'), retry_interval=dict(type='int', default=500), private_zone=dict(type='bool', default=False), diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index 77d72603ffe..3a937a40653 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: route53_info short_description: Retrieves route53 details using AWS methods version_added: 1.0.0 @@ -134,7 +134,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Simple example of listing all hosted zones - name: List all hosted zones community.aws.route53_info: @@ -436,7 +436,7 @@ def main(): 'A', 'CNAME', 'MX', 'AAAA', 'TXT', 'PTR', 'SRV', 'SPF', 'CAA', 'NS' ]), dns_name=dict(), - resource_id=dict(type='list', aliases=['resource_ids']), + resource_id=dict(type='list', aliases=['resource_ids'], elements='str'), health_check_id=dict(), hosted_zone_method=dict(choices=[ 'details', diff --git a/plugins/modules/s3_bucket_notification.py b/plugins/modules/s3_bucket_notification.py index 854f3cadd84..f42c64a0028 100644 --- a/plugins/modules/s3_bucket_notification.py +++ b/plugins/modules/s3_bucket_notification.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: s3_bucket_notification version_added: 1.0.0 @@ -89,7 +89,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' --- # Example that creates a lambda event notification for a bucket - name: Process jpg image @@ -103,7 +103,7 @@ suffix: .jpg ''' -RETURN = ''' +RETURN = r''' notification_configuration: description: list of currently applied notifications returned: success @@ -216,7 +216,7 @@ def main(): event_name=dict(required=True), lambda_function_arn=dict(aliases=['function_arn']), bucket_name=dict(required=True), - events=dict(type='list', default=[], choices=event_types), + events=dict(type='list', default=[], choices=event_types, elements='str'), prefix=dict(default=''), suffix=dict(default=''), lambda_alias=dict(), diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index 72fe1616818..a2518a88570 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -6,7 +6,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: s3_lifecycle version_added: 1.0.0 @@ -72,6 +72,7 @@ I(transition_days) I(storage_class) type: list + elements: dict rule_id: description: - "Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided." @@ -114,6 +115,7 @@ I(transition_date) I(storage_class) type: list + elements: dict requester_pays: description: - The I(requester_pays) option does nothing and will be removed after 2022-06-01 @@ -124,7 +126,7 @@ ''' -EXAMPLES = ''' +EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days @@ -442,7 +444,7 @@ def main(): noncurrent_version_expiration_days=dict(type='int'), noncurrent_version_storage_class=dict(default='glacier', type='str', choices=['glacier', 'onezone_ia', 'standard_ia']), noncurrent_version_transition_days=dict(type='int'), - noncurrent_version_transitions=dict(type='list'), + noncurrent_version_transitions=dict(type='list', elements='dict'), prefix=dict(), requester_pays=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), rule_id=dict(), @@ -451,7 +453,7 @@ def main(): storage_class=dict(default='glacier', type='str', choices=['glacier', 'onezone_ia', 'standard_ia']), transition_days=dict(type='int'), transition_date=dict(), - transitions=dict(type='list'), + transitions=dict(type='list', elements='dict'), purge_transitions=dict(default='yes', type='bool') ) diff --git a/plugins/modules/sns_topic.py b/plugins/modules/sns_topic.py index 4240a746754..79070cbabc5 100644 --- a/plugins/modules/sns_topic.py +++ b/plugins/modules/sns_topic.py @@ -7,7 +7,7 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: sns_topic short_description: Manages AWS SNS topics and subscriptions version_added: 1.0.0 @@ -73,7 +73,7 @@ requirements: [ "boto" ] ''' -EXAMPLES = """ +EXAMPLES = r""" - name: Create alarm SNS topic community.aws.sns_topic: @@ -99,7 +99,7 @@ """ -RETURN = ''' +RETURN = r''' sns_arn: description: The ARN of the topic you are modifying type: str @@ -482,7 +482,7 @@ def main(): display_name=dict(), policy=dict(type='dict'), delivery_policy=dict(type='dict'), - subscriptions=dict(default=[], type='list'), + subscriptions=dict(default=[], type='list', elements='dict'), purge_subscriptions=dict(type='bool', default=True), ) diff --git a/tests/sanity/ignore-2.10.txt b/tests/sanity/ignore-2.10.txt index 763fac478ee..5670c301ac4 100644 --- a/tests/sanity/ignore-2.10.txt +++ b/tests/sanity/ignore-2.10.txt @@ -1,105 +1,3 @@ -plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch -plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements -plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch -plugins/modules/cloudfront_distribution.py validate-modules:parameter-list-no-elements -plugins/modules/cloudfront_invalidation.py validate-modules:doc-elements-mismatch -plugins/modules/cloudfront_invalidation.py validate-modules:parameter-list-no-elements -plugins/modules/cloudwatchevent_rule.py validate-modules:doc-elements-mismatch -plugins/modules/cloudwatchevent_rule.py validate-modules:parameter-list-no-elements -plugins/modules/data_pipeline.py validate-modules:doc-elements-mismatch -plugins/modules/data_pipeline.py validate-modules:parameter-list-no-elements -plugins/modules/dynamodb_table.py validate-modules:doc-elements-mismatch -plugins/modules/dynamodb_table.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_asg.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_asg.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_customer_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_customer_gateway_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_elb.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_elb_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_instance.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_instance_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_launch_template.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_launch_template.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_lc.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_lc.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_lc_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_lc_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_metric_alarm.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_metric_alarm.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_placement_group_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_placement_group_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_transit_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_endpoint_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_igw_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_igw_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nacl.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nacl_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_peering_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_peering_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_route_table.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_route_table.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vgw_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vgw_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vpn.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vpn.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vpn_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vpn_info.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_attribute.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_attribute.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_service.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_service.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_service_info.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_service_info.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_task.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_task.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_taskdefinition.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_taskdefinition.py validate-modules:parameter-list-no-elements -plugins/modules/efs.py validate-modules:doc-elements-mismatch -plugins/modules/efs.py validate-modules:parameter-list-no-elements -plugins/modules/efs_info.py validate-modules:doc-elements-mismatch -plugins/modules/efs_info.py validate-modules:parameter-list-no-elements -plugins/modules/elasticache.py validate-modules:doc-elements-mismatch -plugins/modules/elasticache.py validate-modules:parameter-list-no-elements -plugins/modules/elasticache_subnet_group.py validate-modules:doc-elements-mismatch -plugins/modules/elasticache_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/elb_application_lb.py validate-modules:doc-elements-mismatch -plugins/modules/elb_application_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_application_lb_info.py validate-modules:parameter-list-no-elements -plugins/modules/elb_classic_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_classic_lb_info.py validate-modules:parameter-list-no-elements -plugins/modules/elb_instance.py validate-modules:parameter-list-no-elements -plugins/modules/elb_network_lb.py validate-modules:doc-elements-mismatch -plugins/modules/elb_network_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_target_group.py validate-modules:parameter-list-no-elements -plugins/modules/elb_target_group_info.py validate-modules:parameter-list-no-elements -plugins/modules/iam.py validate-modules:parameter-list-no-elements -plugins/modules/iam_group.py validate-modules:doc-elements-mismatch -plugins/modules/iam_group.py validate-modules:parameter-list-no-elements -plugins/modules/iam_role.py validate-modules:parameter-list-no-elements -plugins/modules/iam_user.py validate-modules:parameter-list-no-elements -plugins/modules/lambda.py validate-modules:doc-elements-mismatch -plugins/modules/lambda.py validate-modules:parameter-list-no-elements -plugins/modules/rds.py validate-modules:doc-elements-mismatch -plugins/modules/rds.py validate-modules:parameter-list-no-elements -plugins/modules/rds_instance.py validate-modules:parameter-list-no-elements -plugins/modules/rds_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/redshift.py validate-modules:doc-elements-mismatch -plugins/modules/redshift.py validate-modules:parameter-list-no-elements -plugins/modules/redshift_subnet_group.py validate-modules:doc-elements-mismatch -plugins/modules/redshift_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/route53.py validate-modules:parameter-list-no-elements plugins/modules/route53.py validate-modules:parameter-state-invalid-choice -plugins/modules/route53_info.py validate-modules:doc-elements-mismatch -plugins/modules/route53_info.py validate-modules:parameter-list-no-elements -plugins/modules/s3_bucket_notification.py validate-modules:doc-elements-mismatch -plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-elements -plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements -plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch -plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang diff --git a/tests/sanity/ignore-2.11.txt b/tests/sanity/ignore-2.11.txt index 763fac478ee..5670c301ac4 100644 --- a/tests/sanity/ignore-2.11.txt +++ b/tests/sanity/ignore-2.11.txt @@ -1,105 +1,3 @@ -plugins/modules/cloudformation_stack_set.py validate-modules:doc-elements-mismatch -plugins/modules/cloudformation_stack_set.py validate-modules:parameter-list-no-elements -plugins/modules/cloudfront_distribution.py validate-modules:doc-elements-mismatch -plugins/modules/cloudfront_distribution.py validate-modules:parameter-list-no-elements -plugins/modules/cloudfront_invalidation.py validate-modules:doc-elements-mismatch -plugins/modules/cloudfront_invalidation.py validate-modules:parameter-list-no-elements -plugins/modules/cloudwatchevent_rule.py validate-modules:doc-elements-mismatch -plugins/modules/cloudwatchevent_rule.py validate-modules:parameter-list-no-elements -plugins/modules/data_pipeline.py validate-modules:doc-elements-mismatch -plugins/modules/data_pipeline.py validate-modules:parameter-list-no-elements -plugins/modules/dynamodb_table.py validate-modules:doc-elements-mismatch -plugins/modules/dynamodb_table.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_asg.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_asg.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_customer_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_customer_gateway_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_elb.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_elb_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_instance.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_instance_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_launch_template.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_launch_template.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_lc.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_lc.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_lc_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_lc_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_metric_alarm.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_metric_alarm.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_placement_group_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_placement_group_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_transit_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_endpoint_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_endpoint_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_igw_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_igw_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nacl.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nacl_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_nat_gateway_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_peering_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_peering_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_route_table.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_route_table.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vgw_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vgw_info.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vpn.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vpn.py validate-modules:parameter-list-no-elements -plugins/modules/ec2_vpc_vpn_info.py validate-modules:doc-elements-mismatch -plugins/modules/ec2_vpc_vpn_info.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_attribute.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_attribute.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_service.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_service.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_service_info.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_service_info.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_task.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_task.py validate-modules:parameter-list-no-elements -plugins/modules/ecs_taskdefinition.py validate-modules:doc-elements-mismatch -plugins/modules/ecs_taskdefinition.py validate-modules:parameter-list-no-elements -plugins/modules/efs.py validate-modules:doc-elements-mismatch -plugins/modules/efs.py validate-modules:parameter-list-no-elements -plugins/modules/efs_info.py validate-modules:doc-elements-mismatch -plugins/modules/efs_info.py validate-modules:parameter-list-no-elements -plugins/modules/elasticache.py validate-modules:doc-elements-mismatch -plugins/modules/elasticache.py validate-modules:parameter-list-no-elements -plugins/modules/elasticache_subnet_group.py validate-modules:doc-elements-mismatch -plugins/modules/elasticache_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/elb_application_lb.py validate-modules:doc-elements-mismatch -plugins/modules/elb_application_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_application_lb_info.py validate-modules:parameter-list-no-elements -plugins/modules/elb_classic_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_classic_lb_info.py validate-modules:parameter-list-no-elements -plugins/modules/elb_instance.py validate-modules:parameter-list-no-elements -plugins/modules/elb_network_lb.py validate-modules:doc-elements-mismatch -plugins/modules/elb_network_lb.py validate-modules:parameter-list-no-elements -plugins/modules/elb_target_group.py validate-modules:parameter-list-no-elements -plugins/modules/elb_target_group_info.py validate-modules:parameter-list-no-elements -plugins/modules/iam.py validate-modules:parameter-list-no-elements -plugins/modules/iam_group.py validate-modules:doc-elements-mismatch -plugins/modules/iam_group.py validate-modules:parameter-list-no-elements -plugins/modules/iam_role.py validate-modules:parameter-list-no-elements -plugins/modules/iam_user.py validate-modules:parameter-list-no-elements -plugins/modules/lambda.py validate-modules:doc-elements-mismatch -plugins/modules/lambda.py validate-modules:parameter-list-no-elements -plugins/modules/rds.py validate-modules:doc-elements-mismatch -plugins/modules/rds.py validate-modules:parameter-list-no-elements -plugins/modules/rds_instance.py validate-modules:parameter-list-no-elements -plugins/modules/rds_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/redshift.py validate-modules:doc-elements-mismatch -plugins/modules/redshift.py validate-modules:parameter-list-no-elements -plugins/modules/redshift_subnet_group.py validate-modules:doc-elements-mismatch -plugins/modules/redshift_subnet_group.py validate-modules:parameter-list-no-elements -plugins/modules/route53.py validate-modules:parameter-list-no-elements plugins/modules/route53.py validate-modules:parameter-state-invalid-choice -plugins/modules/route53_info.py validate-modules:doc-elements-mismatch -plugins/modules/route53_info.py validate-modules:parameter-list-no-elements -plugins/modules/s3_bucket_notification.py validate-modules:doc-elements-mismatch -plugins/modules/s3_bucket_notification.py validate-modules:parameter-list-no-elements -plugins/modules/s3_lifecycle.py validate-modules:parameter-list-no-elements -plugins/modules/sns_topic.py validate-modules:doc-elements-mismatch -plugins/modules/sns_topic.py validate-modules:parameter-list-no-elements tests/utils/shippable/check_matrix.py replace-urlopen tests/utils/shippable/timing.py shebang From 92bebdd5ab3019bbdeee55e8a69c9d903deeac49 Mon Sep 17 00:00:00 2001 From: Andrew Klychkov Date: Fri, 17 Jul 2020 21:10:09 +0300 Subject: [PATCH 040/129] aws modules: fix examples to use FQCN for builtin modules/plugins (#144) --- plugins/modules/aws_acm.py | 2 +- plugins/modules/aws_batch_compute_environment.py | 2 +- plugins/modules/aws_batch_job_definition.py | 2 +- plugins/modules/aws_batch_job_queue.py | 2 +- plugins/modules/aws_s3_bucket_info.py | 2 +- plugins/modules/aws_ssm_parameter_store.py | 2 +- plugins/modules/cloudformation_exports_info.py | 2 +- plugins/modules/cloudfront_info.py | 8 ++++---- plugins/modules/ec2_eip.py | 4 ++-- plugins/modules/ec2_eip_info.py | 4 ++-- plugins/modules/ec2_elb_info.py | 6 +++--- plugins/modules/ec2_lc.py | 2 +- plugins/modules/ec2_placement_group_info.py | 2 +- plugins/modules/ec2_vpc_nat_gateway_info.py | 2 +- plugins/modules/ec2_vpc_peering_info.py | 2 +- plugins/modules/efs_info.py | 2 +- plugins/modules/elb_application_lb_info.py | 2 +- plugins/modules/elb_classic_lb_info.py | 6 +++--- plugins/modules/elb_target_info.py | 4 ++-- plugins/modules/lambda_alias.py | 2 +- plugins/modules/lambda_event.py | 2 +- plugins/modules/lambda_facts.py | 2 +- plugins/modules/lambda_info.py | 2 +- plugins/modules/lambda_policy.py | 2 +- plugins/modules/rds.py | 2 +- 25 files changed, 35 insertions(+), 35 deletions(-) diff --git a/plugins/modules/aws_acm.py b/plugins/modules/aws_acm.py index b57618b1ac5..25581db1a39 100644 --- a/plugins/modules/aws_acm.py +++ b/plugins/modules/aws_acm.py @@ -175,7 +175,7 @@ register: cert_create - name: print ARN of cert we just created - debug: + ansible.builtin.debug: var: cert_create.certificate.arn - name: delete the cert we just created diff --git a/plugins/modules/aws_batch_compute_environment.py b/plugins/modules/aws_batch_compute_environment.py index 21eb4808f62..39ff11e2576 100644 --- a/plugins/modules/aws_batch_compute_environment.py +++ b/plugins/modules/aws_batch_compute_environment.py @@ -155,7 +155,7 @@ register: aws_batch_compute_environment_action - name: show results - debug: + ansible.builtin.debug: var: aws_batch_compute_environment_action ''' diff --git a/plugins/modules/aws_batch_job_definition.py b/plugins/modules/aws_batch_job_definition.py index 1c30d72efc5..18d0429a831 100644 --- a/plugins/modules/aws_batch_job_definition.py +++ b/plugins/modules/aws_batch_job_definition.py @@ -204,7 +204,7 @@ register: job_definition_create_result - name: show results - debug: var=job_definition_create_result + ansible.builtin.debug: var=job_definition_create_result ''' RETURN = r''' diff --git a/plugins/modules/aws_batch_job_queue.py b/plugins/modules/aws_batch_job_queue.py index e95940dbb8f..b472371eb84 100644 --- a/plugins/modules/aws_batch_job_queue.py +++ b/plugins/modules/aws_batch_job_queue.py @@ -83,7 +83,7 @@ register: batch_job_queue_action - name: show results - debug: + ansible.builtin.debug: var: batch_job_queue_action ''' diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index 90e07a1b62b..735bba97f74 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -35,7 +35,7 @@ register: result - name: List buckets - debug: + ansible.builtin.debug: msg: "{{ result['buckets'] }}" ''' diff --git a/plugins/modules/aws_ssm_parameter_store.py b/plugins/modules/aws_ssm_parameter_store.py index 82138868760..32c1df62536 100644 --- a/plugins/modules/aws_ssm_parameter_store.py +++ b/plugins/modules/aws_ssm_parameter_store.py @@ -112,7 +112,7 @@ overwrite_value: "always" - name: recommend to use with aws_ssm lookup plugin - debug: + ansible.builtin.debug: msg: "{{ lookup('amazon.aws.aws_ssm', 'hello') }}" ''' diff --git a/plugins/modules/cloudformation_exports_info.py b/plugins/modules/cloudformation_exports_info.py index d53d83bd027..8eab5325be3 100644 --- a/plugins/modules/cloudformation_exports_info.py +++ b/plugins/modules/cloudformation_exports_info.py @@ -27,7 +27,7 @@ profile: 'my_aws_profile' region: 'my_region' register: cf_exports -- debug: +- ansible.builtin.debug: msg: "{{ cf_exports }}" ''' diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index cc6f9472bb0..bd81ac53b54 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -163,7 +163,7 @@ distribution: true distribution_id: my-cloudfront-distribution-id register: result_did -- debug: +- ansible.builtin.debug: msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" - name: Get information about a distribution using the CNAME of the cloudfront distribution. @@ -171,7 +171,7 @@ distribution: true domain_name_alias: www.my-website.com register: result_website -- debug: +- ansible.builtin.debug: msg: "{{ result_website['cloudfront']['www.my-website.com'] }}" # When the module is called as cloudfront_facts, return values are published @@ -181,13 +181,13 @@ community.aws.cloudfront_facts: distribution: true distribution_id: my-cloudfront-distribution-id -- debug: +- ansible.builtin.debug: msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" - community.aws.cloudfront_facts: distribution: true domain_name_alias: www.my-website.com -- debug: +- ansible.builtin.debug: msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" - name: Get all information about an invalidation for a distribution. diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index c43363e3b6d..42909d8ff36 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -137,7 +137,7 @@ register: eip - name: output the IP - debug: + ansible.builtin.debug: msg: "Allocated IP is {{ eip.public_ip }}" - name: provision new instances with ec2 @@ -162,7 +162,7 @@ register: eip - name: output the IP - debug: + ansible.builtin.debug: msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" - name: allocate eip - reuse unallocated ips (if found) with FREE tag diff --git a/plugins/modules/ec2_eip_info.py b/plugins/modules/ec2_eip_info.py index c31ec738f09..553930db67a 100644 --- a/plugins/modules/ec2_eip_info.py +++ b/plugins/modules/ec2_eip_info.py @@ -44,7 +44,7 @@ instance-id: i-123456789 register: my_vm_eips -- debug: +- ansible.builtin.debug: msg: "{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" - name: List all EIP addresses for several VMs. @@ -69,7 +69,7 @@ # Set the variable eip_alloc to the value of the first allocation_id # and set the variable my_pub_ip to the value of the first public_ip -- set_fact: +- ansible.builtin.set_fact: eip_alloc: my_vms_eips.addresses[0].allocation_id my_pub_ip: my_vms_eips.addresses[0].public_ip diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index a66d130deb1..c4b1bd67360 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -47,7 +47,7 @@ - name: Gather information about all ELBs community.aws.ec2_elb_info: register: elb_info -- debug: +- ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" @@ -56,7 +56,7 @@ names: frontend-prod-elb register: elb_info -- debug: +- ansible.builtin.debug: msg: "{{ elb_info.elbs.0.dns_name }}" - name: Gather information about a set of ELBs @@ -66,7 +66,7 @@ - backend-prod-elb register: elb_info -- debug: +- ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index deb6633adeb..813bfe04cb4 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -238,7 +238,7 @@ - name: Use EBS snapshot ID for volume block: - name: Set Volume Facts - set_fact: + ansible.builtin.set_fact: volumes: - device_name: /dev/sda1 volume_size: 20 diff --git a/plugins/modules/ec2_placement_group_info.py b/plugins/modules/ec2_placement_group_info.py index 7ec7f62fd92..354d3eb3276 100644 --- a/plugins/modules/ec2_placement_group_info.py +++ b/plugins/modules/ec2_placement_group_info.py @@ -45,7 +45,7 @@ - my-other-cluster register: specific_ec2_placement_groups -- debug: +- ansible.builtin.debug: msg: "{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" ''' diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index bb164a2b50b..f076d38a833 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -41,7 +41,7 @@ register: all_ngws - name: Debugging the result - debug: + ansible.builtin.debug: msg: "{{ all_ngws.result }}" - name: Get details on specific nat gateways diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index 2d577227fac..cffcf6f9aed 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -41,7 +41,7 @@ register: all_vpc_peers - name: Debugging the result - debug: + ansible.builtin.debug: msg: "{{ all_vpc_peers.result }}" - name: Get details on specific VPC peer diff --git a/plugins/modules/efs_info.py b/plugins/modules/efs_info.py index a1b310fe7bc..62fd583785d 100644 --- a/plugins/modules/efs_info.py +++ b/plugins/modules/efs_info.py @@ -63,7 +63,7 @@ - sg-4d3c2b1a register: result -- debug: +- ansible.builtin.debug: msg: "{{ result['efs'] }}" ''' diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index 21952633a43..796803d8c2f 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -58,7 +58,7 @@ names: "alb-name" region: "aws-region" register: alb_info -- debug: +- ansible.builtin.debug: var: alb_info ''' diff --git a/plugins/modules/elb_classic_lb_info.py b/plugins/modules/elb_classic_lb_info.py index 88d44ee8125..12a6a43771a 100644 --- a/plugins/modules/elb_classic_lb_info.py +++ b/plugins/modules/elb_classic_lb_info.py @@ -51,7 +51,7 @@ - community.aws.elb_classic_lb_info: register: elb_info -- debug: +- ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" @@ -60,7 +60,7 @@ names: frontend-prod-elb register: elb_info -- debug: +- ansible.builtin.debug: msg: "{{ elb_info.elbs.0.dns_name }}" # Gather information about a set of ELBs @@ -70,7 +70,7 @@ - backend-prod-elb register: elb_info -- debug: +- ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" diff --git a/plugins/modules/elb_target_info.py b/plugins/modules/elb_target_info.py index dda76f08c24..924632339de 100644 --- a/plugins/modules/elb_target_info.py +++ b/plugins/modules/elb_target_info.py @@ -50,7 +50,7 @@ register: target_info - name: save fact for later - set_fact: + ansible.builtin.set_fact: original_tgs: "{{ target_info.instance_target_groups }}" - name: Deregister instance from all target groups @@ -118,7 +118,7 @@ # instance - useful in case the playbook fails mid-run and manual # rollback is required - name: "reregistration commands: ELBv2s" - debug: + ansible.builtin.debug: msg: > aws --region {{ansible_ec2_placement_region}} elbv2 register-targets --target-group-arn {{item.target_group_arn}} diff --git a/plugins/modules/lambda_alias.py b/plugins/modules/lambda_alias.py index 2b74cdb6352..75193221b5b 100644 --- a/plugins/modules/lambda_alias.py +++ b/plugins/modules/lambda_alias.py @@ -86,7 +86,7 @@ name: myLambdaFunction register: lambda_info - name: show results - debug: + ansible.builtin.debug: msg: "{{ lambda_info['lambda_facts'] }}" # The following will set the Dev alias to the latest version ($LATEST) since version is omitted (or = 0) diff --git a/plugins/modules/lambda_event.py b/plugins/modules/lambda_event.py index e1a35220b74..6dbbfb6590b 100644 --- a/plugins/modules/lambda_event.py +++ b/plugins/modules/lambda_event.py @@ -102,7 +102,7 @@ register: event - name: Show source event - debug: + ansible.builtin.debug: var: event.lambda_stream_events ''' diff --git a/plugins/modules/lambda_facts.py b/plugins/modules/lambda_facts.py index 0d102fd7340..4c02947c998 100644 --- a/plugins/modules/lambda_facts.py +++ b/plugins/modules/lambda_facts.py @@ -69,7 +69,7 @@ query: all max_items: 20 - name: show Lambda facts - debug: + ansible.builtin.debug: var: lambda_facts ''' diff --git a/plugins/modules/lambda_info.py b/plugins/modules/lambda_info.py index b81f8521013..1e40aec4ca1 100644 --- a/plugins/modules/lambda_info.py +++ b/plugins/modules/lambda_info.py @@ -63,7 +63,7 @@ max_items: 20 register: output - name: show Lambda information - debug: + ansible.builtin.debug: msg: "{{ output['function'] }}" ''' diff --git a/plugins/modules/lambda_policy.py b/plugins/modules/lambda_policy.py index 09c74423a0d..2860e3a6540 100644 --- a/plugins/modules/lambda_policy.py +++ b/plugins/modules/lambda_policy.py @@ -120,7 +120,7 @@ register: lambda_policy_action - name: show results - debug: + ansible.builtin.debug: var: lambda_policy_action ''' diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index 87dd07f518c..e259ef757e5 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -305,7 +305,7 @@ region: us-west-2 vpc_security_groups: sg-xxx945xx -- debug: +- ansible.builtin.debug: msg: "The new db endpoint is {{ rds.instance.endpoint }}" ''' From 470797865e374184f6a9ca7d4ed26ae540594777 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Mon, 20 Jul 2020 15:55:10 -0700 Subject: [PATCH 041/129] Fix typo in aws_lambda aliases (#148) Correct lambda_info spelling so tests will actually run --- tests/integration/targets/aws_lambda/aliases | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/aws_lambda/aliases b/tests/integration/targets/aws_lambda/aliases index 67404b76524..50eca4286dd 100644 --- a/tests/integration/targets/aws_lambda/aliases +++ b/tests/integration/targets/aws_lambda/aliases @@ -2,4 +2,4 @@ cloud/aws shippable/aws/group2 execute_lambda lambda -lamda_info +lambda_info From 941ce11f8631497ddd58d3a2cc1dff2eb6c33692 Mon Sep 17 00:00:00 2001 From: Philipp Hoffmann Date: Fri, 24 Jul 2020 10:02:28 +0200 Subject: [PATCH 042/129] Refactoring of ec2_win_password in preparation for testing Switched from AnsibleModule to AnsibleAWSModule --- plugins/modules/ec2_win_password.py | 36 +++++++++++++++++++---------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index 83adb4fcbbc..af450025e08 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -115,12 +115,12 @@ except ImportError: HAS_CRYPTOGRAPHY = False -from ansible.module_utils.basic import AnsibleModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO, ec2_argument_spec, ec2_connect from ansible.module_utils._text import to_bytes -def main(): +def setup_module_object(): argument_spec = ec2_argument_spec() argument_spec.update(dict( instance_id=dict(required=True), @@ -131,21 +131,21 @@ def main(): wait_timeout=dict(default=120, required=False, type='int'), ) ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec) + return module - if not HAS_BOTO: - module.fail_json(msg='Boto required for this module.') - - if not HAS_CRYPTOGRAPHY: - module.fail_json(msg='cryptography package required for this module.') +def ec2_win_password(module): instance_id = module.params.get('instance_id') key_file = module.params.get('key_file') - key_data = module.params.get('key_data') if module.params.get('key_passphrase') is None: b_key_passphrase = None else: b_key_passphrase = to_bytes(module.params.get('key_passphrase'), errors='surrogate_or_strict') + if module.params.get('key_data') is None: + b_key_data = None + else: + b_key_data = to_bytes(module.params.get('key_data'), errors='surrogate_or_strict') wait = module.params.get('wait') wait_timeout = module.params.get('wait_timeout') @@ -169,7 +169,7 @@ def main(): if wait and datetime.datetime.now() >= end: module.fail_json(msg="wait for password timeout after %d seconds" % wait_timeout) - if key_file is not None and key_data is None: + if key_file is not None and b_key_data is None: try: with open(key_file, 'rb') as f: key = load_pem_private_key(f.read(), b_key_passphrase, default_backend()) @@ -179,9 +179,9 @@ def main(): except (ValueError, TypeError) as e: # Handle issues loading key module.fail_json(msg="unable to parse key file") - elif key_data is not None and key_file is None: + elif b_key_data is not None and key_file is None: try: - key = load_pem_private_key(key_data.encode('ascii'), b_key_passphrase, default_backend()) + key = load_pem_private_key(b_key_data, b_key_passphrase, default_backend()) except (ValueError, TypeError) as e: module.fail_json(msg="unable to parse key data") @@ -200,5 +200,17 @@ def main(): module.exit_json(win_password=decrypted, changed=True) +def main(): + module = setup_module_object() + + if not HAS_BOTO: + module.fail_json(msg='Boto required for this module.') + + if not HAS_CRYPTOGRAPHY: + module.fail_json(msg='cryptography package required for this module.') + + ec2_win_password(module) + + if __name__ == '__main__': main() From d5cd8ce2a09da2f375d5e3b550e0653790e82dd5 Mon Sep 17 00:00:00 2001 From: Philipp Hoffmann Date: Fri, 24 Jul 2020 10:02:58 +0200 Subject: [PATCH 043/129] Test case for ec2_win_password --- .../fixtures/certs/e2_win_password.pem | 15 ++++++++ tests/unit/modules/test_ec2_win_password.py | 35 +++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 tests/unit/modules/fixtures/certs/e2_win_password.pem create mode 100644 tests/unit/modules/test_ec2_win_password.py diff --git a/tests/unit/modules/fixtures/certs/e2_win_password.pem b/tests/unit/modules/fixtures/certs/e2_win_password.pem new file mode 100644 index 00000000000..e1792109e00 --- /dev/null +++ b/tests/unit/modules/fixtures/certs/e2_win_password.pem @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDAt4WXUohebyTXAxEBkfCjuaKBgv5VgGwHeSWomB0IoKszlNHL +itadHg/vDi1gHSeRANw4KccpFAEIy4Oq3bMpI/rFrDdj/otp4wDcZKuIxq8OtU4b +KBXsSJD9vxAMZktaJ28gpv+mSjnmz+uC0QiuticKaO62pWPGdd6RjuylkwIDAQAB +AoGAUNSo069qQzGa4hQHLgFoTUOvRWMMChCzPu8xPGWQx+2b4SaqWBUDryLMzBfG +MGoKDmet9mCPiEs7o9S4hRI38m2dKBPHRjpFJDPrJmsKNyjk9yBrcJf6EysNEPbd +mYt7DxyUHVNQJpLOPXuMFSi/iloXTBRZ0dEzvhCp2nmX9wECQQD8+s89dwIm41QK +laqELxSVDtSkfLkBIYtw4xPEfuXufna7LHXnR6b9CELAD8L5ht5CiXHzVPpiuwz4 +AaIvK44tAkEAwwSHaT6AOeXKNnNLTM+UzFW4rKixsSMQVD/7OjU0/IabFOkE+uY/ +WTgLrp1OsqhhDRS/F/eN9uj0dXHXgBEavwJAImW77gCTg1QfpjzJbaW1J7tXgHIQ ++a1k91l445vZib8aR8L42RSuCPOpl9HM0f7bk7J6kvp3/Rqv3bzjH4TNlQJBAId1 +k+FEqqiMtsLPntRBs+ei+13i51pVMrhyoLyzzJRDo2EI4o6sdAAy79pgJhPu5UrC +yGGLcK667WLOqpOoTd0CQQC/4Bq12KCwk9VEWOzNV+kPFzTb85RuzwH5Tis+Fbp2 +CNc26WPeNwOvNxXgzAve4G4CaUNLnmATatr5BKjU8Xkr +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/tests/unit/modules/test_ec2_win_password.py b/tests/unit/modules/test_ec2_win_password.py new file mode 100644 index 00000000000..a4a19b80c19 --- /dev/null +++ b/tests/unit/modules/test_ec2_win_password.py @@ -0,0 +1,35 @@ +from __future__ import (absolute_import, division, print_function) + +__metaclass__ = type + +from ansible.module_utils._text import to_bytes, to_text +from ansible_collections.community.aws.plugins.modules.ec2_win_password import setup_module_object, ec2_win_password +from ansible_collections.community.aws.tests.unit.compat.mock import patch +from ansible_collections.community.aws.tests.unit.modules.utils import AnsibleExitJson, ModuleTestCase, set_module_args + +fixture_prefix = 'tests/unit/modules/fixtures/certs' + + +class TestEc2WinPasswordModule(ModuleTestCase): + @patch('ansible_collections.community.aws.plugins.modules.ec2_win_password.ec2_connect') + def test_first(self, mock_connect): + + path = fixture_prefix + '/ec2_win_password.pem' + with open(path, 'r') as f: + pem = to_text(f.read()) + + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args({'instance_id': 'i-12345', + 'key_data': pem + }) + module = setup_module_object() + mock_connect().get_password_data.return_value = 'L2k1iFiu/TRrjGr6Rwco/T3C7xkWxUw4+YPYpGGOmP3KDdy3hT1' \ + '8RvdDJ2i0e+y7wUcH43DwbRYSlkSyALY/nzjSV9R5NChUyVs3W5' \ + '5oiVuyTKsk0lor8dFJ9z9unq14tScZHvyQ3Nx1ggOtS18S9Pk55q' \ + 'IaCXfx26ucH76VRho=' + ec2_win_password(module) + + self.assertEqual( + exec_info.exception.args[0]['win_password'], + to_bytes('Ansible_AWS_EC2_Win_Password'), + ) From a8974e3803de672aee749828eec7a0ce38e82462 Mon Sep 17 00:00:00 2001 From: Philipp Hoffmann Date: Fri, 24 Jul 2020 11:08:51 +0200 Subject: [PATCH 044/129] Fixed pem filename --- .../certs/{e2_win_password.pem => ec2_win_password.pem} | 0 tests/unit/modules/test_ec2_win_password.py | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename tests/unit/modules/fixtures/certs/{e2_win_password.pem => ec2_win_password.pem} (100%) diff --git a/tests/unit/modules/fixtures/certs/e2_win_password.pem b/tests/unit/modules/fixtures/certs/ec2_win_password.pem similarity index 100% rename from tests/unit/modules/fixtures/certs/e2_win_password.pem rename to tests/unit/modules/fixtures/certs/ec2_win_password.pem diff --git a/tests/unit/modules/test_ec2_win_password.py b/tests/unit/modules/test_ec2_win_password.py index a4a19b80c19..c6efc6bf4e7 100644 --- a/tests/unit/modules/test_ec2_win_password.py +++ b/tests/unit/modules/test_ec2_win_password.py @@ -12,7 +12,7 @@ class TestEc2WinPasswordModule(ModuleTestCase): @patch('ansible_collections.community.aws.plugins.modules.ec2_win_password.ec2_connect') - def test_first(self, mock_connect): + def test_decryption(self, mock_connect): path = fixture_prefix + '/ec2_win_password.pem' with open(path, 'r') as f: From 1b9fde2a928519677f75ce7dc11775cbf3693f6a Mon Sep 17 00:00:00 2001 From: Philipp Hoffmann Date: Fri, 24 Jul 2020 20:13:13 +0200 Subject: [PATCH 045/129] Added comments to help with future test extensions --- tests/unit/modules/test_ec2_win_password.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/unit/modules/test_ec2_win_password.py b/tests/unit/modules/test_ec2_win_password.py index c6efc6bf4e7..cf0d3ff72ac 100644 --- a/tests/unit/modules/test_ec2_win_password.py +++ b/tests/unit/modules/test_ec2_win_password.py @@ -2,6 +2,21 @@ __metaclass__ = type +''' +Commands to encrypt a message that can be decrypted: +from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.primitives.serialization import load_pem_private_key +from cryptography.hazmat.primitives.asymmetric.padding import PKCS1v15 +import base64 + +path = '/path/to/rsa_public_key.pem' +with open(path, 'r') as f: + rsa_public_key_pem = to_text(f.read()) +load_pem_public_key(rsa_public_key_pem = , default_backend()) +base64_cipher = public_key.encrypt('Ansible_AWS_EC2_Win_Password', PKCS1v15()) +string_cipher = base64.b64encode(base64_cipher) +''' + from ansible.module_utils._text import to_bytes, to_text from ansible_collections.community.aws.plugins.modules.ec2_win_password import setup_module_object, ec2_win_password from ansible_collections.community.aws.tests.unit.compat.mock import patch From 61783c7995aa177f34ceb0295ff62db251b102df Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 27 Jul 2020 18:43:01 +0200 Subject: [PATCH 046/129] Mark a number of integration tests as unstable based on high failure rates over the last week (#160) https://github.com/ansible-collections/community.aws/issues/158 https://github.com/ansible-collections/community.aws/issues/157 https://github.com/ansible-collections/community.aws/issues/159 https://github.com/ansible-collections/community.aws/issues/153 https://github.com/ansible-collections/community.aws/issues/154 https://github.com/ansible-collections/community.aws/issues/155 https://github.com/ansible-collections/community.aws/issues/156 --- tests/integration/targets/aws_api_gateway/aliases | 2 ++ tests/integration/targets/cloudformation_exports_info/aliases | 2 ++ tests/integration/targets/ec2_eip/aliases | 2 ++ tests/integration/targets/ec2_vpc_nacl/aliases | 2 ++ tests/integration/targets/ec2_vpc_vgw/aliases | 2 ++ tests/integration/targets/ec2_vpc_vpn_info/aliases | 2 ++ tests/integration/targets/lambda_policy/aliases | 2 ++ 7 files changed, 14 insertions(+) diff --git a/tests/integration/targets/aws_api_gateway/aliases b/tests/integration/targets/aws_api_gateway/aliases index 6e3860bee23..f24be68b2e4 100644 --- a/tests/integration/targets/aws_api_gateway/aliases +++ b/tests/integration/targets/aws_api_gateway/aliases @@ -1,2 +1,4 @@ cloud/aws shippable/aws/group2 +# https://github.com/ansible-collections/community.aws/issues/158 +unstable diff --git a/tests/integration/targets/cloudformation_exports_info/aliases b/tests/integration/targets/cloudformation_exports_info/aliases index 157ce0c9d4c..777562fd9b9 100644 --- a/tests/integration/targets/cloudformation_exports_info/aliases +++ b/tests/integration/targets/cloudformation_exports_info/aliases @@ -1,2 +1,4 @@ cloud/aws shippable/aws/group3 +# https://github.com/ansible-collections/community.aws/issues/157 +unstable diff --git a/tests/integration/targets/ec2_eip/aliases b/tests/integration/targets/ec2_eip/aliases index 6e3860bee23..6ac56ac2486 100644 --- a/tests/integration/targets/ec2_eip/aliases +++ b/tests/integration/targets/ec2_eip/aliases @@ -1,2 +1,4 @@ cloud/aws shippable/aws/group2 +# https://github.com/ansible-collections/community.aws/issues/159 +unstable diff --git a/tests/integration/targets/ec2_vpc_nacl/aliases b/tests/integration/targets/ec2_vpc_nacl/aliases index 074f2ab60c1..d82d1f9e4cd 100644 --- a/tests/integration/targets/ec2_vpc_nacl/aliases +++ b/tests/integration/targets/ec2_vpc_nacl/aliases @@ -1,3 +1,5 @@ ec2_vpc_nacl_info cloud/aws shippable/aws/group2 +# https://github.com/ansible-collections/community.aws/issues/153 +unstable diff --git a/tests/integration/targets/ec2_vpc_vgw/aliases b/tests/integration/targets/ec2_vpc_vgw/aliases index 6e3860bee23..0b8a330a44a 100644 --- a/tests/integration/targets/ec2_vpc_vgw/aliases +++ b/tests/integration/targets/ec2_vpc_vgw/aliases @@ -1,2 +1,4 @@ cloud/aws shippable/aws/group2 +# https://github.com/ansible-collections/community.aws/issues/154 +unstable diff --git a/tests/integration/targets/ec2_vpc_vpn_info/aliases b/tests/integration/targets/ec2_vpc_vpn_info/aliases index 157ce0c9d4c..e915bed8cba 100644 --- a/tests/integration/targets/ec2_vpc_vpn_info/aliases +++ b/tests/integration/targets/ec2_vpc_vpn_info/aliases @@ -1,2 +1,4 @@ cloud/aws shippable/aws/group3 +# https://github.com/ansible-collections/community.aws/issues/156 +unstable diff --git a/tests/integration/targets/lambda_policy/aliases b/tests/integration/targets/lambda_policy/aliases index a112c3d1bb2..157b4347079 100644 --- a/tests/integration/targets/lambda_policy/aliases +++ b/tests/integration/targets/lambda_policy/aliases @@ -1,2 +1,4 @@ cloud/aws shippable/aws/group1 +# https://github.com/ansible-collections/community.aws/issues/155 +unstable From 5b6c152b64d2d8f49e1661b04d0ba629bf698288 Mon Sep 17 00:00:00 2001 From: Josh Souza Date: Tue, 28 Jul 2020 08:54:20 -0700 Subject: [PATCH 047/129] Add joshsouza to the ignore list --- .github/BOTMETA.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/BOTMETA.yml b/.github/BOTMETA.yml index 0e12bff9341..edebc260b1e 100644 --- a/.github/BOTMETA.yml +++ b/.github/BOTMETA.yml @@ -8,7 +8,7 @@ files: $modules/: authors: wimnat maintainers: $team_aws - ignore: erydo nadirollo seiffert tedder + ignore: erydo joshsouza nadirollo seiffert tedder label: modules $modules/_aws_region_facts.py: authors: Sodki From 1b1dbeea1ebaf10be7bce55e3d8004ca493f0108 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 28 Jul 2020 16:36:44 -0700 Subject: [PATCH 048/129] Preserve permissions when copying lambdas (#167) ansible/ansible/pull/69993 changed copy's mode behaviour. Lambda tests which copy files to '{{ outpur_dir }}' before zipping are now being unzipped by Lambda with incorrect permissions, causing test failures. --- tests/integration/targets/aws_lambda/tasks/main.yml | 1 + tests/integration/targets/lambda_policy/tasks/main.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/tests/integration/targets/aws_lambda/tasks/main.yml b/tests/integration/targets/aws_lambda/tasks/main.yml index 1c40d9a81d3..e56215dae18 100644 --- a/tests/integration/targets/aws_lambda/tasks/main.yml +++ b/tests/integration/targets/aws_lambda/tasks/main.yml @@ -79,6 +79,7 @@ copy: src: mini_lambda.py dest: '{{output_dir}}/mini_lambda.py' + mode: preserve - name: bundle lambda into a zip register: zip_res archive: diff --git a/tests/integration/targets/lambda_policy/tasks/main.yml b/tests/integration/targets/lambda_policy/tasks/main.yml index ceb1783b46d..5c1d210e74d 100644 --- a/tests/integration/targets/lambda_policy/tasks/main.yml +++ b/tests/integration/targets/lambda_policy/tasks/main.yml @@ -59,6 +59,7 @@ copy: src: mini_http_lambda.py dest: '{{output_dir}}/mini_http_lambda.py' + mode: preserve - name: bundle lambda into a zip register: zip_res archive: From c3ae2822024efb5e20d754b0016b7e53c9b27a06 Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Wed, 29 Jul 2020 02:47:37 +0200 Subject: [PATCH 049/129] Add porting guide entries from Ansible-base porting guide (https://github.com/ansible/ansible/blob/devel/docs/docsite/rst/porting_guides/porting_guide_2.10.rst). (#165) --- changelogs/fragments/porting-guide.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 changelogs/fragments/porting-guide.yml diff --git a/changelogs/fragments/porting-guide.yml b/changelogs/fragments/porting-guide.yml new file mode 100644 index 00000000000..ebcc2a517e9 --- /dev/null +++ b/changelogs/fragments/porting-guide.yml @@ -0,0 +1,12 @@ +--- +deprecated_features: + - iam_managed_policy - the ``fail_on_delete`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. + - s3_lifecycle - the ``requester_pays`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. + - s3_sync - the ``retries`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. + - data_pipeline - the ``version`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. + - ec2_eip - the ``wait_timeout`` option has been deprecated and will be removed in a later release. It has had no effect since Ansible 2.3. + - ec2_lc - the ``associate_public_ip_address`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. + - iam_policy - the ``policy_document`` option has been deprecated and will be removed in a later release. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. + - iam_policy - in a later release, the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``. To maintain the existing behavior explicitly set it to ``true``. + - iam_role - in a later release, the ``purge_policies`` option (also know as ``purge_policy``) default value will change from ``true`` to ``false`` + - elb_network_lb - in a later release, the default behaviour for the ``state`` option will change from ``absent`` to ``present``. To maintain the existing behavior explicitly set state to ``absent``. From 5f946595e3233d52de81c318264060f398755594 Mon Sep 17 00:00:00 2001 From: Matthew Davis <7035647+mdavis-xyz@users.noreply.github.com> Date: Wed, 29 Jul 2020 11:37:24 +1000 Subject: [PATCH 050/129] add links from README to collection dev guide (#124) --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b3a6ddaff73..88f8297f82c 100644 --- a/README.md +++ b/README.md @@ -254,8 +254,9 @@ You can also join us on: - Freenode IRC - ``#ansible-aws`` Freenode channel -See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) for details on contributing to Ansible. +See the [Collection Developer Guide](https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html) for details on contributing to this repository. +See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) for details on contributing to Ansible more generally. ## Release notes @@ -269,6 +270,7 @@ See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/commun - [Ansible Collection overview](https://github.com/ansible-collections/overview) - [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html) - [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html) +- [Ansible Collection Developer Guide](https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html) - [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) ## Licensing From d4e4d3ea7878d852024ded376af186bbe13ad1d3 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 29 Jul 2020 09:10:43 +0200 Subject: [PATCH 051/129] lambda AnsibleAWSModule cleanup (also enable retries) (#5) * Bomb out early if someone tries to set tags without the necessary botocore version * Simplify some error handling by using fail_json_aws * Use BotoCoreError rather than the sub-errors We still bomb out, but fail_json_aws is more graceful and user friendly than an uncaught Boto3 error. * use is_boto3_error_code to limit what we catch rather than catching and re-raising. * Cleanup get_account_info - use module.client to avoid the mass of extra args - use is_boto3_error_code('AccessDenied') to be a little cleaner - fix text search (re.search(, mystring) rather than mystring.search()) * Use module.client helpers * Delete dead code path - we test for having *both* vpc_subnet_ids and vpc_security_group_ids when we parse the arguments * Enable basic AWS Retries * Tweak integration test to allow for common 'missing region' error message * Rename lambda tests from 'aws_lambda' to 'lambda' (matching the module name) * Use omit rather than 'null' in the tests - https://github.com/ansible/ansible/issues/69190 * Ignore duplicate-except warnings (it's caused by the way is_boto3_error works) * change expected error messages now we're using an AnsibleAWSModule feature --- plugins/modules/lambda.py | 116 ++++++++---------- .../targets/{aws_lambda => lambda}/aliases | 1 - .../{aws_lambda => lambda}/defaults/main.yml | 0 .../files/mini_lambda.py | 0 .../{aws_lambda => lambda}/meta/main.yml | 0 .../{aws_lambda => lambda}/tasks/main.yml | 41 ++----- 6 files changed, 59 insertions(+), 99 deletions(-) rename tests/integration/targets/{aws_lambda => lambda}/aliases (89%) rename tests/integration/targets/{aws_lambda => lambda}/defaults/main.yml (100%) rename tests/integration/targets/{aws_lambda => lambda}/files/mini_lambda.py (100%) rename tests/integration/targets/{aws_lambda => lambda}/meta/main.yml (100%) rename tests/integration/targets/{aws_lambda => lambda}/tasks/main.yml (93%) diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py index 8975163cc30..9cb2e0286cc 100644 --- a/plugins/modules/lambda.py +++ b/plugins/modules/lambda.py @@ -212,21 +212,24 @@ ''' from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info, boto3_conn, camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags + import base64 import hashlib import traceback import re try: - from botocore.exceptions import ClientError, BotoCoreError, ValidationError, ParamValidationError + from botocore.exceptions import ClientError, BotoCoreError except ImportError: pass # protected by AnsibleAWSModule -def get_account_info(module, region=None, endpoint=None, **aws_connect_kwargs): +def get_account_info(module): """return the account information (account id and partition) we are currently working on get_account_info tries too find out the account that we are working @@ -237,27 +240,25 @@ def get_account_info(module, region=None, endpoint=None, **aws_connect_kwargs): account_id = None partition = None try: - sts_client = boto3_conn(module, conn_type='client', resource='sts', - region=region, endpoint=endpoint, **aws_connect_kwargs) - caller_id = sts_client.get_caller_identity() + sts_client = module.client('sts', retry_decorator=AWSRetry.jittered_backoff()) + caller_id = sts_client.get_caller_identity(aws_retry=True) account_id = caller_id.get('Account') partition = caller_id.get('Arn').split(':')[1] - except ClientError: + except (BotoCoreError, ClientError): try: - iam_client = boto3_conn(module, conn_type='client', resource='iam', - region=region, endpoint=endpoint, **aws_connect_kwargs) - arn, partition, service, reg, account_id, resource = iam_client.get_user()['User']['Arn'].split(':') - except ClientError as e: - if (e.response['Error']['Code'] == 'AccessDenied'): + iam_client = module.client('iam', retry_decorator=AWSRetry.jittered_backoff()) + arn, partition, service, reg, account_id, resource = iam_client.get_user(aws_retry=True)['User']['Arn'].split(':') + except is_boto3_error_code('AccessDenied') as e: + try: except_msg = to_native(e.message) - m = except_msg.search(r"arn:(aws(-([a-z\-]+))?):iam::([0-9]{12,32}):\w+/") - account_id = m.group(4) - partition = m.group(1) - if account_id is None: + except AttributeError: + except_msg = to_native(e) + m = re.search(r"arn:(aws(-([a-z\-]+))?):iam::([0-9]{12,32}):\w+/", except_msg) + if m is None: module.fail_json_aws(e, msg="getting account information") - if partition is None: - module.fail_json_aws(e, msg="getting account information: partition") - except Exception as e: + account_id = m.group(4) + partition = m.group(1) + except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="getting account information") return account_id, partition @@ -266,15 +267,10 @@ def get_account_info(module, region=None, endpoint=None, **aws_connect_kwargs): def get_current_function(connection, function_name, qualifier=None): try: if qualifier is not None: - return connection.get_function(FunctionName=function_name, Qualifier=qualifier) - return connection.get_function(FunctionName=function_name) - except ClientError as e: - try: - if e.response['Error']['Code'] == 'ResourceNotFoundException': - return None - except (KeyError, AttributeError): - pass - raise e + return connection.get_function(FunctionName=function_name, Qualifier=qualifier, aws_retry=True) + return connection.get_function(FunctionName=function_name, aws_retry=True) + except is_boto3_error_code('ResourceNotFoundException'): + return None def sha256sum(filename): @@ -290,17 +286,14 @@ def sha256sum(filename): def set_tag(client, module, tags, function): - if not hasattr(client, "list_tags"): - module.fail_json(msg="Using tags requires botocore 1.5.40 or above") changed = False arn = function['Configuration']['FunctionArn'] try: - current_tags = client.list_tags(Resource=arn).get('Tags', {}) - except ClientError as e: - module.fail_json(msg="Unable to list tags: {0}".format(to_native(e)), - exception=traceback.format_exc()) + current_tags = client.list_tags(Resource=arn, aws_retry=True).get('Tags', {}) + except (BotoCoreError, ClientError) as e: + module.fail_json_aws(e, msg="Unable to list tags") tags_to_add, tags_to_remove = compare_aws_tags(current_tags, tags, purge_tags=True) @@ -308,24 +301,21 @@ def set_tag(client, module, tags, function): if tags_to_remove: client.untag_resource( Resource=arn, - TagKeys=tags_to_remove + TagKeys=tags_to_remove, + aws_retry=True ) changed = True if tags_to_add: client.tag_resource( Resource=arn, - Tags=tags_to_add + Tags=tags_to_add, + aws_retry=True ) changed = True - except ClientError as e: - module.fail_json(msg="Unable to tag resource {0}: {1}".format(arn, - to_native(e)), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except BotoCoreError as e: - module.fail_json(msg="Unable to tag resource {0}: {1}".format(arn, - to_native(e)), exception=traceback.format_exc()) + except (BotoCoreError, ClientError) as e: + module.fail_json_aws(e, msg="Unable to tag resource {0}".format(arn)) return changed @@ -389,22 +379,21 @@ def main(): check_mode = module.check_mode changed = False - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg='region must be specified') - try: - client = boto3_conn(module, conn_type='client', resource='lambda', - region=region, endpoint=ec2_url, **aws_connect_kwargs) - except (ClientError, ValidationError) as e: + client = module.client('lambda', retry_decorator=AWSRetry.jittered_backoff()) + except (ClientError, BotoCoreError) as e: module.fail_json_aws(e, msg="Trying to connect to AWS") + if tags is not None: + if not hasattr(client, "list_tags"): + module.fail_json(msg="Using tags requires botocore 1.5.40 or above") + if state == 'present': if re.match(r'^arn:aws(-([a-z\-]+))?:iam', role): role_arn = role else: # get account ID and assemble ARN - account_id, partition = get_account_info(module, region=region, endpoint=ec2_url, **aws_connect_kwargs) + account_id, partition = get_account_info(module) role_arn = 'arn:{0}:iam::{1}:role/{2}'.format(partition, account_id, role) # Get function configuration if present, False otherwise @@ -447,9 +436,7 @@ def main(): func_kwargs.update({'TracingConfig': {'Mode': tracing_mode}}) # If VPC configuration is desired - if vpc_subnet_ids or vpc_security_group_ids: - if not vpc_subnet_ids or not vpc_security_group_ids: - module.fail_json(msg='vpc connectivity requires at least one security group and one subnet') + if vpc_subnet_ids: if 'VpcConfig' in current_config: # Compare VPC config with current config @@ -472,10 +459,10 @@ def main(): if len(func_kwargs) > 1: try: if not check_mode: - response = client.update_function_configuration(**func_kwargs) + response = client.update_function_configuration(aws_retry=True, **func_kwargs) current_version = response['Version'] changed = True - except (ParamValidationError, ClientError) as e: + except (BotoCoreError, ClientError) as e: module.fail_json_aws(e, msg="Trying to update lambda configuration") # Update code configuration @@ -513,10 +500,10 @@ def main(): if len(code_kwargs) > 2: try: if not check_mode: - response = client.update_function_code(**code_kwargs) + response = client.update_function_code(aws_retry=True, **code_kwargs) current_version = response['Version'] changed = True - except (ParamValidationError, ClientError) as e: + except (BotoCoreError, ClientError) as e: module.fail_json_aws(e, msg="Trying to upload new code") # Describe function code and configuration @@ -573,10 +560,7 @@ def main(): func_kwargs.update({'TracingConfig': {'Mode': tracing_mode}}) # If VPC configuration is given - if vpc_subnet_ids or vpc_security_group_ids: - if not vpc_subnet_ids or not vpc_security_group_ids: - module.fail_json(msg='vpc connectivity requires at least one security group and one subnet') - + if vpc_subnet_ids: func_kwargs.update({'VpcConfig': {'SubnetIds': vpc_subnet_ids, 'SecurityGroupIds': vpc_security_group_ids}}) @@ -584,10 +568,10 @@ def main(): current_version = None try: if not check_mode: - response = client.create_function(**func_kwargs) + response = client.create_function(aws_retry=True, **func_kwargs) current_version = response['Version'] changed = True - except (ParamValidationError, ClientError) as e: + except (BotoCoreError, ClientError) as e: module.fail_json_aws(e, msg="Trying to create function") # Tag Function @@ -604,9 +588,9 @@ def main(): if state == 'absent' and current_function: try: if not check_mode: - client.delete_function(FunctionName=name) + client.delete_function(FunctionName=name, aws_retry=True) changed = True - except (ParamValidationError, ClientError) as e: + except (BotoCoreError, ClientError) as e: module.fail_json_aws(e, msg="Trying to delete Lambda function") module.exit_json(changed=changed) diff --git a/tests/integration/targets/aws_lambda/aliases b/tests/integration/targets/lambda/aliases similarity index 89% rename from tests/integration/targets/aws_lambda/aliases rename to tests/integration/targets/lambda/aliases index 50eca4286dd..c11244e5865 100644 --- a/tests/integration/targets/aws_lambda/aliases +++ b/tests/integration/targets/lambda/aliases @@ -1,5 +1,4 @@ cloud/aws shippable/aws/group2 execute_lambda -lambda lambda_info diff --git a/tests/integration/targets/aws_lambda/defaults/main.yml b/tests/integration/targets/lambda/defaults/main.yml similarity index 100% rename from tests/integration/targets/aws_lambda/defaults/main.yml rename to tests/integration/targets/lambda/defaults/main.yml diff --git a/tests/integration/targets/aws_lambda/files/mini_lambda.py b/tests/integration/targets/lambda/files/mini_lambda.py similarity index 100% rename from tests/integration/targets/aws_lambda/files/mini_lambda.py rename to tests/integration/targets/lambda/files/mini_lambda.py diff --git a/tests/integration/targets/aws_lambda/meta/main.yml b/tests/integration/targets/lambda/meta/main.yml similarity index 100% rename from tests/integration/targets/aws_lambda/meta/main.yml rename to tests/integration/targets/lambda/meta/main.yml diff --git a/tests/integration/targets/aws_lambda/tasks/main.yml b/tests/integration/targets/lambda/tasks/main.yml similarity index 93% rename from tests/integration/targets/aws_lambda/tasks/main.yml rename to tests/integration/targets/lambda/tasks/main.yml index e56215dae18..403cdd411f6 100644 --- a/tests/integration/targets/aws_lambda/tasks/main.yml +++ b/tests/integration/targets/lambda/tasks/main.yml @@ -9,7 +9,7 @@ - community.general block: - name: test with no parameters - lambda: null + lambda: register: result ignore_errors: true - name: assert failure when called with no parameters @@ -44,37 +44,14 @@ runtime: python2.7 handler: no-handler role: arn:fake-role-doesnt-exist - region: null - register: result - ignore_errors: true - - name: assert failure when called with only 'name' - assert: - that: - - result.failed - - result.msg == "region must be specified" - - name: test with all module required variables, no region and all possible variables set to blank - lambda: - name: ansible-testing-fake-should-not-be-created - state: present - runtime: python2.7 - role: arn:fake-role-doesnt-exist - handler: null - s3_bucket: null - s3_key: null - s3_object_version: null - description: null - vpc_subnet_ids: null - vpc_security_group_ids: null - environment_variables: null - dead_letter_arn: null - region: null + region: '{{ omit }}' register: result ignore_errors: true - name: assert failure when called with only 'name' assert: that: - result.failed - - result.msg == "region must be specified" + - '"requires a region and none was found" in result.msg' - name: move lambda into place for archive module copy: src: mini_lambda.py @@ -233,12 +210,12 @@ runtime: python2.7 role: ansible_lambda_role zip_file: '{{zip_res.dest}}' - handler: null - description: null - vpc_subnet_ids: null + handler: '{{ omit }}' + description: '{{ omit }}' + vpc_subnet_ids: '{{ omit }}' vpc_security_group_ids: sg-FA6E - environment_variables: null - dead_letter_arn: null + environment_variables: '{{ omit }}' + dead_letter_arn: '{{ omit }}' register: result ignore_errors: true - name: assert lambda fails with proper message @@ -247,7 +224,7 @@ - result is failed - result.msg != "MODULE FAILURE" - result.changed == False - - '"requires at least one security group and one subnet" in result.msg' + - '"parameters are required together" in result.msg' - name: test state=present with all nullable variables explicitly set to null lambda: name: '{{lambda_function_name}}' From 39b140ae593d68fdb206b7bc35b71bd24abf7633 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 30 Jul 2020 19:04:44 +0200 Subject: [PATCH 052/129] Add check_mode support and integration tests for aws_region_info (#139) * Add integration tests for aws_region_info * Add support for check_mode * aws_region_info: clarify "-" vs "_" precedence and make the implementation deterministic --- plugins/modules/aws_region_info.py | 18 ++- .../targets/aws_region_info/aliases | 2 + .../targets/aws_region_info/main.yml | 5 + .../targets/aws_region_info/meta/main.yml | 2 + .../targets/aws_region_info/tasks/main.yml | 107 ++++++++++++++++++ 5 files changed, 128 insertions(+), 6 deletions(-) create mode 100644 tests/integration/targets/aws_region_info/aliases create mode 100644 tests/integration/targets/aws_region_info/main.yml create mode 100644 tests/integration/targets/aws_region_info/meta/main.yml create mode 100644 tests/integration/targets/aws_region_info/tasks/main.yml diff --git a/plugins/modules/aws_region_info.py b/plugins/modules/aws_region_info.py index 09a548b54a7..d0b74e3f112 100644 --- a/plugins/modules/aws_region_info.py +++ b/plugins/modules/aws_region_info.py @@ -17,10 +17,12 @@ options: filters: description: - - A dict of filters to apply. Each dict item consists of a filter key and a filter value. See - U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) for - possible filters. Filter names and values are case sensitive. You can also use underscores - instead of dashes (-) in the filter keys, which will take precedence in case of conflict. + - A dict of filters to apply. + - Each dict item consists of a filter key and a filter value. + - See U(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) for possible filters. + - Filter names and values are case sensitive. + - You can use underscores instead of dashes (-) in the filter keys. + - Filter keys with underscores will take precedence in case of conflict. default: {} type: dict extends_documentation_fragment: @@ -69,14 +71,18 @@ def main(): filters=dict(default={}, type='dict') ) - module = AnsibleAWSModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'aws_region_facts': module.deprecate("The 'aws_region_facts' module has been renamed to 'aws_region_info'", date='2021-12-01', collection_name='community.aws') connection = module.client('ec2', retry_decorator=AWSRetry.jittered_backoff()) # Replace filter key underscores with dashes, for compatibility - sanitized_filters = dict((k.replace('_', '-'), v) for k, v in module.params.get('filters').items()) + sanitized_filters = dict(module.params.get('filters')) + for k in module.params.get('filters').keys(): + if "_" in k: + sanitized_filters[k.replace('_', '-')] = sanitized_filters[k] + del sanitized_filters[k] try: regions = connection.describe_regions( diff --git a/tests/integration/targets/aws_region_info/aliases b/tests/integration/targets/aws_region_info/aliases new file mode 100644 index 00000000000..72a9fb4f570 --- /dev/null +++ b/tests/integration/targets/aws_region_info/aliases @@ -0,0 +1,2 @@ +cloud/aws +shippable/aws/group4 diff --git a/tests/integration/targets/aws_region_info/main.yml b/tests/integration/targets/aws_region_info/main.yml new file mode 100644 index 00000000000..abffda9161e --- /dev/null +++ b/tests/integration/targets/aws_region_info/main.yml @@ -0,0 +1,5 @@ +- hosts: localhost + connection: local + environment: "{{ ansible_test.environment }}" + tasks: + - include_tasks: 'tasks/tests.yml' diff --git a/tests/integration/targets/aws_region_info/meta/main.yml b/tests/integration/targets/aws_region_info/meta/main.yml new file mode 100644 index 00000000000..1810d4bec98 --- /dev/null +++ b/tests/integration/targets/aws_region_info/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - setup_remote_tmp_dir diff --git a/tests/integration/targets/aws_region_info/tasks/main.yml b/tests/integration/targets/aws_region_info/tasks/main.yml new file mode 100644 index 00000000000..3edbbaded2a --- /dev/null +++ b/tests/integration/targets/aws_region_info/tasks/main.yml @@ -0,0 +1,107 @@ +--- +- module_defaults: + group/aws: + aws_access_key: '{{ aws_access_key | default(omit) }}' + aws_secret_key: '{{ aws_secret_key | default(omit) }}' + security_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region | default(omit) }}' + + block: + - name: 'List available Regions' + aws_region_info: + register: regions + + - name: check task return attributes + vars: + first_region: '{{ regions.regions[0] }}' + assert: + that: + - regions is successful + - regions is not changed + - '"regions" in regions' + - '"endpoint" in first_region' + - '"opt_in_status" in first_region' + - '"region_name" in first_region' + + - name: 'List available Regions - check_mode' + aws_region_info: + register: check_regions + + - name: check task return attributes - check_mode + vars: + first_region: '{{ check_regions.regions[0] }}' + assert: + that: + - check_regions is successful + - check_regions is not changed + - '"regions" in check_regions' + - '"endpoint" in first_region' + - '"opt_in_status" in first_region' + - '"region_name" in first_region' + + - name: 'Filter available Regions using - ("region-name")' + aws_region_info: + filters: + region-name: 'us-west-1' + register: us_west_1 + + - name: check task return attributes - filtering using - + vars: + first_region: '{{ us_west_1.regions[0] }}' + assert: + that: + - us_west_1 is successful + - us_west_1 is not changed + - '"regions" in us_west_1' + - us_west_1.regions | length == 1 + - '"endpoint" in first_region' + - first_region.endpoint == 'ec2.us-west-1.amazonaws.com' + - '"opt_in_status" in first_region' + - first_region.opt_in_status == 'opt-in-not-required' + - '"region_name" in first_region' + - first_region.region_name == 'us-west-1' + + - name: 'Filter available Regions using _ ("region_name")' + aws_region_info: + filters: + region_name: 'us-west-2' + register: us_west_2 + + - name: check task return attributes - filtering using _ + vars: + first_region: '{{ us_west_2.regions[0] }}' + assert: + that: + - us_west_2 is successful + - us_west_2 is not changed + - '"regions" in us_west_2' + - us_west_2.regions | length == 1 + - '"endpoint" in first_region' + - first_region.endpoint == 'ec2.us-west-2.amazonaws.com' + - '"opt_in_status" in first_region' + - first_region.opt_in_status == 'opt-in-not-required' + - '"region_name" in first_region' + - first_region.region_name == 'us-west-2' + + - name: 'Filter available Regions using _ and - to check precedence' + aws_region_info: + filters: + region-name: 'eu-west-1' + region_name: 'eu-central-1' + register: regions_prededence + + - name: check task return attributes - precedence + vars: + first_region: '{{ regions_prededence.regions[0] }}' + assert: + that: + - regions_prededence is successful + - regions_prededence is not changed + - '"regions" in regions_prededence' + - regions_prededence.regions | length == 1 + - '"endpoint" in first_region' + - first_region.endpoint == 'ec2.eu-central-1.amazonaws.com' + - '"opt_in_status" in first_region' + - first_region.opt_in_status == 'opt-in-not-required' + - '"region_name" in first_region' + - first_region.region_name == 'eu-central-1' From f509f74e62901bcf033808992d812d7eeb8f0e00 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 30 Jul 2020 11:39:49 -0700 Subject: [PATCH 053/129] Disable smoketests (#76) * Disable smoketests and use codecov pip package Smoketests are not needed in collections, and none exist in this collection anyway. https://github.com/ansible-collections/overview/issues/45#issuecomment-630466482 * Not so fast on using codecov-python, not working at all in amazon.aws. Stick with what works. --- tests/utils/shippable/aws.sh | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/tests/utils/shippable/aws.sh b/tests/utils/shippable/aws.sh index da037e09e1c..d76c32282d0 100755 --- a/tests/utils/shippable/aws.sh +++ b/tests/utils/shippable/aws.sh @@ -13,22 +13,7 @@ target="shippable/${cloud}/group${group}/" stage="${S:-prod}" -changed_all_target="shippable/${cloud}/smoketest/" - -if ! ansible-test integration "${changed_all_target}" --list-targets > /dev/null 2>&1; then - # no smoketest tests are available for this cloud - changed_all_target="none" -fi - -if [ "${group}" == "1" ]; then - # only run smoketest tests for group1 - changed_all_mode="include" -else - # smoketest tests already covered by group1 - changed_all_mode="exclude" -fi - # shellcheck disable=SC2086 ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \ --remote-terminate always --remote-stage "${stage}" \ - --docker --python "${python}" --changed-all-target "${changed_all_target}" --changed-all-mode "${changed_all_mode}" + --docker --python "${python}" From b34d2b225cc1797c2eaab451ddafa681d14128d2 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Fri, 31 Jul 2020 10:49:54 -0700 Subject: [PATCH 054/129] Update Lambda unit tests (#170) * Update Lambda unit tests Units did not run on #5, so it was missed that the tests needed to also be refactored. Update test_lambda.py for AnsibleAWSModule connection types, improve style, and add a deletion test. --- tests/unit/modules/test_lambda.py | 293 +++++++++++------------------- 1 file changed, 103 insertions(+), 190 deletions(-) diff --git a/tests/unit/modules/test_lambda.py b/tests/unit/modules/test_lambda.py index 7b668e3e6bd..95db5a55ec4 100644 --- a/tests/unit/modules/test_lambda.py +++ b/tests/unit/modules/test_lambda.py @@ -13,8 +13,7 @@ from ansible_collections.community.aws.tests.unit.compat.mock import MagicMock, Mock, patch from ansible.module_utils import basic -from ansible_collections.community.aws.tests.unit.modules.utils import set_module_args - +from ansible_collections.community.aws.tests.unit.modules.utils import AnsibleExitJson, AnsibleFailJson, ModuleTestCase, set_module_args boto3 = pytest.importorskip("boto3") @@ -32,6 +31,7 @@ 'MemorySize': 128, 'Runtime': 'python2.7', 'CodeSha256': 'AqMZ+xptM7aC9VXu+5jyp1sqO+Nj4WFMNzQxtPMP2n8=', + 'Version': 1, } one_change_lambda_config = copy.copy(base_lambda_config) @@ -40,6 +40,7 @@ two_change_lambda_config['Role'] = 'arn:aws:iam::987654321012:role/lambda_advanced_execution' code_change_lambda_config = copy.copy(base_lambda_config) code_change_lambda_config['CodeSha256'] = 'P+Zy8U4T4RiiHWElhL10VBKj9jw4rSJ5bm/TiW+4Rts=' +code_change_lambda_config['Version'] = 2 base_module_args = { "region": "us-west-1", @@ -52,222 +53,134 @@ "timeout": 3, "handler": 'lambda_python.my_handler' } +one_change_module_args = copy.copy(base_module_args) +one_change_module_args['timeout'] = 4 +two_change_module_args = copy.copy(one_change_module_args) +two_change_module_args['role'] = 'arn:aws:iam::987654321012:role/lambda_advanced_execution' module_args_with_environment = dict(base_module_args, environment_variables={ "variable_name": "variable_value" }) +delete_module_args = { + "region": "us-west-1", + "name": "lambda_name", + "state": "absent", +} -def make_mock_no_connection_connection(config): - """return a mock of ansible's boto3_conn ready to return a mock AWS API client""" - lambda_client_double = MagicMock() - lambda_client_double.get_function.configure_mock( - return_value=False - ) - lambda_client_double.update_function_configuration.configure_mock( - return_value={ - 'Version': 1 - } - ) - fake_boto3_conn = Mock(return_value=lambda_client_double) - return (fake_boto3_conn, lambda_client_double) +@patch('ansible_collections.amazon.aws.plugins.module_utils.core.HAS_BOTO3', new=True) +@patch.object(lda.AnsibleAWSModule, 'client') +class TestLambdaModule(ModuleTestCase): + # TODO: def test_handle_different_types_in_config_params(): -def make_mock_connection(config): - """return a mock of ansible's boto3_conn ready to return a mock AWS API client""" - lambda_client_double = MagicMock() - lambda_client_double.get_function.configure_mock( - return_value={ - 'Configuration': config - } - ) - lambda_client_double.update_function_configuration.configure_mock( - return_value={ - 'Version': 1 - } - ) - fake_boto3_conn = Mock(return_value=lambda_client_double) - return (fake_boto3_conn, lambda_client_double) + def test_create_lambda_if_not_exist(self, client_mock): + client_mock.return_value.create_function.return_value = base_lambda_config + get_function_after_create = {'FunctionName': 'lambda_name', 'Version': '1', 'aws_retry': True} + client_mock.return_value.get_function.side_effect = [None, get_function_after_create] + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(base_module_args) + lda.main() -class AnsibleFailJson(Exception): - pass + self.assertEqual(exec_info.exception.args[0]['changed'], True) + client_mock.return_value.get_function.assert_called() + client_mock.return_value.update_function_configuration.assert_not_called() + client_mock.return_value.create_function.assert_called() -def fail_json_double(*args, **kwargs): - """works like fail_json but returns module results inside exception instead of stdout""" - kwargs['failed'] = True - raise AnsibleFailJson(kwargs) + (create_args, create_kwargs) = client_mock.return_value.create_function.call_args + client_mock.return_value.create_function.assert_called_once_with(**create_kwargs) + @patch.object(lda, 'sha256sum') + def test_update_lambda_if_code_changed(self, mock_sha256sum, client_mock): + client_mock.return_value.get_function.side_effect = [{'Configuration': base_lambda_config}, code_change_lambda_config] + mock_sha256sum.return_value = code_change_lambda_config['CodeSha256'] -# TODO: def test_handle_different_types_in_config_params(): + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(base_module_args) + lda.main() + self.assertEqual(exec_info.exception.args[0]['changed'], True) + client_mock.return_value.get_function.assert_called() + client_mock.return_value.update_function_code.assert_called() + client_mock.return_value.create_function.assert_not_called() -def test_create_lambda_if_not_exist(): + (update_args, update_kwargs) = client_mock.return_value.update_function_code.call_args + client_mock.return_value.update_function_code.assert_called_once_with(**update_kwargs) - set_module_args(base_module_args) - (boto3_conn_double, lambda_client_double) = make_mock_no_connection_connection(code_change_lambda_config) + def test_update_lambda_if_config_changed(self, client_mock): + client_mock.return_value.get_function.side_effect = [{'Configuration': base_lambda_config}, two_change_lambda_config] - with patch.object(lda, 'boto3_conn', boto3_conn_double): - try: - lda.main() - except SystemExit: - pass - - # guard against calling other than for a lambda connection (e.g. IAM) - assert(len(boto3_conn_double.mock_calls) > 0), "boto connections never used" - assert(len(boto3_conn_double.mock_calls) < 2), "multiple boto connections used unexpectedly" - assert(len(lambda_client_double.update_function_configuration.mock_calls) == 0), \ - "unexpectedly updated lambda configuration when should have only created" - assert(len(lambda_client_double.update_function_code.mock_calls) == 0), \ - "update lambda function code when function should have been created only" - assert(len(lambda_client_double.create_function.mock_calls) > 0), \ - "failed to call create_function " - (create_args, create_kwargs) = lambda_client_double.create_function.call_args - assert (len(create_kwargs) > 0), "expected create called with keyword args, none found" - - try: - # For now I assume that we should NOT send an empty environment. It might - # be okay / better to explicitly send an empty environment. However `None' - # is not acceptable - mikedlr - create_kwargs["Environment"] - raise(Exception("Environment sent to boto when none expected")) - except KeyError: - pass # We are happy, no environment is fine - - -def test_update_lambda_if_code_changed(): - - set_module_args(base_module_args) - (boto3_conn_double, lambda_client_double) = make_mock_connection(code_change_lambda_config) - - with patch.object(lda, 'boto3_conn', boto3_conn_double): - try: + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(two_change_module_args) lda.main() - except SystemExit: - pass - - # guard against calling other than for a lambda connection (e.g. IAM) - assert(len(boto3_conn_double.mock_calls) > 0), "boto connections never used" - assert(len(boto3_conn_double.mock_calls) < 2), "multiple boto connections used unexpectedly" - assert(len(lambda_client_double.update_function_configuration.mock_calls) == 0), \ - "unexpectedly updatede lambda configuration when only code changed" - assert(len(lambda_client_double.update_function_configuration.mock_calls) < 2), \ - "lambda function update called multiple times when only one time should be needed" - assert(len(lambda_client_double.update_function_code.mock_calls) > 1), \ - "failed to update lambda function when code changed" - # 3 because after uploading we call into the return from mock to try to find what function version - # was returned so the MagicMock actually sees two calls for one update. - assert(len(lambda_client_double.update_function_code.mock_calls) < 3), \ - "lambda function code update called multiple times when only one time should be needed" - - -def test_update_lambda_if_config_changed(): - - set_module_args(base_module_args) - (boto3_conn_double, lambda_client_double) = make_mock_connection(two_change_lambda_config) - - with patch.object(lda, 'boto3_conn', boto3_conn_double): - try: - lda.main() - except SystemExit: - pass - # guard against calling other than for a lambda connection (e.g. IAM) - assert(len(boto3_conn_double.mock_calls) > 0), "boto connections never used" - assert(len(boto3_conn_double.mock_calls) < 2), "multiple boto connections used unexpectedly" - assert(len(lambda_client_double.update_function_configuration.mock_calls) > 0), \ - "failed to update lambda function when configuration changed" - assert(len(lambda_client_double.update_function_configuration.mock_calls) < 2), \ - "lambda function update called multiple times when only one time should be needed" - assert(len(lambda_client_double.update_function_code.mock_calls) == 0), \ - "updated lambda code when no change should have happened" + self.assertEqual(exec_info.exception.args[0]['changed'], True) + client_mock.return_value.get_function.assert_called() + client_mock.return_value.update_function_configuration.assert_called() + client_mock.return_value.create_function.assert_not_called() + + (update_args, update_kwargs) = client_mock.return_value.update_function_configuration.call_args + client_mock.return_value.update_function_configuration.assert_called_once_with(**update_kwargs) + def test_update_lambda_if_only_one_config_item_changed(self, client_mock): + client_mock.return_value.get_function.side_effect = [{'Configuration': base_lambda_config}, one_change_lambda_config] -def test_update_lambda_if_only_one_config_item_changed(): + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(one_change_module_args) + lda.main() + + self.assertEqual(exec_info.exception.args[0]['changed'], True) + client_mock.return_value.get_function.assert_called() + client_mock.return_value.update_function_configuration.assert_called() + client_mock.return_value.create_function.assert_not_called() + + (update_args, update_kwargs) = client_mock.return_value.update_function_configuration.call_args + client_mock.return_value.update_function_configuration.assert_called_once_with(**update_kwargs) - set_module_args(base_module_args) - (boto3_conn_double, lambda_client_double) = make_mock_connection(one_change_lambda_config) + def test_update_lambda_if_added_environment_variable(self, client_mock): + client_mock.return_value.get_function.side_effect = [{'Configuration': base_lambda_config}, base_lambda_config] - with patch.object(lda, 'boto3_conn', boto3_conn_double): - try: + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(module_args_with_environment) lda.main() - except SystemExit: - pass - # guard against calling other than for a lambda connection (e.g. IAM) - assert(len(boto3_conn_double.mock_calls) > 0), "boto connections never used" - assert(len(boto3_conn_double.mock_calls) < 2), "multiple boto connections used unexpectedly" - assert(len(lambda_client_double.update_function_configuration.mock_calls) > 0), \ - "failed to update lambda function when configuration changed" - assert(len(lambda_client_double.update_function_configuration.mock_calls) < 2), \ - "lambda function update called multiple times when only one time should be needed" - assert(len(lambda_client_double.update_function_code.mock_calls) == 0), \ - "updated lambda code when no change should have happened" + self.assertEqual(exec_info.exception.args[0]['changed'], True) + client_mock.return_value.get_function.assert_called() + client_mock.return_value.update_function_configuration.assert_called() + client_mock.return_value.create_function.assert_not_called() + (update_args, update_kwargs) = client_mock.return_value.update_function_configuration.call_args + client_mock.return_value.update_function_configuration.assert_called_once_with(**update_kwargs) -def test_update_lambda_if_added_environment_variable(): + self.assertEqual(update_kwargs['Environment']['Variables'], module_args_with_environment['environment_variables']) - set_module_args(module_args_with_environment) - (boto3_conn_double, lambda_client_double) = make_mock_connection(base_lambda_config) + def test_dont_update_lambda_if_nothing_changed(self, client_mock): + client_mock.return_value.get_function.side_effect = [{'Configuration': base_lambda_config}, base_lambda_config] - with patch.object(lda, 'boto3_conn', boto3_conn_double): - try: + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(base_module_args) lda.main() - except SystemExit: - pass - - # guard against calling other than for a lambda connection (e.g. IAM) - assert(len(boto3_conn_double.mock_calls) > 0), "boto connections never used" - assert(len(boto3_conn_double.mock_calls) < 2), "multiple boto connections used unexpectedly" - assert(len(lambda_client_double.update_function_configuration.mock_calls) > 0), \ - "failed to update lambda function when configuration changed" - assert(len(lambda_client_double.update_function_configuration.mock_calls) < 2), \ - "lambda function update called multiple times when only one time should be needed" - assert(len(lambda_client_double.update_function_code.mock_calls) == 0), \ - "updated lambda code when no change should have happened" - - (update_args, update_kwargs) = lambda_client_double.update_function_configuration.call_args - assert (len(update_kwargs) > 0), "expected update configuration called with keyword args, none found" - assert update_kwargs['Environment']['Variables'] == module_args_with_environment['environment_variables'] - - -def test_dont_update_lambda_if_nothing_changed(): - set_module_args(base_module_args) - (boto3_conn_double, lambda_client_double) = make_mock_connection(base_lambda_config) - - with patch.object(lda, 'boto3_conn', boto3_conn_double): - try: + + self.assertEqual(exec_info.exception.args[0]['changed'], False) + client_mock.return_value.get_function.assert_called() + client_mock.return_value.update_function_configuration.assert_not_called() + client_mock.return_value.create_function.assert_not_called() + + def test_delete_lambda_that_exists(self, client_mock): + client_mock.return_value.create_function.return_value = base_lambda_config + client_mock.return_value.get_function.side_effect = [base_lambda_config, None] + + with self.assertRaises(AnsibleExitJson) as exec_info: + set_module_args(delete_module_args) lda.main() - except SystemExit: - pass - - # guard against calling other than for a lambda connection (e.g. IAM) - assert(len(boto3_conn_double.mock_calls) > 0), "boto connections never used" - assert(len(boto3_conn_double.mock_calls) < 2), "multiple boto connections used unexpectedly" - assert(len(lambda_client_double.update_function_configuration.mock_calls) == 0), \ - "updated lambda function when no configuration changed" - assert(len(lambda_client_double.update_function_code.mock_calls) == 0), \ - "updated lambda code when no change should have happened" - - -def test_warn_region_not_specified(): - - set_module_args({ - "name": "lambda_name", - "state": "present", - # Module is called without a region causing error - # "region": "us-east-1", - "zip_file": "test/units/modules/fixturesthezip.zip", - "runtime": 'python2.7', - "role": 'arn:aws:iam::987654321012:role/lambda_basic_execution', - "handler": 'lambda_python.my_handler'}) - - get_aws_connection_info_double = Mock(return_value=(None, None, None)) - - with patch.object(lda, 'get_aws_connection_info', get_aws_connection_info_double): - with patch.object(basic.AnsibleModule, 'fail_json', fail_json_double): - try: - lda.main() - except AnsibleFailJson as e: - result = e.args[0] - assert("region must be specified" in result['msg']) + + self.assertEqual(exec_info.exception.args[0]['changed'], True) + client_mock.return_value.get_function.assert_called() + + client_mock.return_value.delete_function.assert_called() + client_mock.return_value.update_function_configuration.assert_not_called() + client_mock.return_value.create_function.assert_not_called() + + (delete_args, delete_kwargs) = client_mock.return_value.delete_function.call_args + client_mock.return_value.delete_function.assert_called_once_with(**delete_kwargs) From 0bad2c05e8fe9f88c59413bff5f4cc73f0dc0dad Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 31 Jul 2020 21:18:04 +0200 Subject: [PATCH 055/129] Follow up on #167 - (permission preservation when copying lambdas) (#168) lambda_policy should now be stable apply same change to s3_bucket_notification --- tests/integration/targets/lambda/tasks/main.yml | 10 +++++----- tests/integration/targets/lambda_policy/aliases | 2 -- tests/integration/targets/lambda_policy/tasks/main.yml | 6 +++--- .../targets/s3_bucket_notification/tasks/main.yml | 7 ++++--- 4 files changed, 12 insertions(+), 13 deletions(-) diff --git a/tests/integration/targets/lambda/tasks/main.yml b/tests/integration/targets/lambda/tasks/main.yml index 403cdd411f6..4670a8b2544 100644 --- a/tests/integration/targets/lambda/tasks/main.yml +++ b/tests/integration/targets/lambda/tasks/main.yml @@ -55,21 +55,21 @@ - name: move lambda into place for archive module copy: src: mini_lambda.py - dest: '{{output_dir}}/mini_lambda.py' + dest: '{{ output_dir }}/mini_lambda.py' mode: preserve - name: bundle lambda into a zip register: zip_res archive: format: zip - path: '{{output_dir}}/mini_lambda.py' - dest: '{{output_dir}}/mini_lambda.zip' + path: '{{ output_dir }}/mini_lambda.py' + dest: '{{ output_dir }}/mini_lambda.zip' - name: test state=present - upload the lambda lambda: - name: '{{lambda_function_name}}' + name: '{{ lambda_function_name }}' runtime: python2.7 handler: mini_lambda.handler role: ansible_lambda_role - zip_file: '{{zip_res.dest}}' + zip_file: '{{ zip_res.dest }}' register: result - name: assert lambda upload succeeded assert: diff --git a/tests/integration/targets/lambda_policy/aliases b/tests/integration/targets/lambda_policy/aliases index 157b4347079..a112c3d1bb2 100644 --- a/tests/integration/targets/lambda_policy/aliases +++ b/tests/integration/targets/lambda_policy/aliases @@ -1,4 +1,2 @@ cloud/aws shippable/aws/group1 -# https://github.com/ansible-collections/community.aws/issues/155 -unstable diff --git a/tests/integration/targets/lambda_policy/tasks/main.yml b/tests/integration/targets/lambda_policy/tasks/main.yml index 5c1d210e74d..4714a8b2853 100644 --- a/tests/integration/targets/lambda_policy/tasks/main.yml +++ b/tests/integration/targets/lambda_policy/tasks/main.yml @@ -58,14 +58,14 @@ - name: move lambda into place for archive module copy: src: mini_http_lambda.py - dest: '{{output_dir}}/mini_http_lambda.py' + dest: '{{ output_dir }}/mini_http_lambda.py' mode: preserve - name: bundle lambda into a zip register: zip_res archive: format: zip - path: '{{output_dir}}/mini_http_lambda.py' - dest: '{{output_dir}}/mini_http_lambda.zip' + path: '{{ output_dir }}/mini_http_lambda.py' + dest: '{{ output_dir }}/mini_http_lambda.zip' - name: create minimal lambda role iam_role: aws_region: '{{ aws_region }}' diff --git a/tests/integration/targets/s3_bucket_notification/tasks/main.yml b/tests/integration/targets/s3_bucket_notification/tasks/main.yml index ced66e31d41..ea6cf8acb20 100644 --- a/tests/integration/targets/s3_bucket_notification/tasks/main.yml +++ b/tests/integration/targets/s3_bucket_notification/tasks/main.yml @@ -14,13 +14,14 @@ - name: move lambda into place for archive module copy: src: mini_lambda.py - dest: '{{output_dir}}/mini_lambda.py' + dest: '{{ output_dir }}/mini_lambda.py' + mode: preserve - name: bundle lambda into a zip register: function_res archive: format: zip - path: '{{output_dir}}/mini_lambda.py' - dest: '{{output_dir}}/mini_lambda.zip' + path: '{{ output_dir }}/mini_lambda.py' + dest: '{{ output_dir }}/mini_lambda.zip' - name: register bucket s3_bucket: aws_access_key: '{{ aws_access_key }}' From 8d6b6528c67dc4b1749443767ceceb2c0be508bc Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Sat, 1 Aug 2020 14:59:33 +0200 Subject: [PATCH 056/129] ec2_vpc_peer: Remove duplicate 'profile' parameter, it's automatically added by ec2_argument_spec (#171) --- plugins/modules/ec2_vpc_peer.py | 1 - 1 file changed, 1 deletion(-) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 2a08618a73f..99c8139b6a4 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -401,7 +401,6 @@ def main(): peering_id=dict(), peer_owner_id=dict(), tags=dict(required=False, type='dict'), - profile=dict(), state=dict(default='present', choices=['present', 'absent', 'accept', 'reject']) ) ) From 2365fddf37d42ddf47cfaaf41baca737290a4f64 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 5 Aug 2020 11:08:43 +0200 Subject: [PATCH 057/129] iam_managed_policy: fix json in documentation (#178) --- plugins/modules/iam_managed_policy.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 3e5f14a7ddb..3b1adece098 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -79,7 +79,12 @@ - name: Create IAM Managed Policy community.aws.iam_managed_policy: policy_name: "ManagedPolicy" - policy: "{{ lookup('file', 'managed_policy_update.json') }}" + policy: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: "logs:CreateLogGroup" + Resource: "*" make_default: false state: present @@ -87,7 +92,15 @@ - name: Create IAM Managed Policy community.aws.iam_managed_policy: policy_name: "ManagedPolicy" - policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" + policy: | + { + "Version": "2012-10-17", + "Statement":[{ + "Effect": "Allow", + "Action": "logs:PutRetentionPolicy", + "Resource": "*" + }] + } only_version: true state: present From 8869de240910764b2265161c0050aa3ccb9d2f03 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 6 Aug 2020 13:08:02 -0700 Subject: [PATCH 058/129] Fix VpcId dict key in ec2_eip and add tests (#181) * Fix VpcId dict key in ec2_eip and add tests We're not converting camel_to_snake in this module, however ensure_present has been using snake_cased keys for vpc_id. This prevents attaching an EIP to an instance. This appears to have been overlooked in the boto3 migration in ansible/ansible/pull/61575. Also adds tests to cover the `if is_instance` codepath in ensure_present. --- plugins/modules/ec2_eip.py | 2 +- .../targets/ec2_eip/tasks/main.yml | 78 +++++++++++++++++++ 2 files changed, 79 insertions(+), 1 deletion(-) diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index 42909d8ff36..00130bf3f93 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -436,7 +436,7 @@ def ensure_present(ec2, module, domain, address, private_ip_address, device_id, if is_instance: instance = find_device(ec2, module, device_id) if reuse_existing_ip_allowed: - if instance.vpc_id and len(instance.vpc_id) > 0 and domain is None: + if instance['VpcId'] and len(instance['VpcId']) > 0 and domain is None: msg = "You must set 'in_vpc' to true to associate an instance with an existing ip in a vpc" module.fail_json_aws(botocore.exceptions.ClientError, msg=msg) diff --git a/tests/integration/targets/ec2_eip/tasks/main.yml b/tests/integration/targets/ec2_eip/tasks/main.yml index d1ba9e36316..d296d0197bc 100644 --- a/tests/integration/targets/ec2_eip/tasks/main.yml +++ b/tests/integration/targets/ec2_eip/tasks/main.yml @@ -10,6 +10,7 @@ collections: - amazon.aws block: + # ===================================================== - name: Get the current caller identity facts aws_caller_info: null register: caller_info @@ -39,6 +40,32 @@ state: present vpc_id: '{{ vpc_result.vpc.id }}' register: vpc_igw + - name: "Find AMI to use" + ec2_ami_info: + owners: 'amazon' + filters: + name: 'amzn2-ami-hvm-2.0.20190612-x86_64-gp2' + register: ec2_amis + - name: "create a security group" + ec2_group: + state: present + name: '{{ resource_prefix }}-sg' + description: a security group for ansible tests + vpc_id: '{{ vpc_result.vpc.id }}' + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + register: security_group + - name: Create instance for attaching + ec2_instance: + name: '{{ resource_prefix }}-instance' + image_id: '{{ ec2_amis.images[0].image_id }}' + security_group: '{{ security_group.group_id }}' + wait: no ## Don't delay the tests, we'll check again before we need it + register: ec2_instance_result + # ===================================================== - name: Look for signs of concurrent EIP tests. Pause if they are running or their prefix comes before ours. vars: running_query: vpcs[?tags.AnsibleEIPTest=='Running'] @@ -62,6 +89,7 @@ tags: AnsibleEIPTest: Running AnsibleEIPTestPrefix: '{{ resource_prefix }}' + # ===================================================== - name: Get current state of EIPs ec2_eip_info: null register: eip_info_start @@ -520,11 +548,45 @@ ec2_eni: state: absent eni_id: '{{ eni_create_a.interface.id }}' + - name: Make sure the instance is ready + ec2_instance_info: + filters: + "tag:Name": '{{ resource_prefix }}-instance' + register: instance_info + until: instance_info.instances[0].state.name == 'running' + - name: Attach eip to an EC2 instance + ec2_eip: + device_id: '{{ instance_info.instances[0].instance_id }}' + state: present + release_on_disassociation: yes + register: instance_eip + - ec2_eip_info: + filters: + public-ip: '{{ instance_eip.public_ip }}' + register: eip_info + - assert: + that: + - instance_eip is success + - eip_info.addresses[0].allocation_id is defined + - eip_info.addresses[0].instance_id == '{{ instance_info.instances[0].instance_id }}' + # ===================================================== - name: Cleanup IGW ec2_vpc_igw: state: absent vpc_id: '{{ vpc_result.vpc.id }}' register: vpc_igw + - name: Cleanup instance + ec2_instance: + name: '{{ resource_prefix }}-instance' + state: absent + - name: Cleanup instance eip + ec2_eip: + state: absent + public_ip: '{{ instance_eip.public_ip }}' + - name: Cleanup security group + ec2_group: + state: absent + name: '{{ resource_prefix }}-sg' - name: Cleanup Subnet ec2_vpc_subnet: state: absent @@ -578,6 +640,7 @@ state: absent name: '{{ resource_prefix }}-vpc' cidr_block: '{{ vpc_cidr }}' + # ===================================================== always: - name: Cleanup ENI A ec2_eni: @@ -594,6 +657,21 @@ state: absent vpc_id: '{{ vpc_result.vpc.id }}' register: vpc_igw + - name: Cleanup instance + ec2_instance: + name: '{{ resource_prefix }}-instance' + state: absent + ignore_errors: true + - name: Cleanup instance eip + ec2_eip: + state: absent + public_ip: '{{ instance_eip.public_ip }}' + ignore_errors: true + - name: Cleanup security group + ec2_group: + state: absent + name: '{{ resource_prefix }}-sg' + ignore_errors: true - name: Cleanup Subnet ec2_vpc_subnet: state: absent From 673a735e113a9d93384a0a6aa948e549885aedb3 Mon Sep 17 00:00:00 2001 From: Matt Traynham Date: Tue, 11 Aug 2020 16:23:18 -0400 Subject: [PATCH 059/129] Add direct_connect_gateway_id to virtual_interface (#52) * Add direct_connect_gateway_id to virtual_interface This adds the direct_connect_gateway_id to aws_direct_connect_virtual_interface. This field is only applicable in private VIF cases (public=False) and is mutually exclusive to virtual_gateway_id. * Add tests for aws_direct_connect_virtual_interface * Addressing code review feedback for vif unit tests - Remove print statement * Correct vif tests --- .../aws_direct_connect_virtual_interface.py | 24 +- ...nnect.CreatePrivateVirtualInterface_1.json | 52 ++++ ...ctconnect.DescribeVirtualInterfaces_1.json | 18 ++ ...ctconnect.DescribeVirtualInterfaces_2.json | 56 +++++ ...ctconnect.DescribeVirtualInterfaces_3.json | 56 +++++ ...onnect.CreatePublicVirtualInterface_1.json | 52 ++++ ...ctconnect.DescribeVirtualInterfaces_1.json | 18 ++ ...ctconnect.DescribeVirtualInterfaces_2.json | 56 +++++ ...ctconnect.DescribeVirtualInterfaces_3.json | 56 +++++ ...irectconnect.DeleteVirtualInterface_1.json | 16 ++ ...ctconnect.DescribeVirtualInterfaces_1.json | 56 +++++ ...ctconnect.DescribeVirtualInterfaces_1.json | 56 +++++ ...ctconnect.DescribeVirtualInterfaces_1.json | 56 +++++ ...ctconnect.DescribeVirtualInterfaces_1.json | 56 +++++ ...ctconnect.DescribeVirtualInterfaces_1.json | 18 ++ ...ctconnect.DescribeVirtualInterfaces_1.json | 94 ++++++++ ...st_aws_direct_connect_virtual_interface.py | 222 ++++++++++++++++++ 17 files changed, 959 insertions(+), 3 deletions(-) create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.CreatePrivateVirtualInterface_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_2.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_3.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.CreatePublicVirtualInterface_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_2.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_3.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DeleteVirtualInterface_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_connection_id/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_name/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_vi_id/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_missing_for_vi_id/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_multiple/directconnect.DescribeVirtualInterfaces_1.json create mode 100644 tests/unit/modules/test_aws_direct_connect_virtual_interface.py diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index 7547b027f0c..ba8391a00a0 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -72,6 +72,14 @@ virtual_gateway_id: description: - The virtual gateway ID required for creating a private virtual interface. + - To create a private virtual interface I(virtual_gateway_id) or I(direct_connect_gateway_id) is required. + These options are mutually exclusive. + type: str + direct_connect_gateway_id: + description: + - The direct connect gateway ID for creating a private virtual interface. + - To create a private virtual interface I(virtual_gateway_id) or I(direct_connect_gateway_id) is required. + These options are mutually exclusive. type: str virtual_interface_id: description: @@ -190,6 +198,11 @@ returned: when I(public=False) type: str sample: vgw-f3ce259a +direct_connect_gateway_id: + description: The ID of the Direct Connect gateway. This only applies to private virtual interfaces. + returned: when I(public=False) + type: str + sample: f7593767-eded-44e8-926d-a2234175835d virtual_interface_id: description: The ID of the virtual interface. returned: always @@ -364,6 +377,7 @@ def assemble_params_for_creating_vi(params): family_addr = params['address_type'] cidr = params['cidr'] virtual_gateway_id = params['virtual_gateway_id'] + direct_connect_gateway_id = params['direct_connect_gateway_id'] parameters = dict(virtualInterfaceName=name, vlan=vlan, asn=bgp_asn) opt_params = dict(authKey=auth_key, amazonAddress=amazon_addr, customerAddress=customer_addr, addressFamily=family_addr) @@ -376,7 +390,10 @@ def assemble_params_for_creating_vi(params): if public and cidr: parameters['routeFilterPrefixes'] = [{'cidr': c} for c in cidr] if not public: - parameters['virtualGatewayId'] = virtual_gateway_id + if virtual_gateway_id: + parameters['virtualGatewayId'] = virtual_gateway_id + elif direct_connect_gateway_id: + parameters['directConnectGatewayId'] = direct_connect_gateway_id return parameters @@ -469,16 +486,17 @@ def main(): address_type=dict(), cidr=dict(type='list', elements='str'), virtual_gateway_id=dict(), + direct_connect_gateway_id=dict(), virtual_interface_id=dict() ) module = AnsibleAWSModule(argument_spec=argument_spec, required_one_of=[['virtual_interface_id', 'name']], required_if=[['state', 'present', ['public']], - ['public', False, ['virtual_gateway_id']], ['public', True, ['amazon_address']], ['public', True, ['customer_address']], - ['public', True, ['cidr']]]) + ['public', True, ['cidr']]], + mutually_exclusive=[['virtual_gateway_id', 'direct_connect_gateway_id']]) connection = module.client('directconnect') diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.CreatePrivateVirtualInterface_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.CreatePrivateVirtualInterface_1.json new file mode 100644 index 00000000000..095ff7059cc --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.CreatePrivateVirtualInterface_1.json @@ -0,0 +1,52 @@ +{ + "status_code": 200, + "data": { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [], + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + } + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..de3e54bc8b5 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_2.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_2.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_2.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_3.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_3.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_private_vi/directconnect.DescribeVirtualInterfaces_3.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.CreatePublicVirtualInterface_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.CreatePublicVirtualInterface_1.json new file mode 100644 index 00000000000..095ff7059cc --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.CreatePublicVirtualInterface_1.json @@ -0,0 +1,52 @@ +{ + "status_code": 200, + "data": { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [], + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + } + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..de3e54bc8b5 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_2.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_2.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_2.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_3.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_3.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/create_public_vi/directconnect.DescribeVirtualInterfaces_3.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DeleteVirtualInterface_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DeleteVirtualInterface_1.json new file mode 100644 index 00000000000..226e0df0598 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DeleteVirtualInterface_1.json @@ -0,0 +1,16 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + } + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/delete_vi/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_connection_id/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_connection_id/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_connection_id/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_name/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_name/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_name/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_vi_id/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_vi_id/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..9c04d038722 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_by_vi_id/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,56 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_missing_for_vi_id/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_missing_for_vi_id/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..de3e54bc8b5 --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_missing_for_vi_id/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + ] + } +} diff --git a/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_multiple/directconnect.DescribeVirtualInterfaces_1.json b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_multiple/directconnect.DescribeVirtualInterfaces_1.json new file mode 100644 index 00000000000..7ec6af21ceb --- /dev/null +++ b/tests/unit/modules/placebo_recordings/aws_direct_connect_virtual_interface/find_unique_vi_returns_multiple/directconnect.DescribeVirtualInterfaces_1.json @@ -0,0 +1,94 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": { + "RetryAttempts": 0, + "HTTPHeaders": { + "x-amzn-requestid": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "content-type": "application/x-amz-json-1.1", + "date": "Tue, 27 Jun 2017 16:29:00 GMT", + "content-length": "18" + }, + "RequestId": "b9e352dd-5b55-11e7-9750-d97c605bdcae", + "HTTPStatusCode": 200 + }, + "virtualInterfaces": [ + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-aaaaaaaa", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "aaaaaaaa", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + }, + { + "ownerAccount": "123412341234", + "virtualInterfaceId": "dxvif-bbbbbbbb", + "location": "EqSe2", + "connectionId": "dxcon-aaaaaaaa", + "virtualInterfaceType": "private", + "virtualInterfaceName": "bbbbbbbb", + "vlan": 2, + "asn": 123, + "amazonSideAsn": 64512, + "authKey": "aaaabbbb", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualInterfaceState": "down", + "customerRouterConfig": "", + "mtu": 1500, + "jumboFrameCapable": true, + "virtualGatewayId": "", + "directConnectGatewayId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", + "routeFilterPrefixes": [], + "bgpPeers": [ + { + "bgpPeerId": "dxpeer-aaaaaaa", + "asn": 123, + "authKey": "aaaabbbb", + "addressFamily": "ipv4", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "bgpPeerState": "available", + "bgpStatus": "down", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa" + } + ], + "region": "us-west-2", + "awsDeviceV2": "EqSe2-aaaaaaaaaaaa", + "tags": [] + } + ] + } +} diff --git a/tests/unit/modules/test_aws_direct_connect_virtual_interface.py b/tests/unit/modules/test_aws_direct_connect_virtual_interface.py new file mode 100644 index 00000000000..ce2630fce18 --- /dev/null +++ b/tests/unit/modules/test_aws_direct_connect_virtual_interface.py @@ -0,0 +1,222 @@ +# (c) 2017 Red Hat Inc. +# +# This file is part of Ansible +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Make coding more python3-ish +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +from ansible_collections.amazon.aws.tests.unit.utils.amazon_placebo_fixtures import placeboify, maybe_sleep +from ansible_collections.community.aws.plugins.modules import aws_direct_connect_virtual_interface + + +class FakeModule(object): + def __init__(self, **kwargs): + self.params = kwargs + + def fail_json(self, *args, **kwargs): + self.exit_args = args + self.exit_kwargs = kwargs + raise Exception("FAIL") + + def exit_json(self, *args, **kwargs): + self.exit_args = args + self.exit_kwargs = kwargs + + +def test_find_unique_vi_by_connection_id(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + vi_id = aws_direct_connect_virtual_interface.find_unique_vi(client, "dxcon-aaaaaaaa", None, None) + assert vi_id == "dxvif-aaaaaaaa" + + +def test_find_unique_vi_by_vi_id(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + vi_id = aws_direct_connect_virtual_interface.find_unique_vi(client, + None, + "dxvif-aaaaaaaaa", + None) + assert vi_id == "dxvif-aaaaaaaa" + + +def test_find_unique_vi_by_name(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + vi_id = aws_direct_connect_virtual_interface.find_unique_vi(client, None, None, "aaaaaaaa") + assert vi_id == "dxvif-aaaaaaaa" + + +def test_find_unique_vi_returns_multiple(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + module = FakeModule(state="present", + id_to_associate="dxcon-aaaaaaaa", + public=False, + name=None) + try: + aws_direct_connect_virtual_interface.ensure_state( + client, + module + ) + except Exception: + assert "Multiple virtual interfaces were found" in module.exit_kwargs["msg"] + + +def test_find_unique_vi_returns_missing_for_vi_id(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + module = FakeModule(state="present", + id_to_associate=None, + public=False, + name=None, + virtual_interface_id="dxvif-aaaaaaaa") + try: + aws_direct_connect_virtual_interface.ensure_state( + client, + module + ) + except Exception: + assert "The virtual interface dxvif-aaaaaaaa does not exist" in module.exit_kwargs["msg"] + + +def test_construct_public_vi(): + module = FakeModule(state="present", + id_to_associate=None, + public=True, + name="aaaaaaaa", + vlan=1, + bgp_asn=123, + authentication_key="aaaa", + customer_address="169.254.0.1/30", + amazon_address="169.254.0.2/30", + address_type="ipv4", + cidr=["10.88.0.0/30"], + virtual_gateway_id="xxxx", + direct_connect_gateway_id="yyyy") + vi = aws_direct_connect_virtual_interface.assemble_params_for_creating_vi(module.params) + assert vi == { + "virtualInterfaceName": "aaaaaaaa", + "vlan": 1, + "asn": 123, + "authKey": "aaaa", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "routeFilterPrefixes": [{"cidr": "10.88.0.0/30"}] + } + + +def test_construct_private_vi_with_virtual_gateway_id(): + module = FakeModule(state="present", + id_to_associate=None, + public=False, + name="aaaaaaaa", + vlan=1, + bgp_asn=123, + authentication_key="aaaa", + customer_address="169.254.0.1/30", + amazon_address="169.254.0.2/30", + address_type="ipv4", + cidr=["10.88.0.0/30"], + virtual_gateway_id="xxxx", + direct_connect_gateway_id="yyyy") + vi = aws_direct_connect_virtual_interface.assemble_params_for_creating_vi(module.params) + assert vi == { + "virtualInterfaceName": "aaaaaaaa", + "vlan": 1, + "asn": 123, + "authKey": "aaaa", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "virtualGatewayId": "xxxx" + } + + +def test_construct_private_vi_with_direct_connect_gateway_id(): + module = FakeModule(state="present", + id_to_associate=None, + public=False, + name="aaaaaaaa", + vlan=1, + bgp_asn=123, + authentication_key="aaaa", + customer_address="169.254.0.1/30", + amazon_address="169.254.0.2/30", + address_type="ipv4", + cidr=["10.88.0.0/30"], + virtual_gateway_id=None, + direct_connect_gateway_id="yyyy") + vi = aws_direct_connect_virtual_interface.assemble_params_for_creating_vi(module.params) + print(vi) + assert vi == { + "virtualInterfaceName": "aaaaaaaa", + "vlan": 1, + "asn": 123, + "authKey": "aaaa", + "amazonAddress": "169.254.0.2/30", + "customerAddress": "169.254.0.1/30", + "addressFamily": "ipv4", + "directConnectGatewayId": "yyyy" + } + + +def test_create_public_vi(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + module = FakeModule(state="present", + id_to_associate='dxcon-aaaaaaaa', + virtual_interface_id=None, + public=True, + name="aaaaaaaa", + vlan=1, + bgp_asn=123, + authentication_key="aaaa", + customer_address="169.254.0.1/30", + amazon_address="169.254.0.2/30", + address_type="ipv4", + cidr=["10.88.0.0/30"], + virtual_gateway_id="xxxx", + direct_connect_gateway_id="yyyy") + changed, latest_state = aws_direct_connect_virtual_interface.ensure_state(client, module) + assert changed is True + assert latest_state is not None + + +def test_create_private_vi(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + module = FakeModule(state="present", + id_to_associate='dxcon-aaaaaaaa', + virtual_interface_id=None, + public=False, + name="aaaaaaaa", + vlan=1, + bgp_asn=123, + authentication_key="aaaa", + customer_address="169.254.0.1/30", + amazon_address="169.254.0.2/30", + address_type="ipv4", + cidr=["10.88.0.0/30"], + virtual_gateway_id="xxxx", + direct_connect_gateway_id="yyyy") + changed, latest_state = aws_direct_connect_virtual_interface.ensure_state(client, module) + assert changed is True + assert latest_state is not None + + +def test_delete_vi(placeboify, maybe_sleep): + client = placeboify.client("directconnect") + module = FakeModule(state="absent", + id_to_associate='dxcon-aaaaaaaa', + virtual_interface_id='dxvif-aaaaaaaa', + public=False, + name="aaaaaaaa", + vlan=1, + bgp_asn=123, + authentication_key="aaaa", + customer_address="169.254.0.1/30", + amazon_address="169.254.0.2/30", + address_type="ipv4", + cidr=["10.88.0.0/30"], + virtual_gateway_id=None, + direct_connect_gateway_id="yyyy") + changed, latest_state = aws_direct_connect_virtual_interface.ensure_state(client, module) + assert changed is True + assert latest_state == {} From f00b21a319ed0bc3f74bedaa2060e89a70b41b35 Mon Sep 17 00:00:00 2001 From: Matt Traynham Date: Tue, 11 Aug 2020 16:39:27 -0400 Subject: [PATCH 060/129] Adds module aws_direct_connect_confirm_connection (#53) * Adds module aws_direct_connect_confirm_connection DirectConnect connections that are created by a Hosted provider require approval by users. This module simply finds the DirectConnect connection and confirms it if it's in the 'ordering' state. * Adding unit tests * Correcting test cases * Correct linting issue * Switch to AWSRetry decorator to correct test cases --- .../aws_direct_connect_confirm_connection.py | 156 ++++++++++++++++++ ...t_aws_direct_connect_confirm_connection.py | 156 ++++++++++++++++++ 2 files changed, 312 insertions(+) create mode 100644 plugins/modules/aws_direct_connect_confirm_connection.py create mode 100644 tests/unit/modules/test_aws_direct_connect_confirm_connection.py diff --git a/plugins/modules/aws_direct_connect_confirm_connection.py b/plugins/modules/aws_direct_connect_confirm_connection.py new file mode 100644 index 00000000000..ba85f94eff3 --- /dev/null +++ b/plugins/modules/aws_direct_connect_confirm_connection.py @@ -0,0 +1,156 @@ +#!/usr/bin/python +# Copyright (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = ''' +--- +module: aws_direct_connect_confirm_connection +short_description: Confirms the creation of a hosted DirectConnect connection. +description: + - Confirms the creation of a hosted DirectConnect, which requires approval before it can be used. + - DirectConnect connections that require approval would be in the 'ordering'. + - After confirmation, they will move to the 'pending' state and finally the 'available' state. +author: "Matt Traynham (@mtraynham)" +extends_documentation_fragment: +- amazon.aws.aws +- amazon.aws.ec2 + +requirements: + - boto3 + - botocore +options: + name: + description: + - The name of the Direct Connect connection. + - One of I(connection_id) or I(name) must be specified. + type: str + connection_id: + description: + - The ID of the Direct Connect connection. + - One of I(connection_id) or I(name) must be specified. + type: str +''' + +EXAMPLES = ''' + +# confirm a Direct Connect by name +- name: confirm the connection id + aws_direct_connect_confirm_connection: + name: my_host_direct_connect + +# confirm a Direct Connect by connection_id +- name: confirm the connection id + aws_direct_connect_confirm_connection: + connection_id: dxcon-xxxxxxxx +''' + +RETURN = ''' + +connection_state: + description: The state of the connection. + returned: always + type: str + sample: pending +''' + +import traceback +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, AWSRetry) + +try: + from botocore.exceptions import BotoCoreError, ClientError +except Exception: + pass + # handled by imported AnsibleAWSModule + +retry_params = {"tries": 10, "delay": 5, "backoff": 1.2, "catch_extra_error_codes": ["DirectConnectClientException"]} + + +@AWSRetry.backoff(**retry_params) +def describe_connections(client, params): + return client.describe_connections(**params) + + +def find_connection_id(client, connection_id=None, connection_name=None): + params = {} + if connection_id: + params['connectionId'] = connection_id + try: + response = describe_connections(client, params) + except (BotoCoreError, ClientError) as e: + if connection_id: + msg = "Failed to describe DirectConnect ID {0}".format(connection_id) + else: + msg = "Failed to describe DirectConnect connections" + raise DirectConnectError(msg=msg, + last_traceback=traceback.format_exc(), + exception=e) + + match = [] + if len(response.get('connections', [])) == 1 and connection_id: + if response['connections'][0]['connectionState'] != 'deleted': + match.append(response['connections'][0]['connectionId']) + + for conn in response.get('connections', []): + if connection_name == conn['connectionName'] and conn['connectionState'] != 'deleted': + match.append(conn['connectionId']) + + if len(match) == 1: + return match[0] + else: + raise DirectConnectError(msg="Could not find a valid DirectConnect connection") + + +def get_connection_state(client, connection_id): + try: + response = describe_connections(client, dict(connectionId=connection_id)) + return response['connections'][0]['connectionState'] + except (BotoCoreError, ClientError, IndexError) as e: + raise DirectConnectError(msg="Failed to describe DirectConnect connection {0} state".format(connection_id), + last_traceback=traceback.format_exc(), + exception=e) + + +def main(): + argument_spec = dict( + connection_id=dict(), + name=dict() + ) + module = AnsibleAWSModule(argument_spec=argument_spec, + mutually_exclusive=[['connection_id', 'name']], + required_one_of=[['connection_id', 'name']]) + client = module.client('directconnect') + + connection_id = module.params['connection_id'] + connection_name = module.params['name'] + + changed = False + connection_state = None + try: + connection_id = find_connection_id(client, + connection_id, + connection_name) + connection_state = get_connection_state(client, connection_id) + if connection_state == 'ordering': + client.confirm_connection(connectionId=connection_id) + changed = True + connection_state = get_connection_state(client, connection_id) + except DirectConnectError as e: + if e.last_traceback: + module.fail_json(msg=e.msg, exception=e.last_traceback, **camel_dict_to_snake_dict(e.exception.response)) + else: + module.fail_json(msg=e.msg) + + module.exit_json(changed=changed, connection_state=connection_state) + + +if __name__ == '__main__': + main() diff --git a/tests/unit/modules/test_aws_direct_connect_confirm_connection.py b/tests/unit/modules/test_aws_direct_connect_confirm_connection.py new file mode 100644 index 00000000000..2187d8a2021 --- /dev/null +++ b/tests/unit/modules/test_aws_direct_connect_confirm_connection.py @@ -0,0 +1,156 @@ +# Make coding more python3-ish +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +from ansible_collections.community.aws.tests.unit.compat.mock import MagicMock, patch, call +from ansible_collections.community.aws.tests.unit.modules.utils import (AnsibleExitJson, + AnsibleFailJson, + ModuleTestCase, + set_module_args) +from ansible_collections.community.aws.plugins.modules import aws_direct_connect_confirm_connection +try: + from botocore.exceptions import ClientError +except ImportError: + pass + + +@patch('ansible_collections.amazon.aws.plugins.module_utils.core.HAS_BOTO3', new=True) +@patch.object(aws_direct_connect_confirm_connection.AnsibleAWSModule, "client") +class TestAWSDirectConnectConfirmConnection(ModuleTestCase): + def test_missing_required_parameters(self, *args): + set_module_args({}) + with self.assertRaises(AnsibleFailJson) as exec_info: + aws_direct_connect_confirm_connection.main() + + result = exec_info.exception.args[0] + assert result["failed"] is True + assert "name" in result["msg"] + assert "connection_id" in result["msg"] + + def test_get_by_connection_id(self, mock_client): + mock_client.return_value.describe_connections.return_value = { + "connections": [ + { + "connectionState": "requested", + "connectionId": "dxcon-fgq9rgot", + "location": "EqSe2", + "connectionName": "ansible-test-connection", + "bandwidth": "1Gbps", + "ownerAccount": "448830907657", + "region": "us-west-2" + } + ] + } + set_module_args({ + "connection_id": "dxcon-fgq9rgot" + }) + with self.assertRaises(AnsibleExitJson) as exec_info: + aws_direct_connect_confirm_connection.main() + + result = exec_info.exception.args[0] + assert result["changed"] is False + assert result["connection_state"] == "requested" + mock_client.return_value.describe_connections.assert_has_calls([ + call(connectionId="dxcon-fgq9rgot") + ]) + mock_client.return_value.confirm_connection.assert_not_called() + + def test_get_by_name(self, mock_client): + mock_client.return_value.describe_connections.return_value = { + "connections": [ + { + "connectionState": "requested", + "connectionId": "dxcon-fgq9rgot", + "location": "EqSe2", + "connectionName": "ansible-test-connection", + "bandwidth": "1Gbps", + "ownerAccount": "448830907657", + "region": "us-west-2" + } + ] + } + set_module_args({ + "name": "ansible-test-connection" + }) + with self.assertRaises(AnsibleExitJson) as exec_info: + aws_direct_connect_confirm_connection.main() + + result = exec_info.exception.args[0] + assert result["changed"] is False + assert result["connection_state"] == "requested" + mock_client.return_value.describe_connections.assert_has_calls([ + call(), + call(connectionId="dxcon-fgq9rgot") + ]) + mock_client.return_value.confirm_connection.assert_not_called() + + def test_missing_connection_id(self, mock_client): + mock_client.return_value.describe_connections.side_effect = ClientError( + {'Error': {'Code': 'ResourceNotFoundException'}}, 'DescribeConnection') + set_module_args({ + "connection_id": "dxcon-aaaabbbb" + }) + with self.assertRaises(AnsibleFailJson) as exec_info: + aws_direct_connect_confirm_connection.main() + + result = exec_info.exception.args[0] + assert result["failed"] is True + mock_client.return_value.describe_connections.assert_has_calls([ + call(connectionId="dxcon-aaaabbbb") + ]) + + def test_missing_name(self, mock_client): + mock_client.return_value.describe_connections.return_value = { + "connections": [ + { + "connectionState": "requested", + "connectionId": "dxcon-fgq9rgot", + "location": "EqSe2", + "connectionName": "ansible-test-connection", + "bandwidth": "1Gbps", + "ownerAccount": "448830907657", + "region": "us-west-2" + } + ] + } + set_module_args({ + "name": "foobar" + }) + with self.assertRaises(AnsibleFailJson) as exec_info: + aws_direct_connect_confirm_connection.main() + + result = exec_info.exception.args[0] + assert result["failed"] is True + mock_client.return_value.describe_connections.assert_has_calls([ + call() + ]) + + def test_confirm(self, mock_client): + mock_client.return_value.describe_connections.return_value = { + "connections": [ + { + "connectionState": "ordering", + "connectionId": "dxcon-fgq9rgot", + "location": "EqSe2", + "connectionName": "ansible-test-connection", + "bandwidth": "1Gbps", + "ownerAccount": "448830907657", + "region": "us-west-2" + } + ] + } + mock_client.return_value.confirm_connection.return_value = [{}] + set_module_args({ + "connection_id": "dxcon-fgq9rgot" + }) + with self.assertRaises(AnsibleExitJson) as exec_info: + aws_direct_connect_confirm_connection.main() + + result = exec_info.exception.args[0] + assert result["changed"] is True + mock_client.return_value.describe_connections.assert_has_calls([ + call(connectionId="dxcon-fgq9rgot"), + call(connectionId="dxcon-fgq9rgot"), + call(connectionId="dxcon-fgq9rgot") + ]) + mock_client.return_value.confirm_connection.assert_called_once_with(connectionId="dxcon-fgq9rgot") From 818c6d2faa046974a9bdfa9346122d11e5bef3b1 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 12 Aug 2020 13:06:35 +0200 Subject: [PATCH 061/129] Bulk migration to AnsibleAWSModule (#173) * Update comments to reference AnsibleAWSModule rather than AnsibleModule * Bulk re-order imports and split onto one from import per-line. * Add AnsibleAWSModule imports * Migrate boto 2 based modules to AnsibleAWSModule * Move boto3-only modules over to AnsibleAWSModule * Remove extra ec2_argument_spec calls - not needed now we're using AnsibleAWSModule * Remove most HAS_BOTO3 code, it's handled by AnsibleAWSModule * Handle missing Boto 2 consistently (HAS_BOTO) * Remove AnsibleModule imports * Changelog fragment --- .../fragments/173-ansibleawsmodule.yaml | 2 + plugins/modules/aws_api_gateway.py | 6 +- plugins/modules/aws_direct_connect_gateway.py | 38 ++++----- ...s_direct_connect_link_aggregation_group.py | 45 +++++------ plugins/modules/aws_kms_info.py | 30 +++---- plugins/modules/aws_s3_bucket_info.py | 22 ++---- plugins/modules/cloudfront_info.py | 23 +++--- plugins/modules/cloudwatchlogs_log_group.py | 29 +++---- .../modules/cloudwatchlogs_log_group_info.py | 27 +++---- plugins/modules/data_pipeline.py | 40 +++++----- plugins/modules/dynamodb_table.py | 33 ++++---- plugins/modules/dynamodb_ttl.py | 24 +++--- plugins/modules/ec2_ami_copy.py | 5 +- plugins/modules/ec2_asg.py | 2 +- plugins/modules/ec2_customer_gateway.py | 54 +++++-------- plugins/modules/ec2_eip.py | 8 +- plugins/modules/ec2_elb.py | 26 +++--- plugins/modules/ec2_elb_info.py | 25 +++--- plugins/modules/ec2_instance_info.py | 42 ++++------ plugins/modules/ec2_lc.py | 79 +++++++++---------- plugins/modules/ec2_lc_find.py | 11 ++- plugins/modules/ec2_lc_info.py | 38 ++++----- plugins/modules/ec2_scaling_policy.py | 33 ++++---- plugins/modules/ec2_snapshot_copy.py | 26 +++--- plugins/modules/ec2_vpc_egress_igw.py | 6 +- plugins/modules/ec2_vpc_endpoint.py | 48 +++++------ plugins/modules/ec2_vpc_endpoint_info.py | 33 +++----- plugins/modules/ec2_vpc_igw_info.py | 29 +++---- plugins/modules/ec2_vpc_nat_gateway.py | 46 +++++------ plugins/modules/ec2_vpc_nat_gateway_info.py | 34 +++----- plugins/modules/ec2_vpc_peer.py | 30 +++---- plugins/modules/ec2_vpc_peering_info.py | 34 +++----- plugins/modules/ec2_vpc_route_table_info.py | 21 +++-- plugins/modules/ec2_vpc_vgw.py | 23 +++--- plugins/modules/ec2_vpc_vgw_info.py | 30 +++---- plugins/modules/ec2_win_password.py | 10 +-- plugins/modules/ecs_attribute.py | 23 +++--- plugins/modules/ecs_cluster.py | 22 +++--- plugins/modules/elasticache.py | 26 +++--- .../modules/elasticache_parameter_group.py | 37 ++++----- plugins/modules/elasticache_snapshot.py | 31 +++----- plugins/modules/elasticache_subnet_group.py | 14 ++-- plugins/modules/elb_application_lb_info.py | 36 ++++----- plugins/modules/elb_classic_lb.py | 22 +++--- plugins/modules/elb_instance.py | 26 +++--- plugins/modules/elb_target.py | 52 ++++++------ plugins/modules/elb_target_group_info.py | 40 ++++------ plugins/modules/execute_lambda.py | 24 +++--- plugins/modules/iam.py | 21 +++-- plugins/modules/iam_cert.py | 19 ++--- plugins/modules/iam_managed_policy.py | 32 +++----- plugins/modules/iam_mfa_device_info.py | 26 ++---- .../modules/iam_server_certificate_info.py | 18 ++--- plugins/modules/kinesis_stream.py | 38 ++++----- plugins/modules/lambda_alias.py | 37 +++------ plugins/modules/lambda_event.py | 39 ++++----- plugins/modules/rds.py | 15 ++-- plugins/modules/rds_param_group.py | 52 ++++++------ plugins/modules/rds_subnet_group.py | 15 ++-- plugins/modules/redshift.py | 8 +- plugins/modules/redshift_subnet_group.py | 16 ++-- plugins/modules/route53.py | 16 ++-- plugins/modules/route53_health_check.py | 14 ++-- plugins/modules/route53_info.py | 23 +++--- plugins/modules/s3_logging.py | 24 +++--- plugins/modules/s3_sync.py | 32 +++----- plugins/modules/s3_website.py | 37 ++++----- plugins/modules/sts_session_token.py | 24 +++--- 68 files changed, 790 insertions(+), 1081 deletions(-) create mode 100644 changelogs/fragments/173-ansibleawsmodule.yaml diff --git a/changelogs/fragments/173-ansibleawsmodule.yaml b/changelogs/fragments/173-ansibleawsmodule.yaml new file mode 100644 index 00000000000..7e3653853c9 --- /dev/null +++ b/changelogs/fragments/173-ansibleawsmodule.yaml @@ -0,0 +1,2 @@ +minor_changes: +- Remaining community.aws AnsibleModule based modules migrated to AnsibleAWSModule. diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index f67bae92808..8be32b12289 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -174,12 +174,12 @@ try: import botocore except ImportError: - # HAS_BOTOCORE taken care of in AnsibleAWSModule - pass + pass # Handled by AnsibleAWSModule import traceback from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, camel_dict_to_snake_dict) +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def main(): diff --git a/plugins/modules/aws_direct_connect_gateway.py b/plugins/modules/aws_direct_connect_gateway.py index a7084faaeb7..2e0c3a0fa81 100644 --- a/plugins/modules/aws_direct_connect_gateway.py +++ b/plugins/modules/aws_direct_connect_gateway.py @@ -101,18 +101,16 @@ try: import botocore - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False - -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - boto3_conn, - ) + pass # Handled by AnsibleAWSModule + from ansible.module_utils._text import to_native +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn + def dx_gateway_info(client, gateway_id, module): try: @@ -340,20 +338,18 @@ def ensure_absent(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict(state=dict(default='present', choices=['present', 'absent']), - name=dict(), - amazon_asn=dict(), - virtual_gateway_id=dict(), - direct_connect_gateway_id=dict(), - wait_timeout=dict(type='int', default=320))) + argument_spec = dict( + state=dict(default='present', choices=['present', 'absent']), + name=dict(), + amazon_asn=dict(), + virtual_gateway_id=dict(), + direct_connect_gateway_id=dict(), + wait_timeout=dict(type='int', default=320), + ) required_if = [('state', 'present', ['name', 'amazon_asn']), ('state', 'absent', ['direct_connect_gateway_id'])] - module = AnsibleModule(argument_spec=argument_spec, - required_if=required_if) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required for this module') + module = AnsibleAWSModule(argument_spec=argument_spec, + required_if=required_if) state = module.params.get('state') diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index 28af9bc103c..aef1576c528 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -161,29 +161,24 @@ returned: when I(state=present) """ -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( - AWSRetry, - HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, -) -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import ( - DirectConnectError, - delete_connection, - delete_virtual_interface, - disassociate_connection_and_lag, -) import traceback import time try: import botocore except Exception: - pass - # handled by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info + +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import delete_connection +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import delete_virtual_interface +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import disassociate_connection_and_lag def lag_status(client, lag_id): @@ -408,8 +403,7 @@ def ensure_absent(client, lag_id, lag_name, force_delete, delete_with_disassocia def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent']), name=dict(), link_aggregation_group_id=dict(), @@ -422,14 +416,13 @@ def main(): force_delete=dict(type='bool', default=False), wait=dict(type='bool', default=False), wait_timeout=dict(type='int', default=120), - )) - - module = AnsibleModule(argument_spec=argument_spec, - required_one_of=[('link_aggregation_group_id', 'name')], - required_if=[('state', 'present', ('location', 'bandwidth'))]) + ) - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') + module = AnsibleAWSModule( + argument_spec=argument_spec, + required_one_of=[('link_aggregation_group_id', 'name')], + required_if=[('state', 'present', ('location', 'bandwidth'))], + ) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if not region: diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index defccf70342..eced250e158 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -215,17 +215,19 @@ ''' -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict, HAS_BOTO3 -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict - import traceback try: import botocore except ImportError: - pass # caught by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict # Caching lookup for aliases _aliases = dict() @@ -399,22 +401,16 @@ def get_kms_info(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - filters=dict(type='dict'), - pending_deletion=dict(type='bool', default=False) - ) + argument_spec = dict( + filters=dict(type='dict'), + pending_deletion=dict(type='bool', default=False), ) - module = AnsibleModule(argument_spec=argument_spec, - supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, + supports_check_mode=True) if module._name == 'aws_kms_facts': module.deprecate("The 'aws_kms_facts' module has been renamed to 'aws_kms_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 and botocore are required for this module') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index 735bba97f74..ca47bf42db0 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -54,16 +54,14 @@ try: import botocore except ImportError: - pass # will be detected by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, - ec2_argument_spec, - HAS_BOTO3, - camel_dict_to_snake_dict, - get_aws_connection_info, - ) + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_bucket_list(module, connection): @@ -91,18 +89,14 @@ def main(): result = {} # Including ec2 argument spec - module = AnsibleModule(argument_spec=ec2_argument_spec(), supports_check_mode=True) + module = AnsibleAWSModule(argument_spec={}, supports_check_mode=True) is_old_facts = module._name == 'aws_s3_bucket_facts' if is_old_facts: module.deprecate("The 'aws_s3_bucket_facts' module has been renamed to 'aws_s3_bucket_info', " "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') - # Verify Boto3 is used - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - # Set up connection - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=HAS_BOTO3) + region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='s3', region=region, endpoint=ec2_url, **aws_connect_params) diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index bd81ac53b54..f395ee801dc 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -262,16 +262,19 @@ type: dict ''' -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info, ec2_argument_spec, boto3_conn, HAS_BOTO3 -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict, camel_dict_to_snake_dict -from ansible.module_utils.basic import AnsibleModule from functools import partial import traceback try: import botocore except ImportError: - pass # will be caught by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict class CloudFrontServiceManager: @@ -577,8 +580,7 @@ def set_facts_for_distribution_id_and_alias(details, facts, distribution_id, ali def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( distribution_id=dict(required=False, type='str'), invalidation_id=dict(required=False, type='str'), origin_access_identity_id=dict(required=False, type='str'), @@ -596,18 +598,15 @@ def main(): list_distributions_by_web_acl_id=dict(required=False, default=False, type='bool'), list_invalidations=dict(required=False, default=False, type='bool'), list_streaming_distributions=dict(required=False, default=False, type='bool'), - summary=dict(required=False, default=False, type='bool') - )) + summary=dict(required=False, default=False, type='bool'), + ) - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False) + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False) is_old_facts = module._name == 'cloudfront_facts' if is_old_facts: module.deprecate("The 'cloudfront_facts' module has been renamed to 'cloudfront_info', " "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') - service_mgr = CloudFrontServiceManager(module) distribution_id = module.params.get('distribution_id') diff --git a/plugins/modules/cloudwatchlogs_log_group.py b/plugins/modules/cloudwatchlogs_log_group.py index cd1e94cfb53..93138c13773 100644 --- a/plugins/modules/cloudwatchlogs_log_group.py +++ b/plugins/modules/cloudwatchlogs_log_group.py @@ -129,19 +129,18 @@ ''' import traceback -from ansible.module_utils._text import to_native -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - camel_dict_to_snake_dict, - boto3_conn, - ec2_argument_spec, - get_aws_connection_info, - ) try: import botocore except ImportError: - pass # will be detected by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def create_log_group(client, log_group_name, kms_key_id, tags, retention, module): @@ -237,8 +236,7 @@ def describe_log_group(client, log_group_name, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( log_group_name=dict(required=True, type='str'), state=dict(choices=['present', 'absent'], default='present'), @@ -246,14 +244,11 @@ def main(): tags=dict(required=False, type='dict'), retention=dict(required=False, type='int'), purge_retention_policy=dict(required=False, type='bool', default=False), - overwrite=dict(required=False, type='bool', default=False) - )) + overwrite=dict(required=False, type='bool', default=False), + ) mutually_exclusive = [['retention', 'purge_retention_policy'], ['purge_retention_policy', 'overwrite']] - module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') + module = AnsibleAWSModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) logs = boto3_conn(module, conn_type='client', resource='logs', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index eae18b97c37..98fe63195b7 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -72,19 +72,18 @@ ''' import traceback -from ansible.module_utils._text import to_native -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - camel_dict_to_snake_dict, - boto3_conn, - ec2_argument_spec, - get_aws_connection_info, - ) try: import botocore except ImportError: - pass # will be detected by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def describe_log_group(client, log_group_name, module): @@ -104,19 +103,15 @@ def describe_log_group(client, log_group_name, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( log_group_name=dict(), - )) + ) - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'cloudwatchlogs_log_group_facts': module.deprecate("The 'cloudwatchlogs_log_group_facts' module has been renamed to 'cloudwatchlogs_log_group_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) logs = boto3_conn(module, conn_type='client', resource='logs', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index 8394078fe68..34cf4df343c 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -205,14 +205,16 @@ try: import boto3 from botocore.exceptions import ClientError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_argument_spec, get_aws_connection_info, boto3_conn, camel_dict_to_snake_dict from ansible.module_utils._text import to_text +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict + DP_ACTIVE_STATES = ['ACTIVE', 'SCHEDULED'] DP_INACTIVE_STATES = ['INACTIVE', 'PENDING', 'FINISHED', 'DELETING'] @@ -601,25 +603,19 @@ def create_pipeline(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=True), - version=dict(removed_at_date='2022-06-01', removed_from_collection='community.aws'), - description=dict(required=False, default=''), - objects=dict(required=False, type='list', default=[], elements='dict'), - parameters=dict(required=False, type='list', default=[], elements='dict'), - timeout=dict(required=False, type='int', default=300), - state=dict(default='present', choices=['present', 'absent', - 'active', 'inactive']), - tags=dict(required=False, type='dict', default={}), - values=dict(required=False, type='list', default=[], elements='dict') - ) + argument_spec = dict( + name=dict(required=True), + version=dict(removed_at_date='2022-06-01', removed_from_collection='community.aws'), + description=dict(required=False, default=''), + objects=dict(required=False, type='list', default=[], elements='dict'), + parameters=dict(required=False, type='list', default=[], elements='dict'), + timeout=dict(required=False, type='int', default=300), + state=dict(default='present', choices=['present', 'absent', + 'active', 'inactive']), + tags=dict(required=False, type='dict', default={}), + values=dict(required=False, type='list', default=[], elements='dict'), ) - module = AnsibleModule(argument_spec, supports_check_mode=False) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required for the datapipeline module!') + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False) try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py index e6ae5b1af1f..47b8bc9f678 100644 --- a/plugins/modules/dynamodb_table.py +++ b/plugins/modules/dynamodb_table.py @@ -183,26 +183,24 @@ from boto.dynamodb2.types import STRING, NUMBER, BINARY from boto.exception import BotoServerError, NoAuthHandlerFound, JSONResponseError from boto.dynamodb2.exceptions import ValidationException - HAS_BOTO = True - DYNAMO_TYPE_MAP = { 'STRING': STRING, 'NUMBER': NUMBER, 'BINARY': BINARY } - -except ImportError: - HAS_BOTO = False - -try: + # Boto 2 is mandatory, Boto3 is only needed for tagging import botocore - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by ec2.HAS_BOTO and ec2.HAS_BOTO3 -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError, connect_to_aws, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3 DYNAMO_TYPE_DEFAULT = 'STRING' @@ -457,8 +455,7 @@ def get_indexes(all_indexes): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(default='present', choices=['present', 'absent']), name=dict(required=True, type='str'), hash_key_name=dict(type='str'), @@ -470,11 +467,13 @@ def main(): indexes=dict(default=[], type='list', elements='dict'), tags=dict(type='dict'), wait_for_active_timeout=dict(default=60, type='int'), - )) + ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, - supports_check_mode=True) + supports_check_mode=True, + check_boto3=False, + ) if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index 330bf30f14e..52b5055db8b 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -71,15 +71,12 @@ try: import botocore except ImportError: - pass + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_current_ttl_state(c, table_name): @@ -123,19 +120,16 @@ def set_ttl_state(c, table_name, state, attribute_name): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(choices=['enable', 'disable']), table_name=dict(required=True), - attribute_name=dict(required=True)) + attribute_name=dict(required=True), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, ) - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - elif distutils.version.StrictVersion(botocore.__version__) < distutils.version.StrictVersion('1.5.24'): + if distutils.version.StrictVersion(botocore.__version__) < distutils.version.StrictVersion('1.5.24'): # TTL was added in this version. module.fail_json(msg='Found botocore in version {0}, but >= {1} is required for TTL support'.format(botocore.__version__, '1.5.24')) diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index 638db1c3404..79ebf577394 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -134,7 +134,8 @@ ''' from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list from ansible.module_utils._text import to_native try: @@ -147,7 +148,7 @@ def copy_image(module, ec2): """ Copies an AMI - module : AnsibleModule object + module : AnsibleAWSModule object ec2: ec2 connection object """ diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index f466a8664f4..568b0fca2ca 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -538,7 +538,7 @@ try: import botocore except ImportError: - pass # will be detected by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule ASG_ATTRIBUTES = ('AvailabilityZones', 'DefaultCooldown', 'DesiredCapacity', 'HealthCheckGracePeriod', 'HealthCheckType', 'LaunchConfigurationName', diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index bda1626640b..5c10f4655e4 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -111,23 +111,15 @@ try: from botocore.exceptions import ClientError - HAS_BOTOCORE = True -except ImportError: - HAS_BOTOCORE = False - -try: import boto3 - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, - AWSRetry, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class Ec2CustomerGatewayManager: @@ -199,29 +191,21 @@ def describe_gateways(self, ip_address): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - bgp_asn=dict(required=False, type='int'), - ip_address=dict(required=True), - name=dict(required=True), - routing=dict(default='dynamic', choices=['dynamic', 'static']), - state=dict(default='present', choices=['present', 'absent']), - ) + argument_spec = dict( + bgp_asn=dict(required=False, type='int'), + ip_address=dict(required=True), + name=dict(required=True), + routing=dict(default='dynamic', choices=['dynamic', 'static']), + state=dict(default='present', choices=['present', 'absent']), ) - module = AnsibleModule(argument_spec=argument_spec, - supports_check_mode=True, - required_if=[ - ('routing', 'dynamic', ['bgp_asn']) - ] - ) - - if not HAS_BOTOCORE: - module.fail_json(msg='botocore is required.') - - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_if=[ + ('routing', 'dynamic', ['bgp_asn']) + ] + ) gw_mgr = Ec2CustomerGatewayManager(module) diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index 00130bf3f93..6aa2a531069 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -222,8 +222,10 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list def associate_ip_and_device(ec2, module, address, private_ip_address, device_id, allow_reassociation, check_mode, is_instance=True): @@ -499,7 +501,7 @@ def allocate_address_from_pool(ec2, module, domain, check_mode, public_ipv4_pool def generate_tag_dict(module, tag_name, tag_value): - # type: (AnsibleModule, str, str) -> Optional[Dict] + # type: (AnsibleAWSModule, str, str) -> Optional[Dict] """ Generates a dictionary to be passed as a filter to Amazon """ if tag_name and not tag_value: if tag_name.startswith('tag:'): diff --git a/plugins/modules/ec2_elb.py b/plugins/modules/ec2_elb.py index 349002d5852..d9a6231f6b5 100644 --- a/plugins/modules/ec2_elb.py +++ b/plugins/modules/ec2_elb.py @@ -85,17 +85,14 @@ import boto.ec2.autoscale import boto.ec2.elb from boto.regioninfo import RegionInfo - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AnsibleAWSError, - HAS_BOTO, - connect_to_aws, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class ElbManager: @@ -314,20 +311,19 @@ def _get_instance(self): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state={'required': True, 'choices': ['present', 'absent']}, instance_id={'required': True}, ec2_elbs={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, enable_availability_zone={'default': True, 'required': False, 'type': 'bool'}, wait={'required': False, 'default': True, 'type': 'bool'}, - wait_timeout={'required': False, 'default': 0, 'type': 'int'} - ) + wait_timeout={'required': False, 'default': 0, 'type': 'int'}, ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, - supports_check_mode=True + supports_check_mode=True, + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/ec2_elb_info.py b/plugins/modules/ec2_elb_info.py index c4b1bd67360..b18e502de34 100644 --- a/plugins/modules/ec2_elb_info.py +++ b/plugins/modules/ec2_elb_info.py @@ -74,21 +74,18 @@ import traceback -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( - AWSRetry, - connect_to_aws, - ec2_argument_spec, - get_aws_connection_info, -) - try: import boto.ec2.elb from boto.ec2.tag import Tag from boto.exception import BotoServerError - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by ec2.HAS_BOTO + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO class ElbInformation(object): @@ -222,13 +219,11 @@ def list_elbs(self): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( names={'default': [], 'type': 'list', 'elements': 'str'} ) - ) - module = AnsibleModule(argument_spec=argument_spec, - supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, + supports_check_mode=True) if module._name == 'ec2_elb_facts': module.deprecate("The 'ec2_elb_facts' module has been renamed to 'ec2_elb_info'", date='2021-12-01', collection_name='community.aws') diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index c9820a58f59..707df983c1b 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -496,18 +496,15 @@ try: import boto3 from botocore.exceptions import ClientError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_filter_list, - boto3_conn, - boto3_tag_list_to_ansible_dict, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_ec2_instances(connection, module): @@ -538,26 +535,21 @@ def list_ec2_instances(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - instance_ids=dict(default=[], type='list', elements='str'), - filters=dict(default={}, type='dict') - ) + argument_spec = dict( + instance_ids=dict(default=[], type='list', elements='str'), + filters=dict(default={}, type='dict') ) - module = AnsibleModule(argument_spec=argument_spec, - mutually_exclusive=[ - ['instance_ids', 'filters'] - ], - supports_check_mode=True - ) + module = AnsibleAWSModule( + argument_spec=argument_spec, + mutually_exclusive=[ + ['instance_ids', 'filters'] + ], + supports_check_mode=True, + ) if module._name == 'ec2_instance_facts': module.deprecate("The 'ec2_instance_facts' module has been renamed to 'ec2_instance_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index 813bfe04cb4..59d2ec4cd7e 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -449,22 +449,21 @@ import traceback -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (get_aws_connection_info, - ec2_argument_spec, - ec2_connect, - camel_dict_to_snake_dict, - get_ec2_security_group_ids_from_names, - boto3_conn, - snake_dict_to_camel_dict, - HAS_BOTO3, - ) -from ansible.module_utils._text import to_text -from ansible.module_utils.basic import AnsibleModule try: import botocore except ImportError: - pass + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_text + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_connect +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_ec2_security_group_ids_from_names +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict def create_block_device_meta(module, volume): @@ -650,42 +649,36 @@ def delete_launch_config(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=True), - image_id=dict(), - instance_id=dict(), - key_name=dict(), - security_groups=dict(default=[], type='list', elements='str'), - user_data=dict(), - user_data_path=dict(type='path'), - kernel_id=dict(), - volumes=dict(type='list', elements='dict'), - instance_type=dict(), - state=dict(default='present', choices=['present', 'absent']), - spot_price=dict(type='float'), - ramdisk_id=dict(), - instance_profile_name=dict(), - ebs_optimized=dict(default=False, type='bool'), - associate_public_ip_address=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), - instance_monitoring=dict(default=False, type='bool'), - assign_public_ip=dict(type='bool'), - classic_link_vpc_security_groups=dict(type='list', elements='str'), - classic_link_vpc_id=dict(), - vpc_id=dict(), - placement_tenancy=dict(choices=['default', 'dedicated']) - ) + argument_spec = dict( + name=dict(required=True), + image_id=dict(), + instance_id=dict(), + key_name=dict(), + security_groups=dict(default=[], type='list', elements='str'), + user_data=dict(), + user_data_path=dict(type='path'), + kernel_id=dict(), + volumes=dict(type='list', elements='dict'), + instance_type=dict(), + state=dict(default='present', choices=['present', 'absent']), + spot_price=dict(type='float'), + ramdisk_id=dict(), + instance_profile_name=dict(), + ebs_optimized=dict(default=False, type='bool'), + associate_public_ip_address=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), + instance_monitoring=dict(default=False, type='bool'), + assign_public_ip=dict(type='bool'), + classic_link_vpc_security_groups=dict(type='list', elements='str'), + classic_link_vpc_id=dict(), + vpc_id=dict(), + placement_tenancy=dict(choices=['default', 'dedicated']) ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, - mutually_exclusive=[['user_data', 'user_data_path']] + mutually_exclusive=[['user_data', 'user_data_path']], ) - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='autoscaling', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/ec2_lc_find.py b/plugins/modules/ec2_lc_find.py index 700c84610c5..e2a31cef47c 100644 --- a/plugins/modules/ec2_lc_find.py +++ b/plugins/modules/ec2_lc_find.py @@ -137,8 +137,9 @@ ''' import re -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def find_launch_configs(client, module): @@ -191,15 +192,13 @@ def find_launch_configs(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( name_regex=dict(required=True), sort_order=dict(required=False, default='ascending', choices=['ascending', 'descending']), limit=dict(required=False, type='int'), ) - ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, ) diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index d3e46cc298e..8ddc71083e9 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -154,17 +154,13 @@ try: import boto3 from botocore.exceptions import ClientError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_launch_configs(connection, module): @@ -203,26 +199,20 @@ def list_launch_configs(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=False, default=[], type='list', elements='str'), - sort=dict(required=False, default=None, - choices=['launch_configuration_name', 'image_id', 'created_time', 'instance_type', 'kernel_id', 'ramdisk_id', 'key_name']), - sort_order=dict(required=False, default='ascending', - choices=['ascending', 'descending']), - sort_start=dict(required=False, type='int'), - sort_end=dict(required=False, type='int'), - ) + argument_spec = dict( + name=dict(required=False, default=[], type='list', elements='str'), + sort=dict(required=False, default=None, + choices=['launch_configuration_name', 'image_id', 'created_time', 'instance_type', 'kernel_id', 'ramdisk_id', 'key_name']), + sort_order=dict(required=False, default='ascending', + choices=['ascending', 'descending']), + sort_start=dict(required=False, type='int'), + sort_end=dict(required=False, type='int'), ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec) if module._name == 'ec2_lc_facts': module.deprecate("The 'ec2_lc_facts' module has been renamed to 'ec2_lc_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/ec2_scaling_policy.py b/plugins/modules/ec2_scaling_policy.py index 141731199d9..0b3eca1c3a1 100644 --- a/plugins/modules/ec2_scaling_policy.py +++ b/plugins/modules/ec2_scaling_policy.py @@ -74,13 +74,11 @@ except ImportError: pass # Taken care of by ec2.HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AnsibleAWSError, - HAS_BOTO, - connect_to_aws, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def create_scaling_policy(connection, module): @@ -156,20 +154,17 @@ def delete_scaling_policy(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=True, type='str'), - adjustment_type=dict(type='str', choices=['ChangeInCapacity', 'ExactCapacity', 'PercentChangeInCapacity']), - asg_name=dict(required=True, type='str'), - scaling_adjustment=dict(type='int'), - min_adjustment_step=dict(type='int'), - cooldown=dict(type='int'), - state=dict(default='present', choices=['present', 'absent']), - ) + argument_spec = dict( + name=dict(required=True, type='str'), + adjustment_type=dict(type='str', choices=['ChangeInCapacity', 'ExactCapacity', 'PercentChangeInCapacity']), + asg_name=dict(required=True, type='str'), + scaling_adjustment=dict(type='int'), + min_adjustment_step=dict(type='int'), + cooldown=dict(type='int'), + state=dict(default='present', choices=['present', 'absent']), ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False) if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 65ee1c980f5..25101cbac17 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -110,23 +110,26 @@ ''' import traceback -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, ec2_argument_spec, get_aws_connection_info, camel_dict_to_snake_dict) -from ansible.module_utils._text import to_native try: import boto3 from botocore.exceptions import ClientError, WaiterError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def copy_snapshot(module, ec2): """ Copies an EC2 Snapshot to another region - module : AnsibleModule object + module : AnsibleAWSModule object ec2: ec2 connection object """ @@ -168,8 +171,7 @@ def copy_snapshot(module, ec2): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( source_region=dict(required=True), source_snapshot_id=dict(required=True), description=dict(default=''), @@ -177,12 +179,10 @@ def main(): kms_key_id=dict(type='str', required=False), wait=dict(type='bool', default=False), wait_timeout=dict(type='int', default=600), - tags=dict(type='dict'))) - - module = AnsibleModule(argument_spec=argument_spec) + tags=dict(type='dict'), + ) - if not HAS_BOTO3: - module.fail_json(msg='botocore and boto3 are required.') + module = AnsibleAWSModule(argument_spec=argument_spec) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) client = boto3_conn(module, conn_type='client', resource='ec2', diff --git a/plugins/modules/ec2_vpc_egress_igw.py b/plugins/modules/ec2_vpc_egress_igw.py index b2f481b86dd..d462696d0af 100644 --- a/plugins/modules/ec2_vpc_egress_igw.py +++ b/plugins/modules/ec2_vpc_egress_igw.py @@ -71,7 +71,7 @@ def delete_eigw(module, conn, eigw_id): """ Delete EIGW. - module : AnsibleModule object + module : AnsibleAWSModule object conn : boto3 client connection object eigw_id : ID of the EIGW to delete """ @@ -99,7 +99,7 @@ def create_eigw(module, conn, vpc_id): """ Create EIGW. - module : AnsibleModule object + module : AnsibleAWSModule object conn : boto3 client connection object vpc_id : ID of the VPC we are operating on """ @@ -139,7 +139,7 @@ def describe_eigws(module, conn, vpc_id): """ Describe EIGWs. - module : AnsibleModule object + module : AnsibleAWSModule object conn : boto3 client connection object vpc_id : ID of the VPC we are operating on """ diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 833e64ae1db..e4e98fb4067 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -183,17 +183,15 @@ try: import botocore except ImportError: - pass # will be picked up by imported HAS_BOTO3 - -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (get_aws_connection_info, - boto3_conn, - ec2_argument_spec, - HAS_BOTO3, - camel_dict_to_snake_dict, - ) + pass # Handled by AnsibleAWSModule + from ansible.module_utils.six import string_types +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict + def date_handler(obj): return obj.isoformat() if hasattr(obj, 'isoformat') else obj @@ -335,35 +333,29 @@ def setup_removal(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - vpc_id=dict(), - service=dict(), - policy=dict(type='json'), - policy_file=dict(type='path', aliases=['policy_path']), - state=dict(default='present', choices=['present', 'absent']), - wait=dict(type='bool', default=False), - wait_timeout=dict(type='int', default=320, required=False), - route_table_ids=dict(type='list', elements='str'), - vpc_endpoint_id=dict(), - client_token=dict(), - ) + argument_spec = dict( + vpc_id=dict(), + service=dict(), + policy=dict(type='json'), + policy_file=dict(type='path', aliases=['policy_path']), + state=dict(default='present', choices=['present', 'absent']), + wait=dict(type='bool', default=False), + wait_timeout=dict(type='int', default=320, required=False), + route_table_ids=dict(type='list', elements='str'), + vpc_endpoint_id=dict(), + client_token=dict(), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[['policy', 'policy_file']], required_if=[ ['state', 'present', ['vpc_id', 'service']], ['state', 'absent', ['vpc_endpoint_id']], - ] + ], ) # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='botocore and boto3 are required for this module') - state = module.params.get('state') try: diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index eeb7a7d80d1..a48b886a179 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -111,17 +111,14 @@ try: import botocore except ImportError: - pass # will be picked up from imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ec2_argument_spec, - boto3_conn, - get_aws_connection_info, - ansible_dict_to_boto3_filter_list, - HAS_BOTO3, - camel_dict_to_snake_dict, - AWSRetry, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry def date_handler(obj): @@ -164,23 +161,17 @@ def get_endpoints(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - query=dict(choices=['services', 'endpoints'], required=True), - filters=dict(default={}, type='dict'), - vpc_endpoint_ids=dict(type='list', elements='str'), - ) + argument_spec = dict( + query=dict(choices=['services', 'endpoints'], required=True), + filters=dict(default={}, type='dict'), + vpc_endpoint_ids=dict(type='list', elements='str'), ) - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_endpoint_facts': module.deprecate("The 'ec2_vpc_endpoint_facts' module has been renamed to 'ec2_vpc_endpoint_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='botocore and boto3 are required.') - try: region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index 2d8244f1282..9cca904fa7e 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -91,16 +91,13 @@ try: import botocore except ImportError: - pass # will be captured by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ec2_argument_spec, - get_aws_connection_info, - boto3_conn, - camel_dict_to_snake_dict, - ansible_dict_to_boto3_filter_list, - HAS_BOTO3, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list def get_internet_gateway_info(internet_gateway): @@ -128,22 +125,16 @@ def list_internet_gateways(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - filters=dict(type='dict', default=dict()), - internet_gateway_ids=dict(type='list', default=None, elements='str') - ) + argument_spec = dict( + filters=dict(type='dict', default=dict()), + internet_gateway_ids=dict(type='list', default=None, elements='str'), ) - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_igw_facts': module.deprecate("The 'ec2_vpc_igw_facts' module has been renamed to 'ec2_vpc_igw_info'", date='2021-12-01', collection_name='community.aws') # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='botocore and boto3 are required.') - try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 4272dc648c4..2216ffe2276 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -202,15 +202,12 @@ try: import botocore except ImportError: - pass # caught by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ec2_argument_spec, - get_aws_connection_info, - boto3_conn, - camel_dict_to_snake_dict, - HAS_BOTO3, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict DRY_RUN_GATEWAYS = [ @@ -933,35 +930,28 @@ def remove(client, nat_gateway_id, wait=False, wait_timeout=0, def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - subnet_id=dict(type='str'), - eip_address=dict(type='str'), - allocation_id=dict(type='str'), - if_exist_do_not_create=dict(type='bool', default=False), - state=dict(default='present', choices=['present', 'absent']), - wait=dict(type='bool', default=False), - wait_timeout=dict(type='int', default=320, required=False), - release_eip=dict(type='bool', default=False), - nat_gateway_id=dict(type='str'), - client_token=dict(type='str'), - ) + argument_spec = dict( + subnet_id=dict(type='str'), + eip_address=dict(type='str'), + allocation_id=dict(type='str'), + if_exist_do_not_create=dict(type='bool', default=False), + state=dict(default='present', choices=['present', 'absent']), + wait=dict(type='bool', default=False), + wait_timeout=dict(type='int', default=320, required=False), + release_eip=dict(type='bool', default=False), + nat_gateway_id=dict(type='str'), + client_token=dict(type='str'), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[ ['allocation_id', 'eip_address'] ], required_if=[['state', 'absent', ['nat_gateway_id']], - ['state', 'present', ['subnet_id']]] + ['state', 'present', ['subnet_id']]], ) - # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='botocore/boto3 is required.') - state = module.params.get('state').lower() check_mode = module.check_mode subnet_id = module.params.get('subnet_id') diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index f076d38a833..7f49c708857 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -81,17 +81,14 @@ try: import botocore except ImportError: - pass # will be detected by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ec2_argument_spec, - get_aws_connection_info, - boto3_conn, - camel_dict_to_snake_dict, - ansible_dict_to_boto3_filter_list, - boto3_tag_list_to_ansible_dict, - HAS_BOTO3, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict def date_handler(obj): @@ -123,24 +120,17 @@ def get_nat_gateways(client, module, nat_gateway_id=None): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - filters=dict(default={}, type='dict'), - nat_gateway_ids=dict(default=[], type='list', elements='str'), - ) + argument_spec = dict( + filters=dict(default={}, type='dict'), + nat_gateway_ids=dict(default=[], type='list', elements='str'), ) - module = AnsibleModule(argument_spec=argument_spec, - supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, + supports_check_mode=True,) if module._name == 'ec2_vpc_nat_gateway_facts': module.deprecate("The 'ec2_vpc_nat_gateway_facts' module has been renamed to 'ec2_vpc_nat_gateway_info'", date='2021-12-01', collection_name='community.aws') - # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='botocore/boto3 is required.') - try: region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 99c8139b6a4..9b74a5f2c3f 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -219,13 +219,14 @@ try: import botocore except ImportError: - pass # caught by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule import distutils.version import traceback -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info, HAS_BOTO3 +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code @@ -392,17 +393,14 @@ def find_pcx_by_id(pcx_id, client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - vpc_id=dict(), - peer_vpc_id=dict(), - peer_region=dict(), - peering_id=dict(), - peer_owner_id=dict(), - tags=dict(required=False, type='dict'), - state=dict(default='present', choices=['present', 'absent', 'accept', 'reject']) - ) + argument_spec = dict( + vpc_id=dict(), + peer_vpc_id=dict(), + peer_region=dict(), + peering_id=dict(), + peer_owner_id=dict(), + tags=dict(required=False, type='dict'), + state=dict(default='present', choices=['present', 'absent', 'accept', 'reject']), ) required_if = [ ('state', 'present', ['vpc_id', 'peer_vpc_id']), @@ -410,10 +408,8 @@ def main(): ('state', 'reject', ['peering_id']) ] - module = AnsibleModule(argument_spec=argument_spec, required_if=required_if) + module = AnsibleAWSModule(argument_spec=argument_spec, required_if=required_if) - if not HAS_BOTO3: - module.fail_json(msg='json, botocore and boto3 are required.') state = module.params.get('state') peering_id = module.params.get('peering_id') vpc_id = module.params.get('vpc_id') diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index cffcf6f9aed..acd5aed83e1 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -72,17 +72,14 @@ try: import botocore except ImportError: - pass # will be picked up by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_tag_list_to_ansible_dict, - ec2_argument_spec, - boto3_conn, - get_aws_connection_info, - ansible_dict_to_boto3_filter_list, - HAS_BOTO3, - camel_dict_to_snake_dict, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def date_handler(obj): @@ -103,23 +100,16 @@ def get_vpc_peers(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - filters=dict(default=dict(), type='dict'), - peer_connection_ids=dict(default=None, type='list', elements='str'), - ) + argument_spec = dict( + filters=dict(default=dict(), type='dict'), + peer_connection_ids=dict(default=None, type='list', elements='str'), ) - module = AnsibleModule(argument_spec=argument_spec, - supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, + supports_check_mode=True,) if module._name == 'ec2_vpc_peering_facts': module.deprecate("The 'ec2_vpc_peering_facts' module has been renamed to 'ec2_vpc_peering_info'", date='2021-12-01', collection_name='community.aws') - # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='botocore and boto3 are required.') - try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) except NameError as e: diff --git a/plugins/modules/ec2_vpc_route_table_info.py b/plugins/modules/ec2_vpc_route_table_info.py index 8af3935bd36..1b8dc09c6c5 100644 --- a/plugins/modules/ec2_vpc_route_table_info.py +++ b/plugins/modules/ec2_vpc_route_table_info.py @@ -53,12 +53,14 @@ try: import boto.vpc from boto.exception import BotoServerError - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError, connect_to_aws, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO def get_route_table_info(route_table): @@ -98,15 +100,12 @@ def list_ec2_vpc_route_tables(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - filters=dict(default=None, type='dict') - ) + argument_spec = dict( + filters=dict(default=None, type='dict'), ) - module = AnsibleModule(argument_spec=argument_spec, - supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, + supports_check_mode=True) if module._name == 'ec2_vpc_route_table_facts': module.deprecate("The 'ec2_vpc_route_table_facts' module has been renamed to 'ec2_vpc_route_table_info'", date='2021-12-01', collection_name='community.aws') diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index 1ce3df5672e..b44d36c1142 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -117,15 +117,17 @@ try: import botocore import boto3 - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3, boto3_conn, ec2_argument_spec, get_aws_connection_info, AWSRetry -from ansible.module_utils._text import to_native def get_vgw_info(vgws): @@ -539,8 +541,7 @@ def ensure_vgw_absent(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(default='present', choices=['present', 'absent']), name=dict(), vpn_gateway_id=dict(), @@ -550,12 +551,8 @@ def main(): type=dict(default='ipsec.1', choices=['ipsec.1']), tags=dict(default=None, required=False, type='dict', aliases=['resource_tags']), ) - ) - module = AnsibleModule(argument_spec=argument_spec, - required_if=[['state', 'present', ['name']]]) - - if not HAS_BOTO3: - module.fail_json(msg='json and boto3 is required.') + module = AnsibleAWSModule(argument_spec=argument_spec, + required_if=[['state', 'present', ['name']]]) state = module.params.get('state').lower() diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index 43a5c2f8c4e..4c8f0af1c28 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -94,16 +94,13 @@ try: import botocore except ImportError: - pass # will be captured by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ec2_argument_spec, - get_aws_connection_info, - boto3_conn, - camel_dict_to_snake_dict, - ansible_dict_to_boto3_filter_list, - HAS_BOTO3, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list def get_virtual_gateway_info(virtual_gateway): @@ -134,22 +131,15 @@ def list_virtual_gateways(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - filters=dict(type='dict', default=dict()), - vpn_gateway_ids=dict(type='list', default=None, elements='str') - ) + argument_spec = dict( + filters=dict(type='dict', default=dict()), + vpn_gateway_ids=dict(type='list', default=None, elements='str') ) - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) + module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_vgw_facts': module.deprecate("The 'ec2_vpc_vgw_facts' module has been renamed to 'ec2_vpc_vgw_info'", date='2021-12-01', collection_name='community.aws') - # Validate Requirements - if not HAS_BOTO3: - module.fail_json(msg='json and boto3 is required.') - try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index e42fa09e35a..8f46da5602d 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -111,14 +111,15 @@ except ImportError: HAS_CRYPTOGRAPHY = False -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO, ec2_argument_spec, ec2_connect from ansible.module_utils._text import to_bytes +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_connect + def setup_module_object(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( instance_id=dict(required=True), key_file=dict(required=False, default=None, type='path'), key_passphrase=dict(no_log=True, default=None, required=False), @@ -126,7 +127,6 @@ def setup_module_object(): wait=dict(type='bool', default=False, required=False), wait_timeout=dict(default=120, required=False, type='int'), ) - ) module = AnsibleAWSModule(argument_spec=argument_spec) return module diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index db9de79b480..d96e81dd000 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -113,12 +113,12 @@ try: import boto3 from botocore.exceptions import ClientError, EndpointConnectionError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class EcsAttributes(object): @@ -254,21 +254,20 @@ def attrs_get_by_name(self, attrs): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=False, default='present', choices=['present', 'absent']), cluster=dict(required=True, type='str'), ec2_instance_id=dict(required=True, type='str'), attributes=dict(required=True, type='list', elements='dict'), - )) + ) required_together = [['cluster', 'ec2_instance_id', 'attributes']] - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True, - required_together=required_together) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_together=required_together, + ) cluster = module.params['cluster'] ec2_instance_id = module.params['ec2_instance_id'] diff --git a/plugins/modules/ecs_cluster.py b/plugins/modules/ecs_cluster.py index 12d453f6ae9..eb68b933ce3 100644 --- a/plugins/modules/ecs_cluster.py +++ b/plugins/modules/ecs_cluster.py @@ -107,12 +107,12 @@ try: import boto3 - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class EcsClusterManager: @@ -157,19 +157,19 @@ def delete_cluster(self, clusterName): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent', 'has_instances']), name=dict(required=True, type='str'), delay=dict(required=False, type='int', default=10), repeat=dict(required=False, type='int', default=10) - )) + ) required_together = [['state', 'name']] - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True, required_together=required_together) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_together=required_together, + ) cluster_mgr = EcsClusterManager(module) try: diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index a1e0f88be89..b74dce611e2 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -128,19 +128,17 @@ """ from time import sleep from traceback import format_exc -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ec2_argument_spec, - get_aws_connection_info, - boto3_conn, - HAS_BOTO3, - camel_dict_to_snake_dict, - ) try: import boto3 import botocore except ImportError: - pass # will be detected by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict class ElastiCacheManager(object): @@ -485,8 +483,7 @@ def _get_nodes_to_remove(self): def main(): """ elasticache ansible module """ - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent', 'rebooted']), name=dict(required=True), engine=dict(default='memcached'), @@ -501,16 +498,13 @@ def main(): security_group_ids=dict(default=[], type='list', elements='str'), zone=dict(), wait=dict(default=True, type='bool'), - hard_modify=dict(type='bool') - )) + hard_modify=dict(type='bool'), + ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, ) - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module) name = module.params['name'] diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index 95dacf52b23..b30a00bfacd 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -105,19 +105,22 @@ changed: true """ -# import module snippets -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, get_aws_connection_info, ec2_argument_spec, camel_dict_to_snake_dict -from ansible.module_utils._text import to_text -from ansible.module_utils.six import string_types import traceback try: import boto3 import botocore - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_text +from ansible.module_utils.six import string_types + +# import module snippets +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def create(module, conn, name, group_family, description): @@ -275,20 +278,14 @@ def get_info(conn, name): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - group_family=dict(type='str', choices=['memcached1.4', 'memcached1.5', 'redis2.6', 'redis2.8', 'redis3.2', 'redis4.0', 'redis5.0']), - name=dict(required=True, type='str'), - description=dict(default='', type='str'), - state=dict(required=True, choices=['present', 'absent', 'reset']), - values=dict(type='dict'), - ) + argument_spec = dict( + group_family=dict(type='str', choices=['memcached1.4', 'memcached1.5', 'redis2.6', 'redis2.8', 'redis3.2', 'redis4.0', 'redis5.0']), + name=dict(required=True, type='str'), + description=dict(default='', type='str'), + state=dict(required=True, choices=['present', 'absent', 'reset']), + values=dict(type='dict'), ) - module = AnsibleModule(argument_spec=argument_spec) - - if not HAS_BOTO3: - module.fail_json(msg='boto required for this module') + module = AnsibleAWSModule(argument_spec=argument_spec) parameter_group_family = module.params.get('group_family') parameter_group_name = module.params.get('name') diff --git a/plugins/modules/elasticache_snapshot.py b/plugins/modules/elasticache_snapshot.py index 9f65d6081f0..373654d99fa 100644 --- a/plugins/modules/elasticache_snapshot.py +++ b/plugins/modules/elasticache_snapshot.py @@ -116,12 +116,13 @@ try: import boto3 import botocore - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, get_aws_connection_info, ec2_argument_spec, camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def create(module, connection, replication_id, cluster_id, name): @@ -170,22 +171,16 @@ def delete(module, connection, name): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=True, type='str'), - state=dict(required=True, type='str', choices=['present', 'absent', 'copy']), - replication_id=dict(type='str'), - cluster_id=dict(type='str'), - target=dict(type='str'), - bucket=dict(type='str'), - ) + argument_spec = dict( + name=dict(required=True, type='str'), + state=dict(required=True, type='str', choices=['present', 'absent', 'copy']), + replication_id=dict(type='str'), + cluster_id=dict(type='str'), + target=dict(type='str'), + bucket=dict(type='str'), ) - module = AnsibleModule(argument_spec=argument_spec) - - if not HAS_BOTO3: - module.fail_json(msg='boto required for this module') + module = AnsibleAWSModule(argument_spec=argument_spec) name = module.params.get('name') state = module.params.get('state') diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py index 29e7afa65d3..15cbd596843 100644 --- a/plugins/modules/elasticache_subnet_group.py +++ b/plugins/modules/elasticache_subnet_group.py @@ -61,24 +61,22 @@ import boto from boto.elasticache import connect_to_region from boto.exception import BotoServerError - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent']), name=dict(required=True), description=dict(required=False), subnets=dict(required=False, type='list', elements='str'), ) - ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False) if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index 796803d8c2f..ef02d59e54f 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -167,17 +167,14 @@ try: import boto3 from botocore.exceptions import ClientError, NoCredentialsError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, - boto3_tag_list_to_ansible_dict, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_elb_listeners(connection, module, elb_arn): @@ -263,25 +260,20 @@ def list_load_balancers(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - load_balancer_arns=dict(type='list', elements='str'), - names=dict(type='list', elements='str') - ) + argument_spec = dict( + load_balancer_arns=dict(type='list', elements='str'), + names=dict(type='list', elements='str') ) - module = AnsibleModule(argument_spec=argument_spec, - mutually_exclusive=[['load_balancer_arns', 'names']], - supports_check_mode=True - ) + module = AnsibleAWSModule( + argument_spec=argument_spec, + mutually_exclusive=[['load_balancer_arns', 'names']], + supports_check_mode=True, + ) if module._name == 'elb_application_lb_facts': module.deprecate("The 'elb_application_lb_facts' module has been renamed to 'elb_application_lb_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index 9c5f1641677..52aee159373 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -372,15 +372,18 @@ import boto.vpc from boto.ec2.elb.healthcheck import HealthCheck from boto.ec2.tag import Tag - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_argument_spec, connect_to_aws, AnsibleAWSError, get_aws_connection_info from ansible.module_utils.six import string_types from ansible.module_utils._text import to_native +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO + def _throttleable_operation(max_retries): def _operation_wrapper(op): @@ -1223,8 +1226,7 @@ def _get_health_check_target(self): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state={'required': True, 'choices': ['present', 'absent']}, name={'required': True}, listeners={'default': None, 'required': False, 'type': 'list', 'elements': 'dict'}, @@ -1246,13 +1248,13 @@ def main(): access_logs={'default': None, 'required': False, 'type': 'dict'}, wait={'default': False, 'type': 'bool', 'required': False}, wait_timeout={'default': 60, 'type': 'int', 'required': False}, - tags={'default': None, 'required': False, 'type': 'dict'} - ) + tags={'default': None, 'required': False, 'type': 'dict'}, ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, - mutually_exclusive=[['security_group_ids', 'security_group_names']] + mutually_exclusive=[['security_group_ids', 'security_group_names']], + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/elb_instance.py b/plugins/modules/elb_instance.py index 187f6bee136..fe10d6cd8dc 100644 --- a/plugins/modules/elb_instance.py +++ b/plugins/modules/elb_instance.py @@ -91,17 +91,14 @@ import boto.ec2.autoscale import boto.ec2.elb from boto.regioninfo import RegionInfo - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AnsibleAWSError, - HAS_BOTO, - connect_to_aws, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class ElbManager: @@ -316,20 +313,19 @@ def _get_instance(self): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state={'required': True, 'choices': ['present', 'absent']}, instance_id={'required': True}, ec2_elbs={'default': None, 'required': False, 'type': 'list', 'elements': 'str'}, enable_availability_zone={'default': True, 'required': False, 'type': 'bool'}, wait={'required': False, 'default': True, 'type': 'bool'}, - wait_timeout={'required': False, 'default': 0, 'type': 'int'} - ) + wait_timeout={'required': False, 'default': 0, 'type': 'int'}, ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, - supports_check_mode=True + supports_check_mode=True, + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index b47de9f457d..3e001eccdac 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -110,21 +110,20 @@ import traceback from time import time, sleep -from ansible.module_utils._text import to_native -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - AWSRetry, - ) try: import boto3 from botocore.exceptions import ClientError, BotoCoreError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry @AWSRetry.jittered_backoff(retries=10, delay=10, catch_extra_error_codes=['TargetGroupNotFound']) @@ -318,27 +317,22 @@ def target_status_check(connection, module, target_group_arn, target, target_sta def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - deregister_unused=dict(type='bool', default=False), - target_az=dict(type='str'), - target_group_arn=dict(type='str'), - target_group_name=dict(type='str'), - target_id=dict(type='str', required=True), - target_port=dict(type='int'), - target_status=dict(choices=['initial', 'healthy', 'unhealthy', 'unused', 'draining', 'unavailable'], type='str'), - target_status_timeout=dict(type='int', default=60), - state=dict(required=True, choices=['present', 'absent'], type='str'), - ) + argument_spec = dict( + deregister_unused=dict(type='bool', default=False), + target_az=dict(type='str'), + target_group_arn=dict(type='str'), + target_group_name=dict(type='str'), + target_id=dict(type='str', required=True), + target_port=dict(type='int'), + target_status=dict(choices=['initial', 'healthy', 'unhealthy', 'unused', 'draining', 'unavailable'], type='str'), + target_status_timeout=dict(type='int', default=60), + state=dict(required=True, choices=['present', 'absent'], type='str'), ) - module = AnsibleModule(argument_spec=argument_spec, - mutually_exclusive=[['target_group_arn', 'target_group_name']] - ) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') + module = AnsibleAWSModule( + argument_spec=argument_spec, + mutually_exclusive=[['target_group_arn', 'target_group_name']], + ) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) connection = boto3_conn(module, conn_type='client', resource='elbv2', region=region, endpoint=ec2_url, **aws_connect_params) diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 7ab462c26a7..88f670f8e04 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -212,17 +212,14 @@ try: import boto3 from botocore.exceptions import ClientError, NoCredentialsError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, - boto3_tag_list_to_ansible_dict, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_target_group_attributes(connection, module, target_group_arn): @@ -297,26 +294,21 @@ def list_target_groups(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - load_balancer_arn=dict(type='str'), - target_group_arns=dict(type='list', elements='str'), - names=dict(type='list', elements='str'), - collect_targets_health=dict(default=False, type='bool', required=False) - ) + argument_spec = dict( + load_balancer_arn=dict(type='str'), + target_group_arns=dict(type='list', elements='str'), + names=dict(type='list', elements='str'), + collect_targets_health=dict(default=False, type='bool', required=False), ) - module = AnsibleModule(argument_spec=argument_spec, - mutually_exclusive=[['load_balancer_arn', 'target_group_arns', 'names']], - supports_check_mode=True - ) + module = AnsibleAWSModule( + argument_spec=argument_spec, + mutually_exclusive=[['load_balancer_arn', 'target_group_arns', 'names']], + supports_check_mode=True, + ) if module._name == 'elb_target_group_facts': module.deprecate("The 'elb_target_group_facts' module has been renamed to 'elb_target_group_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) if region: diff --git a/plugins/modules/execute_lambda.py b/plugins/modules/execute_lambda.py index 5e789e009ba..c1372dfaf22 100644 --- a/plugins/modules/execute_lambda.py +++ b/plugins/modules/execute_lambda.py @@ -133,18 +133,18 @@ try: import botocore - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info from ansible.module_utils._text import to_native +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info + def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( name=dict(), function_arn=dict(), wait=dict(default=True, type='bool'), @@ -152,8 +152,8 @@ def main(): dry_run=dict(default=False, type='bool'), version_qualifier=dict(), payload=dict(default={}, type='dict'), - )) - module = AnsibleModule( + ) + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[ @@ -161,9 +161,6 @@ def main(): ] ) - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - name = module.params.get('name') function_arn = module.params.get('function_arn') await_return = module.params.get('wait') @@ -172,13 +169,10 @@ def main(): version_qualifier = module.params.get('version_qualifier') payload = module.params.get('payload') - if not HAS_BOTO3: - module.fail_json(msg='Python module "boto3" is missing, please install it') - if not (name or function_arn): module.fail_json(msg="Must provide either a function_arn or a name to invoke.") - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=HAS_BOTO3) + region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if not region: module.fail_json(msg="The AWS region must be specified as an " "environment variable or in the AWS credentials " diff --git a/plugins/modules/iam.py b/plugins/modules/iam.py index b4c1bcb68d7..eee782c1b1f 100644 --- a/plugins/modules/iam.py +++ b/plugins/modules/iam.py @@ -184,13 +184,11 @@ except ImportError: pass # Taken care of by ec2.HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO, - boto_exception, - connect_to_aws, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def _paginate(func, attr): @@ -619,8 +617,7 @@ def delete_role(module, iam, name, role_list, prof_list): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( iam_type=dict(required=True, choices=['user', 'group', 'role']), groups=dict(type='list', default=None, required=False, elements='str'), state=dict(required=True, choices=['present', 'absent', 'update']), @@ -636,13 +633,13 @@ def main(): trust_policy=dict(type='dict', default=None, required=False), new_name=dict(default=None, required=False), path=dict(default='/', required=False), - new_path=dict(default=None, required=False) - ) + new_path=dict(default=None, required=False), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=[['trust_policy', 'trust_policy_filepath']], + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/iam_cert.py b/plugins/modules/iam_cert.py index 2aad121ea77..8ad5bb88b33 100644 --- a/plugins/modules/iam_cert.py +++ b/plugins/modules/iam_cert.py @@ -116,17 +116,19 @@ state: present ''' -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_argument_spec, get_aws_connection_info, connect_to_aws import os try: import boto import boto.iam import boto.ec2 - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO def cert_meta(iam, name): @@ -239,8 +241,7 @@ def load_data(cert, key, cert_chain): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent']), name=dict(required=True), cert=dict(), @@ -249,11 +250,10 @@ def main(): new_name=dict(), path=dict(default='/'), new_path=dict(), - dup_ok=dict(type='bool') - ) + dup_ok=dict(type='bool'), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=[ ['new_path', 'key'], @@ -263,6 +263,7 @@ def main(): ['new_name', 'cert'], ['new_name', 'cert_chain'], ], + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 3b1adece098..552b93b1b23 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -135,19 +135,17 @@ try: import botocore except ImportError: - pass # caught by imported HAS_BOTO3 - -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (boto3_conn, - get_aws_connection_info, - ec2_argument_spec, - AWSRetry, - camel_dict_to_snake_dict, - HAS_BOTO3, - compare_policies, - ) + pass # Handled by AnsibleAWSModule + from ansible.module_utils._text import to_native +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies + @AWSRetry.backoff(tries=5, delay=5, backoff=2.0) def list_policies_with_backoff(iam): @@ -296,8 +294,7 @@ def detach_all_entities(module, iam, policy, **kwargs): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( policy_name=dict(required=True), policy_description=dict(default=''), policy=dict(type='json'), @@ -305,16 +302,13 @@ def main(): only_version=dict(type='bool', default=False), fail_on_delete=dict(type='bool', removed_at_date='2022-06-01', removed_from_collection='community.aws'), state=dict(default='present', choices=['present', 'absent']), - )) + ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, - required_if=[['state', 'present', ['policy']]] + required_if=[['state', 'present', ['policy']]], ) - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required for this module') - name = module.params.get('policy_name') description = module.params.get('policy_description') state = module.params.get('state') diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index f8c37a91acf..727242751a6 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -63,17 +63,13 @@ try: import boto3 from botocore.exceptions import ClientError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_mfa_devices(connection, module): @@ -92,20 +88,14 @@ def list_mfa_devices(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - user_name=dict(required=False, default=None) - ) + argument_spec = dict( + user_name=dict(required=False, default=None), ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec) if module._name == 'iam_mfa_device_facts': module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if region: connection = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/iam_server_certificate_info.py b/plugins/modules/iam_server_certificate_info.py index d57ef77ca86..9b41aa3bab8 100644 --- a/plugins/modules/iam_server_certificate_info.py +++ b/plugins/modules/iam_server_certificate_info.py @@ -82,12 +82,12 @@ try: import boto3 import botocore.exceptions - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_server_certs(iam, name=None): @@ -141,19 +141,15 @@ def get_server_certs(iam, name=None): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( name=dict(type='str'), - )) + ) - module = AnsibleModule(argument_spec=argument_spec,) + module = AnsibleAWSModule(argument_spec=argument_spec,) if module._name == 'iam_server_certificate_facts': module.deprecate("The 'iam_server_certificate_facts' module has been renamed to 'iam_server_certificate_info'", date='2021-12-01', collection_name='community.aws') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - try: region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) iam = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) diff --git a/plugins/modules/kinesis_stream.py b/plugins/modules/kinesis_stream.py index c3142137c1b..c16adbea3c2 100644 --- a/plugins/modules/kinesis_stream.py +++ b/plugins/modules/kinesis_stream.py @@ -187,12 +187,14 @@ try: import botocore.exceptions except ImportError: - pass # Taken care of by ec2.HAS_BOTO3 + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3, boto3_conn, ec2_argument_spec, get_aws_connection_info from ansible.module_utils._text import to_native +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info + def convert_to_lower(data): """Convert all uppercase keys in dict with lowercase_ @@ -1325,22 +1327,19 @@ def stop_stream_encryption(client, stream_name, encryption_type='', key_id='', def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=True), - shards=dict(default=None, required=False, type='int'), - retention_period=dict(default=None, required=False, type='int'), - tags=dict(default=None, required=False, type='dict', aliases=['resource_tags']), - wait=dict(default=True, required=False, type='bool'), - wait_timeout=dict(default=300, required=False, type='int'), - state=dict(default='present', choices=['present', 'absent']), - encryption_type=dict(required=False, choices=['NONE', 'KMS']), - key_id=dict(required=False, type='str'), - encryption_state=dict(required=False, choices=['enabled', 'disabled']), - ) + argument_spec = dict( + name=dict(required=True), + shards=dict(default=None, required=False, type='int'), + retention_period=dict(default=None, required=False, type='int'), + tags=dict(default=None, required=False, type='dict', aliases=['resource_tags']), + wait=dict(default=True, required=False, type='bool'), + wait_timeout=dict(default=300, required=False, type='int'), + state=dict(default='present', choices=['present', 'absent']), + encryption_type=dict(required=False, choices=['NONE', 'KMS']), + key_id=dict(required=False, type='str'), + encryption_state=dict(required=False, choices=['enabled', 'disabled']), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, ) @@ -1363,9 +1362,6 @@ def main(): if retention_period < 24: module.fail_json(msg='Retention period can not be less than 24 hours.') - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required.') - check_mode = module.check_mode try: region, ec2_url, aws_connect_kwargs = ( diff --git a/plugins/modules/lambda_alias.py b/plugins/modules/lambda_alias.py index 75193221b5b..bd547a41341 100644 --- a/plugins/modules/lambda_alias.py +++ b/plugins/modules/lambda_alias.py @@ -146,17 +146,13 @@ try: import boto3 from botocore.exceptions import ClientError, ParamValidationError, MissingParametersError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class AWSConnection: @@ -354,28 +350,21 @@ def main(): :return dict: ansible facts """ - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - state=dict(required=False, default='present', choices=['present', 'absent']), - function_name=dict(required=True), - name=dict(required=True, aliases=['alias_name']), - function_version=dict(type='int', required=False, default=0, aliases=['version']), - description=dict(required=False, default=None), - ) + argument_spec = dict( + state=dict(required=False, default='present', choices=['present', 'absent']), + function_name=dict(required=True), + name=dict(required=True, aliases=['alias_name']), + function_version=dict(type='int', required=False, default=0, aliases=['version']), + description=dict(required=False, default=None), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[], - required_together=[] + required_together=[], ) - # validate dependencies - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required for this module.') - aws = AWSConnection(module, ['lambda']) validate_params(module, aws) diff --git a/plugins/modules/lambda_event.py b/plugins/modules/lambda_event.py index 6dbbfb6590b..e0009d13582 100644 --- a/plugins/modules/lambda_event.py +++ b/plugins/modules/lambda_event.py @@ -120,17 +120,13 @@ try: import boto3 from botocore.exceptions import ClientError, ParamValidationError, MissingParametersError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info # --------------------------------------------------------------------------------------------------- @@ -404,29 +400,22 @@ def main(): """Produce a list of function suffixes which handle lambda events.""" source_choices = ["stream", "sqs"] - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - state=dict(required=False, default='present', choices=['present', 'absent']), - lambda_function_arn=dict(required=True, aliases=['function_name', 'function_arn']), - event_source=dict(required=False, default="stream", choices=source_choices), - source_params=dict(type='dict', required=True), - alias=dict(required=False, default=None), - version=dict(type='int', required=False, default=0), - ) + argument_spec = dict( + state=dict(required=False, default='present', choices=['present', 'absent']), + lambda_function_arn=dict(required=True, aliases=['function_name', 'function_arn']), + event_source=dict(required=False, default="stream", choices=source_choices), + source_params=dict(type='dict', required=True), + alias=dict(required=False, default=None), + version=dict(type='int', required=False, default=0), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[['alias', 'version']], - required_together=[] + required_together=[], ) - # validate dependencies - if not HAS_BOTO3: - module.fail_json(msg='boto3 is required for this module.') - aws = AWSConnection(module, ['lambda']) validate_params(module, aws) diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index e259ef757e5..38e60662c05 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -532,9 +532,11 @@ except ImportError: HAS_RDS2 = False -from ansible.module_utils.basic import AnsibleModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO, connect_to_aws, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info DEFAULT_PORTS = { @@ -1311,8 +1313,7 @@ def validate_parameters(required_vars, valid_vars, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( command=dict(choices=['create', 'replicate', 'delete', 'facts', 'modify', 'promote', 'snapshot', 'reboot', 'restore'], required=True), instance_name=dict(required=False), source_instance=dict(required=False), @@ -1346,12 +1347,12 @@ def main(): tags=dict(type='dict', required=False), publicly_accessible=dict(required=False), character_set_name=dict(required=False), - force_failover=dict(type='bool', required=False, default=False) - ) + force_failover=dict(type='bool', required=False, default=False), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index 4870d0657fb..92261e61f8b 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -113,20 +113,24 @@ returned: when state is present ''' -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_argument_spec, get_aws_connection_info, boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, HAS_BOTO3, compare_aws_tags -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, boto3_tag_list_to_ansible_dict -from ansible.module_utils.parsing.convert_bool import BOOLEANS_TRUE -from ansible.module_utils.six import string_types -from ansible.module_utils._text import to_native - import traceback try: import botocore except ImportError: - pass # caught by imported HAS_BOTO3 + pass # Handled by AnsibleAWSModule + +from ansible.module_utils.parsing.convert_bool import BOOLEANS_TRUE +from ansible.module_utils.six import string_types +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict INT_MODIFIERS = { 'K': 1024, @@ -309,24 +313,20 @@ def ensure_absent(module, connection): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - state=dict(required=True, choices=['present', 'absent']), - name=dict(required=True), - engine=dict(), - description=dict(), - params=dict(aliases=['parameters'], type='dict'), - immediate=dict(type='bool', aliases=['apply_immediately']), - tags=dict(type='dict', default={}), - purge_tags=dict(type='bool', default=False) - ) + argument_spec = dict( + state=dict(required=True, choices=['present', 'absent']), + name=dict(required=True), + engine=dict(), + description=dict(), + params=dict(aliases=['parameters'], type='dict'), + immediate=dict(type='bool', aliases=['apply_immediately']), + tags=dict(type='dict', default={}), + purge_tags=dict(type='bool', default=False), + ) + module = AnsibleAWSModule( + argument_spec=argument_spec, + required_if=[['state', 'present', ['description', 'engine']]], ) - module = AnsibleModule(argument_spec=argument_spec, - required_if=[['state', 'present', ['description', 'engine']]]) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 and botocore are required for this module') # Retrieve any AWS settings from the environment. region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) diff --git a/plugins/modules/rds_subnet_group.py b/plugins/modules/rds_subnet_group.py index 818b46bd6fe..daa35abd0ad 100644 --- a/plugins/modules/rds_subnet_group.py +++ b/plugins/modules/rds_subnet_group.py @@ -90,12 +90,13 @@ try: import boto.rds from boto.exception import BotoServerError - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO, connect_to_aws, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_subnet_group_info(subnet_group): @@ -121,15 +122,13 @@ def create_result(changed, subnet_group=None): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent']), name=dict(required=True), description=dict(required=False), subnets=dict(required=False, type='list', elements='str'), ) - ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec) if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 2b74c5f1fd0..9b6cd5bbbe3 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -258,8 +258,10 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, snake_dict_to_camel_dict -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code def _collect_facts(resource): @@ -342,7 +344,7 @@ def create_cluster(module, redshift): """ Create a new cluster - module: AnsibleModule object + module: AnsibleAWSModule object redshift: authenticated redshift connection object Returns: diff --git a/plugins/modules/redshift_subnet_group.py b/plugins/modules/redshift_subnet_group.py index 68eb42496c3..be42fa2d720 100644 --- a/plugins/modules/redshift_subnet_group.py +++ b/plugins/modules/redshift_subnet_group.py @@ -84,23 +84,23 @@ try: import boto import boto.redshift - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO, connect_to_aws, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(required=True, choices=['present', 'absent']), group_name=dict(required=True, aliases=['name']), group_description=dict(required=False, aliases=['description']), group_subnets=dict(required=False, aliases=['subnets'], type='list', elements='str'), - )) - module = AnsibleModule(argument_spec=argument_spec) + ) + module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False) if not HAS_BOTO: module.fail_json(msg='boto v2.9.0+ required for this module') diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py index ad25e38ecd0..6b69363f2d0 100644 --- a/plugins/modules/route53.py +++ b/plugins/modules/route53.py @@ -372,12 +372,12 @@ from boto.route53 import Route53Connection from boto.route53.record import Record, ResourceRecordSets from boto.route53.status import Status - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO MINIMUM_BOTO_VERSION = '2.28.0' @@ -491,8 +491,7 @@ def to_dict(rset, zone_in, zone_id): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(type='str', required=True, choices=['absent', 'create', 'delete', 'get', 'present'], aliases=['command']), zone=dict(type='str'), hosted_zone_id=dict(type='str'), @@ -514,9 +513,9 @@ def main(): vpc_id=dict(type='str'), wait=dict(type='bool', default=False), wait_timeout=dict(type='int', default=300), - )) + ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, required_one_of=[['zone', 'hosted_zone_id']], @@ -537,6 +536,7 @@ def main(): region=('identifier',), weight=('identifier',), ), + check_boto3=False, ) if not HAS_BOTO: diff --git a/plugins/modules/route53_health_check.py b/plugins/modules/route53_health_check.py index 77fcf912e08..a1f9c9a268c 100644 --- a/plugins/modules/route53_health_check.py +++ b/plugins/modules/route53_health_check.py @@ -123,13 +123,13 @@ from boto import route53 from boto.route53 import Route53Connection, exception from boto.route53.healthcheck import HealthCheck - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO # import module snippets -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO # Things that can't get changed: @@ -280,8 +280,7 @@ def update_health_check(conn, health_check_id, health_check_version, health_chec def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( state=dict(choices=['present', 'absent'], default='present'), ip_address=dict(), port=dict(type='int'), @@ -292,8 +291,7 @@ def main(): request_interval=dict(type='int', choices=[10, 30], default=30), failure_threshold=dict(type='int', choices=[1, 2, 3, 4, 5, 6, 7, 8, 9, 10], default=3), ) - ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False) if not HAS_BOTO: module.fail_json(msg='boto 2.27.0+ required for this module') diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index 3a937a40653..64caeaef23c 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -207,20 +207,18 @@ try: import boto import botocore - HAS_BOTO = True -except ImportError: - HAS_BOTO = False - -try: import boto3 - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by HAS_BOTO and HAS_BOTO3 -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info from ansible.module_utils._text import to_native +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3 + def get_hosted_zone(client, module): params = dict() @@ -416,8 +414,7 @@ def hosted_zone_details(client, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( query=dict(choices=[ 'change', 'checker_ip_range', @@ -454,14 +451,14 @@ def main(): 'tags', ], default='list'), ) - ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[ ['hosted_zone_method', 'health_check_method'], ], + check_boto3=False, ) if module._name == 'route53_facts': module.deprecate("The 'route53_facts' module has been renamed to 'route53_info'", date='2021-12-01', collection_name='community.aws') diff --git a/plugins/modules/s3_logging.py b/plugins/modules/s3_logging.py index 1bb585acd55..7cc2f58d733 100644 --- a/plugins/modules/s3_logging.py +++ b/plugins/modules/s3_logging.py @@ -62,12 +62,13 @@ import boto.ec2 from boto.s3.connection import OrdinaryCallingFormat, Location from boto.exception import S3ResponseError - HAS_BOTO = True except ImportError: - HAS_BOTO = False + pass # Handled by HAS_BOTO -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO def compare_bucket_logging(bucket, target_bucket, target_prefix): @@ -130,17 +131,14 @@ def disable_bucket_logging(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(required=True), - target_bucket=dict(required=False, default=None), - target_prefix=dict(required=False, default=""), - state=dict(required=False, default='present', choices=['present', 'absent']) - ) + argument_spec = dict( + name=dict(required=True), + target_bucket=dict(required=False, default=None), + target_prefix=dict(required=False, default=""), + state=dict(required=False, default='present', choices=['present', 'absent']), ) - module = AnsibleModule(argument_spec=argument_spec) + module = AnsibleAWSModule(argument_spec=argument_spec) if not HAS_BOTO: module.fail_json(msg='boto required for this module') diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 3d6de33074b..12828c51958 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -229,17 +229,6 @@ import stat as osstat # os.stat constants import traceback -# import module snippets -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, - ec2_argument_spec, - boto3_conn, - get_aws_connection_info, - HAS_BOTO3, - boto_exception, - ) -from ansible.module_utils._text import to_text - try: from dateutil import tz HAS_DATEUTIL = True @@ -249,8 +238,16 @@ try: import botocore except ImportError: - # Handled by imported HAS_BOTO3 - pass + pass # Handled by AnsibleAWSModule + +from ansible.module_utils._text import to_text + +# import module snippets +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception # the following function, calculate_multipart_etag, is from tlastowka @@ -504,8 +501,7 @@ def remove_files(s3, sourcelist, params): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update(dict( + argument_spec = dict( mode=dict(choices=['push'], default='push'), file_change_strategy=dict(choices=['force', 'date_size', 'checksum'], default='date_size'), bucket=dict(required=True), @@ -521,18 +517,14 @@ def main(): delete=dict(required=False, type='bool', default=False), # future options: encoding, metadata, storage_class, retries ) - ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, ) if not HAS_DATEUTIL: module.fail_json(msg='dateutil required for this module') - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') - result = {} mode = module.params['mode'] diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index f2196836537..a003331adaf 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -164,17 +164,13 @@ try: import boto3 from botocore.exceptions import ClientError, ParamValidationError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (HAS_BOTO3, - boto3_conn, - camel_dict_to_snake_dict, - ec2_argument_spec, - get_aws_connection_info, - ) +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def _create_redirect_dict(url): @@ -294,26 +290,21 @@ def disable_bucket_as_website(client_connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - name=dict(type='str', required=True), - state=dict(type='str', required=True, choices=['present', 'absent']), - suffix=dict(type='str', required=False, default='index.html'), - error_key=dict(type='str', required=False), - redirect_all_requests=dict(type='str', required=False) - ) + argument_spec = dict( + name=dict(type='str', required=True), + state=dict(type='str', required=True, choices=['present', 'absent']), + suffix=dict(type='str', required=False, default='index.html'), + error_key=dict(type='str', required=False), + redirect_all_requests=dict(type='str', required=False), ) - module = AnsibleModule( + module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=[ ['redirect_all_requests', 'suffix'], ['redirect_all_requests', 'error_key'] - ]) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 required for this module') + ], + ) region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) diff --git a/plugins/modules/sts_session_token.py b/plugins/modules/sts_session_token.py index aa4792e94d8..48f05efe1a8 100644 --- a/plugins/modules/sts_session_token.py +++ b/plugins/modules/sts_session_token.py @@ -82,12 +82,12 @@ try: import boto3 from botocore.exceptions import ClientError - HAS_BOTO3 = True except ImportError: - HAS_BOTO3 = False + pass # Handled by AnsibleAWSModule -from ansible.module_utils.basic import AnsibleModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn, ec2_argument_spec, get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def normalize_credentials(credentials): @@ -128,19 +128,13 @@ def get_session_token(connection, module): def main(): - argument_spec = ec2_argument_spec() - argument_spec.update( - dict( - duration_seconds=dict(required=False, default=None, type='int'), - mfa_serial_number=dict(required=False, default=None), - mfa_token=dict(required=False, default=None) - ) + argument_spec = dict( + duration_seconds=dict(required=False, default=None, type='int'), + mfa_serial_number=dict(required=False, default=None), + mfa_token=dict(required=False, default=None), ) - module = AnsibleModule(argument_spec=argument_spec) - - if not HAS_BOTO3: - module.fail_json(msg='boto3 and botocore are required.') + module = AnsibleAWSModule(argument_spec=argument_spec) region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) if region: From 11a87e0607ed7ce3d7c14a4db086260899840721 Mon Sep 17 00:00:00 2001 From: Jean-Marc Saad Date: Wed, 12 Aug 2020 23:16:48 +0300 Subject: [PATCH 062/129] [Docs] Updated rds_instance backup_retention_period parameter docs (#183) --- docs/community.aws.rds_instance_module.rst | 4 +++- plugins/modules/rds_instance.py | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/community.aws.rds_instance_module.rst b/docs/community.aws.rds_instance_module.rst index f10000f56ff..78ef27aa24e 100644 --- a/docs/community.aws.rds_instance_module.rst +++ b/docs/community.aws.rds_instance_module.rst @@ -191,7 +191,9 @@ Parameters -
    The number of days for which automated backups are retained (must be greater or equal to 1). May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    +
    The number of days for which automated backups are retained.
    +
    When set to 0, automated backups will be disabled. (Not applicable if the DB instance is a source to read replicas)
    +
    May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index 95781a48d54..e93322cc61b 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -99,8 +99,9 @@ type: str backup_retention_period: description: - - The number of days for which automated backups are retained (must be greater or equal to 1). - May be used when creating a new cluster, when restoring from S3, or when modifying a cluster. + - The number of days for which automated backups are retained. + - When set to C(0), automated backups will be disabled. (Not applicable if the DB instance is a source to read replicas) + - May be used when creating a new cluster, when restoring from S3, or when modifying a cluster. type: int ca_certificate_identifier: description: From e95fb90fa1f0ed521c30f3391c138851bc182abc Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 13 Aug 2020 09:36:09 -0700 Subject: [PATCH 063/129] Prepare 1.1.0 release (#185) * Prepare 1.1.0 release Run add_docs.py Run antsibull-changelog Bump release in galaxy.yml Update meta/runtime.yml with supported ansible revs Add requirements file to support execution environments Update amazon.aws rev in test requirements * Cleanup changelog formatting for new, sticter antsibull-changelog formatting Rerun add_docs.py with --branch-name flag Correct required amazon.aws revision to match the current in-progress release * add_docs generated bad markup, fix that --- CHANGELOG.rst | 281 + README.md | 9 +- changelogs/changelog.yaml | 706 +++ changelogs/fragments/.empty | 0 .../fragments/173-ansibleawsmodule.yaml | 2 - ...004-cloudwatchlogs_log_group-KeyError.yaml | 4 - .../fragments/56468-deprecate-lnb-absent.yml | 2 - .../58118-aws_api_gateway-params.yml | 2 - .../58822-aws-lamda-tracing-config.yaml | 2 - .../59597-ecs-allow_default_network_mode.yml | 2 - ...te53-improve-octal-characters-handling.yml | 3 - ...0944-sns_topic-delivery_policy-changed.yml | 3 - .../61263-aws_codecommit-description.yml | 2 - ...1-cloudfront_distribution-encryptionid.yml | 2 - .../61279-ec2_launch_template-output.yml | 2 - .../61577-support-iops-in-purefa_volume.yml | 2 - .../fragments/61805-azure-facts-info.yml | 7 - ...sit_gateway-honor-auto_attach-setting.yaml | 2 - ...62014-iam_role_session_instanceprofile.yml | 3 - .../63362-remove-edgeos-filtering.yaml | 2 - changelogs/fragments/63924-boto3.yml | 5 - .../63961-deprecate-fail_on_delete.yml | 2 - .../fragments/63989-deprecate-unused.yml | 3 - .../fragments/64230-deprecate-unused.yml | 5 - changelogs/fragments/64258-purge_policies.yml | 5 - .../fragments/64368-deprecate-unused.yml | 3 - .../64598-add-next-token-support.yml | 2 - changelogs/fragments/64867-route53-diff.yml | 2 - .../65265-allow-udp-tcpudp-protocol.yaml | 3 - .../65555-amazon-sanity-required.yml | 2 - .../65557-iam-make-name-required.yml | 2 - .../fragments/65558-iam_cert-require-name.yml | 2 - .../65559-iam_policy-require-iam_name.yml | 2 - changelogs/fragments/66037-aws_kms.yml | 2 - .../fragments/66673-elb_target-awsretry.yaml | 3 - .../fragments/66779-redshift-backoff.yml | 2 - .../fragments/66795-sqs_queue-boto3.yaml | 3 - ...ce_lifetime-and-honor-wait-on-replace.yaml | 5 - .../67045-ec2_asg_mixed_instance_policy.yml | 2 - .../67089-sns_topic-notfound-backoff.yaml | 2 - ...67247-fix-ec2_transit_gateway-retries.yaml | 2 - .../fragments/67651-aws-kms-key-rotation.yml | 2 - .../67671-aws_acm-module_defaults.yaml | 3 - .../67770-aws-kms-info-key-rotation.yml | 2 - .../fragments/dont-template-cli-passwords.yml | 12 - ...lineinfile-backrefs-match-object-type.yaml | 2 - changelogs/fragments/porting-guide.yml | 12 - .../sanity_fix_future_boilerplate.yml | 2 - .../fragments/win_credential-wildcard.yaml | 2 - docs/community.aws.aws_acm_info_module.rst | 1020 +-- docs/community.aws.aws_acm_module.rst | 479 +- docs/community.aws.aws_api_gateway_module.rst | 603 +- ....aws_application_scaling_policy_module.rst | 1061 ++-- ...s.aws_batch_compute_environment_module.rst | 666 +- ...ty.aws.aws_batch_job_definition_module.rst | 803 +-- ...mmunity.aws.aws_batch_job_queue_module.rst | 429 +- docs/community.aws.aws_codebuild_module.rst | 1249 ++-- docs/community.aws.aws_codecommit_module.rst | 575 +- .../community.aws.aws_codepipeline_module.rst | 595 +- ...onfig_aggregation_authorization_module.rst | 283 +- ...unity.aws.aws_config_aggregator_module.rst | 441 +- ...aws.aws_config_delivery_channel_module.rst | 351 +- ...mmunity.aws.aws_config_recorder_module.rst | 379 +- docs/community.aws.aws_config_rule_module.rst | 522 +- ...rect_connect_confirm_connection_module.rst | 317 + ...s.aws_direct_connect_connection_module.rst | 582 +- ....aws.aws_direct_connect_gateway_module.rst | 444 +- ..._connect_link_aggregation_group_module.rst | 725 +-- ...irect_connect_virtual_interface_module.rst | 1026 +-- docs/community.aws.aws_eks_cluster_module.rst | 619 +- ...ty.aws.aws_elasticbeanstalk_app_module.rst | 350 +- ...mmunity.aws.aws_glue_connection_module.rst | 544 +- docs/community.aws.aws_glue_job_module.rst | 768 +-- ...munity.aws.aws_inspector_target_module.rst | 395 +- docs/community.aws.aws_kms_info_module.rst | 789 +-- docs/community.aws.aws_kms_module.rst | 1167 ++-- docs/community.aws.aws_region_info_module.rst | 266 +- ...ommunity.aws.aws_s3_bucket_info_module.rst | 243 +- docs/community.aws.aws_s3_cors_module.rst | 339 +- docs/community.aws.aws_secret_module.rst | 561 +- .../community.aws.aws_ses_identity_module.rst | 779 +-- ...ity.aws.aws_ses_identity_policy_module.rst | 321 +- .../community.aws.aws_ses_rule_set_module.rst | 361 +- docs/community.aws.aws_sgw_info_module.rst | 815 +-- docs/community.aws.aws_ssm_connection.rst | 165 +- ...ity.aws.aws_ssm_parameter_store_module.rst | 439 +- ...nctions_state_machine_execution_module.rst | 417 +- ...ws_step_functions_state_machine_module.rst | 365 +- ...community.aws.aws_waf_condition_module.rst | 1656 ++--- docs/community.aws.aws_waf_info_module.rst | 449 +- docs/community.aws.aws_waf_rule_module.rst | 607 +- docs/community.aws.aws_waf_web_acl_module.rst | 683 +- ...aws.cloudformation_exports_info_module.rst | 239 +- ...ty.aws.cloudformation_stack_set_module.rst | 795 +-- ...ity.aws.cloudfront_distribution_module.rst | 5621 +++++++++-------- docs/community.aws.cloudfront_info_module.rst | 871 +-- ...ity.aws.cloudfront_invalidation_module.rst | 503 +- ...oudfront_origin_access_identity_module.rst | 435 +- docs/community.aws.cloudtrail_module.rst | 929 +-- ...munity.aws.cloudwatchevent_rule_module.rst | 567 +- ...s.cloudwatchlogs_log_group_info_module.rst | 369 +- ...tchlogs_log_group_metric_filter_module.rst | 421 +- ...ty.aws.cloudwatchlogs_log_group_module.rst | 510 +- docs/community.aws.data_pipeline_module.rst | 726 +-- docs/community.aws.dms_endpoint_module.rst | 773 +-- ...ws.dms_replication_subnet_group_module.rst | 301 +- docs/community.aws.dynamodb_table_module.rst | 667 +- docs/community.aws.dynamodb_ttl_module.rst | 305 +- docs/community.aws.ec2_ami_copy_module.rst | 451 +- docs/community.aws.ec2_asg_info_module.rst | 701 +- ...nity.aws.ec2_asg_lifecycle_hook_module.rst | 418 +- docs/community.aws.ec2_asg_module.rst | 1537 ++--- ...y.aws.ec2_customer_gateway_info_module.rst | 277 +- ...munity.aws.ec2_customer_gateway_module.rst | 461 +- docs/community.aws.ec2_eip_info_module.rst | 266 +- docs/community.aws.ec2_eip_module.rst | 531 +- docs/community.aws.ec2_elb_info_module.rst | 250 +- docs/community.aws.ec2_elb_module.rst | 356 +- ...community.aws.ec2_instance_info_module.rst | 2002 +++--- docs/community.aws.ec2_instance_module.rst | 3061 ++++----- ...mmunity.aws.ec2_launch_template_module.rst | 1633 ++--- docs/community.aws.ec2_lc_find_module.rst | 535 +- docs/community.aws.ec2_lc_info_module.rst | 583 +- docs/community.aws.ec2_lc_module.rst | 1620 ++--- .../community.aws.ec2_metric_alarm_module.rst | 634 +- ...ty.aws.ec2_placement_group_info_module.rst | 322 +- ...mmunity.aws.ec2_placement_group_module.rst | 370 +- ...ommunity.aws.ec2_scaling_policy_module.rst | 365 +- ...community.aws.ec2_snapshot_copy_module.rst | 403 +- ...ty.aws.ec2_transit_gateway_info_module.rst | 611 +- ...mmunity.aws.ec2_transit_gateway_module.rst | 905 +-- ...ommunity.aws.ec2_vpc_egress_igw_module.rst | 304 +- ...unity.aws.ec2_vpc_endpoint_info_module.rst | 321 +- .../community.aws.ec2_vpc_endpoint_module.rst | 449 +- .../community.aws.ec2_vpc_igw_info_module.rst | 295 +- docs/community.aws.ec2_vpc_igw_module.rst | 360 +- ...community.aws.ec2_vpc_nacl_info_module.rst | 405 +- docs/community.aws.ec2_vpc_nacl_module.rst | 424 +- ...ty.aws.ec2_vpc_nat_gateway_info_module.rst | 275 +- ...mmunity.aws.ec2_vpc_nat_gateway_module.rst | 549 +- docs/community.aws.ec2_vpc_peer_module.rst | 376 +- ...munity.aws.ec2_vpc_peering_info_module.rst | 275 +- ...ty.aws.ec2_vpc_route_table_info_module.rst | 240 +- ...mmunity.aws.ec2_vpc_route_table_module.rst | 881 +-- .../community.aws.ec2_vpc_vgw_info_module.rst | 295 +- docs/community.aws.ec2_vpc_vgw_module.rst | 401 +- .../community.aws.ec2_vpc_vpn_info_module.rst | 661 +- docs/community.aws.ec2_vpc_vpn_module.rst | 997 +-- .../community.aws.ec2_win_password_module.rst | 343 +- docs/community.aws.ecs_attribute_module.rst | 447 +- docs/community.aws.ecs_cluster_module.rst | 420 +- docs/community.aws.ecs_ecr_module.rst | 491 +- .../community.aws.ecs_service_info_module.rst | 559 +- docs/community.aws.ecs_service_module.rst | 1733 ++--- docs/community.aws.ecs_tag_module.rst | 409 +- docs/community.aws.ecs_task_module.rst | 727 +-- ...ity.aws.ecs_taskdefinition_info_module.rst | 1251 ++-- ...ommunity.aws.ecs_taskdefinition_module.rst | 541 +- docs/community.aws.efs_info_module.rst | 571 +- docs/community.aws.efs_module.rst | 837 +-- .../community.aws.elasticache_info_module.rst | 975 +-- docs/community.aws.elasticache_module.rst | 516 +- ...aws.elasticache_parameter_group_module.rst | 377 +- ...munity.aws.elasticache_snapshot_module.rst | 395 +- ...ty.aws.elasticache_subnet_group_module.rst | 301 +- ...ity.aws.elb_application_lb_info_module.rst | 637 +- ...ommunity.aws.elb_application_lb_module.rst | 1500 ++--- ...mmunity.aws.elb_classic_lb_info_module.rst | 266 +- docs/community.aws.elb_classic_lb_module.rst | 717 ++- docs/community.aws.elb_instance_module.rst | 355 +- docs/community.aws.elb_network_lb_module.rst | 1162 ++-- ...unity.aws.elb_target_group_info_module.rst | 892 +-- .../community.aws.elb_target_group_module.rst | 1114 ++-- docs/community.aws.elb_target_info_module.rst | 506 +- docs/community.aws.elb_target_module.rst | 420 +- docs/community.aws.execute_lambda_module.rst | 425 +- docs/community.aws.iam_cert_module.rst | 410 +- docs/community.aws.iam_group_module.rst | 634 +- ...ommunity.aws.iam_managed_policy_module.rst | 418 +- ...mmunity.aws.iam_mfa_device_info_module.rst | 259 +- docs/community.aws.iam_module.rst | 576 +- ...mmunity.aws.iam_password_policy_module.rst | 473 +- docs/community.aws.iam_policy_info_module.rst | 364 +- docs/community.aws.iam_policy_module.rst | 384 +- docs/community.aws.iam_role_info_module.rst | 641 +- docs/community.aws.iam_role_module.rst | 706 ++- ...mmunity.aws.iam_saml_federation_module.rst | 377 +- ...aws.iam_server_certificate_info_module.rst | 367 +- docs/community.aws.iam_user_info_module.rst | 417 +- docs/community.aws.iam_user_module.rst | 434 +- docs/community.aws.kinesis_stream_module.rst | 539 +- docs/community.aws.lambda_alias_module.rst | 399 +- docs/community.aws.lambda_event_module.rst | 477 +- docs/community.aws.lambda_facts_module.rst | 339 +- docs/community.aws.lambda_info_module.rst | 325 +- docs/community.aws.lambda_module.rst | 627 +- docs/community.aws.lambda_policy_module.rst | 440 +- docs/community.aws.lightsail_module.rst | 462 +- ...community.aws.rds_instance_info_module.rst | 1469 ++--- docs/community.aws.rds_instance_module.rst | 2835 ++++----- docs/community.aws.rds_module.rst | 1979 +++--- docs/community.aws.rds_param_group_module.rst | 485 +- ...community.aws.rds_snapshot_info_module.rst | 1165 ++-- docs/community.aws.rds_snapshot_module.rst | 845 +-- .../community.aws.rds_subnet_group_module.rst | 403 +- ...redshift_cross_region_snapshots_module.rst | 329 +- docs/community.aws.redshift_info_module.rst | 839 +-- docs/community.aws.redshift_module.rst | 1112 ++-- ...unity.aws.redshift_subnet_group_module.rst | 369 +- ...munity.aws.route53_health_check_module.rst | 444 +- docs/community.aws.route53_info_module.rst | 541 +- docs/community.aws.route53_module.rst | 968 +-- docs/community.aws.route53_zone_module.rst | 489 +- ...nity.aws.s3_bucket_notification_module.rst | 441 +- docs/community.aws.s3_lifecycle_module.rst | 581 +- docs/community.aws.s3_logging_module.rst | 304 +- docs/community.aws.s3_sync_module.rst | 613 +- docs/community.aws.s3_website_module.rst | 652 +- docs/community.aws.sns_module.rst | 509 +- docs/community.aws.sns_topic_module.rst | 821 +-- docs/community.aws.sqs_queue_module.rst | 831 +-- docs/community.aws.sts_assume_role_module.rst | 404 +- ...community.aws.sts_session_token_module.rst | 310 +- galaxy.yml | 4 +- meta/runtime.yml | 2 + requirements.txt | 3 + tests/requirements.yml | 3 +- 227 files changed, 59533 insertions(+), 55786 deletions(-) create mode 100644 CHANGELOG.rst create mode 100644 changelogs/changelog.yaml delete mode 100644 changelogs/fragments/.empty delete mode 100644 changelogs/fragments/173-ansibleawsmodule.yaml delete mode 100644 changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml delete mode 100644 changelogs/fragments/56468-deprecate-lnb-absent.yml delete mode 100644 changelogs/fragments/58118-aws_api_gateway-params.yml delete mode 100644 changelogs/fragments/58822-aws-lamda-tracing-config.yaml delete mode 100644 changelogs/fragments/59597-ecs-allow_default_network_mode.yml delete mode 100644 changelogs/fragments/60508-route53-improve-octal-characters-handling.yml delete mode 100644 changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml delete mode 100644 changelogs/fragments/61263-aws_codecommit-description.yml delete mode 100644 changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml delete mode 100644 changelogs/fragments/61279-ec2_launch_template-output.yml delete mode 100644 changelogs/fragments/61577-support-iops-in-purefa_volume.yml delete mode 100644 changelogs/fragments/61805-azure-facts-info.yml delete mode 100644 changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml delete mode 100644 changelogs/fragments/62014-iam_role_session_instanceprofile.yml delete mode 100644 changelogs/fragments/63362-remove-edgeos-filtering.yaml delete mode 100644 changelogs/fragments/63924-boto3.yml delete mode 100644 changelogs/fragments/63961-deprecate-fail_on_delete.yml delete mode 100644 changelogs/fragments/63989-deprecate-unused.yml delete mode 100644 changelogs/fragments/64230-deprecate-unused.yml delete mode 100644 changelogs/fragments/64258-purge_policies.yml delete mode 100644 changelogs/fragments/64368-deprecate-unused.yml delete mode 100644 changelogs/fragments/64598-add-next-token-support.yml delete mode 100644 changelogs/fragments/64867-route53-diff.yml delete mode 100644 changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml delete mode 100644 changelogs/fragments/65555-amazon-sanity-required.yml delete mode 100644 changelogs/fragments/65557-iam-make-name-required.yml delete mode 100644 changelogs/fragments/65558-iam_cert-require-name.yml delete mode 100644 changelogs/fragments/65559-iam_policy-require-iam_name.yml delete mode 100644 changelogs/fragments/66037-aws_kms.yml delete mode 100644 changelogs/fragments/66673-elb_target-awsretry.yaml delete mode 100644 changelogs/fragments/66779-redshift-backoff.yml delete mode 100644 changelogs/fragments/66795-sqs_queue-boto3.yaml delete mode 100644 changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml delete mode 100644 changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml delete mode 100644 changelogs/fragments/67089-sns_topic-notfound-backoff.yaml delete mode 100644 changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml delete mode 100644 changelogs/fragments/67651-aws-kms-key-rotation.yml delete mode 100644 changelogs/fragments/67671-aws_acm-module_defaults.yaml delete mode 100644 changelogs/fragments/67770-aws-kms-info-key-rotation.yml delete mode 100644 changelogs/fragments/dont-template-cli-passwords.yml delete mode 100644 changelogs/fragments/lineinfile-backrefs-match-object-type.yaml delete mode 100644 changelogs/fragments/porting-guide.yml delete mode 100644 changelogs/fragments/sanity_fix_future_boilerplate.yml delete mode 100644 changelogs/fragments/win_credential-wildcard.yaml create mode 100644 docs/community.aws.aws_direct_connect_confirm_connection_module.rst create mode 100644 requirements.txt diff --git a/CHANGELOG.rst b/CHANGELOG.rst new file mode 100644 index 00000000000..5be40e94986 --- /dev/null +++ b/CHANGELOG.rst @@ -0,0 +1,281 @@ +=========================== +community.aws Release Notes +=========================== + +.. contents:: Topics + + +v1.1.0 +====== + +Minor Changes +------------- + +- Remaining community.aws AnsibleModule based modules migrated to AnsibleAWSModule. +- sanity - add future imports in all missing places. + +Deprecated Features +------------------- + +- data_pipeline - the ``version`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- ec2_eip - the ``wait_timeout`` option has been deprecated and will be removed in a later release. It has had no effect since Ansible 2.3. +- ec2_lc - the ``associate_public_ip_address`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- elb_network_lb - in a later release, the default behaviour for the ``state`` option will change from ``absent`` to ``present``. To maintain the existing behavior explicitly set state to ``absent``. +- iam_managed_policy - the ``fail_on_delete`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- iam_policy - in a later release, the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``. To maintain the existing behavior explicitly set it to ``true``. +- iam_policy - the ``policy_document`` option has been deprecated and will be removed in a later release. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. +- iam_role - in a later release, the ``purge_policies`` option (also know as ``purge_policy``) default value will change from ``true`` to ``false`` +- s3_lifecycle - the ``requester_pays`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- s3_sync - the ``retries`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. + +v1.0.0 +====== + +Minor Changes +------------- + +- Allow all params that boto support in aws_api_gateway module +- aws_acm - Add the module to group/aws for module_defaults. +- aws_acm - Update automatic retries to stabilize the integration tests. +- aws_codecommit - Support updating the description +- aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically key rotation. +- aws_kms: code refactor, some error messages updated +- aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. +- ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups +- ec2_asg - Add support for Max Instance Lifetime +- ec2_asg - Migrated to AnsibleAWSModule +- ec2_placement_group - make ``name`` a required field. +- ecs_task_definition - Add network_mode=default to support Windows ECS tasks. +- elb_network_lb - added support to UDP and TCP_UDP protocols +- elb_target - add awsretry to prevent rate exceeded errors (https://github.com/ansible/ansible/issues/51108) +- elb_target_group - allow UDP and TCP_UDP protocols; permit only HTTP/HTTPS health checks using response codes and paths +- iam - make ``name`` a required field. +- iam_cert - make ``name`` a required field. +- iam_policy - The iam_policy module has been migrated from boto to boto3. +- iam_policy - make ``iam_name`` a required field. +- iam_role - Add support for managing the maximum session duration +- iam_role - Add support for removing the related instance profile when we delete the role +- iam_role, iam_user and iam_group - the managed_policy option has been renamed to managed_policies (with an alias added) +- iam_role, iam_user and iam_group - the purge_policy option has been renamed to purge_policies (with an alias added) +- lambda - add a tracing_mode parameter to set the TracingConfig for AWS X-Ray. Also allow updating Lambda runtime. +- purefa_volume - Change I(qos) parameter to I(bw_iops), but retain I(qos) as an alias for backwards compatability (https://github.com/ansible/ansible/pull/61577). +- redshift - Add AWSRetry calls for errors outside our control +- route53 - the module now has diff support. +- sns_topic - Add backoff when we get Topic ``NotFound`` exceptions while listing the subscriptions. +- sqs_queue - Add support for tagging, KMS and FIFO queues +- sqs_queue - updated to use boto3 instead of boto + +Deprecated Features +------------------- + +- cloudformation - The ``template_format`` option had no effect since Ansible 2.3 and will be removed after 2022-06-01 +- data_pipeline - The ``version`` option had no effect and will be removed after 2022-06-01 +- ec2_eip - The ``wait_timeout`` option had no effect and will be removed after 2022-06-01 +- ec2_key - The ``wait_timeout`` option had no effect and will be removed after 2022-06-01 +- ec2_key - The ``wait`` option had no effect and will be removed after 2022-06-01 +- ec2_lc - The ``associate_public_ip_address`` option had no effect and will be removed after 2022-06-01 +- elb_network_lb: The current default value of the ``state`` option has been deprecated and will change from absent to present after 2022-06-01 +- iam_managed_policy - The ``fail_on_delete`` option had no effect and will be removed after 2022-06-01 +- iam_policy - The ``policy_document`` will be removed after 2022-06-01. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. +- iam_policy - The default value of ``skip_duplicates`` will change after 2022-06-01 from ``true`` to ``false``. +- iam_role - The default value of the purge_policies has been deprecated and will change from true to false after 2022-06-01 +- s3_lifecycle - The ``requester_pays`` option had no effect and will be removed after 2022-06-01 +- s3_sync - The ``retries`` option had no effect and will be removed after 2022-06-01 + +Bugfixes +-------- + +- **security issue** - Convert CLI provided passwords to text initially, to prevent unsafe context being lost when converting from bytes->text during post processing of PlayContext. This prevents CLI provided passwords from being incorrectly templated (CVE-2019-14856) +- **security issue** - Update ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes`` to maintain unsafe context by overriding ``.encode`` and ``.decode``. This prevents future issues with ``to_text``, ``to_bytes``, or ``to_native`` removing the unsafe wrapper when converting between string types (CVE-2019-14856) +- azure_rm_dnsrecordset_info - no longer returns empty ``azure_dnsrecordset`` facts when called as ``_info`` module. +- azure_rm_resourcegroup_info - no longer returns ``azure_resourcegroups`` facts when called as ``_info`` module. +- azure_rm_storageaccount_info - no longer returns empty ``azure_storageaccounts`` facts when called as ``_info`` module. +- azure_rm_virtualmachineimage_info - no longer returns empty ``azure_vmimages`` facts when called as ``_info`` module. +- azure_rm_virtualmachinescaleset_info - fix wrongly empty result, or ``ansible_facts`` result, when called as ``_info`` module. +- azure_rm_virtualnetwork_info - no longer returns empty ``azure_virtualnetworks`` facts when called as ``_info`` module. +- cloudfront_distribution - Always add field_level_encryption_id to cache behaviour to match AWS requirements +- cloudwatchlogs_log_group - Fix a KeyError when updating a log group that does not have a retention period (https://github.com/ansible/ansible/issues/47945) +- cloudwatchlogs_log_group_info - remove limitation of max 50 results +- ec2_asg: Ensure "wait" is honored during replace operations +- ec2_launch_template - Update output to include latest_version and default_version, matching the documentation +- ec2_transit_gateway - Use AWSRetry before ClientError is handled when describing transit gateways +- ec2_transit_gateway - fixed issue where auto_attach set to yes was not being honored (https://github.com/ansible/ansible/issues/61907) +- edgeos_config - fix issue where module would silently filter out encrypted passwords +- fixed issue with sns_topic's delivery_policy option resulting in changed always being true +- lineinfile - properly handle inserting a line when backrefs are enabled and the line already exists in the file (https://github.com/ansible/ansible/issues/63756) +- route53 - improve handling of octal encoded characters +- win_credential - Fix issue that errors when trying to add a ``name`` with wildcards. + +New Modules +----------- + +- aws_acm - Upload and delete certificates in the AWS Certificate Manager service +- aws_acm_info - Retrieve certificate information from AWS Certificate Manager service +- aws_api_gateway - Manage AWS API Gateway APIs +- aws_application_scaling_policy - Manage Application Auto Scaling Scaling Policies +- aws_batch_compute_environment - Manage AWS Batch Compute Environments +- aws_batch_job_definition - Manage AWS Batch Job Definitions +- aws_batch_job_queue - Manage AWS Batch Job Queues +- aws_codebuild - Create or delete an AWS CodeBuild project +- aws_codecommit - Manage repositories in AWS CodeCommit +- aws_codepipeline - Create or delete AWS CodePipelines +- aws_config_aggregation_authorization - Manage cross-account AWS Config authorizations +- aws_config_aggregator - Manage AWS Config aggregations across multiple accounts +- aws_config_delivery_channel - Manage AWS Config delivery channels +- aws_config_recorder - Manage AWS Config Recorders +- aws_config_rule - Manage AWS Config resources +- aws_direct_connect_connection - Creates, deletes, modifies a DirectConnect connection +- aws_direct_connect_gateway - Manage AWS Direct Connect gateway +- aws_direct_connect_link_aggregation_group - Manage Direct Connect LAG bundles +- aws_direct_connect_virtual_interface - Manage Direct Connect virtual interfaces +- aws_eks_cluster - Manage Elastic Kubernetes Service Clusters +- aws_elasticbeanstalk_app - Create, update, and delete an elastic beanstalk application +- aws_glue_connection - Manage an AWS Glue connection +- aws_glue_job - Manage an AWS Glue job +- aws_inspector_target - Create, Update and Delete Amazon Inspector Assessment Targets +- aws_kms - Perform various KMS management tasks. +- aws_kms_info - Gather information about AWS KMS keys +- aws_region_info - Gather information about AWS regions. +- aws_s3_bucket_info - Lists S3 buckets in AWS +- aws_s3_cors - Manage CORS for S3 buckets in AWS +- aws_secret - Manage secrets stored in AWS Secrets Manager. +- aws_ses_identity - Manages SES email and domain identity +- aws_ses_identity_policy - Manages SES sending authorization policies +- aws_ses_rule_set - Manages SES inbound receipt rule sets +- aws_sgw_info - Fetch AWS Storage Gateway information +- aws_ssm_parameter_store - Manage key-value pairs in aws parameter store. +- aws_step_functions_state_machine - Manage AWS Step Functions state machines +- aws_step_functions_state_machine_execution - Start or stop execution of an AWS Step Functions state machine. +- aws_waf_condition - Create and delete WAF Conditions +- aws_waf_info - Retrieve information for WAF ACLs, Rule , Conditions and Filters. +- aws_waf_rule - Create and delete WAF Rules +- aws_waf_web_acl - Create and delete WAF Web ACLs. +- cloudformation_exports_info - Read a value from CloudFormation Exports +- cloudformation_stack_set - Manage groups of CloudFormation stacks +- cloudfront_distribution - Create, update and delete AWS CloudFront distributions. +- cloudfront_info - Obtain facts about an AWS CloudFront distribution +- cloudfront_invalidation - create invalidations for AWS CloudFront distributions +- cloudfront_origin_access_identity - Create, update and delete origin access identities for a CloudFront distribution +- cloudtrail - manage CloudTrail create, delete, update +- cloudwatchevent_rule - Manage CloudWatch Event rules and targets +- cloudwatchlogs_log_group - create or delete log_group in CloudWatchLogs +- cloudwatchlogs_log_group_info - Get information about log_group in CloudWatchLogs +- cloudwatchlogs_log_group_metric_filter - Manage CloudWatch log group metric filter +- data_pipeline - Create and manage AWS Datapipelines +- dms_endpoint - Creates or destroys a data migration services endpoint +- dms_replication_subnet_group - creates or destroys a data migration services subnet group +- dynamodb_table - Create, update or delete AWS Dynamo DB tables +- dynamodb_ttl - Set TTL for a given DynamoDB table +- ec2_ami_copy - copies AMI between AWS regions, return new image id +- ec2_asg - Create or delete AWS AutoScaling Groups (ASGs) +- ec2_asg_info - Gather information about ec2 Auto Scaling Groups (ASGs) in AWS +- ec2_asg_lifecycle_hook - Create, delete or update AWS ASG Lifecycle Hooks. +- ec2_customer_gateway - Manage an AWS customer gateway +- ec2_customer_gateway_info - Gather information about customer gateways in AWS +- ec2_eip - manages EC2 elastic IP (EIP) addresses. +- ec2_eip_info - List EC2 EIP details +- ec2_elb - De-registers or registers instances from EC2 ELBs +- ec2_elb_info - Gather information about EC2 Elastic Load Balancers in AWS +- ec2_instance - Create & manage EC2 instances +- ec2_instance_info - Gather information about ec2 instances in AWS +- ec2_launch_template - Manage EC2 launch templates +- ec2_lc - Create or delete AWS Autoscaling Launch Configurations +- ec2_lc_find - Find AWS Autoscaling Launch Configurations +- ec2_lc_info - Gather information about AWS Autoscaling Launch Configurations. +- ec2_metric_alarm - Create/update or delete AWS Cloudwatch 'metric alarms' +- ec2_placement_group - Create or delete an EC2 Placement Group +- ec2_placement_group_info - List EC2 Placement Group(s) details +- ec2_scaling_policy - Create or delete AWS scaling policies for Autoscaling groups +- ec2_snapshot_copy - Copies an EC2 snapshot and returns the new Snapshot ID. +- ec2_transit_gateway - Create and delete AWS Transit Gateways +- ec2_transit_gateway_info - Gather information about ec2 transit gateways in AWS +- ec2_vpc_egress_igw - Manage an AWS VPC Egress Only Internet gateway +- ec2_vpc_endpoint - Create and delete AWS VPC Endpoints. +- ec2_vpc_endpoint_info - Retrieves AWS VPC endpoints details using AWS methods. +- ec2_vpc_igw - Manage an AWS VPC Internet gateway +- ec2_vpc_igw_info - Gather information about internet gateways in AWS +- ec2_vpc_nacl - create and delete Network ACLs. +- ec2_vpc_nacl_info - Gather information about Network ACLs in an AWS VPC +- ec2_vpc_nat_gateway - Manage AWS VPC NAT Gateways. +- ec2_vpc_nat_gateway_info - Retrieves AWS VPC Managed Nat Gateway details using AWS methods. +- ec2_vpc_peer - create, delete, accept, and reject VPC peering connections between two VPCs. +- ec2_vpc_peering_info - Retrieves AWS VPC Peering details using AWS methods. +- ec2_vpc_route_table - Manage route tables for AWS virtual private clouds +- ec2_vpc_route_table_info - Gather information about ec2 VPC route tables in AWS +- ec2_vpc_vgw - Create and delete AWS VPN Virtual Gateways. +- ec2_vpc_vgw_info - Gather information about virtual gateways in AWS +- ec2_vpc_vpn - Create, modify, and delete EC2 VPN connections. +- ec2_vpc_vpn_info - Gather information about VPN Connections in AWS. +- ec2_win_password - Gets the default administrator password for ec2 windows instances +- ecs_attribute - manage ecs attributes +- ecs_cluster - Create or terminate ECS clusters. +- ecs_ecr - Manage Elastic Container Registry repositories +- ecs_service - Create, terminate, start or stop a service in ECS +- ecs_service_info - List or describe services in ECS +- ecs_tag - create and remove tags on Amazon ECS resources +- ecs_task - Run, start or stop a task in ecs +- ecs_taskdefinition - register a task definition in ecs +- ecs_taskdefinition_info - Describe a task definition in ECS +- efs - create and maintain EFS file systems +- efs_info - Get information about Amazon EFS file systems +- elasticache - Manage cache clusters in Amazon ElastiCache +- elasticache_info - Retrieve information for AWS ElastiCache clusters +- elasticache_parameter_group - Manage cache parameter groups in Amazon ElastiCache. +- elasticache_snapshot - Manage cache snapshots in Amazon ElastiCache +- elasticache_subnet_group - manage ElastiCache subnet groups +- elb_application_lb - Manage an Application load balancer +- elb_application_lb_info - Gather information about application ELBs in AWS +- elb_classic_lb - Creates or destroys Amazon ELB. +- elb_classic_lb_info - Gather information about EC2 Elastic Load Balancers in AWS +- elb_instance - De-registers or registers instances from EC2 ELBs +- elb_network_lb - Manage a Network Load Balancer +- elb_target - Manage a target in a target group +- elb_target_group - Manage a target group for an Application or Network load balancer +- elb_target_group_info - Gather information about ELB target groups in AWS +- elb_target_info - Gathers which target groups a target is associated with. +- execute_lambda - Execute an AWS Lambda function +- iam - Manage IAM users, groups, roles and keys +- iam_cert - Manage server certificates for use on ELBs and CloudFront +- iam_group - Manage AWS IAM groups +- iam_managed_policy - Manage User Managed IAM policies +- iam_mfa_device_info - List the MFA (Multi-Factor Authentication) devices registered for a user +- iam_password_policy - Update an IAM Password Policy +- iam_policy - Manage inline IAM policies for users, groups, and roles +- iam_policy_info - Retrieve inline IAM policies for users, groups, and roles +- iam_role - Manage AWS IAM roles +- iam_role_info - Gather information on IAM roles +- iam_saml_federation - Maintain IAM SAML federation configuration. +- iam_server_certificate_info - Retrieve the information of a server certificate +- iam_user - Manage AWS IAM users +- iam_user_info - Gather IAM user(s) facts in AWS +- kinesis_stream - Manage a Kinesis Stream. +- lambda - Manage AWS Lambda functions +- lambda_alias - Creates, updates or deletes AWS Lambda function aliases +- lambda_event - Creates, updates or deletes AWS Lambda function event mappings +- lambda_facts - Gathers AWS Lambda function details as Ansible facts +- lambda_info - Gathers AWS Lambda function details +- lambda_policy - Creates, updates or deletes AWS Lambda policy statements. +- lightsail - Manage instances in AWS Lightsail +- rds - create, delete, or modify Amazon rds instances, rds snapshots, and related facts +- rds_instance - Manage RDS instances +- rds_instance_info - obtain information about one or more RDS instances +- rds_param_group - manage RDS parameter groups +- rds_snapshot - manage Amazon RDS snapshots. +- rds_snapshot_info - obtain information about one or more RDS snapshots +- rds_subnet_group - manage RDS database subnet groups +- redshift_cross_region_snapshots - Manage Redshift Cross Region Snapshots +- redshift_info - Gather information about Redshift cluster(s) +- route53 - add or delete entries in Amazons Route53 DNS service +- route53_health_check - Add or delete health-checks in Amazons Route53 DNS service +- route53_info - Retrieves route53 details using AWS methods +- route53_zone - add or delete Route53 zones +- s3_bucket_notification - Creates, updates or deletes S3 Bucket notification for lambda +- s3_lifecycle - Manage s3 bucket lifecycle rules in AWS +- s3_logging - Manage logging facility of an s3 bucket in AWS +- s3_sync - Efficiently upload multiple files to S3 +- s3_website - Configure an s3 bucket as a website +- sns - Send Amazon Simple Notification Service messages +- sns_topic - Manages AWS SNS topics and subscriptions +- sqs_queue - Creates or deletes AWS SQS queues. +- sts_assume_role - Assume a role using AWS Security Token Service and obtain temporary credentials +- sts_session_token - Obtain a session token from the AWS Security Token Service diff --git a/README.md b/README.md index 88f8297f82c..02482b984bd 100644 --- a/README.md +++ b/README.md @@ -7,13 +7,17 @@ The Ansible Community AWS collection includes a variety of Ansible content to he ## Ansible version compatibility -This collection has been tested against following Ansible versions: **>=2.9,<2.11**. +This collection has been tested against following Ansible versions: **>=2.9.10**. Plugins and modules within a collection may be tested with only specific Ansible versions. A collection may contain metadata that identifies these versions. PEP440 is the schema used to describe the versions of Ansible. +## Python version compatibility + +This collection depends on the AWS SDK for Python (Boto3 and Botocore). As AWS has [ceased supporting Python 2.6](https://aws.amazon.com/blogs/developer/deprecation-of-python-2-6-and-python-3-3-in-botocore-boto3-and-the-aws-cli/), this collection requires Python 2.7 or greater. + ## Included content ### Connection plugins @@ -39,6 +43,7 @@ Name | Description [community.aws.aws_config_delivery_channel](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_delivery_channel_module.rst)|Manage AWS Config delivery channels [community.aws.aws_config_recorder](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_recorder_module.rst)|Manage AWS Config Recorders [community.aws.aws_config_rule](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_config_rule_module.rst)|Manage AWS Config resources +[community.aws.aws_direct_connect_confirm_connection](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_confirm_connection_module.rst)|Confirms the creation of a hosted DirectConnect connection. [community.aws.aws_direct_connect_connection](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_connection_module.rst)|Creates, deletes, modifies a DirectConnect connection [community.aws.aws_direct_connect_gateway](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_gateway_module.rst)|Manage AWS Direct Connect gateway [community.aws.aws_direct_connect_link_aggregation_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst)|Manage Direct Connect LAG bundles @@ -278,3 +283,5 @@ See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/commun GNU General Public License v3.0 or later. See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. + + diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml new file mode 100644 index 00000000000..0494c2b8cef --- /dev/null +++ b/changelogs/changelog.yaml @@ -0,0 +1,706 @@ +ancestor: null +releases: + 1.0.0: + changes: + bugfixes: + - '**security issue** - Convert CLI provided passwords to text initially, to + prevent unsafe context being lost when converting from bytes->text during + post processing of PlayContext. This prevents CLI provided passwords from + being incorrectly templated (CVE-2019-14856)' + - '**security issue** - Update ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes`` + to maintain unsafe context by overriding ``.encode`` and ``.decode``. This + prevents future issues with ``to_text``, ``to_bytes``, or ``to_native`` removing + the unsafe wrapper when converting between string types (CVE-2019-14856)' + - azure_rm_dnsrecordset_info - no longer returns empty ``azure_dnsrecordset`` + facts when called as ``_info`` module. + - azure_rm_resourcegroup_info - no longer returns ``azure_resourcegroups`` facts + when called as ``_info`` module. + - azure_rm_storageaccount_info - no longer returns empty ``azure_storageaccounts`` + facts when called as ``_info`` module. + - azure_rm_virtualmachineimage_info - no longer returns empty ``azure_vmimages`` + facts when called as ``_info`` module. + - azure_rm_virtualmachinescaleset_info - fix wrongly empty result, or ``ansible_facts`` + result, when called as ``_info`` module. + - azure_rm_virtualnetwork_info - no longer returns empty ``azure_virtualnetworks`` + facts when called as ``_info`` module. + - cloudfront_distribution - Always add field_level_encryption_id to cache behaviour + to match AWS requirements + - cloudwatchlogs_log_group - Fix a KeyError when updating a log group that does + not have a retention period (https://github.com/ansible/ansible/issues/47945) + - cloudwatchlogs_log_group_info - remove limitation of max 50 results + - ec2_asg - Ensure "wait" is honored during replace operations + - ec2_launch_template - Update output to include latest_version and default_version, + matching the documentation + - ec2_transit_gateway - Use AWSRetry before ClientError is handled when describing + transit gateways + - ec2_transit_gateway - fixed issue where auto_attach set to yes was not being + honored (https://github.com/ansible/ansible/issues/61907) + - edgeos_config - fix issue where module would silently filter out encrypted + passwords + - fixed issue with sns_topic's delivery_policy option resulting in changed always + being true + - lineinfile - properly handle inserting a line when backrefs are enabled and + the line already exists in the file (https://github.com/ansible/ansible/issues/63756) + - route53 - improve handling of octal encoded characters + - win_credential - Fix issue that errors when trying to add a ``name`` with + wildcards. + deprecated_features: + - cloudformation - The ``template_format`` option had no effect since Ansible + 2.3 and will be removed after 2022-06-01 + - data_pipeline - The ``version`` option had no effect and will be removed after + 2022-06-01 + - ec2_eip - The ``wait_timeout`` option had no effect and will be removed after + 2022-06-01 + - ec2_key - The ``wait_timeout`` option had no effect and will be removed after + 2022-06-01 + - ec2_key - The ``wait`` option had no effect and will be removed after 2022-06-01 + - ec2_lc - The ``associate_public_ip_address`` option had no effect and will + be removed after 2022-06-01 + - elb_network_lb - The current default value of the ``state`` option has been + deprecated and will change from absent to present after 2022-06-01 + - iam_managed_policy - The ``fail_on_delete`` option had no effect and will + be removed after 2022-06-01 + - iam_policy - The ``policy_document`` will be removed after 2022-06-01. To + maintain the existing behavior use the ``policy_json`` option and read the + file with the ``lookup`` plugin. + - iam_policy - The default value of ``skip_duplicates`` will change after 2022-06-01 + from ``true`` to ``false``. + - iam_role - The default value of the purge_policies has been deprecated and + will change from true to false after 2022-06-01 + - s3_lifecycle - The ``requester_pays`` option had no effect and will be removed + after 2022-06-01 + - s3_sync - The ``retries`` option had no effect and will be removed after 2022-06-01 + minor_changes: + - Allow all params that boto support in aws_api_gateway module + - aws_acm - Add the module to group/aws for module_defaults. + - aws_acm - Update automatic retries to stabilize the integration tests. + - aws_codecommit - Support updating the description + - aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically + key rotation. + - aws_kms - code refactor, some error messages updated' + - aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. + - ec2_asg - Add the ability to use mixed_instance_policy in launch template + driven autoscaling groups + - ec2_asg - Add support for Max Instance Lifetime + - ec2_asg - Migrated to AnsibleAWSModule + - ec2_placement_group - make ``name`` a required field. + - ecs_task_definition - Add network_mode=default to support Windows ECS tasks. + - elb_network_lb - added support to UDP and TCP_UDP protocols + - elb_target - add awsretry to prevent rate exceeded errors (https://github.com/ansible/ansible/issues/51108) + - elb_target_group - allow UDP and TCP_UDP protocols; permit only HTTP/HTTPS + health checks using response codes and paths + - iam - make ``name`` a required field. + - iam_cert - make ``name`` a required field. + - iam_policy - The iam_policy module has been migrated from boto to boto3. + - iam_policy - make ``iam_name`` a required field. + - iam_role - Add support for managing the maximum session duration + - iam_role - Add support for removing the related instance profile when we delete + the role + - iam_role, iam_user and iam_group - the managed_policy option has been renamed + to managed_policies (with an alias added) + - iam_role, iam_user and iam_group - the purge_policy option has been renamed + to purge_policies (with an alias added) + - lambda - add a tracing_mode parameter to set the TracingConfig for AWS X-Ray. + Also allow updating Lambda runtime. + - purefa_volume - Change I(qos) parameter to I(bw_iops), but retain I(qos) as + an alias for backwards compatability (https://github.com/ansible/ansible/pull/61577). + - redshift - Add AWSRetry calls for errors outside our control + - route53 - the module now has diff support. + - sns_topic - Add backoff when we get Topic ``NotFound`` exceptions while listing + the subscriptions. + - sqs_queue - Add support for tagging, KMS and FIFO queues + - sqs_queue - updated to use boto3 instead of boto + fragments: + - 480004-cloudwatchlogs_log_group-KeyError.yaml + - 56468-deprecate-lnb-absent.yml + - 58118-aws_api_gateway-params.yml + - 58822-aws-lamda-tracing-config.yaml + - 59597-ecs-allow_default_network_mode.yml + - 60508-route53-improve-octal-characters-handling.yml + - 60944-sns_topic-delivery_policy-changed.yml + - 61263-aws_codecommit-description.yml + - 61271-cloudfront_distribution-encryptionid.yml + - 61279-ec2_launch_template-output.yml + - 61577-support-iops-in-purefa_volume.yml + - 61805-azure-facts-info.yml + - 61933-ec2_transit_gateway-honor-auto_attach-setting.yaml + - 62014-iam_role_session_instanceprofile.yml + - 63362-remove-edgeos-filtering.yaml + - 63924-boto3.yml + - 63961-deprecate-fail_on_delete.yml + - 63989-deprecate-unused.yml + - 64230-deprecate-unused.yml + - 64258-purge_policies.yml + - 64368-deprecate-unused.yml + - 64598-add-next-token-support.yml + - 64867-route53-diff.yml + - 65265-allow-udp-tcpudp-protocol.yaml + - 65555-amazon-sanity-required.yml + - 65557-iam-make-name-required.yml + - 65558-iam_cert-require-name.yml + - 65559-iam_policy-require-iam_name.yml + - 66037-aws_kms.yml + - 66673-elb_target-awsretry.yaml + - 66779-redshift-backoff.yml + - 66795-sqs_queue-boto3.yaml + - 66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml + - 67045-ec2_asg_mixed_instance_policy.yml + - 67089-sns_topic-notfound-backoff.yaml + - 67247-fix-ec2_transit_gateway-retries.yaml + - 67651-aws-kms-key-rotation.yml + - 67671-aws_acm-module_defaults.yaml + - 67770-aws-kms-info-key-rotation.yml + - dont-template-cli-passwords.yml + - lineinfile-backrefs-match-object-type.yaml + - win_credential-wildcard.yaml + modules: + - description: Upload and delete certificates in the AWS Certificate Manager service + name: aws_acm + namespace: '' + - description: Retrieve certificate information from AWS Certificate Manager service + name: aws_acm_info + namespace: '' + - description: Manage AWS API Gateway APIs + name: aws_api_gateway + namespace: '' + - description: Manage Application Auto Scaling Scaling Policies + name: aws_application_scaling_policy + namespace: '' + - description: Manage AWS Batch Compute Environments + name: aws_batch_compute_environment + namespace: '' + - description: Manage AWS Batch Job Definitions + name: aws_batch_job_definition + namespace: '' + - description: Manage AWS Batch Job Queues + name: aws_batch_job_queue + namespace: '' + - description: Create or delete an AWS CodeBuild project + name: aws_codebuild + namespace: '' + - description: Manage repositories in AWS CodeCommit + name: aws_codecommit + namespace: '' + - description: Create or delete AWS CodePipelines + name: aws_codepipeline + namespace: '' + - description: Manage cross-account AWS Config authorizations + name: aws_config_aggregation_authorization + namespace: '' + - description: Manage AWS Config aggregations across multiple accounts + name: aws_config_aggregator + namespace: '' + - description: Manage AWS Config delivery channels + name: aws_config_delivery_channel + namespace: '' + - description: Manage AWS Config Recorders + name: aws_config_recorder + namespace: '' + - description: Manage AWS Config resources + name: aws_config_rule + namespace: '' + - description: Creates, deletes, modifies a DirectConnect connection + name: aws_direct_connect_connection + namespace: '' + - description: Manage AWS Direct Connect gateway + name: aws_direct_connect_gateway + namespace: '' + - description: Manage Direct Connect LAG bundles + name: aws_direct_connect_link_aggregation_group + namespace: '' + - description: Manage Direct Connect virtual interfaces + name: aws_direct_connect_virtual_interface + namespace: '' + - description: Manage Elastic Kubernetes Service Clusters + name: aws_eks_cluster + namespace: '' + - description: Create, update, and delete an elastic beanstalk application + name: aws_elasticbeanstalk_app + namespace: '' + - description: Manage an AWS Glue connection + name: aws_glue_connection + namespace: '' + - description: Manage an AWS Glue job + name: aws_glue_job + namespace: '' + - description: Create, Update and Delete Amazon Inspector Assessment Targets + name: aws_inspector_target + namespace: '' + - description: Perform various KMS management tasks. + name: aws_kms + namespace: '' + - description: Gather information about AWS KMS keys + name: aws_kms_info + namespace: '' + - description: Gather information about AWS regions. + name: aws_region_info + namespace: '' + - description: Lists S3 buckets in AWS + name: aws_s3_bucket_info + namespace: '' + - description: Manage CORS for S3 buckets in AWS + name: aws_s3_cors + namespace: '' + - description: Manage secrets stored in AWS Secrets Manager. + name: aws_secret + namespace: '' + - description: Manages SES email and domain identity + name: aws_ses_identity + namespace: '' + - description: Manages SES sending authorization policies + name: aws_ses_identity_policy + namespace: '' + - description: Manages SES inbound receipt rule sets + name: aws_ses_rule_set + namespace: '' + - description: Fetch AWS Storage Gateway information + name: aws_sgw_info + namespace: '' + - description: Manage key-value pairs in aws parameter store. + name: aws_ssm_parameter_store + namespace: '' + - description: Manage AWS Step Functions state machines + name: aws_step_functions_state_machine + namespace: '' + - description: Start or stop execution of an AWS Step Functions state machine. + name: aws_step_functions_state_machine_execution + namespace: '' + - description: Create and delete WAF Conditions + name: aws_waf_condition + namespace: '' + - description: Retrieve information for WAF ACLs, Rule , Conditions and Filters. + name: aws_waf_info + namespace: '' + - description: Create and delete WAF Rules + name: aws_waf_rule + namespace: '' + - description: Create and delete WAF Web ACLs. + name: aws_waf_web_acl + namespace: '' + - description: Read a value from CloudFormation Exports + name: cloudformation_exports_info + namespace: '' + - description: Manage groups of CloudFormation stacks + name: cloudformation_stack_set + namespace: '' + - description: Create, update and delete AWS CloudFront distributions. + name: cloudfront_distribution + namespace: '' + - description: Obtain facts about an AWS CloudFront distribution + name: cloudfront_info + namespace: '' + - description: create invalidations for AWS CloudFront distributions + name: cloudfront_invalidation + namespace: '' + - description: Create, update and delete origin access identities for a CloudFront + distribution + name: cloudfront_origin_access_identity + namespace: '' + - description: manage CloudTrail create, delete, update + name: cloudtrail + namespace: '' + - description: Manage CloudWatch Event rules and targets + name: cloudwatchevent_rule + namespace: '' + - description: create or delete log_group in CloudWatchLogs + name: cloudwatchlogs_log_group + namespace: '' + - description: Get information about log_group in CloudWatchLogs + name: cloudwatchlogs_log_group_info + namespace: '' + - description: Manage CloudWatch log group metric filter + name: cloudwatchlogs_log_group_metric_filter + namespace: '' + - description: Create and manage AWS Datapipelines + name: data_pipeline + namespace: '' + - description: Creates or destroys a data migration services endpoint + name: dms_endpoint + namespace: '' + - description: creates or destroys a data migration services subnet group + name: dms_replication_subnet_group + namespace: '' + - description: Create, update or delete AWS Dynamo DB tables + name: dynamodb_table + namespace: '' + - description: Set TTL for a given DynamoDB table + name: dynamodb_ttl + namespace: '' + - description: copies AMI between AWS regions, return new image id + name: ec2_ami_copy + namespace: '' + - description: Create or delete AWS AutoScaling Groups (ASGs) + name: ec2_asg + namespace: '' + - description: Gather information about ec2 Auto Scaling Groups (ASGs) in AWS + name: ec2_asg_info + namespace: '' + - description: Create, delete or update AWS ASG Lifecycle Hooks. + name: ec2_asg_lifecycle_hook + namespace: '' + - description: Manage an AWS customer gateway + name: ec2_customer_gateway + namespace: '' + - description: Gather information about customer gateways in AWS + name: ec2_customer_gateway_info + namespace: '' + - description: manages EC2 elastic IP (EIP) addresses. + name: ec2_eip + namespace: '' + - description: List EC2 EIP details + name: ec2_eip_info + namespace: '' + - description: De-registers or registers instances from EC2 ELBs + name: ec2_elb + namespace: '' + - description: Gather information about EC2 Elastic Load Balancers in AWS + name: ec2_elb_info + namespace: '' + - description: Create & manage EC2 instances + name: ec2_instance + namespace: '' + - description: Gather information about ec2 instances in AWS + name: ec2_instance_info + namespace: '' + - description: Manage EC2 launch templates + name: ec2_launch_template + namespace: '' + - description: Create or delete AWS Autoscaling Launch Configurations + name: ec2_lc + namespace: '' + - description: Find AWS Autoscaling Launch Configurations + name: ec2_lc_find + namespace: '' + - description: Gather information about AWS Autoscaling Launch Configurations. + name: ec2_lc_info + namespace: '' + - description: Create/update or delete AWS Cloudwatch 'metric alarms' + name: ec2_metric_alarm + namespace: '' + - description: Create or delete an EC2 Placement Group + name: ec2_placement_group + namespace: '' + - description: List EC2 Placement Group(s) details + name: ec2_placement_group_info + namespace: '' + - description: Create or delete AWS scaling policies for Autoscaling groups + name: ec2_scaling_policy + namespace: '' + - description: Copies an EC2 snapshot and returns the new Snapshot ID. + name: ec2_snapshot_copy + namespace: '' + - description: Create and delete AWS Transit Gateways + name: ec2_transit_gateway + namespace: '' + - description: Gather information about ec2 transit gateways in AWS + name: ec2_transit_gateway_info + namespace: '' + - description: Manage an AWS VPC Egress Only Internet gateway + name: ec2_vpc_egress_igw + namespace: '' + - description: Create and delete AWS VPC Endpoints. + name: ec2_vpc_endpoint + namespace: '' + - description: Retrieves AWS VPC endpoints details using AWS methods. + name: ec2_vpc_endpoint_info + namespace: '' + - description: Manage an AWS VPC Internet gateway + name: ec2_vpc_igw + namespace: '' + - description: Gather information about internet gateways in AWS + name: ec2_vpc_igw_info + namespace: '' + - description: create and delete Network ACLs. + name: ec2_vpc_nacl + namespace: '' + - description: Gather information about Network ACLs in an AWS VPC + name: ec2_vpc_nacl_info + namespace: '' + - description: Manage AWS VPC NAT Gateways. + name: ec2_vpc_nat_gateway + namespace: '' + - description: Retrieves AWS VPC Managed Nat Gateway details using AWS methods. + name: ec2_vpc_nat_gateway_info + namespace: '' + - description: create, delete, accept, and reject VPC peering connections between + two VPCs. + name: ec2_vpc_peer + namespace: '' + - description: Retrieves AWS VPC Peering details using AWS methods. + name: ec2_vpc_peering_info + namespace: '' + - description: Manage route tables for AWS virtual private clouds + name: ec2_vpc_route_table + namespace: '' + - description: Gather information about ec2 VPC route tables in AWS + name: ec2_vpc_route_table_info + namespace: '' + - description: Create and delete AWS VPN Virtual Gateways. + name: ec2_vpc_vgw + namespace: '' + - description: Gather information about virtual gateways in AWS + name: ec2_vpc_vgw_info + namespace: '' + - description: Create, modify, and delete EC2 VPN connections. + name: ec2_vpc_vpn + namespace: '' + - description: Gather information about VPN Connections in AWS. + name: ec2_vpc_vpn_info + namespace: '' + - description: Gets the default administrator password for ec2 windows instances + name: ec2_win_password + namespace: '' + - description: manage ecs attributes + name: ecs_attribute + namespace: '' + - description: Create or terminate ECS clusters. + name: ecs_cluster + namespace: '' + - description: Manage Elastic Container Registry repositories + name: ecs_ecr + namespace: '' + - description: Create, terminate, start or stop a service in ECS + name: ecs_service + namespace: '' + - description: List or describe services in ECS + name: ecs_service_info + namespace: '' + - description: create and remove tags on Amazon ECS resources + name: ecs_tag + namespace: '' + - description: Run, start or stop a task in ecs + name: ecs_task + namespace: '' + - description: register a task definition in ecs + name: ecs_taskdefinition + namespace: '' + - description: Describe a task definition in ECS + name: ecs_taskdefinition_info + namespace: '' + - description: create and maintain EFS file systems + name: efs + namespace: '' + - description: Get information about Amazon EFS file systems + name: efs_info + namespace: '' + - description: Manage cache clusters in Amazon ElastiCache + name: elasticache + namespace: '' + - description: Retrieve information for AWS ElastiCache clusters + name: elasticache_info + namespace: '' + - description: Manage cache parameter groups in Amazon ElastiCache. + name: elasticache_parameter_group + namespace: '' + - description: Manage cache snapshots in Amazon ElastiCache + name: elasticache_snapshot + namespace: '' + - description: manage ElastiCache subnet groups + name: elasticache_subnet_group + namespace: '' + - description: Manage an Application load balancer + name: elb_application_lb + namespace: '' + - description: Gather information about application ELBs in AWS + name: elb_application_lb_info + namespace: '' + - description: Creates or destroys Amazon ELB. + name: elb_classic_lb + namespace: '' + - description: Gather information about EC2 Elastic Load Balancers in AWS + name: elb_classic_lb_info + namespace: '' + - description: De-registers or registers instances from EC2 ELBs + name: elb_instance + namespace: '' + - description: Manage a Network Load Balancer + name: elb_network_lb + namespace: '' + - description: Manage a target in a target group + name: elb_target + namespace: '' + - description: Manage a target group for an Application or Network load balancer + name: elb_target_group + namespace: '' + - description: Gather information about ELB target groups in AWS + name: elb_target_group_info + namespace: '' + - description: Gathers which target groups a target is associated with. + name: elb_target_info + namespace: '' + - description: Execute an AWS Lambda function + name: execute_lambda + namespace: '' + - description: Manage IAM users, groups, roles and keys + name: iam + namespace: '' + - description: Manage server certificates for use on ELBs and CloudFront + name: iam_cert + namespace: '' + - description: Manage AWS IAM groups + name: iam_group + namespace: '' + - description: Manage User Managed IAM policies + name: iam_managed_policy + namespace: '' + - description: List the MFA (Multi-Factor Authentication) devices registered for + a user + name: iam_mfa_device_info + namespace: '' + - description: Update an IAM Password Policy + name: iam_password_policy + namespace: '' + - description: Manage inline IAM policies for users, groups, and roles + name: iam_policy + namespace: '' + - description: Retrieve inline IAM policies for users, groups, and roles + name: iam_policy_info + namespace: '' + - description: Manage AWS IAM roles + name: iam_role + namespace: '' + - description: Gather information on IAM roles + name: iam_role_info + namespace: '' + - description: Maintain IAM SAML federation configuration. + name: iam_saml_federation + namespace: '' + - description: Retrieve the information of a server certificate + name: iam_server_certificate_info + namespace: '' + - description: Manage AWS IAM users + name: iam_user + namespace: '' + - description: Gather IAM user(s) facts in AWS + name: iam_user_info + namespace: '' + - description: Manage a Kinesis Stream. + name: kinesis_stream + namespace: '' + - description: Manage AWS Lambda functions + name: lambda + namespace: '' + - description: Creates, updates or deletes AWS Lambda function aliases + name: lambda_alias + namespace: '' + - description: Creates, updates or deletes AWS Lambda function event mappings + name: lambda_event + namespace: '' + - description: Gathers AWS Lambda function details as Ansible facts + name: lambda_facts + namespace: '' + - description: Gathers AWS Lambda function details + name: lambda_info + namespace: '' + - description: Creates, updates or deletes AWS Lambda policy statements. + name: lambda_policy + namespace: '' + - description: Manage instances in AWS Lightsail + name: lightsail + namespace: '' + - description: create, delete, or modify Amazon rds instances, rds snapshots, + and related facts + name: rds + namespace: '' + - description: Manage RDS instances + name: rds_instance + namespace: '' + - description: obtain information about one or more RDS instances + name: rds_instance_info + namespace: '' + - description: manage RDS parameter groups + name: rds_param_group + namespace: '' + - description: manage Amazon RDS snapshots. + name: rds_snapshot + namespace: '' + - description: obtain information about one or more RDS snapshots + name: rds_snapshot_info + namespace: '' + - description: manage RDS database subnet groups + name: rds_subnet_group + namespace: '' + - description: Manage Redshift Cross Region Snapshots + name: redshift_cross_region_snapshots + namespace: '' + - description: Gather information about Redshift cluster(s) + name: redshift_info + namespace: '' + - description: add or delete entries in Amazons Route53 DNS service + name: route53 + namespace: '' + - description: Add or delete health-checks in Amazons Route53 DNS service + name: route53_health_check + namespace: '' + - description: Retrieves route53 details using AWS methods + name: route53_info + namespace: '' + - description: add or delete Route53 zones + name: route53_zone + namespace: '' + - description: Creates, updates or deletes S3 Bucket notification for lambda + name: s3_bucket_notification + namespace: '' + - description: Manage s3 bucket lifecycle rules in AWS + name: s3_lifecycle + namespace: '' + - description: Manage logging facility of an s3 bucket in AWS + name: s3_logging + namespace: '' + - description: Efficiently upload multiple files to S3 + name: s3_sync + namespace: '' + - description: Configure an s3 bucket as a website + name: s3_website + namespace: '' + - description: Send Amazon Simple Notification Service messages + name: sns + namespace: '' + - description: Manages AWS SNS topics and subscriptions + name: sns_topic + namespace: '' + - description: Creates or deletes AWS SQS queues. + name: sqs_queue + namespace: '' + - description: Assume a role using AWS Security Token Service and obtain temporary + credentials + name: sts_assume_role + namespace: '' + - description: Obtain a session token from the AWS Security Token Service + name: sts_session_token + namespace: '' + release_date: '2020-06-24' + 1.1.0: + changes: + deprecated_features: + - data_pipeline - the ``version`` option has been deprecated and will be removed + in a later release. It has always been ignored by the module. + - ec2_eip - the ``wait_timeout`` option has been deprecated and will be removed + in a later release. It has had no effect since Ansible 2.3. + - ec2_lc - the ``associate_public_ip_address`` option has been deprecated and + will be removed after a later release. It has always been ignored by the module. + - elb_network_lb - in a later release, the default behaviour for the ``state`` + option will change from ``absent`` to ``present``. To maintain the existing + behavior explicitly set state to ``absent``. + - iam_managed_policy - the ``fail_on_delete`` option has been deprecated and + will be removed after a later release. It has always been ignored by the module. + - iam_policy - in a later release, the default value for the ``skip_duplicates`` + option will change from ``true`` to ``false``. To maintain the existing behavior + explicitly set it to ``true``. + - iam_policy - the ``policy_document`` option has been deprecated and will be + removed after a later release. To maintain the existing behavior use the ``policy_json`` + option and read the file with the ``lookup`` plugin. + - iam_role - in a later release, the ``purge_policies`` option (also know as + ``purge_policy``) default value will change from ``true`` to ``false`` + - s3_lifecycle - the ``requester_pays`` option has been deprecated and will + be removed after a later release. It has always been ignored by the module. + - s3_sync - the ``retries`` option has been deprecated and will be removed after + 2022-06-01. It has always been ignored by the module. + minor_changes: + - Remaining community.aws AnsibleModule based modules migrated to AnsibleAWSModule. + - sanity - add future imports in all missing places. + fragments: + - 173-ansibleawsmodule.yaml + - porting-guide.yml + - sanity_fix_future_boilerplate.yml + release_date: '2020-08-13' diff --git a/changelogs/fragments/.empty b/changelogs/fragments/.empty deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/changelogs/fragments/173-ansibleawsmodule.yaml b/changelogs/fragments/173-ansibleawsmodule.yaml deleted file mode 100644 index 7e3653853c9..00000000000 --- a/changelogs/fragments/173-ansibleawsmodule.yaml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Remaining community.aws AnsibleModule based modules migrated to AnsibleAWSModule. diff --git a/changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml b/changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml deleted file mode 100644 index 68526821252..00000000000 --- a/changelogs/fragments/480004-cloudwatchlogs_log_group-KeyError.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - cloudwatchlogs_log_group - Fix a KeyError when updating a log group that does not have a retention period - (https://github.com/ansible/ansible/issues/47945) diff --git a/changelogs/fragments/56468-deprecate-lnb-absent.yml b/changelogs/fragments/56468-deprecate-lnb-absent.yml deleted file mode 100644 index 6e21d723986..00000000000 --- a/changelogs/fragments/56468-deprecate-lnb-absent.yml +++ /dev/null @@ -1,2 +0,0 @@ -deprecated_features: -- 'elb_network_lb: The current default value of the `state` option has been deprecated and will change from absent to present in Ansible 2.14' diff --git a/changelogs/fragments/58118-aws_api_gateway-params.yml b/changelogs/fragments/58118-aws_api_gateway-params.yml deleted file mode 100644 index ca3c44ea6eb..00000000000 --- a/changelogs/fragments/58118-aws_api_gateway-params.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - Allow all params that boto support in aws_api_gateway module diff --git a/changelogs/fragments/58822-aws-lamda-tracing-config.yaml b/changelogs/fragments/58822-aws-lamda-tracing-config.yaml deleted file mode 100644 index c88b4ca81b9..00000000000 --- a/changelogs/fragments/58822-aws-lamda-tracing-config.yaml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - lambda - add a tracing_mode parameter to set the TracingConfig for AWS X-Ray. Also allow updating Lambda runtime. diff --git a/changelogs/fragments/59597-ecs-allow_default_network_mode.yml b/changelogs/fragments/59597-ecs-allow_default_network_mode.yml deleted file mode 100644 index 3f2cb10d735..00000000000 --- a/changelogs/fragments/59597-ecs-allow_default_network_mode.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - ecs_task_definition - Add network_mode=default to support Windows ECS tasks. \ No newline at end of file diff --git a/changelogs/fragments/60508-route53-improve-octal-characters-handling.yml b/changelogs/fragments/60508-route53-improve-octal-characters-handling.yml deleted file mode 100644 index 4f99f4474b2..00000000000 --- a/changelogs/fragments/60508-route53-improve-octal-characters-handling.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -bugfixes: -- route53 - improve handling of octal encoded characters diff --git a/changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml b/changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml deleted file mode 100644 index 1975ea92d2d..00000000000 --- a/changelogs/fragments/60944-sns_topic-delivery_policy-changed.yml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: -- fixed issue with sns_topic's delivery_policy option resulting in changed - always being true diff --git a/changelogs/fragments/61263-aws_codecommit-description.yml b/changelogs/fragments/61263-aws_codecommit-description.yml deleted file mode 100644 index e3da4dff1e5..00000000000 --- a/changelogs/fragments/61263-aws_codecommit-description.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - aws_codecommit - Support updating the description diff --git a/changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml b/changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml deleted file mode 100644 index f3052fbebcc..00000000000 --- a/changelogs/fragments/61271-cloudfront_distribution-encryptionid.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- cloudfront_distribution - Always add field_level_encryption_id to cache behaviour to match AWS requirements diff --git a/changelogs/fragments/61279-ec2_launch_template-output.yml b/changelogs/fragments/61279-ec2_launch_template-output.yml deleted file mode 100644 index 176ef4eff0d..00000000000 --- a/changelogs/fragments/61279-ec2_launch_template-output.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- ec2_launch_template - Update output to include latest_version and default_version, matching the documentation diff --git a/changelogs/fragments/61577-support-iops-in-purefa_volume.yml b/changelogs/fragments/61577-support-iops-in-purefa_volume.yml deleted file mode 100644 index fd3f1f965ab..00000000000 --- a/changelogs/fragments/61577-support-iops-in-purefa_volume.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - purefa_volume - Change I(qos) parameter to I(bw_iops), but retain I(qos) as an alias for backwards compatability (https://github.com/ansible/ansible/pull/61577). diff --git a/changelogs/fragments/61805-azure-facts-info.yml b/changelogs/fragments/61805-azure-facts-info.yml deleted file mode 100644 index aa04f7e5ca2..00000000000 --- a/changelogs/fragments/61805-azure-facts-info.yml +++ /dev/null @@ -1,7 +0,0 @@ -bugfixes: -- "azure_rm_dnsrecordset_info - no longer returns empty ``azure_dnsrecordset`` facts when called as ``_info`` module." -- "azure_rm_resourcegroup_info - no longer returns ``azure_resourcegroups`` facts when called as ``_info`` module." -- "azure_rm_storageaccount_info - no longer returns empty ``azure_storageaccounts`` facts when called as ``_info`` module." -- "azure_rm_virtualmachineimage_info - no longer returns empty ``azure_vmimages`` facts when called as ``_info`` module." -- "azure_rm_virtualmachinescaleset_info - fix wrongly empty result, or ``ansible_facts`` result, when called as ``_info`` module." -- "azure_rm_virtualnetwork_info - no longer returns empty ``azure_virtualnetworks`` facts when called as ``_info`` module." diff --git a/changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml b/changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml deleted file mode 100644 index 0c949e4169e..00000000000 --- a/changelogs/fragments/61933-ec2_transit_gateway-honor-auto_attach-setting.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - ec2_transit_gateway - fixed issue where auto_attach set to yes was not being honored (https://github.com/ansible/ansible/issues/61907) diff --git a/changelogs/fragments/62014-iam_role_session_instanceprofile.yml b/changelogs/fragments/62014-iam_role_session_instanceprofile.yml deleted file mode 100644 index 50e64ac181e..00000000000 --- a/changelogs/fragments/62014-iam_role_session_instanceprofile.yml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: -- iam_role - Add support for removing the related instance profile when we delete the role -- iam_role - Add support for managing the maximum session duration diff --git a/changelogs/fragments/63362-remove-edgeos-filtering.yaml b/changelogs/fragments/63362-remove-edgeos-filtering.yaml deleted file mode 100644 index 9ed91ff4666..00000000000 --- a/changelogs/fragments/63362-remove-edgeos-filtering.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - edgeos_config - fix issue where module would silently filter out encrypted passwords diff --git a/changelogs/fragments/63924-boto3.yml b/changelogs/fragments/63924-boto3.yml deleted file mode 100644 index 4b4553f4e5a..00000000000 --- a/changelogs/fragments/63924-boto3.yml +++ /dev/null @@ -1,5 +0,0 @@ -minor_changes: -- "iam_policy - The iam_policy module has been migrated from boto to boto3." -deprecated_features: -- "iam_policy - The ``policy_document`` will be removed in Ansible 2.14. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin." -- "iam_policy - The default value of ``skip_duplicates`` will change in Ansible 2.14 from ``true`` to ``false``." diff --git a/changelogs/fragments/63961-deprecate-fail_on_delete.yml b/changelogs/fragments/63961-deprecate-fail_on_delete.yml deleted file mode 100644 index ad5ea495bb8..00000000000 --- a/changelogs/fragments/63961-deprecate-fail_on_delete.yml +++ /dev/null @@ -1,2 +0,0 @@ -deprecated_features: -- "iam_managed_policy - The ``fail_on_delete`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/63989-deprecate-unused.yml b/changelogs/fragments/63989-deprecate-unused.yml deleted file mode 100644 index 0068be6a15e..00000000000 --- a/changelogs/fragments/63989-deprecate-unused.yml +++ /dev/null @@ -1,3 +0,0 @@ -deprecated_features: -- "s3_sync - The ``retries`` option had no effect and will be removed in Ansible 2.14" -- "s3_lifecycle - The ``requester_pays`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/64230-deprecate-unused.yml b/changelogs/fragments/64230-deprecate-unused.yml deleted file mode 100644 index 050b9370ede..00000000000 --- a/changelogs/fragments/64230-deprecate-unused.yml +++ /dev/null @@ -1,5 +0,0 @@ -deprecated_features: -- "ec2_eip - The ``wait_timeout`` option had no effect and will be removed in Ansible 2.14" -- "ec2_key - The ``wait`` option had no effect and will be removed in Ansible 2.14" -- "ec2_key - The ``wait_timeout`` option had no effect and will be removed in Ansible 2.14" -- "ec2_lc - The ``associate_public_ip_address`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/64258-purge_policies.yml b/changelogs/fragments/64258-purge_policies.yml deleted file mode 100644 index 8d3a3beb8a4..00000000000 --- a/changelogs/fragments/64258-purge_policies.yml +++ /dev/null @@ -1,5 +0,0 @@ -deprecated_features: -- 'iam_role: The default value of the purge_policies has been deprecated and will change from true to false in Ansible 2.14' -minor_changes: -- 'iam_role, iam_user and iam_group: the managed_policy option has been renamed to managed_policies (with an alias added)' -- 'iam_role, iam_user and iam_group: the purge_policy option has been renamed to purge_policies (with an alias added)' diff --git a/changelogs/fragments/64368-deprecate-unused.yml b/changelogs/fragments/64368-deprecate-unused.yml deleted file mode 100644 index ce93d59ed6f..00000000000 --- a/changelogs/fragments/64368-deprecate-unused.yml +++ /dev/null @@ -1,3 +0,0 @@ -deprecated_features: -- "cloudformation - The ``template_format`` option had no effect since Ansible 2.3 and will be removed in Ansible 2.14" -- "data_pipeline - The ``version`` option had no effect and will be removed in Ansible 2.14" diff --git a/changelogs/fragments/64598-add-next-token-support.yml b/changelogs/fragments/64598-add-next-token-support.yml deleted file mode 100644 index 158f7140182..00000000000 --- a/changelogs/fragments/64598-add-next-token-support.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - cloudwatchlogs_log_group_info - remove limitation of max 50 results diff --git a/changelogs/fragments/64867-route53-diff.yml b/changelogs/fragments/64867-route53-diff.yml deleted file mode 100644 index a27be1b102f..00000000000 --- a/changelogs/fragments/64867-route53-diff.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "route53 - the module now has diff support." diff --git a/changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml b/changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml deleted file mode 100644 index 7253e1c9c78..00000000000 --- a/changelogs/fragments/65265-allow-udp-tcpudp-protocol.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: - - elb_network_lb - added support to UDP and TCP_UDP protocols - - elb_target_group - allow UDP and TCP_UDP protocols; permit only HTTP/HTTPS health checks using response codes and paths diff --git a/changelogs/fragments/65555-amazon-sanity-required.yml b/changelogs/fragments/65555-amazon-sanity-required.yml deleted file mode 100644 index ef385be3e48..00000000000 --- a/changelogs/fragments/65555-amazon-sanity-required.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- ec2_placement_group - make `name` a required field. diff --git a/changelogs/fragments/65557-iam-make-name-required.yml b/changelogs/fragments/65557-iam-make-name-required.yml deleted file mode 100644 index 81e2602e396..00000000000 --- a/changelogs/fragments/65557-iam-make-name-required.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- iam - make `name` a required field. diff --git a/changelogs/fragments/65558-iam_cert-require-name.yml b/changelogs/fragments/65558-iam_cert-require-name.yml deleted file mode 100644 index 2458c8491ff..00000000000 --- a/changelogs/fragments/65558-iam_cert-require-name.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- iam_cert - make `name` a required field. diff --git a/changelogs/fragments/65559-iam_policy-require-iam_name.yml b/changelogs/fragments/65559-iam_policy-require-iam_name.yml deleted file mode 100644 index 0242871ca40..00000000000 --- a/changelogs/fragments/65559-iam_policy-require-iam_name.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- iam_policy - make `iam_name` a required field. diff --git a/changelogs/fragments/66037-aws_kms.yml b/changelogs/fragments/66037-aws_kms.yml deleted file mode 100644 index 945d29cd230..00000000000 --- a/changelogs/fragments/66037-aws_kms.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - 'aws_kms: code refactor, some error messages updated' diff --git a/changelogs/fragments/66673-elb_target-awsretry.yaml b/changelogs/fragments/66673-elb_target-awsretry.yaml deleted file mode 100644 index 6523bb87a6c..00000000000 --- a/changelogs/fragments/66673-elb_target-awsretry.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - elb_target - add awsretry to prevent rate exceeded errors (https://github.com/ansible/ansible/issues/51108) diff --git a/changelogs/fragments/66779-redshift-backoff.yml b/changelogs/fragments/66779-redshift-backoff.yml deleted file mode 100644 index a18c0be7cd4..00000000000 --- a/changelogs/fragments/66779-redshift-backoff.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- 'redshift: Add AWSRetry calls for errors outside our control' diff --git a/changelogs/fragments/66795-sqs_queue-boto3.yaml b/changelogs/fragments/66795-sqs_queue-boto3.yaml deleted file mode 100644 index ea05c63bdae..00000000000 --- a/changelogs/fragments/66795-sqs_queue-boto3.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: -- 'sqs_queue: updated to use boto3 instead of boto' -- 'sqs_queue: Add support for tagging, KMS and FIFO queues' diff --git a/changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml b/changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml deleted file mode 100644 index 57c11832aaf..00000000000 --- a/changelogs/fragments/66863-ec2_asg-max_instance_lifetime-and-honor-wait-on-replace.yaml +++ /dev/null @@ -1,5 +0,0 @@ -minor_changes: -- 'ec2_asg: Migrated to AnsibleAWSModule' -- 'ec2_asg: Add support for Max Instance Lifetime' -bugfixes: -- 'ec2_asg: Ensure "wait" is honored during replace operations' diff --git a/changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml b/changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml deleted file mode 100644 index bd57c2dc30a..00000000000 --- a/changelogs/fragments/67045-ec2_asg_mixed_instance_policy.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups diff --git a/changelogs/fragments/67089-sns_topic-notfound-backoff.yaml b/changelogs/fragments/67089-sns_topic-notfound-backoff.yaml deleted file mode 100644 index dcd01aad484..00000000000 --- a/changelogs/fragments/67089-sns_topic-notfound-backoff.yaml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- sns_topic - Add backoff when we get Topic ``NotFound`` exceptions while listing the subscriptions. diff --git a/changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml b/changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml deleted file mode 100644 index 9e4d8e373b3..00000000000 --- a/changelogs/fragments/67247-fix-ec2_transit_gateway-retries.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - ec2_transit_gateway - Use AWSRetry before ClientError is handled when describing transit gateways diff --git a/changelogs/fragments/67651-aws-kms-key-rotation.yml b/changelogs/fragments/67651-aws-kms-key-rotation.yml deleted file mode 100644 index 542223fdf30..00000000000 --- a/changelogs/fragments/67651-aws-kms-key-rotation.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically key rotation. diff --git a/changelogs/fragments/67671-aws_acm-module_defaults.yaml b/changelogs/fragments/67671-aws_acm-module_defaults.yaml deleted file mode 100644 index 146e503ea55..00000000000 --- a/changelogs/fragments/67671-aws_acm-module_defaults.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: -- 'aws_acm: Add the module to group/aws for module_defaults.' -- 'aws_acm: Update automatic retries to stabilize the integration tests.' diff --git a/changelogs/fragments/67770-aws-kms-info-key-rotation.yml b/changelogs/fragments/67770-aws-kms-info-key-rotation.yml deleted file mode 100644 index adff2ab322b..00000000000 --- a/changelogs/fragments/67770-aws-kms-info-key-rotation.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. diff --git a/changelogs/fragments/dont-template-cli-passwords.yml b/changelogs/fragments/dont-template-cli-passwords.yml deleted file mode 100644 index 5c8dbea7e19..00000000000 --- a/changelogs/fragments/dont-template-cli-passwords.yml +++ /dev/null @@ -1,12 +0,0 @@ -bugfixes: -- > - **security issue** - Convert CLI provided passwords to text initially, to - prevent unsafe context being lost when converting from bytes->text during - post processing of PlayContext. This prevents CLI provided passwords from - being incorrectly templated (CVE-2019-14856) -- > - **security issue** - Update ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes`` - to maintain unsafe context by overriding ``.encode`` and ``.decode``. This - prevents future issues with ``to_text``, ``to_bytes``, or ``to_native`` - removing the unsafe wrapper when converting between string types - (CVE-2019-14856) diff --git a/changelogs/fragments/lineinfile-backrefs-match-object-type.yaml b/changelogs/fragments/lineinfile-backrefs-match-object-type.yaml deleted file mode 100644 index 55d532b3564..00000000000 --- a/changelogs/fragments/lineinfile-backrefs-match-object-type.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - lineinfile - properly handle inserting a line when backrefs are enabled and the line already exists in the file (https://github.com/ansible/ansible/issues/63756) diff --git a/changelogs/fragments/porting-guide.yml b/changelogs/fragments/porting-guide.yml deleted file mode 100644 index ebcc2a517e9..00000000000 --- a/changelogs/fragments/porting-guide.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -deprecated_features: - - iam_managed_policy - the ``fail_on_delete`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - - s3_lifecycle - the ``requester_pays`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - - s3_sync - the ``retries`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - - data_pipeline - the ``version`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - - ec2_eip - the ``wait_timeout`` option has been deprecated and will be removed in a later release. It has had no effect since Ansible 2.3. - - ec2_lc - the ``associate_public_ip_address`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - - iam_policy - the ``policy_document`` option has been deprecated and will be removed in a later release. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. - - iam_policy - in a later release, the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``. To maintain the existing behavior explicitly set it to ``true``. - - iam_role - in a later release, the ``purge_policies`` option (also know as ``purge_policy``) default value will change from ``true`` to ``false`` - - elb_network_lb - in a later release, the default behaviour for the ``state`` option will change from ``absent`` to ``present``. To maintain the existing behavior explicitly set state to ``absent``. diff --git a/changelogs/fragments/sanity_fix_future_boilerplate.yml b/changelogs/fragments/sanity_fix_future_boilerplate.yml deleted file mode 100644 index f8b85045a50..00000000000 --- a/changelogs/fragments/sanity_fix_future_boilerplate.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- sanity - add future imports in all missing places. diff --git a/changelogs/fragments/win_credential-wildcard.yaml b/changelogs/fragments/win_credential-wildcard.yaml deleted file mode 100644 index a27b5842365..00000000000 --- a/changelogs/fragments/win_credential-wildcard.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- win_credential - Fix issue that errors when trying to add a ``name`` with wildcards. diff --git a/docs/community.aws.aws_acm_info_module.rst b/docs/community.aws.aws_acm_info_module.rst index 793d00fd7d7..74b7b666a8e 100644 --- a/docs/community.aws.aws_acm_info_module.rst +++ b/docs/community.aws.aws_acm_info_module.rst @@ -38,234 +38,253 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    certificate_arn
    string -
    -     		- -
    If provided, the results will be filtered to show only the certificate with this ARN.
    -
    If no certificate with this ARN exists, this task will fail.
    -
    If a certificate with this ARN exists in a different region, this task will fail
    -

    aliases: arn
    -     		+ +
    If provided, the results will be filtered to show only the certificate with this ARN.
    +
    If no certificate with this ARN exists, this task will fail.
    +
    If a certificate with this ARN exists in a different region, this task will fail
    +

    aliases: arn
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    domain_name
    string -
    -     		- -
    The domain name of an ACM certificate to limit the search to
    -

    aliases: name
    -     		+ +
    The domain name of an ACM certificate to limit the search to
    +

    aliases: name
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    statuses
    list - / elements=string
    -     		-
      Choices: -
    • PENDING_VALIDATION
      • -
    • ISSUED
      • -
    • INACTIVE
      • -
    • EXPIRED
      • -
    • VALIDATION_TIMED_OUT
      • -
    • REVOKED
      • -
    • FAILED
      • -
    -     		-
    Status to filter the certificate results
    -
    + / elements=string + +
      Choices: +
    • PENDING_VALIDATION
      • +
    • ISSUED
      • +
    • INACTIVE
      • +
    • EXPIRED
      • +
    • VALIDATION_TIMED_OUT
      • +
    • REVOKED
      • +
    • FAILED
      • +
    +     		+
    Status to filter the certificate results
    +
    tags
    dictionary -
    -     		- -
    Filter results to show only certificates with tags that match all the tags specified here.
    -     		+ +
    Filter results to show only certificates with tags that match all the tags specified here.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    +
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -273,7 +292,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -284,7 +303,6 @@ Examples .. code-block:: yaml+jinja - - name: obtain all ACM certificates community.aws.aws_acm_info: @@ -311,8 +329,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -325,626 +341,626 @@ Common return values are documented `here Returned Description - - + +
    certificates
    complex -
    - + + always -
    A list of certificates
    -
    - +
    A list of certificates
    +
    + - -   - + +   +
    certificate
    string -
    - + + when certificate creation is complete -
    The ACM Certificate body
    -
    -
    Sample:
    -
    -----BEGIN CERTIFICATE-----\nMII.....-----END CERTIFICATE-----\n
    - +
    The ACM Certificate body
    +
    +
    Sample:
    +
    -----BEGIN CERTIFICATE-----\\nMII.....-----END CERTIFICATE-----\\n
    + - -   - + +   +
    certificate_arn
    string -
    - + + always -
    Certificate ARN
    -
    -
    Sample:
    -
    arn:aws:acm:ap-southeast-2:123456789012:certificate/abcd1234-abcd-1234-abcd-123456789abc
    - +
    Certificate ARN
    +
    +
    Sample:
    +
    arn:aws:acm:ap-southeast-2:123456789012:certificate/abcd1234-abcd-1234-abcd-123456789abc
    + - -   - + +   +
    certificate_chain
    string -
    - + + when certificate creation is complete -
    Full certificate chain for the certificate
    -
    -
    Sample:
    -
    -----BEGIN CERTIFICATE-----\nMII...\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n...
    - +
    Full certificate chain for the certificate
    +
    +
    Sample:
    +
    -----BEGIN CERTIFICATE-----\\nMII...\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n...
    + - -   - + +   +
    created_at
    string -
    - + + always -
    Date certificate was created
    -
    -
    Sample:
    -
    2017-08-15T10:31:19+10:00
    - +
    Date certificate was created
    +
    +
    Sample:
    +
    2017-08-15T10:31:19+10:00
    + - -   - + +   +
    domain_name
    string -
    - + + always -
    Domain name for the certificate
    -
    -
    Sample:
    -
    *.example.com
    - +
    Domain name for the certificate
    +
    +
    Sample:
    +
    *.example.com
    + - -   - + +   +
    domain_validation_options
    complex -
    - + + when certificate type is AMAZON_ISSUED -
    Options used by ACM to validate the certificate
    -
    - +
    Options used by ACM to validate the certificate
    +
    + - -   -   - + +   +   +
    domain_name
    string -
    - + + always -
    Fully qualified domain name of the certificate
    -
    -
    Sample:
    -
    example.com
    - +
    Fully qualified domain name of the certificate
    +
    +
    Sample:
    +
    example.com
    + - -   -   - + +   +   +
    validation_domain
    string -
    - + + always -
    The domain name ACM used to send validation emails
    -
    -
    Sample:
    -
    example.com
    - +
    The domain name ACM used to send validation emails
    +
    +
    Sample:
    +
    example.com
    + - -   -   - + +   +   +
    validation_emails
    list - / elements=string
    - + / elements=string + always -
    A list of email addresses that ACM used to send domain validation emails
    -
    -
    Sample:
    -
    ['admin@example.com', 'postmaster@example.com']
    - +
    A list of email addresses that ACM used to send domain validation emails
    +
    +
    Sample:
    +
    ['admin@example.com', 'postmaster@example.com']
    + - -   -   - + +   +   +
    validation_status
    string -
    - + + always -
    Validation status of the domain
    -
    -
    Sample:
    -
    SUCCESS
    - +
    Validation status of the domain
    +
    +
    Sample:
    +
    SUCCESS
    + - - -   - + + +   +
    failure_reason
    string -
    - + + only when certificate issuing failed -
    Reason certificate request failed
    -
    -
    Sample:
    -
    NO_AVAILABLE_CONTACTS
    - +
    Reason certificate request failed
    +
    +
    Sample:
    +
    NO_AVAILABLE_CONTACTS
    + - -   - + +   +
    in_use_by
    list - / elements=string
    - + / elements=string + always -
    A list of ARNs for the AWS resources that are using the certificate.
    -
    - +
    A list of ARNs for the AWS resources that are using the certificate.
    +
    + - -   - + +   +
    issued_at
    string -
    - + + always -
    Date certificate was issued
    -
    -
    Sample:
    -
    2017-01-01T00:00:00+10:00
    - +
    Date certificate was issued
    +
    +
    Sample:
    +
    2017-01-01T00:00:00+10:00
    + - -   - + +   +
    issuer
    string -
    - + + always -
    Issuer of the certificate
    -
    -
    Sample:
    -
    Amazon
    - +
    Issuer of the certificate
    +
    +
    Sample:
    +
    Amazon
    + - -   - + +   +
    key_algorithm
    string -
    - + + always -
    Algorithm used to generate the certificate
    -
    -
    Sample:
    -
    RSA-2048
    - +
    Algorithm used to generate the certificate
    +
    +
    Sample:
    +
    RSA-2048
    + - -   - + +   +
    not_after
    string -
    - + + always -
    Date after which the certificate is not valid
    -
    -
    Sample:
    -
    2019-01-01T00:00:00+10:00
    - +
    Date after which the certificate is not valid
    +
    +
    Sample:
    +
    2019-01-01T00:00:00+10:00
    + - -   - + +   +
    not_before
    string -
    - + + always -
    Date before which the certificate is not valid
    -
    -
    Sample:
    -
    2017-01-01T00:00:00+10:00
    - +
    Date before which the certificate is not valid
    +
    +
    Sample:
    +
    2017-01-01T00:00:00+10:00
    + - -   - + +   +
    renewal_summary
    complex -
    - + + when certificate is issued by Amazon and a renewal has been started -
    Information about managed renewal process
    -
    - +
    Information about managed renewal process
    +
    + - -   -   - + +   +   +
    domain_validation_options
    complex -
    - + + when certificate type is AMAZON_ISSUED -
    Options used by ACM to validate the certificate
    -
    - +
    Options used by ACM to validate the certificate
    +
    + - -   -   -   - + +   +   +   +
    domain_name
    string -
    - + + always -
    Fully qualified domain name of the certificate
    -
    -
    Sample:
    -
    example.com
    - +
    Fully qualified domain name of the certificate
    +
    +
    Sample:
    +
    example.com
    + - -   -   -   - + +   +   +   +
    validation_domain
    string -
    - + + always -
    The domain name ACM used to send validation emails
    -
    -
    Sample:
    -
    example.com
    - +
    The domain name ACM used to send validation emails
    +
    +
    Sample:
    +
    example.com
    + - -   -   -   - + +   +   +   +
    validation_emails
    list - / elements=string
    - + / elements=string + always -
    A list of email addresses that ACM used to send domain validation emails
    -
    -
    Sample:
    -
    ['admin@example.com', 'postmaster@example.com']
    - +
    A list of email addresses that ACM used to send domain validation emails
    +
    +
    Sample:
    +
    ['admin@example.com', 'postmaster@example.com']
    + - -   -   -   - + +   +   +   +
    validation_status
    string -
    - + + always -
    Validation status of the domain
    -
    -
    Sample:
    -
    SUCCESS
    - +
    Validation status of the domain
    +
    +
    Sample:
    +
    SUCCESS
    + - - -   -   - + + +   +   +
    renewal_status
    string -
    - + + always -
    Status of the domain renewal
    -
    -
    Sample:
    -
    PENDING_AUTO_RENEWAL
    - +
    Status of the domain renewal
    +
    +
    Sample:
    +
    PENDING_AUTO_RENEWAL
    + - - -   - + + +   +
    revocation_reason
    string -
    - + + when the certificate has been revoked -
    Reason for certificate revocation
    -
    -
    Sample:
    -
    SUPERCEDED
    - +
    Reason for certificate revocation
    +
    +
    Sample:
    +
    SUPERCEDED
    + - -   - + +   +
    revoked_at
    string -
    - + + when the certificate has been revoked -
    Date certificate was revoked
    -
    -
    Sample:
    -
    2017-09-01T10:00:00+10:00
    - +
    Date certificate was revoked
    +
    +
    Sample:
    +
    2017-09-01T10:00:00+10:00
    + - -   - + +   +
    serial
    string -
    - + + always -
    The serial number of the certificate
    -
    -
    Sample:
    -
    00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f
    - +
    The serial number of the certificate
    +
    +
    Sample:
    +
    00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f
    + - -   - + +   +
    signature_algorithm
    string -
    - + + always -
    Algorithm used to sign the certificate
    -
    -
    Sample:
    -
    SHA256WITHRSA
    - +
    Algorithm used to sign the certificate
    +
    +
    Sample:
    +
    SHA256WITHRSA
    + - -   - + +   +
    status
    string -
    - + + always -
    Status of the certificate in ACM
    -
    -
    Sample:
    -
    ISSUED
    - +
    Status of the certificate in ACM
    +
    +
    Sample:
    +
    ISSUED
    + - -   - + +   +
    subject
    string -
    - + + always -
    The name of the entity that is associated with the public key contained in the certificate
    -
    -
    Sample:
    -
    CN=*.example.com
    - +
    The name of the entity that is associated with the public key contained in the certificate
    +
    +
    Sample:
    +
    CN=*.example.com
    + - -   - + +   +
    subject_alternative_names
    list - / elements=string
    - + / elements=string + always -
    Subject Alternative Names for the certificate
    -
    -
    Sample:
    -
    ['*.example.com']
    - +
    Subject Alternative Names for the certificate
    +
    +
    Sample:
    +
    ['*.example.com']
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    Tags associated with the certificate
    -
    -
    Sample:
    -
    {'Application': 'helloworld', 'Environment': 'test'}
    - +
    Tags associated with the certificate
    +
    +
    Sample:
    +
    {'Application': 'helloworld', 'Environment': 'test'}
    + - -   - + +   +
    type
    string -
    - + + always -
    The source of the certificate
    -
    -
    Sample:
    -
    AMAZON_ISSUED
    - +
    The source of the certificate
    +
    +
    Sample:
    +
    AMAZON_ISSUED
    + - - + +

    @@ -956,5 +972,3 @@ Authors ~~~~~~~ - Will Thames (@willthames) - - diff --git a/docs/community.aws.aws_acm_module.rst b/docs/community.aws.aws_acm_module.rst index 40189ba6f08..40b9be63f00 100644 --- a/docs/community.aws.aws_acm_module.rst +++ b/docs/community.aws.aws_acm_module.rst @@ -52,292 +52,311 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    certificate
    string -
    -     		- -
    The body of the PEM encoded public certificate.
    -
    Required when state is not absent.
    -
    If your certificate is in a file, use lookup('file', 'path/to/cert.pem').
    -     		+ +
    The body of the PEM encoded public certificate.
    +
    Required when state is not absent.
    +
    If your certificate is in a file, use lookup('file', 'path/to/cert.pem').
    +
    +
    certificate_arn
    string -
    -     		- -
    The ARN of a certificate in ACM to delete
    -
    Ignored when state=present.
    -
    If state=absent, you must provide one of certificate_arn, domain_name or name_tag.
    -
    If state=absent and no resource exists with this ARN in this region, the task will succeed with no effect.
    -
    If state=absent and the corresponding resource exists in a different region, this task may report success without deleting that resource.
    -

    aliases: arn
    -     		+ +
    The ARN of a certificate in ACM to delete
    +
    Ignored when state=present.
    +
    If state=absent, you must provide one of certificate_arn, domain_name or name_tag.
    +
    If state=absent and no resource exists with this ARN in this region, the task will succeed with no effect.
    +
    If state=absent and the corresponding resource exists in a different region, this task may report success without deleting that resource.
    +

    aliases: arn
    +
    +
    certificate_chain
    string -
    -     		- -
    The body of the PEM encoded chain for your certificate.
    -
    If your certificate chain is in a file, use lookup('file', 'path/to/chain.pem').
    -
    Ignored when state=absent
    -     		+ +
    The body of the PEM encoded chain for your certificate.
    +
    If your certificate chain is in a file, use lookup('file', 'path/to/chain.pem').
    +
    Ignored when state=absent
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    domain_name
    string -
    -     		- -
    The domain name of the certificate.
    -
    If state=absent and domain_name is specified, this task will delete all ACM certificates with this domain.
    -
    Exactly one of domain_name, name_tag and certificate_arn must be provided.
    -
    If state=present this must not be specified. (Since the domain name is encoded within the public certificate's body.)
    -

    aliases: domain
    -     		+ +
    The domain name of the certificate.
    +
    If state=absent and domain_name is specified, this task will delete all ACM certificates with this domain.
    +
    Exactly one of domain_name, name_tag and certificate_arn must be provided.
    +
    If state=present this must not be specified. (Since the domain name is encoded within the public certificate's body.)
    +

    aliases: domain
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name_tag
    string -
    -     		- -
    The unique identifier for tagging resources using AWS tags, with key Name.
    -
    This can be any set of characters accepted by AWS for tag values.
    -
    This is to ensure Ansible can treat certificates idempotently, even though the ACM API allows duplicate certificates.
    -
    If state=preset, this must be specified.
    -
    If state=absent, you must provide exactly one of certificate_arn, domain_name or name_tag.
    -

    aliases: name
    -     		+ +
    The unique identifier for tagging resources using AWS tags, with key Name.
    +
    This can be any set of characters accepted by AWS for tag values.
    +
    This is to ensure Ansible can treat certificates idempotently, even though the ACM API allows duplicate certificates.
    +
    If state=preset, this must be specified.
    +
    If state=absent, you must provide exactly one of certificate_arn, domain_name or name_tag.
    +

    aliases: name
    +
    +
    private_key
    string -
    -     		- -
    The body of the PEM encoded private key.
    -
    Required when state=present.
    -
    Ignored when state=absent.
    -
    If your private key is in a file, use lookup('file', 'path/to/key.pem').
    -     		+ +
    The body of the PEM encoded private key.
    +
    Required when state=present.
    +
    Ignored when state=absent.
    +
    If your private key is in a file, use lookup('file', 'path/to/key.pem').
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    If state=present, the specified public certificate and private key will be uploaded, with Name tag equal to name_tag.
    -
    If state=absent, any certificates in this region with a corresponding domain_name, name_tag or certificate_arn will be deleted.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    If state=present, the specified public certificate and private key will be uploaded, with Name tag equal to name_tag.
    +
    If state=absent, any certificates in this region with a corresponding domain_name, name_tag or certificate_arn will be deleted.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -345,7 +364,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -356,8 +375,6 @@ Examples .. code-block:: yaml+jinja - - - name: upload a self-signed certificate community.aws.aws_acm: certificate: "{{ lookup('file', 'cert.pem' ) }}" @@ -376,7 +393,7 @@ Examples register: cert_create - name: print ARN of cert we just created - debug: + ansible.builtin.debug: var: cert_create.certificate.arn - name: delete the cert we just created @@ -399,8 +416,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -413,76 +428,76 @@ Common return values are documented `here Returned Description - - + +
    arns
    list - / elements=string
    - + / elements=string + when state=absent -
    A list of the ARNs of the certificates in ACM which were deleted
    -
    -
    Sample:
    -
    ['arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901']
    - +
    A list of the ARNs of the certificates in ACM which were deleted
    +
    +
    Sample:
    +
    ['arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901']
    + - - + +
    certificate
    complex -
    - + + when state=present -
    Information about the certificate which was uploaded
    -
    - +
    Information about the certificate which was uploaded
    +
    + - -   - + +   +
    arn
    string -
    - + + when state=present -
    The ARN of the certificate in ACM
    -
    -
    Sample:
    -
    arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901
    - +
    The ARN of the certificate in ACM
    +
    +
    Sample:
    +
    arn:aws:acm:ap-southeast-2:123456789012:certificate/01234567-abcd-abcd-abcd-012345678901
    + - -   - + +   +
    domain_name
    string -
    - + + when state=present -
    The domain name encoded within the public certificate
    -
    -
    Sample:
    -
    acm.ansible.com
    - +
    The domain name encoded within the public certificate
    +
    +
    Sample:
    +
    acm.ansible.com
    + - - + +

    @@ -494,5 +509,3 @@ Authors ~~~~~~~ - Matthew Davis (@matt-telstra) on behalf of Telstra Corporation Limited - - diff --git a/docs/community.aws.aws_api_gateway_module.rst b/docs/community.aws.aws_api_gateway_module.rst index d623936fc68..7b3da60f236 100644 --- a/docs/community.aws.aws_api_gateway_module.rst +++ b/docs/community.aws.aws_api_gateway_module.rst @@ -39,393 +39,412 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    api_id
    string -
    -     		- -
    The ID of the API you want to manage.
    -     		+ +
    The ID of the API you want to manage.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cache_enabled
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enable API GW caching of backend responses. Defaults to false.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enable API GW caching of backend responses. Defaults to false.
    +
    +
    cache_size
    string -
    -     		-
      Choices: -
    • 0.5 ←
      • -
    • 1.6
      • -
    • 6.1
      • -
    • 13.5
      • -
    • 28.4
      • -
    • 58.2
      • -
    • 118
      • -
    • 237
      • -
    -     		-
    Size in GB of the API GW cache, becomes effective when cache_enabled is true.
    -     		+
      Choices: +
    • 0.5 ←
      • +
    • 1.6
      • +
    • 6.1
      • +
    • 13.5
      • +
    • 28.4
      • +
    • 58.2
      • +
    • 118
      • +
    • 237
      • +
    +     		+
    Size in GB of the API GW cache, becomes effective when cache_enabled is true.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    deploy_desc
    string -
    -     		- Default:
    "Automatic deployment by Ansible."
    -     		-
    Description of the deployment - recorded and visible in the AWS console.
    -     		+ Default:
    "Automatic deployment by Ansible."
    +     		+
    Description of the deployment - recorded and visible in the AWS console.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    endpoint_type
    string -
    -     		-
      Choices: -
    • EDGE ←
      • -
    • REGIONAL
      • -
    • PRIVATE
      • -
    -     		-
    Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
    -
    REGIONAL for just a regional deploy or PRIVATE for a private API.
    -
    This will flag will only be used when creating a new API Gateway setup, not for updates.
    -     		+
      Choices: +
    • EDGE ←
      • +
    • REGIONAL
      • +
    • PRIVATE
      • +
    +     		+
    Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
    +
    REGIONAL for just a regional deploy or PRIVATE for a private API.
    +
    This will flag will only be used when creating a new API Gateway setup, not for updates.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    stage
    string -
    -     		- -
    The name of the stage the API should be deployed to.
    -     		+ +
    The name of the stage the API should be deployed to.
    +
    +
    stage_canary_settings
    dictionary -
    -     		- -
    Canary settings for the deployment of the stage.
    -
    Dict with following settings:
    -
    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
    -
    deploymentId: The ID of the canary deployment.
    -
    stageVariableOverrides: Stage variables overridden for a canary release deployment.
    -
    useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
    - -     		+ +
    Canary settings for the deployment of the stage.
    +
    Dict with following settings:
    +
    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
    +
    deploymentId: The ID of the canary deployment.
    +
    stageVariableOverrides: Stage variables overridden for a canary release deployment.
    +
    useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
    + +
    +
    stage_variables
    dictionary -
    -     		- -
    ENV variables for the stage. Define a dict of key values pairs for variables.
    -     		+ +
    ENV variables for the stage. Define a dict of key values pairs for variables.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete API Gateway.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete API Gateway.
    +
    +
    swagger_dict
    json -
    -     		- -
    Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
    -     		+ +
    Swagger definitions API ansible dictionary which will be converted to JSON and uploaded.
    +
    +
    swagger_file
    path -
    -     		- -
    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
    -

    aliases: src, api_file
    -     		+ +
    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
    +

    aliases: src, api_file
    +
    +
    swagger_text
    string -
    -     		- -
    Swagger definitions for API in JSON or YAML as a string direct from playbook.
    -     		+ +
    Swagger definitions for API in JSON or YAML as a string direct from playbook.
    +
    +
    tracing_enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies whether active tracing with X-ray is enabled for the API GW stage.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies whether active tracing with X-ray is enabled for the API GW stage.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -435,7 +454,7 @@ Notes .. note:: - A future version of this module will probably use tags or another ID so that an API can be create only once. - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -446,7 +465,6 @@ Examples .. code-block:: yaml+jinja - - name: Setup AWS API Gateway setup on AWS and deploy API definition community.aws.aws_api_gateway: swagger_file: my_api.yml @@ -478,7 +496,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -491,75 +508,75 @@ Common return values are documented `here Returned Description - - + +
    api_id
    string -
    - + + success -
    API id of the API endpoint created
    -
    -
    Sample:
    -
    0ln4zq7p86
    - +
    API id of the API endpoint created
    +
    +
    Sample:
    +
    0ln4zq7p86
    + - - + +
    configure_response
    dictionary -
    - + + success -
    AWS response from the API configure call
    -
    -
    Sample:
    -
    {'api_key_source': 'HEADER', 'created_at': '2020-01-01T11:37:59+00:00', 'id': '0ln4zq7p86'}
    - +
    AWS response from the API configure call
    +
    +
    Sample:
    +
    {'api_key_source': 'HEADER', 'created_at': '2020-01-01T11:37:59+00:00', 'id': '0ln4zq7p86'}
    + - - + +
    deploy_response
    dictionary -
    - + + success -
    AWS response from the API deploy call
    -
    -
    Sample:
    -
    {'created_date': '2020-01-01T11:36:59+00:00', 'id': 'rptv4b', 'description': 'Automatic deployment by Ansible.'}
    - +
    AWS response from the API deploy call
    +
    +
    Sample:
    +
    {'created_date': '2020-01-01T11:36:59+00:00', 'id': 'rptv4b', 'description': 'Automatic deployment by Ansible.'}
    + - - + +
    resource_actions
    list -
    - + + always -
    Actions performed against AWS API
    -
    -
    Sample:
    -
    ['apigateway:CreateRestApi', 'apigateway:CreateDeployment', 'apigateway:PutRestApi']
    - +
    Actions performed against AWS API
    +
    +
    Sample:
    +
    ['apigateway:CreateRestApi', 'apigateway:CreateDeployment', 'apigateway:PutRestApi']
    + - +

    @@ -571,5 +588,3 @@ Authors ~~~~~~~ - Michael De La Rue (@mikedlr) - - diff --git a/docs/community.aws.aws_application_scaling_policy_module.rst b/docs/community.aws.aws_application_scaling_policy_module.rst index 7f76effd9aa..566b546f187 100644 --- a/docs/community.aws.aws_application_scaling_policy_module.rst +++ b/docs/community.aws.aws_application_scaling_policy_module.rst @@ -38,458 +38,477 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    maximum_tasks
    integer -
    -     		- -
    The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service.
    -     		+ +
    The maximum value to scale to in response to a scale out event. This parameter is required if you are creating a first new policy for the specified service.
    +
    +
    minimum_tasks
    integer -
    -     		- -
    The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service.
    -     		+ +
    The minimum value to scale to in response to a scale in event. This parameter is required if you are creating a first new policy for the specified service.
    +
    +
    override_task_capacity
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to override values of minimum and/or maximum tasks if it's already set.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to override values of minimum and/or maximum tasks if it's already set.
    +
    +
    policy_name
    string - / required
    -     		- -
    The name of the scaling policy.
    -     		+ +
    The name of the scaling policy.
    +
    +
    policy_type
    string - / required
    -     		-
      Choices: -
    • StepScaling
      • -
    • TargetTrackingScaling
      • -
    -     		-
    The policy type.
    -     		+
      Choices: +
    • StepScaling
      • +
    • TargetTrackingScaling
      • +
    +     		+
    The policy type.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    resource_id
    string - / required
    -     		- -
    The identifier of the resource associated with the scalable target.
    -     		+ +
    The identifier of the resource associated with the scalable target.
    +
    +
    scalable_dimension
    string - / required
    -     		-
      Choices: -
    • ecs:service:DesiredCount
      • -
    • ec2:spot-fleet-request:TargetCapacity
      • -
    • elasticmapreduce:instancegroup:InstanceCount
      • -
    • appstream:fleet:DesiredCapacity
      • -
    • dynamodb:table:ReadCapacityUnits
      • -
    • dynamodb:table:WriteCapacityUnits
      • -
    • dynamodb:index:ReadCapacityUnits
      • -
    • dynamodb:index:WriteCapacityUnits
      • -
    -     		-
    The scalable dimension associated with the scalable target.
    -     		+
      Choices: +
    • ecs:service:DesiredCount
      • +
    • ec2:spot-fleet-request:TargetCapacity
      • +
    • elasticmapreduce:instancegroup:InstanceCount
      • +
    • appstream:fleet:DesiredCapacity
      • +
    • dynamodb:table:ReadCapacityUnits
      • +
    • dynamodb:table:WriteCapacityUnits
      • +
    • dynamodb:index:ReadCapacityUnits
      • +
    • dynamodb:index:WriteCapacityUnits
      • +
    +     		+
    The scalable dimension associated with the scalable target.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    service_namespace
    string - / required
    -     		-
      Choices: -
    • ecs
      • -
    • elasticmapreduce
      • -
    • ec2
      • -
    • appstream
      • -
    • dynamodb
      • -
    -     		-
    The namespace of the AWS service.
    -     		+
      Choices: +
    • ecs
      • +
    • elasticmapreduce
      • +
    • ec2
      • +
    • appstream
      • +
    • dynamodb
      • +
    +     		+
    The namespace of the AWS service.
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • absent
      • -
    • present
      • -
    -     		-
    Whether a policy should be present or absent
    -     		+
      Choices: +
    • absent
      • +
    • present
      • +
    +     		+
    Whether a policy should be present or absent
    +
    +
    step_scaling_policy_configuration
    dictionary -
    -     		- -
    A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
    -     		+ +
    A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
    +
    +
    target_tracking_scaling_policy_configuration
    dictionary -
    -     		- -
    A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
    -
    Full documentation of the suboptions can be found in the API documentation:
    - -
    + + + +
    A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
    +
    Full documentation of the suboptions can be found in the API documentation:
    + +
    CustomizedMetricSpecification
    dictionary -
    -     		- -
    The metric to use if using a customized metric.
    -     		+ +
    The metric to use if using a customized metric.
    +
    +
    DisableScaleIn
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether scaling-in should be disabled.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether scaling-in should be disabled.
    +
    +
    PredefinedMetricSpecification
    dictionary -
    -     		- -
    The metric to use if using a predefined metric.
    -     		+ +
    The metric to use if using a predefined metric.
    +
    +
    ScaleInCooldown
    integer -
    -     		- -
    The time (in seconds) to wait after scaling-in before another scaling action can occur.
    -     		+ +
    The time (in seconds) to wait after scaling-in before another scaling action can occur.
    +
    +
    ScaleOutCooldown
    integer -
    -     		- -
    The time (in seconds) to wait after scaling-out before another scaling action can occur.
    -     		+ +
    The time (in seconds) to wait after scaling-out before another scaling action can occur.
    +
    +
    TargetValue
    float -
    -     		- -
    The target value for the metric
    -
    + + + +
    The target value for the metric
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -498,7 +517,7 @@ Notes .. note:: - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/application-autoscaling.html#ApplicationAutoScaling.Client.put_scaling_policy - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -509,7 +528,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Create step scaling policy for ECS Service @@ -563,7 +581,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -576,428 +593,428 @@ Common return values are documented `here Returned Description - - + +
    alarms
    complex -
    - + + when state present -
    List of the CloudWatch alarms associated with the scaling policy
    -
    - +
    List of the CloudWatch alarms associated with the scaling policy
    +
    + - -   - + +   +
    alarm_arn
    string -
    - + + when state present -
    The Amazon Resource Name (ARN) of the alarm
    -
    - +
    The Amazon Resource Name (ARN) of the alarm
    +
    + - -   - + +   +
    alarm_name
    string -
    - + + when state present -
    The name of the alarm
    -
    - +
    The name of the alarm
    +
    + - - - + + +
    creation_time
    string -
    - + + when state present -
    The Unix timestamp for when the scalable target was created.
    -
    -
    Sample:
    -
    2017-09-28T08:22:51.881000-03:00
    - +
    The Unix timestamp for when the scalable target was created.
    +
    +
    Sample:
    +
    2017-09-28T08:22:51.881000-03:00
    + - - + +
    max_capacity
    integer -
    - + + when state present -
    The maximum value to scale to in response to a scale out event. Required if state is present.
    -
    -
    Sample:
    -
    2
    - +
    The maximum value to scale to in response to a scale out event. Required if state is present.
    +
    +
    Sample:
    +
    2
    + - - + +
    min_capacity
    integer -
    - + + when state present -
    The minimum value to scale to in response to a scale in event. Required if state is present.
    -
    -
    Sample:
    -
    1
    - +
    The minimum value to scale to in response to a scale in event. Required if state is present.
    +
    +
    Sample:
    +
    1
    + - - + +
    policy_arn
    string -
    - + + when state present -
    The Amazon Resource Name (ARN) of the scaling policy..
    -
    - +
    The Amazon Resource Name (ARN) of the scaling policy..
    +
    + - - + +
    policy_name
    string -
    - + + when state present -
    The name of the scaling policy.
    -
    - +
    The name of the scaling policy.
    +
    + - - + +
    policy_type
    string -
    - + + when state present -
    The policy type.
    -
    - +
    The policy type.
    +
    + - - + +
    resource_id
    string -
    - + + when state present -
    The identifier of the resource associated with the scalable target.
    -
    -
    Sample:
    -
    service/cluster-name/service-name
    - +
    The identifier of the resource associated with the scalable target.
    +
    +
    Sample:
    +
    service/cluster-name/service-name
    + - - + +
    role_arn
    string -
    - + + when state present -
    The ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf. Required if state is present.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789123:role/roleName
    - +
    The ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf. Required if state is present.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789123:role/roleName
    + - - + +
    scalable_dimension
    string -
    - + + when state present -
    The scalable dimension associated with the scalable target.
    -
    -
    Sample:
    -
    ecs:service:DesiredCount
    - +
    The scalable dimension associated with the scalable target.
    +
    +
    Sample:
    +
    ecs:service:DesiredCount
    + - - + +
    service_namespace
    string -
    - + + when state present -
    The namespace of the AWS service.
    -
    -
    Sample:
    -
    ecs
    - +
    The namespace of the AWS service.
    +
    +
    Sample:
    +
    ecs
    + - - + +
    step_scaling_policy_configuration
    complex -
    - + + when state present and the policy type is StepScaling -
    The step scaling policy.
    -
    - +
    The step scaling policy.
    +
    + - -   - + +   +
    adjustment_type
    string -
    - + + when state present and the policy type is StepScaling -
    The adjustment type
    -
    -
    Sample:
    -
    ChangeInCapacity, PercentChangeInCapacity, ExactCapacity
    - +
    The adjustment type
    +
    +
    Sample:
    +
    ChangeInCapacity, PercentChangeInCapacity, ExactCapacity
    + - -   - + +   +
    cooldown
    integer -
    - + + when state present and the policy type is StepScaling -
    The amount of time, in seconds, after a scaling activity completes where previous trigger-related scaling activities can influence future scaling events
    -
    -
    Sample:
    -
    60
    - +
    The amount of time, in seconds, after a scaling activity completes where previous trigger-related scaling activities can influence future scaling events
    +
    +
    Sample:
    +
    60
    + - -   - + +   +
    metric_aggregation_type
    string -
    - + + when state present and the policy type is StepScaling -
    The aggregation type for the CloudWatch metrics
    -
    -
    Sample:
    -
    Average, Minimum, Maximum
    - +
    The aggregation type for the CloudWatch metrics
    +
    +
    Sample:
    +
    Average, Minimum, Maximum
    + - -   - + +   +
    step_adjustments
    list - / elements=dictionary
    - + / elements=dictionary + when state present and the policy type is StepScaling -
    A set of adjustments that enable you to scale based on the size of the alarm breach
    -
    - +
    A set of adjustments that enable you to scale based on the size of the alarm breach
    +
    + - - - + + +
    target_tracking_scaling_policy_configuration
    complex -
    - + + when state present and the policy type is TargetTrackingScaling -
    The target tracking policy.
    -
    - +
    The target tracking policy.
    +
    + - -   - + +   +
    predefined_metric_specification
    complex -
    - + + when state present and the policy type is TargetTrackingScaling -
    A predefined metric
    -
    - +
    A predefined metric
    +
    + - -   -   - + +   +   +
    predefined_metric_type
    string -
    - + + when state present and the policy type is TargetTrackingScaling -
    The metric type
    -
    -
    Sample:
    -
    ECSServiceAverageCPUUtilization, ECSServiceAverageMemoryUtilization
    - +
    The metric type
    +
    +
    Sample:
    +
    ECSServiceAverageCPUUtilization, ECSServiceAverageMemoryUtilization
    + - -   -   - + +   +   +
    resource_label
    string -
    - + + when metric type is ALBRequestCountPerTarget -
    Identifies the resource associated with the metric type
    -
    - +
    Identifies the resource associated with the metric type
    +
    + - - -   - + + +   +
    scale_in_cooldown
    integer -
    - + + when state present and the policy type is TargetTrackingScaling -
    The amount of time, in seconds, after a scale in activity completes before another scale in activity can start
    -
    -
    Sample:
    -
    60
    - +
    The amount of time, in seconds, after a scale in activity completes before another scale in activity can start
    +
    +
    Sample:
    +
    60
    + - -   - + +   +
    scale_out_cooldown
    integer -
    - + + when state present and the policy type is TargetTrackingScaling -
    The amount of time, in seconds, after a scale out activity completes before another scale out activity can start
    -
    -
    Sample:
    -
    60
    - +
    The amount of time, in seconds, after a scale out activity completes before another scale out activity can start
    +
    +
    Sample:
    +
    60
    + - -   - + +   +
    target_value
    integer -
    - + + when state present and the policy type is TargetTrackingScaling -
    The target value for the metric
    -
    -
    Sample:
    -
    70
    - +
    The target value for the metric
    +
    +
    Sample:
    +
    70
    + - - + +

    @@ -1010,5 +1027,3 @@ Authors - Gustavo Maia (@gurumaia) - Chen Leibovich (@chenl87) - - diff --git a/docs/community.aws.aws_batch_compute_environment_module.rst b/docs/community.aws.aws_batch_compute_environment_module.rst index 223d746be03..d270d6a5d6b 100644 --- a/docs/community.aws.aws_batch_compute_environment_module.rst +++ b/docs/community.aws.aws_batch_compute_environment_module.rst @@ -17,7 +17,9 @@ Version added: 1.0.0 Synopsis -------- -- This module allows the management of AWS Batch Compute Environments. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. +- This module allows the management of AWS Batch Compute Environments. +- It is idempotent and supports "Check" mode. +- Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. @@ -36,447 +38,469 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / elements=string / required + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bid_percentage
    integer -
    -     		- -
    The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
    -     		+ +
    The minimum percentage that a Spot Instance price must be when compared with the On-Demand price for that instance type before instances are launched.
    +
    For example, if your bid percentage is 20%, then the Spot price must be below 20% of the current On-Demand price for that EC2 instance.
    +
    +
    compute_environment_name
    string - / required
    -     		- -
    The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
    -     		+ +
    The name for your compute environment.
    +
    Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed.
    +
    +
    compute_environment_state
    string -
    -     		-
      Choices: -
    • ENABLED ←
      • -
    • DISABLED
      • -
    -     		-
    The state of the compute environment. If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
    -     		+
      Choices: +
    • ENABLED ←
      • +
    • DISABLED
      • +
    +     		+
    The state of the compute environment.
    +
    If the state is ENABLED, then the compute environment accepts jobs from a queue and can scale out automatically based on queues.
    +
    +
    compute_resource_type
    string - / required
    -     		-
      Choices: -
    • EC2
      • -
    • SPOT
      • -
    -     		-
    The type of compute resource.
    -     		+
      Choices: +
    • EC2
      • +
    • SPOT
      • +
    +     		+
    The type of compute resource.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    desiredv_cpus
    integer -
    -     		- -
    The desired number of EC2 vCPUS in the compute environment.
    -     		+ +
    The desired number of EC2 vCPUS in the compute environment.
    +
    +
    ec2_key_pair
    string -
    -     		- -
    The EC2 key pair that is used for instances launched in the compute environment.
    -     		+ +
    The EC2 key pair that is used for instances launched in the compute environment.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    image_id
    string -
    -     		- -
    The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
    -     		+ +
    The Amazon Machine Image (AMI) ID used for instances launched in the compute environment.
    +
    +
    instance_role
    string - / required
    -     		- -
    The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
    -     		+ +
    The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment.
    +
    +
    instance_types
    list - / elements=string / required
    -     		- -
    The instance types that may be launched.
    -     		+ +
    The instance types that may be launched.
    +
    +
    maxv_cpus
    integer - / required
    -     		- -
    The maximum number of EC2 vCPUs that an environment can reach.
    -     		+ +
    The maximum number of EC2 vCPUs that an environment can reach.
    +
    +
    minv_cpus
    integer - / required
    -     		- -
    The minimum number of EC2 vCPUs that an environment should maintain.
    -     		+ +
    The minimum number of EC2 vCPUs that an environment should maintain.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_group_ids
    list - / elements=string / required
    -     		- -
    The EC2 security groups that are associated with instances launched in the compute environment.
    -     		+ +
    The EC2 security groups that are associated with instances launched in the compute environment.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    service_role
    string - / required
    -     		- -
    The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
    -     		+ +
    The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.
    +
    +
    spot_iam_fleet_role
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
    -     		+ +
    The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    subnets
    list - / elements=string / required
    -     		- -
    The VPC subnets into which the compute resources are launched.
    -     		+ +
    The VPC subnets into which the compute resources are launched.
    +
    +
    tags
    dictionary -
    -     		- -
    Key-value pair tags to be applied to resources that are launched in the compute environment.
    -     		+ +
    Key-value pair tags to be applied to resources that are launched in the compute environment.
    +
    +
    type
    string - / required
    -     		-
      Choices: -
    • MANAGED
      • -
    • UNMANAGED
      • -
    -     		-
    The type of the compute environment.
    -     		+
      Choices: +
    • MANAGED
      • +
    • UNMANAGED
      • +
    +     		+
    The type of the compute environment.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -484,7 +508,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -495,43 +519,35 @@ Examples .. code-block:: yaml+jinja - - --- - - hosts: localhost - gather_facts: no - vars: + - name: My Batch Compute Environment + community.aws.aws_batch_compute_environment: + compute_environment_name: computeEnvironmentName state: present - tasks: - - name: My Batch Compute Environment - community.aws.aws_batch_compute_environment: - compute_environment_name: computeEnvironmentName - state: present - region: us-east-1 - compute_environment_state: ENABLED - type: MANAGED - compute_resource_type: EC2 - minv_cpus: 0 - maxv_cpus: 2 - desiredv_cpus: 1 - instance_types: - - optimal - subnets: - - my-subnet1 - - my-subnet2 - security_group_ids: - - my-sg1 - - my-sg2 - instance_role: arn:aws:iam:::instance-profile/ - tags: - tag1: value1 - tag2: value2 - service_role: arn:aws:iam:::role/service-role/ - register: aws_batch_compute_environment_action - - - name: show results - debug: - var: aws_batch_compute_environment_action - + region: us-east-1 + compute_environment_state: ENABLED + type: MANAGED + compute_resource_type: EC2 + minv_cpus: 0 + maxv_cpus: 2 + desiredv_cpus: 1 + instance_types: + - optimal + subnets: + - my-subnet1 + - my-subnet2 + security_group_ids: + - my-sg1 + - my-sg2 + instance_role: arn:aws:iam:::instance-profile/ + tags: + tag1: value1 + tag2: value2 + service_role: arn:aws:iam:::role/service-role/ + register: aws_batch_compute_environment_action + + - name: show results + ansible.builtin.debug: + var: aws_batch_compute_environment_action @@ -547,24 +563,24 @@ Common return values are documented `here Returned Description - - + +
    output
    dictionary -
    - + + always -
    returns what action was taken, whether something was changed, invocation and response
    -
    -
    Sample:
    -
    {'batch_compute_environment_action': 'none', 'changed': False, 'invocation': {'module_args': {'aws_access_key': None, 'aws_secret_key': None, 'bid_percentage': None, 'compute_environment_name': '<name>', 'compute_environment_state': 'ENABLED', 'compute_resource_type': 'EC2', 'desiredv_cpus': 0, 'ec2_key_pair': None, 'ec2_url': None, 'image_id': None, 'instance_role': 'arn:aws:iam::...', 'instance_types': ['optimal'], 'maxv_cpus': 8, 'minv_cpus': 0, 'profile': None, 'region': 'us-east-1', 'security_group_ids': ['*******'], 'security_token': None, 'service_role': 'arn:aws:iam::....', 'spot_iam_fleet_role': None, 'state': 'present', 'subnets': ['******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'MANAGED', 'validate_certs': True}}, 'response': {'computeEnvironmentArn': 'arn:aws:batch:....', 'computeEnvironmentName': '<name>', 'computeResources': {'desiredvCpus': 0, 'instanceRole': 'arn:aws:iam::...', 'instanceTypes': ['optimal'], 'maxvCpus': 8, 'minvCpus': 0, 'securityGroupIds': ['******'], 'subnets': ['*******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'EC2'}, 'ecsClusterArn': 'arn:aws:ecs:.....', 'serviceRole': 'arn:aws:iam::...', 'state': 'ENABLED', 'status': 'VALID', 'statusReason': 'ComputeEnvironment Healthy', 'type': 'MANAGED'}}
    - +
    returns what action was taken, whether something was changed, invocation and response
    +
    +
    Sample:
    +
    {'batch_compute_environment_action': 'none', 'changed': False, 'invocation': {'module_args': {'aws_access_key': None, 'aws_secret_key': None, 'bid_percentage': None, 'compute_environment_name': '<name>', 'compute_environment_state': 'ENABLED', 'compute_resource_type': 'EC2', 'desiredv_cpus': 0, 'ec2_key_pair': None, 'ec2_url': None, 'image_id': None, 'instance_role': 'arn:aws:iam::...', 'instance_types': ['optimal'], 'maxv_cpus': 8, 'minv_cpus': 0, 'profile': None, 'region': 'us-east-1', 'security_group_ids': ['*******'], 'security_token': None, 'service_role': 'arn:aws:iam::....', 'spot_iam_fleet_role': None, 'state': 'present', 'subnets': ['******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'MANAGED', 'validate_certs': True}}, 'response': {'computeEnvironmentArn': 'arn:aws:batch:....', 'computeEnvironmentName': '<name>', 'computeResources': {'desiredvCpus': 0, 'instanceRole': 'arn:aws:iam::...', 'instanceTypes': ['optimal'], 'maxvCpus': 8, 'minvCpus': 0, 'securityGroupIds': ['******'], 'subnets': ['*******'], 'tags': {'Environment': '<name>', 'Name': '<name>'}, 'type': 'EC2'}, 'ecsClusterArn': 'arn:aws:ecs:.....', 'serviceRole': 'arn:aws:iam::...', 'state': 'ENABLED', 'status': 'VALID', 'statusReason': 'ComputeEnvironment Healthy', 'type': 'MANAGED'}}
    + - +

    @@ -576,5 +592,3 @@ Authors ~~~~~~~ - Jon Meran (@jonmer85) - - diff --git a/docs/community.aws.aws_batch_job_definition_module.rst b/docs/community.aws.aws_batch_job_definition_module.rst index 241bab98d91..e41b3ad6bc6 100644 --- a/docs/community.aws.aws_batch_job_definition_module.rst +++ b/docs/community.aws.aws_batch_job_definition_module.rst @@ -17,7 +17,9 @@ Version added: 1.0.0 Synopsis -------- -- This module allows the management of AWS Batch Job Definitions. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. +- This module allows the management of AWS Batch Job Definitions. +- It is idempotent and supports "Check" mode. +- Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. @@ -36,599 +38,618 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    attempts
    integer -
    -     		- -
    Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
    -     		+ +
    Retry strategy - The number of times to move a job to the RUNNABLE status. You may specify between 1 and 10 attempts. If attempts is greater than one, the job is retried if it fails until it has moved to RUNNABLE that many times.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    command
    list - / elements=string
    -     		- -
    The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
    -     		+ +
    The command that is passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    environment
    list - / elements=dictionary
    -     		- -
    The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run.
    -
    + / elements=dictionary + + +
    The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run.
    +
    name
    - -
    -     		- -
    The name of the key value pair. For environment variables, this is the name of the environment variable.
    -     		+ +
    The name of the key value pair. For environment variables, this is the name of the environment variable.
    +
    +
    value
    - -
    -     		- -
    The value of the key value pair. For environment variables, this is the value of the environment variable.
    -
    + + + +
    The value of the key value pair. For environment variables, this is the value of the environment variable.
    +
    image
    string - / required
    -     		- -
    The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
    -     		+ +
    The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image <colon>tag ``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run.
    +
    +
    job_definition_arn
    string -
    -     		- -
    The ARN for the job definition.
    -     		+ +
    The ARN for the job definition.
    +
    +
    job_definition_name
    string - / required
    -     		- -
    The name for the job definition.
    -     		+ +
    The name for the job definition.
    +
    +
    job_role_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
    -     		+ +
    The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
    +
    +
    memory
    integer - / required
    -     		- -
    The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
    -     		+ +
    The hard limit (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run.
    +
    +
    mount_points
    list - / elements=dictionary
    -     		- -
    The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
    -
    + / elements=dictionary + + +
    The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
    +
    containerPath
    - -
    -     		- -
    The path on the container at which to mount the host volume.
    -     		+ +
    The path on the container at which to mount the host volume.
    +
    +
    readOnly
    - -
    -     		- -
    If this value is true , the container has read-only access to the volume; otherwise, the container can write to the volume. The default value is false.
    -     		+ +
    If this value is true , the container has read-only access to the volume; otherwise, the container can write to the volume. The default value is false.
    +
    +
    sourceVolume
    - -
    -     		- -
    The name of the volume to mount.
    -
    + + + +
    The name of the volume to mount.
    +
    parameters
    dictionary -
    -     		- -
    Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
    -     		+ +
    Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
    +
    +
    privileged
    string -
    -     		- -
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
    -     		+ +
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    readonly_root_filesystem
    string -
    -     		- -
    When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
    -     		+ +
    When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    type
    string - / required
    -     		- -
    The type of job definition.
    -     		+ +
    The type of job definition.
    +
    +
    ulimits
    list - / elements=dictionary
    -     		- -
    A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run.
    -
    + / elements=dictionary + + +
    A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run.
    +
    hardLimit
    - -
    -     		- -
    The hard limit for the ulimit type.
    -     		+ +
    The hard limit for the ulimit type.
    +
    +
    name
    - -
    -     		- -
    The type of the ulimit.
    -     		+ +
    The type of the ulimit.
    +
    +
    softLimit
    - -
    -     		- -
    The soft limit for the ulimit type.
    -
    + + + +
    The soft limit for the ulimit type.
    +
    user
    string -
    -     		- -
    The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
    -     		+ +
    The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vcpus
    integer - / required
    -     		- -
    The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
    -     		+ +
    The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares.
    +
    +
    volumes
    list - / elements=dictionary
    -     		- -
    A list of data volumes used in a job.
    -
    + / elements=dictionary + + +
    A list of data volumes used in a job.
    +
    host
    - -
    -     		- -
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume, but the data is not guaranteed to persist after the containers associated with it stop running. This is a dictionary with one property, sourcePath - The path on the host container instance that is presented to the container. If this parameter is empty,then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value does not exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
    -     		+ +
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume, but the data is not guaranteed to persist after the containers associated with it stop running. This is a dictionary with one property, sourcePath - The path on the host container instance that is presented to the container. If this parameter is empty,then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value does not exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
    +
    +
    name
    - -
    -     		- -
    The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
    -
    + + + + + +
    The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints.
    + + + +
    @@ -636,7 +657,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -647,7 +668,6 @@ Examples .. code-block:: yaml+jinja - --- - hosts: localhost gather_facts: no @@ -674,8 +694,7 @@ Examples register: job_definition_create_result - name: show results - debug: var=job_definition_create_result - + ansible.builtin.debug: var=job_definition_create_result @@ -691,24 +710,24 @@ Common return values are documented `here Returned Description - - + +
    output
    dictionary -
    - + + always -
    returns what action was taken, whether something was changed, invocation and response
    -
    -
    Sample:
    -
    {'aws_batch_job_definition_action': 'none', 'changed': False, 'response': {'job_definition_arn': 'arn:aws:batch:....', 'job_definition_name': '<name>', 'status': 'INACTIVE', 'type': 'container'}}
    - +
    returns what action was taken, whether something was changed, invocation and response
    +
    +
    Sample:
    +
    {'aws_batch_job_definition_action': 'none', 'changed': False, 'response': {'job_definition_arn': 'arn:aws:batch:....', 'job_definition_name': '<name>', 'status': 'INACTIVE', 'type': 'container'}}
    + - +

    @@ -720,5 +739,3 @@ Authors ~~~~~~~ - Jon Meran (@jonmer85) - - diff --git a/docs/community.aws.aws_batch_job_queue_module.rst b/docs/community.aws.aws_batch_job_queue_module.rst index 0173794f19e..108aec0d249 100644 --- a/docs/community.aws.aws_batch_job_queue_module.rst +++ b/docs/community.aws.aws_batch_job_queue_module.rst @@ -17,7 +17,9 @@ Version added: 1.0.0 Synopsis -------- -- This module allows the management of AWS Batch Job Queues. It is idempotent and supports "Check" mode. Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. +- This module allows the management of AWS Batch Job Queues. +- It is idempotent and supports "Check" mode. +- Use module :ref:`community.aws.aws_batch_compute_environment ` to manage the compute environment, :ref:`community.aws.aws_batch_job_queue ` to manage job queues, :ref:`community.aws.aws_batch_job_definition ` to manage job definitions. @@ -36,277 +38,296 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    compute_environment_order
    list - / elements=dictionary / required
    -     		- -
    The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
    -     		+ +
    The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment should execute a given job. Compute environments must be in the VALID state before you can associate them with a job queue. You can associate up to 3 compute environments with a job queue.
    +
    +
    compute_environment
    string -
    -     		- -
    The name of the compute environment.
    -     		+ +
    The name of the compute environment.
    +
    +
    order
    integer -
    -     		- -
    The relative priority of the environment.
    -     		+ +
    The relative priority of the environment.
    +
    + +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    job_queue_name
    string - / required
    -     		- -
    The name for the job queue
    -     		+ +
    The name for the job queue
    +
    +
    job_queue_state
    string -
    -     		-
      Choices: -
    • ENABLED ←
      • -
    • DISABLED
      • -
    -     		-
    The state of the job queue. If the job queue state is ENABLED , it is able to accept jobs.
    -     		+
      Choices: +
    • ENABLED ←
      • +
    • DISABLED
      • +
    +     		+
    The state of the job queue. If the job queue state is ENABLED, it is able to accept jobs.
    +
    +
    priority
    integer - / required
    -     		- -
    The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
    -     		+ +
    The priority of the job queue. Job queues with a higher priority (or a lower integer value for the priority parameter) are evaluated first when associated with same compute environment. Priority is determined in ascending order, for example, a job queue with a priority value of 1 is given scheduling preference over a job queue with a priority value of 10.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -314,7 +335,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -325,31 +346,23 @@ Examples .. code-block:: yaml+jinja - - --- - - hosts: localhost - gather_facts: no - vars: + - name: My Batch Job Queue + community.aws.aws_batch_job_queue: + job_queue_name: jobQueueName state: present - tasks: - - name: My Batch Job Queue - community.aws.aws_batch_job_queue: - job_queue_name: jobQueueName - state: present - region: us-east-1 - job_queue_state: ENABLED - priority: 1 - compute_environment_order: - - order: 1 - compute_environment: my_compute_env1 - - order: 2 - compute_environment: my_compute_env2 - register: batch_job_queue_action - - - name: show results - debug: - var: batch_job_queue_action + region: us-east-1 + job_queue_state: ENABLED + priority: 1 + compute_environment_order: + - order: 1 + compute_environment: my_compute_env1 + - order: 2 + compute_environment: my_compute_env2 + register: batch_job_queue_action + - name: show results + ansible.builtin.debug: + var: batch_job_queue_action @@ -365,24 +378,24 @@ Common return values are documented `here Returned Description - - + +
    output
    dictionary -
    - + + always -
    returns what action was taken, whether something was changed, invocation and response
    -
    -
    Sample:
    -
    {'batch_job_queue_action': 'updated', 'changed': False, 'response': {'job_queue_arn': 'arn:aws:batch:....', 'job_queue_name': '<name>', 'priority': 1, 'state': 'DISABLED', 'status': 'UPDATING', 'status_reason': 'JobQueue Healthy'}}
    - +
    returns what action was taken, whether something was changed, invocation and response
    +
    +
    Sample:
    +
    {'batch_job_queue_action': 'updated', 'changed': False, 'response': {'job_queue_arn': 'arn:aws:batch:....', 'job_queue_name': '<name>', 'priority': 1, 'state': 'DISABLED', 'status': 'UPDATING', 'status_reason': 'JobQueue Healthy'}}
    + - +

    @@ -394,5 +407,3 @@ Authors ~~~~~~~ - Jon Meran (@jonmer85) - - diff --git a/docs/community.aws.aws_codebuild_module.rst b/docs/community.aws.aws_codebuild_module.rst index 6e1313d128b..fe5872f9bbe 100644 --- a/docs/community.aws.aws_codebuild_module.rst +++ b/docs/community.aws.aws_codebuild_module.rst @@ -37,680 +37,699 @@ Parameters .. raw:: html - + - + - - + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - - + + - - + / required + + + - - - + + - - + / required + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    artifacts
    dictionary - / required
    -     		- -
    Information about the build output artifacts for the build project.
    -     		+ +
    Information about the build output artifacts for the build project.
    +
    +
    location
    - -
    -     		- -
    Information about the build output artifact location. When choosing type S3, set the bucket name here.
    -     		+ +
    Information about the build output artifact location. When choosing type S3, set the bucket name here.
    +
    +
    name
    - -
    -     		- -
    Along with path and namespace_type, the pattern that AWS CodeBuild will use to name and store the output artifact.
    -     		+ +
    Along with path and namespace_type, the pattern that AWS CodeBuild will use to name and store the output artifact.
    +
    +
    namespace_type
    - -
    -     		- -
    Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts.
    -
    Accepts BUILD_ID and NONE.
    - -     		+ +
    Along with path and name, the pattern that AWS CodeBuild will use to determine the name and location to store the output artifacts.
    +
    Accepts BUILD_ID and NONE.
    + +
    +
    packaging
    - -
    -     		- -
    The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file.
    -     		+ +
    The type of build output artifact to create on S3, can be NONE for creating a folder or ZIP for a ZIP file.
    +
    +
    path
    - -
    -     		- -
    Along with namespace_type and name, the pattern that AWS CodeBuild will use to name and store the output artifacts.
    -
    Used for path in S3 bucket when type is S3.
    -     		+ +
    Along with namespace_type and name, the pattern that AWS CodeBuild will use to name and store the output artifacts.
    +
    Used for path in S3 bucket when type is S3.
    +
    +
    type
    - - / required
    -     		- -
    The type of build output for artifacts. Can be one of the following: CODEPIPELINE, NO_ARTIFACTS, S3.
    -     		+ +
    The type of build output for artifacts. Can be one of the following: CODEPIPELINE, NO_ARTIFACTS, S3.
    +
    + +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cache
    dictionary -
    -     		- -
    Caching params to speed up following builds.
    -     		+ +
    Caching params to speed up following builds.
    +
    +
    location
    - - / required
    -     		- -
    Caching location on S3.
    -     		+ +
    Caching location on S3.
    +
    +
    type
    - - / required
    -     		- -
    Cache type. Can be NO_CACHE or S3.
    -     		+ +
    Cache type. Can be NO_CACHE or S3.
    +
    + +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    Descriptive text of the CodeBuild project.
    -     		+ +
    Descriptive text of the CodeBuild project.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    encryption_key
    string -
    -     		- -
    The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
    -     		+ +
    The AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build output artifacts.
    +
    +
    environment
    dictionary -
    -     		- -
    Information about the build environment for the build project.
    -     		+ +
    Information about the build environment for the build project.
    +
    +
    compute_type
    - - / required
    -     		- -
    Information about the compute resources the build project will use.
    -
    Available values include: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE.
    -     		+ +
    Information about the compute resources the build project will use.
    +
    Available values include: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE.
    +
    +
    environment_variables
    - -
    -     		- -
    A set of environment variables to make available to builds for the build project. List of dictionaries with name and value fields.
    -
    Example: { name: 'MY_ENV_VARIABLE', value: 'test' }
    -     		+ +
    A set of environment variables to make available to builds for the build project. List of dictionaries with name and value fields.
    +
    Example: { name: 'MY_ENV_VARIABLE', value: 'test' }
    +
    +
    image
    - - / required
    -     		- -
    The ID of the Docker image to use for this build project.
    -     		+ +
    The ID of the Docker image to use for this build project.
    +
    +
    privileged_mode
    - -
    -     		- -
    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
    -     		+ +
    Enables running the Docker daemon inside a Docker container. Set to true only if the build project is be used to build Docker images.
    +
    +
    type
    - - / required
    -     		- -
    The type of build environment to use for the project. Usually LINUX_CONTAINER.
    -     		+ +
    The type of build environment to use for the project. Usually LINUX_CONTAINER.
    +
    + +
    name
    string - / required
    -     		- -
    Name of the CodeBuild project.
    -     		+ +
    Name of the CodeBuild project.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    service_role
    string -
    -     		- -
    The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
    -     		+ +
    The ARN of the AWS IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
    +
    +
    source
    dictionary - / required
    -     		- -
    Configure service and location for the build input source.
    -     		+ +
    Configure service and location for the build input source.
    +
    +
    buildspec
    string -
    -     		- -
    The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
    -     		+ +
    The build spec declaration to use for the builds in this build project. Leave empty if part of the code project.
    +
    +
    git_clone_depth
    integer -
    -     		- -
    When using git you can specify the clone depth as an integer here.
    -     		+ +
    When using git you can specify the clone depth as an integer here.
    +
    +
    insecure_ssl
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Enable this flag to ignore SSL warnings while connecting to the project source code.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Enable this flag to ignore SSL warnings while connecting to the project source code.
    +
    +
    location
    string -
    -     		- -
    Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
    -     		+ +
    Information about the location of the source code to be built. For type CODEPIPELINE location should not be specified.
    +
    +
    type
    string - / required
    -     		- -
    The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE.
    -     		+ +
    The type of the source. Allows one of these: CODECOMMIT, CODEPIPELINE, GITHUB, S3, BITBUCKET, GITHUB_ENTERPRISE.
    +
    + +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove code build project.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove code build project.
    +
    +
    tags
    list - / elements=dictionary
    -     		- -
    A set of tags for the build project.
    -     		+ +
    A set of tags for the build project.
    +
    +
    key
    string -
    -     		- -
    The name of the Tag.
    -     		+ +
    The name of the Tag.
    +
    +
    value
    string -
    -     		- -
    The value of the Tag.
    -     		+ +
    The value of the Tag.
    +
    + +
    timeout_in_minutes
    integer -
    -     		- Default:
    60
    -     		-
    How long CodeBuild should wait until timing out any build that has not been marked as completed.
    -     		+ Default:
    60
    +     		+
    How long CodeBuild should wait until timing out any build that has not been marked as completed.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_config
    dictionary -
    -     		- -
    The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
    -     		+ +
    The VPC config enables AWS CodeBuild to access resources in an Amazon VPC.
    +
    +
    @@ -719,7 +738,7 @@ Notes .. note:: - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -730,7 +749,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - community.aws.aws_codebuild: @@ -759,7 +777,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -772,353 +789,353 @@ Common return values are documented `here Returned Description - - + +
    project
    complex -
    - + + success -
    Returns the dictionary describing the code project configuration.
    -
    - +
    Returns the dictionary describing the code project configuration.
    +
    + - -   - + +   +
    arn
    string -
    - + + always -
    ARN of the CodeBuild project
    -
    -
    Sample:
    -
    arn:aws:codebuild:us-east-1:123123123:project/vod-api-app-builder
    - +
    ARN of the CodeBuild project
    +
    +
    Sample:
    +
    arn:aws:codebuild:us-east-1:123123123:project/vod-api-app-builder
    + - -   - + +   +
    artifacts
    complex -
    - + + always -
    Information about the output of build artifacts
    -
    - +
    Information about the output of build artifacts
    +
    + - -   -   - + +   +   +
    location
    string -
    - + + when configured -
    Output location for build artifacts
    -
    - +
    Output location for build artifacts
    +
    + - -   -   - + +   +   +
    type
    string -
    - + + always -
    The type of build artifact.
    -
    -
    Sample:
    -
    CODEPIPELINE
    - +
    The type of build artifact.
    +
    +
    Sample:
    +
    CODEPIPELINE
    + - - -   - + + +   +
    cache
    dictionary -
    - + + when configured -
    Cache settings for the build project.
    -
    - +
    Cache settings for the build project.
    +
    + - -   - + +   +
    created
    string -
    - + + always -
    Timestamp of the create time of the project
    -
    -
    Sample:
    -
    2018-04-17T16:56:03.245000+02:00
    - +
    Timestamp of the create time of the project
    +
    +
    Sample:
    +
    2018-04-17T16:56:03.245000+02:00
    + - -   - + +   +
    description
    string -
    - + + always -
    A description of the build project
    -
    -
    Sample:
    -
    My nice little project
    - +
    A description of the build project
    +
    +
    Sample:
    +
    My nice little project
    + - -   - + +   +
    environment
    dictionary -
    - + + always -
    Environment settings for the build
    -
    - +
    Environment settings for the build
    +
    + - -   - + +   +
    name
    string -
    - + + always -
    Name of the CodeBuild project
    -
    -
    Sample:
    -
    my_project
    - +
    Name of the CodeBuild project
    +
    +
    Sample:
    +
    my_project
    + - -   - + +   +
    service_role
    string -
    - + + always -
    IAM role to be used during build to access other AWS services.
    -
    -
    Sample:
    -
    arn:aws:iam::123123123:role/codebuild-service-role
    - +
    IAM role to be used during build to access other AWS services.
    +
    +
    Sample:
    +
    arn:aws:iam::123123123:role/codebuild-service-role
    + - -   - + +   +
    source
    complex -
    - + + always -
    Information about the build input source code.
    -
    - +
    Information about the build input source code.
    +
    + - -   -   - + +   +   +
    auth
    complex -
    - + + when configured -
    Information about the authorization settings for AWS CodeBuild to access the source code to be built.
    -
    - +
    Information about the authorization settings for AWS CodeBuild to access the source code to be built.
    +
    + - -   -   - + +   +   +
    build_spec
    string -
    - + + always -
    The build spec declaration to use for the builds in this build project.
    -
    - +
    The build spec declaration to use for the builds in this build project.
    +
    + - -   -   - + +   +   +
    git_clone_depth
    integer -
    - + + when configured -
    The git clone depth
    -
    - +
    The git clone depth
    +
    + - -   -   - + +   +   +
    insecure_ssl
    boolean -
    - + + when configured -
    True if set to ignore SSL warnings.
    -
    - +
    True if set to ignore SSL warnings.
    +
    + - -   -   - + +   +   +
    location
    string -
    - + + when configured -
    Location identifier, depending on the source type.
    -
    - +
    Location identifier, depending on the source type.
    +
    + - -   -   - + +   +   +
    type
    string -
    - + + always -
    The type of the repository
    -
    -
    Sample:
    -
    CODEPIPELINE
    - +
    The type of the repository
    +
    +
    Sample:
    +
    CODEPIPELINE
    + - - -   - + + +   +
    tags
    list -
    - + + when configured -
    Tags added to the project
    -
    - +
    Tags added to the project
    +
    + - -   - + +   +
    timeout_in_minutes
    integer -
    - + + always -
    The timeout of a build in minutes
    -
    -
    Sample:
    -
    60
    - +
    The timeout of a build in minutes
    +
    +
    Sample:
    +
    60
    + - - + +

    @@ -1130,5 +1147,3 @@ Authors ~~~~~~~ - Stefan Horning (@stefanhorning) - - diff --git a/docs/community.aws.aws_codecommit_module.rst b/docs/community.aws.aws_codecommit_module.rst index c58d960ff2a..ac3d996b448 100644 --- a/docs/community.aws.aws_codecommit_module.rst +++ b/docs/community.aws.aws_codecommit_module.rst @@ -38,211 +38,230 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    description or comment of repository.
    -

    aliases: comment
    -     		+ +
    description or comment of repository.
    +

    aliases: comment
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    name of repository.
    -     		+ +
    name of repository.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies the state of repository.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies the state of repository.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -250,7 +269,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -261,7 +280,6 @@ Examples .. code-block:: yaml+jinja - # Create a new repository - community.aws.aws_codecommit: name: repo @@ -274,7 +292,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -287,271 +304,271 @@ Common return values are documented `here Returned Description - - + +
    repository_metadata
    complex -
    - + + always -
    Information about the repository.
    -
    - +
    Information about the repository.
    +
    + - -   - + +   +
    account_id
    string -
    - + + when state is present -
    The ID of the AWS account associated with the repository.
    -
    -
    Sample:
    -
    268342293637
    - +
    The ID of the AWS account associated with the repository.
    +
    +
    Sample:
    +
    268342293637
    + - -   - + +   +
    arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the repository.
    -
    -
    Sample:
    -
    arn:aws:codecommit:ap-northeast-1:268342293637:username
    - +
    The Amazon Resource Name (ARN) of the repository.
    +
    +
    Sample:
    +
    arn:aws:codecommit:ap-northeast-1:268342293637:username
    + - -   - + +   +
    clone_url_http
    string -
    - + + when state is present -
    The URL to use for cloning the repository over HTTPS.
    -
    -
    Sample:
    -
    https://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    - +
    The URL to use for cloning the repository over HTTPS.
    +
    +
    Sample:
    +
    https://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    + - -   - + +   +
    clone_url_ssh
    string -
    - + + when state is present -
    The URL to use for cloning the repository over SSH.
    -
    -
    Sample:
    -
    ssh://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    - +
    The URL to use for cloning the repository over SSH.
    +
    +
    Sample:
    +
    ssh://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/reponame
    + - -   - + +   +
    creation_date
    string -
    - + + when state is present -
    The date and time the repository was created, in timestamp format.
    -
    -
    Sample:
    -
    2018-10-16T13:21:41.261000+09:00
    - +
    The date and time the repository was created, in timestamp format.
    +
    +
    Sample:
    +
    2018-10-16T13:21:41.261000+09:00
    + - -   - + +   +
    last_modified_date
    string -
    - + + when state is present -
    The date and time the repository was last modified, in timestamp format.
    -
    -
    Sample:
    -
    2018-10-16T13:21:41.261000+09:00
    - +
    The date and time the repository was last modified, in timestamp format.
    +
    +
    Sample:
    +
    2018-10-16T13:21:41.261000+09:00
    + - -   - + +   +
    repository_description
    string -
    - + + when state is present -
    A comment or description about the repository.
    -
    -
    Sample:
    -
    test from ptux
    - +
    A comment or description about the repository.
    +
    +
    Sample:
    +
    test from ptux
    + - -   - + +   +
    repository_id
    string -
    - + + always -
    The ID of the repository that was created or deleted
    -
    -
    Sample:
    -
    e62a5c54-i879-497b-b62f-9f99e4ebfk8e
    - +
    The ID of the repository that was created or deleted
    +
    +
    Sample:
    +
    e62a5c54-i879-497b-b62f-9f99e4ebfk8e
    + - -   - + +   +
    repository_name
    string -
    - + + when state is present -
    The repository's name.
    -
    -
    Sample:
    -
    reponame
    - +
    The repository's name.
    +
    +
    Sample:
    +
    reponame
    + - - - + + +
    response_metadata
    complex -
    - + + always -
    Information about the response.
    -
    - +
    Information about the response.
    +
    + - -   - + +   +
    http_headers
    dictionary -
    - + + always -
    http headers of http response
    -
    - +
    http headers of http response
    +
    + - -   - + +   +
    http_status_code
    string -
    - + + always -
    http status code of http response
    -
    -
    Sample:
    -
    200
    - +
    http status code of http response
    +
    +
    Sample:
    +
    200
    + - -   - + +   +
    request_id
    string -
    - + + always -
    http request id
    -
    -
    Sample:
    -
    fb49cfca-d0fa-11e8-85cb-b3cc4b5045ef
    - +
    http request id
    +
    +
    Sample:
    +
    fb49cfca-d0fa-11e8-85cb-b3cc4b5045ef
    + - -   - + +   +
    retry_attempts
    string -
    - + + always -
    numbers of retry attempts
    -
    -
    Sample:
    -
    0
    - +
    numbers of retry attempts
    +
    +
    Sample:
    +
    0
    + - - + +

    @@ -563,5 +580,3 @@ Authors ~~~~~~~ - Shuang Wang (@ptux) - - diff --git a/docs/community.aws.aws_codepipeline_module.rst b/docs/community.aws.aws_codepipeline_module.rst index d43d409a3d2..d9a93479a0e 100644 --- a/docs/community.aws.aws_codepipeline_module.rst +++ b/docs/community.aws.aws_codepipeline_module.rst @@ -37,323 +37,342 @@ Parameters .. raw:: html - + - + - - + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / elements=dictionary / required + + + - - - + + - - + / elements=dictionary + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    artifact_store
    dictionary - / required
    -     		- -
    Location information where artifacts are stored (on S3). Dictionary with fields type and location.
    -     		+ +
    Location information where artifacts are stored (on S3). Dictionary with fields type and location.
    +
    +
    location
    string -
    -     		- -
    Bucket name for artifacts.
    -     		+ +
    Bucket name for artifacts.
    +
    +
    type
    string -
    -     		- -
    Type of the artifacts storage (only 'S3' is currently supported).
    -     		+ +
    Type of the artifacts storage (only 'S3' is currently supported).
    +
    + +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Name of the pipeline
    -     		+ +
    Name of the pipeline
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string - / required
    -     		- -
    ARN of the IAM role to use when executing the pipeline
    -     		+ +
    ARN of the IAM role to use when executing the pipeline
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    stages
    list - / elements=dictionary / required
    -     		- -
    List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
    -     		+ +
    List of stages to perform in the CodePipeline. List of dictionaries containing name and actions for each stage.
    +
    +
    actions
    list - / elements=dictionary
    -     		- -
    List of action configurations for that stage.
    -
    See the boto3 documentation for full documentation of suboptions:
    - -     		+ +
    List of action configurations for that stage.
    +
    See the boto3 documentation for full documentation of suboptions:
    + +
    +
    name
    string -
    -     		- -
    Name of the stage (step) in the codepipeline
    -     		+ +
    Name of the stage (step) in the codepipeline
    +
    + +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove code pipeline
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove code pipeline
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    version
    integer -
    -     		- -
    Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
    -     		+ +
    Version number of the pipeline. This number is automatically incremented when a pipeline is updated.
    +
    +
    @@ -362,7 +381,7 @@ Notes .. note:: - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codepipeline.html - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -373,7 +392,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Example for creating a pipeline for continuous deploy of Github code to an ECS cluster (container) @@ -443,7 +461,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -456,163 +473,163 @@ Common return values are documented `here Returned Description - - + +
    pipeline
    complex -
    - + + success -
    Returns the dictionary describing the code pipeline configuration.
    -
    - +
    Returns the dictionary describing the code pipeline configuration.
    +
    + - -   - + +   +
    artifact_store
    complex -
    - + + always -
    Information about where the build artifacts are stored
    -
    - +
    Information about where the build artifacts are stored
    +
    + - -   -   - + +   +   +
    encryption_key
    string -
    - + + when configured -
    The encryption key used to encrypt the artifacts store, such as an AWS KMS key.
    -
    - +
    The encryption key used to encrypt the artifacts store, such as an AWS KMS key.
    +
    + - -   -   - + +   +   +
    location
    string -
    - + + always -
    The location of the artifacts storage (s3 bucket name)
    -
    -
    Sample:
    -
    my_s3_codepipline_bucket
    - +
    The location of the artifacts storage (s3 bucket name)
    +
    +
    Sample:
    +
    my_s3_codepipline_bucket
    + - -   -   - + +   +   +
    type
    string -
    - + + always -
    The type of the artifacts store, such as S3
    -
    -
    Sample:
    -
    S3
    - +
    The type of the artifacts store, such as S3
    +
    +
    Sample:
    +
    S3
    + - - -   - + + +   +
    name
    string -
    - + + always -
    Name of the CodePipeline
    -
    -
    Sample:
    -
    my_deploy_pipeline
    - +
    Name of the CodePipeline
    +
    +
    Sample:
    +
    my_deploy_pipeline
    + - -   - + +   +
    role_arn
    string -
    - + + always -
    ARN of the IAM role attached to the code pipeline
    -
    -
    Sample:
    -
    arn:aws:iam::123123123:role/codepipeline-service-role
    - +
    ARN of the IAM role attached to the code pipeline
    +
    +
    Sample:
    +
    arn:aws:iam::123123123:role/codepipeline-service-role
    + - -   - + +   +
    stages
    list -
    - + + always -
    List of stages configured for this pipeline
    -
    - +
    List of stages configured for this pipeline
    +
    + - -   - + +   +
    version
    integer -
    - + + always -
    The version number of the pipeline. This number is auto incremented when pipeline params are changed.
    -
    - +
    The version number of the pipeline. This number is auto incremented when pipeline params are changed.
    +
    + - - + +

    @@ -624,5 +641,3 @@ Authors ~~~~~~~ - Stefan Horning (@stefanhorning) - - diff --git a/docs/community.aws.aws_config_aggregation_authorization_module.rst b/docs/community.aws.aws_config_aggregation_authorization_module.rst index 2e128d5c014..4e91d76e0ec 100644 --- a/docs/community.aws.aws_config_aggregation_authorization_module.rst +++ b/docs/community.aws.aws_config_aggregation_authorization_module.rst @@ -37,210 +37,229 @@ Parameters .. raw:: html - + - + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    authorized_account_id
    string - / required
    -     		- -
    The 12-digit account ID of the account authorized to aggregate data.
    -     		+ +
    The 12-digit account ID of the account authorized to aggregate data.
    +
    +
    authorized_aws_region
    string - / required
    -     		- -
    The region authorized to collect aggregated data.
    -     		+ +
    The region authorized to collect aggregated data.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -248,7 +267,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -259,7 +278,6 @@ Examples .. code-block:: yaml+jinja - - name: Get current account ID community.aws.aws_caller_info: register: whoami @@ -271,7 +289,6 @@ Examples - Status ------ @@ -280,5 +297,3 @@ Authors ~~~~~~~ - Aaron Smith (@slapula) - - diff --git a/docs/community.aws.aws_config_aggregator_module.rst b/docs/community.aws.aws_config_aggregator_module.rst index 8aaca905c39..5f2bd66cc21 100644 --- a/docs/community.aws.aws_config_aggregator_module.rst +++ b/docs/community.aws.aws_config_aggregator_module.rst @@ -37,331 +37,350 @@ Parameters .. raw:: html - + - + - - + - - + / elements=dictionary / required + + + - - - + + - - + / elements=string + + + - - - + + - - + + + + - - - + + - - + / elements=string + + + - - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - - + + - - + + + + - - - + + - - + / elements=string + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    account_sources
    list - / elements=dictionary / required
    -     		- -
    Provides a list of source accounts and regions to be aggregated.
    -     		+ +
    Provides a list of source accounts and regions to be aggregated.
    +
    +
    account_ids
    list - / elements=string
    -     		- -
    A list of 12-digit account IDs of accounts being aggregated.
    -     		+ +
    A list of 12-digit account IDs of accounts being aggregated.
    +
    +
    all_aws_regions
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    If true, aggregate existing AWS Config regions and future regions.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    If true, aggregate existing AWS Config regions and future regions.
    +
    +
    aws_regions
    list - / elements=string
    -     		- -
    A list of source regions being aggregated.
    -     		+ +
    A list of source regions being aggregated.
    +
    + +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name of the AWS Config resource.
    -     		+ +
    The name of the AWS Config resource.
    +
    +
    organization_source
    dictionary - / required
    -     		- -
    The region authorized to collect aggregated data.
    -     		+ +
    The region authorized to collect aggregated data.
    +
    +
    all_aws_regions
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    If true, aggregate existing AWS Config regions and future regions.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    If true, aggregate existing AWS Config regions and future regions.
    +
    +
    aws_regions
    list - / elements=string
    -     		- -
    The source regions being aggregated.
    -     		+ +
    The source regions being aggregated.
    +
    +
    role_arn
    string -
    -     		- -
    ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
    -     		+ +
    ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
    +
    + +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -369,7 +388,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -380,7 +399,6 @@ Examples .. code-block:: yaml+jinja - - name: Create cross-account aggregator community.aws.aws_config_aggregator: name: test_config_rule @@ -395,7 +413,6 @@ Examples - Status ------ @@ -404,5 +421,3 @@ Authors ~~~~~~~ - Aaron Smith (@slapula) - - diff --git a/docs/community.aws.aws_config_delivery_channel_module.rst b/docs/community.aws.aws_config_delivery_channel_module.rst index ca5149c3b28..8adc38fe662 100644 --- a/docs/community.aws.aws_config_delivery_channel_module.rst +++ b/docs/community.aws.aws_config_delivery_channel_module.rst @@ -37,262 +37,281 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delivery_frequency
    string -
    -     		-
      Choices: -
    • One_Hour
      • -
    • Three_Hours
      • -
    • Six_Hours
      • -
    • Twelve_Hours
      • -
    • TwentyFour_Hours
      • -
    -     		-
    The frequency with which AWS Config delivers configuration snapshots.
    -     		+
      Choices: +
    • One_Hour
      • +
    • Three_Hours
      • +
    • Six_Hours
      • +
    • Twelve_Hours
      • +
    • TwentyFour_Hours
      • +
    +     		+
    The frequency with which AWS Config delivers configuration snapshots.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name of the AWS Config resource.
    -     		+ +
    The name of the AWS Config resource.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    s3_bucket
    string - / required
    -     		- -
    The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
    -     		+ +
    The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.
    +
    +
    s3_prefix
    string -
    -     		- -
    The prefix for the specified Amazon S3 bucket.
    -     		+ +
    The prefix for the specified Amazon S3 bucket.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    sns_topic_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
    -     		+ +
    The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -300,7 +319,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -311,7 +330,6 @@ Examples .. code-block:: yaml+jinja - - name: Create Delivery Channel for AWS Config community.aws.aws_config_delivery_channel: name: test_delivery_channel @@ -323,7 +341,6 @@ Examples - Status ------ @@ -332,5 +349,3 @@ Authors ~~~~~~~ - Aaron Smith (@slapula) - - diff --git a/docs/community.aws.aws_config_recorder_module.rst b/docs/community.aws.aws_config_recorder_module.rst index 24570ab033f..00e5dd1864c 100644 --- a/docs/community.aws.aws_config_recorder_module.rst +++ b/docs/community.aws.aws_config_recorder_module.rst @@ -37,282 +37,301 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name of the AWS Config resource.
    -     		+ +
    The name of the AWS Config resource.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    recording_group
    dictionary -
    -     		- -
    Specifies the types of AWS resources for which AWS Config records configuration changes.
    -
    Required when state=present
    -     		+ +
    Specifies the types of AWS resources for which AWS Config records configuration changes.
    +
    Required when state=present
    +
    +
    all_supported
    - -
    -     		- -
    Specifies whether AWS Config records configuration changes for every supported type of regional resource.
    -
    If all_supported=true, when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
    -
    If all_supported=true, you cannot enumerate a list of resource_types.
    -     		+ +
    Specifies whether AWS Config records configuration changes for every supported type of regional resource.
    +
    If all_supported=true, when AWS Config adds support for a new type of regional resource, it starts recording resources of that type automatically.
    +
    If all_supported=true, you cannot enumerate a list of resource_types.
    +
    +
    include_global_types
    - -
    -     		- -
    Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
    -
    The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
    -
    If you set include_global_types=true, you must also set all_supported=true.
    -
    If you set include_global_types=true, when AWS Config adds support for a new type of global resource, it starts recording resources of that type automatically.
    -     		+ +
    Specifies whether AWS Config includes all supported types of global resources (for example, IAM resources) with the resources that it records.
    +
    The configuration details for any global resource are the same in all regions. To prevent duplicate configuration items, you should consider customizing AWS Config in only one region to record global resources.
    +
    If you set include_global_types=true, you must also set all_supported=true.
    +
    If you set include_global_types=true, when AWS Config adds support for a new type of global resource, it starts recording resources of that type automatically.
    +
    +
    resource_types
    - -
    -     		- -
    A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
    -
    Before you can set this option, you must set all_supported=false.
    -     		+ +
    A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail).
    +
    Before you can set this option, you must set all_supported=false.
    +
    + +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string -
    -     		- -
    Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
    -
    Required when state=present.
    -     		+ +
    Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources associated with the account.
    +
    Required when state=present.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -320,7 +339,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -331,7 +350,6 @@ Examples .. code-block:: yaml+jinja - - name: Create Configuration Recorder for AWS Config community.aws.aws_config_recorder: name: test_configuration_recorder @@ -344,7 +362,6 @@ Examples - Status ------ @@ -353,5 +370,3 @@ Authors ~~~~~~~ - Aaron Smith (@slapula) - - diff --git a/docs/community.aws.aws_config_rule_module.rst b/docs/community.aws.aws_config_rule_module.rst index 56e5dcdd542..5ca9cbd3490 100644 --- a/docs/community.aws.aws_config_rule_module.rst +++ b/docs/community.aws.aws_config_rule_module.rst @@ -37,395 +37,414 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    The description that you provide for the AWS Config rule.
    -     		+ +
    The description that you provide for the AWS Config rule.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    execution_frequency
    string -
    -     		-
      Choices: -
    • One_Hour
      • -
    • Three_Hours
      • -
    • Six_Hours
      • -
    • Twelve_Hours
      • -
    • TwentyFour_Hours
      • -
    -     		-
    The maximum frequency with which AWS Config runs evaluations for a rule.
    -     		+
      Choices: +
    • One_Hour
      • +
    • Three_Hours
      • +
    • Six_Hours
      • +
    • Twelve_Hours
      • +
    • TwentyFour_Hours
      • +
    +     		+
    The maximum frequency with which AWS Config runs evaluations for a rule.
    +
    +
    input_parameters
    string -
    -     		- -
    A string, in JSON format, that is passed to the AWS Config rule Lambda function.
    -     		+ +
    A string, in JSON format, that is passed to the AWS Config rule Lambda function.
    +
    +
    name
    string - / required
    -     		- -
    The name of the AWS Config resource.
    -     		+ +
    The name of the AWS Config resource.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    scope
    dictionary -
    -     		- -
    Defines which resources can trigger an evaluation for the rule.
    -     		+ +
    Defines which resources can trigger an evaluation for the rule.
    +
    +
    compliance_id
    - -
    -     		- -
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    -     		+ +
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    +
    +
    compliance_types
    - -
    -     		- -
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    -     		+ +
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    +
    +
    tag_key
    - -
    -     		- -
    The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
    -     		+ +
    The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.
    +
    +
    tag_value
    - -
    -     		- -
    The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for tag_value, you must also specify a value for tag_key.
    -     		+ +
    The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for tag_value, you must also specify a value for tag_key.
    +
    + +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    source
    dictionary - / required
    -     		- -
    Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
    -     		+ +
    Provides the rule owner (AWS or customer), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.
    +
    +
    details
    - -
    -     		- -
    Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
    -
    This parameter expects a list of dictionaries. Each dictionary expects the following key/value pairs.
    -
    Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
    -
    Key `MessageType` The type of notification that triggers AWS Config to run an evaluation for a rule.
    -
    Key `MaximumExecutionFrequency` The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
    -     		+ +
    Provides the source and type of the event that causes AWS Config to evaluate your AWS resources.
    +
    This parameter expects a list of dictionaries. Each dictionary expects the following key/value pairs.
    +
    Key `EventSource` The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.
    +
    Key `MessageType` The type of notification that triggers AWS Config to run an evaluation for a rule.
    +
    Key `MaximumExecutionFrequency` The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger.
    +
    +
    identifier
    - -
    -     		- -
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    -     		+ +
    The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for compliance_types.
    +
    +
    owner
    - -
    -     		- -
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    -     		+ +
    The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for compliance_id.
    +
    + +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Config rule should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Config rule should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -433,7 +452,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -444,7 +463,6 @@ Examples .. code-block:: yaml+jinja - - name: Create Config Rule for AWS Config community.aws.aws_config_rule: name: test_config_rule @@ -460,8 +478,6 @@ Examples - - Status ------ @@ -470,5 +486,3 @@ Authors ~~~~~~~ - Aaron Smith (@slapula) - - diff --git a/docs/community.aws.aws_direct_connect_confirm_connection_module.rst b/docs/community.aws.aws_direct_connect_confirm_connection_module.rst new file mode 100644 index 00000000000..a2d4ec8e631 --- /dev/null +++ b/docs/community.aws.aws_direct_connect_confirm_connection_module.rst @@ -0,0 +1,317 @@ +.. _community.aws.aws_direct_connect_confirm_connection_module: + + +*************************************************** +community.aws.aws_direct_connect_confirm_connection +*************************************************** + +**Confirms the creation of a hosted DirectConnect connection.** + + + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Confirms the creation of a hosted DirectConnect, which requires approval before it can be used. +- DirectConnect connections that require approval would be in the 'ordering'. +- After confirmation, they will move to the 'pending' state and finally the 'available' state. + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- boto +- boto3 +- botocore +- python >= 2.6 + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ParameterChoices/DefaultsComments
    +
    + aws_access_key + +
    + string +
    +     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    + aws_config + +
    + dictionary +
    +     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    + aws_secret_key + +
    + string +
    +     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    + connection_id + +
    + string +
    +     		+ +
    The ID of the Direct Connect connection.
    +
    One of connection_id or name must be specified.
    +
    +
    + debug_botocore_endpoint_logs + +
    + boolean +
    +     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    + ec2_url + +
    + string +
    +     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    + name + +
    + string +
    +     		+ +
    The name of the Direct Connect connection.
    +
    One of connection_id or name must be specified.
    +
    +
    + profile + +
    + string +
    +     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    + region + +
    + string +
    +     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    + security_token + +
    + string +
    +     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    + validate_certs + +
    + boolean +
    +     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    + + +Notes +----- + +.. note:: + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml+jinja + + # confirm a Direct Connect by name + - name: confirm the connection id + aws_direct_connect_confirm_connection: + name: my_host_direct_connect + + # confirm a Direct Connect by connection_id + - name: confirm the connection id + aws_direct_connect_confirm_connection: + connection_id: dxcon-xxxxxxxx + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + +
    KeyReturnedDescription
    +
    + connection_state + +
    + string +
    +     		always +
    The state of the connection.
    +
    +
    Sample:
    +
    pending
    +
    +

    + + +Status +------ + + +Authors +~~~~~~~ + +- Matt Traynham (@mtraynham) diff --git a/docs/community.aws.aws_direct_connect_connection_module.rst b/docs/community.aws.aws_direct_connect_connection_module.rst index fcec8fd5e11..87858e73181 100644 --- a/docs/community.aws.aws_direct_connect_connection_module.rst +++ b/docs/community.aws.aws_direct_connect_connection_module.rst @@ -37,284 +37,303 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bandwidth
    string -
    -     		-
      Choices: -
    • 1Gbps
      • -
    • 10Gbps
      • -
    -     		-
    The bandwidth of the Direct Connect connection.
    -
    Required when state=present.
    -     		+
      Choices: +
    • 1Gbps
      • +
    • 10Gbps
      • +
    +     		+
    The bandwidth of the Direct Connect connection.
    +
    Required when state=present.
    +
    +
    connection_id
    string -
    -     		- -
    The ID of the Direct Connect connection.
    -
    Modifying attributes of a connection with forced_update will result in a new Direct Connect connection ID.
    -
    One of connection_id or name must be specified.
    -     		+ +
    The ID of the Direct Connect connection.
    +
    Modifying attributes of a connection with forced_update will result in a new Direct Connect connection ID.
    +
    One of connection_id or name must be specified.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    forced_update
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
    +
    +
    link_aggregation_group
    string -
    -     		- -
    The ID of the link aggregation group you want to associate with the connection.
    -
    This is optional when a stand-alone connection is desired.
    -     		+ +
    The ID of the link aggregation group you want to associate with the connection.
    +
    This is optional when a stand-alone connection is desired.
    +
    +
    location
    string -
    -     		- -
    Where the Direct Connect connection is located.
    -
    Required when state=present.
    -     		+ +
    Where the Direct Connect connection is located.
    +
    Required when state=present.
    +
    +
    name
    string -
    -     		- -
    The name of the Direct Connect connection. This is required to create a new connection.
    -
    One of connection_id or name must be specified.
    -     		+ +
    The name of the Direct Connect connection. This is required to create a new connection.
    +
    One of connection_id or name must be specified.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    The state of the Direct Connect connection.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    The state of the Direct Connect connection.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -322,7 +341,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -333,8 +352,6 @@ Examples .. code-block:: yaml+jinja - - # create a Direct Connect connection - community.aws.aws_direct_connect_connection: name: ansible-test-connection @@ -366,7 +383,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -379,185 +395,185 @@ Common return values are documented `here Returned Description - - + +
    connection
    complex -
    - + + state=present -
    The attributes of the direct connect connection.
    -
    - +
    The attributes of the direct connect connection.
    +
    + - -   - + +   +
    aws_device
    string -
    - + + when the requested state is no longer 'requested' -
    The endpoint which the physical connection terminates on.
    -
    -
    Sample:
    -
    EqDC2-12pmo7hemtz1z
    - +
    The endpoint which the physical connection terminates on.
    +
    +
    Sample:
    +
    EqDC2-12pmo7hemtz1z
    + - -   - + +   +
    bandwidth
    string -
    - + + always -
    The bandwidth of the connection.
    -
    -
    Sample:
    -
    1Gbps
    - +
    The bandwidth of the connection.
    +
    +
    Sample:
    +
    1Gbps
    + - -   - + +   +
    connection_id
    string -
    - + + always -
    The ID of the connection.
    -
    -
    Sample:
    -
    dxcon-ffy9ywed
    - +
    The ID of the connection.
    +
    +
    Sample:
    +
    dxcon-ffy9ywed
    + - -   - + +   +
    connection_name
    string -
    - + + always -
    The name of the connection.
    -
    -
    Sample:
    -
    ansible-test-connection
    - +
    The name of the connection.
    +
    +
    Sample:
    +
    ansible-test-connection
    + - -   - + +   +
    connection_state
    string -
    - + + always -
    The state of the connection.
    -
    -
    Sample:
    -
    pending
    - +
    The state of the connection.
    +
    +
    Sample:
    +
    pending
    + - -   - + +   +
    loa_issue_time
    string -
    - + + when the LOA-CFA has been issued (the connection state will no longer be 'requested') -
    The issue time of the connection's Letter of Authorization - Connecting Facility Assignment.
    -
    -
    Sample:
    -
    2018-03-20T17:36:26-04:00
    - +
    The issue time of the connection's Letter of Authorization - Connecting Facility Assignment.
    +
    +
    Sample:
    +
    2018-03-20T17:36:26-04:00
    + - -   - + +   +
    location
    string -
    - + + always -
    The location of the connection.
    -
    -
    Sample:
    -
    EqDC2
    - +
    The location of the connection.
    +
    +
    Sample:
    +
    EqDC2
    + - -   - + +   +
    owner_account
    string -
    - + + always -
    The account that owns the direct connect connection.
    -
    -
    Sample:
    -
    123456789012
    - +
    The account that owns the direct connect connection.
    +
    +
    Sample:
    +
    123456789012
    + - -   - + +   +
    region
    string -
    - + + always -
    The region in which the connection exists.
    -
    -
    Sample:
    -
    us-east-1
    - +
    The region in which the connection exists.
    +
    +
    Sample:
    +
    us-east-1
    + - - + +

    @@ -569,5 +585,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.aws_direct_connect_gateway_module.rst b/docs/community.aws.aws_direct_connect_gateway_module.rst index 2281c1fb090..838fa801f73 100644 --- a/docs/community.aws.aws_direct_connect_gateway_module.rst +++ b/docs/community.aws.aws_direct_connect_gateway_module.rst @@ -39,259 +39,278 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    amazon_asn
    string -
    -     		- -
    The Amazon side ASN.
    -
    Required when state=present.
    -     		+ +
    The Amazon side ASN.
    +
    Required when state=present.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    direct_connect_gateway_id
    string -
    -     		- -
    The ID of an existing Direct Connect Gateway.
    -
    Required when state=absent.
    -     		+ +
    The ID of an existing Direct Connect Gateway.
    +
    Required when state=absent.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string -
    -     		- -
    Name of the Direct Connect Gateway to be created or deleted.
    -     		+ +
    Name of the Direct Connect Gateway to be created or deleted.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Set state=present to ensure a resource is created.
    -
    Set state=absent to remove a resource.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Set state=present to ensure a resource is created.
    +
    Set state=absent to remove a resource.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    virtual_gateway_id
    string -
    -     		- -
    The VPN gateway ID of an existing virtual gateway.
    -     		+ +
    The VPN gateway ID of an existing virtual gateway.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    320
    -     		-
    How long to wait for the association to be deleted.
    -     		+ Default:
    320
    +     		+
    How long to wait for the association to be deleted.
    +
    +
    @@ -299,7 +318,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -310,7 +329,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a new direct connect gateway attached to virtual private gateway community.aws.aws_direct_connect_gateway: state: present @@ -328,8 +346,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -342,103 +358,103 @@ Common return values are documented `here Returned Description - - + +
    result
    complex -
    - + + state=present -
    The attributes of the Direct Connect Gateway
    -
    - +
    The attributes of the Direct Connect Gateway
    +
    + - -   - + +   +
    amazon_side_asn
    string -
    - + + -
    ASN on the amazon side.
    -
    - +
    ASN on the amazon side.
    +
    + - -   - + +   +
    direct_connect_gateway_id
    string -
    - + + -
    The ID of the direct connect gateway.
    -
    - +
    The ID of the direct connect gateway.
    +
    + - -   - + +   +
    direct_connect_gateway_name
    string -
    - + + -
    The name of the direct connect gateway.
    -
    - +
    The name of the direct connect gateway.
    +
    + - -   - + +   +
    direct_connect_gateway_state
    string -
    - + + -
    The state of the direct connect gateway.
    -
    - +
    The state of the direct connect gateway.
    +
    + - -   - + +   +
    owner_account
    string -
    - + + -
    The AWS account ID of the owner of the direct connect gateway.
    -
    - +
    The AWS account ID of the owner of the direct connect gateway.
    +
    + - - + +

    @@ -450,5 +466,3 @@ Authors ~~~~~~~ - Gobin Sougrakpam (@gobins) - - diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst index ce309c8e9b9..13b327e3191 100644 --- a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst +++ b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst @@ -37,360 +37,379 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    bandwidth
    string -
    -     		- -
    The bandwidth of the link aggregation group.
    -
    + + + +
    The bandwidth of the link aggregation group.
    +
    connection_id
    string -
    -     		- -
    A connection ID to link with the link aggregation group upon creation.
    -
    + + + +
    A connection ID to link with the link aggregation group upon creation.
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    delete_with_disassociation
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    To be used with state=absent to delete connections after disassociating them with the LAG.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    To be used with state=absent to delete connections after disassociating them with the LAG.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    force_delete
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted.
    +
    link_aggregation_group_id
    string -
    -     		- -
    The ID of the Direct Connect link aggregation group.
    -
    + + + +
    The ID of the Direct Connect link aggregation group.
    +
    location
    string -
    -     		- -
    The location of the link aggregation group.
    -
    + + + +
    The location of the link aggregation group.
    +
    min_links
    integer -
    -     		- -
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    -
    + + + +
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    +
    name
    string -
    -     		- -
    The name of the Direct Connect link aggregation group.
    -
    + + + +
    The name of the Direct Connect link aggregation group.
    +
    num_connections
    integer -
    -     		- -
    The number of connections with which to initialize the link aggregation group.
    -
    + + + +
    The number of connections with which to initialize the link aggregation group.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    The state of the Direct Connect link aggregation group.
    -
    + / required + +
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    The state of the Direct Connect link aggregation group.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the operation to complete.
    -
    May be useful when waiting for virtual interfaces to be deleted.
    -
    The time to wait can be controlled by setting wait_timeout.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the operation to complete.
    +
    May be useful when waiting for virtual interfaces to be deleted.
    +
    The time to wait can be controlled by setting wait_timeout.
    +
    wait_timeout
    integer -
    -     		- Default:
    120
    -     		-
    The duration in seconds to wait if wait=true.
    -
    + + + + Default:
    120
    + + +
    The duration in seconds to wait if wait=true.
    + + +
    @@ -398,7 +417,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -409,8 +428,6 @@ Examples .. code-block:: yaml+jinja - - # create a Direct Connect connection - community.aws.aws_direct_connect_link_aggregation_group: state: present @@ -420,8 +437,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -434,199 +449,199 @@ Common return values are documented `here Returned Description - - + +
    aws_device
    string -
    - + + when state=present -
    The AWS Direct Connection endpoint that hosts the LAG.
    -
    -
    Sample:
    -
    EqSe2-1bwfvazist2k0
    - - - - +
    The AWS Direct Connection endpoint that hosts the LAG.
    +
    +
    Sample:
    +
    EqSe2-1bwfvazist2k0
    + + + +
    changed
    string -
    - + + always -
    Whether or not the LAG has changed.
    -
    - +
    Whether or not the LAG has changed.
    +
    + - - + +
    connections
    list -
    - + + when state=present -
    A list of connections bundled by this LAG.
    -
    -
    Sample:
    -
    {'connections': [{'aws_device': 'EqSe2-1bwfvazist2k0', 'bandwidth': '1Gbps', 'connection_id': 'dxcon-fgzjah5a', 'connection_name': 'Requested Connection 1 for Lag dxlag-fgtoh97h', 'connection_state': 'down', 'lag_id': 'dxlag-fgnsp4rq', 'location': 'EqSe2', 'owner_account': '448830907657', 'region': 'us-west-2'}]}
    - - - - +
    A list of connections bundled by this LAG.
    +
    +
    Sample:
    +
    {'connections': [{'aws_device': 'EqSe2-1bwfvazist2k0', 'bandwidth': '1Gbps', 'connection_id': 'dxcon-fgzjah5a', 'connection_name': 'Requested Connection 1 for Lag dxlag-fgtoh97h', 'connection_state': 'down', 'lag_id': 'dxlag-fgnsp4rq', 'location': 'EqSe2', 'owner_account': '448830907657', 'region': 'us-west-2'}]}
    + + + +
    connections_bandwidth
    string -
    - + + when state=present -
    The individual bandwidth of the physical connections bundled by the LAG.
    -
    -
    Sample:
    -
    1Gbps
    - - - - +
    The individual bandwidth of the physical connections bundled by the LAG.
    +
    +
    Sample:
    +
    1Gbps
    + + + +
    lag_id
    string -
    - + + when state=present -
    Unique identifier for the link aggregation group.
    -
    -
    Sample:
    -
    dxlag-fgnsp4rq
    - - - - +
    Unique identifier for the link aggregation group.
    +
    +
    Sample:
    +
    dxlag-fgnsp4rq
    + + + +
    lag_name
    string -
    - + + when state=present -
    User-provided name for the link aggregation group.
    -
    - +
    User-provided name for the link aggregation group.
    +
    + - - + +
    lag_state
    string -
    - + + when state=present -
    State of the LAG.
    -
    -
    Sample:
    -
    pending
    - - - - +
    State of the LAG.
    +
    +
    Sample:
    +
    pending
    + + + +
    location
    string -
    - + + when state=present -
    Where the connection is located.
    -
    -
    Sample:
    -
    EqSe2
    - - - - +
    Where the connection is located.
    +
    +
    Sample:
    +
    EqSe2
    + + + +
    minimum_links
    integer -
    - + + when state=present -
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    -
    - +
    The minimum number of physical connections that must be operational for the LAG itself to be operational.
    +
    + - - + +
    number_of_connections
    integer -
    - + + when state=present -
    The number of physical connections bundled by the LAG.
    -
    - +
    The number of physical connections bundled by the LAG.
    +
    + - - + +
    owner_account
    string -
    - + + when state=present -
    Owner account ID of the LAG.
    -
    - +
    Owner account ID of the LAG.
    +
    + - - + +
    region
    string -
    - + + when state=present -
    The region in which the LAG exists.
    -
    - +
    The region in which the LAG exists.
    +
    + - +

    @@ -638,5 +653,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst index be650a3a736..18d055c93a0 100644 --- a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst +++ b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst @@ -37,367 +37,403 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    address_type
    string -
    -     		- -
    The type of IP address for the BGP peer.
    -     		+ +
    The type of IP address for the BGP peer.
    +
    +
    amazon_address
    string -
    -     		- -
    The amazon address CIDR with which to create the virtual interface.
    -     		+ +
    The amazon address CIDR with which to create the virtual interface.
    +
    +
    authentication_key
    string -
    -     		- -
    The authentication key for BGP configuration.
    -     		+ +
    The authentication key for BGP configuration.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bgp_asn
    integer -
    -     		- Default:
    65000
    -     		-
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    -     		+ Default:
    65000
    +     		+
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    +
    +
    cidr
    list - / elements=string
    -     		- -
    A list of route filter prefix CIDRs with which to create the public virtual interface.
    -     		+ +
    A list of route filter prefix CIDRs with which to create the public virtual interface.
    +
    +
    customer_address
    string -
    -     		- -
    The customer address CIDR with which to create the virtual interface.
    -     		+ +
    The customer address CIDR with which to create the virtual interface.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    +
    + direct_connect_gateway_id + +
    + string +
    +     		+ +
    The direct connect gateway ID for creating a private virtual interface.
    +
    To create a private virtual interface virtual_gateway_id or direct_connect_gateway_id is required. These options are mutually exclusive.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    id_to_associate
    string - / required
    -     		- -
    The ID of the link aggregation group or connection to associate with the virtual interface.
    -

    aliases: link_aggregation_group_id, connection_id
    -     		+ +
    The ID of the link aggregation group or connection to associate with the virtual interface.
    +

    aliases: link_aggregation_group_id, connection_id
    +
    +
    name
    string -
    -     		- -
    The name of the virtual interface.
    -     		+ +
    The name of the virtual interface.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    public
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The type of virtual interface.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The type of virtual interface.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    The desired state of the Direct Connect virtual interface.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    The desired state of the Direct Connect virtual interface.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    virtual_gateway_id
    string -
    -     		- -
    The virtual gateway ID required for creating a private virtual interface.
    -     		+ +
    The virtual gateway ID required for creating a private virtual interface.
    +
    To create a private virtual interface virtual_gateway_id or direct_connect_gateway_id is required. These options are mutually exclusive.
    +
    +
    virtual_interface_id
    string -
    -     		- -
    The virtual interface ID.
    -     		+ +
    The virtual interface ID.
    +
    +
    vlan
    integer -
    -     		- Default:
    100
    -     		-
    The VLAN ID.
    -
    + + + + Default:
    100
    + + +
    The VLAN ID.
    + + +
    @@ -405,7 +441,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -416,7 +452,6 @@ Examples .. code-block:: yaml+jinja - --- - name: create an association between a LAG and connection community.aws.aws_direct_connect_virtual_interface: @@ -433,8 +468,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -447,451 +480,468 @@ Common return values are documented `here Returned Description - - + +
    address_family
    string -
    - + + always -
    The address family for the BGP peer.
    -
    -
    Sample:
    -
    ipv4
    - - - - +
    The address family for the BGP peer.
    +
    +
    Sample:
    +
    ipv4
    + + + +
    amazon_address
    string -
    - + + always -
    IP address assigned to the Amazon interface.
    -
    -
    Sample:
    -
    169.254.255.1/30
    - - - - +
    IP address assigned to the Amazon interface.
    +
    +
    Sample:
    +
    169.254.255.1/30
    + + + +
    asn
    integer -
    - + + always -
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    -
    -
    Sample:
    -
    65000
    - - - - +
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    +
    +
    Sample:
    +
    65000
    + + + +
    auth_key
    string -
    - + + always -
    The authentication key for BGP configuration.
    -
    -
    Sample:
    -
    0xZ59Y1JZ2oDOSh6YriIlyRE
    - - - - +
    The authentication key for BGP configuration.
    +
    +
    Sample:
    +
    0xZ59Y1JZ2oDOSh6YriIlyRE
    + + + +
    bgp_peers
    complex -
    - + + always -
    A list of the BGP peers configured on this virtual interface.
    -
    - +
    A list of the BGP peers configured on this virtual interface.
    +
    + - -   - + +   +
    address_family
    string -
    - + + always -
    The address family for the BGP peer.
    -
    -
    Sample:
    -
    ipv4
    - - - -   - +
    The address family for the BGP peer.
    +
    +
    Sample:
    +
    ipv4
    + + + +   +
    amazon_address
    string -
    - + + always -
    IP address assigned to the Amazon interface.
    -
    -
    Sample:
    -
    169.254.255.1/30
    - - - -   - +
    IP address assigned to the Amazon interface.
    +
    +
    Sample:
    +
    169.254.255.1/30
    + + + +   +
    asn
    integer -
    - + + always -
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    -
    -
    Sample:
    -
    65000
    - - - -   - +
    The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration.
    +
    +
    Sample:
    +
    65000
    + + + +   +
    auth_key
    string -
    - + + always -
    The authentication key for BGP configuration.
    -
    -
    Sample:
    -
    0xZ59Y1JZ2oDOSh6YriIlyRE
    - - - -   - +
    The authentication key for BGP configuration.
    +
    +
    Sample:
    +
    0xZ59Y1JZ2oDOSh6YriIlyRE
    + + + +   +
    bgp_peer_state
    string -
    - + + always -
    The state of the BGP peer (verifying, pending, available)
    -
    -
    Sample:
    -
    available
    - - - -   - +
    The state of the BGP peer (verifying, pending, available)
    +
    +
    Sample:
    +
    available
    + + + +   +
    bgp_status
    string -
    - + + always -
    The up/down state of the BGP peer.
    -
    -
    Sample:
    -
    up
    - - - -   - +
    The up/down state of the BGP peer.
    +
    +
    Sample:
    +
    up
    + + + +   +
    customer_address
    string -
    - + + always -
    IP address assigned to the customer interface.
    -
    -
    Sample:
    -
    169.254.255.2/30
    - +
    IP address assigned to the customer interface.
    +
    +
    Sample:
    +
    169.254.255.2/30
    + - - - + + +
    changed
    boolean -
    - + + always -
    Indicated if the virtual interface has been created/modified/deleted
    -
    - +
    Indicated if the virtual interface has been created/modified/deleted
    +
    + - - + +
    connection_id
    string -
    - + + always -
    The ID of the connection. This field is also used as the ID type for operations that use multiple connection types (LAG, interconnect, and/or connection).
    -
    -
    Sample:
    -
    dxcon-fgb175av
    - - - - +
    The ID of the connection. This field is also used as the ID type for operations that use multiple connection types (LAG, interconnect, and/or connection).
    +
    +
    Sample:
    +
    dxcon-fgb175av
    + + + +
    customer_address
    string -
    - + + always -
    IP address assigned to the customer interface.
    -
    -
    Sample:
    -
    169.254.255.2/30
    - - - - +
    IP address assigned to the customer interface.
    +
    +
    Sample:
    +
    169.254.255.2/30
    + + + +
    customer_router_config
    string -
    - + + always -
    Information for generating the customer router configuration.
    -
    - +
    Information for generating the customer router configuration.
    +
    + - - + + +
    + direct_connect_gateway_id + +
    + string +
    + + when public=False + +
    The ID of the Direct Connect gateway. This only applies to private virtual interfaces.
    +
    +
    Sample:
    +
    f7593767-eded-44e8-926d-a2234175835d
    + + + +
    location
    string -
    - + + always -
    Where the connection is located.
    -
    -
    Sample:
    -
    EqDC2
    - - - - +
    Where the connection is located.
    +
    +
    Sample:
    +
    EqDC2
    + + + +
    owner_account
    string -
    - + + always -
    The AWS account that will own the new virtual interface.
    -
    -
    Sample:
    -
    123456789012
    - - - - +
    The AWS account that will own the new virtual interface.
    +
    +
    Sample:
    +
    123456789012
    + + + +
    route_filter_prefixes
    complex -
    - + + always -
    A list of routes to be advertised to the AWS network in this region (public virtual interface).
    -
    - +
    A list of routes to be advertised to the AWS network in this region (public virtual interface).
    +
    + - -   - + +   +
    cidr
    string -
    - + + always -
    A routes to be advertised to the AWS network in this region.
    -
    -
    Sample:
    -
    54.227.92.216/30
    - +
    A routes to be advertised to the AWS network in this region.
    +
    +
    Sample:
    +
    54.227.92.216/30
    + - - - + + +
    virtual_gateway_id
    string -
    - + + when public=False -
    The ID of the virtual private gateway to a VPC. This only applies to private virtual interfaces.
    -
    -
    Sample:
    -
    vgw-f3ce259a
    - - - - +
    The ID of the virtual private gateway to a VPC. This only applies to private virtual interfaces.
    +
    +
    Sample:
    +
    vgw-f3ce259a
    + + + +
    virtual_interface_id
    string -
    - + + always -
    The ID of the virtual interface.
    -
    -
    Sample:
    -
    dxvif-fh0w7cex
    - - - - +
    The ID of the virtual interface.
    +
    +
    Sample:
    +
    dxvif-fh0w7cex
    + + + +
    virtual_interface_name
    string -
    - + + always -
    The name of the virtual interface assigned by the customer.
    -
    -
    Sample:
    -
    test_virtual_interface
    - - - - +
    The name of the virtual interface assigned by the customer.
    +
    +
    Sample:
    +
    test_virtual_interface
    + + + +
    virtual_interface_state
    string -
    - + + always -
    State of the virtual interface (confirming, verifying, pending, available, down, rejected).
    -
    -
    Sample:
    -
    available
    - - - - +
    State of the virtual interface (confirming, verifying, pending, available, down, rejected).
    +
    +
    Sample:
    +
    available
    + + + +
    virtual_interface_type
    string -
    - + + always -
    The type of virtual interface (private, public).
    -
    -
    Sample:
    -
    private
    - - - - +
    The type of virtual interface (private, public).
    +
    +
    Sample:
    +
    private
    + + + +
    vlan
    integer -
    - + + always -
    The VLAN ID.
    -
    -
    Sample:
    -
    100
    - +
    The VLAN ID.
    +
    +
    Sample:
    +
    100
    + - +

    @@ -903,5 +953,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.aws_eks_cluster_module.rst b/docs/community.aws.aws_eks_cluster_module.rst index d6eb39c06c9..3e55dd4097f 100644 --- a/docs/community.aws.aws_eks_cluster_module.rst +++ b/docs/community.aws.aws_eks_cluster_module.rst @@ -37,290 +37,309 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Name of EKS cluster
    -     		+ +
    Name of EKS cluster
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string -
    -     		- -
    ARN of IAM role used by the EKS cluster
    -     		+ +
    ARN of IAM role used by the EKS cluster
    +
    +
    security_groups
    list - / elements=string
    -     		- -
    list of security group names or IDs
    -     		+ +
    list of security group names or IDs
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    desired state of the EKS cluster
    -     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    desired state of the EKS cluster
    +
    +
    subnets
    list - / elements=string
    -     		- -
    list of subnet IDs for the Kubernetes cluster
    -     		+ +
    list of subnet IDs for the Kubernetes cluster
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    version
    string -
    -     		- -
    Kubernetes version - defaults to latest
    -     		+ +
    Kubernetes version - defaults to latest
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether the module waits until the cluster is active or deleted before moving on. It takes "usually less than 10 minutes" per AWS documentation.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether the module waits until the cluster is active or deleted before moving on. It takes "usually less than 10 minutes" per AWS documentation.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    1200
    -     		-
    The duration in seconds to wait for the cluster to become active. Defaults to 1200 seconds (20 minutes).
    -     		+ Default:
    1200
    +     		+
    The duration in seconds to wait for the cluster to become active. Defaults to 1200 seconds (20 minutes).
    +
    +
    @@ -328,7 +347,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -339,7 +358,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create an EKS cluster @@ -362,7 +380,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -375,228 +392,228 @@ Common return values are documented `here Returned Description - - + +
    arn
    string -
    - + + when state is present -
    ARN of the EKS cluster
    -
    -
    Sample:
    -
    arn:aws:eks:us-west-2:111111111111:cluster/my-eks-cluster
    - +
    ARN of the EKS cluster
    +
    +
    Sample:
    +
    arn:aws:eks:us-west-2:111111111111:cluster/my-eks-cluster
    + - - + +
    certificate_authority
    complex -
    - + + after creation -
    Dictionary containing Certificate Authority Data for cluster
    -
    - +
    Dictionary containing Certificate Authority Data for cluster
    +
    + - -   - + +   +
    data
    string -
    - + + when the cluster has been created and is active -
    Base-64 encoded Certificate Authority Data for cluster
    -
    - +
    Base-64 encoded Certificate Authority Data for cluster
    +
    + - - - + + +
    created_at
    string -
    - + + when state is present -
    Cluster creation date and time
    -
    -
    Sample:
    -
    2018-06-06T11:56:56.242000+00:00
    - +
    Cluster creation date and time
    +
    +
    Sample:
    +
    2018-06-06T11:56:56.242000+00:00
    + - - + +
    endpoint
    string -
    - + + when the cluster has been created and is active -
    Kubernetes API server endpoint
    -
    -
    Sample:
    -
    https://API_SERVER_ENDPOINT.yl4.us-west-2.eks.amazonaws.com
    - +
    Kubernetes API server endpoint
    +
    +
    Sample:
    +
    https://API_SERVER_ENDPOINT.yl4.us-west-2.eks.amazonaws.com
    + - - + +
    name
    string -
    - + + when state is present -
    EKS cluster name
    -
    -
    Sample:
    -
    my-eks-cluster
    - +
    EKS cluster name
    +
    +
    Sample:
    +
    my-eks-cluster
    + - - + +
    resources_vpc_config
    complex -
    - + + when state is present -
    VPC configuration of the cluster
    -
    - +
    VPC configuration of the cluster
    +
    + - -   - + +   +
    security_group_ids
    list -
    - + + always -
    List of security group IDs
    -
    -
    Sample:
    -
    ['sg-abcd1234', 'sg-aaaa1111']
    - +
    List of security group IDs
    +
    +
    Sample:
    +
    ['sg-abcd1234', 'sg-aaaa1111']
    + - -   - + +   +
    subnet_ids
    list -
    - + + always -
    List of subnet IDs
    -
    -
    Sample:
    -
    ['subnet-abcdef12', 'subnet-345678ab', 'subnet-cdef1234']
    - +
    List of subnet IDs
    +
    +
    Sample:
    +
    ['subnet-abcdef12', 'subnet-345678ab', 'subnet-cdef1234']
    + - -   - + +   +
    vpc_id
    string -
    - + + always -
    VPC id
    -
    -
    Sample:
    -
    vpc-a1b2c3d4
    - +
    VPC id
    +
    +
    Sample:
    +
    vpc-a1b2c3d4
    + - - - + + +
    role_arn
    string -
    - + + when state is present -
    ARN of the IAM role used by the cluster
    -
    -
    Sample:
    -
    arn:aws:iam::111111111111:role/aws_eks_cluster_role
    - +
    ARN of the IAM role used by the cluster
    +
    +
    Sample:
    +
    arn:aws:iam::111111111111:role/aws_eks_cluster_role
    + - - + +
    status
    string -
    - + + when state is present -
    status of the EKS cluster
    -
    -
    Sample:
    -
    ['CREATING', 'ACTIVE']
    - +
    status of the EKS cluster
    +
    +
    Sample:
    +
    ['CREATING', 'ACTIVE']
    + - - + +
    version
    string -
    - + + when state is present -
    Kubernetes version of the cluster
    -
    -
    Sample:
    -
    1.10
    - +
    Kubernetes version of the cluster
    +
    +
    Sample:
    +
    1.10
    + - +

    @@ -608,5 +625,3 @@ Authors ~~~~~~~ - Will Thames (@willthames) - - diff --git a/docs/community.aws.aws_elasticbeanstalk_app_module.rst b/docs/community.aws.aws_elasticbeanstalk_app_module.rst index f912ecc7cd1..7c50f8ac67f 100644 --- a/docs/community.aws.aws_elasticbeanstalk_app_module.rst +++ b/docs/community.aws.aws_elasticbeanstalk_app_module.rst @@ -35,230 +35,249 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    app_name
    string -
    -     		- -
    Name of the beanstalk application you wish to manage.
    -

    aliases: name
    -     		+ +
    Name of the beanstalk application you wish to manage.
    +

    aliases: name
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    The description of the application.
    -     		+ +
    The description of the application.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    Whether to ensure the application is present or absent.
    -     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    Whether to ensure the application is present or absent.
    +
    +
    terminate_by_force
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When terminate_by_force=true, running environments will be terminated before deleting the application.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When terminate_by_force=true, running environments will be terminated before deleting the application.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -266,7 +285,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -277,7 +296,6 @@ Examples .. code-block:: yaml+jinja - # Create or update an application - community.aws.aws_elasticbeanstalk_app: app_name: Sample_App @@ -291,8 +309,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -305,41 +321,41 @@ Common return values are documented `here Returned Description - - + +
    app
    dictionary -
    - + + always -
    Beanstalk application.
    -
    -
    Sample:
    -
    {'ApplicationName': 'app-name', 'ConfigurationTemplates': [], 'DateCreated': '2016-12-28T14:50:03.185000+00:00', 'DateUpdated': '2016-12-28T14:50:03.185000+00:00', 'Description': 'description', 'Versions': ['1.0.0', '1.0.1']}
    - +
    Beanstalk application.
    +
    +
    Sample:
    +
    {'ApplicationName': 'app-name', 'ConfigurationTemplates': [], 'DateCreated': '2016-12-28T14:50:03.185000+00:00', 'DateUpdated': '2016-12-28T14:50:03.185000+00:00', 'Description': 'description', 'Versions': ['1.0.0', '1.0.1']}
    + - - + +
    output
    string -
    - + + in check mode -
    Message indicating what change will occur.
    -
    -
    Sample:
    -
    App is up-to-date
    - +
    Message indicating what change will occur.
    +
    +
    Sample:
    +
    App is up-to-date
    + - +

    @@ -352,5 +368,3 @@ Authors - Harpreet Singh (@hsingh) - Stephen Granger (@viper233) - - diff --git a/docs/community.aws.aws_glue_connection_module.rst b/docs/community.aws.aws_glue_connection_module.rst index e679965bd0d..82645217a19 100644 --- a/docs/community.aws.aws_glue_connection_module.rst +++ b/docs/community.aws.aws_glue_connection_module.rst @@ -36,305 +36,324 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    catalog_id
    string -
    -     		- -
    The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.
    -     		+ +
    The ID of the Data Catalog in which to create the connection. If none is supplied, the AWS account ID is used by default.
    +
    +
    connection_properties
    dictionary -
    -     		- -
    A dict of key-value pairs used as parameters for this connection.
    -
    Required when state=present.
    -     		+ +
    A dict of key-value pairs used as parameters for this connection.
    +
    Required when state=present.
    +
    +
    connection_type
    string -
    -     		-
      Choices: -
    • JDBC ←
      • -
    • SFTP
      • -
    -     		-
    The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
    -     		+
      Choices: +
    • JDBC ←
      • +
    • SFTP
      • +
    +     		+
    The type of the connection. Currently, only JDBC is supported; SFTP is not supported.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    The description of the connection.
    -     		+ +
    The description of the connection.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    match_criteria
    list - / elements=string
    -     		- -
    A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
    -     		+ +
    A list of UTF-8 strings that specify the criteria that you can use in selecting this connection.
    +
    +
    name
    string - / required
    -     		- -
    The name of the connection.
    -     		+ +
    The name of the connection.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_groups
    list - / elements=string
    -     		- -
    A list of security groups to be used by the connection. Use either security group name or ID.
    -     		+ +
    A list of security groups to be used by the connection. Use either security group name or ID.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or delete the AWS Glue connection.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or delete the AWS Glue connection.
    +
    +
    subnet_id
    string -
    -     		- -
    The subnet ID used by the connection.
    -     		+ +
    The subnet ID used by the connection.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -342,7 +361,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -353,7 +372,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue connection @@ -372,8 +390,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -386,141 +402,141 @@ Common return values are documented `here Returned Description - - + +
    connection_properties
    dictionary -
    - + + when state is present -
    A dict of key-value pairs used as parameters for this connection.
    -
    -
    Sample:
    -
    {'JDBC_CONNECTION_URL': 'jdbc:mysql://mydb:3306/databasename', 'USERNAME': 'x', 'PASSWORD': 'y'}
    - +
    A dict of key-value pairs used as parameters for this connection.
    +
    +
    Sample:
    +
    {'JDBC_CONNECTION_URL': 'jdbc:mysql://mydb:3306/databasename', 'USERNAME': 'x', 'PASSWORD': 'y'}
    + - - + +
    connection_type
    string -
    - + + when state is present -
    The type of the connection.
    -
    -
    Sample:
    -
    JDBC
    - +
    The type of the connection.
    +
    +
    Sample:
    +
    JDBC
    + - - + +
    creation_time
    string -
    - + + when state is present -
    The time this connection definition was created.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    - +
    The time this connection definition was created.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    + - - + +
    description
    string -
    - + + when state is present -
    Description of the job being defined.
    -
    -
    Sample:
    -
    My first Glue job
    - +
    Description of the job being defined.
    +
    +
    Sample:
    +
    My first Glue job
    + - - + +
    last_updated_time
    string -
    - + + when state is present -
    The last time this connection definition was updated.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    - +
    The last time this connection definition was updated.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    + - - + +
    match_criteria
    list -
    - + + when state is present -
    A list of criteria that can be used in selecting this connection.
    -
    - +
    A list of criteria that can be used in selecting this connection.
    +
    + - - + +
    name
    string -
    - + + when state is present -
    The name of the connection definition.
    -
    -
    Sample:
    -
    my-glue-connection
    - +
    The name of the connection definition.
    +
    +
    Sample:
    +
    my-glue-connection
    + - - + +
    physical_connection_requirements
    dictionary -
    - + + when state is present -
    A dict of physical connection requirements, such as VPC and SecurityGroup, needed for making this connection successfully.
    -
    -
    Sample:
    -
    {'subnet-id': 'subnet-aabbccddee'}
    - +
    A dict of physical connection requirements, such as VPC and SecurityGroup, needed for making this connection successfully.
    +
    +
    Sample:
    +
    {'subnet-id': 'subnet-aabbccddee'}
    + - +

    @@ -532,5 +548,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.aws_glue_job_module.rst b/docs/community.aws.aws_glue_job_module.rst index 8a5a4c4870b..1856b2389e9 100644 --- a/docs/community.aws.aws_glue_job_module.rst +++ b/docs/community.aws.aws_glue_job_module.rst @@ -36,348 +36,367 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    allocated_capacity
    integer -
    -     		- -
    The number of AWS Glue data processing units (DPUs) to allocate to this Job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    -     		+ +
    The number of AWS Glue data processing units (DPUs) to allocate to this Job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    command_name
    string -
    -     		- Default:
    "glueetl"
    -     		-
    The name of the job command. This must be 'glueetl'.
    -     		+ Default:
    "glueetl"
    +     		+
    The name of the job command. This must be 'glueetl'.
    +
    +
    command_script_location
    string -
    -     		- -
    The S3 path to a script that executes a job.
    -
    Required when state=present.
    -     		+ +
    The S3 path to a script that executes a job.
    +
    Required when state=present.
    +
    +
    connections
    list - / elements=string
    -     		- -
    A list of Glue connections used for this job.
    -     		+ +
    A list of Glue connections used for this job.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    default_arguments
    dictionary -
    -     		- -
    A dict of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.
    -     		+ +
    A dict of default arguments for this job. You can specify arguments here that your own job-execution script consumes, as well as arguments that AWS Glue itself consumes.
    +
    +
    description
    string -
    -     		- -
    Description of the job being defined.
    -     		+ +
    Description of the job being defined.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    max_concurrent_runs
    integer -
    -     		- -
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    -     		+ +
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    +
    +
    max_retries
    integer -
    -     		- -
    The maximum number of times to retry this job if it fails.
    -     		+ +
    The maximum number of times to retry this job if it fails.
    +
    +
    name
    string - / required
    -     		- -
    The name you assign to this job definition. It must be unique in your account.
    -     		+ +
    The name you assign to this job definition. It must be unique in your account.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role
    string -
    -     		- -
    The name or ARN of the IAM role associated with this job.
    -
    Required when state=present.
    -     		+ +
    The name or ARN of the IAM role associated with this job.
    +
    Required when state=present.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or delete the AWS Glue job.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or delete the AWS Glue job.
    +
    +
    timeout
    integer -
    -     		- -
    The job timeout in minutes.
    -     		+ +
    The job timeout in minutes.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -385,7 +404,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -396,7 +415,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an AWS Glue job @@ -413,8 +431,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -427,280 +443,280 @@ Common return values are documented `here Returned Description - - + +
    allocated_capacity
    integer -
    - + + when state is present -
    The number of AWS Glue data processing units (DPUs) allocated to runs of this job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    -
    -
    Sample:
    -
    10
    - - - - +
    The number of AWS Glue data processing units (DPUs) allocated to runs of this job. From 2 to 100 DPUs can be allocated; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.
    +
    +
    Sample:
    +
    10
    + + + +
    command
    complex -
    - + + when state is present -
    The JobCommand that executes this job.
    -
    - +
    The JobCommand that executes this job.
    +
    + - -   - + +   +
    name
    string -
    - + + when state is present -
    The name of the job command.
    -
    -
    Sample:
    -
    glueetl
    - - - -   - +
    The name of the job command.
    +
    +
    Sample:
    +
    glueetl
    + + + +   +
    script_location
    string -
    - + + when state is present -
    Specifies the S3 path to a script that executes a job.
    -
    -
    Sample:
    -
    mybucket/myscript.py
    - +
    Specifies the S3 path to a script that executes a job.
    +
    +
    Sample:
    +
    mybucket/myscript.py
    + - - - + + +
    connections
    dictionary -
    - + + when state is present -
    The connections used for this job.
    -
    -
    Sample:
    -
    { Connections: [ 'list', 'of', 'connections' ] }
    - - - - +
    The connections used for this job.
    +
    +
    Sample:
    +
    { Connections: [ 'list', 'of', 'connections' ] }
    + + + +
    created_on
    string -
    - + + when state is present -
    The time and date that this job definition was created.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    - - - - +
    The time and date that this job definition was created.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    + + + +
    default_arguments
    dictionary -
    - + + when state is present -
    The default arguments for this job, specified as name-value pairs.
    -
    -
    Sample:
    -
    { 'mykey1': 'myvalue1' }
    - - - - +
    The default arguments for this job, specified as name-value pairs.
    +
    +
    Sample:
    +
    { 'mykey1': 'myvalue1' }
    + + + +
    description
    string -
    - + + when state is present -
    Description of the job being defined.
    -
    -
    Sample:
    -
    My first Glue job
    - - - - +
    Description of the job being defined.
    +
    +
    Sample:
    +
    My first Glue job
    + + + +
    execution_property
    complex -
    - + + always -
    An ExecutionProperty specifying the maximum number of concurrent runs allowed for this job.
    -
    - +
    An ExecutionProperty specifying the maximum number of concurrent runs allowed for this job.
    +
    + - -   - + +   +
    max_concurrent_runs
    integer -
    - + + when state is present -
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    -
    -
    Sample:
    -
    1
    - +
    The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.
    +
    +
    Sample:
    +
    1
    + - - - + + +
    job_name
    string -
    - + + always -
    The name of the AWS Glue job.
    -
    -
    Sample:
    -
    my-glue-job
    - - - - +
    The name of the AWS Glue job.
    +
    +
    Sample:
    +
    my-glue-job
    + + + +
    last_modified_on
    string -
    - + + when state is present -
    The last point in time when this job definition was modified.
    -
    -
    Sample:
    -
    2018-04-21T05:19:58.326000+00:00
    - - - - +
    The last point in time when this job definition was modified.
    +
    +
    Sample:
    +
    2018-04-21T05:19:58.326000+00:00
    + + + +
    max_retries
    integer -
    - + + when state is present -
    The maximum number of times to retry this job after a JobRun fails.
    -
    -
    Sample:
    -
    5
    - - - - +
    The maximum number of times to retry this job after a JobRun fails.
    +
    +
    Sample:
    +
    5
    + + + +
    name
    string -
    - + + when state is present -
    The name assigned to this job definition.
    -
    -
    Sample:
    -
    my-glue-job
    - - - - +
    The name assigned to this job definition.
    +
    +
    Sample:
    +
    my-glue-job
    + + + +
    role
    string -
    - + + when state is present -
    The name or ARN of the IAM role associated with this job.
    -
    -
    Sample:
    -
    my-iam-role
    - - - - +
    The name or ARN of the IAM role associated with this job.
    +
    +
    Sample:
    +
    my-iam-role
    + + + +
    timeout
    integer -
    - + + when state is present -
    The job timeout in minutes.
    -
    -
    Sample:
    -
    300
    - +
    The job timeout in minutes.
    +
    +
    Sample:
    +
    300
    + - +

    @@ -712,5 +728,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.aws_inspector_target_module.rst b/docs/community.aws.aws_inspector_target_module.rst index 4ebc10da0c7..6c61e1fcf03 100644 --- a/docs/community.aws.aws_inspector_target_module.rst +++ b/docs/community.aws.aws_inspector_target_module.rst @@ -37,211 +37,230 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The user-defined name that identifies the assessment target. The name must be unique within the AWS account.
    -     		+ +
    The user-defined name that identifies the assessment target. The name must be unique within the AWS account.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    The state of the assessment target.
    -     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    The state of the assessment target.
    +
    +
    tags
    dictionary -
    -     		- -
    Tags of the EC2 instances to be added to the assessment target.
    -
    Required if state=present.
    -     		+ +
    Tags of the EC2 instances to be added to the assessment target.
    +
    Required if state=present.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -249,7 +268,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -260,7 +279,6 @@ Examples .. code-block:: yaml+jinja - - name: Create my_target Assessment Target community.aws.aws_inspector_target: name: my_target @@ -281,7 +299,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -294,109 +311,109 @@ Common return values are documented `here Returned Description - - + +
    arn
    string -
    - + + success -
    The ARN that specifies the Amazon Inspector assessment target.
    -
    -
    Sample:
    -
    arn:aws:inspector:eu-west-1:123456789012:target/0-O4LnL7n1
    - +
    The ARN that specifies the Amazon Inspector assessment target.
    +
    +
    Sample:
    +
    arn:aws:inspector:eu-west-1:123456789012:target/0-O4LnL7n1
    + - - + +
    created_at
    string -
    - + + success -
    The time at which the assessment target was created.
    -
    -
    Sample:
    -
    2018-01-29T13:48:51.958000+00:00
    - +
    The time at which the assessment target was created.
    +
    +
    Sample:
    +
    2018-01-29T13:48:51.958000+00:00
    + - - + +
    name
    string -
    - + + success -
    The name of the Amazon Inspector assessment target.
    -
    -
    Sample:
    -
    my_target
    - +
    The name of the Amazon Inspector assessment target.
    +
    +
    Sample:
    +
    my_target
    + - - + +
    resource_group_arn
    string -
    - + + success -
    The ARN that specifies the resource group that is associated with the assessment target.
    -
    -
    Sample:
    -
    arn:aws:inspector:eu-west-1:123456789012:resourcegroup/0-qY4gDel8
    - +
    The ARN that specifies the resource group that is associated with the assessment target.
    +
    +
    Sample:
    +
    arn:aws:inspector:eu-west-1:123456789012:resourcegroup/0-qY4gDel8
    + - - + +
    tags
    list -
    - + + success -
    The tags of the resource group that is associated with the assessment target.
    -
    -
    Sample:
    -
    {'role': 'scan_target', 'env': 'dev'}
    - +
    The tags of the resource group that is associated with the assessment target.
    +
    +
    Sample:
    +
    {'role': 'scan_target', 'env': 'dev'}
    + - - + +
    updated_at
    string -
    - + + success -
    The time at which the assessment target was last updated.
    -
    -
    Sample:
    -
    2018-01-29T13:48:51.958000+00:00
    - +
    The time at which the assessment target was last updated.
    +
    +
    Sample:
    +
    2018-01-29T13:48:51.958000+00:00
    + - +

    @@ -408,5 +425,3 @@ Authors ~~~~~~~ - Dennis Conrad (@dennisconrad) - - diff --git a/docs/community.aws.aws_kms_info_module.rst b/docs/community.aws.aws_kms_info_module.rst index dfd111a404b..420b18fbb8d 100644 --- a/docs/community.aws.aws_kms_info_module.rst +++ b/docs/community.aws.aws_kms_info_module.rst @@ -36,195 +36,214 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (tag-key, tag-value and tag:tagName) are available, as are key-id and alias
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. The filters aren't natively supported by boto3, but are supported to provide similar functionality to other modules. Standard tag filters (tag-key, tag-value and tag:tagName) are available, as are key-id and alias
    +
    +
    pending_deletion
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to get full details (tags, grants etc.) of keys pending deletion
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to get full details (tags, grants etc.) of keys pending deletion
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -232,7 +251,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -243,7 +262,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all KMS keys @@ -261,7 +279,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -274,441 +291,441 @@ Common return values are documented `here Returned Description - - + +
    keys
    complex -
    - + + always -
    list of keys
    -
    - +
    list of keys
    +
    + - -   - + +   +
    aliases
    list -
    - + + always -
    list of aliases associated with the key
    -
    -
    Sample:
    -
    ['aws/acm', 'aws/ebs']
    - - - -   - +
    list of aliases associated with the key
    +
    +
    Sample:
    +
    ['aws/acm', 'aws/ebs']
    + + + +   +
    aws_account_id
    string -
    - + + always -
    The AWS Account ID that the key belongs to
    -
    -
    Sample:
    -
    1234567890123
    - - - -   - +
    The AWS Account ID that the key belongs to
    +
    +
    Sample:
    +
    1234567890123
    + + + +   +
    creation_date
    string -
    - + + always -
    Date of creation of the key
    -
    -
    Sample:
    -
    2017-04-18T15:12:08.551000+10:00
    - - - -   - +
    Date of creation of the key
    +
    +
    Sample:
    +
    2017-04-18T15:12:08.551000+10:00
    + + + +   +
    description
    string -
    - + + always -
    Description of the key
    -
    -
    Sample:
    -
    My Key for Protecting important stuff
    - - - -   - +
    Description of the key
    +
    +
    Sample:
    +
    My Key for Protecting important stuff
    + + + +   +
    enable_key_rotation
    boolean -
    - + + always -
    Whether the automatically key rotation every year is enabled.
    -
    - +
    Whether the automatically key rotation every year is enabled.
    +
    + - -   - + +   +
    enabled
    string -
    - + + always -
    Whether the key is enabled. True if KeyState is true.
    -
    - +
    Whether the key is enabled. True if KeyState is true.
    +
    + - -   - + +   +
    grants
    complex -
    - + + always -
    list of grants associated with a key
    -
    - +
    list of grants associated with a key
    +
    + - -   -   - + +   +   +
    constraints
    dictionary -
    - + + always -
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    -
    -
    Sample:
    -
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    - - - -   -   - +
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    +
    +
    Sample:
    +
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    + + + +   +   +
    creation_date
    string -
    - + + always -
    Date of creation of the grant
    -
    -
    Sample:
    -
    2017-04-18T15:12:08+10:00
    - - - -   -   - +
    Date of creation of the grant
    +
    +
    Sample:
    +
    2017-04-18T15:12:08+10:00
    + + + +   +   +
    grant_id
    string -
    - + + always -
    The unique ID for the grant
    -
    -
    Sample:
    -
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    - - - -   -   - +
    The unique ID for the grant
    +
    +
    Sample:
    +
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    + + + +   +   +
    grantee_principal
    string -
    - + + always -
    The principal that receives the grant's permissions
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    - - - -   -   - +
    The principal that receives the grant's permissions
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    + + + +   +   +
    issuing_account
    string -
    - + + always -
    The AWS account under which the grant was issued
    -
    -
    Sample:
    -
    arn:aws:iam::01234567890:root
    - - - -   -   - +
    The AWS account under which the grant was issued
    +
    +
    Sample:
    +
    arn:aws:iam::01234567890:root
    + + + +   +   +
    key_id
    string -
    - + + always -
    The key ARN to which the grant applies.
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    - - - -   -   - +
    The key ARN to which the grant applies.
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    + + + +   +   +
    name
    string -
    - + + always -
    The friendly name that identifies the grant
    -
    -
    Sample:
    -
    xyz
    - - - -   -   - +
    The friendly name that identifies the grant
    +
    +
    Sample:
    +
    xyz
    + + + +   +   +
    operations
    list -
    - + + always -
    The list of operations permitted by the grant
    -
    -
    Sample:
    -
    ['Decrypt', 'RetireGrant']
    - - - -   -   - +
    The list of operations permitted by the grant
    +
    +
    Sample:
    +
    ['Decrypt', 'RetireGrant']
    + + + +   +   +
    retiring_principal
    string -
    - + + always -
    The principal that can retire the grant
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    - +
    The principal that can retire the grant
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    + - - -   - + + +   +
    key_arn
    string -
    - + + always -
    ARN of key
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    - - - -   - +
    ARN of key
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    + + + +   +
    key_id
    string -
    - + + always -
    ID of key
    -
    -
    Sample:
    -
    abcd1234-abcd-1234-5678-ef1234567890
    - - - -   - +
    ID of key
    +
    +
    Sample:
    +
    abcd1234-abcd-1234-5678-ef1234567890
    + + + +   +
    key_state
    string -
    - + + always -
    The state of the key
    -
    -
    Sample:
    -
    PendingDeletion
    - - - -   - +
    The state of the key
    +
    +
    Sample:
    +
    PendingDeletion
    + + + +   +
    key_usage
    string -
    - + + always -
    The cryptographic operations for which you can use the key.
    -
    -
    Sample:
    -
    ENCRYPT_DECRYPT
    - - - -   - +
    The cryptographic operations for which you can use the key.
    +
    +
    Sample:
    +
    ENCRYPT_DECRYPT
    + + + +   +
    origin
    string -
    - + + always -
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    -
    -
    Sample:
    -
    AWS_KMS
    - - - -   - +
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    +
    +
    Sample:
    +
    AWS_KMS
    + + + +   +
    policies
    list -
    - + + always -
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    -
    -
    Sample:
    -
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    - - - -   - +
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    +
    +
    Sample:
    +
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    + + + +   +
    tags
    dictionary -
    - + + always -
    dictionary of tags applied to the key. Empty when access is denied even if there are tags.
    -
    -
    Sample:
    -
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    - +
    dictionary of tags applied to the key. Empty when access is denied even if there are tags.
    +
    +
    Sample:
    +
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    + - - + +

    @@ -720,5 +737,3 @@ Authors ~~~~~~~ - Will Thames (@willthames) - - diff --git a/docs/community.aws.aws_kms_module.rst b/docs/community.aws.aws_kms_module.rst index e308878fd56..0e9ab4a7da5 100644 --- a/docs/community.aws.aws_kms_module.rst +++ b/docs/community.aws.aws_kms_module.rst @@ -35,533 +35,552 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + + - - + / elements=string + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    alias
    string -
    -     		- -
    An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use community.aws.aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.
    -

    aliases: key_alias
    -     		+ +
    An alias for a key. For safety, even though KMS does not require keys to have an alias, this module expects all new keys to be given an alias to make them easier to manage. Existing keys without an alias may be referred to by key_id. Use community.aws.aws_kms_info to find key ids. Required if key_id is not given. Note that passing a key_id and alias will only cause a new alias to be added, an alias will never be renamed. The 'alias/' prefix is optional.
    +

    aliases: key_alias
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
    -     		+ +
    A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    enable_key_rotation
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the key should be automatically rotated every year.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the key should be automatically rotated every year.
    +
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not a key is enabled
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not a key is enabled
    +
    +
    grants
    list - / elements=dictionary
    -     		- -
    A list of grants to apply to the key. Each item must contain grantee_principal. Each item can optionally contain retiring_principal, operations, constraints, name.
    -
    grantee_principal and retiring_principal must be ARNs
    -
    For full documentation of suboptions see the boto3 documentation:
    - -     		+ +
    A list of grants to apply to the key. Each item must contain grantee_principal. Each item can optionally contain retiring_principal, operations, constraints, name.
    +
    grantee_principal and retiring_principal must be ARNs
    +
    For full documentation of suboptions see the boto3 documentation:
    + +
    +
    constraints
    dictionary -
    -     		- -
    Constraints is a dict containing encryption_context_subset or encryption_context_equals, either or both being a dict specifying an encryption context match. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html or https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant
    -     		+ +
    Constraints is a dict containing encryption_context_subset or encryption_context_equals, either or both being a dict specifying an encryption context match. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html or https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kms.html#KMS.Client.create_grant
    +
    +
    grantee_principal
    string - / required
    -     		- -
    The full ARN of the principal being granted permissions.
    -     		+ +
    The full ARN of the principal being granted permissions.
    +
    +
    operations
    list - / elements=string
    -     		-
      Choices: -
    • Decrypt
      • -
    • Encrypt
      • -
    • GenerateDataKey
      • -
    • GenerateDataKeyWithoutPlaintext
      • -
    • ReEncryptFrom
      • -
    • ReEncryptTo
      • -
    • CreateGrant
      • -
    • RetireGrant
      • -
    • DescribeKey
      • -
    • Verify
      • -
    • Sign
      • -
    -     		-
    A list of operations that the grantee may perform using the CMK.
    -     		+
      Choices: +
    • Decrypt
      • +
    • Encrypt
      • +
    • GenerateDataKey
      • +
    • GenerateDataKeyWithoutPlaintext
      • +
    • ReEncryptFrom
      • +
    • ReEncryptTo
      • +
    • CreateGrant
      • +
    • RetireGrant
      • +
    • DescribeKey
      • +
    • Verify
      • +
    • Sign
      • +
    +     		+
    A list of operations that the grantee may perform using the CMK.
    +
    +
    retiring_principal
    string -
    -     		- -
    The full ARN of the principal permitted to revoke/retire the grant.
    -     		+ +
    The full ARN of the principal permitted to revoke/retire the grant.
    +
    + +
    key_id
    string -
    -     		- -
    Key ID or ARN of the key.
    -
    One of alias or key_id are required.
    -

    aliases: key_arn
    -     		+ +
    Key ID or ARN of the key.
    +
    One of alias or key_id are required.
    +

    aliases: key_arn
    +
    +
    policy
    json -
    -     		- -
    policy to apply to the KMS key.
    - -     		+ +
    policy to apply to the KMS key.
    + +
    +
    policy_clean_invalid_entries
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    (deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
    -
    Only cleans if changes are being made.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: clean_invalid_entries
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    (deprecated) If adding/removing a role and invalid grantees are found, remove them. These entries will cause an update to fail in all known cases.
    +
    Only cleans if changes are being made.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: clean_invalid_entries
    +
    +
    policy_grant_types
    list - / elements=string
    -     		- -
    (deprecated) List of grants to give to user/role. Likely "role,role grant" or "role,role grant,admin".
    -
    Required when policy_mode=grant.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: grant_types
    -     		+ +
    (deprecated) List of grants to give to user/role. Likely "role,role grant" or "role,role grant,admin".
    +
    Required when policy_mode=grant.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: grant_types
    +
    +
    policy_mode
    string -
    -     		-
      Choices: -
    • grant ←
      • -
    • deny
      • -
    -     		-
    (deprecated) Grant or deny access.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: mode
    -     		+
      Choices: +
    • grant ←
      • +
    • deny
      • +
    +     		+
    (deprecated) Grant or deny access.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: mode
    +
    +
    policy_role_arn
    string -
    -     		- -
    (deprecated) ARN of role to allow/deny access.
    -
    One of policy_role_name or policy_role_arn are required.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: role_arn
    -     		+ +
    (deprecated) ARN of role to allow/deny access.
    +
    One of policy_role_name or policy_role_arn are required.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: role_arn
    +
    +
    policy_role_name
    string -
    -     		- -
    (deprecated) Role to allow/deny access.
    -
    One of policy_role_name or policy_role_arn are required.
    -
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    -
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    -

    aliases: role_name
    -     		+ +
    (deprecated) Role to allow/deny access.
    +
    One of policy_role_name or policy_role_arn are required.
    +
    Used for modifying the Key Policy rather than modifying a grant and only works on the default policy created through the AWS Console.
    +
    This option has been deprecated, and will be removed in 2.13. Use policy instead.
    +

    aliases: role_name
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_grants
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the grants argument should cause grants not in the list to be removed
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the grants argument should cause grants not in the list to be removed
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the tags argument should cause tags not in the list to be removed
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the tags argument should cause tags not in the list to be removed
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether a key should be present or absent. Note that making an existing key absent only schedules a key for deletion. Passing a key that is scheduled for deletion with state present will cancel key deletion.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether a key should be present or absent. Note that making an existing key absent only schedules a key for deletion. Passing a key that is scheduled for deletion with state present will cancel key deletion.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of tags to apply to a key.
    -     		+ +
    A dictionary of tags to apply to a key.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -569,7 +588,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -580,7 +599,6 @@ Examples .. code-block:: yaml+jinja - # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile # and has been deprecated in favour of the policy option. - name: grant user-style access to production secrets @@ -642,7 +660,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -655,419 +672,419 @@ Common return values are documented `here Returned Description - - + +
    aliases
    list -
    - + + always -
    list of aliases associated with the key
    -
    -
    Sample:
    -
    ['aws/acm', 'aws/ebs']
    - +
    list of aliases associated with the key
    +
    +
    Sample:
    +
    ['aws/acm', 'aws/ebs']
    + - - + +
    aws_account_id
    string -
    - + + always -
    The AWS Account ID that the key belongs to
    -
    -
    Sample:
    -
    1234567890123
    - +
    The AWS Account ID that the key belongs to
    +
    +
    Sample:
    +
    1234567890123
    + - - + +
    changes_needed
    dictionary -
    - + + always -
    grant types that would be changed/were changed.
    -
    -
    Sample:
    -
    {'role': 'add', 'role grant': 'add'}
    - +
    grant types that would be changed/were changed.
    +
    +
    Sample:
    +
    {'role': 'add', 'role grant': 'add'}
    + - - + +
    creation_date
    string -
    - + + always -
    Date of creation of the key
    -
    -
    Sample:
    -
    2017-04-18T15:12:08.551000+10:00
    - +
    Date of creation of the key
    +
    +
    Sample:
    +
    2017-04-18T15:12:08.551000+10:00
    + - - + +
    description
    string -
    - + + always -
    Description of the key
    -
    -
    Sample:
    -
    My Key for Protecting important stuff
    - +
    Description of the key
    +
    +
    Sample:
    +
    My Key for Protecting important stuff
    + - - + +
    enabled
    string -
    - + + always -
    Whether the key is enabled. True if KeyState is true.
    -
    - +
    Whether the key is enabled. True if KeyState is true.
    +
    + - - + +
    grants
    complex -
    - + + always -
    list of grants associated with a key
    -
    - +
    list of grants associated with a key
    +
    + - -   - + +   +
    constraints
    dictionary -
    - + + always -
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    -
    -
    Sample:
    -
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    - +
    Constraints on the encryption context that the grant allows. See https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html for further details
    +
    +
    Sample:
    +
    {'encryption_context_equals': {'aws:lambda:_function_arn': 'arn:aws:lambda:ap-southeast-2:012345678912:function:xyz'}}
    + - -   - + +   +
    creation_date
    string -
    - + + always -
    Date of creation of the grant
    -
    -
    Sample:
    -
    2017-04-18T15:12:08+10:00
    - +
    Date of creation of the grant
    +
    +
    Sample:
    +
    2017-04-18T15:12:08+10:00
    + - -   - + +   +
    grant_id
    string -
    - + + always -
    The unique ID for the grant
    -
    -
    Sample:
    -
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    - +
    The unique ID for the grant
    +
    +
    Sample:
    +
    abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
    + - -   - + +   +
    grantee_principal
    string -
    - + + always -
    The principal that receives the grant's permissions
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    - +
    The principal that receives the grant's permissions
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    + - -   - + +   +
    issuing_account
    string -
    - + + always -
    The AWS account under which the grant was issued
    -
    -
    Sample:
    -
    arn:aws:iam::01234567890:root
    - +
    The AWS account under which the grant was issued
    +
    +
    Sample:
    +
    arn:aws:iam::01234567890:root
    + - -   - + +   +
    key_id
    string -
    - + + always -
    The key ARN to which the grant applies.
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    - +
    The key ARN to which the grant applies.
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    + - -   - + +   +
    name
    string -
    - + + always -
    The friendly name that identifies the grant
    -
    -
    Sample:
    -
    xyz
    - +
    The friendly name that identifies the grant
    +
    +
    Sample:
    +
    xyz
    + - -   - + +   +
    operations
    list -
    - + + always -
    The list of operations permitted by the grant
    -
    -
    Sample:
    -
    ['Decrypt', 'RetireGrant']
    - +
    The list of operations permitted by the grant
    +
    +
    Sample:
    +
    ['Decrypt', 'RetireGrant']
    + - -   - + +   +
    retiring_principal
    string -
    - + + always -
    The principal that can retire the grant
    -
    -
    Sample:
    -
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    - +
    The principal that can retire the grant
    +
    +
    Sample:
    +
    arn:aws:sts::0123456789012:assumed-role/lambda_xyz/xyz
    + - - - + + +
    had_invalid_entries
    boolean -
    - + + always -
    there are invalid (non-ARN) entries in the KMS entry. These don't count as a change, but will be removed if any changes are being made.
    -
    - +
    there are invalid (non-ARN) entries in the KMS entry. These don't count as a change, but will be removed if any changes are being made.
    +
    + - - + +
    key_arn
    string -
    - + + always -
    ARN of key
    -
    -
    Sample:
    -
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    - +
    ARN of key
    +
    +
    Sample:
    +
    arn:aws:kms:ap-southeast-2:123456789012:key/abcd1234-abcd-1234-5678-ef1234567890
    + - - + +
    key_id
    string -
    - + + always -
    ID of key
    -
    -
    Sample:
    -
    abcd1234-abcd-1234-5678-ef1234567890
    - +
    ID of key
    +
    +
    Sample:
    +
    abcd1234-abcd-1234-5678-ef1234567890
    + - - + +
    key_state
    string -
    - + + always -
    The state of the key
    -
    -
    Sample:
    -
    PendingDeletion
    - +
    The state of the key
    +
    +
    Sample:
    +
    PendingDeletion
    + - - + +
    key_usage
    string -
    - + + always -
    The cryptographic operations for which you can use the key.
    -
    -
    Sample:
    -
    ENCRYPT_DECRYPT
    - +
    The cryptographic operations for which you can use the key.
    +
    +
    Sample:
    +
    ENCRYPT_DECRYPT
    + - - + +
    origin
    string -
    - + + always -
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    -
    -
    Sample:
    -
    AWS_KMS
    - +
    The source of the key's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported or the CMK lacks key material.
    +
    +
    Sample:
    +
    AWS_KMS
    + - - + +
    policies
    list -
    - + + always -
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    -
    -
    Sample:
    -
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    - +
    list of policy documents for the keys. Empty when access is denied even if there are policies.
    +
    +
    Sample:
    +
    {'Version': '2012-10-17', 'Id': 'auto-ebs-2', 'Statement': [{'Sid': 'Allow access through EBS for all principals in the account that are authorized to use EBS', 'Effect': 'Allow', 'Principal': {'AWS': '*'}, 'Action': ['kms:Encrypt', 'kms:Decrypt', 'kms:ReEncrypt*', 'kms:GenerateDataKey*', 'kms:CreateGrant', 'kms:DescribeKey'], 'Resource': '*', 'Condition': {'StringEquals': {'kms:CallerAccount': '111111111111', 'kms:ViaService': 'ec2.ap-southeast-2.amazonaws.com'}}}, {'Sid': 'Allow direct access to key metadata to the account', 'Effect': 'Allow', 'Principal': {'AWS': 'arn:aws:iam::111111111111:root'}, 'Action': ['kms:Describe*', 'kms:Get*', 'kms:List*', 'kms:RevokeGrant'], 'Resource': '*'}]}
    + - - + +
    tags
    dictionary -
    - + + always -
    dictionary of tags applied to the key
    -
    -
    Sample:
    -
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    - +
    dictionary of tags applied to the key
    +
    +
    Sample:
    +
    {'Name': 'myKey', 'Purpose': 'protecting_stuff'}
    + - +

    @@ -1081,5 +1098,3 @@ Authors - Ted Timmons (@tedder) - Will Thames (@willthames) - Mark Chappell (@tremble) - - diff --git a/docs/community.aws.aws_region_info_module.rst b/docs/community.aws.aws_region_info_module.rst index 0b64ff2eb9e..cad84e911e2 100644 --- a/docs/community.aws.aws_region_info_module.rst +++ b/docs/community.aws.aws_region_info_module.rst @@ -38,177 +38,201 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html for possible filters. Filter names and values are case sensitive. You can also use underscores instead of dashes (-) in the filter keys, which will take precedence in case of conflict.
    -     		+ Default:
    {}
    +     		+
    A dict of filters to apply.
    +
    Each dict item consists of a filter key and a filter value.
    + +
    Filter names and values are case sensitive.
    +
    You can use underscores instead of dashes (-) in the filter keys.
    +
    Filter keys with underscores will take precedence in case of conflict.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -216,7 +240,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -227,7 +251,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all regions @@ -240,7 +263,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -253,24 +275,24 @@ Common return values are documented `here Returned Description - - + +
    regions
    list -
    - + + on success -
    Regions that match the provided filters. Each element consists of a dict with all the information related to that region.
    -
    -
    Sample:
    -
    [{ 'endpoint': 'ec2.us-west-1.amazonaws.com', 'region_name': 'us-west-1' }]
    - +
    Regions that match the provided filters. Each element consists of a dict with all the information related to that region.
    +
    +
    Sample:
    +
    [{ 'endpoint': 'ec2.us-west-1.amazonaws.com', 'region_name': 'us-west-1' }]
    + - +

    @@ -282,5 +304,3 @@ Authors ~~~~~~~ - Henrique Rodrigues (@Sodki) - - diff --git a/docs/community.aws.aws_s3_bucket_info_module.rst b/docs/community.aws.aws_s3_bucket_info_module.rst index 33a71bf5035..c0b8306aaa0 100644 --- a/docs/community.aws.aws_s3_bucket_info_module.rst +++ b/docs/community.aws.aws_s3_bucket_info_module.rst @@ -37,161 +37,180 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -199,7 +218,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -210,7 +229,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Note: Only AWS S3 is currently supported @@ -220,12 +238,11 @@ Examples register: result - name: List buckets - debug: + ansible.builtin.debug: msg: "{{ result['buckets'] }}" - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -238,24 +255,24 @@ Common return values are documented `here Returned Description - - + +
    buckets
    list -
    - + + always -
    List of buckets
    -
    -
    Sample:
    -
    [{'creation_date': '2017-07-06 15:05:12 +00:00', 'name': 'my_bucket'}]
    - +
    List of buckets
    +
    +
    Sample:
    +
    [{'creation_date': '2017-07-06 15:05:12 +00:00', 'name': 'my_bucket'}]
    + - +

    @@ -267,5 +284,3 @@ Authors ~~~~~~~ - Gerben Geijteman (@hyperized) - - diff --git a/docs/community.aws.aws_s3_cors_module.rst b/docs/community.aws.aws_s3_cors_module.rst index 317bfbd5157..bbbd16da1ca 100644 --- a/docs/community.aws.aws_s3_cors_module.rst +++ b/docs/community.aws.aws_s3_cors_module.rst @@ -35,210 +35,229 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Name of the s3 bucket
    -     		+ +
    Name of the s3 bucket
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    rules
    list -
    -     		- -
    Cors rules to put on the s3 bucket
    -     		+ +
    Cors rules to put on the s3 bucket
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or remove cors on the s3 bucket
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or remove cors on the s3 bucket
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -246,7 +265,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -257,7 +276,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Create a simple cors for s3 bucket @@ -284,7 +302,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -297,58 +314,58 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    check to see if a change was made to the rules
    -
    -
    Sample:
    -
    True
    - +
    check to see if a change was made to the rules
    +
    +
    Sample:
    +
    True
    + - - + +
    name
    string -
    - + + always -
    name of bucket
    -
    -
    Sample:
    -
    bucket-name
    - +
    name of bucket
    +
    +
    Sample:
    +
    bucket-name
    + - - + +
    rules
    list -
    - + + always -
    list of current rules
    -
    -
    Sample:
    -
    [{'allowed_headers': ['Authorization'], 'allowed_methods': ['GET'], 'allowed_origins': ['*'], 'max_age_seconds': 30000}]
    - +
    list of current rules
    +
    +
    Sample:
    +
    [{'allowed_headers': ['Authorization'], 'allowed_methods': ['GET'], 'allowed_origins': ['*'], 'max_age_seconds': 30000}]
    + - +

    @@ -360,5 +377,3 @@ Authors ~~~~~~~ - Oyvind Saltvik (@fivethreeo) - - diff --git a/docs/community.aws.aws_secret_module.rst b/docs/community.aws.aws_secret_module.rst index 3cacd552a63..b376dcf4c13 100644 --- a/docs/community.aws.aws_secret_module.rst +++ b/docs/community.aws.aws_secret_module.rst @@ -37,324 +37,343 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    Specifies a user-provided description of the secret.
    -     		+ +
    Specifies a user-provided description of the secret.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    kms_key_id
    string -
    -     		- -
    Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
    -     		+ +
    Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the `secret_string` or `secret_binary` values in the versions stored in this secret.
    +
    +
    name
    string - / required
    -     		- -
    Friendly name for the secret you are creating.
    -     		+ +
    Friendly name for the secret you are creating.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    recovery_window
    integer -
    -     		- Default:
    30
    -     		-
    Only used if state is absent.
    -
    Specifies the number of days that Secrets Manager waits before it can delete the secret.
    -
    If set to 0, the deletion is forced without recovery.
    -     		+ Default:
    30
    +     		+
    Only used if state is absent.
    +
    Specifies the number of days that Secrets Manager waits before it can delete the secret.
    +
    If set to 0, the deletion is forced without recovery.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    rotation_interval
    integer -
    -     		- Default:
    30
    -     		-
    Specifies the number of days between automatic scheduled rotations of the secret.
    -     		+ Default:
    30
    +     		+
    Specifies the number of days between automatic scheduled rotations of the secret.
    +
    +
    rotation_lambda
    string -
    -     		- -
    Specifies the ARN of the Lambda function that can rotate the secret.
    -     		+ +
    Specifies the ARN of the Lambda function that can rotate the secret.
    +
    +
    secret
    string -
    -     		- Default:
    ""
    -     		-
    Specifies string or binary data that you want to encrypt and store in the new version of the secret.
    -     		+ Default:
    ""
    +     		+
    Specifies string or binary data that you want to encrypt and store in the new version of the secret.
    +
    +
    secret_type
    string -
    -     		-
      Choices: -
    • binary
      • -
    • string ←
      • -
    -     		-
    Specifies the type of data that you want to encrypt.
    -     		+
      Choices: +
    • binary
      • +
    • string ←
      • +
    +     		+
    Specifies the type of data that you want to encrypt.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the secret should be exist or not.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the secret should be exist or not.
    +
    +
    tags
    dictionary -
    -     		- -
    Specifies a list of user-defined tags that are attached to the secret.
    -     		+ +
    Specifies a list of user-defined tags that are attached to the secret.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -362,7 +381,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -373,7 +392,6 @@ Examples .. code-block:: yaml+jinja - - name: Add string to AWS Secrets Manager community.aws.aws_secret: name: 'test_secret_string' @@ -390,7 +408,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -403,129 +420,129 @@ Common return values are documented `here Returned Description - - + +
    secret
    complex -
    - + + always -
    The secret information
    -
    - +
    The secret information
    +
    + - -   - + +   +
    arn
    string -
    - + + always -
    The ARN of the secret
    -
    -
    Sample:
    -
    arn:aws:secretsmanager:eu-west-1:xxxxxxxxxx:secret:xxxxxxxxxxx
    - +
    The ARN of the secret
    +
    +
    Sample:
    +
    arn:aws:secretsmanager:eu-west-1:xxxxxxxxxx:secret:xxxxxxxxxxx
    + - -   - + +   +
    last_accessed_date
    string -
    - + + always -
    The date the secret was last accessed
    -
    -
    Sample:
    -
    2018-11-20T01:00:00+01:00
    - +
    The date the secret was last accessed
    +
    +
    Sample:
    +
    2018-11-20T01:00:00+01:00
    + - -   - + +   +
    last_changed_date
    string -
    - + + always -
    The date the secret was last modified.
    -
    -
    Sample:
    -
    2018-11-20T12:16:38.433000+01:00
    - +
    The date the secret was last modified.
    +
    +
    Sample:
    +
    2018-11-20T12:16:38.433000+01:00
    + - -   - + +   +
    name
    string -
    - + + always -
    The secret name.
    -
    -
    Sample:
    -
    my_secret
    - +
    The secret name.
    +
    +
    Sample:
    +
    my_secret
    + - -   - + +   +
    rotation_enabled
    boolean -
    - + + always -
    The secret rotation status.
    -
    - +
    The secret rotation status.
    +
    + - -   - + +   +
    version_ids_to_stages
    dictionary -
    - + + always -
    Provide the secret version ids and the associated secret stage.
    -
    -
    Sample:
    -
    {'dc1ed59b-6d8e-4450-8b41-536dfe4600a9': ['AWSCURRENT']}
    - +
    Provide the secret version ids and the associated secret stage.
    +
    +
    Sample:
    +
    {'dc1ed59b-6d8e-4450-8b41-536dfe4600a9': ['AWSCURRENT']}
    + - - + +

    @@ -537,5 +554,3 @@ Authors ~~~~~~~ - REY Remi (@rrey) - - diff --git a/docs/community.aws.aws_ses_identity_module.rst b/docs/community.aws.aws_ses_identity_module.rst index 23d2cad13f2..445b309d524 100644 --- a/docs/community.aws.aws_ses_identity_module.rst +++ b/docs/community.aws.aws_ses_identity_module.rst @@ -38,383 +38,402 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bounce_notifications
    dictionary -
    -     		- -
    Setup the SNS topic used to report bounce notifications.
    -
    If omitted, bounce notifications will not be delivered to a SNS topic.
    -
    If bounce notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    -
    + + + +
    Setup the SNS topic used to report bounce notifications.
    +
    If omitted, bounce notifications will not be delivered to a SNS topic.
    +
    If bounce notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    +
    include_headers
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to include headers when delivering to the SNS topic.
    -
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to include headers when delivering to the SNS topic.
    +
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    +
    +
    topic
    - -
    -     		- -
    The ARN of the topic to send notifications to.
    -
    If omitted, notifications will not be delivered to a SNS topic.
    -
    + + + +
    The ARN of the topic to send notifications to.
    +
    If omitted, notifications will not be delivered to a SNS topic.
    +
    complaint_notifications
    dictionary -
    -     		- -
    Setup the SNS topic used to report complaint notifications.
    -
    If omitted, complaint notifications will not be delivered to a SNS topic.
    -
    If complaint notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    -
    + + + +
    Setup the SNS topic used to report complaint notifications.
    +
    If omitted, complaint notifications will not be delivered to a SNS topic.
    +
    If complaint notifications are not delivered to a SNS topic, feedback_forwarding must be enabled.
    +
    include_headers
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to include headers when delivering to the SNS topic.
    -
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to include headers when delivering to the SNS topic.
    +
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    +
    +
    topic
    - -
    -     		- -
    The ARN of the topic to send notifications to.
    -
    If omitted, notifications will not be delivered to a SNS topic.
    -
    + + + +
    The ARN of the topic to send notifications to.
    +
    If omitted, notifications will not be delivered to a SNS topic.
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delivery_notifications
    dictionary -
    -     		- -
    Setup the SNS topic used to report delivery notifications.
    -
    If omitted, delivery notifications will not be delivered to a SNS topic.
    -
    + + + +
    Setup the SNS topic used to report delivery notifications.
    +
    If omitted, delivery notifications will not be delivered to a SNS topic.
    +
    include_headers
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to include headers when delivering to the SNS topic.
    -
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to include headers when delivering to the SNS topic.
    +
    If topic is not specified this will have no impact, but the SES setting is updated even if there is no topic.
    +
    +
    topic
    - -
    -     		- -
    The ARN of the topic to send notifications to.
    -
    If omitted, notifications will not be delivered to a SNS topic.
    -
    + + + +
    The ARN of the topic to send notifications to.
    +
    If omitted, notifications will not be delivered to a SNS topic.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    feedback_forwarding
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to enable feedback forwarding.
    -
    This can only be false if both bounce_notifications and complaint_notifications specify SNS topics.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to enable feedback forwarding.
    +
    This can only be false if both bounce_notifications and complaint_notifications specify SNS topics.
    +
    +
    identity
    string - / required
    -     		- -
    This is the email address or domain to verify / delete.
    -
    If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
    -     		+ +
    This is the email address or domain to verify / delete.
    +
    If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create(or update) or delete the identity.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create(or update) or delete the identity.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -422,7 +441,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -433,7 +452,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Ensure example@example.com email identity exists @@ -490,7 +508,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -503,226 +520,226 @@ Common return values are documented `here Returned Description - - + +
    identity
    string -
    - + + success -
    The identity being modified.
    -
    -
    Sample:
    -
    example@example.com
    - - - - +
    The identity being modified.
    +
    +
    Sample:
    +
    example@example.com
    + + + +
    identity_arn
    string -
    - + + success -
    The arn of the identity being modified.
    -
    -
    Sample:
    -
    arn:aws:ses:us-east-1:12345678:identity/example@example.com
    - - - - +
    The arn of the identity being modified.
    +
    +
    Sample:
    +
    arn:aws:ses:us-east-1:12345678:identity/example@example.com
    + + + +
    notification_attributes
    complex -
    - + + success -
    The notification setup for the identity.
    -
    -
    Sample:
    -
    {'bounce_topic': 'arn:aws:sns:....', 'complaint_topic': 'arn:aws:sns:....', 'delivery_topic': 'arn:aws:sns:....', 'forwarding_enabled': False, 'headers_in_bounce_notifications_enabled': True, 'headers_in_complaint_notifications_enabled': True, 'headers_in_delivery_notifications_enabled': True}
    - +
    The notification setup for the identity.
    +
    +
    Sample:
    +
    {'bounce_topic': 'arn:aws:sns:....', 'complaint_topic': 'arn:aws:sns:....', 'delivery_topic': 'arn:aws:sns:....', 'forwarding_enabled': False, 'headers_in_bounce_notifications_enabled': True, 'headers_in_complaint_notifications_enabled': True, 'headers_in_delivery_notifications_enabled': True}
    + - -   - + +   +
    bounce_topic
    string -
    - + + -
    The ARN of the topic bounce notifications are delivered to.
    -
    Omitted if bounce notifications are not delivered to a topic.
    -
    - - - -   - +
    The ARN of the topic bounce notifications are delivered to.
    +
    Omitted if bounce notifications are not delivered to a topic.
    +
    + + + +   +
    complaint_topic
    string -
    - + + -
    The ARN of the topic complaint notifications are delivered to.
    -
    Omitted if complaint notifications are not delivered to a topic.
    -
    - - - -   - +
    The ARN of the topic complaint notifications are delivered to.
    +
    Omitted if complaint notifications are not delivered to a topic.
    +
    + + + +   +
    delivery_topic
    string -
    - + + -
    The ARN of the topic delivery notifications are delivered to.
    -
    Omitted if delivery notifications are not delivered to a topic.
    -
    - - - -   - +
    The ARN of the topic delivery notifications are delivered to.
    +
    Omitted if delivery notifications are not delivered to a topic.
    +
    + + + +   +
    forwarding_enabled
    boolean -
    - + + -
    Whether or not feedback forwarding is enabled.
    -
    - +
    Whether or not feedback forwarding is enabled.
    +
    + - -   - + +   +
    headers_in_bounce_notifications_enabled
    boolean -
    - + + -
    Whether or not headers are included in messages delivered to the bounce topic.
    -
    - +
    Whether or not headers are included in messages delivered to the bounce topic.
    +
    + - -   - + +   +
    headers_in_complaint_notifications_enabled
    boolean -
    - + + -
    Whether or not headers are included in messages delivered to the complaint topic.
    -
    - +
    Whether or not headers are included in messages delivered to the complaint topic.
    +
    + - -   - + +   +
    headers_in_delivery_notifications_enabled
    boolean -
    - + + -
    Whether or not headers are included in messages delivered to the delivery topic.
    -
    - +
    Whether or not headers are included in messages delivered to the delivery topic.
    +
    + - - - + + +
    verification_attributes
    complex -
    - + + success -
    The verification information for the identity.
    -
    -
    Sample:
    -
    {'verification_status': 'Pending', 'verification_token': '....'}
    - +
    The verification information for the identity.
    +
    +
    Sample:
    +
    {'verification_status': 'Pending', 'verification_token': '....'}
    + - -   - + +   +
    verification_status
    string -
    - + + -
    The verification status of the identity.
    -
    -
    Sample:
    -
    Pending
    - - - -   - +
    The verification status of the identity.
    +
    +
    Sample:
    +
    Pending
    + + + +   +
    verification_token
    string -
    - + + -
    The verification token for a domain identity.
    -
    - +
    The verification token for a domain identity.
    +
    + - - + +

    @@ -734,5 +751,3 @@ Authors ~~~~~~~ - Ed Costello (@orthanc) - - diff --git a/docs/community.aws.aws_ses_identity_policy_module.rst b/docs/community.aws.aws_ses_identity_policy_module.rst index 042a9fd97d8..0404b1a3526 100644 --- a/docs/community.aws.aws_ses_identity_policy_module.rst +++ b/docs/community.aws.aws_ses_identity_policy_module.rst @@ -38,226 +38,245 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    identity
    string - / required
    -     		- -
    The SES identity to attach or remove a policy from. This can be either the full ARN or just + / required
    +     		+ +
    The SES identity to attach or remove a policy from. This can be either the full ARN or just the verified email or domain.
    -
    +
    policy
    json -
    -     		- -
    A properly formatted JSON sending authorization policy. Required when state=present.
    -     		+ +
    A properly formatted JSON sending authorization policy. Required when state=present.
    +
    +
    policy_name
    string - / required
    -     		- -
    The name used to identify the policy within the scope of the identity it's attached to.
    -     		+ +
    The name used to identify the policy within the scope of the identity it's attached to.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create(or update) or delete the authorization policy on the identity.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create(or update) or delete the authorization policy on the identity.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -265,7 +284,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -276,7 +295,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: add sending authorization policy to domain identity @@ -308,7 +326,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -321,24 +338,24 @@ Common return values are documented `here Returned Description - - + +
    policies
    list -
    - + + success -
    A list of all policies present on the identity after the operation.
    -
    -
    Sample:
    -
    ['ExamplePolicy']
    - +
    A list of all policies present on the identity after the operation.
    +
    +
    Sample:
    +
    ['ExamplePolicy']
    + - +

    @@ -350,5 +367,3 @@ Authors ~~~~~~~ - Ed Costello (@orthanc) - - diff --git a/docs/community.aws.aws_ses_rule_set_module.rst b/docs/community.aws.aws_ses_rule_set_module.rst index cfc2787d270..ff95e898d93 100644 --- a/docs/community.aws.aws_ses_rule_set_module.rst +++ b/docs/community.aws.aws_ses_rule_set_module.rst @@ -37,236 +37,255 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    active
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not this rule set should be the active rule set. Only has an impact if state is present.
    -
    If omitted, the active rule set will not be changed.
    -
    If True then this rule set will be made active and all others inactive.
    -
    if False then this rule set will be deactivated. Be careful with this as you can end up with no active rule set.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not this rule set should be the active rule set. Only has an impact if state is present.
    +
    If omitted, the active rule set will not be changed.
    +
    If True then this rule set will be made active and all others inactive.
    +
    if False then this rule set will be deactivated. Be careful with this as you can end up with no active rule set.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    force
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When deleting a rule set, deactivate it first (AWS prevents deletion of the active rule set).
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When deleting a rule set, deactivate it first (AWS prevents deletion of the active rule set).
    +
    +
    name
    string - / required
    -     		- -
    The name of the receipt rule set.
    -     		+ +
    The name of the receipt rule set.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    Whether to create (or update) or destroy the receipt rule set.
    -     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    Whether to create (or update) or destroy the receipt rule set.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -274,7 +293,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -285,7 +304,6 @@ Examples .. code-block:: yaml+jinja - # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. --- @@ -319,7 +337,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -332,41 +349,41 @@ Common return values are documented `here Returned Description - - + +
    active
    boolean -
    - + + success if state is present -
    if the SES rule set is active
    -
    -
    Sample:
    -
    True
    - +
    if the SES rule set is active
    +
    +
    Sample:
    +
    True
    + - - + +
    rule_sets
    list -
    - + + success -
    The list of SES receipt rule sets that exist after any changes.
    -
    -
    Sample:
    -
    [{'created_timestamp': '2018-02-25T01:20:32.690000+00:00', 'name': 'default-rule-set'}]
    - +
    The list of SES receipt rule sets that exist after any changes.
    +
    +
    Sample:
    +
    [{'created_timestamp': '2018-02-25T01:20:32.690000+00:00', 'name': 'default-rule-set'}]
    + - +

    @@ -379,5 +396,3 @@ Authors - Ben Tomasik (@tomislacker) - Ed Costello (@orthanc) - - diff --git a/docs/community.aws.aws_sgw_info_module.rst b/docs/community.aws.aws_sgw_info_module.rst index c3bdc5d002f..628f900e2cc 100644 --- a/docs/community.aws.aws_sgw_info_module.rst +++ b/docs/community.aws.aws_sgw_info_module.rst @@ -37,237 +37,256 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    gather_file_shares
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather file share information for storage gateways in s3 mode.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather file share information for storage gateways in s3 mode.
    +
    +
    gather_local_disks
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather local disks attached to the storage gateway.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather local disks attached to the storage gateway.
    +
    +
    gather_tapes
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather tape information for storage gateways in tape mode.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather tape information for storage gateways in tape mode.
    +
    +
    gather_volumes
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Gather volume information for storage gateways in iSCSI (cached & stored) modes.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Gather volume information for storage gateways in iSCSI (cached & stored) modes.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -275,7 +294,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -286,7 +305,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: "Get AWS storage gateway information" @@ -298,7 +316,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -311,411 +328,411 @@ Common return values are documented `here Returned Description - - + +
    gateways
    complex -
    - + + always -
    list of gateway objects
    -
    - +
    list of gateway objects
    +
    + - -   - + +   +
    file_shares
    complex -
    - + + when gateway_type == "FILE_S3" -
    Storage gateway file shares
    -
    - +
    Storage gateway file shares
    +
    + - -   -   - + +   +   +
    file_share_arn
    string -
    - + + always -
    File share ARN
    -
    -
    Sample:
    -
    arn:aws:storagegateway:eu-west-1:399805793479:share/share-AF999C88
    - - - -   -   - +
    File share ARN
    +
    +
    Sample:
    +
    arn:aws:storagegateway:eu-west-1:399805793479:share/share-AF999C88
    + + + +   +   +
    file_share_id
    string -
    - + + always -
    File share ID
    -
    -
    Sample:
    -
    share-AF999C88
    - - - -   -   - +
    File share ID
    +
    +
    Sample:
    +
    share-AF999C88
    + + + +   +   +
    file_share_status
    string -
    - + + always -
    File share status
    -
    -
    Sample:
    -
    AVAILABLE
    - +
    File share status
    +
    +
    Sample:
    +
    AVAILABLE
    + - - -   - + + +   +
    gateway_arn
    string -
    - + + always -
    Storage Gateway ARN
    -
    -
    Sample:
    -
    arn:aws:storagegateway:eu-west-1:367709993819:gateway/sgw-9999F888
    - - - -   - +
    Storage Gateway ARN
    +
    +
    Sample:
    +
    arn:aws:storagegateway:eu-west-1:367709993819:gateway/sgw-9999F888
    + + + +   +
    gateway_id
    string -
    - + + always -
    Storage Gateway ID
    -
    -
    Sample:
    -
    sgw-9999F888
    - - - -   - +
    Storage Gateway ID
    +
    +
    Sample:
    +
    sgw-9999F888
    + + + +   +
    gateway_name
    string -
    - + + always -
    Storage Gateway friendly name
    -
    -
    Sample:
    -
    my-sgw-01
    - - - -   - +
    Storage Gateway friendly name
    +
    +
    Sample:
    +
    my-sgw-01
    + + + +   +
    gateway_operational_state
    string -
    - + + always -
    Storage Gateway operational state
    -
    -
    Sample:
    -
    ACTIVE
    - - - -   - +
    Storage Gateway operational state
    +
    +
    Sample:
    +
    ACTIVE
    + + + +   +
    gateway_type
    string -
    - + + always -
    Storage Gateway type
    -
    -
    Sample:
    -
    FILE_S3
    - - - -   - +
    Storage Gateway type
    +
    +
    Sample:
    +
    FILE_S3
    + + + +   +
    local_disks
    complex -
    - + + always -
    Storage gateway local disks
    -
    - +
    Storage gateway local disks
    +
    + - -   -   - + +   +   +
    disk_allocation_type
    string -
    - + + always -
    Disk allocation type
    -
    -
    Sample:
    -
    CACHE STORAGE
    - - - -   -   - +
    Disk allocation type
    +
    +
    Sample:
    +
    CACHE STORAGE
    + + + +   +   +
    disk_id
    string -
    - + + always -
    Disk ID on the system
    -
    -
    Sample:
    -
    pci-0000:00:1f.0
    - - - -   -   - +
    Disk ID on the system
    +
    +
    Sample:
    +
    pci-0000:00:1f.0
    + + + +   +   +
    disk_node
    string -
    - + + always -
    Disk parent block device
    -
    -
    Sample:
    -
    /dev/sdb
    - - - -   -   - +
    Disk parent block device
    +
    +
    Sample:
    +
    /dev/sdb
    + + + +   +   +
    disk_path
    string -
    - + + always -
    Disk path used for the cache
    -
    -
    Sample:
    -
    /dev/nvme1n1
    - - - -   -   - +
    Disk path used for the cache
    +
    +
    Sample:
    +
    /dev/nvme1n1
    + + + +   +   +
    disk_size_in_bytes
    integer -
    - + + always -
    Disk size in bytes
    -
    -
    Sample:
    -
    107374182400
    - - - -   -   - +
    Disk size in bytes
    +
    +
    Sample:
    +
    107374182400
    + + + +   +   +
    disk_status
    string -
    - + + always -
    Disk status
    -
    -
    Sample:
    -
    present
    - +
    Disk status
    +
    +
    Sample:
    +
    present
    + - - -   - + + +   +
    tapes
    complex -
    - + + when gateway_type == "VTL" -
    Storage Gateway tapes
    -
    - +
    Storage Gateway tapes
    +
    + - -   -   - + +   +   +
    tape_arn
    string -
    - + + always -
    Tape ARN
    -
    -
    Sample:
    -
    arn:aws:storagegateway:eu-west-1:399805793479:tape/tape-AF999C88
    - - - -   -   - +
    Tape ARN
    +
    +
    Sample:
    +
    arn:aws:storagegateway:eu-west-1:399805793479:tape/tape-AF999C88
    + + + +   +   +
    tape_barcode
    string -
    - + + always -
    Tape ARN
    -
    -
    Sample:
    -
    tape-AF999C88
    - - - -   -   - +
    Tape ARN
    +
    +
    Sample:
    +
    tape-AF999C88
    + + + +   +   +
    tape_size_in_bytes
    integer -
    - + + always -
    Tape ARN
    -
    -
    Sample:
    -
    555887569
    - - - -   -   - +
    Tape ARN
    +
    +
    Sample:
    +
    555887569
    + + + +   +   +
    tape_status
    string -
    - + + always -
    Tape ARN
    -
    -
    Sample:
    -
    AVAILABLE
    - +
    Tape ARN
    +
    +
    Sample:
    +
    AVAILABLE
    + - - - + + +

    @@ -727,5 +744,3 @@ Authors ~~~~~~~ - Loic Blot (@nerzhul) - - diff --git a/docs/community.aws.aws_ssm_connection.rst b/docs/community.aws.aws_ssm_connection.rst index 0b49d10c44f..83d87eef8ef 100644 --- a/docs/community.aws.aws_ssm_connection.rst +++ b/docs/community.aws.aws_ssm_connection.rst @@ -22,7 +22,7 @@ Synopsis Requirements ------------ -The below requirements are needed on the local master node that executes this connection. +The below requirements are needed on the local Ansible controller node that executes this connection. - The remote EC2 instance must be running the AWS Systems Manager Agent (SSM Agent). - The control machine must have the aws session manager plugin installed. @@ -35,125 +35,125 @@ Parameters .. raw:: html - + - - + + - - + - - - + + + + + - - + - - - + + + + + - - + - - - + + + + + - - + - - - + + + + + - - + - - - + + + + + - - + - - - + + + + + -
    Parameter Choices/DefaultsConfigurationCommentsConfigurationComments
    +
    bucket_name
    - -
    -     		- -
    var: ansible_aws_ssm_bucket_name
    -     		-
    The name of the S3 bucket used for file transfers.
    -     		+ +
    var: ansible_aws_ssm_bucket_name
    +     		+
    The name of the S3 bucket used for file transfers.
    +
    +
    instance_id
    - -
    -     		- -
    var: ansible_aws_ssm_instance_id
    -     		-
    The EC2 instance ID.
    -     		+ +
    var: ansible_aws_ssm_instance_id
    +     		+
    The EC2 instance ID.
    +
    +
    plugin
    - -
    -     		- Default:
    "/usr/local/bin/session-manager-plugin"
    -     		-
    var: ansible_aws_ssm_plugin
    -     		-
    This defines the location of the session-manager-plugin binary.
    -     		+ Default:
    "/usr/local/bin/session-manager-plugin"
    +     		+
    var: ansible_aws_ssm_plugin
    +     		+
    This defines the location of the session-manager-plugin binary.
    +
    +
    region
    - -
    -     		- Default:
    "us-east-1"
    -     		-
    var: ansible_aws_ssm_region
    -     		-
    The region the EC2 instance is located.
    -     		+ Default:
    "us-east-1"
    +     		+
    var: ansible_aws_ssm_region
    +     		+
    The region the EC2 instance is located.
    +
    +
    retries
    integer -
    -     		- Default:
    3
    -     		-
    var: ansible_aws_ssm_retries
    -     		-
    Number of attempts to connect.
    -     		+ Default:
    3
    +     		+
    var: ansible_aws_ssm_retries
    +     		+
    Number of attempts to connect.
    +
    +
    timeout
    integer -
    -     		- Default:
    60
    -     		-
    var: ansible_aws_ssm_timeout
    -     		-
    Connection timeout seconds.
    -     		+ Default:
    60
    +     		+
    var: ansible_aws_ssm_timeout
    +     		+
    Connection timeout seconds.
    +
    +
    @@ -164,8 +164,6 @@ Examples .. code-block:: yaml+jinja - - # Stop Spooler Process on Windows Instances - name: Stop Spooler Service on Windows Instances vars: @@ -258,7 +256,6 @@ Examples - Status ------ diff --git a/docs/community.aws.aws_ssm_parameter_store_module.rst b/docs/community.aws.aws_ssm_parameter_store_module.rst index 11ce603445f..61ecc63feda 100644 --- a/docs/community.aws.aws_ssm_parameter_store_module.rst +++ b/docs/community.aws.aws_ssm_parameter_store_module.rst @@ -37,302 +37,321 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    decryption
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Work with SecureString type to get plain text secrets
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Work with SecureString type to get plain text secrets
    +
    +
    description
    string -
    -     		- -
    Parameter key description.
    -     		+ +
    Parameter key description.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    key_id
    string -
    -     		- Default:
    "alias/aws/ssm"
    -     		-
    AWS KMS key to decrypt the secrets.
    -
    The default key (alias/aws/ssm) is automatically generated the first time it's requested.
    -     		+ Default:
    "alias/aws/ssm"
    +     		+
    AWS KMS key to decrypt the secrets.
    +
    The default key (alias/aws/ssm) is automatically generated the first time it's requested.
    +
    +
    name
    string - / required
    -     		- -
    Parameter key name.
    -     		+ +
    Parameter key name.
    +
    +
    overwrite_value
    string -
    -     		-
      Choices: -
    • never
      • -
    • changed ←
      • -
    • always
      • -
    -     		-
    Option to overwrite an existing value if it already exists.
    -     		+
      Choices: +
    • never
      • +
    • changed ←
      • +
    • always
      • +
    +     		+
    Option to overwrite an existing value if it already exists.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Creates or modifies an existing parameter.
    -
    Deletes a parameter.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Creates or modifies an existing parameter.
    +
    Deletes a parameter.
    +
    +
    string_type
    string -
    -     		-
      Choices: -
    • String ←
      • -
    • StringList
      • -
    • SecureString
      • -
    -     		-
    Parameter String type.
    -     		+
      Choices: +
    • String ←
      • +
    • StringList
      • +
    • SecureString
      • +
    +     		+
    Parameter String type.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    value
    string -
    -     		- -
    Parameter value.
    -     		+ +
    Parameter value.
    +
    +
    @@ -340,7 +359,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -351,7 +370,6 @@ Examples .. code-block:: yaml+jinja - - name: Create or update key/value pair in aws parameter store community.aws.aws_ssm_parameter_store: name: "Hello" @@ -387,12 +405,11 @@ Examples overwrite_value: "always" - name: recommend to use with aws_ssm lookup plugin - debug: + ansible.builtin.debug: msg: "{{ lookup('amazon.aws.aws_ssm', 'hello') }}" - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -405,37 +422,37 @@ Common return values are documented `here Returned Description - - + +
    delete_parameter
    dictionary -
    - + + success -
    Delete a parameter from the system.
    -
    - +
    Delete a parameter from the system.
    +
    + - - + +
    put_parameter
    dictionary -
    - + + success -
    Add one or more parameters to the system.
    -
    - +
    Add one or more parameters to the system.
    +
    + - +

    @@ -449,5 +466,3 @@ Authors - Nathan Webster (@nathanwebsterdotme) - Bill Wang (@ozbillwang) - Michael De La Rue (@mikedlr) - - diff --git a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst index 05c37eeceeb..c739e85b155 100644 --- a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst +++ b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst @@ -35,273 +35,292 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    action
    string -
    -     		-
      Choices: -
    • start ←
      • -
    • stop
      • -
    -     		-
    Desired action (start or stop) for a state machine execution.
    -     		+
      Choices: +
    • start ←
      • +
    • stop
      • +
    +     		+
    Desired action (start or stop) for a state machine execution.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cause
    string -
    -     		- Default:
    ""
    -     		-
    A detailed explanation of the cause for stopping the execution.
    -     		+ Default:
    ""
    +     		+
    A detailed explanation of the cause for stopping the execution.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    error
    string -
    -     		- Default:
    ""
    -     		-
    The error code of the failure to pass in when stopping the execution.
    -     		+ Default:
    ""
    +     		+
    The error code of the failure to pass in when stopping the execution.
    +
    +
    execution_arn
    string -
    -     		- -
    The ARN of the execution you wish to stop.
    -     		+ +
    The ARN of the execution you wish to stop.
    +
    +
    execution_input
    json -
    -     		- Default:
    {}
    -     		-
    The JSON input data for the execution.
    -     		+ Default:
    {}
    +     		+
    The JSON input data for the execution.
    +
    +
    name
    string -
    -     		- -
    Name of the execution.
    -     		+ +
    Name of the execution.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state_machine_arn
    string -
    -     		- -
    The ARN of the state machine that will be executed.
    -     		+ +
    The ARN of the state machine that will be executed.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -309,7 +328,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -320,7 +339,6 @@ Examples .. code-block:: yaml+jinja - - name: Start an execution of a state machine community.aws.aws_step_functions_state_machine_execution: name: an_execution_name @@ -336,7 +354,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -349,58 +366,58 @@ Common return values are documented `here Returned Description - - + +
    execution_arn
    string -
    - + + if action == start and changed == True -
    ARN of the AWS Step Functions state machine execution.
    -
    -
    Sample:
    -
    arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8
    - +
    ARN of the AWS Step Functions state machine execution.
    +
    +
    Sample:
    +
    arn:aws:states:us-west-2:682285639423:execution:HelloWorldStateMachineCopy:a1e8e2b5-5dfe-d40e-d9e3-6201061047c8
    + - - + +
    start_date
    string -
    - + + if action == start and changed == True -
    The date the execution is started.
    -
    -
    Sample:
    -
    2019-11-02T22:39:49.071000-07:00
    - +
    The date the execution is started.
    +
    +
    Sample:
    +
    2019-11-02T22:39:49.071000-07:00
    + - - + +
    stop_date
    string -
    - + + if action == stop -
    The date the execution is stopped.
    -
    -
    Sample:
    -
    2019-11-02T22:39:49.071000-07:00
    - +
    The date the execution is stopped.
    +
    +
    Sample:
    +
    2019-11-02T22:39:49.071000-07:00
    + - +

    @@ -412,5 +429,3 @@ Authors ~~~~~~~ - Prasad Katti (@prasadkatti) - - diff --git a/docs/community.aws.aws_step_functions_state_machine_module.rst b/docs/community.aws.aws_step_functions_state_machine_module.rst index 2d328f29b1a..dff3042b9aa 100644 --- a/docs/community.aws.aws_step_functions_state_machine_module.rst +++ b/docs/community.aws.aws_step_functions_state_machine_module.rst @@ -36,261 +36,280 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    definition
    json -
    -     		- -
    The Amazon States Language definition of the state machine. See https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information on the Amazon States Language.
    -
    This parameter is required when state=present.
    -     		+ +
    The Amazon States Language definition of the state machine. See https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html for more information on the Amazon States Language.
    +
    This parameter is required when state=present.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Name of the state machine
    -     		+ +
    Name of the state machine
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string -
    -     		- -
    The ARN of the IAM Role that will be used by the state machine for its executions.
    -
    This parameter is required when state=present.
    -     		+ +
    The ARN of the IAM Role that will be used by the state machine for its executions.
    +
    This parameter is required when state=present.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Desired state for the state machine
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Desired state for the state machine
    +
    +
    tags
    dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new state machine or to add/remove from an existing one.
    -     		+ +
    A hash/dictionary of tags to add to the new state machine or to add/remove from an existing one.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -298,7 +317,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -309,7 +328,6 @@ Examples .. code-block:: yaml+jinja - # Create a new AWS Step Functions state machine - name: Setup HelloWorld state machine community.aws.aws_step_functions_state_machine: @@ -336,7 +354,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -349,22 +366,22 @@ Common return values are documented `here Returned Description - - + +
    state_machine_arn
    string -
    - + + always -
    ARN of the AWS Step Functions state machine
    -
    - +
    ARN of the AWS Step Functions state machine
    +
    + - +

    @@ -376,5 +393,3 @@ Authors ~~~~~~~ - Tom De Keyser (@tdekeyser) - - diff --git a/docs/community.aws.aws_waf_condition_module.rst b/docs/community.aws.aws_waf_condition_module.rst index daad2ff6c8f..4fe42e72fd5 100644 --- a/docs/community.aws.aws_waf_condition_module.rst +++ b/docs/community.aws.aws_waf_condition_module.rst @@ -35,518 +35,537 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    list - / elements=dictionary
    -     		- -
    A list of the filters against which to match.
    -
    For type=byte, valid keys are field_to_match, position, header, transformation and target_string.
    -
    For type=geo, the only valid key is country.
    -
    For type=ip, the only valid key is ip_address.
    -
    For type=regex, valid keys are field_to_match, transformation and regex_pattern.
    -
    For type=size, valid keys are field_to_match, transformation, comparison and size.
    -
    For type=sql, valid keys are field_to_match and transformation.
    -
    For type=xss, valid keys are field_to_match and transformation.
    -
    Required when state=present.
    -
    + / elements=dictionary + + +
    A list of the filters against which to match.
    +
    For type=byte, valid keys are field_to_match, position, header, transformation and target_string.
    +
    For type=geo, the only valid key is country.
    +
    For type=ip, the only valid key is ip_address.
    +
    For type=regex, valid keys are field_to_match, transformation and regex_pattern.
    +
    For type=size, valid keys are field_to_match, transformation, comparison and size.
    +
    For type=sql, valid keys are field_to_match and transformation.
    +
    For type=xss, valid keys are field_to_match and transformation.
    +
    Required when state=present.
    +
    comparison
    string -
    -     		-
      Choices: -
    • EQ
      • -
    • NE
      • -
    • LE
      • -
    • LT
      • -
    • GE
      • -
    • GT
      • -
    -     		-
    What type of comparison to perform.
    -
    Only valid key when type=size.
    -     		+
      Choices: +
    • EQ
      • +
    • NE
      • +
    • LE
      • +
    • LT
      • +
    • GE
      • +
    • GT
      • +
    +     		+
    What type of comparison to perform.
    +
    Only valid key when type=size.
    +
    +
    country
    string -
    -     		- -
    Value of geo constraint (typically a two letter country code).
    -
    The only valid key when type=geo.
    -     		+ +
    Value of geo constraint (typically a two letter country code).
    +
    The only valid key when type=geo.
    +
    +
    field_to_match
    string -
    -     		-
      Choices: -
    • uri
      • -
    • query_string
      • -
    • header
      • -
    • method
      • -
    • body
      • -
    -     		-
    The field upon which to perform the match.
    -
    Valid when type=byte, type=regex, type=sql or type=xss.
    -     		+
      Choices: +
    • uri
      • +
    • query_string
      • +
    • header
      • +
    • method
      • +
    • body
      • +
    +     		+
    The field upon which to perform the match.
    +
    Valid when type=byte, type=regex, type=sql or type=xss.
    +
    +
    header
    string -
    -     		- -
    Which specific header should be matched.
    -
    Required when field_to_match=header.
    -
    Valid when type=byte.
    -
    + + + +
    Which specific header should be matched.
    +
    Required when field_to_match=header.
    +
    Valid when type=byte.
    +
    ip_address
    string -
    -     		- -
    An IP Address or CIDR to match.
    -
    The only valid key when type=ip.
    -     		+ +
    An IP Address or CIDR to match.
    +
    The only valid key when type=ip.
    +
    +
    position
    string -
    -     		-
      Choices: -
    • exactly
      • -
    • starts_with
      • -
    • ends_with
      • -
    • contains
      • -
    • contains_word
      • -
    -     		-
    Where in the field the match needs to occur.
    -
    Only valid when type=byte.
    -     		+
      Choices: +
    • exactly
      • +
    • starts_with
      • +
    • ends_with
      • +
    • contains
      • +
    • contains_word
      • +
    +     		+
    Where in the field the match needs to occur.
    +
    Only valid when type=byte.
    +
    +
    regex_pattern
    dictionary -
    -     		- -
    A dict describing the regular expressions used to perform the match.
    -
    Only valid when type=regex.
    -
    + + + +
    A dict describing the regular expressions used to perform the match.
    +
    Only valid when type=regex.
    +
    name
    string -
    -     		- -
    A name to describe the set of patterns.
    -     		+ +
    A name to describe the set of patterns.
    +
    +
    regex_strings
    list - / elements=string
    -     		- -
    A list of regular expressions to match.
    -
    + / elements=string + + +
    A list of regular expressions to match.
    +
    size
    integer -
    -     		- -
    The size of the field (in bytes).
    -
    Only valid key when type=size.
    -     		+ +
    The size of the field (in bytes).
    +
    Only valid key when type=size.
    +
    +
    target_string
    string -
    -     		- -
    The string to search for.
    -
    May be up to 50 bytes.
    -
    Valid when type=byte.
    -
    + + + +
    The string to search for.
    +
    May be up to 50 bytes.
    +
    Valid when type=byte.
    +
    transformation
    string -
    -     		-
      Choices: -
    • none
      • -
    • compress_white_space
      • -
    • html_entity_decode
      • -
    • lowercase
      • -
    • cmd_line
      • -
    • url_decode
      • -
    -     		-
    A transform to apply on the field prior to performing the match.
    -
    Valid when type=byte, type=regex, type=sql or type=xss.
    -
    + + +
      Choices: +
    • none
      • +
    • compress_white_space
      • +
    • html_entity_decode
      • +
    • lowercase
      • +
    • cmd_line
      • +
    • url_decode
      • +
    +     		+
    A transform to apply on the field prior to performing the match.
    +
    Valid when type=byte, type=regex, type=sql or type=xss.
    +
    name
    string - / required
    -     		- -
    Name of the Web Application Firewall condition to manage.
    -     		+ +
    Name of the Web Application Firewall condition to manage.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_filters
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove existing filters from a condition if not passed in filters.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove existing filters from a condition if not passed in filters.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the condition should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the condition should be present or absent.
    +
    +
    type
    string - / required
    -     		-
      Choices: -
    • byte
      • -
    • geo
      • -
    • ip
      • -
    • regex
      • -
    • size
      • -
    • sql
      • -
    • xss
      • -
    -     		-
    The type of matching to perform.
    -     		+
      Choices: +
    • byte
      • +
    • geo
      • +
    • ip
      • +
    • regex
      • +
    • size
      • +
    • sql
      • +
    • xss
      • +
    +     		+
    The type of matching to perform.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    waf_regional
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use waf-regional module.
    -
    + + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    + + +
    Whether to use waf-regional module.
    + + +
    @@ -554,7 +573,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -565,8 +584,7 @@ Examples .. code-block:: yaml+jinja - - - name: create WAF byte condition + - name: create WAF byte condition community.aws.aws_waf_condition: name: my_byte_condition filters: @@ -633,8 +651,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -647,780 +663,780 @@ Common return values are documented `here Returned Description - - + +
    condition
    complex -
    - + + always -
    Condition returned by operation.
    -
    - +
    Condition returned by operation.
    +
    + - -   - + +   +
    byte_match_set_id
    string -
    - + + always -
    ID for byte match set.
    -
    -
    Sample:
    -
    c4882c96-837b-44a2-a762-4ea87dbf812b
    - - - -   - +
    ID for byte match set.
    +
    +
    Sample:
    +
    c4882c96-837b-44a2-a762-4ea87dbf812b
    + + + +   +
    byte_match_tuples
    complex -
    - + + always -
    List of byte match tuples.
    -
    - +
    List of byte match tuples.
    +
    + - -   -   - + +   +   +
    field_to_match
    complex -
    - + + always -
    Field to match.
    -
    - +
    Field to match.
    +
    + - -   -   -   - + +   +   +   +
    data
    string -
    - + + -
    Which specific header (if type is header).
    -
    -
    Sample:
    -
    content-type
    - - - -   -   -   - +
    Which specific header (if type is header).
    +
    +
    Sample:
    +
    content-type
    + + + +   +   +   +
    type
    string -
    - + + -
    Type of field
    -
    -
    Sample:
    -
    HEADER
    - - - - -   -   - +
    Type of field
    +
    +
    Sample:
    +
    HEADER
    + + + + +   +   +
    positional_constraint
    string -
    - + + -
    Position in the field to match.
    -
    -
    Sample:
    -
    STARTS_WITH
    - - - -   -   - +
    Position in the field to match.
    +
    +
    Sample:
    +
    STARTS_WITH
    + + + +   +   +
    target_string
    string -
    - + + -
    String to look for.
    -
    -
    Sample:
    -
    Hello
    - - - -   -   - +
    String to look for.
    +
    +
    Sample:
    +
    Hello
    + + + +   +   +
    text_transformation
    string -
    - + + -
    Transformation to apply to the field before matching.
    -
    -
    Sample:
    -
    NONE
    - +
    Transformation to apply to the field before matching.
    +
    +
    Sample:
    +
    NONE
    + - - -   - + + +   +
    condition_id
    string -
    - + + when state is present -
    Type-agnostic ID for the condition.
    -
    -
    Sample:
    -
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    - - - -   - +
    Type-agnostic ID for the condition.
    +
    +
    Sample:
    +
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    + + + +   +
    geo_match_constraints
    complex -
    - + + when type is geo and state is present -
    List of geographical constraints.
    -
    - +
    List of geographical constraints.
    +
    + - -   -   - + +   +   +
    type
    string -
    - + + -
    Type of geo constraint.
    -
    -
    Sample:
    -
    Country
    - - - -   -   - +
    Type of geo constraint.
    +
    +
    Sample:
    +
    Country
    + + + +   +   +
    value
    string -
    - + + -
    Value of geo constraint (typically a country code).
    -
    -
    Sample:
    -
    AT
    - +
    Value of geo constraint (typically a country code).
    +
    +
    Sample:
    +
    AT
    + - - -   - + + +   +
    geo_match_set_id
    string -
    - + + when type is geo and state is present -
    ID of the geo match set.
    -
    -
    Sample:
    -
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    - - - -   - +
    ID of the geo match set.
    +
    +
    Sample:
    +
    dd74b1ff-8c06-4a4f-897a-6b23605de413
    + + + +   +
    ip_set_descriptors
    complex -
    - + + when type is ip and state is present -
    list of IP address filters
    -
    - +
    list of IP address filters
    +
    + - -   -   - + +   +   +
    type
    string -
    - + + always -
    Type of IP address (IPV4 or IPV6).
    -
    -
    Sample:
    -
    IPV4
    - - - -   -   - +
    Type of IP address (IPV4 or IPV6).
    +
    +
    Sample:
    +
    IPV4
    + + + +   +   +
    value
    string -
    - + + always -
    IP address.
    -
    -
    Sample:
    -
    10.0.0.0/8
    - +
    IP address.
    +
    +
    Sample:
    +
    10.0.0.0/8
    + - - -   - + + +   +
    ip_set_id
    string -
    - + + when type is ip and state is present -
    ID of condition.
    -
    -
    Sample:
    -
    78ad334a-3535-4036-85e6-8e11e745217b
    - - - -   - +
    ID of condition.
    +
    +
    Sample:
    +
    78ad334a-3535-4036-85e6-8e11e745217b
    + + + +   +
    name
    string -
    - + + when state is present -
    Name of condition.
    -
    -
    Sample:
    -
    my_waf_condition
    - - - -   - +
    Name of condition.
    +
    +
    Sample:
    +
    my_waf_condition
    + + + +   +
    regex_match_set_id
    string -
    - + + when type is regex and state is present -
    ID of the regex match set.
    -
    -
    Sample:
    -
    5ea3f6a8-3cd3-488b-b637-17b79ce7089c
    - - - -   - +
    ID of the regex match set.
    +
    +
    Sample:
    +
    5ea3f6a8-3cd3-488b-b637-17b79ce7089c
    + + + +   +
    regex_match_tuples
    complex -
    - + + when type is regex and state is present -
    List of regex matches.
    -
    - +
    List of regex matches.
    +
    + - -   -   - + +   +   +
    field_to_match
    complex -
    - + + -
    Field on which the regex match is applied.
    -
    - +
    Field on which the regex match is applied.
    +
    + - -   -   -   - + +   +   +   +
    type
    string -
    - + + when type is regex and state is present -
    The field name.
    -
    -
    Sample:
    -
    QUERY_STRING
    - - - - -   -   - +
    The field name.
    +
    +
    Sample:
    +
    QUERY_STRING
    + + + + +   +   +
    regex_pattern_set_id
    string -
    - + + -
    ID of the regex pattern.
    -
    -
    Sample:
    -
    6fdf7f2d-9091-445c-aef2-98f3c051ac9e
    - - - -   -   - +
    ID of the regex pattern.
    +
    +
    Sample:
    +
    6fdf7f2d-9091-445c-aef2-98f3c051ac9e
    + + + +   +   +
    text_transformation
    string -
    - + + -
    transformation applied to the text before matching
    -
    -
    Sample:
    -
    NONE
    - +
    transformation applied to the text before matching
    +
    +
    Sample:
    +
    NONE
    + - - -   - + + +   +
    size_constraint_set_id
    string -
    - + + when type is size and state is present -
    ID of the size constraint set.
    -
    -
    Sample:
    -
    de84b4b3-578b-447e-a9a0-0db35c995656
    - - - -   - +
    ID of the size constraint set.
    +
    +
    Sample:
    +
    de84b4b3-578b-447e-a9a0-0db35c995656
    + + + +   +
    size_constraints
    complex -
    - + + when type is size and state is present -
    List of size constraints to apply.
    -
    - +
    List of size constraints to apply.
    +
    + - -   -   - + +   +   +
    comparison_operator
    string -
    - + + -
    Comparison operator to apply.
    -
    -
    Sample:
    -
    GT
    - - - -   -   - +
    Comparison operator to apply.
    +
    +
    Sample:
    +
    GT
    + + + +   +   +
    field_to_match
    complex -
    - + + -
    Field on which the size constraint is applied.
    -
    - +
    Field on which the size constraint is applied.
    +
    + - -   -   -   - + +   +   +   +
    type
    string -
    - + + -
    Field name.
    -
    -
    Sample:
    -
    QUERY_STRING
    - - - - -   -   - +
    Field name.
    +
    +
    Sample:
    +
    QUERY_STRING
    + + + + +   +   +
    size
    integer -
    - + + -
    Size to compare against the field.
    -
    -
    Sample:
    -
    300
    - - - -   -   - +
    Size to compare against the field.
    +
    +
    Sample:
    +
    300
    + + + +   +   +
    text_transformation
    string -
    - + + -
    Transformation applied to the text before matching.
    -
    -
    Sample:
    -
    NONE
    - +
    Transformation applied to the text before matching.
    +
    +
    Sample:
    +
    NONE
    + - - -   - + + +   +
    sql_injection_match_set_id
    string -
    - + + when type is sql and state is present -
    ID of the SQL injection match set.
    -
    -
    Sample:
    -
    de84b4b3-578b-447e-a9a0-0db35c995656
    - - - -   - +
    ID of the SQL injection match set.
    +
    +
    Sample:
    +
    de84b4b3-578b-447e-a9a0-0db35c995656
    + + + +   +
    sql_injection_match_tuples
    complex -
    - + + when type is sql and state is present -
    List of SQL injection match sets.
    -
    - +
    List of SQL injection match sets.
    +
    + - -   -   - + +   +   +
    field_to_match
    complex -
    - + + -
    Field on which the SQL injection match is applied.
    -
    - +
    Field on which the SQL injection match is applied.
    +
    + - -   -   -   - + +   +   +   +
    type
    string -
    - + + -
    Field name.
    -
    -
    Sample:
    -
    QUERY_STRING
    - - - - -   -   - +
    Field name.
    +
    +
    Sample:
    +
    QUERY_STRING
    + + + + +   +   +
    text_transformation
    string -
    - + + -
    Transformation applied to the text before matching.
    -
    -
    Sample:
    -
    URL_DECODE
    - +
    Transformation applied to the text before matching.
    +
    +
    Sample:
    +
    URL_DECODE
    + - - -   - + + +   +
    xss_match_set_id
    string -
    - + + when type is xss and state is present -
    ID of the XSS match set.
    -
    -
    Sample:
    -
    de84b4b3-578b-447e-a9a0-0db35c995656
    - - - -   - +
    ID of the XSS match set.
    +
    +
    Sample:
    +
    de84b4b3-578b-447e-a9a0-0db35c995656
    + + + +   +
    xss_match_tuples
    complex -
    - + + when type is xss and state is present -
    List of XSS match sets.
    -
    - +
    List of XSS match sets.
    +
    + - -   -   - + +   +   +
    field_to_match
    complex -
    - + + -
    Field on which the XSS match is applied.
    -
    - +
    Field on which the XSS match is applied.
    +
    + - -   -   -   - + +   +   +   +
    type
    string -
    - + + -
    Field name
    -
    -
    Sample:
    -
    QUERY_STRING
    - - - - -   -   - +
    Field name
    +
    +
    Sample:
    +
    QUERY_STRING
    + + + + +   +   +
    text_transformation
    string -
    - + + -
    transformation applied to the text before matching.
    -
    -
    Sample:
    -
    URL_DECODE
    - +
    transformation applied to the text before matching.
    +
    +
    Sample:
    +
    URL_DECODE
    + - - - + + +

    @@ -1433,5 +1449,3 @@ Authors - Will Thames (@willthames) - Mike Mochan (@mmochan) - - diff --git a/docs/community.aws.aws_waf_info_module.rst b/docs/community.aws.aws_waf_info_module.rst index 3965f03e249..61c8b7ae285 100644 --- a/docs/community.aws.aws_waf_info_module.rst +++ b/docs/community.aws.aws_waf_info_module.rst @@ -37,195 +37,214 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string -
    -     		- -
    The name of a Web Application Firewall.
    -     		+ +
    The name of a Web Application Firewall.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    waf_regional
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use the waf-regional module.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use the waf-regional module.
    +
    +
    @@ -233,7 +252,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -244,7 +263,6 @@ Examples .. code-block:: yaml+jinja - - name: obtain all WAF information community.aws.aws_waf_info: @@ -259,7 +277,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -272,170 +289,170 @@ Common return values are documented `here Returned Description - - + +
    wafs
    complex -
    - + + success -
    The WAFs that match the passed arguments.
    -
    - +
    The WAFs that match the passed arguments.
    +
    + - -   - + +   +
    default_action
    integer -
    - + + always -
    The action to perform if none of the Rules contained in the WebACL match.
    -
    -
    Sample:
    -
    BLOCK
    - +
    The action to perform if none of the Rules contained in the WebACL match.
    +
    +
    Sample:
    +
    BLOCK
    + - -   - + +   +
    metric_name
    string -
    - + + always -
    A friendly name or description for the metrics for this WebACL.
    -
    -
    Sample:
    -
    test_waf_metric
    - +
    A friendly name or description for the metrics for this WebACL.
    +
    +
    Sample:
    +
    test_waf_metric
    + - -   - + +   +
    name
    string -
    - + + always -
    A friendly name or description of the WebACL.
    -
    -
    Sample:
    -
    test_waf
    - +
    A friendly name or description of the WebACL.
    +
    +
    Sample:
    +
    test_waf
    + - -   - + +   +
    rules
    complex -
    - + + always -
    An array that contains the action for each Rule in a WebACL , the priority of the Rule.
    -
    - +
    An array that contains the action for each Rule in a WebACL , the priority of the Rule.
    +
    + - -   -   - + +   +   +
    action
    string -
    - + + always -
    The action to perform if the Rule matches.
    -
    -
    Sample:
    -
    BLOCK
    - +
    The action to perform if the Rule matches.
    +
    +
    Sample:
    +
    BLOCK
    + - -   -   - + +   +   +
    metric_name
    string -
    - + + always -
    A friendly name or description for the metrics for this Rule.
    -
    -
    Sample:
    -
    ipblockrule
    - +
    A friendly name or description for the metrics for this Rule.
    +
    +
    Sample:
    +
    ipblockrule
    + - -   -   - + +   +   +
    name
    string -
    - + + always -
    A friendly name or description of the Rule.
    -
    -
    Sample:
    -
    ip_block_rule
    - +
    A friendly name or description of the Rule.
    +
    +
    Sample:
    +
    ip_block_rule
    + - -   -   - + +   +   +
    predicates
    list -
    - + + always -
    The Predicates list contains a Predicate for each ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet or XssMatchSet object in a Rule.
    -
    -
    Sample:
    -
    [{'byte_match_set_id': '47b822b5-abcd-1234-faaf-1234567890', 'byte_match_tuples': [{'field_to_match': {'type': 'QUERY_STRING'}, 'positional_constraint': 'STARTS_WITH', 'target_string': 'bobbins', 'text_transformation': 'NONE'}], 'name': 'bobbins', 'negated': False, 'type': 'ByteMatch'}]
    - +
    The Predicates list contains a Predicate for each ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet or XssMatchSet object in a Rule.
    +
    +
    Sample:
    +
    [{'byte_match_set_id': '47b822b5-abcd-1234-faaf-1234567890', 'byte_match_tuples': [{'field_to_match': {'type': 'QUERY_STRING'}, 'positional_constraint': 'STARTS_WITH', 'target_string': 'bobbins', 'text_transformation': 'NONE'}], 'name': 'bobbins', 'negated': False, 'type': 'ByteMatch'}]
    + - - - + + +

    @@ -448,5 +465,3 @@ Authors - Mike Mochan (@mmochan) - Will Thames (@willthames) - - diff --git a/docs/community.aws.aws_waf_rule_module.rst b/docs/community.aws.aws_waf_rule_module.rst index d81a277862b..d90ed10f9c1 100644 --- a/docs/community.aws.aws_waf_rule_module.rst +++ b/docs/community.aws.aws_waf_rule_module.rst @@ -35,327 +35,346 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + / required + + + - - - + + - - + / required + + + - - - + + - - + / required + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    conditions
    list - / elements=dictionary
    -     		- -
    List of conditions used in the rule. community.aws.aws_waf_condition can be used to create new conditions.
    -     		+ +
    List of conditions used in the rule. community.aws.aws_waf_condition can be used to create new conditions.
    +
    +
    condition
    string - / required
    -     		- -
    The name of the condition. The condition must already exist.
    -     		+ +
    The name of the condition. The condition must already exist.
    +
    +
    negated
    boolean - / required
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the condition should be negated.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the condition should be negated.
    +
    +
    type
    string - / required
    -     		-
      Choices: -
    • byte
      • -
    • geo
      • -
    • ip
      • -
    • size
      • -
    • sql
      • -
    • xss
      • -
    -     		-
    The type of rule to match.
    -     		+
      Choices: +
    • byte
      • +
    • geo
      • +
    • ip
      • +
    • size
      • +
    • sql
      • +
    • xss
      • +
    +     		+
    The type of rule to match.
    +
    + +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    metric_name
    string -
    -     		- -
    A friendly name or description for the metrics for the rule.
    -
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    -
    You can't change metric_name after you create the rule.
    -
    Defaults to the same as name with disallowed characters removed.
    -     		+ +
    A friendly name or description for the metrics for the rule.
    +
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    +
    You can't change metric_name after you create the rule.
    +
    Defaults to the same as name with disallowed characters removed.
    +
    +
    name
    string - / required
    -     		- -
    Name of the Web Application Firewall rule.
    -     		+ +
    Name of the Web Application Firewall rule.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_conditions
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to remove conditions that are not passed when updating `conditions`.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to remove conditions that are not passed when updating `conditions`.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the rule should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the rule should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    waf_regional
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use waf-regional module.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use waf-regional module.
    +
    +
    @@ -363,7 +382,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -374,9 +393,7 @@ Examples .. code-block:: yaml+jinja - - - - name: create WAF rule + - name: create WAF rule community.aws.aws_waf_rule: name: my_waf_rule conditions: @@ -397,8 +414,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -411,149 +426,149 @@ Common return values are documented `here Returned Description - - + +
    rule
    complex -
    - + + always -
    WAF rule contents
    -
    - +
    WAF rule contents
    +
    + - -   - + +   +
    metric_name
    string -
    - + + always -
    Metric name for the rule.
    -
    -
    Sample:
    -
    ansibletest1234rule
    - +
    Metric name for the rule.
    +
    +
    Sample:
    +
    ansibletest1234rule
    + - -   - + +   +
    name
    string -
    - + + always -
    Friendly name for the rule.
    -
    -
    Sample:
    -
    ansible-test-1234_rule
    - +
    Friendly name for the rule.
    +
    +
    Sample:
    +
    ansible-test-1234_rule
    + - -   - + +   +
    predicates
    complex -
    - + + always -
    List of conditions used in the rule.
    -
    - +
    List of conditions used in the rule.
    +
    + - -   -   - + +   +   +
    data_id
    string -
    - + + always -
    ID of the condition.
    -
    -
    Sample:
    -
    8251acdb-526c-42a8-92bc-d3d13e584166
    - +
    ID of the condition.
    +
    +
    Sample:
    +
    8251acdb-526c-42a8-92bc-d3d13e584166
    + - -   -   - + +   +   +
    negated
    boolean -
    - + + always -
    Whether the sense of the condition is negated.
    -
    - +
    Whether the sense of the condition is negated.
    +
    + - -   -   - + +   +   +
    type
    string -
    - + + always -
    type of the condition.
    -
    -
    Sample:
    -
    ByteMatch
    - +
    type of the condition.
    +
    +
    Sample:
    +
    ByteMatch
    + - - -   - + + +   +
    rule_id
    string -
    - + + always -
    ID of the WAF rule.
    -
    -
    Sample:
    -
    15de0cbc-9204-4e1f-90e6-69b2f415c261
    - +
    ID of the WAF rule.
    +
    +
    Sample:
    +
    15de0cbc-9204-4e1f-90e6-69b2f415c261
    + - - + +

    @@ -566,5 +581,3 @@ Authors - Mike Mochan (@mmochan) - Will Thames (@willthames) - - diff --git a/docs/community.aws.aws_waf_web_acl_module.rst b/docs/community.aws.aws_waf_web_acl_module.rst index 3412fb29f51..0a6c11d9ef8 100644 --- a/docs/community.aws.aws_waf_web_acl_module.rst +++ b/docs/community.aws.aws_waf_web_acl_module.rst @@ -35,355 +35,374 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + / required + + + - - - + + - - + / required + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    default_action
    string -
    -     		-
      Choices: -
    • block
      • -
    • allow
      • -
    • count
      • -
    -     		-
    The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL.
    -     		+
      Choices: +
    • block
      • +
    • allow
      • +
    • count
      • +
    +     		+
    The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the Rule objects that are associated with the WebACL.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    metric_name
    string -
    -     		- -
    A friendly name or description for the metrics for this WebACL.
    -
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    -
    You can't change metric_name after you create the WebACL.
    -
    Metric name will default to name with disallowed characters stripped out.
    -     		+ +
    A friendly name or description for the metrics for this WebACL.
    +
    The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace.
    +
    You can't change metric_name after you create the WebACL.
    +
    Metric name will default to name with disallowed characters stripped out.
    +
    +
    name
    string - / required
    -     		- -
    Name of the Web Application Firewall ACL to manage.
    -     		+ +
    Name of the Web Application Firewall ACL to manage.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_rules
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove rules that aren't passed with rules.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove rules that aren't passed with rules.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    rules
    list - / elements=dictionary
    -     		- -
    A list of rules that the Web ACL will enforce.
    -     		+ +
    A list of rules that the Web ACL will enforce.
    +
    +
    action
    string - / required
    -     		- -
    The action to perform.
    -     		+ +
    The action to perform.
    +
    +
    name
    string - / required
    -     		- -
    Name of the rule.
    -     		+ +
    Name of the rule.
    +
    +
    priority
    integer - / required
    -     		- -
    The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
    -     		+ +
    The priority of the action. Priorities must be unique. Lower numbered priorities are evaluated first.
    +
    +
    type
    string -
    -     		-
      Choices: -
    • rate_based
      • -
    • regular
      • -
    -     		-
    The type of rule.
    -     		+
      Choices: +
    • rate_based
      • +
    • regular
      • +
    +     		+
    The type of rule.
    +
    + +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the Web ACL should be present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the Web ACL should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    waf_regional
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use waf-regional module.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use waf-regional module.
    +
    +
    @@ -391,7 +410,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -402,8 +421,7 @@ Examples .. code-block:: yaml+jinja - - - name: create web ACL + - name: create web ACL community.aws.aws_waf_web_acl: name: my_web_acl rules: @@ -421,7 +439,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -434,188 +451,188 @@ Common return values are documented `here Returned Description - - + +
    web_acl
    complex -
    - + + always -
    contents of the Web ACL.
    -
    - +
    contents of the Web ACL.
    +
    + - -   - + +   +
    default_action
    dictionary -
    - + + always -
    Default action taken by the Web ACL if no rules match.
    -
    -
    Sample:
    -
    {'type': 'BLOCK'}
    - +
    Default action taken by the Web ACL if no rules match.
    +
    +
    Sample:
    +
    {'type': 'BLOCK'}
    + - -   - + +   +
    metric_name
    string -
    - + + always -
    Metric name used as an identifier.
    -
    -
    Sample:
    -
    mywebacl
    - +
    Metric name used as an identifier.
    +
    +
    Sample:
    +
    mywebacl
    + - -   - + +   +
    name
    string -
    - + + always -
    Friendly name of the Web ACL.
    -
    -
    Sample:
    -
    my web acl
    - +
    Friendly name of the Web ACL.
    +
    +
    Sample:
    +
    my web acl
    + - -   - + +   +
    rules
    complex -
    - + + always -
    List of rules.
    -
    - +
    List of rules.
    +
    + - -   -   - + +   +   +
    action
    complex -
    - + + always -
    Action taken by the WAF when the rule matches.
    -
    -
    Sample:
    -
    {'type': 'ALLOW'}
    - +
    Action taken by the WAF when the rule matches.
    +
    +
    Sample:
    +
    {'type': 'ALLOW'}
    + - -   -   - + +   +   +
    priority
    integer -
    - + + always -
    priority number of the rule (lower numbers are run first).
    -
    -
    Sample:
    -
    2
    - +
    priority number of the rule (lower numbers are run first).
    +
    +
    Sample:
    +
    2
    + - -   -   - + +   +   +
    rule_id
    string -
    - + + always -
    Rule ID.
    -
    -
    Sample:
    -
    a6fc7ab5-287b-479f-8004-7fd0399daf75
    - +
    Rule ID.
    +
    +
    Sample:
    +
    a6fc7ab5-287b-479f-8004-7fd0399daf75
    + - -   -   - + +   +   +
    type
    string -
    - + + always -
    Type of rule (either REGULAR or RATE_BASED).
    -
    -
    Sample:
    -
    REGULAR
    - +
    Type of rule (either REGULAR or RATE_BASED).
    +
    +
    Sample:
    +
    REGULAR
    + - - -   - + + +   +
    web_acl_id
    string -
    - + + always -
    Unique identifier of Web ACL.
    -
    -
    Sample:
    -
    10fff965-4b6b-46e2-9d78-24f6d2e2d21c
    - +
    Unique identifier of Web ACL.
    +
    +
    Sample:
    +
    10fff965-4b6b-46e2-9d78-24f6d2e2d21c
    + - - + +

    @@ -628,5 +645,3 @@ Authors - Mike Mochan (@mmochan) - Will Thames (@willthames) - - diff --git a/docs/community.aws.cloudformation_exports_info_module.rst b/docs/community.aws.cloudformation_exports_info_module.rst index 474a5e4b682..da610f3d474 100644 --- a/docs/community.aws.cloudformation_exports_info_module.rst +++ b/docs/community.aws.cloudformation_exports_info_module.rst @@ -36,161 +36,180 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -198,7 +217,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -209,18 +228,16 @@ Examples .. code-block:: yaml+jinja - - name: Get Exports community.aws.cloudformation_exports_info: profile: 'my_aws_profile' region: 'my_region' register: cf_exports - - debug: + - ansible.builtin.debug: msg: "{{ cf_exports }}" - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -233,22 +250,22 @@ Common return values are documented `here Returned Description - - + +
    export_items
    dictionary -
    - + + Always -
    A dictionary of Exports items names and values.
    -
    - +
    A dictionary of Exports items names and values.
    +
    + - +

    @@ -260,5 +277,3 @@ Authors ~~~~~~~ - Michael Moyle (@mmoyle) - - diff --git a/docs/community.aws.cloudformation_stack_set_module.rst b/docs/community.aws.cloudformation_stack_set_module.rst index 1e689c49184..a7ba8a2aac1 100644 --- a/docs/community.aws.cloudformation_stack_set_module.rst +++ b/docs/community.aws.cloudformation_stack_set_module.rst @@ -37,527 +37,546 @@ Parameters .. raw:: html - + - + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    accounts
    list - / elements=string
    -     		- -
    A list of AWS accounts in which to create instance of CloudFormation stacks.
    -
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    -     		+ +
    A list of AWS accounts in which to create instance of CloudFormation stacks.
    +
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    +
    +
    administration_role_arn
    string -
    -     		- -
    ARN of the administration role, meaning the role that CloudFormation Stack Sets use to assume the roles in your child accounts.
    -
    This defaults to arn:aws:iam::{{ account ID }}:role/AWSCloudFormationStackSetAdministrationRole where {{ account ID }} is replaced with the account number of the current IAM role/user/STS credentials.
    -

    aliases: admin_role_arn, admin_role, administration_role
    -     		+ +
    ARN of the administration role, meaning the role that CloudFormation Stack Sets use to assume the roles in your child accounts.
    +
    This defaults to arn:aws:iam::{{ account ID }}:role/AWSCloudFormationStackSetAdministrationRole where {{ account ID }} is replaced with the account number of the current IAM role/user/STS credentials.
    +

    aliases: admin_role_arn, admin_role, administration_role
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    capabilities
    list - / elements=string
    -     		-
      Choices: -
    • CAPABILITY_IAM
      • -
    • CAPABILITY_NAMED_IAM
      • -
    -     		-
    Capabilities allow stacks to create and modify IAM resources, which may include adding users or roles.
    -
    Currently the only available values are 'CAPABILITY_IAM' and 'CAPABILITY_NAMED_IAM'. Either or both may be provided.
    -
    The following resources require that one or both of these parameters is specified: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::IAM::UserToGroupAddition
    -     		+
      Choices: +
    • CAPABILITY_IAM
      • +
    • CAPABILITY_NAMED_IAM
      • +
    +     		+
    Capabilities allow stacks to create and modify IAM resources, which may include adding users or roles.
    +
    Currently the only available values are 'CAPABILITY_IAM' and 'CAPABILITY_NAMED_IAM'. Either or both may be provided.
    +
    The following resources require that one or both of these parameters is specified: AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, AWS::IAM::UserToGroupAddition
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A description of what this stack set creates.
    -     		+ +
    A description of what this stack set creates.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    execution_role_name
    string -
    -     		- -
    ARN of the execution role, meaning the role that CloudFormation Stack Sets assumes in your child accounts.
    -
    This MUST NOT be an ARN, and the roles must exist in each child account specified.
    -
    The default name for the execution role is AWSCloudFormationStackSetExecutionRole
    -

    aliases: exec_role_name, exec_role, execution_role
    -
    + + + +
    ARN of the execution role, meaning the role that CloudFormation Stack Sets assumes in your child accounts.
    +
    This MUST NOT be an ARN, and the roles must exist in each child account specified.
    +
    The default name for the execution role is AWSCloudFormationStackSetExecutionRole
    +

    aliases: exec_role_name, exec_role, execution_role
    +
    failure_tolerance
    dictionary -
    -     		- -
    Settings to change what is considered "failed" when running stack instance updates, and how many to do at a time.
    -
    + + + +
    Settings to change what is considered "failed" when running stack instance updates, and how many to do at a time.
    +
    fail_count
    integer -
    -     		- -
    The number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region.
    -
    You must specify one of fail_count and fail_percentage.
    -     		+ +
    The number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region.
    +
    You must specify one of fail_count and fail_percentage.
    +
    +
    fail_percentage
    integer -
    -     		- -
    The percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region.
    -
    You must specify one of fail_count and fail_percentage.
    -     		+ +
    The percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region.
    +
    You must specify one of fail_count and fail_percentage.
    +
    +
    parallel_count
    integer -
    -     		- -
    The maximum number of accounts in which to perform this operation at one time.
    -
    parallel_count may be at most one more than the fail_count.
    -
    You must specify one of parallel_count and parallel_percentage.
    -
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual count may be lower.
    -
    + + + +
    The maximum number of accounts in which to perform this operation at one time.
    +
    parallel_count may be at most one more than the fail_count.
    +
    You must specify one of parallel_count and parallel_percentage.
    +
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual count may be lower.
    +
    parallel_percentage
    integer -
    -     		- -
    The maximum percentage of accounts in which to perform this operation at one time.
    -
    You must specify one of parallel_count and parallel_percentage.
    -
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual percentage may be lower.
    -
    + + + +
    The maximum percentage of accounts in which to perform this operation at one time.
    +
    You must specify one of parallel_count and parallel_percentage.
    +
    Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual percentage may be lower.
    +
    name
    string - / required
    -     		- -
    Name of the CloudFormation stack set.
    -     		+ +
    Name of the CloudFormation stack set.
    +
    +
    parameters
    dictionary -
    -     		- Default:
    {}
    -     		-
    A list of hashes of all the template variables for the stack. The value can be a string or a dict.
    -
    Dict can be used to set additional template parameter attributes like UsePreviousValue (see example).
    -     		+ Default:
    {}
    +     		+
    A list of hashes of all the template variables for the stack. The value can be a string or a dict.
    +
    Dict can be used to set additional template parameter attributes like UsePreviousValue (see example).
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_stacks
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Only applicable when state=absent. Sets whether, when deleting a stack set, the stack instances should also be deleted.
    -
    By default, instances will be deleted. To keep stacks when stack set is deleted set purge_stacks=false.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Only applicable when state=absent. Sets whether, when deleting a stack set, the stack instances should also be deleted.
    +
    By default, instances will be deleted. To keep stacks when stack set is deleted set purge_stacks=false.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    regions
    list - / elements=string
    -     		- -
    A list of AWS regions to create instances of a stack in. The region parameter chooses where the Stack Set is created, and regions specifies the region for stack instances.
    -
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    -     		+ +
    A list of AWS regions to create instances of a stack in. The region parameter chooses where the Stack Set is created, and regions specifies the region for stack instances.
    +
    At least one region must be specified to create a stack set. On updates, if fewer regions are specified only the specified regions will have their stack instances updated.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    If state=present, stack will be created. If state=present and if stack exists and template has changed, it will be updated. If state=absent, stack will be removed.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    If state=present, stack will be created. If state=present and if stack exists and template has changed, it will be updated. If state=absent, stack will be removed.
    +
    +
    tags
    dictionary -
    -     		- -
    Dictionary of tags to associate with stack and its resources during stack creation.
    -
    Can be updated later, updating tags removes previous entries.
    -     		+ +
    Dictionary of tags to associate with stack and its resources during stack creation.
    +
    Can be updated later, updating tags removes previous entries.
    +
    +
    template
    path -
    -     		- -
    The local path of the CloudFormation template.
    -
    This must be the full path to the file, relative to the working directory. If using roles this may look like roles/cloudformation/files/cloudformation-example.json.
    -
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    -
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    -
    + + + +
    The local path of the CloudFormation template.
    +
    This must be the full path to the file, relative to the working directory. If using roles this may look like roles/cloudformation/files/cloudformation-example.json.
    +
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    +
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    +
    template_body
    string -
    -     		- -
    Template body. Use this to pass in the actual body of the CloudFormation template.
    -
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    -
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    -     		+ +
    Template body. Use this to pass in the actual body of the CloudFormation template.
    +
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    +
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    +
    +
    template_url
    string -
    -     		- -
    Location of file containing the template body.
    -
    The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.
    -
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    -
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    -
    + + + +
    Location of file containing the template body.
    +
    The URL must point to a template (max size 307,200 bytes) located in an S3 bucket in the same region as the stack.
    +
    If state=present and the stack does not exist yet, either template, template_body or template_url must be specified (but only one of them).
    +
    If state=present, the stack does exist, and neither template, template_body nor template_url are specified, the previous template will be reused.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for stack operation to complete. This includes waiting for stack instances to reach UPDATE_COMPLETE status.
    -
    If you choose not to wait, this module will not notify when stack operations fail because it will not wait for them to finish.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for stack operation to complete. This includes waiting for stack instances to reach UPDATE_COMPLETE status.
    +
    If you choose not to wait, this module will not notify when stack operations fail because it will not wait for them to finish.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    900
    -     		-
    How long to wait (in seconds) for stacks to complete create/update/delete operations.
    -
    + + + + Default:
    900
    + + +
    How long to wait (in seconds) for stacks to complete create/update/delete operations.
    + + +
    @@ -566,7 +585,7 @@ Notes .. note:: - To make an individual stack, you want the :ref:`amazon.aws.cloudformation ` module. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -577,7 +596,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a stack set with instances in two accounts community.aws.cloudformation_stack_set: name: my-stack @@ -617,7 +635,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -630,75 +647,75 @@ Common return values are documented `here Returned Description - - + +
    operations
    list -
    - + + always -
    All operations initiated by this run of the cloudformation_stack_set module
    -
    -
    Sample:
    -
    [{'action': 'CREATE', 'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'operation_preferences': {'region_order': ['us-east-1', 'us-east-2']}, 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'FAILED'}]
    - - - - +
    All operations initiated by this run of the cloudformation_stack_set module
    +
    +
    Sample:
    +
    [{'action': 'CREATE', 'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'operation_preferences': {'region_order': ['us-east-1', 'us-east-2']}, 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'FAILED'}]
    + + + +
    operations_log
    list -
    - + + always -
    Most recent events in CloudFormation's event log. This may be from a previous run in some cases.
    -
    -
    Sample:
    -
    [{'action': 'CREATE', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'status': 'FAILED', 'stack_instances': [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service."}]}]
    - - - - +
    Most recent events in CloudFormation's event log. This may be from a previous run in some cases.
    +
    +
    Sample:
    +
    [{'action': 'CREATE', 'creation_timestamp': '2018-06-18T17:40:46.372000+00:00', 'end_timestamp': '2018-06-18T17:41:24.560000+00:00', 'operation_id': 'Ansible-StackInstance-Create-0ff2af5b-251d-4fdb-8b89-1ee444eba8b8', 'status': 'FAILED', 'stack_instances': [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service."}]}]
    + + + +
    stack_instances
    list -
    - + + state == present -
    CloudFormation stack instances that are members of this stack set. This will also include their region and account ID.
    -
    -
    Sample:
    -
    [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service.\n"}, {'account': '1234567890', 'region': 'us-east-2', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': 'Cancelled since failure tolerance has exceeded'}]
    - - - - +
    CloudFormation stack instances that are members of this stack set. This will also include their region and account ID.
    +
    +
    Sample:
    +
    [{'account': '1234567890', 'region': 'us-east-1', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': "Account 1234567890 should have 'AWSCloudFormationStackSetAdministrationRole' role with trust relationship to CloudFormation service.\n"}, {'account': '1234567890', 'region': 'us-east-2', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'status': 'OUTDATED', 'status_reason': 'Cancelled since failure tolerance has exceeded'}]
    + + + +
    stack_set
    dictionary -
    - + + state == present -
    Facts about the currently deployed stack set, its parameters, and its tags
    -
    -
    Sample:
    -
    {'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'capabilities': [], 'description': 'test stack PRIME', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'parameters': [], 'stack_set_arn': 'arn:aws:cloudformation:us-east-1:1234567890:stackset/TestStackPrime:19f3f684-aae9-467-ba36-e09f92cf5929', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'stack_set_name': 'TestStackPrime', 'status': 'ACTIVE', 'tags': {'Some': 'Thing', 'an': 'other'}, 'template_body': 'AWSTemplateFormatVersion: "2010-09-09"\nParameters: {}\nResources:\n Bukkit:\n Type: "AWS::S3::Bucket"\n Properties: {}\n other:\n Type: "AWS::SNS::Topic"\n Properties: {}\n'}
    - +
    Facts about the currently deployed stack set, its parameters, and its tags
    +
    +
    Sample:
    +
    {'administration_role_arn': 'arn:aws:iam::1234567890:role/AWSCloudFormationStackSetAdministrationRole', 'capabilities': [], 'description': 'test stack PRIME', 'execution_role_name': 'AWSCloudFormationStackSetExecutionRole', 'parameters': [], 'stack_set_arn': 'arn:aws:cloudformation:us-east-1:1234567890:stackset/TestStackPrime:19f3f684-aae9-467-ba36-e09f92cf5929', 'stack_set_id': 'TestStackPrime:19f3f684-aae9-4e67-ba36-e09f92cf5929', 'stack_set_name': 'TestStackPrime', 'status': 'ACTIVE', 'tags': {'Some': 'Thing', 'an': 'other'}, 'template_body': 'AWSTemplateFormatVersion: "2010-09-09"\nParameters: {}\nResources:\n Bukkit:\n Type: "AWS::S3::Bucket"\n Properties: {}\n other:\n Type: "AWS::SNS::Topic"\n Properties: {}\n'}
    + - +

    @@ -710,5 +727,3 @@ Authors ~~~~~~~ - Ryan Scott Brown (@ryansb) - - diff --git a/docs/community.aws.cloudfront_distribution_module.rst b/docs/community.aws.cloudfront_distribution_module.rst index c0bd98ada89..0f409f72045 100644 --- a/docs/community.aws.cloudfront_distribution_module.rst +++ b/docs/community.aws.cloudfront_distribution_module.rst @@ -36,2097 +36,2116 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - - - - - - + + + + + + + - - - - - - - - + + + + + + + + - - + / elements=string + + + - - - - - + + + + - - - - - - - - + + + + + + + + - - - - - - - + + + + + + + - - - - - - - - + + + + + + + + - - + + + + - - - - - + + + + - - - - - - - - + + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + / elements=string + + + - - - - + + + - - - - - - - - + + + + + + + + - - + + + + - - - - - + + + + - - - - - - - - + + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + / elements=string + + + - - - - + + + - - - - - - - + + + + + + + - - - - - - - - + + + + + + + + - - - - - - - - + + + + + + + + - - - - - - - - + + + + + + + + - - - - - - - + + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - - - - - + + + + + + - - - - - - - + + + + + + + - - - - - - - - + + + + + + + + - - + / elements=string + + + - - - - - + + + + - - - - - - - - + + + + + + + + - - - - - - - + + + + + + + - - - - - - - - + + + + + + + + - - + + + + - - - - - + + + + - - - - - - - - + + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + / elements=string + + + - - - - + + + - - - - - - - - + + + + + + + + - - + + + + - - - - - + + + + - - - - - - - - + + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + / elements=string + + + - - - - + + + - - - - - - - + + + + + + + - - - - - - - - + + + + + + + + - - - - - - - - + + + + + + + + - - - - - - - - + + + + + + + + - - - - - - - + + + + + + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - - - - - + + + + + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    alias
    string -
    -     		- -
    The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the distribution_id as well as the e_tag, or caller_reference of an existing distribution.
    -     		+ +
    The name of an alias (CNAME) that is used in a distribution. This is used to effectively reference a distribution by its alias as an alias can only be used by one distribution per AWS account. This variable avoids having to provide the distribution_id as well as the e_tag, or caller_reference of an existing distribution.
    +
    +
    aliases
    list - / elements=string
    -     		- -
    A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
    -
    Each alias must be unique across all distribution for the AWS account.
    -     		+ +
    A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
    +
    Each alias must be unique across all distribution for the AWS account.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cache_behaviors
    list - / elements=dictionary
    -     		- -
    A list of dictionaries describing the cache behaviors for the distribution.
    -
    The order of the list is preserved across runs unless purge_cache_behaviors is enabled.
    -
    + / elements=dictionary + + +
    A list of dictionaries describing the cache behaviors for the distribution.
    +
    The order of the list is preserved across runs unless purge_cache_behaviors is enabled.
    +
    forwarded_values
    dictionary -
    -     		- -
    A dict that specifies how CloudFront handles query strings and cookies.
    -
    + + + +
    A dict that specifies how CloudFront handles query strings and cookies.
    +
    allowed_methods
    dictionary -
    -     		- -
    A dict that controls which HTTP methods CloudFront processes and forwards.
    -
    + + + +
    A dict that controls which HTTP methods CloudFront processes and forwards.
    +
    cached_methods
    list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to apply caching to.
    -
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    -     		+ +
    A list of HTTP methods that you want CloudFront to apply caching to.
    +
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    +
    +
    items
    list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to process and forward.
    -
    + / elements=string + + +
    A list of HTTP methods that you want CloudFront to process and forward.
    +
    compress
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want CloudFront to automatically compress files.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want CloudFront to automatically compress files.
    +
    cookies
    dictionary -
    -     		- -
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    -
    + + + +
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    +
    forward
    string -
    -     		- -
    Specifies which cookies to forward to the origin for this cache behavior.
    -
    Valid values are all, none, or whitelist.
    -     		+ +
    Specifies which cookies to forward to the origin for this cache behavior.
    +
    Valid values are all, none, or whitelist.
    +
    +
    whitelisted_names
    list - / elements=string
    -     		- -
    A list of coockies to forward to the origin for this cache behavior.
    -
    + / elements=string + + +
    A list of cookies to forward to the origin for this cache behavior.
    +
    default_ttl
    integer -
    -     		- -
    The default amount of time that you want objects to stay in CloudFront caches.
    -     		+ +
    The default amount of time that you want objects to stay in CloudFront caches.
    +
    +
    field_level_encryption_id
    string -
    -     		- -
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    -     		+ +
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    +
    +
    headers
    list - / elements=string
    -     		- -
    A list of headers to forward to the origin for this cache behavior.
    -
    To forward all headers use a list containing a single element '*' (['*'])
    -     		+ +
    A list of headers to forward to the origin for this cache behavior.
    +
    To forward all headers use a list containing a single element '*' (['*'])
    +
    +
    lambda_function_associations
    list - / elements=dictionary
    -     		- -
    A list of Lambda function associations to use for this cache behavior.
    -
    + / elements=dictionary + + +
    A list of Lambda function associations to use for this cache behavior.
    +
    event_type
    string -
    -     		- -
    Specifies the event type that triggers a Lambda function invocation.
    -
    This can be viewer-request, origin-request, origin-response or viewer-response.
    -     		+ +
    Specifies the event type that triggers a Lambda function invocation.
    +
    This can be viewer-request, origin-request, origin-response or viewer-response.
    +
    +
    lambda_function_arn
    string -
    -     		- -
    The ARN of the Lambda function.
    -
    + + + +
    The ARN of the Lambda function.
    +
    max_ttl
    integer -
    -     		- -
    The maximum amount of time that you want objects to stay in CloudFront caches.
    -     		+ +
    The maximum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    min_ttl
    integer -
    -     		- -
    The minimum amount of time that you want objects to stay in CloudFront caches.
    -     		+ +
    The minimum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    query_string
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    +
    query_string_cache_keys
    list - / elements=string
    -     		- -
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    -     		+ +
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    +
    +
    smooth_streaming
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    +
    trusted_signers
    dictionary -
    -     		- -
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    -
    + + + +
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to require viewers to use signed URLs to access the files specified by path_pattern and target_origin_id
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to require viewers to use signed URLs to access the files specified by path_pattern and target_origin_id
    +
    items
    list - / elements=string
    -     		- -
    A list of trusted signers for this cache behavior.
    -
    + / elements=string + + +
    A list of trusted signers for this cache behavior.
    +
    viewer_protocol_policy
    string -
    -     		- -
    The protocol that viewers can use to access the files in the origin specified by target_origin_id when a request matches path_pattern.
    -
    Valid values are allow-all, redirect-to-https and https-only.
    -
    + + + +
    The protocol that viewers can use to access the files in the origin specified by target_origin_id when a request matches path_pattern.
    +
    Valid values are allow-all, redirect-to-https and https-only.
    +
    path_pattern
    string -
    -     		- -
    The pattern that specifies which requests to apply the behavior to.
    -     		+ +
    The pattern that specifies which requests to apply the behavior to.
    +
    +
    target_origin_id
    string -
    -     		- -
    The ID of the origin that you want CloudFront to route requests to by default.
    -
    + + + +
    The ID of the origin that you want CloudFront to route requests to by default.
    +
    caller_reference
    string -
    -     		- -
    A unique identifier for creating and updating CloudFront distributions.
    -
    Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of distribution_id to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format YYYY-MM-DDTHH:MM:SS.ffffff.
    -     		+ +
    A unique identifier for creating and updating CloudFront distributions.
    +
    Each caller reference must be unique across all distributions. e.g. a caller reference used in a web distribution cannot be reused in a streaming distribution. This parameter can be used instead of distribution_id to reference an existing distribution. If not specified, this defaults to a datetime stamp of the format YYYY-MM-DDTHH:MM:SS.ffffff.
    +
    +
    comment
    string -
    -     		- -
    A comment that describes the CloudFront distribution.
    -
    If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
    -     		+ +
    A comment that describes the CloudFront distribution.
    +
    If not specified, it defaults to a generic message that it has been created with Ansible, and a datetime stamp.
    +
    +
    custom_error_responses
    list - / elements=dictionary
    -     		- -
    A config element that is a list[] of complex custom error responses to be specified for the distribution.
    -
    This attribute configures custom http error messages returned to the user.
    -
    + / elements=dictionary + + +
    A config element that is a list[] of complex custom error responses to be specified for the distribution.
    +
    This attribute configures custom http error messages returned to the user.
    +
    error_caching_min_ttl
    integer -
    -     		- -
    The length of time (in seconds) that CloudFront will cache status codes for.
    -     		+ +
    The length of time (in seconds) that CloudFront will cache status codes for.
    +
    +
    error_code
    integer -
    -     		- -
    The error code the custom error page is for.
    -     		+ +
    The error code the custom error page is for.
    +
    +
    response_code
    integer -
    -     		- -
    The HTTP status code that CloudFront should return to a user when the origin returns the HTTP status code specified by error_code.
    -     		+ +
    The HTTP status code that CloudFront should return to a user when the origin returns the HTTP status code specified by error_code.
    +
    +
    response_page_path
    string -
    -     		- -
    The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by error_code.
    -
    + + + +
    The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by error_code.
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    default_cache_behavior
    dictionary -
    -     		- -
    A dict specifying the default cache behavior of the distribution.
    -
    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
    -
    + + + +
    A dict specifying the default cache behavior of the distribution.
    +
    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
    +
    forwarded_values
    dictionary -
    -     		- -
    A dict that specifies how CloudFront handles query strings and cookies.
    -
    + + + +
    A dict that specifies how CloudFront handles query strings and cookies.
    +
    allowed_methods
    dictionary -
    -     		- -
    A dict that controls which HTTP methods CloudFront processes and forwards.
    -
    + + + +
    A dict that controls which HTTP methods CloudFront processes and forwards.
    +
    cached_methods
    list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to apply caching to.
    -
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    -     		+ +
    A list of HTTP methods that you want CloudFront to apply caching to.
    +
    This can either be [GET,HEAD], or [GET,HEAD,OPTIONS].
    +
    +
    items
    list - / elements=string
    -     		- -
    A list of HTTP methods that you want CloudFront to process and forward.
    -
    + / elements=string + + +
    A list of HTTP methods that you want CloudFront to process and forward.
    +
    compress
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want CloudFront to automatically compress files.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want CloudFront to automatically compress files.
    +
    cookies
    dictionary -
    -     		- -
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    -
    + + + +
    A dict that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones.
    +
    forward
    string -
    -     		- -
    Specifies which cookies to forward to the origin for this cache behavior.
    -
    Valid values are all, none, or whitelist.
    -     		+ +
    Specifies which cookies to forward to the origin for this cache behavior.
    +
    Valid values are all, none, or whitelist.
    +
    +
    whitelisted_names
    list - / elements=string
    -     		- -
    A list of coockies to forward to the origin for this cache behavior.
    -
    + / elements=string + + +
    A list of cookies to forward to the origin for this cache behavior.
    +
    default_ttl
    integer -
    -     		- -
    The default amount of time that you want objects to stay in CloudFront caches.
    -     		+ +
    The default amount of time that you want objects to stay in CloudFront caches.
    +
    +
    field_level_encryption_id
    string -
    -     		- -
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    -     		+ +
    The field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data.
    +
    +
    headers
    list - / elements=string
    -     		- -
    A list of headers to forward to the origin for this cache behavior.
    -
    To forward all headers use a list containing a single element '*' (['*'])
    -     		+ +
    A list of headers to forward to the origin for this cache behavior.
    +
    To forward all headers use a list containing a single element '*' (['*'])
    +
    +
    lambda_function_associations
    list - / elements=dictionary
    -     		- -
    A list of Lambda function associations to use for this cache behavior.
    -
    + / elements=dictionary + + +
    A list of Lambda function associations to use for this cache behavior.
    +
    event_type
    string -
    -     		- -
    Specifies the event type that triggers a Lambda function invocation.
    -
    This can be viewer-request, origin-request, origin-response or viewer-response.
    -     		+ +
    Specifies the event type that triggers a Lambda function invocation.
    +
    This can be viewer-request, origin-request, origin-response or viewer-response.
    +
    +
    lambda_function_arn
    string -
    -     		- -
    The ARN of the Lambda function.
    -
    + + + +
    The ARN of the Lambda function.
    +
    max_ttl
    integer -
    -     		- -
    The maximum amount of time that you want objects to stay in CloudFront caches.
    -     		+ +
    The maximum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    min_ttl
    integer -
    -     		- -
    The minimum amount of time that you want objects to stay in CloudFront caches.
    -     		+ +
    The minimum amount of time that you want objects to stay in CloudFront caches.
    +
    +
    query_string
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    +
    query_string_cache_keys
    list - / elements=string
    -     		- -
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    -     		+ +
    A list that contains the query string parameters you want CloudFront to use as a basis for caching for a cache behavior.
    +
    +
    smooth_streaming
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to distribute media files in the Microsoft Smooth Streaming format.
    +
    trusted_signers
    dictionary -
    -     		- -
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    -
    + + + +
    A dict that specifies the AWS accounts that you want to allow to create signed URLs for private content.
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether you want to require viewers to use signed URLs to access the files specified by target_origin_id
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether you want to require viewers to use signed URLs to access the files specified by target_origin_id
    +
    items
    list - / elements=string
    -     		- -
    A list of trusted signers for this cache behavior.
    -
    + / elements=string + + +
    A list of trusted signers for this cache behavior.
    +
    viewer_protocol_policy
    string -
    -     		- -
    The protocol that viewers can use to access the files in the origin specified by target_origin_id.
    -
    Valid values are allow-all, redirect-to-https and https-only.
    -
    + + + +
    The protocol that viewers can use to access the files in the origin specified by target_origin_id.
    +
    Valid values are allow-all, redirect-to-https and https-only.
    +
    target_origin_id
    string -
    -     		- -
    The ID of the origin that you want CloudFront to route requests to by default.
    -
    + + + +
    The ID of the origin that you want CloudFront to route requests to by default.
    +
    default_origin_domain_name
    string -
    -     		- -
    The domain name to use for an origin if no origins have been specified.
    -
    Should only be used on a first run of generating a distribution and not on subsequent runs.
    -
    Should not be used in conjunction with distribution_id, caller_reference or alias.
    -     		+ +
    The domain name to use for an origin if no origins have been specified.
    +
    Should only be used on a first run of generating a distribution and not on subsequent runs.
    +
    Should not be used in conjunction with distribution_id, caller_reference or alias.
    +
    +
    default_origin_path
    string -
    -     		- -
    The default origin path to specify for an origin if no origins have been specified. Defaults to empty if not specified.
    -     		+ +
    The default origin path to specify for an origin if no origins have been specified. Defaults to empty if not specified.
    +
    +
    default_root_object
    string -
    -     		- -
    A config element that specifies the path to request when the user requests the origin.
    -
    e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user.
    -
    This prevents the entire distribution origin from being exposed at the root.
    -     		+ +
    A config element that specifies the path to request when the user requests the origin.
    +
    e.g. if specified as 'index.html', this maps to www.example.com/index.html when www.example.com is called by the user.
    +
    This prevents the entire distribution origin from being exposed at the root.
    +
    +
    distribution_id
    string -
    -     		- -
    The ID of the CloudFront distribution.
    -
    This parameter can be exchanged with alias or caller_reference and is used in conjunction with e_tag.
    -     		+ +
    The ID of the CloudFront distribution.
    +
    This parameter can be exchanged with alias or caller_reference and is used in conjunction with e_tag.
    +
    +
    e_tag
    string -
    -     		- -
    A unique identifier of a modified or existing distribution. Used in conjunction with distribution_id.
    -
    Is determined automatically if not specified.
    -     		+ +
    A unique identifier of a modified or existing distribution. Used in conjunction with distribution_id.
    +
    Is determined automatically if not specified.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    A boolean value that specifies whether the distribution is enabled or disabled.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    A boolean value that specifies whether the distribution is enabled or disabled.
    +
    +
    http_version
    string -
    -     		- -
    The version of the http protocol to use for the distribution.
    -
    AWS defaults this to http2.
    -
    Valid values are http1.1 and http2
    -     		+ +
    The version of the http protocol to use for the distribution.
    +
    AWS defaults this to http2.
    +
    Valid values are http1.1 and http2
    +
    +
    ipv6_enabled
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Determines whether IPv6 support is enabled or not.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Determines whether IPv6 support is enabled or not.
    +
    +
    logging
    dictionary -
    -     		- -
    A config element that is a complex object that defines logging for the distribution.
    -
    + + + +
    A config element that is a complex object that defines logging for the distribution.
    +
    bucket
    string -
    -     		- -
    The S3 bucket to store the log in.
    -     		+ +
    The S3 bucket to store the log in.
    +
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When enabled=true CloudFront will log access to an S3 bucket.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When enabled=true CloudFront will log access to an S3 bucket.
    +
    +
    include_cookies
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When include_cookies=true CloudFront will include cookies in the logs.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When include_cookies=true CloudFront will include cookies in the logs.
    +
    +
    prefix
    string -
    -     		- -
    A prefix to include in the S3 object names.
    -
    + + + +
    A prefix to include in the S3 object names.
    +
    origins
    list - / elements=dictionary
    -     		- -
    A config element that is a list of complex origin objects to be specified for the distribution. Used for creating and updating distributions.
    -
    + / elements=dictionary + + +
    A config element that is a list of complex origin objects to be specified for the distribution. Used for creating and updating distributions.
    +
    custom_headers
    list - / elements=dictionary
    -     		- -
    Custom headers you wish to add to the request before passing it to the origin.
    - -
    + / elements=dictionary + + +
    Custom headers you wish to add to the request before passing it to the origin.
    + +
    header_name
    string -
    -     		- -
    The name of a header that you want CloudFront to forward to your origin.
    -     		+ +
    The name of a header that you want CloudFront to forward to your origin.
    +
    +
    header_value
    string -
    -     		- -
    The value for the header that you specified in the header_name field.
    -
    + + + +
    The value for the header that you specified in the header_name field.
    +
    custom_origin_config
    dictionary -
    -     		- -
    Connection information about the origin.
    -
    + + + +
    Connection information about the origin.
    +
    http_port
    integer -
    -     		- -
    The HTTP port the custom origin listens on.
    -     		+ +
    The HTTP port the custom origin listens on.
    +
    +
    https_port
    integer -
    -     		- -
    The HTTPS port the custom origin listens on.
    -     		+ +
    The HTTPS port the custom origin listens on.
    +
    +
    origin_keepalive_timeout
    integer -
    -     		- -
    A keep-alive timeout (in seconds).
    -     		+ +
    A keep-alive timeout (in seconds).
    +
    +
    origin_protocol_policy
    string -
    -     		- -
    The origin protocol policy to apply to your origin.
    -     		+ +
    The origin protocol policy to apply to your origin.
    +
    +
    origin_read_timeout
    integer -
    -     		- -
    A timeout (in seconds) when reading from your origin.
    -     		+ +
    A timeout (in seconds) when reading from your origin.
    +
    +
    origin_ssl_protocols
    list - / elements=string
    -     		- -
    A list of SSL/TLS protocols that you want CloudFront to use when communicating to the origin over HTTPS.
    -
    + / elements=string + + +
    A list of SSL/TLS protocols that you want CloudFront to use when communicating to the origin over HTTPS.
    +
    domain_name
    string -
    -     		- -
    The domain name which CloudFront will query as the origin.
    - -     		+ +
    The domain name which CloudFront will query as the origin.
    + +
    +
    id
    string -
    -     		- -
    A unique identifier for the origin or origin group. id must be unique within the distribution.
    -     		+ +
    A unique identifier for the origin or origin group. id must be unique within the distribution.
    +
    +
    origin_path
    string -
    -     		- -
    Tells CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    -     		+ +
    Tells CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    +
    +
    s3_origin_access_identity_enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Use an origin access identity to configure the origin so that viewers can only access objects in an Amazon S3 bucket through CloudFront.
    -
    Will automatically create an Identity for you.
    - -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Use an origin access identity to configure the origin so that viewers can only access objects in an Amazon S3 bucket through CloudFront.
    +
    Will automatically create an Identity for you.
    + +
    price_class
    string -
    -     		- -
    A string that specifies the pricing class of the distribution. As per https://aws.amazon.com/cloudfront/pricing/
    -
    price_class=PriceClass_100 consists of the areas United States, Canada and Europe.
    -
    price_class=PriceClass_200 consists of the areas United States, Canada, Europe, Japan, India, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    -
    price_class=PriceClass_All consists of the areas United States, Canada, Europe, Japan, India, South America, Australia, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    -
    AWS defaults this to PriceClass_All.
    -
    Valid values are PriceClass_100, PriceClass_200 and PriceClass_All
    -     		+ +
    A string that specifies the pricing class of the distribution. As per https://aws.amazon.com/cloudfront/pricing/
    +
    price_class=PriceClass_100 consists of the areas United States, Canada and Europe.
    +
    price_class=PriceClass_200 consists of the areas United States, Canada, Europe, Japan, India, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    +
    price_class=PriceClass_All consists of the areas United States, Canada, Europe, Japan, India, South America, Australia, Hong Kong, Philippines, S. Korea, Singapore & Taiwan.
    +
    AWS defaults this to PriceClass_All.
    +
    Valid values are PriceClass_100, PriceClass_200 and PriceClass_All
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_aliases
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether existing aliases will be removed before adding new aliases.
    -
    When purge_aliases=yes, existing aliases are removed and aliases are added.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether existing aliases will be removed before adding new aliases.
    +
    When purge_aliases=yes, existing aliases are removed and aliases are added.
    +
    +
    purge_cache_behaviors
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove any cache behaviors that aren't listed in cache_behaviors.
    -
    This switch also allows the reordering of cache_behaviors.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove any cache behaviors that aren't listed in cache_behaviors.
    +
    This switch also allows the reordering of cache_behaviors.
    +
    +
    purge_custom_error_responses
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove any custom error responses that aren't listed in custom_error_responses.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove any custom error responses that aren't listed in custom_error_responses.
    +
    +
    purge_origins
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to remove any origins that aren't listed in origins.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to remove any origins that aren't listed in origins.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether existing tags will be removed before adding new tags.
    -
    When purge_tags=yes, existing tags are removed and tags are added, if specified. If no tags are specified, it removes all existing tags for the distribution.
    -
    When purge_tags=no, existing tags are kept and tags are added, if specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether existing tags will be removed before adding new tags.
    +
    When purge_tags=yes, existing tags are removed and tags are added, if specified. If no tags are specified, it removes all existing tags for the distribution.
    +
    When purge_tags=no, existing tags are kept and tags are added, if specified.
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    restrictions
    dictionary -
    -     		- -
    A config element that is a complex object that describes how a distribution should restrict it's content.
    -
    + + + +
    A config element that is a complex object that describes how a distribution should restrict it's content.
    +
    geo_restriction
    dictionary -
    -     		- -
    Apply a restriciton based on the location of the requester.
    -
    + + + +
    Apply a restriction based on the location of the requester.
    +
    items
    list -
    -     		- -
    A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
    -
    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
    -     		+ +
    A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
    +
    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
    +
    +
    restriction_type
    string -
    -     		- -
    The method that you want to use to restrict distribution of your content by country.
    -
    Valid values are none, whitelist, blacklist
    -
    + + + +
    The method that you want to use to restrict distribution of your content by country.
    +
    Valid values are none, whitelist, blacklist
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    The desired state of the distribution.
    -
    state=present creates a new distribution or updates an existing distribution.
    -
    state=absent deletes an existing distribution.
    -
    + + +
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    The desired state of the distribution.
    +
    state=present creates a new distribution or updates an existing distribution.
    +
    state=absent deletes an existing distribution.
    +
    tags
    dictionary -
    -     		- -
    Should be input as a dict of key-value pairs.
    -
    Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
    -     		+ +
    Should be input as a dict of key-value pairs.
    +
    Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    viewer_certificate
    dictionary -
    -     		- -
    A dict that specifies the encryption details of the distribution.
    -
    + + + +
    A dict that specifies the encryption details of the distribution.
    +
    acm_certificate_arn
    string -
    -     		- -
    The ID of a certificate stored in ACM to use for HTTPS connections.
    -
    If acm_certificate_id is set then you must also specify ssl_support_method
    -     		+ +
    The ID of a certificate stored in ACM to use for HTTPS connections.
    +
    If acm_certificate_id is set then you must also specify ssl_support_method
    +
    +
    cloudfront_default_certificate
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
    -
    If cloudfront_default_certificate=true do not set ssl_support_method.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
    +
    If cloudfront_default_certificate=true do not set ssl_support_method.
    +
    iam_certificate_id
    string -
    -     		- -
    The ID of a certificate stored in IAM to use for HTTPS connections.
    -
    If iam_certificate_id is set then you must also specify ssl_support_method
    -     		+ +
    The ID of a certificate stored in IAM to use for HTTPS connections.
    +
    If iam_certificate_id is set then you must also specify ssl_support_method
    +
    +
    minimum_protocol_version
    string -
    -     		- -
    The security policy that you want CloudFront to use for HTTPS connections.
    - -     		+ +
    The security policy that you want CloudFront to use for HTTPS connections.
    + +
    +
    ssl_support_method
    string -
    -     		- -
    How CloudFront should serve SSL certificates.
    -
    Valid values are sni-only for SNI, and vip if CloudFront is configured to use a dedicated IP for your content.
    -
    + + + +
    How CloudFront should serve SSL certificates.
    +
    Valid values are sni-only for SNI, and vip if CloudFront is configured to use a dedicated IP for your content.
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether the module waits until the distribution has completed processing the creation or update.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether the module waits until the distribution has completed processing the creation or update.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    1800
    -     		-
    Specifies the duration in seconds to wait for a timeout of a cloudfront create or update.
    -     		+ Default:
    1800
    +     		+
    Specifies the duration in seconds to wait for a timeout of a cloudfront create or update.
    +
    +
    web_acl_id
    string -
    -     		- -
    The ID of a Web Application Firewall (WAF) Access Control List (ACL).
    -
    + + + + + +
    The ID of a Web Application Firewall (WAF) Access Control List (ACL).
    + + +
    @@ -2134,7 +2153,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -2145,7 +2164,6 @@ Examples .. code-block:: yaml+jinja - - name: create a basic distribution with defaults and tags community.aws.cloudfront_distribution: state: present @@ -2238,7 +2256,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -2251,2437 +2268,2437 @@ Common return values are documented `here Returned Description - - + +
    active_trusted_signers
    complex -
    - + + always -
    Key pair IDs that CloudFront is aware of for each trusted signer.
    -
    - +
    Key pair IDs that CloudFront is aware of for each trusted signer.
    +
    + - -   - + +   +
    enabled
    boolean -
    - + + always -
    Whether trusted signers are in use.
    -
    - +
    Whether trusted signers are in use.
    +
    + - -   - + +   +
    items
    list -
    - + + when there are trusted signers -
    Number of trusted signers.
    -
    -
    Sample:
    -
    ['key_pair_id']
    - +
    Number of trusted signers.
    +
    +
    Sample:
    +
    ['key_pair_id']
    + - -   - + +   +
    quantity
    integer -
    - + + always -
    Number of trusted signers.
    -
    -
    Sample:
    -
    1
    - +
    Number of trusted signers.
    +
    +
    Sample:
    +
    1
    + - - - + + +
    aliases
    complex -
    - + + always -
    Aliases that refer to the distribution.
    -
    - +
    Aliases that refer to the distribution.
    +
    + - -   - + +   +
    items
    list -
    - + + always -
    List of aliases.
    -
    -
    Sample:
    -
    ['test.example.com']
    - +
    List of aliases.
    +
    +
    Sample:
    +
    ['test.example.com']
    + - -   - + +   +
    quantity
    integer -
    - + + always -
    Number of aliases.
    -
    -
    Sample:
    -
    1
    - +
    Number of aliases.
    +
    +
    Sample:
    +
    1
    + - - - + + +
    arn
    string -
    - + + always -
    Amazon Resource Name of the distribution.
    -
    -
    Sample:
    -
    arn:aws:cloudfront::123456789012:distribution/E1234ABCDEFGHI
    - +
    Amazon Resource Name of the distribution.
    +
    +
    Sample:
    +
    arn:aws:cloudfront::123456789012:distribution/E1234ABCDEFGHI
    + - - + +
    cache_behaviors
    complex -
    - + + always -
    CloudFront cache behaviors.
    -
    - +
    CloudFront cache behaviors.
    +
    + - -   - + +   +
    items
    complex -
    - + + always -
    List of cache behaviors.
    -
    - +
    List of cache behaviors.
    +
    + - -   -   - + +   +   +
    allowed_methods
    complex -
    - + + always -
    Methods allowed by the cache behavior.
    -
    - +
    Methods allowed by the cache behavior.
    +
    + - -   -   -   - + +   +   +   +
    cached_methods
    complex -
    - + + always -
    Methods cached by the cache behavior.
    -
    - +
    Methods cached by the cache behavior.
    +
    + - -   -   -   -   - + +   +   +   +   +
    items
    list -
    - + + always -
    List of cached methods.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    - +
    List of cached methods.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    + - -   -   -   -   - + +   +   +   +   +
    quantity
    integer -
    - + + always -
    Count of cached methods.
    -
    -
    Sample:
    -
    2
    - +
    Count of cached methods.
    +
    +
    Sample:
    +
    2
    + - - -   -   -   - + + +   +   +   +
    items
    list -
    - + + always -
    List of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    - +
    List of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    2
    - +
    Count of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    2
    + - - -   -   - + + +   +   +
    compress
    boolean -
    - + + always -
    Whether compression is turned on for the cache behavior.
    -
    - +
    Whether compression is turned on for the cache behavior.
    +
    + - -   -   - + +   +   +
    default_ttl
    integer -
    - + + always -
    Default Time to Live of the cache behavior.
    -
    -
    Sample:
    -
    86400
    - +
    Default Time to Live of the cache behavior.
    +
    +
    Sample:
    +
    86400
    + - -   -   - + +   +   +
    forwarded_values
    complex -
    - + + always -
    Values forwarded to the origin for this cache behavior.
    -
    - +
    Values forwarded to the origin for this cache behavior.
    +
    + - -   -   -   - + +   +   +   +
    cookies
    complex -
    - + + always -
    Cookies to forward to the origin.
    -
    - +
    Cookies to forward to the origin.
    +
    + - -   -   -   -   - + +   +   +   +   +
    forward
    string -
    - + + always -
    Which cookies to forward to the origin for this cache behavior.
    -
    -
    Sample:
    -
    none
    - +
    Which cookies to forward to the origin for this cache behavior.
    +
    +
    Sample:
    +
    none
    + - -   -   -   -   - + +   +   +   +   +
    whitelisted_names
    complex -
    - + + when forward=whitelist -
    The names of the cookies to forward to the origin for this cache behavior.
    -
    - +
    The names of the cookies to forward to the origin for this cache behavior.
    +
    + - -   -   -   -   -   - + +   +   +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of cookies to forward.
    -
    -
    Sample:
    -
    my_cookie
    - +
    List of cookies to forward.
    +
    +
    Sample:
    +
    my_cookie
    + - -   -   -   -   -   - + +   +   +   +   +   +
    quantity
    integer -
    - + + always -
    Count of cookies to forward.
    -
    -
    Sample:
    -
    1
    - +
    Count of cookies to forward.
    +
    +
    Sample:
    +
    1
    + - - - -   -   -   - + + + +   +   +   +
    headers
    complex -
    - + + always -
    Which headers are used to vary on cache retrievals.
    -
    - +
    Which headers are used to vary on cache retrievals.
    +
    + - -   -   -   -   - + +   +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of headers to vary on.
    -
    -
    Sample:
    -
    ['Host']
    - +
    List of headers to vary on.
    +
    +
    Sample:
    +
    ['Host']
    + - -   -   -   -   - + +   +   +   +   +
    quantity
    integer -
    - + + always -
    Count of headers to vary on.
    -
    -
    Sample:
    -
    1
    - +
    Count of headers to vary on.
    +
    +
    Sample:
    +
    1
    + - - -   -   -   - + + +   +   +   +
    query_string
    boolean -
    - + + always -
    Whether the query string is used in cache lookups.
    -
    - +
    Whether the query string is used in cache lookups.
    +
    + - -   -   -   - + +   +   +   +
    query_string_cache_keys
    complex -
    - + + always -
    Which query string keys to use in cache lookups.
    -
    - +
    Which query string keys to use in cache lookups.
    +
    + - -   -   -   -   - + +   +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of query string cache keys to use in cache lookups.
    -
    - +
    List of query string cache keys to use in cache lookups.
    +
    + - -   -   -   -   - + +   +   +   +   +
    quantity
    integer -
    - + + always -
    Count of query string cache keys to use in cache lookups.
    -
    -
    Sample:
    -
    1
    - +
    Count of query string cache keys to use in cache lookups.
    +
    +
    Sample:
    +
    1
    + - - - -   -   - + + + +   +   +
    lambda_function_associations
    complex -
    - + + always -
    Lambda function associations for a cache behavior.
    -
    - +
    Lambda function associations for a cache behavior.
    +
    + - -   -   -   - + +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of lambda function associations.
    -
    -
    Sample:
    -
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    - +
    List of lambda function associations.
    +
    +
    Sample:
    +
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of lambda function associations.
    -
    -
    Sample:
    -
    1
    - +
    Count of lambda function associations.
    +
    +
    Sample:
    +
    1
    + - - -   -   - + + +   +   +
    max_ttl
    integer -
    - + + always -
    Maximum Time to Live.
    -
    -
    Sample:
    -
    31536000
    - +
    Maximum Time to Live.
    +
    +
    Sample:
    +
    31536000
    + - -   -   - + +   +   +
    min_ttl
    integer -
    - + + always -
    Minimum Time to Live.
    -
    - +
    Minimum Time to Live.
    +
    + - -   -   - + +   +   +
    path_pattern
    string -
    - + + always -
    Path pattern that determines this cache behavior.
    -
    -
    Sample:
    -
    /path/to/files/*
    - +
    Path pattern that determines this cache behavior.
    +
    +
    Sample:
    +
    /path/to/files/*
    + - -   -   - + +   +   +
    smooth_streaming
    boolean -
    - + + always -
    Whether smooth streaming is enabled.
    -
    - +
    Whether smooth streaming is enabled.
    +
    + - -   -   - + +   +   +
    target_origin_id
    string -
    - + + always -
    ID of origin reference by this cache behavior.
    -
    -
    Sample:
    -
    origin_abcd
    - +
    ID of origin reference by this cache behavior.
    +
    +
    Sample:
    +
    origin_abcd
    + - -   -   - + +   +   +
    trusted_signers
    complex -
    - + + always -
    Trusted signers.
    -
    - +
    Trusted signers.
    +
    + - -   -   -   - + +   +   +   +
    enabled
    boolean -
    - + + always -
    Whether trusted signers are enabled for this cache behavior.
    -
    - +
    Whether trusted signers are enabled for this cache behavior.
    +
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of trusted signers.
    -
    -
    Sample:
    -
    1
    - +
    Count of trusted signers.
    +
    +
    Sample:
    +
    1
    + - - -   -   - + + +   +   +
    viewer_protocol_policy
    string -
    - + + always -
    Policy of how to handle http/https.
    -
    -
    Sample:
    -
    redirect-to-https
    - +
    Policy of how to handle http/https.
    +
    +
    Sample:
    +
    redirect-to-https
    + - - -   - + + +   +
    quantity
    integer -
    - + + always -
    Count of cache behaviors.
    -
    -
    Sample:
    -
    1
    - +
    Count of cache behaviors.
    +
    +
    Sample:
    +
    1
    + - - - + + +
    caller_reference
    string -
    - + + always -
    Idempotency reference given when creating CloudFront distribution.
    -
    -
    Sample:
    -
    1484796016700
    - +
    Idempotency reference given when creating CloudFront distribution.
    +
    +
    Sample:
    +
    1484796016700
    + - - + +
    comment
    string -
    - + + always -
    Any comments you want to include about the distribution.
    -
    -
    Sample:
    -
    my first CloudFront distribution
    - +
    Any comments you want to include about the distribution.
    +
    +
    Sample:
    +
    my first CloudFront distribution
    + - - + +
    custom_error_responses
    complex -
    - + + always -
    Custom error responses to use for error handling.
    -
    - +
    Custom error responses to use for error handling.
    +
    + - -   - + +   +
    items
    complex -
    - + + always -
    List of custom error responses.
    -
    - +
    List of custom error responses.
    +
    + - -   -   - + +   +   +
    error_caching_min_ttl
    integer -
    - + + always -
    Minimum time to cache this error response.
    -
    -
    Sample:
    -
    300
    - +
    Minimum time to cache this error response.
    +
    +
    Sample:
    +
    300
    + - -   -   - + +   +   +
    error_code
    integer -
    - + + always -
    Origin response code that triggers this error response.
    -
    -
    Sample:
    -
    500
    - +
    Origin response code that triggers this error response.
    +
    +
    Sample:
    +
    500
    + - -   -   - + +   +   +
    response_code
    string -
    - + + always -
    Response code to return to the requester.
    -
    -
    Sample:
    -
    500
    - +
    Response code to return to the requester.
    +
    +
    Sample:
    +
    500
    + - -   -   - + +   +   +
    response_page_path
    string -
    - + + always -
    Path that contains the error page to display.
    -
    -
    Sample:
    -
    /errors/5xx.html
    - +
    Path that contains the error page to display.
    +
    +
    Sample:
    +
    /errors/5xx.html
    + - - -   - + + +   +
    quantity
    integer -
    - + + always -
    Count of custom error response items
    -
    -
    Sample:
    -
    1
    - +
    Count of custom error response items
    +
    +
    Sample:
    +
    1
    + - - - + + +
    default_cache_behavior
    complex -
    - + + always -
    Default cache behavior.
    -
    - +
    Default cache behavior.
    +
    + - -   - + +   +
    allowed_methods
    complex -
    - + + always -
    Methods allowed by the cache behavior.
    -
    - +
    Methods allowed by the cache behavior.
    +
    + - -   -   - + +   +   +
    cached_methods
    complex -
    - + + always -
    Methods cached by the cache behavior.
    -
    - +
    Methods cached by the cache behavior.
    +
    + - -   -   -   - + +   +   +   +
    items
    list -
    - + + always -
    List of cached methods.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    - +
    List of cached methods.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of cached methods.
    -
    -
    Sample:
    -
    2
    - +
    Count of cached methods.
    +
    +
    Sample:
    +
    2
    + - - -   -   - + + +   +   +
    items
    list -
    - + + always -
    List of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    ['HEAD', 'GET']
    - +
    List of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    ['HEAD', 'GET']
    + - -   -   - + +   +   +
    quantity
    integer -
    - + + always -
    Count of methods allowed by the cache behavior.
    -
    -
    Sample:
    -
    2
    - +
    Count of methods allowed by the cache behavior.
    +
    +
    Sample:
    +
    2
    + - - -   - + + +   +
    compress
    boolean -
    - + + always -
    Whether compression is turned on for the cache behavior.
    -
    - +
    Whether compression is turned on for the cache behavior.
    +
    + - -   - + +   +
    default_ttl
    integer -
    - + + always -
    Default Time to Live of the cache behavior.
    -
    -
    Sample:
    -
    86400
    - +
    Default Time to Live of the cache behavior.
    +
    +
    Sample:
    +
    86400
    + - -   - + +   +
    forwarded_values
    complex -
    - + + always -
    Values forwarded to the origin for this cache behavior.
    -
    - +
    Values forwarded to the origin for this cache behavior.
    +
    + - -   -   - + +   +   +
    cookies
    complex -
    - + + always -
    Cookies to forward to the origin.
    -
    - +
    Cookies to forward to the origin.
    +
    + - -   -   -   - + +   +   +   +
    forward
    string -
    - + + always -
    Which cookies to forward to the origin for this cache behavior.
    -
    -
    Sample:
    -
    none
    - +
    Which cookies to forward to the origin for this cache behavior.
    +
    +
    Sample:
    +
    none
    + - -   -   -   - + +   +   +   +
    whitelisted_names
    complex -
    - + + when forward=whitelist -
    The names of the cookies to forward to the origin for this cache behavior.
    -
    - +
    The names of the cookies to forward to the origin for this cache behavior.
    +
    + - -   -   -   -   - + +   +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of cookies to forward.
    -
    -
    Sample:
    -
    my_cookie
    - +
    List of cookies to forward.
    +
    +
    Sample:
    +
    my_cookie
    + - -   -   -   -   - + +   +   +   +   +
    quantity
    integer -
    - + + always -
    Count of cookies to forward.
    -
    -
    Sample:
    -
    1
    - +
    Count of cookies to forward.
    +
    +
    Sample:
    +
    1
    + - - - -   -   - + + + +   +   +
    headers
    complex -
    - + + always -
    Which headers are used to vary on cache retrievals.
    -
    - +
    Which headers are used to vary on cache retrievals.
    +
    + - -   -   -   - + +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of headers to vary on.
    -
    -
    Sample:
    -
    ['Host']
    - +
    List of headers to vary on.
    +
    +
    Sample:
    +
    ['Host']
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of headers to vary on.
    -
    -
    Sample:
    -
    1
    - +
    Count of headers to vary on.
    +
    +
    Sample:
    +
    1
    + - - -   -   - + + +   +   +
    query_string
    boolean -
    - + + always -
    Whether the query string is used in cache lookups.
    -
    - +
    Whether the query string is used in cache lookups.
    +
    + - -   -   - + +   +   +
    query_string_cache_keys
    complex -
    - + + always -
    Which query string keys to use in cache lookups.
    -
    - +
    Which query string keys to use in cache lookups.
    +
    + - -   -   -   - + +   +   +   +
    items
    list -
    - + + when list is not empty -
    List of query string cache keys to use in cache lookups.
    -
    - +
    List of query string cache keys to use in cache lookups.
    +
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of query string cache keys to use in cache lookups.
    -
    -
    Sample:
    -
    1
    - +
    Count of query string cache keys to use in cache lookups.
    +
    +
    Sample:
    +
    1
    + - - - -   - + + + +   +
    lambda_function_associations
    complex -
    - + + always -
    Lambda function associations for a cache behavior.
    -
    - +
    Lambda function associations for a cache behavior.
    +
    + - -   -   - + +   +   +
    items
    list -
    - + + when list is not empty -
    List of lambda function associations.
    -
    -
    Sample:
    -
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    - +
    List of lambda function associations.
    +
    +
    Sample:
    +
    [{'lambda_function_arn': 'arn:aws:lambda:123456789012:us-east-1/lambda/lambda-function', 'event_type': 'viewer-response'}]
    + - -   -   - + +   +   +
    quantity
    integer -
    - + + always -
    Count of lambda function associations.
    -
    -
    Sample:
    -
    1
    - +
    Count of lambda function associations.
    +
    +
    Sample:
    +
    1
    + - - -   - + + +   +
    max_ttl
    integer -
    - + + always -
    Maximum Time to Live.
    -
    -
    Sample:
    -
    31536000
    - +
    Maximum Time to Live.
    +
    +
    Sample:
    +
    31536000
    + - -   - + +   +
    min_ttl
    integer -
    - + + always -
    Minimum Time to Live.
    -
    - +
    Minimum Time to Live.
    +
    + - -   - + +   +
    path_pattern
    string -
    - + + always -
    Path pattern that determines this cache behavior.
    -
    -
    Sample:
    -
    /path/to/files/*
    - +
    Path pattern that determines this cache behavior.
    +
    +
    Sample:
    +
    /path/to/files/*
    + - -   - + +   +
    smooth_streaming
    boolean -
    - + + always -
    Whether smooth streaming is enabled.
    -
    - +
    Whether smooth streaming is enabled.
    +
    + - -   - + +   +
    target_origin_id
    string -
    - + + always -
    ID of origin reference by this cache behavior.
    -
    -
    Sample:
    -
    origin_abcd
    - +
    ID of origin reference by this cache behavior.
    +
    +
    Sample:
    +
    origin_abcd
    + - -   - + +   +
    trusted_signers
    complex -
    - + + always -
    Trusted signers.
    -
    - +
    Trusted signers.
    +
    + - -   -   - + +   +   +
    enabled
    boolean -
    - + + always -
    Whether trusted signers are enabled for this cache behavior.
    -
    - +
    Whether trusted signers are enabled for this cache behavior.
    +
    + - -   -   - + +   +   +
    quantity
    integer -
    - + + always -
    Count of trusted signers.
    -
    -
    Sample:
    -
    1
    - +
    Count of trusted signers.
    +
    +
    Sample:
    +
    1
    + - - -   - + + +   +
    viewer_protocol_policy
    string -
    - + + always -
    Policy of how to handle http/https.
    -
    -
    Sample:
    -
    redirect-to-https
    - +
    Policy of how to handle http/https.
    +
    +
    Sample:
    +
    redirect-to-https
    + - - - + + +
    default_root_object
    string -
    - + + always -
    The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution.
    -
    - +
    The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution.
    +
    + - - + +
    diff
    dictionary -
    - + + always -
    Difference between previous configuration and new configuration.
    -
    - +
    Difference between previous configuration and new configuration.
    +
    + - - + +
    domain_name
    string -
    - + + always -
    Domain name of CloudFront distribution.
    -
    -
    Sample:
    -
    d1vz8pzgurxosf.cloudfront.net
    - +
    Domain name of CloudFront distribution.
    +
    +
    Sample:
    +
    d1vz8pzgurxosf.cloudfront.net
    + - - + +
    enabled
    boolean -
    - + + always -
    Whether the CloudFront distribution is enabled or not.
    -
    -
    Sample:
    -
    True
    - +
    Whether the CloudFront distribution is enabled or not.
    +
    +
    Sample:
    +
    True
    + - - + +
    http_version
    string -
    - + + always -
    Version of HTTP supported by the distribution.
    -
    -
    Sample:
    -
    http2
    - +
    Version of HTTP supported by the distribution.
    +
    +
    Sample:
    +
    http2
    + - - + +
    id
    string -
    - + + always -
    CloudFront distribution ID.
    -
    -
    Sample:
    -
    E123456ABCDEFG
    - +
    CloudFront distribution ID.
    +
    +
    Sample:
    +
    E123456ABCDEFG
    + - - + +
    in_progress_invalidation_batches
    integer -
    - + + always -
    The number of invalidation batches currently in progress.
    -
    - +
    The number of invalidation batches currently in progress.
    +
    + - - + +
    is_ipv6_enabled
    boolean -
    - + + always -
    Whether IPv6 is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Whether IPv6 is enabled.
    +
    +
    Sample:
    +
    True
    + - - + +
    last_modified_time
    string -
    - + + always -
    Date and time distribution was last modified.
    -
    -
    Sample:
    -
    2017-10-13T01:51:12.656000+00:00
    - +
    Date and time distribution was last modified.
    +
    +
    Sample:
    +
    2017-10-13T01:51:12.656000+00:00
    + - - + +
    logging
    complex -
    - + + always -
    Logging information.
    -
    - +
    Logging information.
    +
    + - -   - + +   +
    bucket
    string -
    - + + always -
    S3 bucket logging destination.
    -
    -
    Sample:
    -
    logs-example-com.s3.amazonaws.com
    - +
    S3 bucket logging destination.
    +
    +
    Sample:
    +
    logs-example-com.s3.amazonaws.com
    + - -   - + +   +
    enabled
    boolean -
    - + + always -
    Whether logging is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Whether logging is enabled.
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    include_cookies
    boolean -
    - + + always -
    Whether to log cookies.
    -
    - +
    Whether to log cookies.
    +
    + - -   - + +   +
    prefix
    string -
    - + + always -
    Prefix added to logging object names.
    -
    -
    Sample:
    -
    cloudfront/test
    - +
    Prefix added to logging object names.
    +
    +
    Sample:
    +
    cloudfront/test
    + - - - + + +
    origins
    complex -
    - + + always -
    Origins in the CloudFront distribution.
    -
    - +
    Origins in the CloudFront distribution.
    +
    + - -   - + +   +
    items
    complex -
    - + + always -
    List of origins.
    -
    - +
    List of origins.
    +
    + - -   -   - + +   +   +
    custom_headers
    complex -
    - + + always -
    Custom headers passed to the origin.
    -
    - +
    Custom headers passed to the origin.
    +
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    Count of headers.
    -
    -
    Sample:
    -
    1
    - +
    Count of headers.
    +
    +
    Sample:
    +
    1
    + - - -   -   - + + +   +   +
    custom_origin_config
    complex -
    - + + always -
    Configuration of the origin.
    -
    - +
    Configuration of the origin.
    +
    + - -   -   -   - + +   +   +   +
    http_port
    integer -
    - + + always -
    Port on which HTTP is listening.
    -
    -
    Sample:
    -
    80
    - +
    Port on which HTTP is listening.
    +
    +
    Sample:
    +
    80
    + - -   -   -   - + +   +   +   +
    https_port
    integer -
    - + + always -
    Port on which HTTPS is listening.
    -
    -
    Sample:
    -
    443
    - +
    Port on which HTTPS is listening.
    +
    +
    Sample:
    +
    443
    + - -   -   -   - + +   +   +   +
    origin_keepalive_timeout
    integer -
    - + + always -
    Keep-alive timeout.
    -
    -
    Sample:
    -
    5
    - +
    Keep-alive timeout.
    +
    +
    Sample:
    +
    5
    + - -   -   -   - + +   +   +   +
    origin_protocol_policy
    string -
    - + + always -
    Policy of which protocols are supported.
    -
    -
    Sample:
    -
    https-only
    - +
    Policy of which protocols are supported.
    +
    +
    Sample:
    +
    https-only
    + - -   -   -   - + +   +   +   +
    origin_read_timeout
    integer -
    - + + always -
    Timeout for reads to the origin.
    -
    -
    Sample:
    -
    30
    - +
    Timeout for reads to the origin.
    +
    +
    Sample:
    +
    30
    + - -   -   -   - + +   +   +   +
    origin_ssl_protocols
    complex -
    - + + always -
    SSL protocols allowed by the origin.
    -
    - +
    SSL protocols allowed by the origin.
    +
    + - -   -   -   -   - + +   +   +   +   +
    items
    list -
    - + + always -
    List of SSL protocols.
    -
    -
    Sample:
    -
    ['TLSv1', 'TLSv1.1', 'TLSv1.2']
    - +
    List of SSL protocols.
    +
    +
    Sample:
    +
    ['TLSv1', 'TLSv1.1', 'TLSv1.2']
    + - -   -   -   -   - + +   +   +   +   +
    quantity
    integer -
    - + + always -
    Count of SSL protocols.
    -
    -
    Sample:
    -
    3
    - +
    Count of SSL protocols.
    +
    +
    Sample:
    +
    3
    + - - - -   -   - + + + +   +   +
    domain_name
    string -
    - + + always -
    Domain name of the origin.
    -
    -
    Sample:
    -
    test-origin.example.com
    - +
    Domain name of the origin.
    +
    +
    Sample:
    +
    test-origin.example.com
    + - -   -   - + +   +   +
    id
    string -
    - + + always -
    ID of the origin.
    -
    -
    Sample:
    -
    test-origin.example.com
    - +
    ID of the origin.
    +
    +
    Sample:
    +
    test-origin.example.com
    + - -   -   - + +   +   +
    origin_path
    string -
    - + + always -
    Subdirectory to prefix the request from the S3 or HTTP origin.
    -
    - +
    Subdirectory to prefix the request from the S3 or HTTP origin.
    +
    + - - -   - + + +   +
    quantity
    integer -
    - + + always -
    Count of origins.
    -
    -
    Sample:
    -
    1
    - +
    Count of origins.
    +
    +
    Sample:
    +
    1
    + - - - + + +
    price_class
    string -
    - + + always -
    Price class of CloudFront distribution.
    -
    -
    Sample:
    -
    PriceClass_All
    - +
    Price class of CloudFront distribution.
    +
    +
    Sample:
    +
    PriceClass_All
    + - - + +
    restrictions
    complex -
    - + + always -
    Restrictions in use by CloudFront.
    -
    - +
    Restrictions in use by CloudFront.
    +
    + - -   - + +   +
    geo_restriction
    complex -
    - + + always -
    Controls the countries in which your content is distributed.
    -
    - +
    Controls the countries in which your content is distributed.
    +
    + - -   -   - + +   +   +
    items
    list -
    - + + always -
    List of country codes allowed or disallowed.
    -
    -
    Sample:
    -
    xy
    - +
    List of country codes allowed or disallowed.
    +
    +
    Sample:
    +
    xy
    + - -   -   - + +   +   +
    quantity
    integer -
    - + + always -
    Count of restrictions.
    -
    -
    Sample:
    -
    1
    - +
    Count of restrictions.
    +
    +
    Sample:
    +
    1
    + - -   -   - + +   +   +
    restriction_type
    string -
    - + + always -
    Type of restriction.
    -
    -
    Sample:
    -
    blacklist
    - +
    Type of restriction.
    +
    +
    Sample:
    +
    blacklist
    + - - - - + + + +
    status
    string -
    - + + always -
    Status of the CloudFront distribution.
    -
    -
    Sample:
    -
    InProgress
    - +
    Status of the CloudFront distribution.
    +
    +
    Sample:
    +
    InProgress
    + - - + +
    tags
    dictionary -
    - + + always -
    Distribution tags.
    -
    -
    Sample:
    -
    {'Hello': 'World'}
    - +
    Distribution tags.
    +
    +
    Sample:
    +
    {'Hello': 'World'}
    + - - + +
    viewer_certificate
    complex -
    - + + always -
    Certificate used by CloudFront distribution.
    -
    - +
    Certificate used by CloudFront distribution.
    +
    + - -   - + +   +
    acm_certificate_arn
    string -
    - + + when certificate comes from ACM -
    ARN of ACM certificate.
    -
    -
    Sample:
    -
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    - +
    ARN of ACM certificate.
    +
    +
    Sample:
    +
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    + - -   - + +   +
    certificate
    string -
    - + + always -
    Reference to certificate.
    -
    -
    Sample:
    -
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    - +
    Reference to certificate.
    +
    +
    Sample:
    +
    arn:aws:acm:us-east-1:123456789012:certificate/abcd1234-1234-1234-abcd-123456abcdef
    + - -   - + +   +
    certificate_source
    string -
    - + + always -
    Where certificate comes from.
    -
    -
    Sample:
    -
    acm
    - +
    Where certificate comes from.
    +
    +
    Sample:
    +
    acm
    + - -   - + +   +
    minimum_protocol_version
    string -
    - + + always -
    Minimum SSL/TLS protocol supported by this distribution.
    -
    -
    Sample:
    -
    TLSv1
    - +
    Minimum SSL/TLS protocol supported by this distribution.
    +
    +
    Sample:
    +
    TLSv1
    + - -   - + +   +
    ssl_support_method
    string -
    - + + always -
    Support for pre-SNI browsers or not.
    -
    -
    Sample:
    -
    sni-only
    - +
    Support for pre-SNI browsers or not.
    +
    +
    Sample:
    +
    sni-only
    + - - - + + +
    web_acl_id
    string -
    - + + always -
    ID of Web Access Control List (from WAF service).
    -
    -
    Sample:
    -
    abcd1234-1234-abcd-abcd-abcd12345678
    - +
    ID of Web Access Control List (from WAF service).
    +
    +
    Sample:
    +
    abcd1234-1234-abcd-abcd-abcd12345678
    + - +

    @@ -4694,5 +4711,3 @@ Authors - Willem van Ketwich (@wilvk) - Will Thames (@willthames) - - diff --git a/docs/community.aws.cloudfront_info_module.rst b/docs/community.aws.cloudfront_info_module.rst index 755189220fe..4e9509dd0c3 100644 --- a/docs/community.aws.cloudfront_info_module.rst +++ b/docs/community.aws.cloudfront_info_module.rst @@ -37,499 +37,518 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    all_lists
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get all CloudFront lists that do not require parameters.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get all CloudFront lists that do not require parameters.
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    distribution
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about a distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about a distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    distribution_config
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get the configuration information about a distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get the configuration information about a distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    distribution_id
    string -
    -     		- -
    The id of the CloudFront distribution. Used with distribution, distribution_config, invalidation, streaming_distribution, streaming_distribution_config, list_invalidations.
    -
    + + + +
    The id of the CloudFront distribution. Used with distribution, distribution_config, invalidation, streaming_distribution, streaming_distribution_config, list_invalidations.
    +
    domain_name_alias
    string -
    -     		- -
    Can be used instead of distribution_id - uses the aliased CNAME for the CloudFront distribution to get the distribution id where required.
    -
    + + + +
    Can be used instead of distribution_id - uses the aliased CNAME for the CloudFront distribution to get the distribution id where required.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    invalidation
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about an invalidation.
    -
    Requires invalidation_id to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about an invalidation.
    +
    Requires invalidation_id to be specified.
    +
    invalidation_id
    string -
    -     		- -
    The id of the invalidation to get information about.
    -
    Used with invalidation.
    -
    + + + +
    The id of the invalidation to get information about.
    +
    Used with invalidation.
    +
    list_distributions
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of CloudFront distributions.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of CloudFront distributions.
    +
    list_distributions_by_web_acl_id
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of distributions using web acl id as a filter.
    -
    Requires web_acl_id to be set.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of distributions using web acl id as a filter.
    +
    Requires web_acl_id to be set.
    +
    list_invalidations
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of invalidations.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of invalidations.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    list_origin_access_identities
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of CloudFront origin access identities.
    -
    Requires origin_access_identity_id to be set.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of CloudFront origin access identities.
    +
    Requires origin_access_identity_id to be set.
    +
    list_streaming_distributions
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get a list of streaming distributions.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get a list of streaming distributions.
    +
    origin_access_identity
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about an origin access identity.
    -
    Requires origin_access_identity_id to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about an origin access identity.
    +
    Requires origin_access_identity_id to be specified.
    +
    origin_access_identity_config
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get the configuration information about an origin access identity.
    -
    Requires origin_access_identity_id to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get the configuration information about an origin access identity.
    +
    Requires origin_access_identity_id to be specified.
    +
    origin_access_identity_id
    string -
    -     		- -
    The id of the CloudFront origin access identity to get information about.
    -
    + + + +
    The id of the CloudFront origin access identity to get information about.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    streaming_distribution
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get information about a specified RTMP distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get information about a specified RTMP distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    streaming_distribution_config
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Get the configuration information about a specified RTMP distribution.
    -
    Requires distribution_id or domain_name_alias to be specified.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Get the configuration information about a specified RTMP distribution.
    +
    Requires distribution_id or domain_name_alias to be specified.
    +
    summary
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Returns a summary of all distributions, streaming distributions and origin_access_identities.
    -
    This is the default behaviour if no option is selected.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Returns a summary of all distributions, streaming distributions and origin_access_identities.
    +
    This is the default behaviour if no option is selected.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -537,7 +556,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -548,7 +567,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Get a summary of distributions @@ -561,7 +579,7 @@ Examples distribution: true distribution_id: my-cloudfront-distribution-id register: result_did - - debug: + - ansible.builtin.debug: msg: "{{ result_did['cloudfront']['my-cloudfront-distribution-id'] }}" - name: Get information about a distribution using the CNAME of the cloudfront distribution. @@ -569,7 +587,7 @@ Examples distribution: true domain_name_alias: www.my-website.com register: result_website - - debug: + - ansible.builtin.debug: msg: "{{ result_website['cloudfront']['www.my-website.com'] }}" # When the module is called as cloudfront_facts, return values are published @@ -579,13 +597,13 @@ Examples community.aws.cloudfront_facts: distribution: true distribution_id: my-cloudfront-distribution-id - - debug: + - ansible.builtin.debug: msg: "{{ ansible_facts['cloudfront']['my-cloudfront-distribution-id'] }}" - community.aws.cloudfront_facts: distribution: true domain_name_alias: www.my-website.com - - debug: + - ansible.builtin.debug: msg: "{{ ansible_facts['cloudfront']['www.my-website.com'] }}" - name: Get all information about an invalidation for a distribution. @@ -610,7 +628,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -623,142 +640,142 @@ Common return values are documented `here Returned Description - - + +
    distribution
    dictionary -
    - + + only if distribution is true -
    Facts about a CloudFront distribution. Requires distribution_id or domain_name_alias to be specified. Requires origin_access_identity_id to be set.
    -
    - +
    Facts about a CloudFront distribution. Requires distribution_id or domain_name_alias to be specified. Requires origin_access_identity_id to be set.
    +
    + - - + +
    distribution_config
    dictionary -
    - + + only if distribution_config is true -
    Facts about a CloudFront distribution's config. Requires distribution_id or domain_name_alias to be specified.
    -
    - +
    Facts about a CloudFront distribution's config. Requires distribution_id or domain_name_alias to be specified.
    +
    + - - + +
    invalidation
    dictionary -
    - + + only if invalidation is true -
    Describes the invalidation information for the distribution. Requires invalidation_id to be specified and either distribution_id or domain_name_alias.
    -
    - +
    Describes the invalidation information for the distribution. Requires invalidation_id to be specified and either distribution_id or domain_name_alias.
    +
    + - - + +
    origin_access_identity
    dictionary -
    - + + only if origin_access_identity is true -
    Describes the origin access identity information. Requires origin_access_identity_id to be set.
    -
    - +
    Describes the origin access identity information. Requires origin_access_identity_id to be set.
    +
    + - - + +
    origin_access_identity_configuration
    dictionary -
    - + + only if origin_access_identity_configuration is true -
    Describes the origin access identity information configuration information. Requires origin_access_identity_id to be set.
    -
    - +
    Describes the origin access identity information configuration information. Requires origin_access_identity_id to be set.
    +
    + - - + +
    result
    dictionary -
    - + + always -
    Result dict not nested under the CloudFront ID to access results of module without the knowledge of that id as figuring out the DistributionId is usually the reason one uses this module in the first place.
    -
    - +
    Result dict not nested under the CloudFront ID to access results of module without the knowledge of that id as figuring out the DistributionId is usually the reason one uses this module in the first place.
    +
    + - - + +
    streaming_distribution
    dictionary -
    - + + only if streaming_distribution is true -
    Describes the streaming information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    -
    - +
    Describes the streaming information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    +
    + - - + +
    streaming_distribution_config
    dictionary -
    - + + only if streaming_distribution_config is true -
    Describes the streaming configuration information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    -
    - +
    Describes the streaming configuration information for the distribution. Requires distribution_id or domain_name_alias to be specified.
    +
    + - - + +
    summary
    dictionary -
    - + + as default or if summary is true -
    Gives a summary of distributions, streaming distributions and origin access identities.
    -
    - +
    Gives a summary of distributions, streaming distributions and origin access identities.
    +
    + - +

    @@ -770,5 +787,3 @@ Authors ~~~~~~~ - Willem van Ketwich (@wilvk) - - diff --git a/docs/community.aws.cloudfront_invalidation_module.rst b/docs/community.aws.cloudfront_invalidation_module.rst index 4914417a929..7c64f2e6d18 100644 --- a/docs/community.aws.cloudfront_invalidation_module.rst +++ b/docs/community.aws.cloudfront_invalidation_module.rst @@ -36,223 +36,242 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    alias
    string -
    -     		- -
    The alias of the CloudFront distribution to invalidate paths for. Can be specified instead of distribution_id.
    -     		+ +
    The alias of the CloudFront distribution to invalidate paths for. Can be specified instead of distribution_id.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    caller_reference
    string -
    -     		- Default:
    null
    -     		-
    A unique reference identifier for the invalidation paths.
    -
    Defaults to current datetime stamp.
    -     		+ Default:
    null
    +     		+
    A unique reference identifier for the invalidation paths.
    +
    Defaults to current datetime stamp.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    distribution_id
    string -
    -     		- -
    The ID of the CloudFront distribution to invalidate paths for. Can be specified instead of the alias.
    -     		+ +
    The ID of the CloudFront distribution to invalidate paths for. Can be specified instead of the alias.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    target_paths
    list - / elements=string / required
    -     		- -
    A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*'
    -     		+ +
    A list of paths on the distribution to invalidate. Each path should begin with '/'. Wildcards are allowed. eg. '/foo/bar/*'
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -261,7 +280,7 @@ Notes .. note:: - does not support check mode - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -272,8 +291,6 @@ Examples .. code-block:: yaml+jinja - - - name: create a batch of invalidations using a distribution_id for a reference community.aws.cloudfront_invalidation: distribution_id: E15BU8SDCGSG57 @@ -294,8 +311,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -308,188 +323,188 @@ Common return values are documented `here Returned Description - - + +
    invalidation
    complex -
    - + + always -
    The invalidation's information.
    -
    - +
    The invalidation's information.
    +
    + - -   - + +   +
    create_time
    string -
    - + + always -
    The date and time the invalidation request was first made.
    -
    -
    Sample:
    -
    2018-02-01T15:50:41.159000+00:00
    - +
    The date and time the invalidation request was first made.
    +
    +
    Sample:
    +
    2018-02-01T15:50:41.159000+00:00
    + - -   - + +   +
    id
    string -
    - + + always -
    The identifier for the invalidation request.
    -
    -
    Sample:
    -
    I2G9MOWJZFV612
    - +
    The identifier for the invalidation request.
    +
    +
    Sample:
    +
    I2G9MOWJZFV612
    + - -   - + +   +
    invalidation_batch
    complex -
    - + + always -
    The current invalidation information for the batch request.
    -
    - +
    The current invalidation information for the batch request.
    +
    + - -   -   - + +   +   +
    caller_reference
    string -
    - + + always -
    The value used to uniquely identify an invalidation request.
    -
    -
    Sample:
    -
    testing 123
    - +
    The value used to uniquely identify an invalidation request.
    +
    +
    Sample:
    +
    testing 123
    + - -   -   - + +   +   +
    paths
    complex -
    - + + always -
    A dict that contains information about the objects that you want to invalidate.
    -
    - +
    A dict that contains information about the objects that you want to invalidate.
    +
    + - -   -   -   - + +   +   +   +
    items
    list -
    - + + always -
    A list of the paths that you want to invalidate.
    -
    -
    Sample:
    -
    ['/testpathtwo/test2.js', '/testpathone/test1.css', '/testpaththree/test3.ss']
    - +
    A list of the paths that you want to invalidate.
    +
    +
    Sample:
    +
    ['/testpathtwo/test2.js', '/testpathone/test1.css', '/testpaththree/test3.ss']
    + - -   -   -   - + +   +   +   +
    quantity
    integer -
    - + + always -
    The number of objects that you want to invalidate.
    -
    -
    Sample:
    -
    3
    - +
    The number of objects that you want to invalidate.
    +
    +
    Sample:
    +
    3
    + - - - -   - + + + +   +
    status
    string -
    - + + always -
    The status of the invalidation request.
    -
    -
    Sample:
    -
    Completed
    - +
    The status of the invalidation request.
    +
    +
    Sample:
    +
    Completed
    + - - - + + +
    location
    string -
    - + + always -
    The fully qualified URI of the distribution and invalidation batch request.
    -
    -
    Sample:
    -
    https://cloudfront.amazonaws.com/2017-03-25/distribution/E1ZID6KZJECZY7/invalidation/I2G9MOWJZFV622
    - +
    The fully qualified URI of the distribution and invalidation batch request.
    +
    +
    Sample:
    +
    https://cloudfront.amazonaws.com/2017-03-25/distribution/E1ZID6KZJECZY7/invalidation/I2G9MOWJZFV622
    + - +

    @@ -501,5 +516,3 @@ Authors ~~~~~~~ - Willem van Ketwich (@wilvk) - - diff --git a/docs/community.aws.cloudfront_origin_access_identity_module.rst b/docs/community.aws.cloudfront_origin_access_identity_module.rst index 505ae05d855..33afee9fb02 100644 --- a/docs/community.aws.cloudfront_origin_access_identity_module.rst +++ b/docs/community.aws.cloudfront_origin_access_identity_module.rst @@ -36,225 +36,244 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    caller_reference
    string -
    -     		- -
    A unique identifier to reference the origin access identity by.
    -     		+ +
    A unique identifier to reference the origin access identity by.
    +
    +
    comment
    string -
    -     		- -
    A comment to describe the CloudFront origin access identity.
    -     		+ +
    A comment to describe the CloudFront origin access identity.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    origin_access_identity_id
    string -
    -     		- -
    The origin_access_identity_id of the CloudFront distribution.
    -     		+ +
    The origin_access_identity_id of the CloudFront distribution.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    If the named resource should exist.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    If the named resource should exist.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -263,7 +282,7 @@ Notes .. note:: - Does not support check mode. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -274,8 +293,6 @@ Examples .. code-block:: yaml+jinja - - - name: create an origin access identity community.aws.cloudfront_origin_access_identity: state: present @@ -296,8 +313,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -310,136 +325,136 @@ Common return values are documented `here Returned Description - - + +
    cloud_front_origin_access_identity
    complex -
    - + + always -
    The origin access identity's information.
    -
    - +
    The origin access identity's information.
    +
    + - -   - + +   +
    cloud_front_origin_access_identity_config
    complex -
    - + + always -
    describes a url specifying the origin access identity.
    -
    - +
    describes a url specifying the origin access identity.
    +
    + - -   -   - + +   +   +
    caller_reference
    string -
    - + + always -
    a caller reference for the oai
    -
    - +
    a caller reference for the oai
    +
    + - -   -   - + +   +   +
    comment
    string -
    - + + always -
    a comment describing the oai
    -
    - +
    a comment describing the oai
    +
    + - - -   - + + +   +
    id
    string -
    - + + always -
    a unique identifier of the oai
    -
    - +
    a unique identifier of the oai
    +
    + - -   - + +   +
    s3_canonical_user_id
    string -
    - + + always -
    the canonical user ID of the user who created the oai
    -
    - +
    the canonical user ID of the user who created the oai
    +
    + - - - + + +
    e_tag
    string -
    - + + always -
    The current version of the origin access identity created.
    -
    - +
    The current version of the origin access identity created.
    +
    + - - + +
    location
    string -
    - + + when initially created -
    The fully qualified URI of the new origin access identity just created.
    -
    - +
    The fully qualified URI of the new origin access identity just created.
    +
    + - +

    @@ -451,5 +466,3 @@ Authors ~~~~~~~ - Willem van Ketwich (@wilvk) - - diff --git a/docs/community.aws.cloudtrail_module.rst b/docs/community.aws.cloudtrail_module.rst index 3d904ff00b2..de5f1f40b07 100644 --- a/docs/community.aws.cloudtrail_module.rst +++ b/docs/community.aws.cloudtrail_module.rst @@ -37,397 +37,416 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cloudwatch_logs_log_group_arn
    string -
    -     		- -
    A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.
    - -
    Required when cloudwatch_logs_role_arn.
    -     		+ +
    A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.
    + +
    Required when cloudwatch_logs_role_arn.
    +
    +
    cloudwatch_logs_role_arn
    string -
    -     		- -
    Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.
    - -
    Required when cloudwatch_logs_log_group_arn.
    -     		+ +
    Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.
    + +
    Required when cloudwatch_logs_log_group_arn.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    enable_log_file_validation
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies whether log file integrity validation is enabled.
    -
    CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.
    -

    aliases: log_file_validation_enabled
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies whether log file integrity validation is enabled.
    +
    CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.
    +

    aliases: log_file_validation_enabled
    +
    +
    enable_logging
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.
    +
    +
    include_global_events
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Record API calls from global services such as IAM and STS.
    -

    aliases: include_global_service_events
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Record API calls from global services such as IAM and STS.
    +

    aliases: include_global_service_events
    +
    +
    is_multi_region_trail
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specify whether the trail belongs only to one region or exists in all regions.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specify whether the trail belongs only to one region or exists in all regions.
    +
    +
    kms_key_id
    string -
    -     		- -
    Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.
    -
    The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
    - -     		+ +
    Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.
    +
    The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
    + +
    +
    name
    string -
    -     		- Default:
    "default"
    -     		-
    Name for the CloudTrail.
    -
    Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
    -     		+ Default:
    "default"
    +     		+
    Name for the CloudTrail.
    +
    Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    s3_bucket_name
    string -
    -     		- -
    An existing S3 bucket where CloudTrail will deliver log files.
    -
    This bucket should exist and have the proper policy.
    - -
    Required when state=present.
    -
    + + + +
    An existing S3 bucket where CloudTrail will deliver log files.
    +
    This bucket should exist and have the proper policy.
    + +
    Required when state=present.
    +
    s3_key_prefix
    string -
    -     		- -
    S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
    -     		+ +
    S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    sns_topic_name
    string -
    -     		- -
    SNS Topic name to send notifications to when a log file is delivered.
    -     		+ +
    SNS Topic name to send notifications to when a log file is delivered.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • enabled
      • -
    • disabled
      • -
    -     		-
    Add or remove CloudTrail configuration.
    -
    The following states have been preserved for backwards compatibility: state=enabled and state=disabled.
    -
    state=enabled is equivalet to state=present.
    -
    state=disabled is equivalet to state=absent.
    -
    + + +
      Choices: +
    • present ←
      • +
    • absent
      • +
    • enabled
      • +
    • disabled
      • +
    +     		+
    Add or remove CloudTrail configuration.
    +
    The following states have been preserved for backwards compatibility: state=enabled and state=disabled.
    +
    state=enabled is equivalet to state=present.
    +
    state=disabled is equivalet to state=absent.
    +
    tags
    dictionary -
    -     		- Default:
    {}
    -     		-
    A hash/dictionary of tags to be applied to the CloudTrail resource.
    -
    Remove completely or specify an empty dictionary to remove all tags.
    -     		+ Default:
    {}
    +     		+
    A hash/dictionary of tags to be applied to the CloudTrail resource.
    +
    Remove completely or specify an empty dictionary to remove all tags.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -435,7 +454,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -446,7 +465,6 @@ Examples .. code-block:: yaml+jinja - - name: create single region cloudtrail community.aws.cloudtrail: state: present @@ -498,7 +516,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -511,328 +528,328 @@ Common return values are documented `here Returned Description - - + +
    exists
    boolean -
    - + + always -
    whether the resource exists
    -
    -
    Sample:
    -
    True
    - - - - +
    whether the resource exists
    +
    +
    Sample:
    +
    True
    + + + +
    trail
    complex -
    - + + always -
    CloudTrail resource details
    -
    -
    Sample:
    -
    hash/dictionary of values
    - +
    CloudTrail resource details
    +
    +
    Sample:
    +
    hash/dictionary of values
    + - -   - + +   +
    cloud_watch_logs_log_group_arn
    string -
    - + + success when present -
    Full ARN of the CloudWatch Logs log group where events are delivered.
    -
    -
    Sample:
    -
    arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*
    - - - -   - +
    Full ARN of the CloudWatch Logs log group where events are delivered.
    +
    +
    Sample:
    +
    arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail/DefaultLogGroup:*
    + + + +   +
    cloud_watch_logs_role_arn
    string -
    - + + success when present -
    Full ARN of the IAM role that CloudTrail assumes to deliver events.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role
    - - - -   - +
    Full ARN of the IAM role that CloudTrail assumes to deliver events.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role
    + + + +   +
    has_custom_event_selectors
    boolean -
    - + + success -
    Whether any custom event selectors are used for this trail.
    -
    - +
    Whether any custom event selectors are used for this trail.
    +
    + - -   - + +   +
    home_region
    string -
    - + + success -
    The home region where the trail was originally created and must be edited.
    -
    -
    Sample:
    -
    us-east-1
    - - - -   - +
    The home region where the trail was originally created and must be edited.
    +
    +
    Sample:
    +
    us-east-1
    + + + +   +
    include_global_service_events
    boolean -
    - + + success -
    Whether global services (IAM, STS) are logged with this trail
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether global services (IAM, STS) are logged with this trail
    +
    +
    Sample:
    +
    True
    + + + +   +
    is_logging
    boolean -
    - + + success -
    Whether logging is turned on or paused for the Trail
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether logging is turned on or paused for the Trail
    +
    +
    Sample:
    +
    True
    + + + +   +
    is_multi_region_trail
    boolean -
    - + + success -
    Whether the trail applies to all regions or just one
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether the trail applies to all regions or just one
    +
    +
    Sample:
    +
    True
    + + + +   +
    kms_key_id
    string -
    - + + success when present -
    Full ARN of the KMS Key used to encrypt log files.
    -
    -
    Sample:
    -
    arn:aws:kms::123456789012:key/12345678-1234-1234-1234-123456789012
    - - - -   - +
    Full ARN of the KMS Key used to encrypt log files.
    +
    +
    Sample:
    +
    arn:aws:kms::123456789012:key/12345678-1234-1234-1234-123456789012
    + + + +   +
    log_file_validation_enabled
    boolean -
    - + + success -
    Whether log file validation is enabled on the trail
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether log file validation is enabled on the trail
    +
    +
    Sample:
    +
    True
    + + + +   +
    name
    string -
    - + + success -
    Name of the CloudTrail resource
    -
    -
    Sample:
    -
    default
    - - - -   - +
    Name of the CloudTrail resource
    +
    +
    Sample:
    +
    default
    + + + +   +
    s3_bucket_name
    string -
    - + + success -
    S3 bucket name where log files are delivered
    -
    -
    Sample:
    -
    myBucket
    - - - -   - +
    S3 bucket name where log files are delivered
    +
    +
    Sample:
    +
    myBucket
    + + + +   +
    s3_key_prefix
    string -
    - + + success when present -
    Key prefix in bucket where log files are delivered (if any)
    -
    -
    Sample:
    -
    myKeyPrefix
    - - - -   - +
    Key prefix in bucket where log files are delivered (if any)
    +
    +
    Sample:
    +
    myKeyPrefix
    + + + +   +
    sns_topic_arn
    string -
    - + + success when present -
    Full ARN of the SNS topic where log delivery notifications are sent.
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-1:123456789012:topic/myTopic
    - - - -   - +
    Full ARN of the SNS topic where log delivery notifications are sent.
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-1:123456789012:topic/myTopic
    + + + +   +
    sns_topic_name
    string -
    - + + success when present -
    The SNS topic name where log delivery notifications are sent.
    -
    -
    Sample:
    -
    myTopic
    - - - -   - +
    The SNS topic name where log delivery notifications are sent.
    +
    +
    Sample:
    +
    myTopic
    + + + +   +
    tags
    dictionary -
    - + + success -
    hash/dictionary of tags applied to this resource
    -
    -
    Sample:
    -
    {'environment': 'dev', 'Name': 'default'}
    - - - -   - +
    hash/dictionary of tags applied to this resource
    +
    +
    Sample:
    +
    {'environment': 'dev', 'Name': 'default'}
    + + + +   +
    trail_arn
    string -
    - + + success -
    Full ARN of the CloudTrail resource
    -
    -
    Sample:
    -
    arn:aws:cloudtrail:us-east-1:123456789012:trail/default
    - +
    Full ARN of the CloudTrail resource
    +
    +
    Sample:
    +
    arn:aws:cloudtrail:us-east-1:123456789012:trail/default
    + - - + +

    @@ -846,5 +863,3 @@ Authors - Ansible Core Team - Ted Timmons (@tedder) - Daniel Shepherd (@shepdelacreme) - - diff --git a/docs/community.aws.cloudwatchevent_rule_module.rst b/docs/community.aws.cloudwatchevent_rule_module.rst index a2916b54e84..7c56bee0820 100644 --- a/docs/community.aws.cloudwatchevent_rule_module.rst +++ b/docs/community.aws.cloudwatchevent_rule_module.rst @@ -36,405 +36,424 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A description of the rule.
    -     		+ +
    A description of the rule.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    event_pattern
    string -
    -     		- -
    A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered.
    -     		+ +
    A string pattern (in valid JSON format) that is used to match against incoming events to determine if the rule should be triggered.
    +
    +
    name
    string - / required
    -     		- -
    The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match [\.\-_A-Za-z0-9]+).
    -     		+ +
    The name of the rule you are creating, updating or deleting. No spaces or special characters allowed (i.e. must match [\.\-_A-Za-z0-9]+).
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role associated with the rule.
    -     		+ +
    The Amazon Resource Name (ARN) of the IAM role associated with the rule.
    +
    +
    schedule_expression
    string -
    -     		- -
    A cron or rate expression that defines the schedule the rule will trigger on. For example, cron(0 20 * * ? *), rate(5 minutes).
    -     		+ +
    A cron or rate expression that defines the schedule the rule will trigger on. For example, cron(0 20 * * ? *), rate(5 minutes).
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • disabled
      • -
    • absent
      • -
    -     		-
    Whether the rule is present (and enabled), disabled, or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • disabled
      • +
    • absent
      • +
    +     		+
    Whether the rule is present (and enabled), disabled, or absent.
    +
    +
    targets
    list - / elements=dictionary
    -     		- -
    A list of targets to add to or update for the rule.
    -     		+ +
    A list of targets to add to or update for the rule.
    +
    +
    arn
    string - / required
    -     		- -
    The ARN associated with the target.
    -     		+ +
    The ARN associated with the target.
    +
    +
    ecs_parameters
    dictionary -
    -     		- -
    Contains the ECS task definition and task count to be used, if the event target is an ECS task.
    -     		+ +
    Contains the ECS task definition and task count to be used, if the event target is an ECS task.
    +
    +
    task_count
    integer -
    -     		- -
    The number of tasks to create based on task_definition.
    -     		+ +
    The number of tasks to create based on task_definition.
    +
    +
    task_definition_arn
    string -
    -     		- -
    The full ARN of the task definition.
    -     		+ +
    The full ARN of the task definition.
    +
    + +
    id
    string - / required
    -     		- -
    The unique target assignment ID.
    -     		+ +
    The unique target assignment ID.
    +
    +
    input
    string -
    -     		- -
    A JSON object that will override the event data when passed to the target.
    -
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    -     		+ +
    A JSON object that will override the event data when passed to the target.
    +
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    +
    +
    input_path
    string -
    -     		- -
    A JSONPath string (e.g. $.detail) that specifies the part of the event data to be passed to the target.
    -
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    -     		+ +
    A JSONPath string (e.g. $.detail) that specifies the part of the event data to be passed to the target.
    +
    If neither input nor input_path is specified, then the entire event is passed to the target in JSON form.
    +
    +
    role_arn
    string -
    -     		- -
    The ARN of the IAM role to be used for this target when the rule is triggered.
    -     		+ +
    The ARN of the IAM role to be used for this target when the rule is triggered.
    +
    + +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -444,7 +463,7 @@ Notes .. note:: - A rule must contain at least an *event_pattern* or *schedule_expression*. A rule can have both an *event_pattern* and a *schedule_expression*, in which case the rule will trigger on matching events as well as on a schedule. - When specifying targets, *input* and *input_path* are mutually-exclusive and optional parameters. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -455,7 +474,6 @@ Examples .. code-block:: yaml+jinja - - community.aws.cloudwatchevent_rule: name: MyCronTask schedule_expression: "cron(0 20 * * ? *)" @@ -480,7 +498,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -493,41 +510,41 @@ Common return values are documented `here Returned Description - - + +
    rule
    dictionary -
    - + + success -
    CloudWatch Event rule data.
    -
    -
    Sample:
    -
    {'arn': 'arn:aws:events:us-east-1:123456789012:rule/MyCronTask', 'description': 'Run my scheduled task', 'name': 'MyCronTask', 'schedule_expression': 'cron(0 20 * * ? *)', 'state': 'ENABLED'}
    - +
    CloudWatch Event rule data.
    +
    +
    Sample:
    +
    {'arn': 'arn:aws:events:us-east-1:123456789012:rule/MyCronTask', 'description': 'Run my scheduled task', 'name': 'MyCronTask', 'schedule_expression': 'cron(0 20 * * ? *)', 'state': 'ENABLED'}
    + - - + +
    targets
    list -
    - + + success -
    CloudWatch Event target(s) assigned to the rule.
    -
    -
    Sample:
    -
    [{ 'arn': 'arn:aws:lambda:us-east-1:123456789012:function:MyFunction', 'id': 'MyTargetId' }]
    - +
    CloudWatch Event target(s) assigned to the rule.
    +
    +
    Sample:
    +
    [{ 'arn': 'arn:aws:lambda:us-east-1:123456789012:function:MyFunction', 'id': 'MyTargetId' }]
    + - +

    @@ -539,5 +556,3 @@ Authors ~~~~~~~ - Jim Dalton (@jsdalton) - - diff --git a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst index 5208cf28a0c..d9bb44238d4 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst @@ -38,176 +38,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    log_group_name
    string -
    -     		- -
    The name or prefix of the log group to filter by.
    -     		+ +
    The name or prefix of the log group to filter by.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -215,7 +234,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -226,14 +245,12 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - community.aws.cloudwatchlogs_log_group_info: log_group_name: test-log-group - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -246,135 +263,135 @@ Common return values are documented `here Returned Description - - + +
    log_groups
    complex -
    - + + success -
    Return the list of complex objects representing log groups
    -
    - +
    Return the list of complex objects representing log groups
    +
    + - -   - + +   +
    arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the log group.
    -
    - +
    The Amazon Resource Name (ARN) of the log group.
    +
    + - -   - + +   +
    creation_time
    integer -
    - + + always -
    The creation time of the log group.
    -
    - +
    The creation time of the log group.
    +
    + - -   - + +   +
    kms_key_id
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    -
    - +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    +
    + - -   - + +   +
    log_group_name
    string -
    - + + always -
    The name of the log group.
    -
    - +
    The name of the log group.
    +
    + - -   - + +   +
    metric_filter_count
    integer -
    - + + always -
    The number of metric filters.
    -
    - +
    The number of metric filters.
    +
    + - -   - + +   +
    retention_in_days
    integer -
    - + + always -
    The number of days to retain the log events in the specified log group.
    -
    - +
    The number of days to retain the log events in the specified log group.
    +
    + - -   - + +   +
    stored_bytes
    string -
    - + + always -
    The number of bytes stored.
    -
    - +
    The number of bytes stored.
    +
    + - - + +

    @@ -386,5 +403,3 @@ Authors ~~~~~~~ - Willian Ricardo (@willricardo) - - diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst index b31b096d815..c32f7470e6b 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst @@ -38,305 +38,324 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filter_name
    string - / required
    -     		- -
    A name for the metric filter you create.
    -     		+ +
    A name for the metric filter you create.
    +
    +
    filter_pattern
    string -
    -     		- -
    A filter pattern for extracting metric data out of ingested log events. Required when state=present.
    -     		+ +
    A filter pattern for extracting metric data out of ingested log events. Required when state=present.
    +
    +
    log_group_name
    string - / required
    -     		- -
    The name of the log group where the metric filter is applied on.
    -     		+ +
    The name of the log group where the metric filter is applied on.
    +
    +
    metric_transformation
    dictionary -
    -     		- -
    A collection of information that defines how metric data gets emitted. Required when state=present.
    -     		+ +
    A collection of information that defines how metric data gets emitted. Required when state=present.
    +
    +
    default_value
    float -
    -     		- -
    The value to emit when a filter pattern does not match a log event.
    -     		+ +
    The value to emit when a filter pattern does not match a log event.
    +
    +
    metric_name
    string -
    -     		- -
    The name of the cloudWatch metric.
    -     		+ +
    The name of the cloudWatch metric.
    +
    +
    metric_namespace
    string -
    -     		- -
    The namespace of the cloudWatch metric.
    -     		+ +
    The namespace of the cloudWatch metric.
    +
    +
    metric_value
    string -
    -     		- -
    The value to publish to the cloudWatch metric when a filter pattern matches a log event.
    -     		+ +
    The value to publish to the cloudWatch metric when a filter pattern matches a log event.
    +
    + +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Whether the rule is present or absent.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Whether the rule is present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -344,7 +363,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -355,7 +374,6 @@ Examples .. code-block:: yaml+jinja - - name: set metric filter on log group /fluentd/testcase community.aws.cloudwatchlogs_log_group_metric_filter: log_group_name: /fluentd/testcase @@ -375,7 +393,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -388,24 +405,24 @@ Common return values are documented `here Returned Description - - + +
    metric_filters
    list -
    - + + success -
    Return the origin response value
    -
    -
    Sample:
    -
    [{'default_value': 3.1415, 'metric_name': 'box_free_space', 'metric_namespace': 'made_with_ansible', 'metric_value': '$.value'}]
    - +
    Return the origin response value
    +
    +
    Sample:
    +
    [{'default_value': 3.1415, 'metric_name': 'box_free_space', 'metric_namespace': 'made_with_ansible', 'metric_value': '$.value'}]
    + - +

    @@ -417,5 +434,3 @@ Authors ~~~~~~~ - Markus Bergholz (@markuman) - - diff --git a/docs/community.aws.cloudwatchlogs_log_group_module.rst b/docs/community.aws.cloudwatchlogs_log_group_module.rst index dd4963ec230..c00633fbf5b 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_module.rst @@ -38,282 +38,301 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    kms_key_id
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    -     		+ +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    +
    +
    log_group_name
    string - / required
    -     		- -
    The name of the log group.
    -     		+ +
    The name of the log group.
    +
    +
    overwrite
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether an existing log group should be overwritten on create.
    -
    Mutually exclusive with purge_retention_policy.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether an existing log group should be overwritten on create.
    +
    Mutually exclusive with purge_retention_policy.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_retention_policy
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to purge the retention policy or not.
    -
    Mutually exclusive with retention and overwrite.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to purge the retention policy or not.
    +
    Mutually exclusive with retention and overwrite.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    retention
    integer -
    -     		- -
    The number of days to retain the log events in the specified log group.
    -
    Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
    -
    Mutually exclusive with purge_retention_policy.
    -     		+ +
    The number of days to retain the log events in the specified log group.
    +
    Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
    +
    Mutually exclusive with purge_retention_policy.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the rule is present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the rule is present or absent.
    +
    +
    tags
    dictionary -
    -     		- -
    The key-value pairs to use for the tags.
    -     		+ +
    The key-value pairs to use for the tags.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -322,7 +341,7 @@ Notes .. note:: - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/logs.html. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -333,7 +352,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - community.aws.cloudwatchlogs_log_group: @@ -356,8 +374,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -370,135 +386,135 @@ Common return values are documented `here Returned Description - - + +
    log_groups
    complex -
    - + + success -
    Return the list of complex objects representing log groups
    -
    - +
    Return the list of complex objects representing log groups
    +
    + - -   - + +   +
    arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the log group.
    -
    - +
    The Amazon Resource Name (ARN) of the log group.
    +
    + - -   - + +   +
    creation_time
    integer -
    - + + always -
    The creation time of the log group.
    -
    - +
    The creation time of the log group.
    +
    + - -   - + +   +
    kms_key_id
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    -
    - +
    The Amazon Resource Name (ARN) of the CMK to use when encrypting log data.
    +
    + - -   - + +   +
    log_group_name
    string -
    - + + always -
    The name of the log group.
    -
    - +
    The name of the log group.
    +
    + - -   - + +   +
    metric_filter_count
    integer -
    - + + always -
    The number of metric filters.
    -
    - +
    The number of metric filters.
    +
    + - -   - + +   +
    retention_in_days
    integer -
    - + + always -
    The number of days to retain the log events in the specified log group.
    -
    - +
    The number of days to retain the log events in the specified log group.
    +
    + - -   - + +   +
    stored_bytes
    string -
    - + + always -
    The number of bytes stored.
    -
    - +
    The number of bytes stored.
    +
    + - - + +

    @@ -510,5 +526,3 @@ Authors ~~~~~~~ - Willian Ricardo (@willricardo) - - diff --git a/docs/community.aws.data_pipeline_module.rst b/docs/community.aws.data_pipeline_module.rst index 46777ae9482..eb515b19242 100644 --- a/docs/community.aws.data_pipeline_module.rst +++ b/docs/community.aws.data_pipeline_module.rst @@ -38,509 +38,528 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - - - - - + + + + + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- Default:
    ""
    -     		-
    An optional description for the pipeline being created.
    -     		+ Default:
    ""
    +     		+
    An optional description for the pipeline being created.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name of the Datapipeline to create/modify/delete.
    -     		+ +
    The name of the Datapipeline to create/modify/delete.
    +
    +
    objects
    list - / elements=dictionary
    -     		- -
    A list of pipeline object definitions, each of which is a dict that takes the keys id, name and fields.
    -
    + / elements=dictionary + + +
    A list of pipeline object definitions, each of which is a dict that takes the keys id, name and fields.
    +
    fields
    list - / elements=dictionary
    -     		- -
    Key-value pairs that define the properties of the object.
    -
    The value is specified as a reference to another object refValue or as a string value stringValue but not as both.
    -
    + / elements=dictionary + + +
    Key-value pairs that define the properties of the object.
    +
    The value is specified as a reference to another object refValue or as a string value stringValue but not as both.
    +
    key
    string -
    -     		- -
    The field identifier.
    -     		+ +
    The field identifier.
    +
    +
    refValue
    string -
    -     		- -
    The field value, expressed as the identifier of another object.
    -
    Exactly one of stringValue and refValue may be specified.
    -
    + + + +
    The field value, expressed as the identifier of another object.
    +
    Exactly one of stringValue and refValue may be specified.
    +
    stringValue
    string -
    -     		- -
    The field value.
    -
    Exactly one of stringValue and refValue may be specified.
    -
    + + + +
    The field value.
    +
    Exactly one of stringValue and refValue may be specified.
    +
    id
    string -
    -     		- -
    The ID of the object.
    -     		+ +
    The ID of the object.
    +
    +
    name
    string -
    -     		- -
    The name of the object.
    -
    + + + +
    The name of the object.
    +
    parameters
    list - / elements=dictionary
    -     		- -
    A list of parameter objects (dicts) in the pipeline definition.
    -
    + / elements=dictionary + + +
    A list of parameter objects (dicts) in the pipeline definition.
    +
    attributes
    list - / elements=dictionary
    -     		- -
    A list of attributes (dicts) of the parameter object.
    -
    + / elements=dictionary + + +
    A list of attributes (dicts) of the parameter object.
    +
    key
    string -
    -     		- -
    The field identifier.
    -     		+ +
    The field identifier.
    +
    +
    stringValue
    string -
    -     		- -
    The field value.
    -
    + + + +
    The field value.
    +
    id
    - -
    -     		- -
    The ID of the parameter object.
    -
    + + + +
    The ID of the parameter object.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • active
      • -
    • inactive
      • -
    -     		-
    The requested state of the pipeline.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • active
      • +
    • inactive
      • +
    +     		+
    The requested state of the pipeline.
    +
    +
    tags
    dictionary -
    -     		- -
    A dict of key:value pair(s) to add to the pipeline.
    -     		+ +
    A dict of key:value pair(s) to add to the pipeline.
    +
    +
    timeout
    integer -
    -     		- Default:
    300
    -     		-
    Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
    -     		+ Default:
    300
    +     		+
    Time in seconds to wait for the pipeline to transition to the requested state, fail otherwise.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    values
    list - / elements=dictionary
    -     		- -
    A list of parameter values (dicts) in the pipeline definition.
    -
    + / elements=dictionary + + +
    A list of parameter values (dicts) in the pipeline definition.
    +
    id
    string -
    -     		- -
    The ID of the parameter value
    -     		+ +
    The ID of the parameter value
    +
    +
    stringValue
    string -
    -     		- -
    The field value
    -
    + + + +
    The field value
    +
    version
    string -
    -     		- -
    The version option has never had any effect and will be removed after 2022-06-01.
    -
    + + + + + +
    The version option has never had any effect and will be removed after 2022-06-01.
    + + +
    @@ -548,7 +567,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -559,7 +578,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Create pipeline @@ -611,8 +629,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -625,39 +641,39 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    whether the data pipeline has been modified
    -
    -
    Sample:
    -
    {'changed': True}
    - - - - +
    whether the data pipeline has been modified
    +
    +
    Sample:
    +
    {'changed': True}
    + + + +
    result
    dictionary -
    - + + always -
    Contains the data pipeline data (data_pipeline) and a return message (msg). If the data pipeline exists data_pipeline will contain the keys description, name, pipeline_id, state, tags, and unique_id. If the data pipeline does not exist then data_pipeline will be an empty dict. The msg describes the status of the operation.
    -
    - +
    Contains the data pipeline data (data_pipeline) and a return message (msg). If the data pipeline exists data_pipeline will contain the keys description, name, pipeline_id, state, tags, and unique_id. If the data pipeline does not exist then data_pipeline will be an empty dict. The msg describes the status of the operation.
    +
    + - +

    @@ -670,5 +686,3 @@ Authors - Raghu Udiyar (@raags) - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.dms_endpoint_module.rst b/docs/community.aws.dms_endpoint_module.rst index 553634a530a..d7dad3d6be2 100644 --- a/docs/community.aws.dms_endpoint_module.rst +++ b/docs/community.aws.dms_endpoint_module.rst @@ -35,571 +35,590 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + / required + + + - - + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    certificatearn
    string -
    -     		- -
    Amazon Resource Name (ARN) for the certificate.
    -     		+ +
    Amazon Resource Name (ARN) for the certificate.
    +
    +
    databasename
    string -
    -     		- -
    Name for the database on the origin or target side.
    -     		+ +
    Name for the database on the origin or target side.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    dmstransfersettings
    dictionary -
    -     		- -
    The settings in JSON format for the DMS transfer type of source endpoint.
    -     		+ +
    The settings in JSON format for the DMS transfer type of source endpoint.
    +
    +
    dynamodbsettings
    dictionary -
    -     		- -
    Settings in JSON format for the target Amazon DynamoDB endpoint if source or target is dynamodb.
    -     		+ +
    Settings in JSON format for the target Amazon DynamoDB endpoint if source or target is dynamodb.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    elasticsearchsettings
    dictionary -
    -     		- -
    Settings in JSON format for the target Elasticsearch endpoint.
    -     		+ +
    Settings in JSON format for the target Elasticsearch endpoint.
    +
    +
    endpointidentifier
    string - / required
    -     		- -
    An identifier name for the endpoint.
    -     		+ +
    An identifier name for the endpoint.
    +
    +
    endpointtype
    string - / required
    -     		-
      Choices: -
    • source
      • -
    • target
      • -
    -     		-
    Type of endpoint we want to manage.
    -
    + / required + +
      Choices: +
    • source
      • +
    • target
      • +
    +     		+
    Type of endpoint we want to manage.
    +
    enginename
    string - / required
    -     		-
      Choices: -
    • mysql
      • -
    • oracle
      • -
    • postgres
      • -
    • mariadb
      • -
    • aurora
      • -
    • redshift
      • -
    • s3
      • -
    • db2
      • -
    • azuredb
      • -
    • sybase
      • -
    • dynamodb
      • -
    • mongodb
      • -
    • sqlserver
      • -
    -     		-
    Database engine that we want to use, please refer to the AWS DMS for more information on the supported engines and their limitations.
    -
    + / required + +
      Choices: +
    • mysql
      • +
    • oracle
      • +
    • postgres
      • +
    • mariadb
      • +
    • aurora
      • +
    • redshift
      • +
    • s3
      • +
    • db2
      • +
    • azuredb
      • +
    • sybase
      • +
    • dynamodb
      • +
    • mongodb
      • +
    • sqlserver
      • +
    +     		+
    Database engine that we want to use, please refer to the AWS DMS for more information on the supported engines and their limitations.
    +
    externaltabledefinition
    string -
    -     		- -
    The external table definition.
    -     		+ +
    The external table definition.
    +
    +
    extraconnectionattributes
    string -
    -     		- -
    Extra attributes for the database connection, the AWS documentation states " For more information about extra connection attributes, see the documentation section for your data store."
    -     		+ +
    Extra attributes for the database connection, the AWS documentation states " For more information about extra connection attributes, see the documentation section for your data store."
    +
    +
    kinesissettings
    dictionary -
    -     		- -
    Settings in JSON format for the target Amazon Kinesis Data Streams endpoint.
    -     		+ +
    Settings in JSON format for the target Amazon Kinesis Data Streams endpoint.
    +
    +
    kmskeyid
    string -
    -     		- -
    Encryption key to use to encrypt replication storage and connection information.
    -     		+ +
    Encryption key to use to encrypt replication storage and connection information.
    +
    +
    mongodbsettings
    dictionary -
    -     		- -
    Settings in JSON format for the source MongoDB endpoint.
    -     		+ +
    Settings in JSON format for the source MongoDB endpoint.
    +
    +
    password
    string -
    -     		- -
    Password used to connect to the database this attribute can only be written the AWS API does not return this parameter.
    -     		+ +
    Password used to connect to the database this attribute can only be written the AWS API does not return this parameter.
    +
    +
    port
    integer -
    -     		- -
    TCP port for access to the database.
    -     		+ +
    TCP port for access to the database.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    retries
    integer -
    -     		- -
    number of times we should retry when deleting a resource
    -
    Required when wait=true.
    -
    + + + +
    number of times we should retry when deleting a resource
    +
    Required when wait=true.
    +
    s3settings
    dictionary -
    -     		- -
    S3 buckets settings for the target Amazon S3 endpoint.
    -     		+ +
    S3 buckets settings for the target Amazon S3 endpoint.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    servername
    string -
    -     		- -
    Servername that the endpoint will connect to.
    -     		+ +
    Servername that the endpoint will connect to.
    +
    +
    serviceaccessrolearn
    string -
    -     		- -
    Amazon Resource Name (ARN) for the service access role that you want to use to create the endpoint.
    -     		+ +
    Amazon Resource Name (ARN) for the service access role that you want to use to create the endpoint.
    +
    +
    sslmode
    string -
    -     		-
      Choices: -
    • none ←
      • -
    • require
      • -
    • verify-ca
      • -
    • verify-full
      • -
    -     		-
    Mode used for the SSL connection.
    -
    + + +
      Choices: +
    • none ←
      • +
    • require
      • +
    • verify-ca
      • +
    • verify-full
      • +
    +     		+
    Mode used for the SSL connection.
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    State of the endpoint.
    -
    + + +
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    State of the endpoint.
    +
    tags
    dictionary -
    -     		- -
    A list of tags to add to the endpoint.
    -     		+ +
    A list of tags to add to the endpoint.
    +
    +
    timeout
    integer -
    -     		- -
    Time in seconds we should wait for when deleting a resource.
    -
    Required when wait=true.
    -
    + + + +
    Time in seconds we should wait for when deleting a resource.
    +
    Required when wait=true.
    +
    username
    string -
    -     		- -
    Username our endpoint will use to connect to the database.
    -     		+ +
    Username our endpoint will use to connect to the database.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether Ansible should wait for the object to be deleted when state=absent.
    -
    + + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    + + +
    Whether Ansible should wait for the object to be deleted when state=absent.
    + + +
    @@ -607,7 +626,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -618,7 +637,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details - name: Endpoint Creation community.aws.dms_endpoint: @@ -637,7 +655,6 @@ Examples - Status ------ @@ -646,5 +663,3 @@ Authors ~~~~~~~ - Rui Moreira (@ruimoreira) - - diff --git a/docs/community.aws.dms_replication_subnet_group_module.rst b/docs/community.aws.dms_replication_subnet_group_module.rst index 20af60ff471..426d49daf4b 100644 --- a/docs/community.aws.dms_replication_subnet_group_module.rst +++ b/docs/community.aws.dms_replication_subnet_group_module.rst @@ -35,225 +35,244 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string - / required
    -     		- -
    The description for the subnet group.
    -     		+ +
    The description for the subnet group.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    identifier
    string - / required
    -     		- -
    The name for the replication subnet group. This value is stored as a lowercase string. Must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens. Must not be "default".
    -     		+ +
    The name for the replication subnet group. This value is stored as a lowercase string. Must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens. Must not be "default".
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    State of the subnet group.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    State of the subnet group.
    +
    +
    subnet_ids
    list - / elements=string / required
    -     		- -
    A list containing the subnet ids for the replication subnet group, needs to be at least 2 items in the list.
    -     		+ +
    A list containing the subnet ids for the replication subnet group, needs to be at least 2 items in the list.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -261,7 +280,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -272,7 +291,6 @@ Examples .. code-block:: yaml+jinja - - community.aws.dms_replication_subnet_group: state: present identifier: "dev-sngroup" @@ -282,7 +300,6 @@ Examples - Status ------ @@ -291,5 +308,3 @@ Authors ~~~~~~~ - Rui Moreira (@ruimoreira) - - diff --git a/docs/community.aws.dynamodb_table_module.rst b/docs/community.aws.dynamodb_table_module.rst index 065a4ccbbce..ed55ec8bf02 100644 --- a/docs/community.aws.dynamodb_table_module.rst +++ b/docs/community.aws.dynamodb_table_module.rst @@ -39,494 +39,513 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    hash_key_name
    string -
    -     		- -
    Name of the hash key.
    -
    Required when state=present.
    -     		+ +
    Name of the hash key.
    +
    Required when state=present.
    +
    +
    hash_key_type
    string -
    -     		-
      Choices: -
    • STRING ←
      • -
    • NUMBER
      • -
    • BINARY
      • -
    -     		-
    Type of the hash key.
    -     		+
      Choices: +
    • STRING ←
      • +
    • NUMBER
      • +
    • BINARY
      • +
    +     		+
    Type of the hash key.
    +
    +
    indexes
    list - / elements=dictionary
    -     		- Default:
    []
    -     		-
    list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.
    -
    required options: ['name', 'type', 'hash_key_name']
    -
    other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
    -     		+ Default:
    []
    +     		+
    list of dictionaries describing indexes to add to the table. global indexes can be updated. local indexes don't support updates or have throughput.
    +
    required options: ['name', 'type', 'hash_key_name']
    +
    other options: ['hash_key_type', 'range_key_name', 'range_key_type', 'includes', 'read_capacity', 'write_capacity']
    +
    +
    hash_key_name
    string - / required
    -     		- -
    The name of the hash-based key.
    -     		+ +
    The name of the hash-based key.
    +
    +
    hash_key_type
    string -
    -     		- -
    The type of the hash-based key.
    -     		+ +
    The type of the hash-based key.
    +
    +
    includes
    list -
    -     		- -
    A list of fields to include when using global_include or include indexes.
    -     		+ +
    A list of fields to include when using global_include or include indexes.
    +
    +
    name
    string - / required
    -     		- -
    The name of the index.
    -     		+ +
    The name of the index.
    +
    +
    range_key_name
    string -
    -     		- -
    The name of the range-based key.
    -     		+ +
    The name of the range-based key.
    +
    +
    range_key_type
    string -
    -     		- -
    The type of the range-based key.
    -     		+ +
    The type of the range-based key.
    +
    +
    read_capacity
    integer -
    -     		- -
    Read throughput capacity (units) to provision for the index.
    -     		+ +
    Read throughput capacity (units) to provision for the index.
    +
    +
    type
    string - / required
    -     		- -
    The type of index.
    -
    Valid types: all, global_all, global_include, global_keys_only, include, keys_only
    -     		+ +
    The type of index.
    +
    Valid types: all, global_all, global_include, global_keys_only, include, keys_only
    +
    +
    write_capacity
    integer -
    -     		- -
    Write throughput capacity (units) to provision for the index.
    -     		+ +
    Write throughput capacity (units) to provision for the index.
    +
    + +
    name
    string - / required
    -     		- -
    Name of the table.
    -     		+ +
    Name of the table.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    range_key_name
    string -
    -     		- -
    Name of the range key.
    -     		+ +
    Name of the range key.
    +
    +
    range_key_type
    string -
    -     		-
      Choices: -
    • STRING ←
      • -
    • NUMBER
      • -
    • BINARY
      • -
    -     		-
    Type of the range key.
    -     		+
      Choices: +
    • STRING ←
      • +
    • NUMBER
      • +
    • BINARY
      • +
    +     		+
    Type of the range key.
    +
    +
    read_capacity
    integer -
    -     		- Default:
    1
    -     		-
    Read throughput capacity (units) to provision.
    -     		+ Default:
    1
    +     		+
    Read throughput capacity (units) to provision.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete the table.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete the table.
    +
    +
    tags
    dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag.
    -
    For example: {"key":"value"} and {"key":"value","key2":"value2"}
    -     		+ +
    A hash/dictionary of tags to add to the new instance or for starting/stopping instance by tag.
    +
    For example: {"key":"value"} and {"key":"value","key2":"value2"}
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait_for_active_timeout
    integer -
    -     		- Default:
    60
    -     		-
    how long before wait gives up, in seconds. only used when tags is set
    -     		+ Default:
    60
    +     		+
    how long before wait gives up, in seconds. only used when tags is set
    +
    +
    write_capacity
    integer -
    -     		- Default:
    1
    -     		-
    Write throughput capacity (units) to provision.
    -     		+ Default:
    1
    +     		+
    Write throughput capacity (units) to provision.
    +
    +
    @@ -534,7 +553,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -545,7 +564,6 @@ Examples .. code-block:: yaml+jinja - - name: Create dynamo table with hash and range primary key community.aws.dynamodb_table: name: my-table @@ -589,7 +607,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -602,24 +619,24 @@ Common return values are documented `here Returned Description - - + +
    table_status
    string -
    - + + success -
    The current status of the table.
    -
    -
    Sample:
    -
    ACTIVE
    - +
    The current status of the table.
    +
    +
    Sample:
    +
    ACTIVE
    + - +

    @@ -631,5 +648,3 @@ Authors ~~~~~~~ - Alan Loi (@loia) - - diff --git a/docs/community.aws.dynamodb_ttl_module.rst b/docs/community.aws.dynamodb_ttl_module.rst index 21ec3e97f24..18d3190e114 100644 --- a/docs/community.aws.dynamodb_ttl_module.rst +++ b/docs/community.aws.dynamodb_ttl_module.rst @@ -38,211 +38,230 @@ Parameters .. raw:: html - + - + - - + - - + / required + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    attribute_name
    string - / required
    -     		- -
    The name of the Time To Live attribute used to store the expiration time for items in the table.
    -
    This appears to be required by the API even when disabling TTL.
    -     		+ +
    The name of the Time To Live attribute used to store the expiration time for items in the table.
    +
    This appears to be required by the API even when disabling TTL.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • enable
      • -
    • disable
      • -
    -     		-
    State to set DynamoDB table to.
    -     		+
      Choices: +
    • enable
      • +
    • disable
      • +
    +     		+
    State to set DynamoDB table to.
    +
    +
    table_name
    string - / required
    -     		- -
    Name of the DynamoDB table to work on.
    -     		+ +
    Name of the DynamoDB table to work on.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -250,7 +269,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -261,7 +280,6 @@ Examples .. code-block:: yaml+jinja - - name: enable TTL on my cowfacts table community.aws.dynamodb_ttl: state: enable @@ -276,7 +294,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -289,24 +306,24 @@ Common return values are documented `here Returned Description - - + +
    current_status
    dictionary -
    - + + always -
    current or new TTL specification.
    -
    -
    Sample:
    -
    [{'AttributeName': 'deploy_timestamp', 'TimeToLiveStatus': 'ENABLED'}, {'AttributeName': 'deploy_timestamp', 'Enabled': True}]
    - +
    current or new TTL specification.
    +
    +
    Sample:
    +
    [{'AttributeName': 'deploy_timestamp', 'TimeToLiveStatus': 'ENABLED'}, {'AttributeName': 'deploy_timestamp', 'Enabled': True}]
    + - +

    @@ -318,5 +335,3 @@ Authors ~~~~~~~ - Ted Timmons (@tedder) - - diff --git a/docs/community.aws.ec2_ami_copy_module.rst b/docs/community.aws.ec2_ami_copy_module.rst index b9a524a78e9..a0aeffd6970 100644 --- a/docs/community.aws.ec2_ami_copy_module.rst +++ b/docs/community.aws.ec2_ami_copy_module.rst @@ -36,326 +36,345 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    An optional human-readable string describing the contents and purpose of the new AMI.
    -     		+ +
    An optional human-readable string describing the contents and purpose of the new AMI.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    encrypted
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not the destination snapshots of the copied AMI should be encrypted.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not the destination snapshots of the copied AMI should be encrypted.
    +
    +
    kms_key_id
    string -
    -     		- -
    KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
    -     		+ +
    KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account.
    +
    +
    name
    string -
    -     		- Default:
    "default"
    -     		-
    The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
    -     		+ Default:
    "default"
    +     		+
    The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    source_image_id
    string - / required
    -     		- -
    The ID of the AMI in source region that should be copied.
    -     		+ +
    The ID of the AMI in source region that should be copied.
    +
    +
    source_region
    string - / required
    -     		- -
    The source region the AMI should be copied from.
    -     		+ +
    The source region the AMI should be copied from.
    +
    +
    tag_equality
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to use tags if the source AMI already exists in the target region. If this is set, and all tags match in an existing AMI, the AMI will not be copied again.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to use tags if the source AMI already exists in the target region. If this is set, and all tags match in an existing AMI, the AMI will not be copied again.
    +
    +
    tags
    dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new copied AMI: {"key":"value"} and {"key":"value","key":"value"}
    -     		+ +
    A hash/dictionary of tags to add to the new copied AMI: {"key":"value"} and {"key":"value","key":"value"}
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for the copied AMI to be in state 'available' before returning.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for the copied AMI to be in state 'available' before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    600
    -     		-
    How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
    -
    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
    -     		+ Default:
    600
    +     		+
    How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
    +
    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
    +
    +
    @@ -363,7 +382,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -374,7 +393,6 @@ Examples .. code-block:: yaml+jinja - - name: Basic AMI Copy community.aws.ec2_ami_copy: source_region: us-east-1 @@ -425,7 +443,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -438,24 +455,24 @@ Common return values are documented `here Returned Description - - + +
    image_id
    string -
    - + + always -
    AMI ID of the copied AMI
    -
    -
    Sample:
    -
    ami-e689729e
    - +
    AMI ID of the copied AMI
    +
    +
    Sample:
    +
    ami-e689729e
    + - +

    @@ -468,5 +485,3 @@ Authors - Amir Moulavi (@amir343) - Tim C (@defunctio) - - diff --git a/docs/community.aws.ec2_asg_info_module.rst b/docs/community.aws.ec2_asg_info_module.rst index aa6e6fdcda2..a7c3dc2461e 100644 --- a/docs/community.aws.ec2_asg_info_module.rst +++ b/docs/community.aws.ec2_asg_info_module.rst @@ -37,192 +37,211 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    name
    string -
    -     		- -
    The prefix or name of the auto scaling group(s) you are searching for.
    -
    Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
    -
    + + + +
    The prefix or name of the auto scaling group(s) you are searching for.
    +
    Note: This is a regular expression match with implicit '^' (beginning of string). Append '$' for a complete name match.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    tags
    dictionary -
    -     		- -
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.
    -
    + + + +
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the auto scaling group(s) you are searching for.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -230,7 +249,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -241,7 +260,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Find all groups @@ -281,7 +299,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -294,364 +311,364 @@ Common return values are documented `here Returned Description - - + +
    auto_scaling_group_arn
    string -
    - + + success -
    The Amazon Resource Name of the ASG
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-west-2:1234567890:autoScalingGroup:10787c52-0bcb-427d-82ba-c8e4b008ed2e:autoScalingGroupName/public-webapp-production-1
    - - - - +
    The Amazon Resource Name of the ASG
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-west-2:1234567890:autoScalingGroup:10787c52-0bcb-427d-82ba-c8e4b008ed2e:autoScalingGroupName/public-webapp-production-1
    + + + +
    auto_scaling_group_name
    string -
    - + + success -
    Name of autoscaling group
    -
    -
    Sample:
    -
    public-webapp-production-1
    - - - - +
    Name of autoscaling group
    +
    +
    Sample:
    +
    public-webapp-production-1
    + + + +
    availability_zones
    list -
    - + + success -
    List of Availability Zones that are enabled for this ASG.
    -
    -
    Sample:
    -
    ['us-west-2a', 'us-west-2b', 'us-west-2a']
    - - - - +
    List of Availability Zones that are enabled for this ASG.
    +
    +
    Sample:
    +
    ['us-west-2a', 'us-west-2b', 'us-west-2a']
    + + + +
    created_time
    string -
    - + + success -
    The date and time this ASG was created, in ISO 8601 format.
    -
    -
    Sample:
    -
    2015-11-25T00:05:36.309Z
    - - - - +
    The date and time this ASG was created, in ISO 8601 format.
    +
    +
    Sample:
    +
    2015-11-25T00:05:36.309Z
    + + + +
    default_cooldown
    integer -
    - + + success -
    The default cooldown time in seconds.
    -
    -
    Sample:
    -
    300
    - - - - +
    The default cooldown time in seconds.
    +
    +
    Sample:
    +
    300
    + + + +
    desired_capacity
    integer -
    - + + success -
    The number of EC2 instances that should be running in this group.
    -
    -
    Sample:
    -
    3
    - - - - +
    The number of EC2 instances that should be running in this group.
    +
    +
    Sample:
    +
    3
    + + + +
    health_check_period
    integer -
    - + + success -
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    -
    -
    Sample:
    -
    30
    - - - - +
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    +
    +
    Sample:
    +
    30
    + + + +
    health_check_type
    string -
    - + + success -
    The service you want the health status from, one of "EC2" or "ELB".
    -
    -
    Sample:
    -
    ELB
    - - - - +
    The service you want the health status from, one of "EC2" or "ELB".
    +
    +
    Sample:
    +
    ELB
    + + + +
    instances
    list -
    - + + success -
    List of EC2 instances and their status as it relates to the ASG.
    -
    -
    Sample:
    -
    [{'availability_zone': 'us-west-2a', 'health_status': 'Healthy', 'instance_id': 'i-es22ad25', 'launch_configuration_name': 'public-webapp-production-1', 'lifecycle_state': 'InService', 'protected_from_scale_in': 'false'}]
    - - - - +
    List of EC2 instances and their status as it relates to the ASG.
    +
    +
    Sample:
    +
    [{'availability_zone': 'us-west-2a', 'health_status': 'Healthy', 'instance_id': 'i-es22ad25', 'launch_configuration_name': 'public-webapp-production-1', 'lifecycle_state': 'InService', 'protected_from_scale_in': 'false'}]
    + + + +
    launch_config_name
    string -
    - + + success -
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    -
    -
    Sample:
    -
    public-webapp-production-1
    - - - - +
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    +
    +
    Sample:
    +
    public-webapp-production-1
    + + + +
    launch_configuration_name
    string -
    - + + success -
    Name of launch configuration associated with the ASG.
    -
    -
    Sample:
    -
    public-webapp-production-1
    - - - - +
    Name of launch configuration associated with the ASG.
    +
    +
    Sample:
    +
    public-webapp-production-1
    + + + +
    load_balancer_names
    list -
    - + + success -
    List of load balancers names attached to the ASG.
    -
    -
    Sample:
    -
    ['elb-webapp-prod']
    - - - - +
    List of load balancers names attached to the ASG.
    +
    +
    Sample:
    +
    ['elb-webapp-prod']
    + + + +
    max_size
    integer -
    - + + success -
    Maximum size of group
    -
    -
    Sample:
    -
    3
    - - - - +
    Maximum size of group
    +
    +
    Sample:
    +
    3
    + + + +
    min_size
    integer -
    - + + success -
    Minimum size of group
    -
    -
    Sample:
    -
    1
    - - - - +
    Minimum size of group
    +
    +
    Sample:
    +
    1
    + + + +
    new_instances_protected_from_scale_in
    boolean -
    - + + success -
    Whether or not new instances a protected from automatic scaling in.
    -
    -
    Sample:
    -
    false
    - - - - +
    Whether or not new instances a protected from automatic scaling in.
    +
    +
    Sample:
    +
    false
    + + + +
    placement_group
    string -
    - + + success -
    Placement group into which instances are launched, if any.
    -
    -
    Sample:
    -
    None
    - - - - +
    Placement group into which instances are launched, if any.
    +
    +
    Sample:
    +
    None
    + + + +
    status
    string -
    - + + success -
    The current state of the group when DeleteAutoScalingGroup is in progress.
    -
    -
    Sample:
    -
    None
    - - - - +
    The current state of the group when DeleteAutoScalingGroup is in progress.
    +
    +
    Sample:
    +
    None
    + + + +
    tags
    list -
    - + + success -
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    -
    -
    Sample:
    -
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    - - - - +
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    +
    +
    Sample:
    +
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    + + + +
    target_group_arns
    list -
    - + + success -
    List of ARNs of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    - - - - +
    List of ARNs of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    + + + +
    target_group_names
    list -
    - + + success -
    List of names of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['target-group-host-hello', 'target-group-path-world']
    - - - - +
    List of names of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['target-group-host-hello', 'target-group-path-world']
    + + + +
    termination_policies
    string -
    - + + success -
    A list of termination policies for the group.
    -
    -
    Sample:
    -
    ['Default']
    - +
    A list of termination policies for the group.
    +
    +
    Sample:
    +
    ['Default']
    + - +

    @@ -663,5 +680,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst index 10cf6f9627c..c89630575a7 100644 --- a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst +++ b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst @@ -38,313 +38,332 @@ Parameters .. raw:: html - + - + - - + - - + / required + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    autoscaling_group_name
    string - / required
    -     		- -
    The name of the Auto Scaling group to which you want to assign the lifecycle hook.
    -     		+ +
    The name of the Auto Scaling group to which you want to assign the lifecycle hook.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    default_result
    string -
    -     		-
      Choices: -
    • ABANDON ←
      • -
    • CONTINUE
      • -
    -     		-
    Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs.
    -     		+
      Choices: +
    • ABANDON ←
      • +
    • CONTINUE
      • +
    +     		+
    Defines the action the Auto Scaling group should take when the lifecycle hook timeout elapses or if an unexpected failure occurs.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    heartbeat_timeout
    integer -
    -     		- -
    The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
    -
    By default Amazon AWS will use 3600 (1 hour)
    -     		+ +
    The amount of time, in seconds, that can elapse before the lifecycle hook times out. When the lifecycle hook times out, Auto Scaling performs the default action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat.
    +
    By default Amazon AWS will use 3600 (1 hour)
    +
    +
    lifecycle_hook_name
    string - / required
    -     		- -
    The name of the lifecycle hook.
    -     		+ +
    The name of the lifecycle hook.
    +
    +
    notification_meta_data
    string -
    -     		- -
    Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
    -     		+ +
    Contains additional information that you want to include any time Auto Scaling sends a message to the notification target.
    +
    +
    notification_target_arn
    string -
    -     		- -
    The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook.
    -
    This target can be either an SQS queue or an SNS topic.
    -
    If you specify an empty string, this overrides the current ARN.
    -     		+ +
    The ARN of the notification target that Auto Scaling will use to notify you when an instance is in the transition state for the lifecycle hook.
    +
    This target can be either an SQS queue or an SNS topic.
    +
    If you specify an empty string, this overrides the current ARN.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string -
    -     		- -
    The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
    -     		+ +
    The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete Lifecycle Hook.
    -
    When state=present updates existing hook or creates a new hook if not found.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete Lifecycle Hook.
    +
    When state=present updates existing hook or creates a new hook if not found.
    +
    +
    transition
    string -
    -     		-
      Choices: -
    • autoscaling:EC2_INSTANCE_TERMINATING
      • -
    • autoscaling:EC2_INSTANCE_LAUNCHING
      • -
    -     		-
    The instance state to which you want to attach the lifecycle hook.
    -
    Required when state=present.
    -     		+
      Choices: +
    • autoscaling:EC2_INSTANCE_TERMINATING
      • +
    • autoscaling:EC2_INSTANCE_LAUNCHING
      • +
    +     		+
    The instance state to which you want to attach the lifecycle hook.
    +
    Required when state=present.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -352,7 +371,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -363,7 +382,6 @@ Examples .. code-block:: yaml+jinja - - name: Create / Update lifecycle hook community.aws.ec2_asg_lifecycle_hook: region: eu-central-1 @@ -384,8 +402,6 @@ Examples - - Status ------ @@ -394,5 +410,3 @@ Authors ~~~~~~~ - Igor 'Tsigankov' Eyrich (@tsiganenok) - - diff --git a/docs/community.aws.ec2_asg_module.rst b/docs/community.aws.ec2_asg_module.rst index e33fccf0b46..bbf66a874cf 100644 --- a/docs/community.aws.ec2_asg_module.rst +++ b/docs/community.aws.ec2_asg_module.rst @@ -38,761 +38,780 @@ Parameters .. raw:: html - + - + - - + - - + / elements=string + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - - - - - + + + + + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + / elements=dictionary + + + - - + - - + / elements=string + + + - - + - - - - - + + + + + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    availability_zones
    list - / elements=string
    -     		- -
    List of availability zone names in which to create the group.
    -
    Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
    -     		+ +
    List of availability zone names in which to create the group.
    +
    Defaults to all the availability zones in the region if vpc_zone_identifier is not set.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    default_cooldown
    integer -
    -     		- Default:
    300
    -     		-
    The number of seconds after a scaling activity completes before another can begin.
    -     		+ Default:
    300
    +     		+
    The number of seconds after a scaling activity completes before another can begin.
    +
    +
    desired_capacity
    integer -
    -     		- -
    Desired number of instances in group, if unspecified then the current group value will be used.
    -     		+ +
    Desired number of instances in group, if unspecified then the current group value will be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    health_check_period
    integer -
    -     		- Default:
    300
    -     		-
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    -     		+ Default:
    300
    +     		+
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    +
    +
    health_check_type
    string -
    -     		-
      Choices: -
    • EC2 ←
      • -
    • ELB
      • -
    -     		-
    The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
    -     		+
      Choices: +
    • EC2 ←
      • +
    • ELB
      • +
    +     		+
    The service you want the health status from, Amazon EC2 or Elastic Load Balancer.
    +
    +
    launch_config_name
    string -
    -     		- -
    Name of the Launch configuration to use for the group. See the community.aws.ec2_lc) module for managing these.
    -
    If unspecified then the current group value will be used. One of launch_config_name or launch_template must be provided.
    -     		+ +
    Name of the Launch configuration to use for the group. See the community.aws.ec2_lc) module for managing these.
    +
    If unspecified then the current group value will be used. One of launch_config_name or launch_template must be provided.
    +
    +
    launch_template
    dictionary -
    -     		- -
    Dictionary describing the Launch Template to use
    -
    + + + +
    Dictionary describing the Launch Template to use
    +
    launch_template_id
    string -
    -     		- -
    The id of the launch template. Only one of launch_template_name or launch_template_id is required.
    -     		+ +
    The id of the launch template. Only one of launch_template_name or launch_template_id is required.
    +
    +
    launch_template_name
    string -
    -     		- -
    The name of the launch template. Only one of launch_template_name or launch_template_id is required.
    -     		+ +
    The name of the launch template. Only one of launch_template_name or launch_template_id is required.
    +
    +
    version
    string -
    -     		- -
    The version number of the launch template to use.
    -
    Defaults to latest version if not provided.
    -
    + + + +
    The version number of the launch template to use.
    +
    Defaults to latest version if not provided.
    +
    lc_check
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_config.
    +
    +
    load_balancers
    list - / elements=string
    -     		- -
    List of ELB names to use for the group. Use for classic load balancers.
    -     		+ +
    List of ELB names to use for the group. Use for classic load balancers.
    +
    +
    lt_check
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_template or I(launch_template version.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Check to make sure instances that are being replaced with replace_instances do not already have the current launch_template or I(launch_template version.
    +
    +
    max_instance_lifetime
    integer -
    -     		- -
    The maximum amount of time, in seconds, that an instance can be in service.
    -
    Maximum instance lifetime must be equal to 0, between 604800 and 31536000 seconds (inclusive), or not specified.
    -
    Value of 0 removes lifetime restriction.
    -     		+ +
    The maximum amount of time, in seconds, that an instance can be in service.
    +
    Maximum instance lifetime must be equal to 0, between 604800 and 31536000 seconds (inclusive), or not specified.
    +
    Value of 0 removes lifetime restriction.
    +
    +
    max_size
    integer -
    -     		- -
    Maximum number of instances in group, if unspecified then the current group value will be used.
    -     		+ +
    Maximum number of instances in group, if unspecified then the current group value will be used.
    +
    +
    metrics_collection
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enable ASG metrics collection.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enable ASG metrics collection.
    +
    +
    metrics_granularity
    string -
    -     		- Default:
    "1Minute"
    -     		-
    When metrics_collection=true this will determine the granularity of metrics collected by CloudWatch.
    -     		+ Default:
    "1Minute"
    +     		+
    When metrics_collection=true this will determine the granularity of metrics collected by CloudWatch.
    +
    +
    metrics_list
    list - / elements=string
    -     		- Default:
    ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
    -     		-
    List of autoscaling metrics to collect when metrics_collection=true.
    -     		+ Default:
    ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
    +     		+
    List of autoscaling metrics to collect when metrics_collection=true.
    +
    +
    min_size
    integer -
    -     		- -
    Minimum number of instances in group, if unspecified then the current group value will be used.
    -     		+ +
    Minimum number of instances in group, if unspecified then the current group value will be used.
    +
    +
    mixed_instances_policy
    dictionary -
    -     		- -
    A mixed instance policy to use for the ASG.
    -
    Only used when the ASG is configured to use a Launch Template (launch_template).
    - -
    + + + +
    A mixed instance policy to use for the ASG.
    +
    Only used when the ASG is configured to use a Launch Template (launch_template).
    + +
    instance_types
    list - / elements=string
    -     		- -
    A list of instance_types.
    -
    + / elements=string + + +
    A list of instance_types.
    +
    name
    string - / required
    -     		- -
    Unique name for group to be created or deleted.
    -     		+ +
    Unique name for group to be created or deleted.
    +
    +
    notification_topic
    string -
    -     		- -
    A SNS topic ARN to send auto scaling notifications to.
    -     		+ +
    A SNS topic ARN to send auto scaling notifications to.
    +
    +
    notification_types
    list - / elements=string
    -     		- Default:
    ["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
    -     		-
    A list of auto scaling events to trigger notifications on.
    -     		+ Default:
    ["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
    +     		+
    A list of auto scaling events to trigger notifications on.
    +
    +
    placement_group
    string -
    -     		- -
    Physical location of your cluster placement group created in Amazon EC2.
    -     		+ +
    Physical location of your cluster placement group created in Amazon EC2.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    replace_all_instances
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    In a rolling fashion, replace all instances that used the old launch configuration with one from the new launch configuration. It increases the ASG size by replace_batch_size, waits for the new instances to be up and running. After that, it terminates a batch of old instances, waits for the replacements, and repeats, until all old instances are replaced. Once that's done the ASG size is reduced back to the expected size.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    In a rolling fashion, replace all instances that used the old launch configuration with one from the new launch configuration. It increases the ASG size by replace_batch_size, waits for the new instances to be up and running. After that, it terminates a batch of old instances, waits for the replacements, and repeats, until all old instances are replaced. Once that's done the ASG size is reduced back to the expected size.
    +
    +
    replace_batch_size
    integer -
    -     		- Default:
    1
    -     		-
    Number of instances you'd like to replace at a time. Used with replace_all_instances.
    -     		+ Default:
    1
    +     		+
    Number of instances you'd like to replace at a time. Used with replace_all_instances.
    +
    +
    replace_instances
    list - / elements=string
    -     		- -
    List of instance_ids belonging to the named AutoScalingGroup that you would like to terminate and be replaced with instances matching the current launch configuration.
    -     		+ +
    List of instance_ids belonging to the named AutoScalingGroup that you would like to terminate and be replaced with instances matching the current launch configuration.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the instance.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the instance.
    +
    +
    suspend_processes
    list - / elements=string
    -     		- Default:
    []
    -     		-
    A list of scaling processes to suspend.
    -
    Valid values include:
    -
    Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer
    -
    Full documentation of valid values can be found in the AWS documentation:
    - -
    + / elements=string + + Default:
    []
    +     		+
    A list of scaling processes to suspend.
    +
    Valid values include:
    +
    Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer
    +
    Full documentation of valid values can be found in the AWS documentation:
    + +
    tags
    list - / elements=dictionary
    -     		- -
    A list of tags to add to the Auto Scale Group.
    -
    Optional key is propagate_at_launch, which defaults to true.
    -
    When propagate_at_launch is true the tags will be propagated to the Instances created.
    -     		+ +
    A list of tags to add to the Auto Scale Group.
    +
    Optional key is propagate_at_launch, which defaults to true.
    +
    When propagate_at_launch is true the tags will be propagated to the Instances created.
    +
    +
    target_group_arns
    list - / elements=string
    -     		- -
    List of target group ARNs to use for the group. Use for application load balancers.
    -     		+ +
    List of target group ARNs to use for the group. Use for application load balancers.
    +
    +
    termination_policies
    list - / elements=string
    -     		- Default:
    "Default"
    -     		-
    An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.
    -
    Using termination_policies=Default when modifying an existing AutoScalingGroup will result in the existing policy being retained instead of changed to Default.
    -
    Valid values include: Default, OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour
    -
    Full documentation of valid values can be found in the AWS documentation:
    - -
    + / elements=string + + Default:
    "Default"
    +     		+
    An ordered list of criteria used for selecting instances to be removed from the Auto Scaling group when reducing capacity.
    +
    Using termination_policies=Default when modifying an existing AutoScalingGroup will result in the existing policy being retained instead of changed to Default.
    +
    Valid values include: Default, OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour
    +
    Full documentation of valid values can be found in the AWS documentation:
    + +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_zone_identifier
    list - / elements=string
    -     		- -
    List of VPC subnets to use
    -     		+ +
    List of VPC subnets to use
    +
    +
    wait_for_instances
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of "InService" and a health_status of "Healthy".
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for the ASG instances to be in a ready state before exiting. If instances are behind an ELB, it will wait until the ELB determines all instances have a lifecycle_state of "InService" and a health_status of "Healthy".
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    How long to wait for instances to become viable when replaced. If you experience the error "Waited too long for ELB instances to be healthy", try increasing this value.
    -
    + + + + Default:
    300
    + + +
    How long to wait for instances to become viable when replaced. If you experience the error "Waited too long for ELB instances to be healthy", try increasing this value.
    + + +
    @@ -800,7 +819,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -811,7 +830,6 @@ Examples .. code-block:: yaml+jinja - # Basic configuration with Launch Configuration - community.aws.ec2_asg: @@ -919,7 +937,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -932,464 +949,464 @@ Common return values are documented `here Returned Description - - + +
    auto_scaling_group_arn
    string -
    - + + success -
    The unique ARN of the autoscaling group
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:123456789012:autoScalingGroup:6a09ad6d-eeee-1234-b987-ee123ced01ad:autoScalingGroupName/myasg
    - - - - +
    The unique ARN of the autoscaling group
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:123456789012:autoScalingGroup:6a09ad6d-eeee-1234-b987-ee123ced01ad:autoScalingGroupName/myasg
    + + + +
    auto_scaling_group_name
    string -
    - + + success -
    The unique name of the auto scaling group
    -
    -
    Sample:
    -
    myasg
    - - - - +
    The unique name of the auto scaling group
    +
    +
    Sample:
    +
    myasg
    + + + +
    availability_zones
    list -
    - + + success -
    The availability zones for the auto scaling group
    -
    -
    Sample:
    -
    ['us-east-1d']
    - - - - +
    The availability zones for the auto scaling group
    +
    +
    Sample:
    +
    ['us-east-1d']
    + + + +
    created_time
    string -
    - + + success -
    Timestamp of create time of the auto scaling group
    -
    -
    Sample:
    -
    2017-11-08T14:41:48.272000+00:00
    - - - - +
    Timestamp of create time of the auto scaling group
    +
    +
    Sample:
    +
    2017-11-08T14:41:48.272000+00:00
    + + + +
    default_cooldown
    integer -
    - + + success -
    The default cooldown time in seconds.
    -
    -
    Sample:
    -
    300
    - - - - +
    The default cooldown time in seconds.
    +
    +
    Sample:
    +
    300
    + + + +
    desired_capacity
    integer -
    - + + success -
    The number of EC2 instances that should be running in this group.
    -
    -
    Sample:
    -
    3
    - - - - +
    The number of EC2 instances that should be running in this group.
    +
    +
    Sample:
    +
    3
    + + + +
    healthcheck_period
    integer -
    - + + success -
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    -
    -
    Sample:
    -
    30
    - - - - +
    Length of time in seconds after a new EC2 instance comes into service that Auto Scaling starts checking its health.
    +
    +
    Sample:
    +
    30
    + + + +
    healthcheck_type
    string -
    - + + success -
    The service you want the health status from, one of "EC2" or "ELB".
    -
    -
    Sample:
    -
    ELB
    - - - - +
    The service you want the health status from, one of "EC2" or "ELB".
    +
    +
    Sample:
    +
    ELB
    + + + +
    healthy_instances
    integer -
    - + + success -
    Number of instances in a healthy state
    -
    -
    Sample:
    -
    5
    - - - - +
    Number of instances in a healthy state
    +
    +
    Sample:
    +
    5
    + + + +
    in_service_instances
    integer -
    - + + success -
    Number of instances in service
    -
    -
    Sample:
    -
    3
    - - - - +
    Number of instances in service
    +
    +
    Sample:
    +
    3
    + + + +
    instance_facts
    dictionary -
    - + + success -
    Dictionary of EC2 instances and their status as it relates to the ASG.
    -
    -
    Sample:
    -
    {'i-0123456789012': {'health_status': 'Healthy', 'launch_config_name': 'public-webapp-production-1', 'lifecycle_state': 'InService'}}
    - - - - +
    Dictionary of EC2 instances and their status as it relates to the ASG.
    +
    +
    Sample:
    +
    {'i-0123456789012': {'health_status': 'Healthy', 'launch_config_name': 'public-webapp-production-1', 'lifecycle_state': 'InService'}}
    + + + +
    instances
    list -
    - + + success -
    list of instance IDs in the ASG
    -
    -
    Sample:
    -
    ['i-0123456789012']
    - - - - +
    list of instance IDs in the ASG
    +
    +
    Sample:
    +
    ['i-0123456789012']
    + + + +
    launch_config_name
    string -
    - + + success -
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    -
    -
    Sample:
    -
    public-webapp-production-1
    - - - - +
    Name of launch configuration associated with the ASG. Same as launch_configuration_name, provided for compatibility with ec2_asg module.
    +
    +
    Sample:
    +
    public-webapp-production-1
    + + + +
    load_balancers
    list -
    - + + success -
    List of load balancers names attached to the ASG.
    -
    -
    Sample:
    -
    ['elb-webapp-prod']
    - - - - +
    List of load balancers names attached to the ASG.
    +
    +
    Sample:
    +
    ['elb-webapp-prod']
    + + + +
    max_instance_lifetime
    integer -
    - + + success -
    The maximum amount of time, in seconds, that an instance can be in service.
    -
    -
    Sample:
    -
    604800
    - - - - +
    The maximum amount of time, in seconds, that an instance can be in service.
    +
    +
    Sample:
    +
    604800
    + + + +
    max_size
    integer -
    - + + success -
    Maximum size of group
    -
    -
    Sample:
    -
    3
    - - - - +
    Maximum size of group
    +
    +
    Sample:
    +
    3
    + + + +
    metrics_collection
    list -
    - + + success -
    List of enabled AutosSalingGroup metrics
    -
    -
    Sample:
    -
    [{'Granularity': '1Minute', 'Metric': 'GroupInServiceInstances'}]
    - - - - +
    List of enabled AutosSalingGroup metrics
    +
    +
    Sample:
    +
    [{'Granularity': '1Minute', 'Metric': 'GroupInServiceInstances'}]
    + + + +
    min_size
    integer -
    - + + success -
    Minimum size of group
    -
    -
    Sample:
    -
    1
    - - - - +
    Minimum size of group
    +
    +
    Sample:
    +
    1
    + + + +
    mixed_instance_policy
    list -
    - + + success -
    Returns the list of instance types if a mixed instance policy is set.
    -
    -
    Sample:
    -
    ['t3.micro', 't3a.micro']
    - - - - +
    Returns the list of instance types if a mixed instance policy is set.
    +
    +
    Sample:
    +
    ['t3.micro', 't3a.micro']
    + + + +
    pending_instances
    integer -
    - + + success -
    Number of instances in pending state
    -
    -
    Sample:
    -
    1
    - - - - +
    Number of instances in pending state
    +
    +
    Sample:
    +
    1
    + + + +
    tags
    list -
    - + + success -
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    -
    -
    Sample:
    -
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    - - - - +
    List of tags for the ASG, and whether or not each tag propagates to instances at launch.
    +
    +
    Sample:
    +
    [{'key': 'Name', 'value': 'public-webapp-production-1', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}, {'key': 'env', 'value': 'production', 'resource_id': 'public-webapp-production-1', 'resource_type': 'auto-scaling-group', 'propagate_at_launch': 'true'}]
    + + + +
    target_group_arns
    list -
    - + + success -
    List of ARNs of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    - - - - +
    List of ARNs of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-host-hello/1a2b3c4d5e6f1a2b', 'arn:aws:elasticloadbalancing:ap-southeast-2:123456789012:targetgroup/target-group-path-world/abcd1234abcd1234']
    + + + +
    target_group_names
    list -
    - + + success -
    List of names of the target groups that the ASG populates
    -
    -
    Sample:
    -
    ['target-group-host-hello', 'target-group-path-world']
    - - - - +
    List of names of the target groups that the ASG populates
    +
    +
    Sample:
    +
    ['target-group-host-hello', 'target-group-path-world']
    + + + +
    termination_policies
    list -
    - + + success -
    A list of termination policies for the group.
    -
    -
    Sample:
    -
    ['Default']
    - - - - +
    A list of termination policies for the group.
    +
    +
    Sample:
    +
    ['Default']
    + + + +
    unhealthy_instances
    integer -
    - + + success -
    Number of instances in an unhealthy state
    -
    - +
    Number of instances in an unhealthy state
    +
    + - - + +
    viable_instances
    integer -
    - + + success -
    Number of instances in a viable state
    -
    -
    Sample:
    -
    1
    - - - - +
    Number of instances in a viable state
    +
    +
    Sample:
    +
    1
    + + + +
    vpc_zone_identifier
    string -
    - + + success -
    VPC zone ID / subnet id for the auto scaling group
    -
    -
    Sample:
    -
    subnet-a31ef45f
    - +
    VPC zone ID / subnet id for the auto scaling group
    +
    +
    Sample:
    +
    subnet-a31ef45f
    + - +

    @@ -1401,5 +1418,3 @@ Authors ~~~~~~~ - Gareth Rushgrove (@garethr) - - diff --git a/docs/community.aws.ec2_customer_gateway_info_module.rst b/docs/community.aws.ec2_customer_gateway_info_module.rst index 11504a79ca3..893ead7e0b6 100644 --- a/docs/community.aws.ec2_customer_gateway_info_module.rst +++ b/docs/community.aws.ec2_customer_gateway_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    customer_gateway_ids
    list - / elements=string
    -     		- -
    Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
    -     		+ +
    Get details of a specific customer gateways using customer gateway ID/IDs. This value should be provided as a list.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCustomerGateways.html for possible filters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all customer gateways @@ -264,7 +282,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -277,24 +294,24 @@ Common return values are documented `here Returned Description - - + +
    customer_gateways
    list -
    - + + always -
    List of one or more customer gateways.
    -
    -
    Sample:
    -
    [{'bgp_asn': '65000', 'customer_gateway_id': 'cgw-fec844ce', 'customer_gateway_name': 'test-customer-gw', 'ip_address': '110.112.113.120', 'state': 'available', 'tags': [{'key': 'Name', 'value': 'test-customer-gw'}], 'type': 'ipsec.1'}]
    - +
    List of one or more customer gateways.
    +
    +
    Sample:
    +
    [{'bgp_asn': '65000', 'customer_gateway_id': 'cgw-fec844ce', 'customer_gateway_name': 'test-customer-gw', 'ip_address': '110.112.113.120', 'state': 'available', 'tags': [{'key': 'Name', 'value': 'test-customer-gw'}], 'type': 'ipsec.1'}]
    + - +

    @@ -306,5 +323,3 @@ Authors ~~~~~~~ - Madhura Naniwadekar (@Madhura-CSI) - - diff --git a/docs/community.aws.ec2_customer_gateway_module.rst b/docs/community.aws.ec2_customer_gateway_module.rst index 5d9fcaf5784..2abee19b453 100644 --- a/docs/community.aws.ec2_customer_gateway_module.rst +++ b/docs/community.aws.ec2_customer_gateway_module.rst @@ -37,244 +37,263 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bgp_asn
    integer -
    -     		- -
    Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
    -     		+ +
    Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    ip_address
    string - / required
    -     		- -
    Internet-routable IP address for customers gateway, must be a static address.
    -     		+ +
    Internet-routable IP address for customers gateway, must be a static address.
    +
    +
    name
    string - / required
    -     		- -
    Name of the customer gateway.
    -     		+ +
    Name of the customer gateway.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    routing
    string -
    -     		-
      Choices: -
    • static
      • -
    • dynamic ←
      • -
    -     		-
    The type of routing.
    -     		+
      Choices: +
    • static
      • +
    • dynamic ←
      • +
    +     		+
    The type of routing.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or terminate the Customer Gateway.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or terminate the Customer Gateway.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -284,7 +303,7 @@ Notes .. note:: - You cannot create more than one customer gateway with the same IP address. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources. - Return values contain customer_gateway and customer_gateways keys which are identical dicts. You should use customer_gateway. See https://github.com/ansible/ansible-modules-extras/issues/2773 for details. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -295,7 +314,6 @@ Examples .. code-block:: yaml+jinja - - name: Create Customer Gateway community.aws.ec2_customer_gateway: bgp_asn: 12345 @@ -314,7 +332,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -327,129 +344,129 @@ Common return values are documented `here Returned Description - - + +
    gateway.customer_gateways
    complex -
    - + + success -
    details about the gateway that was created.
    -
    - +
    details about the gateway that was created.
    +
    + - -   - + +   +
    bgp_asn
    string -
    - + + when exists and gateway is available. -
    The Border Gateway Autonomous System Number.
    -
    -
    Sample:
    -
    65123
    - +
    The Border Gateway Autonomous System Number.
    +
    +
    Sample:
    +
    65123
    + - -   - + +   +
    customer_gateway_id
    string -
    - + + when exists and gateway is available. -
    gateway id assigned by amazon.
    -
    -
    Sample:
    -
    cgw-cb6386a2
    - +
    gateway id assigned by amazon.
    +
    +
    Sample:
    +
    cgw-cb6386a2
    + - -   - + +   +
    ip_address
    string -
    - + + when exists and gateway is available. -
    ip address of your gateway device.
    -
    -
    Sample:
    -
    1.2.3.4
    - +
    ip address of your gateway device.
    +
    +
    Sample:
    +
    1.2.3.4
    + - -   - + +   +
    state
    string -
    - + + when gateway exists and is available. -
    state of gateway.
    -
    -
    Sample:
    -
    available
    - +
    state of gateway.
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    tags
    list -
    - + + when gateway exists and is available, and when tags exist. -
    Any tags on the gateway.
    -
    - +
    Any tags on the gateway.
    +
    + - -   - + +   +
    type
    string -
    - + + when gateway exists and is available. -
    encryption type.
    -
    -
    Sample:
    -
    ipsec.1
    - +
    encryption type.
    +
    +
    Sample:
    +
    ipsec.1
    + - - + +

    @@ -461,5 +478,3 @@ Authors ~~~~~~~ - Michael Baydoun (@MichaelBaydoun) - - diff --git a/docs/community.aws.ec2_eip_info_module.rst b/docs/community.aws.ec2_eip_info_module.rst index 3a61c11d742..010e0f66a18 100644 --- a/docs/community.aws.ec2_eip_info_module.rst +++ b/docs/community.aws.ec2_eip_info_module.rst @@ -36,177 +36,196 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and filter value. See https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-addresses.html#options for possible filters. Filter names and values are case sensitive.
    -     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and filter value. See https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-addresses.html#options for possible filters. Filter names and values are case sensitive.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -214,7 +233,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -225,7 +244,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. @@ -239,7 +257,7 @@ Examples instance-id: i-123456789 register: my_vm_eips - - debug: + - ansible.builtin.debug: msg: "{{ my_vm_eips.addresses | json_query(\"[?private_ip_address=='10.0.0.5']\") }}" - name: List all EIP addresses for several VMs. @@ -264,14 +282,12 @@ Examples # Set the variable eip_alloc to the value of the first allocation_id # and set the variable my_pub_ip to the value of the first public_ip - - set_fact: + - ansible.builtin.set_fact: eip_alloc: my_vms_eips.addresses[0].allocation_id my_pub_ip: my_vms_eips.addresses[0].public_ip - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -284,24 +300,24 @@ Common return values are documented `here Returned Description - - + +
    addresses
    list -
    - + + on success -
    Properties of all Elastic IP addresses matching the provided filters. Each element is a dict with all the information related to an EIP.
    -
    -
    Sample:
    -
    [{'allocation_id': 'eipalloc-64de1b01', 'association_id': 'eipassoc-0fe9ce90d6e983e97', 'domain': 'vpc', 'instance_id': 'i-01020cfeb25b0c84f', 'network_interface_id': 'eni-02fdeadfd4beef9323b', 'network_interface_owner_id': '0123456789', 'private_ip_address': '10.0.0.1', 'public_ip': '54.81.104.1', 'tags': {'Name': 'test-vm-54.81.104.1'}}]
    - +
    Properties of all Elastic IP addresses matching the provided filters. Each element is a dict with all the information related to an EIP.
    +
    +
    Sample:
    +
    [{'allocation_id': 'eipalloc-64de1b01', 'association_id': 'eipassoc-0fe9ce90d6e983e97', 'domain': 'vpc', 'instance_id': 'i-01020cfeb25b0c84f', 'network_interface_id': 'eni-02fdeadfd4beef9323b', 'network_interface_owner_id': '0123456789', 'private_ip_address': '10.0.0.1', 'public_ip': '54.81.104.1', 'tags': {'Name': 'test-vm-54.81.104.1'}}]
    + - +

    @@ -313,5 +329,3 @@ Authors ~~~~~~~ - Brad Macpherson (@iiibrad) - - diff --git a/docs/community.aws.ec2_eip_module.rst b/docs/community.aws.ec2_eip_module.rst index 72e4aee7b6e..e33ab8148a5 100644 --- a/docs/community.aws.ec2_eip_module.rst +++ b/docs/community.aws.ec2_eip_module.rst @@ -36,367 +36,386 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    allow_reassociation
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specify this option to allow an Elastic IP address that is already associated with another network interface or instance to be re-associated with the specified instance or interface.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    device_id
    string -
    -     		- -
    The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.
    -

    aliases: instance_id
    -     		+ +
    The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id.
    +

    aliases: instance_id
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    in_vpc
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Allocate an EIP inside a VPC or not.
    -
    Required if specifying an ENI with device_id.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Allocate an EIP inside a VPC or not.
    +
    Required if specifying an ENI with device_id.
    +
    +
    private_ip_address
    string -
    -     		- -
    The primary or secondary private IP address to associate with the Elastic IP address.
    -     		+ +
    The primary or secondary private IP address to associate with the Elastic IP address.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    public_ip
    string -
    -     		- -
    The IP address of a previously allocated EIP.
    -
    When public_ip=present and device is specified, the EIP is associated with the device.
    -
    When public_ip=absent and device is specified, the EIP is disassociated from the device.
    -

    aliases: ip
    -     		+ +
    The IP address of a previously allocated EIP.
    +
    When public_ip=present and device is specified, the EIP is associated with the device.
    +
    When public_ip=absent and device is specified, the EIP is disassociated from the device.
    +

    aliases: ip
    +
    +
    public_ipv4_pool
    string -
    -     		- -
    Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when reuse_existing_ip_allowed=true.
    -     		+ +
    Allocates the new Elastic IP from the provided public IPv4 pool (BYOIP) only applies to newly allocated Elastic IPs, isn't validated when reuse_existing_ip_allowed=true.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    release_on_disassociation
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to automatically release the EIP when it is disassociated.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to automatically release the EIP when it is disassociated.
    +
    +
    reuse_existing_ip_allowed
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Reuse an EIP that is not associated to a device (when available), instead of allocating a new one.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    When state=present, allocate an EIP or associate an existing EIP with a device.
    -
    When state=absent, disassociate the EIP from the device and optionally release it.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    When state=present, allocate an EIP or associate an existing EIP with a device.
    +
    When state=absent, disassociate the EIP from the device and optionally release it.
    +
    +
    tag_name
    string -
    -     		- -
    When reuse_existing_ip_allowed=true, supplement with this option to only reuse an Elastic IP if it is tagged with tag_name.
    -     		+ +
    When reuse_existing_ip_allowed=true, supplement with this option to only reuse an Elastic IP if it is tagged with tag_name.
    +
    +
    tag_value
    string -
    -     		- -
    Supplements tag_name but also checks that the value of the tag provided in tag_name matches tag_value.
    -     		+ +
    Supplements tag_name but also checks that the value of the tag provided in tag_name matches tag_value.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait_timeout
    integer -
    -     		- -
    The wait_timeout option does nothing and will be removed after 2022-06-01
    -     		+ +
    The wait_timeout option does nothing and will be removed after 2022-06-01
    +
    +
    @@ -406,7 +425,7 @@ Notes .. note:: - There may be a delay between the time the EIP is assigned and when the cloud instance is reachable via the new address. Use wait_for and pause to delay further playbook execution until the instance is reachable, if necessary. - This module returns multiple changed statuses on disassociation or release. It returns an overall status based on any changes occurring. It also returns individual changed statuses for disassociation and release. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -417,7 +436,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: associate an elastic IP with an instance @@ -458,7 +476,7 @@ Examples register: eip - name: output the IP - debug: + ansible.builtin.debug: msg: "Allocated IP is {{ eip.public_ip }}" - name: provision new instances with ec2 @@ -483,7 +501,7 @@ Examples register: eip - name: output the IP - debug: + ansible.builtin.debug: msg: "Allocated IP inside a VPC is {{ eip.public_ip }}" - name: allocate eip - reuse unallocated ips (if found) with FREE tag @@ -526,7 +544,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -539,41 +556,41 @@ Common return values are documented `here Returned Description - - + +
    allocation_id
    string -
    - + + on success -
    allocation_id of the elastic ip
    -
    -
    Sample:
    -
    eipalloc-51aa3a6c
    - +
    allocation_id of the elastic ip
    +
    +
    Sample:
    +
    eipalloc-51aa3a6c
    + - - + +
    public_ip
    string -
    - + + on success -
    an elastic ip address
    -
    -
    Sample:
    -
    52.88.159.209
    - +
    an elastic ip address
    +
    +
    Sample:
    +
    52.88.159.209
    + - +

    @@ -585,5 +602,3 @@ Authors ~~~~~~~ - Rick Mendes (@rickmendes) - - diff --git a/docs/community.aws.ec2_elb_info_module.rst b/docs/community.aws.ec2_elb_info_module.rst index 6d0839f7359..84a9c91fa27 100644 --- a/docs/community.aws.ec2_elb_info_module.rst +++ b/docs/community.aws.ec2_elb_info_module.rst @@ -36,176 +36,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    names
    list -
    -     		- -
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    -     		+ +
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -213,7 +232,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -224,14 +243,13 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Output format tries to match amazon.aws.ec2_elb_lb module input parameters - name: Gather information about all ELBs - ec2_elb_info: + community.aws.ec2_elb_info: register: elb_info - - debug: + - ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" @@ -240,25 +258,23 @@ Examples names: frontend-prod-elb register: elb_info - - debug: + - ansible.builtin.debug: msg: "{{ elb_info.elbs.0.dns_name }}" - name: Gather information about a set of ELBs - ec2_elb_info: + community.aws.ec2_elb_info: names: - frontend-prod-elb - backend-prod-elb register: elb_info - - debug: + - ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" - - Status ------ @@ -268,5 +284,3 @@ Authors - Michael Schultz (@mjschultz) - Fernando Jose Pando (@nand0p) - - diff --git a/docs/community.aws.ec2_elb_module.rst b/docs/community.aws.ec2_elb_module.rst index b999dc525d0..bd7ab66cae7 100644 --- a/docs/community.aws.ec2_elb_module.rst +++ b/docs/community.aws.ec2_elb_module.rst @@ -37,264 +37,284 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_elbs
    list -
    -     		- -
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    -     		+ +
    List of ELB names, required for registration.
    +
    The ec2_elbs fact should be used if there was a previous de-register.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    enable_availability_zone
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    +
    +
    instance_id
    string - / required
    -     		- -
    EC2 Instance ID
    -     		+ +
    EC2 Instance ID
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    register or deregister the instance
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    register or deregister the instance
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for instance registration or deregistration to complete successfully before returning.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for instance registration or deregistration to complete successfully before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    0
    -     		-
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    -     		+ Default:
    0
    +     		+
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    +
    +
    @@ -302,7 +322,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -313,7 +333,6 @@ Examples .. code-block:: yaml+jinja - # basic pre_task and post_task example pre_tasks: - name: Instance De-register @@ -333,7 +352,6 @@ Examples - Status ------ @@ -342,5 +360,3 @@ Authors ~~~~~~~ - John Jarvis (@jarv) - - diff --git a/docs/community.aws.ec2_instance_info_module.rst b/docs/community.aws.ec2_instance_info_module.rst index 9ce9905549b..c39ff9731e9 100644 --- a/docs/community.aws.ec2_instance_info_module.rst +++ b/docs/community.aws.ec2_instance_info_module.rst @@ -38,192 +38,211 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for possible filters. Filter names and values are case sensitive.
    -     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for possible filters. Filter names and values are case sensitive.
    +
    +
    instance_ids
    list -
    -     		- -
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    -     		+ +
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -231,7 +250,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -242,7 +261,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all instances @@ -270,8 +288,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -284,1540 +300,1540 @@ Common return values are documented `here Returned Description - - + +
    instances
    complex -
    - + + always -
    a list of ec2 instances
    -
    - +
    a list of ec2 instances
    +
    + - -   - + +   +
    ami_launch_index
    integer -
    - + + always -
    The AMI launch index, which can be used to find this instance in the launch group.
    -
    - +
    The AMI launch index, which can be used to find this instance in the launch group.
    +
    + - -   - + +   +
    architecture
    string -
    - + + always -
    The architecture of the image
    -
    -
    Sample:
    -
    x86_64
    - +
    The architecture of the image
    +
    +
    Sample:
    +
    x86_64
    + - -   - + +   +
    block_device_mappings
    complex -
    - + + always -
    Any block device mapping entries for the instance.
    -
    - +
    Any block device mapping entries for the instance.
    +
    + - -   -   - + +   +   +
    device_name
    string -
    - + + always -
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    -
    -
    Sample:
    -
    /dev/sdh
    - +
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    +
    +
    Sample:
    +
    /dev/sdh
    + - -   -   - + +   +   +
    ebs
    complex -
    - + + always -
    Parameters used to automatically set up EBS volumes when the instance is launched.
    -
    - +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    +
    + - -   -   -   - + +   +   +   +
    attach_time
    string -
    - + + always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    - +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    + - -   -   -   - + +   +   +   +
    delete_on_termination
    boolean -
    - + + always -
    Indicates whether the volume is deleted on instance termination.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether the volume is deleted on instance termination.
    +
    +
    Sample:
    +
    True
    + - -   -   -   - + +   +   +   +
    status
    string -
    - + + always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    - +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    + - -   -   -   - + +   +   +   +
    volume_id
    string -
    - + + always -
    The ID of the EBS volume
    -
    -
    Sample:
    -
    vol-12345678
    - +
    The ID of the EBS volume
    +
    +
    Sample:
    +
    vol-12345678
    + - - - -   - + + + +   +
    client_token
    string -
    - + + always -
    The idempotency token you provided when you launched the instance, if applicable.
    -
    -
    Sample:
    -
    mytoken
    - +
    The idempotency token you provided when you launched the instance, if applicable.
    +
    +
    Sample:
    +
    mytoken
    + - -   - + +   +
    cpu_options
    complex -
    - + + always if botocore version >= 1.10.16 -
    The CPU options set for the instance.
    -
    - +
    The CPU options set for the instance.
    +
    + - -   -   - + +   +   +
    core_count
    integer -
    - + + always -
    The number of CPU cores for the instance.
    -
    -
    Sample:
    -
    1
    - +
    The number of CPU cores for the instance.
    +
    +
    Sample:
    +
    1
    + - -   -   - + +   +   +
    threads_per_core
    integer -
    - + + always -
    The number of threads per CPU core. On supported instance, a value of 1 means Intel Hyper-Threading Technology is disabled.
    -
    -
    Sample:
    -
    1
    - +
    The number of threads per CPU core. On supported instance, a value of 1 means Intel Hyper-Threading Technology is disabled.
    +
    +
    Sample:
    +
    1
    + - - -   - + + +   +
    ebs_optimized
    boolean -
    - + + always -
    Indicates whether the instance is optimized for EBS I/O.
    -
    - +
    Indicates whether the instance is optimized for EBS I/O.
    +
    + - -   - + +   +
    hypervisor
    string -
    - + + always -
    The hypervisor type of the instance.
    -
    -
    Sample:
    -
    xen
    - +
    The hypervisor type of the instance.
    +
    +
    Sample:
    +
    xen
    + - -   - + +   +
    iam_instance_profile
    complex -
    - + + always -
    The IAM instance profile associated with the instance, if applicable.
    -
    - +
    The IAM instance profile associated with the instance, if applicable.
    +
    + - -   -   - + +   +   +
    arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the instance profile.
    -
    -
    Sample:
    -
    arn:aws:iam::000012345678:instance-profile/myprofile
    - +
    The Amazon Resource Name (ARN) of the instance profile.
    +
    +
    Sample:
    +
    arn:aws:iam::000012345678:instance-profile/myprofile
    + - -   -   - + +   +   +
    id
    string -
    - + + always -
    The ID of the instance profile
    -
    -
    Sample:
    -
    JFJ397FDG400FG9FD1N
    - +
    The ID of the instance profile
    +
    +
    Sample:
    +
    JFJ397FDG400FG9FD1N
    + - - -   - + + +   +
    image_id
    string -
    - + + always -
    The ID of the AMI used to launch the instance.
    -
    -
    Sample:
    -
    ami-0011223344
    - +
    The ID of the AMI used to launch the instance.
    +
    +
    Sample:
    +
    ami-0011223344
    + - -   - + +   +
    instance_id
    string -
    - + + always -
    The ID of the instance.
    -
    -
    Sample:
    -
    i-012345678
    - +
    The ID of the instance.
    +
    +
    Sample:
    +
    i-012345678
    + - -   - + +   +
    instance_type
    string -
    - + + always -
    The instance type size of the running instance.
    -
    -
    Sample:
    -
    t2.micro
    - +
    The instance type size of the running instance.
    +
    +
    Sample:
    +
    t2.micro
    + - -   - + +   +
    key_name
    string -
    - + + always -
    The name of the key pair, if this instance was launched with an associated key pair.
    -
    -
    Sample:
    -
    my-key
    - +
    The name of the key pair, if this instance was launched with an associated key pair.
    +
    +
    Sample:
    +
    my-key
    + - -   - + +   +
    launch_time
    string -
    - + + always -
    The time the instance was launched.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    - +
    The time the instance was launched.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    + - -   - + +   +
    monitoring
    complex -
    - + + always -
    The monitoring for the instance.
    -
    - +
    The monitoring for the instance.
    +
    + - -   -   - + +   +   +
    state
    string -
    - + + always -
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    -
    -
    Sample:
    -
    disabled
    - +
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    +
    +
    Sample:
    +
    disabled
    + - - -   - + + +   +
    network_interfaces
    complex -
    - + + always -
    One or more network interfaces for the instance.
    -
    - +
    One or more network interfaces for the instance.
    +
    + - -   -   - + +   +   +
    association
    complex -
    - + + always -
    The association information for an Elastic IPv4 associated with the network interface.
    -
    - +
    The association information for an Elastic IPv4 associated with the network interface.
    +
    + - -   -   -   - + +   +   +   +
    ip_owner_id
    string -
    - + + always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    - +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    + - -   -   -   - + +   +   +   +
    public_dns_name
    string -
    - + + always -
    The public DNS name.
    -
    - +
    The public DNS name.
    +
    + - -   -   -   - + +   +   +   +
    public_ip
    string -
    - + + always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    - +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    + - - -   -   - + + +   +   +
    attachment
    complex -
    - + + always -
    The network interface attachment.
    -
    - +
    The network interface attachment.
    +
    + - -   -   -   - + +   +   +   +
    attach_time
    string -
    - + + always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    - +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    + - -   -   -   - + +   +   +   +
    attachment_id
    string -
    - + + always -
    The ID of the network interface attachment.
    -
    -
    Sample:
    -
    eni-attach-3aff3f
    - +
    The ID of the network interface attachment.
    +
    +
    Sample:
    +
    eni-attach-3aff3f
    + - -   -   -   - + +   +   +   +
    delete_on_termination
    boolean -
    - + + always -
    Indicates whether the network interface is deleted when the instance is terminated.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether the network interface is deleted when the instance is terminated.
    +
    +
    Sample:
    +
    True
    + - -   -   -   - + +   +   +   +
    device_index
    integer -
    - + + always -
    The index of the device on the instance for the network interface attachment.
    -
    - +
    The index of the device on the instance for the network interface attachment.
    +
    + - -   -   -   - + +   +   +   +
    status
    string -
    - + + always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    - +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    + - - -   -   - + + +   +   +
    description
    string -
    - + + always -
    The description.
    -
    -
    Sample:
    -
    My interface
    - +
    The description.
    +
    +
    Sample:
    +
    My interface
    + - -   -   - + +   +   +
    groups
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more security groups.
    -
    - +
    One or more security groups.
    +
    + - -   -   -   - + +   +   +   +
    group_id
    string -
    - + + always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-abcdef12
    - +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-abcdef12
    + - -   -   -   - + +   +   +   +
    group_name
    string -
    - + + always -
    The name of the security group.
    -
    -
    Sample:
    -
    mygroup
    - +
    The name of the security group.
    +
    +
    Sample:
    +
    mygroup
    + - - -   -   - + + +   +   +
    ipv6_addresses
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more IPv6 addresses associated with the network interface.
    -
    - +
    One or more IPv6 addresses associated with the network interface.
    +
    + - -   -   -   - + +   +   +   +
    ipv6_address
    string -
    - + + always -
    The IPv6 address.
    -
    -
    Sample:
    -
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    - +
    The IPv6 address.
    +
    +
    Sample:
    +
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    + - - -   -   - + + +   +   +
    mac_address
    string -
    - + + always -
    The MAC address.
    -
    -
    Sample:
    -
    00:11:22:33:44:55
    - +
    The MAC address.
    +
    +
    Sample:
    +
    00:11:22:33:44:55
    + - -   -   - + +   +   +
    network_interface_id
    string -
    - + + always -
    The ID of the network interface.
    -
    -
    Sample:
    -
    eni-01234567
    - +
    The ID of the network interface.
    +
    +
    Sample:
    +
    eni-01234567
    + - -   -   - + +   +   +
    owner_id
    string -
    - + + always -
    The AWS account ID of the owner of the network interface.
    -
    -
    Sample:
    -
    01234567890
    - +
    The AWS account ID of the owner of the network interface.
    +
    +
    Sample:
    +
    01234567890
    + - -   -   - + +   +   +
    private_ip_address
    string -
    - + + always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    - +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    + - -   -   - + +   +   +
    private_ip_addresses
    list - / elements=dictionary
    - + / elements=dictionary + always -
    The private IPv4 addresses associated with the network interface.
    -
    - +
    The private IPv4 addresses associated with the network interface.
    +
    + - -   -   -   - + +   +   +   +
    association
    complex -
    - + + always -
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    -
    - +
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    +
    + - -   -   -   -   - + +   +   +   +   +
    ip_owner_id
    string -
    - + + always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    - +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    + - -   -   -   -   - + +   +   +   +   +
    public_dns_name
    string -
    - + + always -
    The public DNS name.
    -
    - +
    The public DNS name.
    +
    + - -   -   -   -   - + +   +   +   +   +
    public_ip
    string -
    - + + always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    - +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    + - - -   -   -   - + + +   +   +   +
    primary
    boolean -
    - + + always -
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    +
    +
    Sample:
    +
    True
    + - -   -   -   - + +   +   +   +
    private_ip_address
    string -
    - + + always -
    The private IPv4 address of the network interface.
    -
    -
    Sample:
    -
    10.0.0.1
    - +
    The private IPv4 address of the network interface.
    +
    +
    Sample:
    +
    10.0.0.1
    + - - -   -   - + + +   +   +
    source_dest_check
    boolean -
    - + + always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    + - -   -   - + +   +   +
    status
    string -
    - + + always -
    The status of the network interface.
    -
    -
    Sample:
    -
    in-use
    - +
    The status of the network interface.
    +
    +
    Sample:
    +
    in-use
    + - -   -   - + +   +   +
    subnet_id
    string -
    - + + always -
    The ID of the subnet for the network interface.
    -
    -
    Sample:
    -
    subnet-0123456
    - +
    The ID of the subnet for the network interface.
    +
    +
    Sample:
    +
    subnet-0123456
    + - -   -   - + +   +   +
    vpc_id
    string -
    - + + always -
    The ID of the VPC for the network interface.
    -
    -
    Sample:
    -
    vpc-0123456
    - +
    The ID of the VPC for the network interface.
    +
    +
    Sample:
    +
    vpc-0123456
    + - - -   - + + +   +
    placement
    complex -
    - + + always -
    The location where the instance launched, if applicable.
    -
    - +
    The location where the instance launched, if applicable.
    +
    + - -   -   - + +   +   +
    availability_zone
    string -
    - + + always -
    The Availability Zone of the instance.
    -
    -
    Sample:
    -
    ap-southeast-2a
    - +
    The Availability Zone of the instance.
    +
    +
    Sample:
    +
    ap-southeast-2a
    + - -   -   - + +   +   +
    group_name
    string -
    - + + always -
    The name of the placement group the instance is in (for cluster compute instances).
    -
    - +
    The name of the placement group the instance is in (for cluster compute instances).
    +
    + - -   -   - + +   +   +
    tenancy
    string -
    - + + always -
    The tenancy of the instance (if the instance is running in a VPC).
    -
    -
    Sample:
    -
    default
    - +
    The tenancy of the instance (if the instance is running in a VPC).
    +
    +
    Sample:
    +
    default
    + - - -   - + + +   +
    private_dns_name
    string -
    - + + always -
    The private DNS name.
    -
    -
    Sample:
    -
    ip-10-0-0-1.ap-southeast-2.compute.internal
    - +
    The private DNS name.
    +
    +
    Sample:
    +
    ip-10-0-0-1.ap-southeast-2.compute.internal
    + - -   - + +   +
    private_ip_address
    string -
    - + + always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    - +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    + - -   - + +   +
    product_codes
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more product codes.
    -
    - +
    One or more product codes.
    +
    + - -   -   - + +   +   +
    product_code_id
    string -
    - + + always -
    The product code.
    -
    -
    Sample:
    -
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    - +
    The product code.
    +
    +
    Sample:
    +
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    + - -   -   - + +   +   +
    product_code_type
    string -
    - + + always -
    The type of product code.
    -
    -
    Sample:
    -
    marketplace
    - +
    The type of product code.
    +
    +
    Sample:
    +
    marketplace
    + - - -   - + + +   +
    public_dns_name
    string -
    - + + always -
    The public DNS name assigned to the instance.
    -
    - +
    The public DNS name assigned to the instance.
    +
    + - -   - + +   +
    public_ip_address
    string -
    - + + always -
    The public IPv4 address assigned to the instance
    -
    -
    Sample:
    -
    52.0.0.1
    - +
    The public IPv4 address assigned to the instance
    +
    +
    Sample:
    +
    52.0.0.1
    + - -   - + +   +
    root_device_name
    string -
    - + + always -
    The device name of the root device
    -
    -
    Sample:
    -
    /dev/sda1
    - +
    The device name of the root device
    +
    +
    Sample:
    +
    /dev/sda1
    + - -   - + +   +
    root_device_type
    string -
    - + + always -
    The type of root device used by the AMI.
    -
    -
    Sample:
    -
    ebs
    - +
    The type of root device used by the AMI.
    +
    +
    Sample:
    +
    ebs
    + - -   - + +   +
    security_groups
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more security groups for the instance.
    -
    - +
    One or more security groups for the instance.
    +
    + - -   -   - + +   +   +
    group_id
    string -
    - + + always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-0123456
    - +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-0123456
    + - -   -   - + +   +   +
    group_name
    string -
    - + + always -
    The name of the security group.
    -
    -
    Sample:
    -
    my-security-group
    - +
    The name of the security group.
    +
    +
    Sample:
    +
    my-security-group
    + - - -   - + + +   +
    source_dest_check
    boolean -
    - + + always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    state
    complex -
    - + + always -
    The current state of the instance.
    -
    - +
    The current state of the instance.
    +
    + - -   -   - + +   +   +
    code
    integer -
    - + + always -
    The low byte represents the state.
    -
    -
    Sample:
    -
    16
    - +
    The low byte represents the state.
    +
    +
    Sample:
    +
    16
    + - -   -   - + +   +   +
    name
    string -
    - + + always -
    The name of the state.
    -
    -
    Sample:
    -
    running
    - +
    The name of the state.
    +
    +
    Sample:
    +
    running
    + - - -   - + + +   +
    state_transition_reason
    string -
    - + + always -
    The reason for the most recent state transition.
    -
    - +
    The reason for the most recent state transition.
    +
    + - -   - + +   +
    subnet_id
    string -
    - + + always -
    The ID of the subnet in which the instance is running.
    -
    -
    Sample:
    -
    subnet-00abcdef
    - +
    The ID of the subnet in which the instance is running.
    +
    +
    Sample:
    +
    subnet-00abcdef
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    Any tags assigned to the instance.
    -
    - +
    Any tags assigned to the instance.
    +
    + - -   - + +   +
    virtualization_type
    string -
    - + + always -
    The type of virtualization of the AMI.
    -
    -
    Sample:
    -
    hvm
    - +
    The type of virtualization of the AMI.
    +
    +
    Sample:
    +
    hvm
    + - -   - + +   +
    vpc_id
    dictionary -
    - + + always -
    The ID of the VPC the instance is in.
    -
    -
    Sample:
    -
    vpc-0011223344
    - +
    The ID of the VPC the instance is in.
    +
    +
    Sample:
    +
    vpc-0011223344
    + - - + +

    @@ -1830,5 +1846,3 @@ Authors - Michael Schuett (@michaeljs1990) - Rob White (@wimnat) - - diff --git a/docs/community.aws.ec2_instance_module.rst b/docs/community.aws.ec2_instance_module.rst index 746cdc53581..4232d031243 100644 --- a/docs/community.aws.ec2_instance_module.rst +++ b/docs/community.aws.ec2_instance_module.rst @@ -39,1042 +39,1061 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + / required + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    availability_zone
    string -
    -     		- -
    Specify an availability zone to use the default subnet it. Useful if not specifying the vpc_subnet_id parameter.
    -
    If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
    -     		+ +
    Specify an availability zone to use the default subnet it. Useful if not specifying the vpc_subnet_id parameter.
    +
    If no subnet, ENI, or availability zone is provided, the default subnet in the default VPC will be used in the first AZ (alphabetically sorted).
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cpu_credit_specification
    string -
    -     		-
      Choices: -
    • unlimited
      • -
    • standard
      • -
    -     		-
    For T series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.
    -
    Choose unlimited to enable buying additional CPU credits.
    -     		+
      Choices: +
    • unlimited
      • +
    • standard
      • +
    +     		+
    For T series instances, choose whether to allow increased charges to buy CPU credits if the default pool is depleted.
    +
    Choose unlimited to enable buying additional CPU credits.
    +
    +
    cpu_options
    dictionary -
    -     		- -
    Reduce the number of vCPU exposed to the instance.
    -
    Those parameters can only be set at instance launch. The two suboptions threads_per_core and core_count are mandatory.
    - -
    Requires botocore >= 1.10.16
    -
    + + + +
    Reduce the number of vCPU exposed to the instance.
    +
    Those parameters can only be set at instance launch. The two suboptions threads_per_core and core_count are mandatory.
    + +
    Requires botocore >= 1.10.16
    +
    core_count
    integer - / required
    -     		- -
    Set the number of core to enable.
    -     		+ +
    Set the number of core to enable.
    +
    +
    threads_per_core
    integer - / required
    -     		-
      Choices: -
    • 1
      • -
    • 2
      • -
    -     		-
    Select the number of threads per core to enable. Disable or Enable Intel HT.
    -
    + / required + +
      Choices: +
    • 1
      • +
    • 2
      • +
    +     		+
    Select the number of threads per core to enable. Disable or Enable Intel HT.
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    detailed_monitoring
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to allow detailed cloudwatch metrics to be collected, enabling more detailed alerting.
    +
    +
    ebs_optimized
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether instance is should use optimized EBS volumes, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether instance is should use optimized EBS volumes, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html. for possible filters. Filter names and values are case sensitive.
    -
    By default, instances are filtered for counting by their "Name" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
    -     		+ +
    A dict of filters to apply when deciding whether existing instances match and should be altered. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html. for possible filters. Filter names and values are case sensitive.
    +
    By default, instances are filtered for counting by their "Name" tag, base AMI, state (running, by default), and subnet ID. Any queryable filter can be used. Good candidates are specific tags, SSH keys, or security groups.
    +
    +
    image
    dictionary -
    -     		- -
    An image to use for the instance. The amazon.aws.ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
    -
    + + + +
    An image to use for the instance. The amazon.aws.ec2_ami_info module may be used to retrieve images. One of image or image_id are required when instance is not already present.
    +
    id
    string -
    -     		- -
    The AMI ID.
    -     		+ +
    The AMI ID.
    +
    +
    kernel
    - -
    -     		- -
    a string AKI to override the AMI kernel.
    -     		+ +
    a string AKI to override the AMI kernel.
    +
    +
    ramdisk
    string -
    -     		- -
    Overrides the AMI's default ramdisk ID.
    -
    + + + +
    Overrides the AMI's default ramdisk ID.
    +
    image_id
    string -
    -     		- -
    ami ID to use for the instance. One of image or image_id are required when instance is not already present.
    -
    This is an alias for image.id.
    -     		+ +
    ami ID to use for the instance. One of image or image_id are required when instance is not already present.
    +
    This is an alias for image.id.
    +
    +
    instance_ids
    list -
    -     		- -
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    -     		+ +
    If you specify one or more instance IDs, only instances that have the specified IDs are returned.
    +
    +
    instance_initiated_shutdown_behavior
    string -
    -     		-
      Choices: -
    • stop
      • -
    • terminate
      • -
    -     		-
    Whether to stop or terminate an instance upon shutdown.
    -     		+
      Choices: +
    • stop
      • +
    • terminate
      • +
    +     		+
    Whether to stop or terminate an instance upon shutdown.
    +
    +
    instance_role
    string -
    -     		- -
    The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html If no full ARN is provided, the role with a matching name will be used from the active AWS account.
    -     		+ +
    The ARN or name of an EC2-enabled instance role to be used. If a name is not provided in arn format then the ListInstanceProfiles permission must also be granted. https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListInstanceProfiles.html If no full ARN is provided, the role with a matching name will be used from the active AWS account.
    +
    +
    instance_type
    string -
    -     		- Default:
    "t2.micro"
    -     		-
    Instance type to use for the instance, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html Only required when instance is not already present.
    -     		+ Default:
    "t2.micro"
    +     		+
    Instance type to use for the instance, see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html Only required when instance is not already present.
    +
    +
    key_name
    string -
    -     		- -
    Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
    -     		+ +
    Name of the SSH access key to assign to the instance - must exist in the region the instance is created.
    +
    +
    launch_template
    dictionary -
    -     		- -
    The EC2 launch template to base instance configuration on.
    -
    + + + +
    The EC2 launch template to base instance configuration on.
    +
    id
    string -
    -     		- -
    the ID of the launch template (optional if name is specified).
    -     		+ +
    the ID of the launch template (optional if name is specified).
    +
    +
    name
    string -
    -     		- -
    the pretty name of the launch template (optional if id is specified).
    -     		+ +
    the pretty name of the launch template (optional if id is specified).
    +
    +
    version
    - -
    -     		- -
    the specific version of the launch template to use. If unspecified, the template default is chosen.
    -
    + + + +
    the specific version of the launch template to use. If unspecified, the template default is chosen.
    +
    name
    string -
    -     		- -
    The Name tag for the instance.
    -     		+ +
    The Name tag for the instance.
    +
    +
    network
    dictionary -
    -     		- -
    Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.
    -
    Use the amazon.aws.ec2_eni module to create ENIs with special settings.
    -
    + + + +
    Either a dictionary containing the key 'interfaces' corresponding to a list of network interface IDs or containing specifications for a single network interface.
    +
    Use the amazon.aws.ec2_eni module to create ENIs with special settings.
    +
    assign_public_ip
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    when true assigns a public IP address to the interface
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    when true assigns a public IP address to the interface
    +
    +
    delete_on_termination
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Delete the interface when the instance it is attached to is terminated.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Delete the interface when the instance it is attached to is terminated.
    +
    +
    description
    string -
    -     		- -
    a description for the network interface
    -     		+ +
    a description for the network interface
    +
    +
    device_index
    integer -
    -     		- -
    The index of the interface to modify
    -     		+ +
    The index of the interface to modify
    +
    +
    groups
    list -
    -     		- -
    a list of security group IDs to attach to the interface
    -     		+ +
    a list of security group IDs to attach to the interface
    +
    +
    interfaces
    list -
    -     		- -
    a list of ENI IDs (strings) or a list of objects containing the key id.
    -     		+ +
    a list of ENI IDs (strings) or a list of objects containing the key id.
    +
    +
    ipv6_addresses
    list -
    -     		- -
    a list of IPv6 addresses to assign to the network interface
    -     		+ +
    a list of IPv6 addresses to assign to the network interface
    +
    +
    private_ip_address
    string -
    -     		- -
    an IPv4 address to assign to the interface
    -     		+ +
    an IPv4 address to assign to the interface
    +
    +
    private_ip_addresses
    list -
    -     		- -
    a list of IPv4 addresses to assign to the network interface
    -     		+ +
    a list of IPv4 addresses to assign to the network interface
    +
    +
    source_dest_check
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    controls whether source/destination checking is enabled on the interface
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    controls whether source/destination checking is enabled on the interface
    +
    +
    subnet_id
    string -
    -     		- -
    the subnet to connect the network interface to
    -
    + + + +
    the subnet to connect the network interface to
    +
    placement_group
    string -
    -     		- -
    The placement group that needs to be assigned to the instance
    -     		+ +
    The placement group that needs to be assigned to the instance
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Delete any tags not specified in the task that are on the instance. This means you have to specify all the desired tags on each task affecting an instance.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_group
    string -
    -     		- -
    A security group ID or name. Mutually exclusive with security_groups.
    -     		+ +
    A security group ID or name. Mutually exclusive with security_groups.
    +
    +
    security_groups
    list -
    -     		- -
    A list of security group IDs or names (strings). Mutually exclusive with security_group.
    -     		+ +
    A list of security group IDs or names (strings). Mutually exclusive with security_group.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • terminated
      • -
    • running
      • -
    • started
      • -
    • stopped
      • -
    • restarted
      • -
    • rebooted
      • -
    • absent
      • -
    -     		-
    Goal state for the instances.
    -
    + + +
      Choices: +
    • present ←
      • +
    • terminated
      • +
    • running
      • +
    • started
      • +
    • stopped
      • +
    • restarted
      • +
    • rebooted
      • +
    • absent
      • +
    +     		+
    Goal state for the instances.
    +
    tags
    dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
    -     		+ +
    A hash/dictionary of tags to add to the new instance or to add/remove from an existing one.
    +
    +
    tenancy
    string -
    -     		-
      Choices: -
    • dedicated
      • -
    • default
      • -
    -     		-
    What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
    -     		+
      Choices: +
    • dedicated
      • +
    • default
      • +
    +     		+
    What type of tenancy to allow an instance to use. Default is shared tenancy. Dedicated tenancy will incur additional charges.
    +
    +
    termination_protection
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to enable termination protection. This module will not terminate an instance with termination protection active, it must be turned off first.
    +
    +
    tower_callback
    dictionary -
    -     		- -
    Preconfigured user-data to enable an instance to perform a Tower callback (Linux only).
    -
    Mutually exclusive with user_data.
    -
    For Windows instances, to enable remote access via Ansible set tower_callback.windows to true, and optionally set an admin password.
    -
    If using 'windows' and 'set_password', callback to Tower will not be performed but the instance will be ready to receive winrm connections from Ansible.
    -
    + + + +
    Preconfigured user-data to enable an instance to perform a Tower callback (Linux only).
    +
    Mutually exclusive with user_data.
    +
    For Windows instances, to enable remote access via Ansible set tower_callback.windows to true, and optionally set an admin password.
    +
    If using 'windows' and 'set_password', callback to Tower will not be performed but the instance will be ready to receive winrm connections from Ansible.
    +
    host_config_key
    string -
    -     		- -
    Host configuration secret key generated by the Tower job template.
    -     		+ +
    Host configuration secret key generated by the Tower job template.
    +
    +
    job_template_id
    string -
    -     		- -
    Either the integer ID of the Tower Job Template, or the name (name supported only for Tower 3.2+).
    -     		+ +
    Either the integer ID of the Tower Job Template, or the name (name supported only for Tower 3.2+).
    +
    +
    tower_address
    string -
    -     		- -
    IP address or DNS name of Tower server. Must be accessible via this address from the VPC that this instance will be launched in.
    -
    + + + +
    IP address or DNS name of Tower server. Must be accessible via this address from the VPC that this instance will be launched in.
    +
    user_data
    string -
    -     		- -
    Opaque blob of data which is made available to the ec2 instance
    -     		+ +
    Opaque blob of data which is made available to the ec2 instance
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    volumes
    list -
    -     		- -
    A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.
    -
    A mapping contains the (optional) keys device_name, virtual_name, ebs.volume_type, ebs.volume_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.
    - -     		+ +
    A list of block device mappings, by default this will always use the AMI root device so the volumes option is primarily for adding more storage.
    +
    A mapping contains the (optional) keys device_name, virtual_name, ebs.volume_type, ebs.volume_size, ebs.kms_key_id, ebs.iops, and ebs.delete_on_termination.
    + +
    +
    vpc_subnet_id
    string -
    -     		- -
    The subnet ID in which to launch the instance (VPC) If none is provided, community.aws.ec2_instance will chose the default zone of the default VPC.
    -

    aliases: subnet_id
    -     		+ +
    The subnet ID in which to launch the instance (VPC) If none is provided, community.aws.ec2_instance will chose the default zone of the default VPC.
    +

    aliases: subnet_id
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to wait for the desired state (use wait_timeout to customize this).
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to wait for the desired state (use wait_timeout to customize this).
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    600
    -     		-
    How long to wait (in seconds) for the instance to finish booting/terminating.
    -
    + + + + Default:
    600
    + + +
    How long to wait (in seconds) for the instance to finish booting/terminating.
    + + +
    @@ -1082,7 +1101,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -1093,7 +1112,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Terminate every running instance in a region. Use with EXTREME caution. @@ -1198,7 +1216,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -1211,1485 +1228,1485 @@ Common return values are documented `here Returned Description - - + +
    instances
    complex -
    - + + when wait == true -
    a list of ec2 instances
    -
    - +
    a list of ec2 instances
    +
    + - -   - + +   +
    ami_launch_index
    integer -
    - + + always -
    The AMI launch index, which can be used to find this instance in the launch group.
    -
    - +
    The AMI launch index, which can be used to find this instance in the launch group.
    +
    + - -   - + +   +
    architecture
    string -
    - + + always -
    The architecture of the image
    -
    -
    Sample:
    -
    x86_64
    - +
    The architecture of the image
    +
    +
    Sample:
    +
    x86_64
    + - -   - + +   +
    block_device_mappings
    complex -
    - + + always -
    Any block device mapping entries for the instance.
    -
    - +
    Any block device mapping entries for the instance.
    +
    + - -   -   - + +   +   +
    device_name
    string -
    - + + always -
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    -
    -
    Sample:
    -
    /dev/sdh
    - +
    The device name exposed to the instance (for example, /dev/sdh or xvdh).
    +
    +
    Sample:
    +
    /dev/sdh
    + - -   -   - + +   +   +
    ebs
    complex -
    - + + always -
    Parameters used to automatically set up EBS volumes when the instance is launched.
    -
    - +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    +
    + - -   -   -   - + +   +   +   +
    attach_time
    string -
    - + + always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    - +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    + - -   -   -   - + +   +   +   +
    delete_on_termination
    boolean -
    - + + always -
    Indicates whether the volume is deleted on instance termination.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether the volume is deleted on instance termination.
    +
    +
    Sample:
    +
    True
    + - -   -   -   - + +   +   +   +
    status
    string -
    - + + always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    - +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    + - -   -   -   - + +   +   +   +
    volume_id
    string -
    - + + always -
    The ID of the EBS volume
    -
    -
    Sample:
    -
    vol-12345678
    - +
    The ID of the EBS volume
    +
    +
    Sample:
    +
    vol-12345678
    + - - - -   - + + + +   +
    client_token
    string -
    - + + always -
    The idempotency token you provided when you launched the instance, if applicable.
    -
    -
    Sample:
    -
    mytoken
    - +
    The idempotency token you provided when you launched the instance, if applicable.
    +
    +
    Sample:
    +
    mytoken
    + - -   - + +   +
    ebs_optimized
    boolean -
    - + + always -
    Indicates whether the instance is optimized for EBS I/O.
    -
    - +
    Indicates whether the instance is optimized for EBS I/O.
    +
    + - -   - + +   +
    hypervisor
    string -
    - + + always -
    The hypervisor type of the instance.
    -
    -
    Sample:
    -
    xen
    - +
    The hypervisor type of the instance.
    +
    +
    Sample:
    +
    xen
    + - -   - + +   +
    iam_instance_profile
    complex -
    - + + always -
    The IAM instance profile associated with the instance, if applicable.
    -
    - +
    The IAM instance profile associated with the instance, if applicable.
    +
    + - -   -   - + +   +   +
    arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the instance profile.
    -
    -
    Sample:
    -
    arn:aws:iam::000012345678:instance-profile/myprofile
    - +
    The Amazon Resource Name (ARN) of the instance profile.
    +
    +
    Sample:
    +
    arn:aws:iam::000012345678:instance-profile/myprofile
    + - -   -   - + +   +   +
    id
    string -
    - + + always -
    The ID of the instance profile
    -
    -
    Sample:
    -
    JFJ397FDG400FG9FD1N
    - +
    The ID of the instance profile
    +
    +
    Sample:
    +
    JFJ397FDG400FG9FD1N
    + - - -   - + + +   +
    image_id
    string -
    - + + always -
    The ID of the AMI used to launch the instance.
    -
    -
    Sample:
    -
    ami-0011223344
    - +
    The ID of the AMI used to launch the instance.
    +
    +
    Sample:
    +
    ami-0011223344
    + - -   - + +   +
    instance_id
    string -
    - + + always -
    The ID of the instance.
    -
    -
    Sample:
    -
    i-012345678
    - +
    The ID of the instance.
    +
    +
    Sample:
    +
    i-012345678
    + - -   - + +   +
    instance_type
    string -
    - + + always -
    The instance type size of the running instance.
    -
    -
    Sample:
    -
    t2.micro
    - +
    The instance type size of the running instance.
    +
    +
    Sample:
    +
    t2.micro
    + - -   - + +   +
    key_name
    string -
    - + + always -
    The name of the key pair, if this instance was launched with an associated key pair.
    -
    -
    Sample:
    -
    my-key
    - +
    The name of the key pair, if this instance was launched with an associated key pair.
    +
    +
    Sample:
    +
    my-key
    + - -   - + +   +
    launch_time
    string -
    - + + always -
    The time the instance was launched.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    - +
    The time the instance was launched.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    + - -   - + +   +
    monitoring
    complex -
    - + + always -
    The monitoring for the instance.
    -
    - +
    The monitoring for the instance.
    +
    + - -   -   - + +   +   +
    state
    string -
    - + + always -
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    -
    -
    Sample:
    -
    disabled
    - +
    Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
    +
    +
    Sample:
    +
    disabled
    + - - -   - + + +   +
    network.source_dest_check
    boolean -
    - + + always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    network_interfaces
    complex -
    - + + always -
    One or more network interfaces for the instance.
    -
    - +
    One or more network interfaces for the instance.
    +
    + - -   -   - + +   +   +
    association
    complex -
    - + + always -
    The association information for an Elastic IPv4 associated with the network interface.
    -
    - +
    The association information for an Elastic IPv4 associated with the network interface.
    +
    + - -   -   -   - + +   +   +   +
    ip_owner_id
    string -
    - + + always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    - +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    + - -   -   -   - + +   +   +   +
    public_dns_name
    string -
    - + + always -
    The public DNS name.
    -
    - +
    The public DNS name.
    +
    + - -   -   -   - + +   +   +   +
    public_ip
    string -
    - + + always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    - +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    + - - -   -   - + + +   +   +
    attachment
    complex -
    - + + always -
    The network interface attachment.
    -
    - +
    The network interface attachment.
    +
    + - -   -   -   - + +   +   +   +
    attach_time
    string -
    - + + always -
    The time stamp when the attachment initiated.
    -
    -
    Sample:
    -
    2017-03-23T22:51:24+00:00
    - +
    The time stamp when the attachment initiated.
    +
    +
    Sample:
    +
    2017-03-23T22:51:24+00:00
    + - -   -   -   - + +   +   +   +
    attachment_id
    string -
    - + + always -
    The ID of the network interface attachment.
    -
    -
    Sample:
    -
    eni-attach-3aff3f
    - +
    The ID of the network interface attachment.
    +
    +
    Sample:
    +
    eni-attach-3aff3f
    + - -   -   -   - + +   +   +   +
    delete_on_termination
    boolean -
    - + + always -
    Indicates whether the network interface is deleted when the instance is terminated.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether the network interface is deleted when the instance is terminated.
    +
    +
    Sample:
    +
    True
    + - -   -   -   - + +   +   +   +
    device_index
    integer -
    - + + always -
    The index of the device on the instance for the network interface attachment.
    -
    - +
    The index of the device on the instance for the network interface attachment.
    +
    + - -   -   -   - + +   +   +   +
    status
    string -
    - + + always -
    The attachment state.
    -
    -
    Sample:
    -
    attached
    - +
    The attachment state.
    +
    +
    Sample:
    +
    attached
    + - - -   -   - + + +   +   +
    description
    string -
    - + + always -
    The description.
    -
    -
    Sample:
    -
    My interface
    - +
    The description.
    +
    +
    Sample:
    +
    My interface
    + - -   -   - + +   +   +
    groups
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more security groups.
    -
    - +
    One or more security groups.
    +
    + - -   -   -   - + +   +   +   +
    group_id
    string -
    - + + always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-abcdef12
    - +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-abcdef12
    + - -   -   -   - + +   +   +   +
    group_name
    string -
    - + + always -
    The name of the security group.
    -
    -
    Sample:
    -
    mygroup
    - +
    The name of the security group.
    +
    +
    Sample:
    +
    mygroup
    + - - -   -   - + + +   +   +
    ipv6_addresses
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more IPv6 addresses associated with the network interface.
    -
    - +
    One or more IPv6 addresses associated with the network interface.
    +
    + - -   -   -   - + +   +   +   +
    ipv6_address
    string -
    - + + always -
    The IPv6 address.
    -
    -
    Sample:
    -
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    - +
    The IPv6 address.
    +
    +
    Sample:
    +
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
    + - - -   -   - + + +   +   +
    mac_address
    string -
    - + + always -
    The MAC address.
    -
    -
    Sample:
    -
    00:11:22:33:44:55
    - +
    The MAC address.
    +
    +
    Sample:
    +
    00:11:22:33:44:55
    + - -   -   - + +   +   +
    network_interface_id
    string -
    - + + always -
    The ID of the network interface.
    -
    -
    Sample:
    -
    eni-01234567
    - +
    The ID of the network interface.
    +
    +
    Sample:
    +
    eni-01234567
    + - -   -   - + +   +   +
    owner_id
    string -
    - + + always -
    The AWS account ID of the owner of the network interface.
    -
    -
    Sample:
    -
    01234567890
    - +
    The AWS account ID of the owner of the network interface.
    +
    +
    Sample:
    +
    01234567890
    + - -   -   - + +   +   +
    private_ip_address
    string -
    - + + always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    - +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    + - -   -   - + +   +   +
    private_ip_addresses
    list - / elements=dictionary
    - + / elements=dictionary + always -
    The private IPv4 addresses associated with the network interface.
    -
    - +
    The private IPv4 addresses associated with the network interface.
    +
    + - -   -   -   - + +   +   +   +
    association
    complex -
    - + + always -
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    -
    - +
    The association information for an Elastic IP address (IPv4) associated with the network interface.
    +
    + - -   -   -   -   - + +   +   +   +   +
    ip_owner_id
    string -
    - + + always -
    The ID of the owner of the Elastic IP address.
    -
    -
    Sample:
    -
    amazon
    - +
    The ID of the owner of the Elastic IP address.
    +
    +
    Sample:
    +
    amazon
    + - -   -   -   -   - + +   +   +   +   +
    public_dns_name
    string -
    - + + always -
    The public DNS name.
    -
    - +
    The public DNS name.
    +
    + - -   -   -   -   - + +   +   +   +   +
    public_ip
    string -
    - + + always -
    The public IP address or Elastic IP address bound to the network interface.
    -
    -
    Sample:
    -
    1.2.3.4
    - +
    The public IP address or Elastic IP address bound to the network interface.
    +
    +
    Sample:
    +
    1.2.3.4
    + - - -   -   -   - + + +   +   +   +
    primary
    boolean -
    - + + always -
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether this IPv4 address is the primary private IP address of the network interface.
    +
    +
    Sample:
    +
    True
    + - -   -   -   - + +   +   +   +
    private_ip_address
    string -
    - + + always -
    The private IPv4 address of the network interface.
    -
    -
    Sample:
    -
    10.0.0.1
    - +
    The private IPv4 address of the network interface.
    +
    +
    Sample:
    +
    10.0.0.1
    + - - -   -   - + + +   +   +
    source_dest_check
    boolean -
    - + + always -
    Indicates whether source/destination checking is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether source/destination checking is enabled.
    +
    +
    Sample:
    +
    True
    + - -   -   - + +   +   +
    status
    string -
    - + + always -
    The status of the network interface.
    -
    -
    Sample:
    -
    in-use
    - +
    The status of the network interface.
    +
    +
    Sample:
    +
    in-use
    + - -   -   - + +   +   +
    subnet_id
    string -
    - + + always -
    The ID of the subnet for the network interface.
    -
    -
    Sample:
    -
    subnet-0123456
    - +
    The ID of the subnet for the network interface.
    +
    +
    Sample:
    +
    subnet-0123456
    + - -   -   - + +   +   +
    vpc_id
    string -
    - + + always -
    The ID of the VPC for the network interface.
    -
    -
    Sample:
    -
    vpc-0123456
    - +
    The ID of the VPC for the network interface.
    +
    +
    Sample:
    +
    vpc-0123456
    + - - -   - + + +   +
    placement
    complex -
    - + + always -
    The location where the instance launched, if applicable.
    -
    - +
    The location where the instance launched, if applicable.
    +
    + - -   -   - + +   +   +
    availability_zone
    string -
    - + + always -
    The Availability Zone of the instance.
    -
    -
    Sample:
    -
    ap-southeast-2a
    - +
    The Availability Zone of the instance.
    +
    +
    Sample:
    +
    ap-southeast-2a
    + - -   -   - + +   +   +
    group_name
    string -
    - + + always -
    The name of the placement group the instance is in (for cluster compute instances).
    -
    - +
    The name of the placement group the instance is in (for cluster compute instances).
    +
    + - -   -   - + +   +   +
    tenancy
    string -
    - + + always -
    The tenancy of the instance (if the instance is running in a VPC).
    -
    -
    Sample:
    -
    default
    - +
    The tenancy of the instance (if the instance is running in a VPC).
    +
    +
    Sample:
    +
    default
    + - - -   - + + +   +
    private_dns_name
    string -
    - + + always -
    The private DNS name.
    -
    -
    Sample:
    -
    ip-10-0-0-1.ap-southeast-2.compute.internal
    - +
    The private DNS name.
    +
    +
    Sample:
    +
    ip-10-0-0-1.ap-southeast-2.compute.internal
    + - -   - + +   +
    private_ip_address
    string -
    - + + always -
    The IPv4 address of the network interface within the subnet.
    -
    -
    Sample:
    -
    10.0.0.1
    - +
    The IPv4 address of the network interface within the subnet.
    +
    +
    Sample:
    +
    10.0.0.1
    + - -   - + +   +
    product_codes
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more product codes.
    -
    - +
    One or more product codes.
    +
    + - -   -   - + +   +   +
    product_code_id
    string -
    - + + always -
    The product code.
    -
    -
    Sample:
    -
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    - +
    The product code.
    +
    +
    Sample:
    +
    aw0evgkw8ef3n2498gndfgasdfsd5cce
    + - -   -   - + +   +   +
    product_code_type
    string -
    - + + always -
    The type of product code.
    -
    -
    Sample:
    -
    marketplace
    - +
    The type of product code.
    +
    +
    Sample:
    +
    marketplace
    + - - -   - + + +   +
    public_dns_name
    string -
    - + + always -
    The public DNS name assigned to the instance.
    -
    - +
    The public DNS name assigned to the instance.
    +
    + - -   - + +   +
    public_ip_address
    string -
    - + + always -
    The public IPv4 address assigned to the instance
    -
    -
    Sample:
    -
    52.0.0.1
    - +
    The public IPv4 address assigned to the instance
    +
    +
    Sample:
    +
    52.0.0.1
    + - -   - + +   +
    root_device_name
    string -
    - + + always -
    The device name of the root device
    -
    -
    Sample:
    -
    /dev/sda1
    - +
    The device name of the root device
    +
    +
    Sample:
    +
    /dev/sda1
    + - -   - + +   +
    root_device_type
    string -
    - + + always -
    The type of root device used by the AMI.
    -
    -
    Sample:
    -
    ebs
    - +
    The type of root device used by the AMI.
    +
    +
    Sample:
    +
    ebs
    + - -   - + +   +
    security_groups
    list - / elements=dictionary
    - + / elements=dictionary + always -
    One or more security groups for the instance.
    -
    - +
    One or more security groups for the instance.
    +
    + - -   -   - + +   +   +
    group_id
    string -
    - + + always -
    The ID of the security group.
    -
    -
    Sample:
    -
    sg-0123456
    - +
    The ID of the security group.
    +
    +
    Sample:
    +
    sg-0123456
    + - -   -   - + +   +   +
    group_name
    string -
    - + + always -
    The name of the security group.
    -
    -
    Sample:
    -
    my-security-group
    - +
    The name of the security group.
    +
    +
    Sample:
    +
    my-security-group
    + - - -   - + + +   +
    state
    complex -
    - + + always -
    The current state of the instance.
    -
    - +
    The current state of the instance.
    +
    + - -   -   - + +   +   +
    code
    integer -
    - + + always -
    The low byte represents the state.
    -
    -
    Sample:
    -
    16
    - +
    The low byte represents the state.
    +
    +
    Sample:
    +
    16
    + - -   -   - + +   +   +
    name
    string -
    - + + always -
    The name of the state.
    -
    -
    Sample:
    -
    running
    - +
    The name of the state.
    +
    +
    Sample:
    +
    running
    + - - -   - + + +   +
    state_transition_reason
    string -
    - + + always -
    The reason for the most recent state transition.
    -
    - +
    The reason for the most recent state transition.
    +
    + - -   - + +   +
    subnet_id
    string -
    - + + always -
    The ID of the subnet in which the instance is running.
    -
    -
    Sample:
    -
    subnet-00abcdef
    - +
    The ID of the subnet in which the instance is running.
    +
    +
    Sample:
    +
    subnet-00abcdef
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    Any tags assigned to the instance.
    -
    - +
    Any tags assigned to the instance.
    +
    + - -   - + +   +
    virtualization_type
    string -
    - + + always -
    The type of virtualization of the AMI.
    -
    -
    Sample:
    -
    hvm
    - +
    The type of virtualization of the AMI.
    +
    +
    Sample:
    +
    hvm
    + - -   - + +   +
    vpc_id
    dictionary -
    - + + always -
    The ID of the VPC the instance is in.
    -
    -
    Sample:
    -
    vpc-0011223344
    - +
    The ID of the VPC the instance is in.
    +
    +
    Sample:
    +
    vpc-0011223344
    + - - + +

    @@ -2701,5 +2718,3 @@ Authors ~~~~~~~ - Ryan Scott Brown (@ryansb) - - diff --git a/docs/community.aws.ec2_launch_template_module.rst b/docs/community.aws.ec2_launch_template_module.rst index a014b5b1e1f..cf7011d2f19 100644 --- a/docs/community.aws.ec2_launch_template_module.rst +++ b/docs/community.aws.ec2_launch_template_module.rst @@ -38,1204 +38,1223 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + / elements=string + + + - - - + + - - + + + + - - - + + - - + / elements=string + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    block_device_mappings
    list - / elements=dictionary
    -     		- -
    The block device mapping. Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.
    -
    + / elements=dictionary + + +
    The block device mapping. Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.
    +
    device_name
    string -
    -     		- -
    The device name (for example, /dev/sdh or xvdh).
    -     		+ +
    The device name (for example, /dev/sdh or xvdh).
    +
    +
    ebs
    dictionary -
    -     		- -
    Parameters used to automatically set up EBS volumes when the instance is launched.
    -
    + + + +
    Parameters used to automatically set up EBS volumes when the instance is launched.
    +
    delete_on_termination
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the EBS volume is deleted on instance termination.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the EBS volume is deleted on instance termination.
    +
    +
    encrypted
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
    +
    +
    iops
    integer -
    -     		- -
    The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide.
    -
    Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.
    -     		+ +
    The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide.
    +
    Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.
    +
    +
    kms_key_id
    string -
    -     		- -
    The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
    -     		+ +
    The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
    +
    +
    snapshot_id
    string -
    -     		- -
    The ID of the snapshot to create the volume from.
    -     		+ +
    The ID of the snapshot to create the volume from.
    +
    +
    volume_size
    integer -
    -     		- -
    The size of the volume, in GiB.
    -
    Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.
    -     		+ +
    The size of the volume, in GiB.
    +
    Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.
    +
    +
    volume_type
    string -
    -     		- -
    The volume type
    -
    + + + +
    The volume type
    +
    no_device
    string -
    -     		- -
    Suppresses the specified device included in the block device mapping of the AMI.
    -     		+ +
    Suppresses the specified device included in the block device mapping of the AMI.
    +
    +
    virtual_name
    string -
    -     		- -
    The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
    -
    + + + +
    The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
    +
    cpu_options
    dictionary -
    -     		- -
    Choose CPU settings for the EC2 instances that will be created with this template.
    - -
    + + + +
    Choose CPU settings for the EC2 instances that will be created with this template.
    + +
    core_count
    integer -
    -     		- -
    The number of CPU cores for the instance.
    -     		+ +
    The number of CPU cores for the instance.
    +
    +
    threads_per_core
    integer -
    -     		- -
    The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.
    -
    + + + +
    The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.
    +
    credit_specification
    dictionary -
    -     		- -
    The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.
    -
    + + + +
    The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.
    +
    cpu_credits
    string -
    -     		- -
    The credit option for CPU usage of a T2 or T3 instance. Valid values are standard and unlimited.
    -
    + + + +
    The credit option for CPU usage of a T2 or T3 instance. Valid values are standard and unlimited.
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    default_version
    string -
    -     		- Default:
    "latest"
    -     		-
    Which version should be the default when users spin up new instances based on this template? By default, the latest version will be made the default.
    -     		+ Default:
    "latest"
    +     		+
    Which version should be the default when users spin up new instances based on this template? By default, the latest version will be made the default.
    +
    +
    disable_api_termination
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    This helps protect instances from accidental termination. If set to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    This helps protect instances from accidental termination. If set to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute.
    +
    +
    ebs_optimized
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    elastic_gpu_specifications
    list - / elements=dictionary
    -     		- -
    Settings for Elastic GPU attachments. See https://aws.amazon.com/ec2/elastic-gpus/ for details.
    -
    + / elements=dictionary + + +
    Settings for Elastic GPU attachments. See https://aws.amazon.com/ec2/elastic-gpus/ for details.
    +
    type
    string -
    -     		- -
    The type of Elastic GPU to attach
    -
    + + + +
    The type of Elastic GPU to attach
    +
    iam_instance_profile
    string -
    -     		- -
    The name or ARN of an IAM instance profile. Requires permissions to describe existing instance roles to confirm ARN is properly formed.
    -     		+ +
    The name or ARN of an IAM instance profile. Requires permissions to describe existing instance roles to confirm ARN is properly formed.
    +
    +
    image_id
    string -
    -     		- -
    The AMI ID to use for new instances launched with this template. This value is region-dependent since AMIs are not global resources.
    -     		+ +
    The AMI ID to use for new instances launched with this template. This value is region-dependent since AMIs are not global resources.
    +
    +
    instance_initiated_shutdown_behavior
    string -
    -     		-
      Choices: -
    • stop
      • -
    • terminate
      • -
    -     		-
    Indicates whether an instance stops or terminates when you initiate shutdown from the instance using the operating system shutdown command.
    -     		+
      Choices: +
    • stop
      • +
    • terminate
      • +
    +     		+
    Indicates whether an instance stops or terminates when you initiate shutdown from the instance using the operating system shutdown command.
    +
    +
    instance_market_options
    dictionary -
    -     		- -
    Options for alternative instance markets, currently only the spot market is supported.
    -
    + + + +
    Options for alternative instance markets, currently only the spot market is supported.
    +
    market_type
    string -
    -     		- -
    The market type. This should always be 'spot'.
    -     		+ +
    The market type. This should always be 'spot'.
    +
    +
    spot_options
    dictionary -
    -     		- -
    Spot-market specific settings.
    -
    + + + +
    Spot-market specific settings.
    +
    block_duration_minutes
    integer -
    -     		- -
    The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
    -     		+ +
    The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
    +
    +
    instance_interruption_behavior
    string -
    -     		-
      Choices: -
    • hibernate
      • -
    • stop
      • -
    • terminate
      • -
    -     		-
    The behavior when a Spot Instance is interrupted. The default is terminate.
    -     		+
      Choices: +
    • hibernate
      • +
    • stop
      • +
    • terminate
      • +
    +     		+
    The behavior when a Spot Instance is interrupted. The default is terminate.
    +
    +
    max_price
    string -
    -     		- -
    The highest hourly price you're willing to pay for this Spot Instance.
    -     		+ +
    The highest hourly price you're willing to pay for this Spot Instance.
    +
    +
    spot_instance_type
    string -
    -     		-
      Choices: -
    • one-time
      • -
    • persistent
      • -
    -     		-
    The request type to send.
    -
    + + +
      Choices: +
    • one-time
      • +
    • persistent
      • +
    +     		+
    The request type to send.
    +
    instance_type
    string -
    -     		- -
    The instance type, such as c5.2xlarge. For a full list of instance types, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html.
    -     		+ +
    The instance type, such as c5.2xlarge. For a full list of instance types, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html.
    +
    +
    kernel_id
    string -
    -     		- -
    The ID of the kernel. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    -     		+ +
    The ID of the kernel. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    +
    +
    key_name
    string -
    -     		- -
    The name of the key pair. You can create a key pair using amazon.aws.ec2_key.
    -
    If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
    -     		+ +
    The name of the key pair. You can create a key pair using amazon.aws.ec2_key.
    +
    If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
    +
    +
    monitoring
    dictionary -
    -     		- -
    Settings for instance monitoring.
    -
    + + + +
    Settings for instance monitoring.
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to turn on detailed monitoring for new instances. This will incur extra charges.
    -
    + + +
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to turn on detailed monitoring for new instances. This will incur extra charges.
    +
    network_interfaces
    list - / elements=dictionary
    -     		- -
    One or more network interfaces.
    -
    + / elements=dictionary + + +
    One or more network interfaces.
    +
    associate_public_ip_address
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Associates a public IPv4 address with eth0 for a new network interface.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Associates a public IPv4 address with eth0 for a new network interface.
    +
    +
    delete_on_termination
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether the network interface is deleted when the instance is terminated.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether the network interface is deleted when the instance is terminated.
    +
    +
    description
    string -
    -     		- -
    A description for the network interface.
    -     		+ +
    A description for the network interface.
    +
    +
    device_index
    integer -
    -     		- -
    The device index for the network interface attachment.
    -     		+ +
    The device index for the network interface attachment.
    +
    +
    groups
    list - / elements=string
    -     		- -
    List of security group IDs to include on this instance.
    -     		+ +
    List of security group IDs to include on this instance.
    +
    +
    ipv6_address_count
    integer -
    -     		- -
    The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying the ipv6_addresses option.
    -     		+ +
    The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying the ipv6_addresses option.
    +
    +
    ipv6_addresses
    list - / elements=string
    -     		- -
    A list of one or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying the ipv6_address_count option.
    -     		+ +
    A list of one or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying the ipv6_address_count option.
    +
    +
    network_interface_id
    string -
    -     		- -
    The eni ID of a network interface to attach.
    -     		+ +
    The eni ID of a network interface to attach.
    +
    +
    private_ip_address
    string -
    -     		- -
    The primary private IPv4 address of the network interface.
    -     		+ +
    The primary private IPv4 address of the network interface.
    +
    +
    subnet_id
    string -
    -     		- -
    The ID of the subnet for the network interface.
    -
    + + + +
    The ID of the subnet for the network interface.
    +
    placement
    dictionary -
    -     		- -
    The placement group settings for the instance.
    -
    + + + +
    The placement group settings for the instance.
    +
    affinity
    string -
    -     		- -
    The affinity setting for an instance on a Dedicated Host.
    -     		+ +
    The affinity setting for an instance on a Dedicated Host.
    +
    +
    availability_zone
    string -
    -     		- -
    The Availability Zone for the instance.
    -     		+ +
    The Availability Zone for the instance.
    +
    +
    group_name
    string -
    -     		- -
    The name of the placement group for the instance.
    -     		+ +
    The name of the placement group for the instance.
    +
    +
    host_id
    string -
    -     		- -
    The ID of the Dedicated Host for the instance.
    -     		+ +
    The ID of the Dedicated Host for the instance.
    +
    +
    tenancy
    string -
    -     		- -
    The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
    -
    + + + +
    The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    ram_disk_id
    string -
    -     		- -
    The ID of the RAM disk to launch the instance with. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    -     		+ +
    The ID of the RAM disk to launch the instance with. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_group_ids
    list - / elements=string
    -     		- -
    A list of security group IDs (VPC or EC2-Classic) that the new instances will be added to.
    -     		+ +
    A list of security group IDs (VPC or EC2-Classic) that the new instances will be added to.
    +
    +
    security_groups
    list - / elements=string
    -     		- -
    A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
    -     		+ +
    A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the launch template should exist or not.
    -
    Deleting specific versions of a launch template is not supported at this time.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the launch template should exist or not.
    +
    Deleting specific versions of a launch template is not supported at this time.
    +
    +
    tags
    dictionary -
    -     		- -
    A set of key-value pairs to be applied to resources when this Launch Template is used.
    -
    Tag key constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:
    -
    Tag value constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
    -     		+ +
    A set of key-value pairs to be applied to resources when this Launch Template is used.
    +
    Tag key constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:
    +
    Tag value constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
    +
    +
    template_id
    string -
    -     		- -
    The ID for the launch template, can be used for all cases except creating a new Launch Template.
    -

    aliases: id
    -     		+ +
    The ID for the launch template, can be used for all cases except creating a new Launch Template.
    +

    aliases: id
    +
    +
    template_name
    string -
    -     		- -
    The template name. This must be unique in the region-account combination you are using.
    -

    aliases: name
    -     		+ +
    The template name. This must be unique in the region-account combination you are using.
    +

    aliases: name
    +
    +
    user_data
    string -
    -     		- -
    The Base64-encoded user data to make available to the instance. For more information, see the Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html and Windows http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data documentation on user-data.
    -     		+ +
    The Base64-encoded user data to make available to the instance. For more information, see the Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html and Windows http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data documentation on user-data.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -1243,7 +1262,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -1254,7 +1273,6 @@ Examples .. code-block:: yaml+jinja - - name: Create an ec2 launch template community.aws.ec2_launch_template: name: "my_template" @@ -1281,7 +1299,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -1294,37 +1311,37 @@ Common return values are documented `here Returned Description - - + +
    default_version
    integer -
    - + + when state=present -
    The version that will be used if only the template name is specified. Often this is the same as the latest version, but not always.
    -
    - +
    The version that will be used if only the template name is specified. Often this is the same as the latest version, but not always.
    +
    + - - + +
    latest_version
    integer -
    - + + when state=present -
    Latest available version of the launch template
    -
    - +
    Latest available version of the launch template
    +
    + - +

    @@ -1336,5 +1353,3 @@ Authors ~~~~~~~ - Ryan Scott Brown (@ryansb) - - diff --git a/docs/community.aws.ec2_lc_find_module.rst b/docs/community.aws.ec2_lc_find_module.rst index 4e2aa13f827..4a6a2a11e45 100644 --- a/docs/community.aws.ec2_lc_find_module.rst +++ b/docs/community.aws.ec2_lc_find_module.rst @@ -39,212 +39,231 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    limit
    integer -
    -     		- -
    How many results to show.
    -
    Corresponds to Python slice notation like list[:limit].
    -     		+ +
    How many results to show.
    +
    Corresponds to Python slice notation like list[:limit].
    +
    +
    name_regex
    string - / required
    -     		- -
    A Launch Configuration to match.
    -
    It'll be compiled as regex.
    -     		+ +
    A Launch Configuration to match.
    +
    It'll be compiled as regex.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    sort_order
    string -
    -     		-
      Choices: -
    • ascending ←
      • -
    • descending
      • -
    -     		-
    Order in which to sort results.
    -     		+
      Choices: +
    • ascending ←
      • +
    • descending
      • +
    +     		+
    Order in which to sort results.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -252,7 +271,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -263,7 +282,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Search for the Launch Configurations that start with "app" @@ -274,7 +292,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -287,250 +304,250 @@ Common return values are documented `here Returned Description - - + +
    arn
    string -
    - + + when Launch Configuration was found -
    Name of the AMI
    -
    -
    Sample:
    -
    arn:aws:autoscaling:eu-west-1:12345:launchConfiguration:d82f050e-e315:launchConfigurationName/yourproject
    - +
    Name of the AMI
    +
    +
    Sample:
    +
    arn:aws:autoscaling:eu-west-1:12345:launchConfiguration:d82f050e-e315:launchConfigurationName/yourproject
    + - - + +
    associate_public_address
    boolean -
    - + + when Launch Configuration was found -
    Assign public address or not
    -
    -
    Sample:
    -
    True
    - +
    Assign public address or not
    +
    +
    Sample:
    +
    True
    + - - + +
    block_device_mappings
    list -
    - + + when Launch Configuration was found -
    Launch Configuration block device mappings property
    -
    - +
    Launch Configuration block device mappings property
    +
    + - - + +
    classic_link_vpc_security_groups
    list -
    - + + when Launch Configuration was found -
    Launch Configuration classic link vpc security groups property
    -
    - +
    Launch Configuration classic link vpc security groups property
    +
    + - - + +
    created_time
    string -
    - + + when Launch Configuration was found -
    When it was created
    -
    -
    Sample:
    -
    2016-06-29T14:59:22.222000+00:00
    - +
    When it was created
    +
    +
    Sample:
    +
    2016-06-29T14:59:22.222000+00:00
    + - - + +
    ebs_optimized
    boolean -
    - + + when Launch Configuration was found -
    Launch Configuration EBS optimized property
    -
    - +
    Launch Configuration EBS optimized property
    +
    + - - + +
    image_id
    string -
    - + + when Launch Configuration was found -
    AMI id
    -
    -
    Sample:
    -
    ami-0d75df7e
    - +
    AMI id
    +
    +
    Sample:
    +
    ami-0d75df7e
    + - - + +
    instance_monitoring
    string -
    - + + when Launch Configuration was found -
    Launch Configuration instance monitoring property
    -
    -
    Sample:
    -
    {'Enabled': False}
    - +
    Launch Configuration instance monitoring property
    +
    +
    Sample:
    +
    {'Enabled': False}
    + - - + +
    instance_type
    string -
    - + + when Launch Configuration was found -
    Type of ec2 instance
    -
    -
    Sample:
    -
    t2.small
    - +
    Type of ec2 instance
    +
    +
    Sample:
    +
    t2.small
    + - - + +
    kernel_id
    string -
    - + + when Launch Configuration was found -
    Launch Configuration kernel to use
    -
    - +
    Launch Configuration kernel to use
    +
    + - - + +
    keyname
    string -
    - + + when Launch Configuration was found -
    Launch Configuration ssh key
    -
    -
    Sample:
    -
    mykey
    - +
    Launch Configuration ssh key
    +
    +
    Sample:
    +
    mykey
    + - - + +
    name
    string -
    - + + when Launch Configuration was found -
    Name of the Launch Configuration
    -
    -
    Sample:
    -
    myapp-v123
    - +
    Name of the Launch Configuration
    +
    +
    Sample:
    +
    myapp-v123
    + - - + +
    ram_disk_id
    string -
    - + + when Launch Configuration was found -
    Launch Configuration ram disk property
    -
    - +
    Launch Configuration ram disk property
    +
    + - - + +
    security_groups
    list -
    - + + when Launch Configuration was found -
    Launch Configuration security groups
    -
    - +
    Launch Configuration security groups
    +
    + - - + +
    user_data
    string -
    - + + when Launch Configuration was found -
    User data used to start instance
    -
    -
    Sample:
    -
    ZXhwb3J0IENMT1VE
    - +
    User data used to start instance
    +
    +
    Sample:
    +
    ZXhwb3J0IENMT1VE
    + - +

    @@ -542,5 +559,3 @@ Authors ~~~~~~~ - Jose Armesto (@fiunchinho) - - diff --git a/docs/community.aws.ec2_lc_info_module.rst b/docs/community.aws.ec2_lc_info_module.rst index 0d9504ece83..b9691bb00e2 100644 --- a/docs/community.aws.ec2_lc_info_module.rst +++ b/docs/community.aws.ec2_lc_info_module.rst @@ -37,253 +37,272 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    list - / elements=string
    -     		- Default:
    []
    -     		-
    A name or a list of name to match.
    -     		+ Default:
    []
    +     		+
    A name or a list of name to match.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    sort
    string -
    -     		-
      Choices: -
    • launch_configuration_name
      • -
    • image_id
      • -
    • created_time
      • -
    • instance_type
      • -
    • kernel_id
      • -
    • ramdisk_id
      • -
    • key_name
      • -
    -     		-
    Optional attribute which with to sort the results.
    -     		+
      Choices: +
    • launch_configuration_name
      • +
    • image_id
      • +
    • created_time
      • +
    • instance_type
      • +
    • kernel_id
      • +
    • ramdisk_id
      • +
    • key_name
      • +
    +     		+
    Optional attribute which with to sort the results.
    +
    +
    sort_end
    integer -
    -     		- -
    Which result to end with (when sorting).
    -
    Corresponds to Python slice notation.
    -     		+ +
    Which result to end with (when sorting).
    +
    Corresponds to Python slice notation.
    +
    +
    sort_order
    string -
    -     		-
      Choices: -
    • ascending ←
      • -
    • descending
      • -
    -     		-
    Order in which to sort results.
    -
    Only used when the 'sort' parameter is specified.
    -     		+
      Choices: +
    • ascending ←
      • +
    • descending
      • +
    +     		+
    Order in which to sort results.
    +
    Only used when the 'sort' parameter is specified.
    +
    +
    sort_start
    integer -
    -     		- -
    Which result to start with (when sorting).
    -
    Corresponds to Python slice notation.
    -     		+ +
    Which result to start with (when sorting).
    +
    Corresponds to Python slice notation.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -291,7 +310,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -302,7 +321,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all launch configurations @@ -319,7 +337,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -332,237 +349,237 @@ Common return values are documented `here Returned Description - - + +
    block_device_mapping
    list -
    - + + always -
    Block device mapping for the instances of launch configuration
    -
    -
    Sample:
    -
    [{ 'device_name': '/dev/xvda':, 'ebs': { 'delete_on_termination': true, 'volume_size': 8, 'volume_type': 'gp2' }]
    - +
    Block device mapping for the instances of launch configuration
    +
    +
    Sample:
    +
    [{ 'device_name': '/dev/xvda':, 'ebs': { 'delete_on_termination': true, 'volume_size': 8, 'volume_type': 'gp2' }]
    + - - + +
    classic_link_vpc_security_groups
    string -
    - + + always -
    IDs of one or more security groups for the VPC specified in classic_link_vpc_id
    -
    - +
    IDs of one or more security groups for the VPC specified in classic_link_vpc_id
    +
    + - - + +
    created_time
    string -
    - + + always -
    The creation date and time for the launch configuration
    -
    -
    Sample:
    -
    2016-05-27T13:47:44.216000+00:00
    - +
    The creation date and time for the launch configuration
    +
    +
    Sample:
    +
    2016-05-27T13:47:44.216000+00:00
    + - - + +
    ebs_optimized
    boolean -
    - + + always -
    EBS I/O optimized (true ) or not (false )
    -
    -
    Sample:
    -
    true,
    - +
    EBS I/O optimized (true ) or not (false )
    +
    +
    Sample:
    +
    true,
    + - - + +
    image_id
    string -
    - + + always -
    ID of the Amazon Machine Image (AMI)
    -
    -
    Sample:
    -
    ami-12345678
    - +
    ID of the Amazon Machine Image (AMI)
    +
    +
    Sample:
    +
    ami-12345678
    + - - + +
    instance_monitoring
    dictionary -
    - + + always -
    Launched with detailed monitoring or not
    -
    -
    Sample:
    -
    { 'enabled': true }
    - +
    Launched with detailed monitoring or not
    +
    +
    Sample:
    +
    { 'enabled': true }
    + - - + +
    instance_type
    string -
    - + + always -
    Instance type
    -
    -
    Sample:
    -
    t2.micro
    - +
    Instance type
    +
    +
    Sample:
    +
    t2.micro
    + - - + +
    kernel_id
    string -
    - + + always -
    ID of the kernel associated with the AMI
    -
    - +
    ID of the kernel associated with the AMI
    +
    + - - + +
    key_name
    string -
    - + + always -
    Name of the key pair
    -
    -
    Sample:
    -
    user_app
    - +
    Name of the key pair
    +
    +
    Sample:
    +
    user_app
    + - - + +
    launch_configuration_arn
    string -
    - + + always -
    Amazon Resource Name (ARN) of the launch configuration
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:666612345678:launchConfiguration:ba785e3a-dd42-6f02-4585-ea1a2b458b3d:launchConfigurationName/lc-app
    - +
    Amazon Resource Name (ARN) of the launch configuration
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:666612345678:launchConfiguration:ba785e3a-dd42-6f02-4585-ea1a2b458b3d:launchConfigurationName/lc-app
    + - - + +
    launch_configuration_name
    string -
    - + + always -
    Name of the launch configuration
    -
    -
    Sample:
    -
    lc-app
    - +
    Name of the launch configuration
    +
    +
    Sample:
    +
    lc-app
    + - - + +
    ramdisk_id
    string -
    - + + always -
    ID of the RAM disk associated with the AMI
    -
    - +
    ID of the RAM disk associated with the AMI
    +
    + - - + +
    security_groups
    list -
    - + + always -
    Security groups to associated
    -
    -
    Sample:
    -
    [ 'web' ]
    - +
    Security groups to associated
    +
    +
    Sample:
    +
    [ 'web' ]
    + - - + +
    user_data
    string -
    - + + always -
    User data available
    -
    - +
    User data available
    +
    + - +

    @@ -574,5 +591,3 @@ Authors ~~~~~~~ - Loïc Latreille (@psykotox) - - diff --git a/docs/community.aws.ec2_lc_module.rst b/docs/community.aws.ec2_lc_module.rst index 20e22f690dc..c72e37d26d7 100644 --- a/docs/community.aws.ec2_lc_module.rst +++ b/docs/community.aws.ec2_lc_module.rst @@ -37,681 +37,700 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    assign_public_ip
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Used for Auto Scaling groups that launch instances into an Amazon Virtual Private Cloud. Specifies whether to assign a public IP address to each instance launched in a Amazon VPC.
    +
    +
    associate_public_ip_address
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The associate_public_ip_address option does nothing and will be removed after 2022-06-01
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The associate_public_ip_address option does nothing and will be removed after 2022-06-01
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    classic_link_vpc_id
    string -
    -     		- -
    Id of ClassicLink enabled VPC
    -     		+ +
    Id of ClassicLink enabled VPC
    +
    +
    classic_link_vpc_security_groups
    list - / elements=string
    -     		- -
    A list of security group IDs with which to associate the ClassicLink VPC instances.
    -     		+ +
    A list of security group IDs with which to associate the ClassicLink VPC instances.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ebs_optimized
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether the instance is optimized for EBS I/O (true) or not (false).
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether the instance is optimized for EBS I/O (true) or not (false).
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    image_id
    string -
    -     		- -
    The AMI unique identifier to be used for the group.
    -     		+ +
    The AMI unique identifier to be used for the group.
    +
    +
    instance_id
    string -
    -     		- -
    The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
    -     		+ +
    The Id of a running instance to use as a basis for a launch configuration. Can be used in place of image_id and instance_type.
    +
    +
    instance_monitoring
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Specifies whether instances are launched with detailed monitoring.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Specifies whether instances are launched with detailed monitoring.
    +
    +
    instance_profile_name
    string -
    -     		- -
    The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
    -     		+ +
    The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instances.
    +
    +
    instance_type
    string -
    -     		- -
    Instance type to use for the instance.
    -
    Required when creating a new Launch Configuration.
    -     		+ +
    Instance type to use for the instance.
    +
    Required when creating a new Launch Configuration.
    +
    +
    kernel_id
    string -
    -     		- -
    Kernel id for the EC2 instance.
    -     		+ +
    Kernel id for the EC2 instance.
    +
    +
    key_name
    string -
    -     		- -
    The SSH key name to be used for access to managed instances.
    -     		+ +
    The SSH key name to be used for access to managed instances.
    +
    +
    name
    string - / required
    -     		- -
    Unique name for configuration.
    -     		+ +
    Unique name for configuration.
    +
    +
    placement_tenancy
    string -
    -     		-
      Choices: -
    • default
      • -
    • dedicated
      • -
    -     		-
    Determines whether the instance runs on single-tenant hardware or not.
    -
    When not set AWS will default to default.
    -     		+
      Choices: +
    • default
      • +
    • dedicated
      • +
    +     		+
    Determines whether the instance runs on single-tenant hardware or not.
    +
    When not set AWS will default to default.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    ramdisk_id
    string -
    -     		- -
    A RAM disk id for the instances.
    -     		+ +
    A RAM disk id for the instances.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_groups
    list - / elements=string
    -     		- -
    A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
    -     		+ +
    A list of security groups to apply to the instances. Since version 2.4 you can specify either security group names or IDs or a mix. Previous to 2.4, for VPC instances, specify security group IDs and for EC2-Classic, specify either security group names or IDs.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    spot_price
    float -
    -     		- -
    The spot price you are bidding. Only applies for an autoscaling group with spot instances.
    -     		+ +
    The spot price you are bidding. Only applies for an autoscaling group with spot instances.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the instance.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the instance.
    +
    +
    user_data
    string -
    -     		- -
    Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with user_data_path.
    -     		+ +
    Opaque blob of data which is made available to the ec2 instance. Mutually exclusive with user_data_path.
    +
    +
    user_data_path
    path -
    -     		- -
    Path to the file that contains userdata for the ec2 instances. Mutually exclusive with user_data.
    -     		+ +
    Path to the file that contains userdata for the ec2 instances. Mutually exclusive with user_data.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    volumes
    list - / elements=dictionary
    -     		- -
    A list dictionaries defining the volumes to create.
    -
    For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
    -
    + / elements=dictionary + + +
    A list dictionaries defining the volumes to create.
    +
    For any volume, a volume size less than 1 will be interpreted as a request not to create the volume.
    +
    delete_on_termination
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the volume should be automatically deleted when the instance is terminated.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the volume should be automatically deleted when the instance is terminated.
    +
    +
    device_name
    string - / required
    -     		- -
    The name for the volume (For example /dev/sda).
    -     		+ +
    The name for the volume (For example /dev/sda).
    +
    +
    encrypted
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the volume should be encrypted using the 'aws/ebs' KMS CMK.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the volume should be encrypted using the 'aws/ebs' KMS CMK.
    +
    +
    ephemeral
    string -
    -     		- -
    Whether the volume should be ephemeral.
    -
    Data on ephemeral volumes is lost when the instance is stopped.
    -
    Mutually exclusive with the snapshot parameter.
    -
    + + + +
    Whether the volume should be ephemeral.
    +
    Data on ephemeral volumes is lost when the instance is stopped.
    +
    Mutually exclusive with the snapshot parameter.
    +
    iops
    integer -
    -     		- -
    The number of IOPS per second to provision for the volume.
    -
    Required when volume_type=io1.
    -     		+ +
    The number of IOPS per second to provision for the volume.
    +
    Required when volume_type=io1.
    +
    +
    no_device
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When no_device=true the device will not be created.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When no_device=true the device will not be created.
    +
    +
    snapshot
    string -
    -     		- -
    The ID of an EBS snapshot to copy when creating the volume.
    -
    Mutually exclusive with the ephemeral parameter.
    -     		+ +
    The ID of an EBS snapshot to copy when creating the volume.
    +
    Mutually exclusive with the ephemeral parameter.
    +
    +
    volume_size
    integer -
    -     		- -
    The size of the volume (in GiB).
    -
    Required unless one of ephemeral, snapshot or no_device is set.
    -     		+ +
    The size of the volume (in GiB).
    +
    Required unless one of ephemeral, snapshot or no_device is set.
    +
    +
    volume_type
    string -
    -     		- -
    The type of volume to create.
    -
    See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html for more information on the available volume types.
    -
    + + + +
    The type of volume to create.
    +
    See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html for more information on the available volume types.
    +
    vpc_id
    string -
    -     		- -
    VPC ID, used when resolving security group names to IDs.
    -
    + + + + + +
    VPC ID, used when resolving security group names to IDs.
    + + +
    @@ -721,7 +740,7 @@ Notes .. note:: - Amazon ASG Autoscaling Launch Configurations are immutable once created, so modifying the configuration after it is changed will not modify the launch configuration on AWS. You must create a new config and assign it to the ASG instead. - encrypted volumes are supported on versions >= 2.4 - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -732,8 +751,6 @@ Examples .. code-block:: yaml+jinja - - # create a launch configuration using an AMI image and instance type as a basis - name: note that encrypted volumes are only supported in >= Ansible 2.4 @@ -780,7 +797,7 @@ Examples - name: Use EBS snapshot ID for volume block: - name: Set Volume Facts - set_fact: + ansible.builtin.set_fact: volumes: - device_name: /dev/sda1 volume_size: 20 @@ -803,7 +820,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -816,643 +832,643 @@ Common return values are documented `here Returned Description - - + +
    arn
    string -
    - + + when state=present -
    The Amazon Resource Name of the launch configuration.
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    - - - - +
    The Amazon Resource Name of the launch configuration.
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    + + + +
    changed
    boolean -
    - + + always -
    Whether the state of the launch configuration has changed.
    -
    - +
    Whether the state of the launch configuration has changed.
    +
    + - - + +
    created_time
    string -
    - + + when state=present -
    The creation date and time for the launch configuration.
    -
    -
    Sample:
    -
    2017-11-03 23:46:44.841000
    - - - - +
    The creation date and time for the launch configuration.
    +
    +
    Sample:
    +
    2017-11-03 23:46:44.841000
    + + + +
    image_id
    string -
    - + + when state=present -
    The ID of the Amazon Machine Image used by the launch configuration.
    -
    -
    Sample:
    -
    ami-9be6f38c
    - - - - +
    The ID of the Amazon Machine Image used by the launch configuration.
    +
    +
    Sample:
    +
    ami-9be6f38c
    + + + +
    instance_type
    string -
    - + + when state=present -
    The instance type for the instances.
    -
    -
    Sample:
    -
    t1.micro
    - - - - +
    The instance type for the instances.
    +
    +
    Sample:
    +
    t1.micro
    + + + +
    name
    string -
    - + + when state=present -
    The name of the launch configuration.
    -
    -
    Sample:
    -
    launch_config_name
    - - - - +
    The name of the launch configuration.
    +
    +
    Sample:
    +
    launch_config_name
    + + + +
    result
    complex -
    - + + when state=present -
    The specification details for the launch configuration.
    -
    - +
    The specification details for the launch configuration.
    +
    + - -   - + +   +
    associate_public_ip_address
    boolean -
    - + + when state=present -
    (EC2-VPC) Indicates whether to assign a public IP address to each instance.
    -
    - +
    (EC2-VPC) Indicates whether to assign a public IP address to each instance.
    +
    + - -   - + +   +
    block_device_mappings
    complex -
    - + + when state=present -
    A block device mapping, which specifies the block devices.
    -
    - +
    A block device mapping, which specifies the block devices.
    +
    + - -   -   - + +   +   +
    device_name
    string -
    - + + when state=present -
    The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).
    -
    -
    Sample:
    -
    /dev/sda1
    - - - -   -   - +
    The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh).
    +
    +
    Sample:
    +
    /dev/sda1
    + + + +   +   +
    ebs
    complex -
    - + + when state=present -
    The information about the Amazon EBS volume.
    -
    - +
    The information about the Amazon EBS volume.
    +
    + - -   -   -   - + +   +   +   +
    snapshot_id
    string -
    - + + when state=present -
    The ID of the snapshot.
    -
    - - - -   -   -   - +
    The ID of the snapshot.
    +
    + + + +   +   +   +
    volume_size
    string -
    - + + when state=present -
    The volume size, in GiB.
    -
    -
    Sample:
    -
    100
    - - - - -   -   - +
    The volume size, in GiB.
    +
    +
    Sample:
    +
    100
    + + + + +   +   +
    virtual_name
    string -
    - + + when state=present -
    The name of the virtual device (for example, ephemeral0).
    -
    -
    Sample:
    -
    ephemeral0
    - +
    The name of the virtual device (for example, ephemeral0).
    +
    +
    Sample:
    +
    ephemeral0
    + - - -   - + + +   +
    classic_link_vpc_id
    string -
    - + + when state=present -
    The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
    -
    - +
    The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
    +
    + - -   - + +   +
    classic_link_vpc_security_groups
    list -
    - + + when state=present -
    The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId.
    -
    - +
    The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId.
    +
    + - -   - + +   +
    created_time
    string -
    - + + when state=present -
    The creation date and time for the launch configuration.
    -
    -
    Sample:
    -
    2017-11-03 23:46:44.841000
    - - - -   - +
    The creation date and time for the launch configuration.
    +
    +
    Sample:
    +
    2017-11-03 23:46:44.841000
    + + + +   +
    delete_on_termination
    boolean -
    - + + when state=present -
    Indicates whether the volume is deleted on instance termination.
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Indicates whether the volume is deleted on instance termination.
    +
    +
    Sample:
    +
    True
    + + + +   +
    ebs_optimized
    boolean -
    - + + when state=present -
    Indicates whether the instance is optimized for EBS I/O (true) or not (false).
    -
    - +
    Indicates whether the instance is optimized for EBS I/O (true) or not (false).
    +
    + - -   - + +   +
    image_id
    string -
    - + + when state=present -
    The ID of the Amazon Machine Image used by the launch configuration.
    -
    -
    Sample:
    -
    ami-9be6f38c
    - - - -   - +
    The ID of the Amazon Machine Image used by the launch configuration.
    +
    +
    Sample:
    +
    ami-9be6f38c
    + + + +   +
    instance_monitoring
    boolean -
    - + + when state=present -
    Indicates whether instances in this group are launched with detailed (true) or basic (false) monitoring.
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Indicates whether instances in this group are launched with detailed (true) or basic (false) monitoring.
    +
    +
    Sample:
    +
    True
    + + + +   +
    instance_profile_name
    string -
    - + + when state=present -
    The name or Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance.
    -
    - +
    The name or Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance.
    +
    + - -   - + +   +
    instance_type
    string -
    - + + when state=present -
    The instance type for the instances.
    -
    -
    Sample:
    -
    t1.micro
    - - - -   - +
    The instance type for the instances.
    +
    +
    Sample:
    +
    t1.micro
    + + + +   +
    iops
    integer -
    - + + when state=present -
    The number of I/O operations per second (IOPS) to provision for the volume.
    -
    - +
    The number of I/O operations per second (IOPS) to provision for the volume.
    +
    + - -   - + +   +
    kernel_id
    string -
    - + + when state=present -
    The ID of the kernel associated with the AMI.
    -
    - +
    The ID of the kernel associated with the AMI.
    +
    + - -   - + +   +
    key_name
    string -
    - + + when state=present -
    The name of the key pair.
    -
    -
    Sample:
    -
    testkey
    - - - -   - +
    The name of the key pair.
    +
    +
    Sample:
    +
    testkey
    + + + +   +
    launch_configuration_arn
    string -
    - + + when state=present -
    The Amazon Resource Name (ARN) of the launch configuration.
    -
    -
    Sample:
    -
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    - - - -   - +
    The Amazon Resource Name (ARN) of the launch configuration.
    +
    +
    Sample:
    +
    arn:aws:autoscaling:us-east-1:148830907657:launchConfiguration:888d9b58-d93a-40c4-90cf-759197a2621a:launchConfigurationName/launch_config_name
    + + + +   +
    member
    string -
    - + + when state=present -
    -
    -
    Sample:
    -
    - - - -   - +
    +
    +
    Sample:
    +
    + + + +   +
    name
    string -
    - + + when state=present -
    The name of the launch configuration.
    -
    -
    Sample:
    -
    launch_config_name
    - - - -   - +
    The name of the launch configuration.
    +
    +
    Sample:
    +
    launch_config_name
    + + + +   +
    PlacementTenancy
    string -
    - + + when state=present -
    The tenancy of the instances, either default or dedicated.
    -
    -
    Sample:
    -
    default
    - - - -   - +
    The tenancy of the instances, either default or dedicated.
    +
    +
    Sample:
    +
    default
    + + + +   +
    ramdisk_id
    string -
    - + + when state=present -
    The ID of the RAM disk associated with the AMI.
    -
    - +
    The ID of the RAM disk associated with the AMI.
    +
    + - -   - + +   +
    security_groups
    list -
    - + + when state=present -
    The security groups to associate with the instances.
    -
    -
    Sample:
    -
    ['sg-5e27db2f']
    - - - -   - +
    The security groups to associate with the instances.
    +
    +
    Sample:
    +
    ['sg-5e27db2f']
    + + + +   +
    spot_price
    float -
    - + + when state=present -
    The price to bid when launching Spot Instances.
    -
    - +
    The price to bid when launching Spot Instances.
    +
    + - -   - + +   +
    use_block_device_types
    boolean -
    - + + when state=present -
    Indicates whether to suppress a device mapping.
    -
    - +
    Indicates whether to suppress a device mapping.
    +
    + - -   - + +   +
    user_data
    string -
    - + + when state=present -
    The user data available to the instances.
    -
    - +
    The user data available to the instances.
    +
    + - -   - + +   +
    volume_type
    string -
    - + + when state=present -
    The volume type (one of standard, io1, gp2).
    -
    -
    Sample:
    -
    io1
    - +
    The volume type (one of standard, io1, gp2).
    +
    +
    Sample:
    +
    io1
    + - - - + + +
    security_groups
    list -
    - + + when state=present -
    The security groups to associate with the instances.
    -
    -
    Sample:
    -
    ['sg-5e27db2f']
    - +
    The security groups to associate with the instances.
    +
    +
    Sample:
    +
    ['sg-5e27db2f']
    + - +

    @@ -1465,5 +1481,3 @@ Authors - Gareth Rushgrove (@garethr) - Willem van Ketwich (@wilvk) - - diff --git a/docs/community.aws.ec2_metric_alarm_module.rst b/docs/community.aws.ec2_metric_alarm_module.rst index bb16941d1ab..547c74d9bf8 100644 --- a/docs/community.aws.ec2_metric_alarm_module.rst +++ b/docs/community.aws.ec2_metric_alarm_module.rst @@ -36,462 +36,481 @@ Parameters .. raw:: html - + - + - - + - - + / elements=string + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    alarm_actions
    list - / elements=string
    -     		- -
    A list of the names action(s) taken when the alarm is in the alarm status, denoted as Amazon Resource Name(s).
    -     		+ +
    A list of the names action(s) taken when the alarm is in the alarm status, denoted as Amazon Resource Name(s).
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    comparison
    string -
    -     		-
      Choices: -
    • GreaterThanOrEqualToThreshold
      • -
    • GreaterThanThreshold
      • -
    • LessThanThreshold
      • -
    • LessThanOrEqualToThreshold
      • -
    • <=
      • -
    • <
      • -
    • >=
      • -
    • >
      • -
    -     		-
    Determines how the threshold value is compared
    -
    Symbolic comparison operators have been deprecated, and will be removed after 2022-06-22.
    -     		+
      Choices: +
    • GreaterThanOrEqualToThreshold
      • +
    • GreaterThanThreshold
      • +
    • LessThanThreshold
      • +
    • LessThanOrEqualToThreshold
      • +
    • <=
      • +
    • <
      • +
    • >=
      • +
    • >
      • +
    +     		+
    Determines how the threshold value is compared
    +
    Symbolic comparison operators have been deprecated, and will be removed after 2022-06-22.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A longer description of the alarm.
    -     		+ +
    A longer description of the alarm.
    +
    +
    dimensions
    dictionary -
    -     		- -
    A dictionary describing which metric the alarm is applied to.
    -
    For more information see the AWS documentation:
    - -     		+ +
    A dictionary describing which metric the alarm is applied to.
    +
    For more information see the AWS documentation:
    + +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    evaluation_periods
    integer -
    -     		- -
    The number of times in which the metric is evaluated before final calculation.
    -     		+ +
    The number of times in which the metric is evaluated before final calculation.
    +
    +
    insufficient_data_actions
    list - / elements=string
    -     		- -
    A list of the names of action(s) to take when the alarm is in the insufficient_data status.
    -     		+ +
    A list of the names of action(s) to take when the alarm is in the insufficient_data status.
    +
    +
    metric
    string -
    -     		- -
    Name of the monitored metric (e.g. CPUUtilization).
    -
    Metric must already exist.
    -     		+ +
    Name of the monitored metric (e.g. CPUUtilization).
    +
    Metric must already exist.
    +
    +
    name
    string - / required
    -     		- -
    Unique name for the alarm.
    -     		+ +
    Unique name for the alarm.
    +
    +
    namespace
    string -
    -     		- -
    Name of the appropriate namespace (AWS/EC2, System/Linux, etc.), which determines the category it will appear under in cloudwatch.
    -     		+ +
    Name of the appropriate namespace (AWS/EC2, System/Linux, etc.), which determines the category it will appear under in cloudwatch.
    +
    +
    ok_actions
    list - / elements=string
    -     		- -
    A list of the names of action(s) to take when the alarm is in the ok status, denoted as Amazon Resource Name(s).
    -     		+ +
    A list of the names of action(s) to take when the alarm is in the ok status, denoted as Amazon Resource Name(s).
    +
    +
    period
    integer -
    -     		- -
    The time (in seconds) between metric evaluations.
    -     		+ +
    The time (in seconds) between metric evaluations.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the alarm.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the alarm.
    +
    +
    statistic
    string -
    -     		-
      Choices: -
    • SampleCount
      • -
    • Average
      • -
    • Sum
      • -
    • Minimum
      • -
    • Maximum
      • -
    -     		-
    Operation applied to the metric.
    -
    Works in conjunction with period and evaluation_periods to determine the comparison value.
    -     		+
      Choices: +
    • SampleCount
      • +
    • Average
      • +
    • Sum
      • +
    • Minimum
      • +
    • Maximum
      • +
    +     		+
    Operation applied to the metric.
    +
    Works in conjunction with period and evaluation_periods to determine the comparison value.
    +
    +
    threshold
    float -
    -     		- -
    Sets the min/max bound for triggering the alarm.
    -     		+ +
    Sets the min/max bound for triggering the alarm.
    +
    +
    treat_missing_data
    string -
    -     		-
      Choices: -
    • breaching
      • -
    • notBreaching
      • -
    • ignore
      • -
    • missing ←
      • -
    -     		-
    Sets how the alarm handles missing data points.
    -     		+
      Choices: +
    • breaching
      • +
    • notBreaching
      • +
    • ignore
      • +
    • missing ←
      • +
    +     		+
    Sets how the alarm handles missing data points.
    +
    +
    unit
    string -
    -     		-
      Choices: -
    • Seconds
      • -
    • Microseconds
      • -
    • Milliseconds
      • -
    • Bytes
      • -
    • Kilobytes
      • -
    • Megabytes
      • -
    • Gigabytes
      • -
    • Terabytes
      • -
    • Bits
      • -
    • Kilobits
      • -
    • Megabits
      • -
    • Gigabits
      • -
    • Terabits
      • -
    • Percent
      • -
    • Count
      • -
    • Bytes/Second
      • -
    • Kilobytes/Second
      • -
    • Megabytes/Second
      • -
    • Gigabytes/Second
      • -
    • Terabytes/Second
      • -
    • Bits/Second
      • -
    • Kilobits/Second
      • -
    • Megabits/Second
      • -
    • Gigabits/Second
      • -
    • Terabits/Second
      • -
    • Count/Second
      • -
    • None
      • -
    -     		-
    The threshold's unit of measurement.
    -     		+
      Choices: +
    • Seconds
      • +
    • Microseconds
      • +
    • Milliseconds
      • +
    • Bytes
      • +
    • Kilobytes
      • +
    • Megabytes
      • +
    • Gigabytes
      • +
    • Terabytes
      • +
    • Bits
      • +
    • Kilobits
      • +
    • Megabits
      • +
    • Gigabits
      • +
    • Terabits
      • +
    • Percent
      • +
    • Count
      • +
    • Bytes/Second
      • +
    • Kilobytes/Second
      • +
    • Megabytes/Second
      • +
    • Gigabytes/Second
      • +
    • Terabytes/Second
      • +
    • Bits/Second
      • +
    • Kilobits/Second
      • +
    • Megabits/Second
      • +
    • Gigabits/Second
      • +
    • Terabits/Second
      • +
    • Count/Second
      • +
    • None
      • +
    +     		+
    The threshold's unit of measurement.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -499,7 +518,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -510,8 +529,7 @@ Examples .. code-block:: yaml+jinja - - - name: create alarm + - name: create alarm community.aws.ec2_metric_alarm: state: present region: ap-southeast-2 @@ -548,8 +566,6 @@ Examples - - Status ------ @@ -558,5 +574,3 @@ Authors ~~~~~~~ - Zacharie Eakin (@Zeekin) - - diff --git a/docs/community.aws.ec2_placement_group_info_module.rst b/docs/community.aws.ec2_placement_group_info_module.rst index 88f9cc5d02a..43407b43c14 100644 --- a/docs/community.aws.ec2_placement_group_info_module.rst +++ b/docs/community.aws.ec2_placement_group_info_module.rst @@ -36,177 +36,196 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    names
    list - / elements=string
    -     		- Default:
    []
    -     		-
    A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
    -     		+ Default:
    []
    +     		+
    A list of names to filter on. If a listed group does not exist, there will be no corresponding entry in the result; no error will be raised.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -214,7 +233,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -225,7 +244,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. @@ -240,13 +258,11 @@ Examples - my-other-cluster register: specific_ec2_placement_groups - - debug: + - ansible.builtin.debug: msg: "{{ specific_ec2_placement_groups | json_query(\"[?name=='my-cluster']\") }}" - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -259,77 +275,77 @@ Common return values are documented `here Returned Description - - + +
    placement_groups
    complex -
    - + + always -
    Placement group attributes
    -
    - +
    Placement group attributes
    +
    + - -   - + +   +
    name
    string -
    - + + -
    PG name
    -
    -
    Sample:
    -
    my-cluster
    - +
    PG name
    +
    +
    Sample:
    +
    my-cluster
    + - -   - + +   +
    state
    string -
    - + + -
    PG state
    -
    -
    Sample:
    -
    available
    - +
    PG state
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    strategy
    string -
    - + + -
    PG strategy
    -
    -
    Sample:
    -
    cluster
    - +
    PG strategy
    +
    +
    Sample:
    +
    cluster
    + - - + +

    @@ -341,5 +357,3 @@ Authors ~~~~~~~ - Brad Macpherson (@iiibrad) - - diff --git a/docs/community.aws.ec2_placement_group_module.rst b/docs/community.aws.ec2_placement_group_module.rst index 6170c36a7e1..1a96c08bfe0 100644 --- a/docs/community.aws.ec2_placement_group_module.rst +++ b/docs/community.aws.ec2_placement_group_module.rst @@ -35,214 +35,233 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name for the placement group.
    -     		+ +
    The name for the placement group.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete placement group.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete placement group.
    +
    +
    strategy
    string -
    -     		-
      Choices: -
    • cluster ←
      • -
    • spread
      • -
    -     		-
    Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
    -     		+
      Choices: +
    • cluster ←
      • +
    • spread
      • +
    +     		+
    Placement group strategy. Cluster will cluster instances into a low-latency group in a single Availability Zone, while Spread spreads instances across underlying hardware.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -250,7 +269,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -261,7 +280,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide # for details. @@ -283,8 +301,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -297,77 +313,77 @@ Common return values are documented `here Returned Description - - + +
    placement_group
    complex -
    - + + when state != absent -
    Placement group attributes
    -
    - +
    Placement group attributes
    +
    + - -   - + +   +
    name
    string -
    - + + -
    PG name
    -
    -
    Sample:
    -
    my-cluster
    - +
    PG name
    +
    +
    Sample:
    +
    my-cluster
    + - -   - + +   +
    state
    string -
    - + + -
    PG state
    -
    -
    Sample:
    -
    available
    - +
    PG state
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    strategy
    string -
    - + + -
    PG strategy
    -
    -
    Sample:
    -
    cluster
    - +
    PG strategy
    +
    +
    Sample:
    +
    cluster
    + - - + +

    @@ -379,5 +395,3 @@ Authors ~~~~~~~ - Brad Macpherson (@iiibrad) - - diff --git a/docs/community.aws.ec2_scaling_policy_module.rst b/docs/community.aws.ec2_scaling_policy_module.rst index 06bca9d7550..ae3a92357be 100644 --- a/docs/community.aws.ec2_scaling_policy_module.rst +++ b/docs/community.aws.ec2_scaling_policy_module.rst @@ -36,275 +36,294 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    adjustment_type
    string -
    -     		-
      Choices: -
    • ChangeInCapacity
      • -
    • ExactCapacity
      • -
    • PercentChangeInCapacity
      • -
    -     		-
    The type of change in capacity of the autoscaling group.
    -     		+
      Choices: +
    • ChangeInCapacity
      • +
    • ExactCapacity
      • +
    • PercentChangeInCapacity
      • +
    +     		+
    The type of change in capacity of the autoscaling group.
    +
    +
    asg_name
    string - / required
    -     		- -
    Name of the associated autoscaling group.
    -     		+ +
    Name of the associated autoscaling group.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cooldown
    integer -
    -     		- -
    The minimum period of time (in seconds) between which autoscaling actions can take place.
    -     		+ +
    The minimum period of time (in seconds) between which autoscaling actions can take place.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    min_adjustment_step
    integer -
    -     		- -
    Minimum amount of adjustment when policy is triggered.
    -     		+ +
    Minimum amount of adjustment when policy is triggered.
    +
    +
    name
    string - / required
    -     		- -
    Unique name for the scaling policy.
    -     		+ +
    Unique name for the scaling policy.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    scaling_adjustment
    integer -
    -     		- -
    The amount by which the autoscaling group is adjusted by the policy.
    -     		+ +
    The amount by which the autoscaling group is adjusted by the policy.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Register or deregister the policy.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Register or deregister the policy.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -312,7 +331,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -323,7 +342,6 @@ Examples .. code-block:: yaml+jinja - - community.aws.ec2_scaling_policy: state: present region: US-XXX @@ -337,7 +355,6 @@ Examples - Status ------ @@ -346,5 +363,3 @@ Authors ~~~~~~~ - Zacharie Eakin (@Zeekin) - - diff --git a/docs/community.aws.ec2_snapshot_copy_module.rst b/docs/community.aws.ec2_snapshot_copy_module.rst index b62f92cc791..99e9a456acf 100644 --- a/docs/community.aws.ec2_snapshot_copy_module.rst +++ b/docs/community.aws.ec2_snapshot_copy_module.rst @@ -36,290 +36,309 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    An optional human-readable string describing purpose of the new Snapshot.
    -     		+ +
    An optional human-readable string describing purpose of the new Snapshot.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    encrypted
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not the destination Snapshot should be encrypted.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not the destination Snapshot should be encrypted.
    +
    +
    kms_key_id
    string -
    -     		- -
    KMS key id used to encrypt snapshot. If not specified, AWS defaults to alias/aws/ebs.
    -     		+ +
    KMS key id used to encrypt snapshot. If not specified, AWS defaults to alias/aws/ebs.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    source_region
    string - / required
    -     		- -
    The source region the Snapshot should be copied from.
    -     		+ +
    The source region the Snapshot should be copied from.
    +
    +
    source_snapshot_id
    string - / required
    -     		- -
    The ID of the Snapshot in source region that should be copied.
    -     		+ +
    The ID of the Snapshot in source region that should be copied.
    +
    +
    tags
    dictionary -
    -     		- -
    A hash/dictionary of tags to add to the new Snapshot; '{"key":"value"}' and '{"key":"value","key":"value"}'
    -     		+ +
    A hash/dictionary of tags to add to the new Snapshot; '{"key":"value"}' and '{"key":"value","key":"value"}'
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for the copied Snapshot to be in 'Available' state before returning.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for the copied Snapshot to be in 'Available' state before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    600
    -     		-
    How long before wait gives up, in seconds.
    -     		+ Default:
    600
    +     		+
    How long before wait gives up, in seconds.
    +
    +
    @@ -327,7 +346,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -338,7 +357,6 @@ Examples .. code-block:: yaml+jinja - - name: Basic Snapshot Copy community.aws.ec2_snapshot_copy: source_region: eu-central-1 @@ -379,7 +397,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -392,24 +409,24 @@ Common return values are documented `here Returned Description - - + +
    snapshot_id
    string -
    - + + when snapshot copy is successful -
    snapshot id of the newly created snapshot
    -
    -
    Sample:
    -
    snap-e9095e8c
    - +
    snapshot id of the newly created snapshot
    +
    +
    Sample:
    +
    snap-e9095e8c
    + - +

    @@ -421,5 +438,3 @@ Authors ~~~~~~~ - Deepak Kothandan (@Deepakkothandan) - - diff --git a/docs/community.aws.ec2_transit_gateway_info_module.rst b/docs/community.aws.ec2_transit_gateway_info_module.rst index 33a44105ca3..cf17e520a9c 100644 --- a/docs/community.aws.ec2_transit_gateway_info_module.rst +++ b/docs/community.aws.ec2_transit_gateway_info_module.rst @@ -37,192 +37,211 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html for filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html for filters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    transit_gateway_ids
    list -
    -     		- -
    A list of transit gateway IDs to gather information for.
    -

    aliases: transit_gateway_id
    -     		+ +
    A list of transit gateway IDs to gather information for.
    +

    aliases: transit_gateway_id
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -230,7 +249,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -241,7 +260,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather info about all transit gateways @@ -266,7 +284,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -279,318 +296,318 @@ Common return values are documented `here Returned Description - - + +
    transit_gateways
    complex -
    - + + on success -
    Transit gateways that match the provided filters. Each element consists of a dict with all the information related to that transit gateway.
    -
    - +
    Transit gateways that match the provided filters. Each element consists of a dict with all the information related to that transit gateway.
    +
    + - -   - + +   +
    creation_time
    string -
    - + + always -
    The creation time.
    -
    -
    Sample:
    -
    2019-02-05T16:19:58+00:00
    - +
    The creation time.
    +
    +
    Sample:
    +
    2019-02-05T16:19:58+00:00
    + - -   - + +   +
    description
    string -
    - + + always -
    The description of the transit gateway.
    -
    -
    Sample:
    -
    A transit gateway
    - +
    The description of the transit gateway.
    +
    +
    Sample:
    +
    A transit gateway
    + - -   - + +   +
    options
    complex -
    - + + always -
    A dictionary of the transit gateway options.
    -
    - +
    A dictionary of the transit gateway options.
    +
    + - -   -   - + +   +   +
    amazon_side_asn
    integer -
    - + + always -
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    -
    -
    Sample:
    -
    64512
    - +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    +
    +
    Sample:
    +
    64512
    + - -   -   - + +   +   +
    association_default_route_table_id
    string -
    - + + when present -
    The ID of the default association route table.
    -
    -
    Sample:
    -
    rtb-11223344
    - +
    The ID of the default association route table.
    +
    +
    Sample:
    +
    rtb-11223344
    + - -   -   - + +   +   +
    auto_accept_shared_attachments
    string -
    - + + always -
    Indicates whether attachment requests are automatically accepted.
    -
    -
    Sample:
    -
    enable
    - +
    Indicates whether attachment requests are automatically accepted.
    +
    +
    Sample:
    +
    enable
    + - -   -   - + +   +   +
    default_route_table_association
    string -
    - + + always -
    Indicates whether resource attachments are automatically associated with the default association route table.
    -
    -
    Sample:
    -
    disable
    - +
    Indicates whether resource attachments are automatically associated with the default association route table.
    +
    +
    Sample:
    +
    disable
    + - -   -   - + +   +   +
    default_route_table_propagation
    string -
    - + + always -
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    -
    -
    Sample:
    -
    disable
    - +
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    +
    +
    Sample:
    +
    disable
    + - -   -   - + +   +   +
    dns_support
    string -
    - + + always -
    Indicates whether DNS support is enabled.
    -
    -
    Sample:
    -
    enable
    - +
    Indicates whether DNS support is enabled.
    +
    +
    Sample:
    +
    enable
    + - -   -   - + +   +   +
    propagation_default_route_table_id
    string -
    - + + when present -
    The ID of the default propagation route table.
    -
    -
    Sample:
    -
    rtb-11223344
    - +
    The ID of the default propagation route table.
    +
    +
    Sample:
    +
    rtb-11223344
    + - -   -   - + +   +   +
    vpn_ecmp_support
    string -
    - + + always -
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    -
    -
    Sample:
    -
    enable
    - +
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    +
    +
    Sample:
    +
    enable
    + - - -   - + + +   +
    owner_id
    string -
    - + + always -
    The AWS account number ID which owns the transit gateway.
    -
    -
    Sample:
    -
    1234567654323
    - +
    The AWS account number ID which owns the transit gateway.
    +
    +
    Sample:
    +
    1234567654323
    + - -   - + +   +
    state
    string -
    - + + always -
    The state of the transit gateway.
    -
    -
    Sample:
    -
    available
    - +
    The state of the transit gateway.
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    A dict of tags associated with the transit gateway.
    -
    -
    Sample:
    -
    { "Name": "A sample TGW" }
    - +
    A dict of tags associated with the transit gateway.
    +
    +
    Sample:
    +
    { "Name": "A sample TGW" }
    + - -   - + +   +
    transit_gateway_arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the transit gateway.
    -
    -
    Sample:
    -
    arn:aws:ec2:us-west-2:1234567654323:transit-gateway/tgw-02c42332e6b7da829
    - +
    The Amazon Resource Name (ARN) of the transit gateway.
    +
    +
    Sample:
    +
    arn:aws:ec2:us-west-2:1234567654323:transit-gateway/tgw-02c42332e6b7da829
    + - -   - + +   +
    transit_gateway_id
    string -
    - + + always -
    The ID of the transit gateway.
    -
    -
    Sample:
    -
    tgw-02c42332e6b7da829
    - +
    The ID of the transit gateway.
    +
    +
    Sample:
    +
    tgw-02c42332e6b7da829
    + - - + +

    @@ -602,5 +619,3 @@ Authors ~~~~~~~ - Bob Boldin (@BobBoldin) - - diff --git a/docs/community.aws.ec2_transit_gateway_module.rst b/docs/community.aws.ec2_transit_gateway_module.rst index 507be21f2ea..9cf7c9c958a 100644 --- a/docs/community.aws.ec2_transit_gateway_module.rst +++ b/docs/community.aws.ec2_transit_gateway_module.rst @@ -39,391 +39,410 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    asn
    integer -
    -     		- -
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
    -
    The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    -     		+ +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session.
    +
    The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    +
    +
    auto_associate
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Enable or disable automatic association with the default association route table.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Enable or disable automatic association with the default association route table.
    +
    +
    auto_attach
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enable or disable automatic acceptance of attachment requests.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enable or disable automatic acceptance of attachment requests.
    +
    +
    auto_propagate
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Enable or disable automatic propagation of routes to the default propagation route table.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Enable or disable automatic propagation of routes to the default propagation route table.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    The description of the transit gateway.
    -     		+ +
    The description of the transit gateway.
    +
    +
    dns_support
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to enable AWS DNS support.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to enable AWS DNS support.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to purge existing tags not included with tags argument.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to purge existing tags not included with tags argument.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    present to ensure resource is created.
    -
    absent to remove resource.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    present to ensure resource is created.
    +
    absent to remove resource.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of resource tags
    -     		+ +
    A dictionary of resource tags
    +
    +
    transit_gateway_id
    string -
    -     		- -
    The ID of the transit gateway.
    -     		+ +
    The ID of the transit gateway.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpn_ecmp_support
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Enable or disable Equal Cost Multipath Protocol support.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Enable or disable Equal Cost Multipath Protocol support.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to wait for status
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to wait for status
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    number of seconds to wait for status
    -
    + + + + Default:
    300
    + + +
    number of seconds to wait for status
    + + +
    @@ -431,7 +450,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -442,7 +461,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a new transit gateway using defaults community.aws.ec2_transit_gateway: state: present @@ -479,7 +497,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -492,318 +509,318 @@ Common return values are documented `here Returned Description - - + +
    transit_gateway
    complex -
    - + + state=present -
    The attributes of the transit gateway.
    -
    - +
    The attributes of the transit gateway.
    +
    + - -   - + +   +
    creation_time
    string -
    - + + always -
    The creation time of the transit gateway.
    -
    -
    Sample:
    -
    2019-03-06T17:13:51+00:00
    - - - -   - +
    The creation time of the transit gateway.
    +
    +
    Sample:
    +
    2019-03-06T17:13:51+00:00
    + + + +   +
    description
    string -
    - + + always -
    The description of the transit gateway.
    -
    -
    Sample:
    -
    my test tgw
    - - - -   - +
    The description of the transit gateway.
    +
    +
    Sample:
    +
    my test tgw
    + + + +   +
    options
    complex -
    - + + always -
    The options attributes of the transit gateway
    -
    - +
    The options attributes of the transit gateway
    +
    + - -   -   - + +   +   +
    amazon_side_asn
    string -
    - + + always -
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    -
    -
    Sample:
    -
    64512
    - - - -   -   - +
    A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
    +
    +
    Sample:
    +
    64512
    + + + +   +   +
    association_default_route_table_id
    string -
    - + + Iwhen exists -
    The ID of the default association route table.
    -
    -
    Sample:
    -
    tgw-rtb-abc123444
    - - - -   -   - +
    The ID of the default association route table.
    +
    +
    Sample:
    +
    tgw-rtb-abc123444
    + + + +   +   +
    auto_accept_shared_attachements
    string -
    - + + always -
    Indicates whether attachment requests are automatically accepted.
    -
    -
    Sample:
    -
    disable
    - - - -   -   - +
    Indicates whether attachment requests are automatically accepted.
    +
    +
    Sample:
    +
    disable
    + + + +   +   +
    default_route_table_association
    string -
    - + + always -
    Indicates whether resource attachments are automatically associated with the default association route table.
    -
    -
    Sample:
    -
    enable
    - - - -   -   - +
    Indicates whether resource attachments are automatically associated with the default association route table.
    +
    +
    Sample:
    +
    enable
    + + + +   +   +
    default_route_table_propagation
    string -
    - + + always -
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    -
    -
    Sample:
    -
    disable
    - - - -   -   - +
    Indicates whether resource attachments automatically propagate routes to the default propagation route table.
    +
    +
    Sample:
    +
    disable
    + + + +   +   +
    dns_support
    string -
    - + + always -
    Indicates whether DNS support is enabled.
    -
    -
    Sample:
    -
    enable
    - - - -   -   - +
    Indicates whether DNS support is enabled.
    +
    +
    Sample:
    +
    enable
    + + + +   +   +
    propagation_default_route_table_id
    string -
    - + + when exists -
    The ID of the default propagation route table.
    -
    -
    Sample:
    -
    tgw-rtb-def456777
    - - - -   -   - +
    The ID of the default propagation route table.
    +
    +
    Sample:
    +
    tgw-rtb-def456777
    + + + +   +   +
    vpn_ecmp_support
    string -
    - + + always -
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    -
    -
    Sample:
    -
    enable
    - +
    Indicates whether Equal Cost Multipath Protocol support is enabled.
    +
    +
    Sample:
    +
    enable
    + - - -   - + + +   +
    owner_id
    string -
    - + + always -
    The account that owns the transit gateway.
    -
    -
    Sample:
    -
    123456789012
    - - - -   - +
    The account that owns the transit gateway.
    +
    +
    Sample:
    +
    123456789012
    + + + +   +
    state
    string -
    - + + always -
    The state of the transit gateway.
    -
    -
    Sample:
    -
    pending
    - - - -   - +
    The state of the transit gateway.
    +
    +
    Sample:
    +
    pending
    + + + +   +
    tags
    dictionary -
    - + + always -
    A dictionary of resource tags
    -
    -
    Sample:
    -
    {'tags': {'Name': 'nonprod_tgw'}}
    - - - -   - +
    A dictionary of resource tags
    +
    +
    Sample:
    +
    {'tags': {'Name': 'nonprod_tgw'}}
    + + + +   +
    transit_gateway_arn
    string -
    - + + always -
    The ID of the transit_gateway.
    -
    -
    Sample:
    -
    tgw-3a9aa123
    - - - -   - +
    The ID of the transit_gateway.
    +
    +
    Sample:
    +
    tgw-3a9aa123
    + + + +   +
    transit_gateway_id
    string -
    - + + always -
    The ID of the transit_gateway.
    -
    -
    Sample:
    -
    tgw-3a9aa123
    - +
    The ID of the transit_gateway.
    +
    +
    Sample:
    +
    tgw-3a9aa123
    + - - + +

    @@ -815,5 +832,3 @@ Authors ~~~~~~~ - Bob Boldin (@BobBoldin) - - diff --git a/docs/community.aws.ec2_vpc_egress_igw_module.rst b/docs/community.aws.ec2_vpc_egress_igw_module.rst index 36eaf3e1401..05dad438d6f 100644 --- a/docs/community.aws.ec2_vpc_egress_igw_module.rst +++ b/docs/community.aws.ec2_vpc_egress_igw_module.rst @@ -35,195 +35,214 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete the EIGW.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete the EIGW.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string - / required
    -     		- -
    The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
    -     		+ +
    The VPC ID for the VPC that this Egress Only Internet Gateway should be attached.
    +
    +
    @@ -231,7 +250,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -242,7 +261,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Ensure that the VPC has an Internet Gateway. @@ -254,8 +272,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -268,41 +284,41 @@ Common return values are documented `here Returned Description - - + +
    gateway_id
    string -
    - + + always -
    The ID of the Egress Only Internet Gateway or Null.
    -
    -
    Sample:
    -
    eigw-0e00cf111ba5bc11e
    - +
    The ID of the Egress Only Internet Gateway or Null.
    +
    +
    Sample:
    +
    eigw-0e00cf111ba5bc11e
    + - - + +
    vpc_id
    string -
    - + + always -
    The ID of the VPC to attach or detach gateway from.
    -
    -
    Sample:
    -
    vpc-012345678
    - +
    The ID of the VPC to attach or detach gateway from.
    +
    +
    Sample:
    +
    vpc-012345678
    + - +

    @@ -314,5 +330,3 @@ Authors ~~~~~~~ - Daniel Shepherd (@shepdelacreme) - - diff --git a/docs/community.aws.ec2_vpc_endpoint_info_module.rst b/docs/community.aws.ec2_vpc_endpoint_info_module.rst index ee83c340bd3..4950abae3a3 100644 --- a/docs/community.aws.ec2_vpc_endpoint_info_module.rst +++ b/docs/community.aws.ec2_vpc_endpoint_info_module.rst @@ -37,210 +37,229 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html for possible filters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    query
    string - / required
    -     		-
      Choices: -
    • services
      • -
    • endpoints
      • -
    -     		-
    Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
    -     		+
      Choices: +
    • services
      • +
    • endpoints
      • +
    +     		+
    Specifies the query action to take. Services returns the supported AWS services that can be specified when creating an endpoint.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_endpoint_ids
    list - / elements=string
    -     		- -
    Get details of specific endpoint IDs
    -     		+ +
    Get details of specific endpoint IDs
    +
    +
    @@ -248,7 +267,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -259,7 +278,6 @@ Examples .. code-block:: yaml+jinja - # Simple example of listing all support AWS services for VPC endpoints - name: List supported AWS endpoint services community.aws.ec2_vpc_endpoint_info: @@ -296,7 +314,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -309,41 +326,41 @@ Common return values are documented `here Returned Description - - + +
    service_names
    list -
    - + + query is services -
    AWS VPC endpoint service names
    -
    -
    Sample:
    -
    {'service_names': ['com.amazonaws.ap-southeast-2.s3']}
    - +
    AWS VPC endpoint service names
    +
    +
    Sample:
    +
    {'service_names': ['com.amazonaws.ap-southeast-2.s3']}
    + - - + +
    vpc_endpoints
    list -
    - + + query is endpoints -
    A list of endpoints that match the query. Each endpoint has the keys creation_timestamp, policy_document, route_table_ids, service_name, state, vpc_endpoint_id, vpc_id.
    -
    -
    Sample:
    -
    {'vpc_endpoints': [{'creation_timestamp': '2017-02-16T11:06:48+00:00', 'policy_document': '"{"Version":"2012-10-17","Id":"Policy1450910922815", "Statement":[{"Sid":"Stmt1450910920641","Effect":"Allow", "Principal":"*","Action":"s3:*","Resource":["arn:aws:s3:::*/*","arn:aws:s3:::*"]}]}"\n', 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'state': 'available', 'vpc_endpoint_id': 'vpce-abbad0d0', 'vpc_id': 'vpc-1111ffff'}]}
    - +
    A list of endpoints that match the query. Each endpoint has the keys creation_timestamp, policy_document, route_table_ids, service_name, state, vpc_endpoint_id, vpc_id.
    +
    +
    Sample:
    +
    {'vpc_endpoints': [{'creation_timestamp': '2017-02-16T11:06:48+00:00', 'policy_document': '"{\\"Version\\":\\"2012-10-17\\",\\"Id\\":\\"Policy1450910922815\\", \\"Statement\\":[{\\"Sid\\":\\"Stmt1450910920641\\",\\"Effect\\":\\"Allow\\", \\"Principal\\":\\"*\\",\\"Action\\":\\"s3:*\\",\\"Resource\\":[\\"arn:aws:s3:::*/*\\",\\"arn:aws:s3:::*\\"]}]}"\n', 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'state': 'available', 'vpc_endpoint_id': 'vpce-abbad0d0', 'vpc_id': 'vpc-1111ffff'}]}
    + - +

    @@ -355,5 +372,3 @@ Authors ~~~~~~~ - Karen Cheng (@Etherdaemon) - - diff --git a/docs/community.aws.ec2_vpc_endpoint_module.rst b/docs/community.aws.ec2_vpc_endpoint_module.rst index 01772dbebfd..a6ecdaadc0c 100644 --- a/docs/community.aws.ec2_vpc_endpoint_module.rst +++ b/docs/community.aws.ec2_vpc_endpoint_module.rst @@ -38,325 +38,344 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    client_token
    string -
    -     		- -
    Optional client token to ensure idempotency
    -     		+ +
    Optional client token to ensure idempotency
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    policy
    json -
    -     		- -
    A properly formatted json policy as string, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813. Cannot be used with policy_file.
    -
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    -     		+ +
    A properly formatted json policy as string, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813. Cannot be used with policy_file.
    +
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    +
    +
    policy_file
    path -
    -     		- -
    The path to the properly json formatted policy file, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly. Cannot be used with policy.
    -
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    -

    aliases: policy_path
    -     		+ +
    The path to the properly json formatted policy file, see https://github.com/ansible/ansible/issues/7005#issuecomment-42894813 on how to use it properly. Cannot be used with policy.
    +
    Option when creating an endpoint. If not provided AWS will utilise a default policy which provides full access to the service.
    +

    aliases: policy_path
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    route_table_ids
    list - / elements=string
    -     		- -
    List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
    -     		+ +
    List of one or more route table ids to attach to the endpoint. A route is added to the route table with the destination of the endpoint if provided.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    service
    string -
    -     		- -
    An AWS supported vpc endpoint service. Use the community.aws.ec2_vpc_endpoint_info module to describe the supported endpoint services.
    -
    Required when creating an endpoint.
    -     		+ +
    An AWS supported vpc endpoint service. Use the community.aws.ec2_vpc_endpoint_info module to describe the supported endpoint services.
    +
    Required when creating an endpoint.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    present to ensure resource is created.
    -
    absent to remove resource
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    present to ensure resource is created.
    +
    absent to remove resource
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_endpoint_id
    string -
    -     		- -
    One or more vpc endpoint ids to remove from the AWS account
    -     		+ +
    One or more vpc endpoint ids to remove from the AWS account
    +
    +
    vpc_id
    string -
    -     		- -
    Required when creating a VPC endpoint.
    -     		+ +
    Required when creating a VPC endpoint.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When specified, will wait for either available status for state present. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    320
    -     		-
    Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    -     		+ Default:
    320
    +     		+
    Used in conjunction with wait. Number of seconds to wait for status. Unfortunately this is ignored for delete actions due to a difference in behaviour from AWS.
    +
    +
    @@ -364,7 +383,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -375,7 +394,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new vpc endpoint with a json template for policy @@ -421,7 +439,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -434,24 +451,24 @@ Common return values are documented `here Returned Description - - + +
    endpoints
    list -
    - + + success -
    The resulting endpoints from the module call
    -
    -
    Sample:
    -
    [{'creation_timestamp': '2017-02-20T05:04:15+00:00', 'policy_document': {'Id': 'Policy1450910922815', 'Statement': [{'Action': 's3:*', 'Effect': 'Allow', 'Principal': '*', 'Resource': ['arn:aws:s3:::*/*', 'arn:aws:s3:::*'], 'Sid': 'Stmt1450910920641'}], 'Version': '2012-10-17'}, 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'vpc_endpoint_id': 'vpce-a1b2c3d4', 'vpc_id': 'vpc-abbad0d0'}]
    - +
    The resulting endpoints from the module call
    +
    +
    Sample:
    +
    [{'creation_timestamp': '2017-02-20T05:04:15+00:00', 'policy_document': {'Id': 'Policy1450910922815', 'Statement': [{'Action': 's3:*', 'Effect': 'Allow', 'Principal': '*', 'Resource': ['arn:aws:s3:::*/*', 'arn:aws:s3:::*'], 'Sid': 'Stmt1450910920641'}], 'Version': '2012-10-17'}, 'route_table_ids': ['rtb-abcd1234'], 'service_name': 'com.amazonaws.ap-southeast-2.s3', 'vpc_endpoint_id': 'vpce-a1b2c3d4', 'vpc_id': 'vpc-abbad0d0'}]
    + - +

    @@ -463,5 +480,3 @@ Authors ~~~~~~~ - Karen Cheng (@Etherdaemon) - - diff --git a/docs/community.aws.ec2_vpc_igw_info_module.rst b/docs/community.aws.ec2_vpc_igw_info_module.rst index 69140031b7f..b73e80d8792 100644 --- a/docs/community.aws.ec2_vpc_igw_info_module.rst +++ b/docs/community.aws.ec2_vpc_igw_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html for possible filters.
    +
    +
    internet_gateway_ids
    list - / elements=string
    -     		- -
    Get details of specific Internet Gateway ID. Provide this value as a list.
    -     		+ +
    Get details of specific Internet Gateway ID. Provide this value as a list.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all Internet Gateways for an account or profile @@ -266,7 +284,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -279,41 +296,41 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    True if listing the internet gateways succeeds.
    -
    -
    Sample:
    -
    false
    - +
    True if listing the internet gateways succeeds.
    +
    +
    Sample:
    +
    false
    + - - + +
    internet_gateways
    list -
    - + + always -
    The internet gateways for the account.
    -
    -
    Sample:
    -
    [{'attachments': [{'state': 'available', 'vpc_id': 'vpc-02123b67'}], 'internet_gateway_id': 'igw-2123634d', 'tags': [{'key': 'Name', 'value': 'test-vpc-20-igw'}]}]
    - +
    The internet gateways for the account.
    +
    +
    Sample:
    +
    [{'attachments': [{'state': 'available', 'vpc_id': 'vpc-02123b67'}], 'internet_gateway_id': 'igw-2123634d', 'tags': [{'key': 'Name', 'value': 'test-vpc-20-igw'}]}]
    + - +

    @@ -325,5 +342,3 @@ Authors ~~~~~~~ - Nick Aslanidis (@naslanidis) - - diff --git a/docs/community.aws.ec2_vpc_igw_module.rst b/docs/community.aws.ec2_vpc_igw_module.rst index b7ae748cba2..690f99603ec 100644 --- a/docs/community.aws.ec2_vpc_igw_module.rst +++ b/docs/community.aws.ec2_vpc_igw_module.rst @@ -37,211 +37,230 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or terminate the IGW
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or terminate the IGW
    +
    +
    tags
    dictionary -
    -     		- -
    A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
    -

    aliases: resource_tags
    -     		+ +
    A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
    +

    aliases: resource_tags
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string - / required
    -     		- -
    The VPC ID for the VPC in which to manage the Internet Gateway.
    -     		+ +
    The VPC ID for the VPC in which to manage the Internet Gateway.
    +
    +
    @@ -249,7 +268,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -260,7 +279,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Ensure that the VPC has an Internet Gateway. @@ -272,8 +290,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -286,75 +302,75 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    If any changes have been made to the Internet Gateway.
    -
    -
    Sample:
    -
    {'changed': False}
    - +
    If any changes have been made to the Internet Gateway.
    +
    +
    Sample:
    +
    {'changed': False}
    + - - + +
    gateway_id
    string -
    - + + state=present -
    The unique identifier for the Internet Gateway.
    -
    -
    Sample:
    -
    {'gateway_id': 'igw-XXXXXXXX'}
    - +
    The unique identifier for the Internet Gateway.
    +
    +
    Sample:
    +
    {'gateway_id': 'igw-XXXXXXXX'}
    + - - + +
    tags
    dictionary -
    - + + state=present -
    The tags associated the Internet Gateway.
    -
    -
    Sample:
    -
    {'tags': {'Ansible': 'Test'}}
    - +
    The tags associated the Internet Gateway.
    +
    +
    Sample:
    +
    {'tags': {'Ansible': 'Test'}}
    + - - + +
    vpc_id
    string -
    - + + state=present -
    The VPC ID associated with the Internet Gateway.
    -
    -
    Sample:
    -
    {'vpc_id': 'vpc-XXXXXXXX'}
    - +
    The VPC ID associated with the Internet Gateway.
    +
    +
    Sample:
    +
    {'vpc_id': 'vpc-XXXXXXXX'}
    + - +

    @@ -366,5 +382,3 @@ Authors ~~~~~~~ - Robert Estelle (@erydo) - - diff --git a/docs/community.aws.ec2_vpc_nacl_info_module.rst b/docs/community.aws.ec2_vpc_nacl_info_module.rst index 345affd043e..3aab5d5a7d9 100644 --- a/docs/community.aws.ec2_vpc_nacl_info_module.rst +++ b/docs/community.aws.ec2_vpc_nacl_info_module.rst @@ -37,194 +37,213 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- Default:
    {}
    -     		-
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html for possible filters. Filter names and values are case sensitive.
    -     		+ Default:
    {}
    +     		+
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html for possible filters. Filter names and values are case sensitive.
    +
    +
    nacl_ids
    list -
    -     		- Default:
    []
    -     		-
    A list of Network ACL IDs to retrieve information about.
    -

    aliases: nacl_id
    -     		+ Default:
    []
    +     		+
    A list of Network ACL IDs to retrieve information about.
    +

    aliases: nacl_id
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -233,7 +252,7 @@ Notes .. note:: - By default, the module will return all Network ACLs. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -244,7 +263,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all Network ACLs: @@ -263,7 +281,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -276,141 +293,141 @@ Common return values are documented `here Returned Description - - + +
    nacls
    complex -
    - + + success -
    Returns an array of complex objects as described below.
    -
    - +
    Returns an array of complex objects as described below.
    +
    + - -   - + +   +
    egress
    list - / elements=list
    - + / elements=list + always -
    A list of NACL egress rules with the following format.
    -
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    -
    -
    Sample:
    -
    [[100, 'all', 'allow', '0.0.0.0/0', None, None, None, None]]
    - +
    A list of NACL egress rules with the following format.
    +
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    +
    +
    Sample:
    +
    [[100, 'all', 'allow', '0.0.0.0/0', None, None, None, None]]
    + - -   - + +   +
    ingress
    list - / elements=list
    - + / elements=list + always -
    A list of NACL ingress rules with the following format.
    -
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    -
    -
    Sample:
    -
    [[100, 'tcp', 'allow', '0.0.0.0/0', None, None, 22, 22]]
    - +
    A list of NACL ingress rules with the following format.
    +
    [rule no, protocol, allow/deny, v4 or v6 cidr, icmp_type, icmp_code, port from, port to]
    +
    +
    Sample:
    +
    [[100, 'tcp', 'allow', '0.0.0.0/0', None, None, 22, 22]]
    + - -   - + +   +
    is_default
    boolean -
    - + + always -
    True if the NACL is the default for its VPC.
    -
    - +
    True if the NACL is the default for its VPC.
    +
    + - -   - + +   +
    nacl_id
    string -
    - + + always -
    The ID of the Network Access Control List.
    -
    - +
    The ID of the Network Access Control List.
    +
    + - -   - + +   +
    subnets
    list - / elements=string
    - + / elements=string + always -
    A list of subnet IDs that are associated with the NACL.
    -
    - +
    A list of subnet IDs that are associated with the NACL.
    +
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    A dict of tags associated with the NACL.
    -
    - +
    A dict of tags associated with the NACL.
    +
    + - -   - + +   +
    vpc_id
    string -
    - + + always -
    The ID of the VPC that the NACL is attached to.
    -
    - +
    The ID of the VPC that the NACL is attached to.
    +
    + - - + +

    @@ -422,5 +439,3 @@ Authors ~~~~~~~ - Brad Davidson (@brandond) - - diff --git a/docs/community.aws.ec2_vpc_nacl_module.rst b/docs/community.aws.ec2_vpc_nacl_module.rst index a3736d26ff6..da56bd5b456 100644 --- a/docs/community.aws.ec2_vpc_nacl_module.rst +++ b/docs/community.aws.ec2_vpc_nacl_module.rst @@ -38,293 +38,312 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=list + + + - - + - - + / elements=list + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    egress
    list -
    -     		- Default:
    []
    -     		-
    A list of rules for outgoing traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    -     		+ Default:
    []
    +     		+
    A list of rules for outgoing traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    +
    +
    ingress
    list -
    -     		- Default:
    []
    -     		-
    List of rules for incoming traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    -     		+ Default:
    []
    +     		+
    List of rules for incoming traffic. Each rule must be specified as a list. Each rule may contain the rule number (integer 1-32766), protocol (one of ['tcp', 'udp', 'icmp', '-1', 'all']), the rule action ('allow' or 'deny') the CIDR of the IPv4 network range to allow or deny, the ICMP type (-1 means all types), the ICMP code (-1 means all codes), the last port in the range for TCP or UDP protocols, and the first port in the range for TCP or UDP protocols. See examples.
    +
    +
    nacl_id
    string -
    -     		- -
    NACL id identifying a network ACL.
    -
    One and only one of the name or nacl_id is required.
    -     		+ +
    NACL id identifying a network ACL.
    +
    One and only one of the name or nacl_id is required.
    +
    +
    name
    string -
    -     		- -
    Tagged name identifying a network ACL.
    -
    One and only one of the name or nacl_id is required.
    -     		+ +
    Tagged name identifying a network ACL.
    +
    One and only one of the name or nacl_id is required.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Creates or modifies an existing NACL
    -
    Deletes a NACL and reassociates subnets to the default NACL
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Creates or modifies an existing NACL
    +
    Deletes a NACL and reassociates subnets to the default NACL
    +
    +
    subnets
    list -
    -     		- -
    The list of subnets that should be associated with the network ACL.
    -
    Must be specified as a list
    -
    Each subnet can be specified as subnet ID, or its tagged name.
    -     		+ +
    The list of subnets that should be associated with the network ACL.
    +
    Must be specified as a list
    +
    Each subnet can be specified as subnet ID, or its tagged name.
    +
    +
    tags
    dictionary -
    -     		- -
    Dictionary of tags to look for and apply when creating a network ACL.
    -     		+ +
    Dictionary of tags to look for and apply when creating a network ACL.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string -
    -     		- -
    VPC id of the requesting VPC.
    -
    Required when state present.
    -     		+ +
    VPC id of the requesting VPC.
    +
    Required when state present.
    +
    +
    @@ -332,7 +351,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -343,8 +362,6 @@ Examples .. code-block:: yaml+jinja - - # Complete example to create and delete a network ACL # that allows SSH, HTTP and ICMP in, and all traffic out. - name: "Create and associate production DMZ network ACL with DMZ subnets" @@ -401,7 +418,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -414,39 +430,39 @@ Common return values are documented `here Returned Description - - + +
    nacl_id
    string -
    - + + success -
    The id of the NACL (when creating or updating an ACL)
    -
    -
    Sample:
    -
    acl-123456789abcdef01
    - +
    The id of the NACL (when creating or updating an ACL)
    +
    +
    Sample:
    +
    acl-123456789abcdef01
    + - - + +
    task
    dictionary -
    - + + success -
    The result of the create, or delete action.
    -
    - +
    The result of the create, or delete action.
    +
    + - +

    @@ -458,5 +474,3 @@ Authors ~~~~~~~ - Mike Mochan (@mmochan) - - diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst index b7bd64d6cb9..bb32c7a7ffa 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html for possible filters.
    +
    +
    nat_gateway_ids
    list - / elements=string
    -     		- -
    List of specific nat gateway IDs to fetch details for.
    -     		+ +
    List of specific nat gateway IDs to fetch details for.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # Simple example of listing all nat gateways - name: List all managed nat gateways in ap-southeast-2 community.aws.ec2_vpc_nat_gateway_info: @@ -248,7 +266,7 @@ Examples register: all_ngws - name: Debugging the result - debug: + ansible.builtin.debug: msg: "{{ all_ngws.result }}" - name: Get details on specific nat gateways @@ -276,7 +294,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -289,22 +306,22 @@ Common return values are documented `here Returned Description - - + +
    result
    list -
    - + + success -
    The result of the describe, converted to ansible snake case style. See http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_nat_gateways for the response.
    -
    - +
    The result of the describe, converted to ansible snake case style. See http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#EC2.Client.describe_nat_gateways for the response.
    +
    + - +

    @@ -316,5 +333,3 @@ Authors ~~~~~~~ - Karen Cheng (@Etherdaemon) - - diff --git a/docs/community.aws.ec2_vpc_nat_gateway_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_module.rst index b94a4eb28aa..b115f2c6f43 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_module.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_module.rst @@ -37,330 +37,349 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    allocation_id
    string -
    -     		- -
    The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
    -     		+ +
    The id of the elastic IP allocation. If this is not passed and the eip_address is not passed. An EIP is generated for this NAT Gateway.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    client_token
    string -
    -     		- -
    Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
    -     		+ +
    Optional unique token to be used during create to ensure idempotency. When specifying this option, ensure you specify the eip_address parameter as well otherwise any subsequent runs will fail.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    eip_address
    string -
    -     		- -
    The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
    -     		+ +
    The elastic IP address of the EIP you want attached to this NAT Gateway. If this is not passed and the allocation_id is not passed, an EIP is generated for this NAT Gateway.
    +
    +
    if_exist_do_not_create
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    if a NAT Gateway exists already in the subnet_id, then do not create a new one.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    if a NAT Gateway exists already in the subnet_id, then do not create a new one.
    +
    +
    nat_gateway_id
    string -
    -     		- -
    The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
    -     		+ +
    The id AWS dynamically allocates to the NAT Gateway on creation. This is required when the absent option is present.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    release_eip
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Deallocate the EIP from the VPC.
    -
    Option is only valid with the absent state.
    -
    You should use this with the wait option. Since you can not release an address while a delete operation is happening.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Deallocate the EIP from the VPC.
    +
    Option is only valid with the absent state.
    +
    You should use this with the wait option. Since you can not release an address while a delete operation is happening.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Ensure NAT Gateway is present or absent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Ensure NAT Gateway is present or absent.
    +
    +
    subnet_id
    string -
    -     		- -
    The id of the subnet to create the NAT Gateway in. This is required with the present option.
    -     		+ +
    The id of the subnet to create the NAT Gateway in. This is required with the present option.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for operation to complete before returning.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for operation to complete before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    320
    -     		-
    How many seconds to wait for an operation to complete before timing out.
    -     		+ Default:
    320
    +     		+
    How many seconds to wait for an operation to complete before timing out.
    +
    +
    @@ -368,7 +387,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -379,7 +398,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create new nat gateway with client token. @@ -454,7 +472,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -467,109 +484,109 @@ Common return values are documented `here Returned Description - - + +
    create_time
    string -
    - + + In all cases. -
    The ISO 8601 date time format in UTC.
    -
    -
    Sample:
    -
    2016-03-05T05:19:20.282000+00:00'
    - +
    The ISO 8601 date time format in UTC.
    +
    +
    Sample:
    +
    2016-03-05T05:19:20.282000+00:00'
    + - - + +
    nat_gateway_addresses
    string -
    - + + In all cases. -
    List of dictionaries containing the public_ip, network_interface_id, private_ip, and allocation_id.
    -
    -
    Sample:
    -
    [{'public_ip': '52.52.52.52', 'network_interface_id': 'eni-12345', 'private_ip': '10.0.0.100', 'allocation_id': 'eipalloc-12345'}]
    - +
    List of dictionaries containing the public_ip, network_interface_id, private_ip, and allocation_id.
    +
    +
    Sample:
    +
    [{'public_ip': '52.52.52.52', 'network_interface_id': 'eni-12345', 'private_ip': '10.0.0.100', 'allocation_id': 'eipalloc-12345'}]
    + - - + +
    nat_gateway_id
    string -
    - + + In all cases. -
    id of the VPC NAT Gateway
    -
    -
    Sample:
    -
    nat-0d1e3a878585988f8
    - +
    id of the VPC NAT Gateway
    +
    +
    Sample:
    +
    nat-0d1e3a878585988f8
    + - - + +
    state
    string -
    - + + In all cases. -
    The current state of the NAT Gateway.
    -
    -
    Sample:
    -
    available
    - +
    The current state of the NAT Gateway.
    +
    +
    Sample:
    +
    available
    + - - + +
    subnet_id
    string -
    - + + In all cases. -
    id of the Subnet
    -
    -
    Sample:
    -
    subnet-12345
    - +
    id of the Subnet
    +
    +
    Sample:
    +
    subnet-12345
    + - - + +
    vpc_id
    string -
    - + + In all cases. -
    id of the VPC.
    -
    -
    Sample:
    -
    vpc-12345
    - +
    id of the VPC.
    +
    +
    Sample:
    +
    vpc-12345
    + - +

    @@ -583,5 +600,3 @@ Authors - Allen Sanabria (@linuxdynasty) - Jon Hadfield (@jonhadfield) - Karen Cheng (@Etherdaemon) - - diff --git a/docs/community.aws.ec2_vpc_peer_module.rst b/docs/community.aws.ec2_vpc_peer_module.rst index ddf59a4ce77..dd96bc3e077 100644 --- a/docs/community.aws.ec2_vpc_peer_module.rst +++ b/docs/community.aws.ec2_vpc_peer_module.rst @@ -38,272 +38,291 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    peer_owner_id
    string -
    -     		- -
    The AWS account number for cross account peering.
    -     		+ +
    The AWS account number for cross account peering.
    +
    +
    peer_region
    string -
    -     		- -
    Region of the accepting VPC.
    -     		+ +
    Region of the accepting VPC.
    +
    +
    peer_vpc_id
    string -
    -     		- -
    VPC id of the accepting VPC.
    -     		+ +
    VPC id of the accepting VPC.
    +
    +
    peering_id
    string -
    -     		- -
    Peering connection id.
    -     		+ +
    Peering connection id.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • accept
      • -
    • reject
      • -
    -     		-
    Create, delete, accept, reject a peering connection.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • accept
      • +
    • reject
      • +
    +     		+
    Create, delete, accept, reject a peering connection.
    +
    +
    tags
    dictionary -
    -     		- -
    Dictionary of tags to look for and apply when creating a Peering Connection.
    -     		+ +
    Dictionary of tags to look for and apply when creating a Peering Connection.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string -
    -     		- -
    VPC id of the requesting VPC.
    -     		+ +
    VPC id of the requesting VPC.
    +
    +
    @@ -311,7 +330,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -322,7 +341,6 @@ Examples .. code-block:: yaml+jinja - # Complete example to create and accept a local peering connection. - name: Create local account VPC peering Connection community.aws.ec2_vpc_peer: @@ -473,8 +491,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -487,22 +503,22 @@ Common return values are documented `here Returned Description - - + +
    task
    dictionary -
    - + + success -
    The result of the create, accept, reject or delete action.
    -
    - +
    The result of the create, accept, reject or delete action.
    +
    + - +

    @@ -514,5 +530,3 @@ Authors ~~~~~~~ - Mike Mochan (@mmochan) - - diff --git a/docs/community.aws.ec2_vpc_peering_info_module.rst b/docs/community.aws.ec2_vpc_peering_info_module.rst index daa5c314c37..34e69f606aa 100644 --- a/docs/community.aws.ec2_vpc_peering_info_module.rst +++ b/docs/community.aws.ec2_vpc_peering_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html for possible filters.
    +
    +
    peer_connection_ids
    list - / elements=string
    -     		- -
    List of specific VPC peer IDs to get details for.
    -     		+ +
    List of specific VPC peer IDs to get details for.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # Simple example of listing all VPC Peers - name: List all vpc peers community.aws.ec2_vpc_peering_info: @@ -248,7 +266,7 @@ Examples register: all_vpc_peers - name: Debugging the result - debug: + ansible.builtin.debug: msg: "{{ all_vpc_peers.result }}" - name: Get details on specific VPC peer @@ -268,7 +286,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -281,22 +298,22 @@ Common return values are documented `here Returned Description - - + +
    result
    list -
    - + + success -
    The result of the describe.
    -
    - +
    The result of the describe.
    +
    + - +

    @@ -308,5 +325,3 @@ Authors ~~~~~~~ - Karen Cheng (@Etherdaemon) - - diff --git a/docs/community.aws.ec2_vpc_route_table_info_module.rst b/docs/community.aws.ec2_vpc_route_table_info_module.rst index 930e72799d7..1bd7d93ee4b 100644 --- a/docs/community.aws.ec2_vpc_route_table_info_module.rst +++ b/docs/community.aws.ec2_vpc_route_table_info_module.rst @@ -36,176 +36,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html for possible filters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -213,7 +232,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -224,7 +243,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all VPC route tables @@ -248,8 +266,6 @@ Examples - - Status ------ @@ -258,5 +274,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.ec2_vpc_route_table_module.rst b/docs/community.aws.ec2_vpc_route_table_module.rst index 3891bd4803a..db7ed4ce224 100644 --- a/docs/community.aws.ec2_vpc_route_table_module.rst +++ b/docs/community.aws.ec2_vpc_route_table_module.rst @@ -35,350 +35,369 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    lookup
    string -
    -     		-
      Choices: -
    • tag ←
      • -
    • id
      • -
    -     		-
    Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
    -     		+
      Choices: +
    • tag ←
      • +
    • id
      • +
    +     		+
    Look up route table by either tags or by route table ID. Non-unique tag lookup will fail. If no tags are specified then no lookup for an existing route table is performed and a new route table will be created. To change tags of a route table you must look up by id.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    propagating_vgw_ids
    list - / elements=string
    -     		- -
    Enable route propagation from virtual gateways specified by ID.
    -     		+ +
    Enable route propagation from virtual gateways specified by ID.
    +
    +
    purge_routes
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Purge existing routes that are not found in routes.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Purge existing routes that are not found in routes.
    +
    +
    purge_subnets
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    - Default:
    "true"
    -     		-
    Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    + Default:
    "true"
    +     		+
    Purge existing subnets that are not found in subnets. Ignored unless the subnets option is supplied.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing tags that are not found in route table.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing tags that are not found in route table.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    route_table_id
    string -
    -     		- -
    The ID of the route table to update or delete.
    -
    Required when lookup=id.
    -     		+ +
    The ID of the route table to update or delete.
    +
    Required when lookup=id.
    +
    +
    routes
    list - / elements=dictionary
    -     		- -
    List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
    -     		+ +
    List of routes in the route table. Routes are specified as dicts containing the keys 'dest' and one of 'gateway_id', 'instance_id', 'network_interface_id', or 'vpc_peering_connection_id'. If 'gateway_id' is specified, you can refer to the VPC's IGW by using the value 'igw'. Routes are required for present states.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or destroy the VPC route table.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or destroy the VPC route table.
    +
    +
    subnets
    list - / elements=string
    -     		- -
    An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
    -     		+ +
    An array of subnets to add to this route table. Subnets may be specified by either subnet ID, Name tag, or by a CIDR such as '10.0.0.0/24'.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.
    -

    aliases: resource_tags
    -     		+ +
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }. Tags are used to uniquely identify route tables within a VPC when the route_table_id is not supplied.
    +

    aliases: resource_tags
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string -
    -     		- -
    VPC ID of the VPC in which to create the route table.
    -
    Required when state=present or lookup=tag.
    -
    + + + + + +
    VPC ID of the VPC in which to create the route table.
    +
    Required when state=present or lookup=tag.
    + + +
    @@ -386,7 +405,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -397,7 +416,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic creation example: @@ -441,7 +459,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -454,352 +471,352 @@ Common return values are documented `here Returned Description - - + +
    route_table
    complex -
    - + + always -
    Route Table result
    -
    - +
    Route Table result
    +
    + - -   - + +   +
    associations
    complex -
    - + + always -
    List of subnets associated with the route table
    -
    - +
    List of subnets associated with the route table
    +
    + - -   -   - + +   +   +
    main
    boolean -
    - + + always -
    Whether this is the main route table
    -
    - - - -   -   - +
    Whether this is the main route table
    +
    + + + +   +   +
    route_table_association_id
    string -
    - + + always -
    ID of association between route table and subnet
    -
    -
    Sample:
    -
    rtbassoc-ab47cfc3
    - - - -   -   - +
    ID of association between route table and subnet
    +
    +
    Sample:
    +
    rtbassoc-ab47cfc3
    + + + +   +   +
    route_table_id
    string -
    - + + always -
    ID of the route table
    -
    -
    Sample:
    -
    rtb-bf779ed7
    - - - -   -   - +
    ID of the route table
    +
    +
    Sample:
    +
    rtb-bf779ed7
    + + + +   +   +
    subnet_id
    string -
    - + + always -
    ID of the subnet
    -
    -
    Sample:
    -
    subnet-82055af9
    - +
    ID of the subnet
    +
    +
    Sample:
    +
    subnet-82055af9
    + - - -   - + + +   +
    id
    string -
    - + + always -
    ID of the route table (same as route_table_id for backwards compatibility)
    -
    -
    Sample:
    -
    rtb-bf779ed7
    - - - -   - +
    ID of the route table (same as route_table_id for backwards compatibility)
    +
    +
    Sample:
    +
    rtb-bf779ed7
    + + + +   +
    propagating_vgws
    list -
    - + + always -
    List of Virtual Private Gateways propagating routes
    -
    - +
    List of Virtual Private Gateways propagating routes
    +
    + - -   - + +   +
    route_table_id
    string -
    - + + always -
    ID of the route table
    -
    -
    Sample:
    -
    rtb-bf779ed7
    - - - -   - +
    ID of the route table
    +
    +
    Sample:
    +
    rtb-bf779ed7
    + + + +   +
    routes
    complex -
    - + + always -
    List of routes in the route table
    -
    - +
    List of routes in the route table
    +
    + - -   -   - + +   +   +
    destination_cidr_block
    string -
    - + + always -
    CIDR block of destination
    -
    -
    Sample:
    -
    10.228.228.0/22
    - - - -   -   - +
    CIDR block of destination
    +
    +
    Sample:
    +
    10.228.228.0/22
    + + + +   +   +
    gateway_id
    string -
    - + + when gateway is local or internet gateway -
    ID of the gateway
    -
    -
    Sample:
    -
    local
    - - - -   -   - +
    ID of the gateway
    +
    +
    Sample:
    +
    local
    + + + +   +   +
    instance_id
    string -
    - + + when the route is via an EC2 instance -
    ID of a NAT instance
    -
    -
    Sample:
    -
    i-abcd123456789
    - - - -   -   - +
    ID of a NAT instance
    +
    +
    Sample:
    +
    i-abcd123456789
    + + + +   +   +
    instance_owner_id
    string -
    - + + when the route is via an EC2 instance -
    AWS account owning the NAT instance
    -
    -
    Sample:
    -
    123456789012
    - - - -   -   - +
    AWS account owning the NAT instance
    +
    +
    Sample:
    +
    123456789012
    + + + +   +   +
    nat_gateway_id
    string -
    - + + when the route is via a NAT gateway -
    ID of the NAT gateway
    -
    -
    Sample:
    -
    local
    - - - -   -   - +
    ID of the NAT gateway
    +
    +
    Sample:
    +
    local
    + + + +   +   +
    origin
    string -
    - + + always -
    mechanism through which the route is in the table
    -
    -
    Sample:
    -
    CreateRouteTable
    - - - -   -   - +
    mechanism through which the route is in the table
    +
    +
    Sample:
    +
    CreateRouteTable
    + + + +   +   +
    state
    string -
    - + + always -
    state of the route
    -
    -
    Sample:
    -
    active
    - +
    state of the route
    +
    +
    Sample:
    +
    active
    + - - -   - + + +   +
    tags
    dictionary -
    - + + always -
    Tags applied to the route table
    -
    -
    Sample:
    -
    {'Name': 'Public route table', 'Public': 'true'}
    - - - -   - +
    Tags applied to the route table
    +
    +
    Sample:
    +
    {'Name': 'Public route table', 'Public': 'true'}
    + + + +   +
    vpc_id
    string -
    - + + always -
    ID for the VPC in which the route lives
    -
    -
    Sample:
    -
    vpc-6e2d2407
    - +
    ID for the VPC in which the route lives
    +
    +
    Sample:
    +
    vpc-6e2d2407
    + - - + +

    @@ -813,5 +830,3 @@ Authors - Robert Estelle (@erydo) - Rob White (@wimnat) - Will Thames (@willthames) - - diff --git a/docs/community.aws.ec2_vpc_vgw_info_module.rst b/docs/community.aws.ec2_vpc_vgw_info_module.rst index 8b2816e8bf0..a2c494ea25c 100644 --- a/docs/community.aws.ec2_vpc_vgw_info_module.rst +++ b/docs/community.aws.ec2_vpc_vgw_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html for possible filters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpn_gateway_ids
    list - / elements=string
    -     		- -
    Get details of a specific Virtual Gateway ID. This value should be provided as a list.
    -     		+ +
    Get details of a specific Virtual Gateway ID. This value should be provided as a list.
    +
    +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all virtual gateways for an account or profile @@ -266,7 +284,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -279,41 +296,41 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    True if listing the virtual gateways succeeds.
    -
    -
    Sample:
    -
    false
    - +
    True if listing the virtual gateways succeeds.
    +
    +
    Sample:
    +
    false
    + - - + +
    virtual_gateways
    list -
    - + + always -
    The virtual gateways for the account.
    -
    -
    Sample:
    -
    [{'state': 'available', 'tags': [{'key': 'Name', 'value': 'TEST-VGW'}], 'type': 'ipsec.1', 'vpc_attachments': [{'state': 'attached', 'vpc_id': 'vpc-22a93c74'}], 'vpn_gateway_id': 'vgw-23e3d64e'}]
    - +
    The virtual gateways for the account.
    +
    +
    Sample:
    +
    [{'state': 'available', 'tags': [{'key': 'Name', 'value': 'TEST-VGW'}], 'type': 'ipsec.1', 'vpc_attachments': [{'state': 'attached', 'vpc_id': 'vpc-22a93c74'}], 'vpn_gateway_id': 'vgw-23e3d64e'}]
    + - +

    @@ -325,5 +342,3 @@ Authors ~~~~~~~ - Nick Aslanidis (@naslanidis) - - diff --git a/docs/community.aws.ec2_vpc_vgw_module.rst b/docs/community.aws.ec2_vpc_vgw_module.rst index 3dd97370a37..6a1ee4fb25c 100644 --- a/docs/community.aws.ec2_vpc_vgw_module.rst +++ b/docs/community.aws.ec2_vpc_vgw_module.rst @@ -39,291 +39,310 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    asn
    integer -
    -     		- -
    the BGP ASN of the amazon side
    -     		+ +
    the BGP ASN of the amazon side
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string -
    -     		- -
    name of the vgw to be created or deleted
    -     		+ +
    name of the vgw to be created or deleted
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    present to ensure resource is created.
    -
    absent to remove resource
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    present to ensure resource is created.
    +
    absent to remove resource
    +
    +
    tags
    dictionary -
    -     		- -
    dictionary of resource tags
    -

    aliases: resource_tags
    -     		+ +
    dictionary of resource tags
    +

    aliases: resource_tags
    +
    +
    type
    string -
    -     		-
      Choices: -
    • ipsec.1 ←
      • -
    -     		-
    type of the virtual gateway to be created
    -     		+
      Choices: +
    • ipsec.1 ←
      • +
    +     		+
    type of the virtual gateway to be created
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string -
    -     		- -
    the vpc-id of a vpc to attach or detach
    -     		+ +
    the vpc-id of a vpc to attach or detach
    +
    +
    vpn_gateway_id
    string -
    -     		- -
    vpn gateway id of an existing virtual gateway
    -     		+ +
    vpn gateway id of an existing virtual gateway
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    320
    -     		-
    number of seconds to wait for status during vpc attach and detach
    -     		+ Default:
    320
    +     		+
    number of seconds to wait for status during vpc attach and detach
    +
    +
    @@ -331,7 +350,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -342,7 +361,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a new vgw attached to a specific VPC community.aws.ec2_vpc_vgw: state: present @@ -384,7 +402,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -397,22 +414,22 @@ Common return values are documented `here Returned Description - - + +
    result
    dictionary -
    - + + success -
    The result of the create, or delete action.
    -
    - +
    The result of the create, or delete action.
    +
    + - +

    @@ -424,5 +441,3 @@ Authors ~~~~~~~ - Nick Aslanidis (@naslanidis) - - diff --git a/docs/community.aws.ec2_vpc_vpn_info_module.rst b/docs/community.aws.ec2_vpc_vpn_info_module.rst index e59d33d8134..b9a88856f97 100644 --- a/docs/community.aws.ec2_vpc_vpn_info_module.rst +++ b/docs/community.aws.ec2_vpc_vpn_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html for possible filters.
    -     		+ +
    A dict of filters to apply. Each dict item consists of a filter key and a filter value. See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html for possible filters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpn_connection_ids
    list - / elements=string
    -     		- -
    Get details of a specific VPN connections using vpn connection ID/IDs. This value should be provided as a list.
    -
    + / elements=string + + + + +
    Get details of a specific VPN connections using vpn connection ID/IDs. This value should be provided as a list.
    + + +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all vpn connections community.aws.ec2_vpc_vpn_info: @@ -259,7 +277,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -272,367 +289,367 @@ Common return values are documented `here Returned Description - - + +
    vpn_connections
    complex -
    - + + always -
    List of one or more VPN Connections.
    -
    - +
    List of one or more VPN Connections.
    +
    + - -   - + +   +
    category
    string -
    - + + always -
    The category of the VPN connection.
    -
    -
    Sample:
    -
    VPN
    - +
    The category of the VPN connection.
    +
    +
    Sample:
    +
    VPN
    + - -   - + +   +
    customer_gateway_id
    string -
    - + + always -
    The ID of the customer gateway at your end of the VPN connection.
    -
    -
    Sample:
    -
    cgw-17a53c37
    - +
    The ID of the customer gateway at your end of the VPN connection.
    +
    +
    Sample:
    +
    cgw-17a53c37
    + - -   - + +   +
    customer_gatway_configuration
    string -
    - + + always -
    The configuration information for the VPN connection's customer gateway (in the native XML format).
    -
    - +
    The configuration information for the VPN connection's customer gateway (in the native XML format).
    +
    + - -   - + +   +
    options
    dictionary -
    - + + always -
    The VPN connection options.
    -
    -
    Sample:
    -
    {'static_routes_only': False}
    - +
    The VPN connection options.
    +
    +
    Sample:
    +
    {'static_routes_only': False}
    + - -   - + +   +
    routes
    complex -
    - + + always -
    List of static routes associated with the VPN connection.
    -
    - +
    List of static routes associated with the VPN connection.
    +
    + - -   -   - + +   +   +
    destination_cidr_block
    string -
    - + + always -
    The CIDR block associated with the local subnet of the customer data center.
    -
    -
    Sample:
    -
    10.0.0.0/16
    - +
    The CIDR block associated with the local subnet of the customer data center.
    +
    +
    Sample:
    +
    10.0.0.0/16
    + - -   -   - + +   +   +
    state
    string -
    - + + always -
    The current state of the static route.
    -
    -
    Sample:
    -
    available
    - +
    The current state of the static route.
    +
    +
    Sample:
    +
    available
    + - - -   - + + +   +
    state
    string -
    - + + always -
    The current state of the VPN connection.
    -
    -
    Sample:
    -
    available
    - +
    The current state of the VPN connection.
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    Any tags assigned to the VPN connection.
    -
    -
    Sample:
    -
    {'Name': 'test-conn'}
    - +
    Any tags assigned to the VPN connection.
    +
    +
    Sample:
    +
    {'Name': 'test-conn'}
    + - -   - + +   +
    type
    string -
    - + + always -
    The type of VPN connection.
    -
    -
    Sample:
    -
    ipsec.1
    - +
    The type of VPN connection.
    +
    +
    Sample:
    +
    ipsec.1
    + - -   - + +   +
    vgw_telemetry
    complex -
    - + + always -
    Information about the VPN tunnel.
    -
    - +
    Information about the VPN tunnel.
    +
    + - -   -   - + +   +   +
    accepted_route_count
    integer -
    - + + always -
    The number of accepted routes.
    -
    - +
    The number of accepted routes.
    +
    + - -   -   - + +   +   +
    certificate_arn
    string -
    - + + when a private certificate is used for authentication -
    The Amazon Resource Name of the virtual private gateway tunnel endpoint certificate.
    -
    -
    Sample:
    -
    arn:aws:acm:us-east-1:123456789101:certificate/c544d8ce-20b8-4fff-98b0-example
    - +
    The Amazon Resource Name of the virtual private gateway tunnel endpoint certificate.
    +
    +
    Sample:
    +
    arn:aws:acm:us-east-1:123456789101:certificate/c544d8ce-20b8-4fff-98b0-example
    + - -   -   - + +   +   +
    last_status_change
    string -
    - + + always -
    The date and time of the last change in status.
    -
    -
    Sample:
    -
    2018-02-09T14:35:27+00:00
    - +
    The date and time of the last change in status.
    +
    +
    Sample:
    +
    2018-02-09T14:35:27+00:00
    + - -   -   - + +   +   +
    outside_ip_address
    string -
    - + + always -
    The Internet-routable IP address of the virtual private gateway's outside interface.
    -
    -
    Sample:
    -
    13.127.79.191
    - +
    The Internet-routable IP address of the virtual private gateway's outside interface.
    +
    +
    Sample:
    +
    13.127.79.191
    + - -   -   - + +   +   +
    status
    string -
    - + + always -
    The status of the VPN tunnel.
    -
    -
    Sample:
    -
    DOWN
    - +
    The status of the VPN tunnel.
    +
    +
    Sample:
    +
    DOWN
    + - -   -   - + +   +   +
    status_message
    string -
    - + + always -
    If an error occurs, a description of the error.
    -
    -
    Sample:
    -
    IPSEC IS DOWN
    - +
    If an error occurs, a description of the error.
    +
    +
    Sample:
    +
    IPSEC IS DOWN
    + - - -   - + + +   +
    vpn_connection_id
    string -
    - + + always -
    The ID of the VPN connection.
    -
    -
    Sample:
    -
    vpn-f700d5c0
    - +
    The ID of the VPN connection.
    +
    +
    Sample:
    +
    vpn-f700d5c0
    + - -   - + +   +
    vpn_gateway_id
    string -
    - + + always -
    The ID of the virtual private gateway at the AWS side of the VPN connection.
    -
    -
    Sample:
    -
    vgw-cbe56bfb
    - +
    The ID of the virtual private gateway at the AWS side of the VPN connection.
    +
    +
    Sample:
    +
    vgw-cbe56bfb
    + - - + +

    @@ -644,5 +661,3 @@ Authors ~~~~~~~ - Madhura Naniwadekar (@Madhura-CSI) - - diff --git a/docs/community.aws.ec2_vpc_vpn_module.rst b/docs/community.aws.ec2_vpc_vpn_module.rst index 31231c55f35..cd75eaf264b 100644 --- a/docs/community.aws.ec2_vpc_vpn_module.rst +++ b/docs/community.aws.ec2_vpc_vpn_module.rst @@ -37,585 +37,604 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    connection_type
    string -
    -     		- Default:
    "ipsec.1"
    -     		-
    The type of VPN connection.
    -
    At this time only 'ipsec.1' is supported.
    -     		+ Default:
    "ipsec.1"
    +     		+
    The type of VPN connection.
    +
    At this time only 'ipsec.1' is supported.
    +
    +
    customer_gateway_id
    string -
    -     		- -
    The ID of the customer gateway.
    -     		+ +
    The ID of the customer gateway.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delay
    integer -
    -     		- Default:
    15
    -     		-
    The time to wait before checking operation again. in seconds.
    -     		+ Default:
    15
    +     		+
    The time to wait before checking operation again. in seconds.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
    -
    + + + +
    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
    +
    bgp
    - -
    -     		- -
    The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
    -     		+ +
    The BGP ASN number associated with a BGP device. Only works if the connection is attached. This filtering option is currently not working.
    +
    +
    cgw
    - -
    -     		- -
    The customer gateway id as a string or a list of those strings.
    -     		+ +
    The customer gateway id as a string or a list of those strings.
    +
    +
    cgw-config
    - -
    -     		- -
    The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
    -     		+ +
    The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings.
    +
    +
    cidr
    - -
    -     		- -
    The destination cidr of the VPN's route as a string or a list of those strings.
    -     		+ +
    The destination cidr of the VPN's route as a string or a list of those strings.
    +
    +
    static-routes-only
    - -
    -     		- -
    The type of routing; true or false.
    -     		+ +
    The type of routing; true or false.
    +
    +
    tag-keys
    - -
    -     		- -
    The key of a tag as a string or a list of those strings.
    -     		+ +
    The key of a tag as a string or a list of those strings.
    +
    +
    tag-values
    - -
    -     		- -
    The value of a tag as a string or a list of those strings.
    -     		+ +
    The value of a tag as a string or a list of those strings.
    +
    +
    tags
    - -
    -     		- -
    A dict of key value pairs.
    -     		+ +
    A dict of key value pairs.
    +
    +
    vgw
    - -
    -     		- -
    The virtual private gateway as a string or a list of those strings.
    -     		+ +
    The virtual private gateway as a string or a list of those strings.
    +
    +
    vpn
    - -
    -     		- -
    The VPN connection id as a string or a list of those strings.
    -
    + + + +
    The VPN connection id as a string or a list of those strings.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_routes
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to delete VPN connections routes that are not specified in the task.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to delete VPN connections routes that are not specified in the task.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to delete VPN connections tags that are associated with the connection but not specified in the task.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    routes
    list - / elements=string
    -     		- -
    Routes to add to the connection.
    -     		+ +
    Routes to add to the connection.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    The desired state of the VPN connection.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    The desired state of the VPN connection.
    +
    +
    static_only
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
    +
    +
    tags
    dictionary -
    -     		- -
    Tags to attach to the VPN connection.
    -     		+ +
    Tags to attach to the VPN connection.
    +
    +
    tunnel_options
    list - / elements=dictionary
    -     		- -
    An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
    -
    + / elements=dictionary + + +
    An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
    +
    PreSharedKey
    string -
    -     		- -
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
    -     		+ +
    The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.
    +
    +
    TunnelInsideCidr
    string -
    -     		- -
    The range of inside IP addresses for the tunnel.
    -
    + + + +
    The range of inside IP addresses for the tunnel.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpn_connection_id
    string -
    -     		- -
    The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
    -     		+ +
    The ID of the VPN connection. Required to modify or delete a connection if the filters option does not provide a unique match.
    +
    +
    vpn_gateway_id
    string -
    -     		- -
    The ID of the virtual private gateway.
    -     		+ +
    The ID of the virtual private gateway.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    600
    -     		-
    How long before wait gives up, in seconds.
    -
    + + + + Default:
    600
    + + +
    How long before wait gives up, in seconds.
    + + +
    @@ -623,7 +642,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -634,7 +653,6 @@ Examples .. code-block:: yaml+jinja - # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -708,7 +726,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -721,209 +738,209 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    If the VPN connection has changed.
    -
    -
    Sample:
    -
    {'changed': True}
    - - - - +
    If the VPN connection has changed.
    +
    +
    Sample:
    +
    {'changed': True}
    + + + +
    customer_gateway_configuration
    string -
    - + + state=present -
    The configuration of the VPN connection.
    -
    - +
    The configuration of the VPN connection.
    +
    + - - + +
    customer_gateway_id
    string -
    - + + state=present -
    The customer gateway connected via the connection.
    -
    -
    Sample:
    -
    {'customer_gateway_id': 'cgw-1220c87b'}
    - - - - +
    The customer gateway connected via the connection.
    +
    +
    Sample:
    +
    {'customer_gateway_id': 'cgw-1220c87b'}
    + + + +
    options
    complex -
    - + + state=present -
    The VPN connection options (currently only containing static_routes_only).
    -
    - +
    The VPN connection options (currently only containing static_routes_only).
    +
    + - -   - + +   +
    static_routes_only
    string -
    - + + state=present -
    If the VPN connection only allows static routes.
    -
    -
    Sample:
    -
    {'static_routes_only': True}
    - +
    If the VPN connection only allows static routes.
    +
    +
    Sample:
    +
    {'static_routes_only': True}
    + - - - + + +
    routes
    list -
    - + + state=present -
    The routes of the VPN connection.
    -
    -
    Sample:
    -
    {'routes': [{'destination_cidr_block': '192.168.1.0/24', 'state': 'available'}]}
    - - - - +
    The routes of the VPN connection.
    +
    +
    Sample:
    +
    {'routes': [{'destination_cidr_block': '192.168.1.0/24', 'state': 'available'}]}
    + + + +
    state
    string -
    - + + state=present -
    The status of the VPN connection.
    -
    -
    Sample:
    -
    {'state': 'available'}
    - - - - +
    The status of the VPN connection.
    +
    +
    Sample:
    +
    {'state': 'available'}
    + + + +
    tags
    dictionary -
    - + + state=present -
    The tags associated with the connection.
    -
    -
    Sample:
    -
    {'tags': {'name': 'ansible-test', 'other': 'tag'}}
    - - - - +
    The tags associated with the connection.
    +
    +
    Sample:
    +
    {'tags': {'name': 'ansible-test', 'other': 'tag'}}
    + + + +
    type
    string -
    - + + state=present -
    The type of VPN connection (currently only ipsec.1 is available).
    -
    -
    Sample:
    -
    {'type': 'ipsec.1'}
    - - - - +
    The type of VPN connection (currently only ipsec.1 is available).
    +
    +
    Sample:
    +
    {'type': 'ipsec.1'}
    + + + +
    vgw_telemetry
    list -
    - + + state=present -
    The telemetry for the VPN tunnel.
    -
    -
    Sample:
    -
    {'vgw_telemetry': [{'outside_ip_address': 'string', 'status': 'up', 'last_status_change': 'datetime(2015, 1, 1)', 'status_message': 'string', 'accepted_route_count': 123}]}
    - - - - +
    The telemetry for the VPN tunnel.
    +
    +
    Sample:
    +
    {'vgw_telemetry': [{'outside_ip_address': 'string', 'status': 'up', 'last_status_change': 'datetime(2015, 1, 1)', 'status_message': 'string', 'accepted_route_count': 123}]}
    + + + +
    vpn_connection_id
    string -
    - + + state=present -
    The identifier for the VPN connection.
    -
    -
    Sample:
    -
    {'vpn_connection_id': 'vpn-781e0e19'}
    - - - - +
    The identifier for the VPN connection.
    +
    +
    Sample:
    +
    {'vpn_connection_id': 'vpn-781e0e19'}
    + + + +
    vpn_gateway_id
    string -
    - + + state=present -
    The virtual private gateway connected via the connection.
    -
    -
    Sample:
    -
    {'vpn_gateway_id': 'vgw-cb0ae2a2'}
    - +
    The virtual private gateway connected via the connection.
    +
    +
    Sample:
    +
    {'vpn_gateway_id': 'vgw-cb0ae2a2'}
    + - +

    @@ -935,5 +952,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.ec2_win_password_module.rst b/docs/community.aws.ec2_win_password_module.rst index 92888f50c03..dbb14cb625c 100644 --- a/docs/community.aws.ec2_win_password_module.rst +++ b/docs/community.aws.ec2_win_password_module.rst @@ -37,258 +37,277 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    instance_id
    string - / required
    -     		- -
    The instance id to get the password data from.
    -     		+ +
    The instance id to get the password data from.
    +
    +
    key_data
    string -
    -     		- -
    The private key (usually stored in vault).
    -
    Conflicts with key_file,
    -     		+ +
    The private key (usually stored in vault).
    +
    Conflicts with key_file,
    +
    +
    key_file
    path -
    -     		- -
    Path to the file containing the key pair used on the instance.
    -
    Conflicts with key_data.
    -     		+ +
    Path to the file containing the key pair used on the instance.
    +
    Conflicts with key_data.
    +
    +
    key_passphrase
    string -
    -     		- -
    The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) openssl rsa -in current_key -out new_key -des3.
    -     		+ +
    The passphrase for the instance key pair. The key must use DES or 3DES encryption for this module to decrypt it. You can use openssl to convert your password protected keys if they do not use DES or 3DES. ex) openssl rsa -in current_key -out new_key -des3.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the password to be available before returning.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the password to be available before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    120
    -     		-
    Number of seconds to wait before giving up.
    -     		+ Default:
    120
    +     		+
    Number of seconds to wait before giving up.
    +
    +
    @@ -297,7 +316,7 @@ Notes .. note:: - As of Ansible 2.4, this module requires the python cryptography module rather than the older pycrypto module. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -308,7 +327,6 @@ Examples .. code-block:: yaml+jinja - # Example of getting a password - name: get the Administrator password community.aws.ec2_win_password: @@ -347,7 +365,6 @@ Examples - Status ------ @@ -356,5 +373,3 @@ Authors ~~~~~~~ - Rick Mendes (@rickmendes) - - diff --git a/docs/community.aws.ecs_attribute_module.rst b/docs/community.aws.ecs_attribute_module.rst index e45d1584b8a..c0bf8c0b3ba 100644 --- a/docs/community.aws.ecs_attribute_module.rst +++ b/docs/community.aws.ecs_attribute_module.rst @@ -37,258 +37,277 @@ Parameters .. raw:: html - + - + - - + - - + / elements=dictionary / required + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    attributes
    list - / elements=dictionary / required
    -     		- -
    List of attributes.
    -     		+ +
    List of attributes.
    +
    +
    name
    string - / required
    -     		- -
    The name of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, and periods are allowed.
    -     		+ +
    The name of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, and periods are allowed.
    +
    +
    value
    string -
    -     		- -
    The value of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, periods, at signs (@), forward slashes, colons, and spaces are allowed.
    -     		+ +
    The value of the attribute. Up to 128 letters (uppercase and lowercase), numbers, hyphens, underscores, periods, at signs (@), forward slashes, colons, and spaces are allowed.
    +
    + +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cluster
    string - / required
    -     		- -
    The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
    -     		+ +
    The short name or full Amazon Resource Name (ARN) of the cluster that contains the resource to apply attributes.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_instance_id
    string - / required
    -     		- -
    EC2 instance ID of ECS cluster container instance.
    -     		+ +
    EC2 instance ID of ECS cluster container instance.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    The desired state of the attributes.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    The desired state of the attributes.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -296,7 +315,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -307,7 +326,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Set attributes @@ -332,7 +350,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -345,106 +362,106 @@ Common return values are documented `here Returned Description - - + +
    attributes
    complex -
    - + + always -
    attributes
    -
    - +
    attributes
    +
    + - -   - + +   +
    attributes
    list - / elements=dictionary
    - + / elements=dictionary + -
    list of attributes
    -
    - +
    list of attributes
    +
    + - -   -   - + +   +   +
    name
    string -
    - + + -
    name of the attribute
    -
    - +
    name of the attribute
    +
    + - -   -   - + +   +   +
    value
    string -
    - + + if present -
    value of the attribute
    -
    - +
    value of the attribute
    +
    + - - -   - + + +   +
    cluster
    string -
    - + + -
    cluster name
    -
    - +
    cluster name
    +
    + - -   - + +   +
    ec2_instance_id
    string -
    - + + -
    ec2 instance id of ecs container instance
    -
    - +
    ec2 instance id of ecs container instance
    +
    + - - + +

    @@ -456,5 +473,3 @@ Authors ~~~~~~~ - Andrej Svenke (@anryko) - - diff --git a/docs/community.aws.ecs_cluster_module.rst b/docs/community.aws.ecs_cluster_module.rst index f8bffee55ac..c7cc3c9baf4 100644 --- a/docs/community.aws.ecs_cluster_module.rst +++ b/docs/community.aws.ecs_cluster_module.rst @@ -36,228 +36,247 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delay
    integer -
    -     		- Default:
    10
    -     		-
    Number of seconds to wait.
    -     		+ Default:
    10
    +     		+
    Number of seconds to wait.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The cluster name.
    -     		+ +
    The cluster name.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    repeat
    integer -
    -     		- Default:
    10
    -     		-
    The number of times to wait for the cluster to have an instance.
    -     		+ Default:
    10
    +     		+
    The number of times to wait for the cluster to have an instance.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • has_instances
      • -
    -     		-
    The desired state of the cluster.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • has_instances
      • +
    +     		+
    The desired state of the cluster.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -267,7 +286,7 @@ Notes .. note:: - When deleting a cluster, the information returned is the state of the cluster prior to deletion. - It will also wait for a cluster to have instances registered to it. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -278,7 +297,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Cluster creation @@ -301,8 +319,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -315,118 +331,118 @@ Common return values are documented `here Returned Description - - + +
    activeServicesCount
    integer -
    - + + 0 if a new cluster -
    how many services are active in this cluster
    -
    - +
    how many services are active in this cluster
    +
    + - - + +
    clusterArn
    string -
    - + + 0 if a new cluster -
    the ARN of the cluster just created
    -
    -
    Sample:
    -
    arn:aws:ecs:us-west-2:172139249013:cluster/test-cluster-mfshcdok
    - +
    the ARN of the cluster just created
    +
    +
    Sample:
    +
    arn:aws:ecs:us-west-2:172139249013:cluster/test-cluster-mfshcdok
    + - - + +
    clusterName
    string -
    - + + always -
    name of the cluster just created (should match the input argument)
    -
    -
    Sample:
    -
    test-cluster-mfshcdok
    - +
    name of the cluster just created (should match the input argument)
    +
    +
    Sample:
    +
    test-cluster-mfshcdok
    + - - + +
    pendingTasksCount
    integer -
    - + + 0 if a new cluster -
    how many tasks are waiting to run in this cluster
    -
    - +
    how many tasks are waiting to run in this cluster
    +
    + - - + +
    registeredContainerInstancesCount
    integer -
    - + + 0 if a new cluster -
    how many container instances are available in this cluster
    -
    - +
    how many container instances are available in this cluster
    +
    + - - + +
    runningTasksCount
    integer -
    - + + 0 if a new cluster -
    how many tasks are running in this cluster
    -
    - +
    how many tasks are running in this cluster
    +
    + - - + +
    status
    string -
    - + + always -
    the status of the new cluster
    -
    -
    Sample:
    -
    ACTIVE
    - +
    the status of the new cluster
    +
    +
    Sample:
    +
    ACTIVE
    + - +

    @@ -438,5 +454,3 @@ Authors ~~~~~~~ - Mark Chance (@Java1Guy) - - diff --git a/docs/community.aws.ecs_ecr_module.rst b/docs/community.aws.ecs_ecr_module.rst index 39ccb8ec31c..b3ca43aa53a 100644 --- a/docs/community.aws.ecs_ecr_module.rst +++ b/docs/community.aws.ecs_ecr_module.rst @@ -36,319 +36,338 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    force_set_policy
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If force_set_policy=false, it prevents setting a policy that would prevent you from setting another policy in the future.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If force_set_policy=false, it prevents setting a policy that would prevent you from setting another policy in the future.
    +
    +
    image_tag_mutability
    string -
    -     		-
      Choices: -
    • mutable ←
      • -
    • immutable
      • -
    -     		-
    Configure whether repository should be mutable (ie. an already existing tag can be overwritten) or not.
    -     		+
      Choices: +
    • mutable ←
      • +
    • immutable
      • +
    +     		+
    Configure whether repository should be mutable (ie. an already existing tag can be overwritten) or not.
    +
    +
    lifecycle_policy
    json -
    -     		- -
    JSON or dict that represents the new lifecycle policy
    -     		+ +
    JSON or dict that represents the new lifecycle policy
    +
    +
    name
    string - / required
    -     		- -
    The name of the repository.
    -     		+ +
    The name of the repository.
    +
    +
    policy
    json -
    -     		- -
    JSON or dict that represents the new policy.
    -     		+ +
    JSON or dict that represents the new policy.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_lifecycle_policy
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    if yes, remove the lifecycle policy from the repository
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    if yes, remove the lifecycle policy from the repository
    +
    +
    purge_policy
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If yes, remove the policy from the repository.
    -
    Alias delete_policy has been deprecated and will be removed after 2022-06-01.
    -

    aliases: delete_policy
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If yes, remove the policy from the repository.
    +
    Alias delete_policy has been deprecated and will be removed after 2022-06-01.
    +

    aliases: delete_policy
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    registry_id
    string -
    -     		- -
    AWS account id associated with the registry.
    -
    If not specified, the default registry is assumed.
    -     		+ +
    AWS account id associated with the registry.
    +
    If not specified, the default registry is assumed.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or destroy the repository.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or destroy the repository.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -356,7 +375,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -367,7 +386,6 @@ Examples .. code-block:: yaml+jinja - # If the repository does not exist, it is created. If it does exist, would not # affect any policies already on it. - name: ecr-repo @@ -436,7 +454,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -449,69 +466,69 @@ Common return values are documented `here Returned Description - - + +
    created
    boolean -
    - + + always -
    If true, the repository was created
    -
    - +
    If true, the repository was created
    +
    + - - + +
    name
    string -
    - + + when state == 'absent' -
    The name of the repository
    -
    - +
    The name of the repository
    +
    + - - + +
    repository
    dictionary -
    - + + when state == 'present' -
    The created or updated repository
    -
    -
    Sample:
    -
    {'createdAt': '2017-01-17T08:41:32-06:00', 'registryId': '999999999999', 'repositoryArn': 'arn:aws:ecr:us-east-1:999999999999:repository/ecr-test-1484664090', 'repositoryName': 'ecr-test-1484664090', 'repositoryUri': '999999999999.dkr.ecr.us-east-1.amazonaws.com/ecr-test-1484664090'}
    - +
    The created or updated repository
    +
    +
    Sample:
    +
    {'createdAt': '2017-01-17T08:41:32-06:00', 'registryId': '999999999999', 'repositoryArn': 'arn:aws:ecr:us-east-1:999999999999:repository/ecr-test-1484664090', 'repositoryName': 'ecr-test-1484664090', 'repositoryUri': '999999999999.dkr.ecr.us-east-1.amazonaws.com/ecr-test-1484664090'}
    + - - + +
    state
    string -
    - + + always -
    The asserted state of the repository (present, absent)
    -
    - +
    The asserted state of the repository (present, absent)
    +
    + - +

    @@ -523,5 +540,3 @@ Authors ~~~~~~~ - David M. Lee (@leedm777) - - diff --git a/docs/community.aws.ecs_service_info_module.rst b/docs/community.aws.ecs_service_info_module.rst index 6c289787f3d..3f88a3749d3 100644 --- a/docs/community.aws.ecs_service_info_module.rst +++ b/docs/community.aws.ecs_service_info_module.rst @@ -39,229 +39,248 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cluster
    string -
    -     		- -
    The cluster ARNS in which to list the services.
    -     		+ +
    The cluster ARNS in which to list the services.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    details
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Set this to true if you want detailed information about the services.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Set this to true if you want detailed information about the services.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    events
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to return ECS service events. Only has an effect if details=true.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to return ECS service events. Only has an effect if details=true.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    service
    list - / elements=string
    -     		- -
    One or more services to get details for
    -     		+ +
    One or more services to get details for
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -269,7 +288,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -280,7 +299,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic listing example @@ -297,7 +315,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -310,251 +327,251 @@ Common return values are documented `here Returned Description - - + +
    services
    complex -
    - + + success -
    When details is false, returns an array of service ARNs, otherwise an array of complex objects as described below.
    -
    - +
    When details is false, returns an array of service ARNs, otherwise an array of complex objects as described below.
    +
    + - -   - + +   +
    clusterArn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    -
    - +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    +
    + - -   - + +   +
    deployments
    list - / elements=dictionary
    - + / elements=dictionary + always -
    list of service deployments
    -
    - +
    list of service deployments
    +
    + - -   - + +   +
    desiredCount
    integer -
    - + + always -
    The desired number of instantiations of the task definition to keep running on the service.
    -
    - +
    The desired number of instantiations of the task definition to keep running on the service.
    +
    + - -   - + +   +
    events
    list - / elements=dictionary
    - + / elements=dictionary + when events is true -
    list of service events
    -
    - +
    list of service events
    +
    + - -   - + +   +
    loadBalancers
    complex -
    - + + always -
    A list of load balancer objects
    -
    - +
    A list of load balancer objects
    +
    + - -   -   - + +   +   +
    containerName
    string -
    - + + always -
    The name of the container to associate with the load balancer.
    -
    - +
    The name of the container to associate with the load balancer.
    +
    + - -   -   - + +   +   +
    containerPort
    integer -
    - + + always -
    The port on the container to associate with the load balancer.
    -
    - +
    The port on the container to associate with the load balancer.
    +
    + - -   -   - + +   +   +
    loadBalancerName
    string -
    - + + always -
    the name
    -
    - +
    the name
    +
    + - - -   - + + +   +
    pendingCount
    integer -
    - + + always -
    The number of tasks in the cluster that are in the PENDING state.
    -
    - +
    The number of tasks in the cluster that are in the PENDING state.
    +
    + - -   - + +   +
    runningCount
    integer -
    - + + always -
    The number of tasks in the cluster that are in the RUNNING state.
    -
    - +
    The number of tasks in the cluster that are in the RUNNING state.
    +
    + - -   - + +   +
    serviceArn
    string -
    - + + always -
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    -
    - +
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    +
    + - -   - + +   +
    serviceName
    string -
    - + + always -
    A user-generated string used to identify the service
    -
    - +
    A user-generated string used to identify the service
    +
    + - -   - + +   +
    status
    string -
    - + + always -
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    -
    - +
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    +
    + - -   - + +   +
    taskDefinition
    string -
    - + + always -
    The ARN of a task definition to use for tasks in the service.
    -
    - +
    The ARN of a task definition to use for tasks in the service.
    +
    + - - + +

    @@ -567,5 +584,3 @@ Authors - Mark Chance (@Java1Guy) - Darek Kaczynski (@kaczynskid) - - diff --git a/docs/community.aws.ecs_service_module.rst b/docs/community.aws.ecs_service_module.rst index c76848b84b1..a27bb6ae9cc 100644 --- a/docs/community.aws.ecs_service_module.rst +++ b/docs/community.aws.ecs_service_module.rst @@ -38,674 +38,693 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / required + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + / elements=string + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + + + + - - - + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    client_token
    string -
    -     		- -
    Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
    -     		+ +
    Unique, case-sensitive identifier you provide to ensure the idempotency of the request. Up to 32 ASCII characters are allowed.
    +
    +
    cluster
    string -
    -     		- -
    The name of the cluster in which the service exists.
    -     		+ +
    The name of the cluster in which the service exists.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delay
    integer -
    -     		- Default:
    10
    -     		-
    The time to wait before checking that the service is available.
    -     		+ Default:
    10
    +     		+
    The time to wait before checking that the service is available.
    +
    +
    deployment_configuration
    dictionary -
    -     		- -
    Optional parameters that control the deployment_configuration.
    -
    Format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
    -
    + + + +
    Optional parameters that control the deployment_configuration.
    +
    Format is '{"maximum_percent":<integer>, "minimum_healthy_percent":<integer>}
    +
    maximum_percent
    integer -
    -     		- -
    Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment.
    -     		+ +
    Upper limit on the number of tasks in a service that are allowed in the RUNNING or PENDING state during a deployment.
    +
    +
    minimum_healthy_percent
    integer -
    -     		- -
    A lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment.
    -
    + + + +
    A lower limit on the number of tasks in a service that must remain in the RUNNING state during a deployment.
    +
    desired_count
    integer -
    -     		- -
    The count of how many instances of the service.
    -
    This parameter is required when state=present.
    -     		+ +
    The count of how many instances of the service.
    +
    This parameter is required when state=present.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    force_new_deployment
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Force deployment of service even if there are no changes.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Force deployment of service even if there are no changes.
    +
    +
    health_check_grace_period_seconds
    integer -
    -     		- -
    Seconds to wait before health checking the freshly added/updated services.
    -
    This option requires botocore >= 1.8.20.
    -     		+ +
    Seconds to wait before health checking the freshly added/updated services.
    +
    This option requires botocore >= 1.8.20.
    +
    +
    launch_type
    string -
    -     		-
      Choices: -
    • EC2
      • -
    • FARGATE
      • -
    -     		-
    The launch type on which to run your service.
    -     		+
      Choices: +
    • EC2
      • +
    • FARGATE
      • +
    +     		+
    The launch type on which to run your service.
    +
    +
    load_balancers
    list - / elements=string
    -     		- -
    The list of ELBs defined for this service.
    -     		+ +
    The list of ELBs defined for this service.
    +
    +
    name
    string - / required
    -     		- -
    The name of the service.
    -     		+ +
    The name of the service.
    +
    +
    network_configuration
    dictionary -
    -     		- -
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    -
    assign_public_ip requires botocore >= 1.8.4
    -
    + + + +
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    +
    assign_public_ip requires botocore >= 1.8.4
    +
    assign_public_ip
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the task's elastic network interface receives a public IP address.
    -
    This option requires botocore >= 1.8.4.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the task's elastic network interface receives a public IP address.
    +
    This option requires botocore >= 1.8.4.
    +
    +
    security_groups
    list - / elements=string
    -     		- -
    A list of security group names or group IDs to associate with the task
    -     		+ +
    A list of security group names or group IDs to associate with the task
    +
    +
    subnets
    list - / elements=string
    -     		- -
    A list of subnet IDs to associate with the task
    -
    + / elements=string + + +
    A list of subnet IDs to associate with the task
    +
    placement_constraints
    list - / elements=dictionary
    -     		- -
    The placement constraints for the tasks in the service.
    - -
    + / elements=dictionary + + +
    The placement constraints for the tasks in the service.
    + +
    expression
    string -
    -     		- -
    A cluster query language expression to apply to the constraint.
    -     		+ +
    A cluster query language expression to apply to the constraint.
    +
    +
    type
    string -
    -     		- -
    The type of constraint.
    -
    + + + +
    The type of constraint.
    +
    placement_strategy
    list - / elements=dictionary
    -     		- -
    The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service.
    -
    + / elements=dictionary + + +
    The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules per service.
    +
    field
    string -
    -     		- -
    The field to apply the placement strategy against.
    -     		+ +
    The field to apply the placement strategy against.
    +
    +
    type
    string -
    -     		- -
    The type of placement strategy.
    -
    + + + +
    The type of placement strategy.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    repeat
    integer -
    -     		- Default:
    10
    -     		-
    The number of times to check that the service is available.
    -     		+ Default:
    10
    +     		+
    The number of times to check that the service is available.
    +
    +
    role
    string -
    -     		- -
    The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf.
    -
    This parameter is only required if you are using a load balancer with your service in a network mode other than awsvpc.
    -     		+ +
    The name or full Amazon Resource Name (ARN) of the IAM role that allows your Amazon ECS container agent to make calls to your load balancer on your behalf.
    +
    This parameter is only required if you are using a load balancer with your service in a network mode other than awsvpc.
    +
    +
    scheduling_strategy
    string -
    -     		-
      Choices: -
    • DAEMON
      • -
    • REPLICA
      • -
    -     		-
    The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
    -     		+
      Choices: +
    • DAEMON
      • +
    • REPLICA
      • +
    +     		+
    The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    service_registries
    list - / elements=dictionary
    -     		- -
    Describes service discovery registries this service will register with.
    -
    + / elements=dictionary + + +
    Describes service discovery registries this service will register with.
    +
    arn
    string -
    -     		- -
    Service discovery registry ARN
    -     		+ +
    Service discovery registry ARN
    +
    +
    container_name
    string -
    -     		- -
    container name for service discovery registration
    -     		+ +
    container name for service discovery registration
    +
    +
    container_port
    integer -
    -     		- -
    container port for service discovery registration
    -
    + + + +
    container port for service discovery registration
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • deleting
      • -
    -     		-
    The desired state of the service.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • deleting
      • +
    +     		+
    The desired state of the service.
    +
    +
    task_definition
    string -
    -     		- -
    The task definition the service will run.
    -
    This parameter is required when state=present.
    -     		+ +
    The task definition the service will run.
    +
    This parameter is required when state=present.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -716,7 +735,7 @@ Notes - The service role specified must be assumable. (i.e. have a trust relationship for the ecs service, ecs.amazonaws.com) - For details of the parameters and returns see https://boto3.readthedocs.io/en/latest/reference/services/ecs.html. - An IAM role must have been previously created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -727,7 +746,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic provisioning example @@ -776,7 +794,6 @@ Examples field: memory - Returned Facts -------------- Facts returned by this module are added/updated in the ``hostvars`` host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them. @@ -784,433 +801,433 @@ Facts returned by this module are added/updated in the ``hostvars`` host facts a .. raw:: html - + - - + + + +
    + - - - + + + + +
    + - - - + + + + +
    + - - - - + + + + + +
    + - - - - + + + + + +
    + - - - - + + + / elements=dictionary + +
    + - - - + + + + +
    + - - - + + + / elements=dictionary + +
    + - - - + + + + +
    + - - - - + + + + + +
    + - - - - + + + + + +
    + - - - - + + + + + +
    + - - - - + + + + +
    + - - - + + + / elements=dictionary + +
    + - - - - + + + + + +
    + - - - - + + + + + +
    + - - - - + + + / elements=dictionary + +
    + - - - - + + + + + +
    + - - - - + + + + + +
    + - - - - + + + + +
    + - - - + + + + +
    + - - - + + + + +
    + - - - + + + + +
    + - - - + + + + +
    + - -
    Fact Returned Description
    +
    service
    complex -
    -     		when service existed and was deleted -
    Details of deleted service. +
    Details of deleted service.
    -
    -
    +
    clusterArn
    string -
    -     		always -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service. +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    -
    -
    +
    deploymentConfiguration
    complex -
    -     		always -
    dictionary of deploymentConfiguration +
    dictionary of deploymentConfiguration
    -
    -
    +
    maximumPercent
    integer -
    -     		always -
    maximumPercent param +
    maximumPercent param
    -
    -
    +
    minimumHealthyPercent
    integer -
    -     		always -
    minimumHealthyPercent param +
    minimumHealthyPercent param
    -
    -
    + +
    deployments
    list - / elements=dictionary
    -     		always -
    list of service deployments +
    list of service deployments
    -
    -
    +
    desiredCount
    integer -
    -     		always -
    The desired number of instantiations of the task definition to keep running on the service. +
    The desired number of instantiations of the task definition to keep running on the service.
    -
    -
    +
    events
    list - / elements=dictionary
    -     		always -
    list of service events +
    list of service events
    -
    -
    +
    loadBalancers
    complex -
    -     		always -
    A list of load balancer objects +
    A list of load balancer objects
    -
    -
    +
    containerName
    string -
    -     		always -
    The name of the container to associate with the load balancer. +
    The name of the container to associate with the load balancer.
    -
    -
    +
    containerPort
    integer -
    -     		always -
    The port on the container to associate with the load balancer. +
    The port on the container to associate with the load balancer.
    -
    -
    +
    loadBalancerName
    string -
    -     		always -
    the name +
    the name
    -
    -
    + +
    pendingCount
    integer -
    -     		always -
    The number of tasks in the cluster that are in the PENDING state. +
    The number of tasks in the cluster that are in the PENDING state.
    -
    -
    +
    placementConstraints
    list - / elements=dictionary
    -     		always -
    List of placement constraints objects +
    List of placement constraints objects
    -
    -
    +
    expression
    string -
    -     		always -
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance. +
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.
    -
    -
    +
    type
    string -
    -     		always -
    The type of constraint. Valid values are distinctInstance and memberOf. +
    The type of constraint. Valid values are distinctInstance and memberOf.
    -
    -
    + +
    placementStrategy
    list - / elements=dictionary
    -     		always -
    List of placement strategy objects +
    List of placement strategy objects
    -
    -
    +
    field
    string -
    -     		always -
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY. +
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.
    -
    -
    +
    type
    string -
    -     		always -
    The type of placement strategy. Valid values are random, spread and binpack. +
    The type of placement strategy. Valid values are random, spread and binpack.
    -
    -
    + +
    runningCount
    integer -
    -     		always -
    The number of tasks in the cluster that are in the RUNNING state. +
    The number of tasks in the cluster that are in the RUNNING state.
    -
    -
    +
    serviceArn
    string -
    -     		always -
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service . +
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    -
    -
    +
    serviceName
    string -
    -     		always -
    A user-generated string used to identify the service +
    A user-generated string used to identify the service
    -
    -
    +
    status
    string -
    -     		always -
    The valid values are ACTIVE, DRAINING, or INACTIVE. +
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    -
    -
    +
    taskDefinition
    string -
    -     		always -
    The ARN of a task definition to use for tasks in the service. +
    The ARN of a task definition to use for tasks in the service.
    -
    -
    + +

    @@ -1226,404 +1243,404 @@ Common return values are documented `here Returned Description - - + +
    service
    complex -
    - + + when creating a service -
    Details of created service.
    -
    - +
    Details of created service.
    +
    + - -   - + +   +
    clusterArn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    -
    - +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the service.
    +
    + - -   - + +   +
    deploymentConfiguration
    complex -
    - + + always -
    dictionary of deploymentConfiguration
    -
    - +
    dictionary of deploymentConfiguration
    +
    + - -   -   - + +   +   +
    maximumPercent
    integer -
    - + + always -
    maximumPercent param
    -
    - - - -   -   - +
    maximumPercent param
    +
    + + + +   +   +
    minimumHealthyPercent
    integer -
    - + + always -
    minimumHealthyPercent param
    -
    - +
    minimumHealthyPercent param
    +
    + - - -   - + + +   +
    deployments
    list - / elements=dictionary
    - + / elements=dictionary + always -
    list of service deployments
    -
    - +
    list of service deployments
    +
    + - -   - + +   +
    desiredCount
    integer -
    - + + always -
    The desired number of instantiations of the task definition to keep running on the service.
    -
    - +
    The desired number of instantiations of the task definition to keep running on the service.
    +
    + - -   - + +   +
    events
    list - / elements=dictionary
    - + / elements=dictionary + always -
    list of service events
    -
    - +
    list of service events
    +
    + - -   - + +   +
    loadBalancers
    complex -
    - + + always -
    A list of load balancer objects
    -
    - +
    A list of load balancer objects
    +
    + - -   -   - + +   +   +
    containerName
    string -
    - + + always -
    The name of the container to associate with the load balancer.
    -
    - - - -   -   - +
    The name of the container to associate with the load balancer.
    +
    + + + +   +   +
    containerPort
    integer -
    - + + always -
    The port on the container to associate with the load balancer.
    -
    - - - -   -   - +
    The port on the container to associate with the load balancer.
    +
    + + + +   +   +
    loadBalancerName
    string -
    - + + always -
    the name
    -
    - +
    the name
    +
    + - - -   - + + +   +
    pendingCount
    integer -
    - + + always -
    The number of tasks in the cluster that are in the PENDING state.
    -
    - +
    The number of tasks in the cluster that are in the PENDING state.
    +
    + - -   - + +   +
    placementConstraints
    list - / elements=dictionary
    - + / elements=dictionary + always -
    List of placement constraints objects
    -
    - +
    List of placement constraints objects
    +
    + - -   -   - + +   +   +
    expression
    string -
    - + + always -
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.
    -
    - - - -   -   - +
    A cluster query language expression to apply to the constraint. Note you cannot specify an expression if the constraint type is distinctInstance.
    +
    + + + +   +   +
    type
    string -
    - + + always -
    The type of constraint. Valid values are distinctInstance and memberOf.
    -
    - +
    The type of constraint. Valid values are distinctInstance and memberOf.
    +
    + - - -   - + + +   +
    placementStrategy
    list - / elements=dictionary
    - + / elements=dictionary + always -
    List of placement strategy objects
    -
    - +
    List of placement strategy objects
    +
    + - -   -   - + +   +   +
    field
    string -
    - + + always -
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.
    -
    - - - -   -   - +
    The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are CPU and MEMORY.
    +
    + + + +   +   +
    type
    string -
    - + + always -
    The type of placement strategy. Valid values are random, spread and binpack.
    -
    - +
    The type of placement strategy. Valid values are random, spread and binpack.
    +
    + - - -   - + + +   +
    runningCount
    integer -
    - + + always -
    The number of tasks in the cluster that are in the RUNNING state.
    -
    - +
    The number of tasks in the cluster that are in the RUNNING state.
    +
    + - -   - + +   +
    serviceArn
    string -
    - + + always -
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    -
    - +
    The Amazon Resource Name (ARN) that identifies the service. The ARN contains the arn:aws:ecs namespace, followed by the region of the service, the AWS account ID of the service owner, the service namespace, and then the service name. For example, arn:aws:ecs:region :012345678910 :service/my-service .
    +
    + - -   - + +   +
    serviceName
    string -
    - + + always -
    A user-generated string used to identify the service
    -
    - +
    A user-generated string used to identify the service
    +
    + - -   - + +   +
    status
    string -
    - + + always -
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    -
    - +
    The valid values are ACTIVE, DRAINING, or INACTIVE.
    +
    + - -   - + +   +
    taskDefinition
    string -
    - + + always -
    The ARN of a task definition to use for tasks in the service.
    -
    - +
    The ARN of a task definition to use for tasks in the service.
    +
    + - - + +

    @@ -1638,5 +1655,3 @@ Authors - Darek Kaczynski (@kaczynskid) - Stephane Maarek (@simplesteph) - Zac Blazic (@zacblazic) - - diff --git a/docs/community.aws.ecs_tag_module.rst b/docs/community.aws.ecs_tag_module.rst index 0a8f538e71a..8a3fa75dd79 100644 --- a/docs/community.aws.ecs_tag_module.rst +++ b/docs/community.aws.ecs_tag_module.rst @@ -38,269 +38,288 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cluster_name
    string - / required
    -     		- -
    The name of the cluster whose resources we are tagging.
    -     		+ +
    The name of the cluster whose resources we are tagging.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether unspecified tags should be removed from the resource.
    -
    Note that when combined with state=absent, specified tags with non-matching values are not purged.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether unspecified tags should be removed from the resource.
    +
    Note that when combined with state=absent, specified tags with non-matching values are not purged.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    resource
    string -
    -     		- -
    The ECS resource name.
    -
    Required unless resource_type=cluster.
    -     		+ +
    The ECS resource name.
    +
    Required unless resource_type=cluster.
    +
    +
    resource_type
    string -
    -     		-
      Choices: -
    • cluster ←
      • -
    • task
      • -
    • service
      • -
    • task_definition
      • -
    • container
      • -
    -     		-
    The type of resource.
    -     		+
      Choices: +
    • cluster ←
      • +
    • task
      • +
    • service
      • +
    • task_definition
      • +
    • container
      • +
    +     		+
    The type of resource.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether the tags should be present or absent on the resource.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether the tags should be present or absent on the resource.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of tags to add or remove from the resource.
    -
    If the value provided for a tag is null and state=absent, the tag will be removed regardless of its current value.
    -     		+ +
    A dictionary of tags to add or remove from the resource.
    +
    If the value provided for a tag is null and state=absent, the tag will be removed regardless of its current value.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -309,7 +328,7 @@ Notes .. note:: - none - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -320,7 +339,6 @@ Examples .. code-block:: yaml+jinja - - name: Ensure tags are present on a resource community.aws.ecs_tag: cluster_name: mycluster @@ -357,7 +375,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -370,52 +387,52 @@ Common return values are documented `here Returned Description - - + +
    added_tags
    dictionary -
    - + + If tags were added -
    A dict of tags that were added to the resource
    -
    - +
    A dict of tags that were added to the resource
    +
    + - - + +
    removed_tags
    dictionary -
    - + + If tags were removed -
    A dict of tags that were removed from the resource
    -
    - +
    A dict of tags that were removed from the resource
    +
    + - - + +
    tags
    dictionary -
    - + + always -
    A dict containing the tags on the resource
    -
    - +
    A dict containing the tags on the resource
    +
    + - +

    @@ -427,5 +444,3 @@ Authors ~~~~~~~ - Michael Pechner (@mpechner) - - diff --git a/docs/community.aws.ecs_task_module.rst b/docs/community.aws.ecs_task_module.rst index 4b171d2f6a4..8f821a8f728 100644 --- a/docs/community.aws.ecs_task_module.rst +++ b/docs/community.aws.ecs_task_module.rst @@ -38,368 +38,387 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + / elements=string + + + - - - + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cluster
    string -
    -     		- -
    The name of the cluster to run the task on.
    -     		+ +
    The name of the cluster to run the task on.
    +
    +
    container_instances
    list - / elements=string
    -     		- -
    The list of container instances on which to deploy the task.
    -     		+ +
    The list of container instances on which to deploy the task.
    +
    +
    count
    integer -
    -     		- -
    How many new instances to start.
    -     		+ +
    How many new instances to start.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    launch_type
    string -
    -     		-
      Choices: -
    • EC2
      • -
    • FARGATE
      • -
    -     		-
    The launch type on which to run your service.
    -     		+
      Choices: +
    • EC2
      • +
    • FARGATE
      • +
    +     		+
    The launch type on which to run your service.
    +
    +
    network_configuration
    dictionary -
    -     		- -
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    -
    + + + +
    Network configuration of the service. Only applicable for task definitions created with network_mode=awsvpc.
    +
    security_groups
    list - / elements=string
    -     		- -
    A list of group names or group IDs for the task.
    -     		+ +
    A list of group names or group IDs for the task.
    +
    +
    subnets
    list - / elements=string
    -     		- -
    A list of subnet IDs to which the task is attached.
    -
    + / elements=string + + +
    A list of subnet IDs to which the task is attached.
    +
    operation
    string - / required
    -     		-
      Choices: -
    • run
      • -
    • start
      • -
    • stop
      • -
    -     		-
    Which task operation to execute.
    -     		+
      Choices: +
    • run
      • +
    • start
      • +
    • stop
      • +
    +     		+
    Which task operation to execute.
    +
    +
    overrides
    dictionary -
    -     		- -
    A dictionary of values to pass to the new instances.
    -     		+ +
    A dictionary of values to pass to the new instances.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    started_by
    string -
    -     		- -
    A value showing who or what started the task (for informational purposes).
    -     		+ +
    A value showing who or what started the task (for informational purposes).
    +
    +
    tags
    dictionary -
    -     		- -
    Tags that will be added to ecs tasks on start and run
    -     		+ +
    Tags that will be added to ecs tasks on start and run
    +
    +
    task
    string -
    -     		- -
    The task to stop.
    -     		+ +
    The task to stop.
    +
    +
    task_definition
    string -
    -     		- -
    The task definition to start or run.
    -     		+ +
    The task definition to start or run.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -407,7 +426,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -418,7 +437,6 @@ Examples .. code-block:: yaml+jinja - # Simple example of run task - name: Run task community.aws.ecs_task: @@ -478,7 +496,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -491,247 +508,247 @@ Common return values are documented `here Returned Description - - + +
    task
    complex -
    - + + success -
    details about the task that was started
    -
    - +
    details about the task that was started
    +
    + - -   - + +   +
    clusterArn
    string -
    - + + only when details is true -
    The Amazon Resource Name (ARN) of the of the cluster that hosts the task.
    -
    - +
    The Amazon Resource Name (ARN) of the of the cluster that hosts the task.
    +
    + - -   - + +   +
    containerInstanceArn
    string -
    - + + only when details is true -
    The Amazon Resource Name (ARN) of the container running the task.
    -
    - +
    The Amazon Resource Name (ARN) of the container running the task.
    +
    + - -   - + +   +
    containers
    list - / elements=dictionary
    - + / elements=dictionary + only when details is true -
    The container details.
    -
    - +
    The container details.
    +
    + - -   - + +   +
    createdAt
    string -
    - + + only when details is true -
    The timestamp of when the task was created.
    -
    - +
    The timestamp of when the task was created.
    +
    + - -   - + +   +
    desiredStatus
    string -
    - + + only when details is true -
    The desired status of the task.
    -
    - +
    The desired status of the task.
    +
    + - -   - + +   +
    lastStatus
    string -
    - + + only when details is true -
    The last recorded status of the task.
    -
    - +
    The last recorded status of the task.
    +
    + - -   - + +   +
    launchType
    string -
    - + + always -
    The launch type on which to run your task.
    -
    - +
    The launch type on which to run your task.
    +
    + - -   - + +   +
    overrides
    list - / elements=dictionary
    - + / elements=dictionary + only when details is true -
    The container overrides set for this task.
    -
    - +
    The container overrides set for this task.
    +
    + - -   - + +   +
    startedAt
    string -
    - + + only when details is true -
    The timestamp of when the task was started.
    -
    - +
    The timestamp of when the task was started.
    +
    + - -   - + +   +
    startedBy
    string -
    - + + only when details is true -
    The used who started the task.
    -
    - +
    The used who started the task.
    +
    + - -   - + +   +
    stoppedAt
    string -
    - + + only when details is true -
    The timestamp of when the task was stopped.
    -
    - +
    The timestamp of when the task was stopped.
    +
    + - -   - + +   +
    stoppedReason
    string -
    - + + only when details is true -
    The reason why the task was stopped.
    -
    - +
    The reason why the task was stopped.
    +
    + - -   - + +   +
    taskArn
    string -
    - + + always -
    The Amazon Resource Name (ARN) that identifies the task.
    -
    - +
    The Amazon Resource Name (ARN) that identifies the task.
    +
    + - -   - + +   +
    taskDefinitionArn
    string -
    - + + only when details is true -
    The Amazon Resource Name (ARN) of the task definition.
    -
    - +
    The Amazon Resource Name (ARN) of the task definition.
    +
    + - - + +

    @@ -743,5 +760,3 @@ Authors ~~~~~~~ - Mark Chance (@Java1Guy) - - diff --git a/docs/community.aws.ecs_taskdefinition_info_module.rst b/docs/community.aws.ecs_taskdefinition_info_module.rst index 2f426b87f22..5cd1be9bc22 100644 --- a/docs/community.aws.ecs_taskdefinition_info_module.rst +++ b/docs/community.aws.ecs_taskdefinition_info_module.rst @@ -38,176 +38,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    task_definition
    string - / required
    -     		- -
    The name of the task definition to get details for
    -     		+ +
    The name of the task definition to get details for
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -217,7 +236,7 @@ Notes .. note:: - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition - This module was called ``ecs_taskdefinition_facts`` before Ansible 2.9. The usage did not change. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -228,7 +247,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - community.aws.ecs_taskdefinition_info: @@ -236,7 +254,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -249,982 +266,982 @@ Common return values are documented `here Returned Description - - + +
    container_definitions
    complex -
    - + + success -
    Returns a list of complex objects representing the containers
    -
    - +
    Returns a list of complex objects representing the containers
    +
    + - -   - + +   +
    command
    string -
    - + + when present -
    The command that is passed to the container.
    -
    - +
    The command that is passed to the container.
    +
    + - -   - + +   +
    cpu
    integer -
    - + + always -
    The number of cpu units reserved for the container.
    -
    - +
    The number of cpu units reserved for the container.
    +
    + - -   - + +   +
    disableNetworking
    boolean -
    - + + when present -
    When this parameter is true, networking is disabled within the container.
    -
    - +
    When this parameter is true, networking is disabled within the container.
    +
    + - -   - + +   +
    dnsSearchDomains
    string -
    - + + when present -
    A list of DNS search domains that are presented to the container.
    -
    - +
    A list of DNS search domains that are presented to the container.
    +
    + - -   - + +   +
    dnsServers
    string -
    - + + when present -
    A list of DNS servers that are presented to the container.
    -
    - +
    A list of DNS servers that are presented to the container.
    +
    + - -   - + +   +
    dockerLabels
    string -
    - + + when present -
    A key/value map of labels to add to the container.
    -
    - +
    A key/value map of labels to add to the container.
    +
    + - -   - + +   +
    dockerSecurityOptions
    string -
    - + + when present -
    A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems.
    -
    - +
    A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems.
    +
    + - -   - + +   +
    entryPoint
    string -
    - + + when present -
    The entry point that is passed to the container.
    -
    - +
    The entry point that is passed to the container.
    +
    + - -   - + +   +
    environment
    complex -
    - + + always -
    The environment variables to pass to a container.
    -
    - +
    The environment variables to pass to a container.
    +
    + - -   -   - + +   +   +
    name
    string -
    - + + when present -
    The name of the environment variable.
    -
    - - - -   -   - +
    The name of the environment variable.
    +
    + + + +   +   +
    value
    string -
    - + + when present -
    The value of the environment variable.
    -
    - +
    The value of the environment variable.
    +
    + - - -   - + + +   +
    essential
    boolean -
    - + + always -
    Whether this is an essential container or not.
    -
    - +
    Whether this is an essential container or not.
    +
    + - -   - + +   +
    extraHosts
    complex -
    - + + when present -
    A list of hostnames and IP address mappings to append to the /etc/hosts file on the container.
    -
    - +
    A list of hostnames and IP address mappings to append to the /etc/hosts file on the container.
    +
    + - -   -   - + +   +   +
    hostname
    string -
    - + + when present -
    The hostname to use in the /etc/hosts entry.
    -
    - - - -   -   - +
    The hostname to use in the /etc/hosts entry.
    +
    + + + +   +   +
    ipAddress
    string -
    - + + when present -
    The IP address to use in the /etc/hosts entry.
    -
    - +
    The IP address to use in the /etc/hosts entry.
    +
    + - - -   - + + +   +
    hostname
    string -
    - + + when present -
    The hostname to use for your container.
    -
    - +
    The hostname to use for your container.
    +
    + - -   - + +   +
    image
    string -
    - + + always -
    The image used to start a container.
    -
    - +
    The image used to start a container.
    +
    + - -   - + +   +
    links
    string -
    - + + when present -
    Links to other containers.
    -
    - +
    Links to other containers.
    +
    + - -   - + +   +
    logConfiguration
    string -
    - + + when present -
    The log configuration specification for the container.
    -
    - +
    The log configuration specification for the container.
    +
    + - -   - + +   +
    memoryReservation
    integer -
    - + + when present -
    The soft limit (in MiB) of memory to reserve for the container.
    -
    - +
    The soft limit (in MiB) of memory to reserve for the container.
    +
    + - -   - + +   +
    mountPoints
    complex -
    - + + always -
    The mount points for data volumes in your container.
    -
    - +
    The mount points for data volumes in your container.
    +
    + - -   -   - + +   +   +
    containerPath
    string -
    - + + when present -
    The path on the container to mount the host volume at.
    -
    - - - -   -   - +
    The path on the container to mount the host volume at.
    +
    + + + +   +   +
    readOnly
    boolean -
    - + + when present -
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    -
    - - - -   -   - +
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    +
    + + + +   +   +
    sourceVolume
    string -
    - + + when present -
    The name of the volume to mount.
    -
    - +
    The name of the volume to mount.
    +
    + - - -   - + + +   +
    name
    string -
    - + + always -
    The name of a container.
    -
    - +
    The name of a container.
    +
    + - -   - + +   +
    options
    string -
    - + + when present -
    The configuration options to send to the log driver.
    -
    - +
    The configuration options to send to the log driver.
    +
    + - -   - + +   +
    portMappings
    complex -
    - + + always -
    The list of port mappings for the container.
    -
    - +
    The list of port mappings for the container.
    +
    + - -   -   - + +   +   +
    containerPort
    integer -
    - + + when present -
    The port number on the container.
    -
    - - - -   -   - +
    The port number on the container.
    +
    + + + +   +   +
    hostPort
    integer -
    - + + when present -
    The port number on the container instance to reserve for your container.
    -
    - - - -   -   - +
    The port number on the container instance to reserve for your container.
    +
    + + + +   +   +
    protocol
    string -
    - + + when present -
    The protocol used for the port mapping.
    -
    - +
    The protocol used for the port mapping.
    +
    + - - -   - + + +   +
    privileged
    boolean -
    - + + when present -
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
    -
    - +
    When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
    +
    + - -   - + +   +
    readonlyRootFilesystem
    boolean -
    - + + when present -
    When this parameter is true, the container is given read-only access to its root file system.
    -
    - +
    When this parameter is true, the container is given read-only access to its root file system.
    +
    + - -   - + +   +
    ulimits
    complex -
    - + + when present -
    A list of ulimits to set in the container.
    -
    - +
    A list of ulimits to set in the container.
    +
    + - -   -   - + +   +   +
    hardLimit
    integer -
    - + + when present -
    The hard limit for the ulimit type.
    -
    - - - -   -   - +
    The hard limit for the ulimit type.
    +
    + + + +   +   +
    name
    string -
    - + + when present -
    The type of the ulimit .
    -
    - - - -   -   - +
    The type of the ulimit .
    +
    + + + +   +   +
    softLimit
    integer -
    - + + when present -
    The soft limit for the ulimit type.
    -
    - +
    The soft limit for the ulimit type.
    +
    + - - -   - + + +   +
    user
    string -
    - + + when present -
    The user name to use inside the container.
    -
    - +
    The user name to use inside the container.
    +
    + - -   - + +   +
    volumesFrom
    complex -
    - + + always -
    Data volumes to mount from another container.
    -
    - +
    Data volumes to mount from another container.
    +
    + - -   -   - + +   +   +
    readOnly
    boolean -
    - + + when present -
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    -
    - - - -   -   - +
    If this value is true , the container has read-only access to the volume. If this value is false , then the container can write to the volume.
    +
    + + + +   +   +
    sourceContainer
    string -
    - + + when present -
    The name of another container within the same task definition to mount volumes from.
    -
    - +
    The name of another container within the same task definition to mount volumes from.
    +
    + - - -   - + + +   +
    workingDirectory
    string -
    - + + when present -
    The working directory in which to run commands inside the container.
    -
    - +
    The working directory in which to run commands inside the container.
    +
    + - - - + + +
    family
    string -
    - + + always -
    The family of your task definition, used as the definition name
    -
    - +
    The family of your task definition, used as the definition name
    +
    + - - + +
    network_mode
    string -
    - + + always -
    Network mode for the containers
    -
    - +
    Network mode for the containers
    +
    + - - + +
    placement_constraints
    complex -
    - + + always -
    A list of placement constraint objects to use for tasks
    -
    - +
    A list of placement constraint objects to use for tasks
    +
    + - -   - + +   +
    expression
    string -
    - + + when present -
    A cluster query language expression to apply to the constraint.
    -
    - +
    A cluster query language expression to apply to the constraint.
    +
    + - -   - + +   +
    type
    string -
    - + + when present -
    The type of constraint.
    -
    - +
    The type of constraint.
    +
    + - - - + + +
    requires_attributes
    complex -
    - + + when present -
    The container instance attributes required by your task
    -
    - +
    The container instance attributes required by your task
    +
    + - -   - + +   +
    name
    string -
    - + + when present -
    The name of the attribute.
    -
    - +
    The name of the attribute.
    +
    + - -   - + +   +
    targetId
    string -
    - + + when present -
    The ID of the target.
    -
    - +
    The ID of the target.
    +
    + - -   - + +   +
    targetType
    string -
    - + + when present -
    The type of the target with which to attach the attribute.
    -
    - +
    The type of the target with which to attach the attribute.
    +
    + - -   - + +   +
    value
    string -
    - + + when present -
    The value of the attribute.
    -
    - +
    The value of the attribute.
    +
    + - - - + + +
    revision
    integer -
    - + + always -
    Revision number that was queried
    -
    - +
    Revision number that was queried
    +
    + - - + +
    status
    string -
    - + + always -
    The status of the task definition
    -
    - +
    The status of the task definition
    +
    + - - + +
    task_definition_arn
    string -
    - + + always -
    ARN of the task definition
    -
    - +
    ARN of the task definition
    +
    + - - + +
    task_role_arn
    string -
    - + + when role is set -
    The ARN of the IAM role that containers in this task can assume
    -
    - +
    The ARN of the IAM role that containers in this task can assume
    +
    + - - + +
    volumes
    complex -
    - + + always -
    The list of volumes in a task
    -
    - +
    The list of volumes in a task
    +
    + - -   - + +   +
    host
    boolean -
    - + + when present -
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored.
    -
    - +
    The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored.
    +
    + - -   - + +   +
    name
    string -
    - + + when present -
    The name of the volume.
    -
    - +
    The name of the volume.
    +
    + - -   - + +   +
    source_path
    string -
    - + + when present -
    The path on the host container instance that is presented to the container.
    -
    - +
    The path on the host container instance that is presented to the container.
    +
    + - - + +

    @@ -1238,5 +1255,3 @@ Authors - Gustavo Maia (@gurumaia) - Mark Chance (@Java1Guy) - Darek Kaczynski (@kaczynskid) - - diff --git a/docs/community.aws.ecs_taskdefinition_module.rst b/docs/community.aws.ecs_taskdefinition_module.rst index 91f569a6c81..040b5a0cb47 100644 --- a/docs/community.aws.ecs_taskdefinition_module.rst +++ b/docs/community.aws.ecs_taskdefinition_module.rst @@ -38,397 +38,416 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + / required + + + - -
    Parameter Choices/DefaultsCommentsComments
    +
    arn
    string -
    -     		- -
    The ARN of the task description to delete.
    -     		+ +
    The ARN of the task description to delete.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    containers
    list - / elements=string
    -     		- -
    A list of containers definitions.
    -     		+ +
    A list of containers definitions.
    +
    +
    cpu
    string -
    -     		- -
    The number of cpu units used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    -
    If using the Fargate launch type, this field is required and you must use one of 256, 512, 1024, 2048, 4096.
    -     		+ +
    The number of cpu units used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    +
    If using the Fargate launch type, this field is required and you must use one of 256, 512, 1024, 2048, 4096.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    execution_role_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.
    -     		+ +
    The Amazon Resource Name (ARN) of the task execution role that the Amazon ECS container agent and the Docker daemon can assume.
    +
    +
    family
    string -
    -     		- -
    A Name that would be given to the task definition.
    -     		+ +
    A Name that would be given to the task definition.
    +
    +
    force_create
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Always create new task definition.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Always create new task definition.
    +
    +
    launch_type
    string -
    -     		-
      Choices: -
    • EC2
      • -
    • FARGATE
      • -
    -     		-
    The launch type on which to run your task.
    -     		+
      Choices: +
    • EC2
      • +
    • FARGATE
      • +
    +     		+
    The launch type on which to run your task.
    +
    +
    memory
    string -
    -     		- -
    The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    -
    If using the Fargate launch type, this field is required and is limited by the cpu.
    -     		+ +
    The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
    +
    If using the Fargate launch type, this field is required and is limited by the cpu.
    +
    +
    network_mode
    string -
    -     		-
      Choices: -
    • default
      • -
    • bridge ←
      • -
    • host
      • -
    • none
      • -
    • awsvpc
      • -
    -     		-
    The Docker networking mode to use for the containers in the task.
    -
    awsvpc mode was added in Ansible 2.5
    -
    Windows containers must use network_mode=default, which will utilize docker NAT networking.
    -
    Setting network_mode=default for a Linux container will use bridge mode.
    -     		+
      Choices: +
    • default
      • +
    • bridge ←
      • +
    • host
      • +
    • none
      • +
    • awsvpc
      • +
    +     		+
    The Docker networking mode to use for the containers in the task.
    +
    awsvpc mode was added in Ansible 2.5
    +
    Windows containers must use network_mode=default, which will utilize docker NAT networking.
    +
    Setting network_mode=default for a Linux container will use bridge mode.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    revision
    integer -
    -     		- -
    A revision number for the task definition.
    -     		+ +
    A revision number for the task definition.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    State whether the task definition should exist or be deleted.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    State whether the task definition should exist or be deleted.
    +
    +
    task_role_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
    -     		+ +
    The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    volumes
    list - / elements=dictionary
    -     		- -
    A list of names of volumes to be attached.
    -     		+ +
    A list of names of volumes to be attached.
    +
    +
    name
    string - / required
    -     		- -
    The name of the volume.
    -     		+ +
    The name of the volume.
    +
    + +
    @@ -436,7 +455,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -447,7 +466,6 @@ Examples .. code-block:: yaml+jinja - - name: Create task definition community.aws.ecs_taskdefinition: containers: @@ -545,7 +563,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -558,22 +575,22 @@ Common return values are documented `here Returned Description - - + +
    taskdefinition
    dictionary -
    - + + always -
    a reflection of the input parameters
    -
    - +
    a reflection of the input parameters
    +
    + - +

    @@ -585,5 +602,3 @@ Authors ~~~~~~~ - Mark Chance (@Java1Guy) - - diff --git a/docs/community.aws.efs_info_module.rst b/docs/community.aws.efs_info_module.rst index 70ad702130c..85601f63fac 100644 --- a/docs/community.aws.efs_info_module.rst +++ b/docs/community.aws.efs_info_module.rst @@ -37,223 +37,242 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    id
    string -
    -     		- -
    ID of Amazon EFS.
    -     		+ +
    ID of Amazon EFS.
    +
    +
    name
    string -
    -     		- -
    Creation Token of Amazon EFS file system.
    -

    aliases: creation_token
    -     		+ +
    Creation Token of Amazon EFS file system.
    +

    aliases: creation_token
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    tags
    dictionary -
    -     		- -
    List of tags of Amazon EFS. Should be defined as dictionary.
    -     		+ +
    List of tags of Amazon EFS. Should be defined as dictionary.
    +
    +
    targets
    list - / elements=string
    -     		- -
    List of targets on which to filter the returned results.
    -
    Result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address.
    -     		+ +
    List of targets on which to filter the returned results.
    +
    Result must match all of the specified targets, each of which can be a security group ID, a subnet ID or an IP address.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -261,7 +280,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -272,7 +291,6 @@ Examples .. code-block:: yaml+jinja - - name: Find all existing efs community.aws.efs_info: register: result @@ -291,12 +309,11 @@ Examples - sg-4d3c2b1a register: result - - debug: + - ansible.builtin.debug: msg: "{{ result['efs'] }}" - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -309,262 +326,262 @@ Common return values are documented `here Returned Description - - + +
    creation_time
    string -
    - + + always -
    timestamp of creation date
    -
    -
    Sample:
    -
    2015-11-16 07:30:57-05:00
    - +
    timestamp of creation date
    +
    +
    Sample:
    +
    2015-11-16 07:30:57-05:00
    + - - + +
    creation_token
    string -
    - + + always -
    EFS creation token
    -
    -
    Sample:
    -
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    - +
    EFS creation token
    +
    +
    Sample:
    +
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    + - - + +
    file_system_id
    string -
    - + + always -
    ID of the file system
    -
    -
    Sample:
    -
    fs-xxxxxxxx
    - +
    ID of the file system
    +
    +
    Sample:
    +
    fs-xxxxxxxx
    + - - + +
    filesystem_address
    string -
    - + + always -
    url of file system
    -
    -
    Sample:
    -
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    - +
    url of file system
    +
    +
    Sample:
    +
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    + - - + +
    life_cycle_state
    string -
    - + + always -
    state of the EFS file system
    -
    -
    Sample:
    -
    creating, available, deleting, deleted
    - +
    state of the EFS file system
    +
    +
    Sample:
    +
    creating, available, deleting, deleted
    + - - + +
    mount_point
    string -
    - + + always -
    url of file system with leading dot from the time AWS EFS required to add network suffix to EFS address
    -
    -
    Sample:
    -
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    - +
    url of file system with leading dot from the time AWS EFS required to add network suffix to EFS address
    +
    +
    Sample:
    +
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    + - - + +
    mount_targets
    list -
    - + + always -
    list of mount targets
    -
    -
    Sample:
    -
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    - +
    list of mount targets
    +
    +
    Sample:
    +
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    + - - + +
    name
    string -
    - + + always -
    name of the file system
    -
    -
    Sample:
    -
    my-efs
    - +
    name of the file system
    +
    +
    Sample:
    +
    my-efs
    + - - + +
    number_of_mount_targets
    integer -
    - + + always -
    the number of targets mounted
    -
    -
    Sample:
    -
    3
    - +
    the number of targets mounted
    +
    +
    Sample:
    +
    3
    + - - + +
    owner_id
    string -
    - + + always -
    AWS account ID of EFS owner
    -
    -
    Sample:
    -
    XXXXXXXXXXXX
    - +
    AWS account ID of EFS owner
    +
    +
    Sample:
    +
    XXXXXXXXXXXX
    + - - + +
    performance_mode
    string -
    - + + always -
    performance mode of the file system
    -
    -
    Sample:
    -
    generalPurpose
    - +
    performance mode of the file system
    +
    +
    Sample:
    +
    generalPurpose
    + - - + +
    provisioned_throughput_in_mibps
    float -
    - + + when botocore >= 1.10.57 and throughput_mode is set to "provisioned" -
    throughput provisioned in Mibps
    -
    -
    Sample:
    -
    15.0
    - +
    throughput provisioned in Mibps
    +
    +
    Sample:
    +
    15.0
    + - - + +
    size_in_bytes
    dictionary -
    - + + always -
    size of the file system in bytes as of a timestamp
    -
    -
    Sample:
    -
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    - +
    size of the file system in bytes as of a timestamp
    +
    +
    Sample:
    +
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    + - - + +
    tags
    dictionary -
    - + + always -
    tags on the efs instance
    -
    -
    Sample:
    -
    {'name': 'my-efs', 'key': 'Value'}
    - +
    tags on the efs instance
    +
    +
    Sample:
    +
    {'name': 'my-efs', 'key': 'Value'}
    + - - + +
    throughput_mode
    string -
    - + + when botocore >= 1.10.57 -
    mode of throughput for the file system
    -
    -
    Sample:
    -
    bursting
    - +
    mode of throughput for the file system
    +
    +
    Sample:
    +
    bursting
    + - +

    @@ -576,5 +593,3 @@ Authors ~~~~~~~ - Ryan Sydnor (@ryansydnor) - - diff --git a/docs/community.aws.efs_module.rst b/docs/community.aws.efs_module.rst index 5ef1d40cb81..92481e55fe8 100644 --- a/docs/community.aws.efs_module.rst +++ b/docs/community.aws.efs_module.rst @@ -36,432 +36,451 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - + / elements=string + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    encrypt
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If encrypt=true creates an encrypted file system. This can not be modified after the file system is created.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If encrypt=true creates an encrypted file system. This can not be modified after the file system is created.
    +
    +
    id
    string -
    -     		- -
    ID of Amazon EFS. Either name or ID required for delete.
    -     		+ +
    ID of Amazon EFS. Either name or ID required for delete.
    +
    +
    kms_key_id
    string -
    -     		- -
    The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
    -     		+ +
    The id of the AWS KMS CMK that will be used to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. The key id can be Key ID, Key ID ARN, Key Alias or Key Alias ARN.
    +
    +
    name
    string -
    -     		- -
    Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
    -     		+ +
    Creation Token of Amazon EFS file system. Required for create and update. Either name or ID required for delete.
    +
    +
    performance_mode
    string -
    -     		-
      Choices: -
    • general_purpose ←
      • -
    • max_io
      • -
    -     		-
    File system's performance mode to use. Only takes effect during creation.
    -     		+
      Choices: +
    • general_purpose ←
      • +
    • max_io
      • +
    +     		+
    File system's performance mode to use. Only takes effect during creation.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    provisioned_throughput_in_mibps
    float -
    -     		- -
    If the throughput_mode is provisioned, select the amount of throughput to provisioned in Mibps.
    -
    Requires botocore >= 1.10.57
    -     		+ +
    If the throughput_mode is provisioned, select the amount of throughput to provisioned in Mibps.
    +
    Requires botocore >= 1.10.57
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Allows to create, search and destroy Amazon EFS file system.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Allows to create, search and destroy Amazon EFS file system.
    +
    +
    tags
    dictionary -
    -     		- -
    List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
    -     		+ +
    List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
    +
    +
    targets
    list - / elements=dictionary
    -     		- -
    List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: This data may be modified for existing EFS using state 'present' and new list of mount targets.
    -
    + / elements=dictionary + + +
    List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: This data may be modified for existing EFS using state 'present' and new list of mount targets.
    +
    ip_address
    string -
    -     		- -
    A valid IPv4 address within the address range of the specified subnet.
    -     		+ +
    A valid IPv4 address within the address range of the specified subnet.
    +
    +
    security_groups
    list - / elements=string
    -     		- -
    List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified
    -     		+ +
    List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified
    +
    +
    subnet_id
    - - / required
    -     		- -
    The ID of the subnet to add the mount target in.
    -
    + / required + + +
    The ID of the subnet to add the mount target in.
    +
    throughput_mode
    string -
    -     		-
      Choices: -
    • bursting
      • -
    • provisioned
      • -
    -     		-
    The throughput_mode for the file system to be created.
    -
    Requires botocore >= 1.10.57
    -     		+
      Choices: +
    • bursting
      • +
    • provisioned
      • +
    +     		+
    The throughput_mode for the file system to be created.
    +
    Requires botocore >= 1.10.57
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    0
    -     		-
    How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
    -
    + + + + Default:
    0
    + + +
    How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.
    + + +
    @@ -469,7 +488,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -480,7 +499,6 @@ Examples .. code-block:: yaml+jinja - - name: EFS provisioning community.aws.efs: state: present @@ -509,7 +527,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -522,228 +539,228 @@ Common return values are documented `here Returned Description - - + +
    creation_time
    string -
    - + + always -
    timestamp of creation date
    -
    -
    Sample:
    -
    2015-11-16 07:30:57-05:00
    - - - - +
    timestamp of creation date
    +
    +
    Sample:
    +
    2015-11-16 07:30:57-05:00
    + + + +
    creation_token
    string -
    - + + always -
    EFS creation token
    -
    -
    Sample:
    -
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    - - - - +
    EFS creation token
    +
    +
    Sample:
    +
    console-88609e04-9a0e-4a2e-912c-feaa99509961
    + + + +
    file_system_id
    string -
    - + + always -
    ID of the file system
    -
    -
    Sample:
    -
    fs-xxxxxxxx
    - - - - +
    ID of the file system
    +
    +
    Sample:
    +
    fs-xxxxxxxx
    + + + +
    filesystem_address
    string -
    - + + always -
    url of file system valid for use with mount
    -
    -
    Sample:
    -
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    - - - - +
    url of file system valid for use with mount
    +
    +
    Sample:
    +
    fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    + + + +
    life_cycle_state
    string -
    - + + always -
    state of the EFS file system
    -
    -
    Sample:
    -
    creating, available, deleting, deleted
    - - - - +
    state of the EFS file system
    +
    +
    Sample:
    +
    creating, available, deleting, deleted
    + + + +
    mount_point
    string -
    - + + always -
    url of file system with leading dot from the time when AWS EFS required to add a region suffix to the address
    -
    -
    Sample:
    -
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    - - - - +
    url of file system with leading dot from the time when AWS EFS required to add a region suffix to the address
    +
    +
    Sample:
    +
    .fs-xxxxxxxx.efs.us-west-2.amazonaws.com:/
    + + + +
    mount_targets
    list -
    - + + always -
    list of mount targets
    -
    -
    Sample:
    -
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    - - - - +
    list of mount targets
    +
    +
    Sample:
    +
    [{'file_system_id': 'fs-a7ad440e', 'ip_address': '172.31.17.173', 'life_cycle_state': 'available', 'mount_target_id': 'fsmt-d8907871', 'network_interface_id': 'eni-6e387e26', 'owner_id': '740748460359', 'security_groups': ['sg-a30b22c6'], 'subnet_id': 'subnet-e265c895'}, '...']
    + + + +
    name
    string -
    - + + always -
    name of the file system
    -
    -
    Sample:
    -
    my-efs
    - - - - +
    name of the file system
    +
    +
    Sample:
    +
    my-efs
    + + + +
    number_of_mount_targets
    integer -
    - + + always -
    the number of targets mounted
    -
    -
    Sample:
    -
    3
    - - - - +
    the number of targets mounted
    +
    +
    Sample:
    +
    3
    + + + +
    owner_id
    string -
    - + + always -
    AWS account ID of EFS owner
    -
    -
    Sample:
    -
    XXXXXXXXXXXX
    - - - - +
    AWS account ID of EFS owner
    +
    +
    Sample:
    +
    XXXXXXXXXXXX
    + + + +
    performance_mode
    string -
    - + + always -
    performance mode of the file system
    -
    -
    Sample:
    -
    generalPurpose
    - - - - +
    performance mode of the file system
    +
    +
    Sample:
    +
    generalPurpose
    + + + +
    size_in_bytes
    dictionary -
    - + + always -
    size of the file system in bytes as of a timestamp
    -
    -
    Sample:
    -
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    - - - - +
    size of the file system in bytes as of a timestamp
    +
    +
    Sample:
    +
    {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
    + + + +
    tags
    dictionary -
    - + + always -
    tags on the efs instance
    -
    -
    Sample:
    -
    {'name': 'my-efs', 'key': 'Value'}
    - +
    tags on the efs instance
    +
    +
    Sample:
    +
    {'name': 'my-efs', 'key': 'Value'}
    + - +

    @@ -756,5 +773,3 @@ Authors - Ryan Sydnor (@ryansydnor) - Artem Kazakov (@akazakov) - - diff --git a/docs/community.aws.elasticache_info_module.rst b/docs/community.aws.elasticache_info_module.rst index 1ccb64c9b55..e2a78da6b3f 100644 --- a/docs/community.aws.elasticache_info_module.rst +++ b/docs/community.aws.elasticache_info_module.rst @@ -36,176 +36,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string -
    -     		- -
    The name of an ElastiCache cluster.
    -     		+ +
    The name of an ElastiCache cluster.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -213,7 +232,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -224,7 +243,6 @@ Examples .. code-block:: yaml+jinja - - name: obtain all ElastiCache information community.aws.elasticache_info: @@ -234,7 +252,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -247,661 +264,661 @@ Common return values are documented `here Returned Description - - + +
    elasticache_clusters
    complex -
    - + + always -
    List of ElastiCache clusters
    -
    - +
    List of ElastiCache clusters
    +
    + - -   - + +   +
    auto_minor_version_upgrade
    boolean -
    - + + always -
    Whether to automatically upgrade to minor versions
    -
    -
    Sample:
    -
    True
    - +
    Whether to automatically upgrade to minor versions
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    cache_cluster_create_time
    string -
    - + + always -
    Date and time cluster was created
    -
    -
    Sample:
    -
    2017-09-15T05:43:46.038000+00:00
    - +
    Date and time cluster was created
    +
    +
    Sample:
    +
    2017-09-15T05:43:46.038000+00:00
    + - -   - + +   +
    cache_cluster_id
    string -
    - + + always -
    ID of the cache cluster
    -
    -
    Sample:
    -
    abcd-1234-001
    - +
    ID of the cache cluster
    +
    +
    Sample:
    +
    abcd-1234-001
    + - -   - + +   +
    cache_cluster_status
    string -
    - + + always -
    Status of ElastiCache cluster
    -
    -
    Sample:
    -
    available
    - +
    Status of ElastiCache cluster
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    cache_node_type
    string -
    - + + always -
    Instance type of ElastiCache nodes
    -
    -
    Sample:
    -
    cache.t2.micro
    - +
    Instance type of ElastiCache nodes
    +
    +
    Sample:
    +
    cache.t2.micro
    + - -   - + +   +
    cache_nodes
    complex -
    - + + always -
    List of ElastiCache nodes in the cluster
    -
    - +
    List of ElastiCache nodes in the cluster
    +
    + - -   -   - + +   +   +
    cache_node_create_time
    string -
    - + + always -
    Date and time node was created
    -
    -
    Sample:
    -
    2017-09-15T05:43:46.038000+00:00
    - +
    Date and time node was created
    +
    +
    Sample:
    +
    2017-09-15T05:43:46.038000+00:00
    + - -   -   - + +   +   +
    cache_node_id
    string -
    - + + always -
    ID of the cache node
    -
    -
    Sample:
    -
    0001
    - +
    ID of the cache node
    +
    +
    Sample:
    +
    0001
    + - -   -   - + +   +   +
    cache_node_status
    string -
    - + + always -
    Status of the cache node
    -
    -
    Sample:
    -
    available
    - +
    Status of the cache node
    +
    +
    Sample:
    +
    available
    + - -   -   - + +   +   +
    customer_availability_zone
    string -
    - + + always -
    Availability Zone in which the cache node was created
    -
    -
    Sample:
    -
    ap-southeast-2b
    - +
    Availability Zone in which the cache node was created
    +
    +
    Sample:
    +
    ap-southeast-2b
    + - -   -   - + +   +   +
    endpoint
    complex -
    - + + always -
    Connection details for the cache node
    -
    - +
    Connection details for the cache node
    +
    + - -   -   -   - + +   +   +   +
    address
    string -
    - + + always -
    URL of the cache node endpoint
    -
    -
    Sample:
    -
    abcd-1234-001.bgiz2p.0001.apse2.cache.amazonaws.com
    - +
    URL of the cache node endpoint
    +
    +
    Sample:
    +
    abcd-1234-001.bgiz2p.0001.apse2.cache.amazonaws.com
    + - -   -   -   - + +   +   +   +
    port
    integer -
    - + + always -
    Port of the cache node endpoint
    -
    -
    Sample:
    -
    6379
    - +
    Port of the cache node endpoint
    +
    +
    Sample:
    +
    6379
    + - - -   -   - + + +   +   +
    parameter_group_status
    string -
    - + + always -
    Status of the Cache Parameter Group
    -
    -
    Sample:
    -
    in-sync
    - +
    Status of the Cache Parameter Group
    +
    +
    Sample:
    +
    in-sync
    + - - -   - + + +   +
    cache_parameter_group
    complex -
    - + + always -
    Contents of the Cache Parameter Group
    -
    - +
    Contents of the Cache Parameter Group
    +
    + - -   -   - + +   +   +
    cache_node_ids_to_reboot
    list -
    - + + always -
    Cache nodes which need to be rebooted for parameter changes to be applied
    -
    - +
    Cache nodes which need to be rebooted for parameter changes to be applied
    +
    + - -   -   - + +   +   +
    cache_parameter_group_name
    string -
    - + + always -
    Name of the cache parameter group
    -
    -
    Sample:
    -
    default.redis3.2
    - +
    Name of the cache parameter group
    +
    +
    Sample:
    +
    default.redis3.2
    + - -   -   - + +   +   +
    parameter_apply_status
    string -
    - + + always -
    Status of parameter updates
    -
    -
    Sample:
    -
    in-sync
    - +
    Status of parameter updates
    +
    +
    Sample:
    +
    in-sync
    + - - -   - + + +   +
    cache_security_groups
    list -
    - + + always -
    Security Groups used by the cache
    -
    -
    Sample:
    -
    ['sg-abcd1234']
    - +
    Security Groups used by the cache
    +
    +
    Sample:
    +
    ['sg-abcd1234']
    + - -   - + +   +
    cache_subnet_group_name
    string -
    - + + always -
    ElastiCache Subnet Group used by the cache
    -
    -
    Sample:
    -
    abcd-subnet-group
    - +
    ElastiCache Subnet Group used by the cache
    +
    +
    Sample:
    +
    abcd-subnet-group
    + - -   - + +   +
    client_download_landing_page
    string -
    - + + always -
    URL of client download web page
    -
    -
    Sample:
    -
    https://console.aws.amazon.com/elasticache/home#client-download:
    - +
    URL of client download web page
    +
    +
    Sample:
    +
    https://console.aws.amazon.com/elasticache/home#client-download:
    + - -   - + +   +
    engine
    string -
    - + + always -
    Engine used by ElastiCache
    -
    -
    Sample:
    -
    redis
    - +
    Engine used by ElastiCache
    +
    +
    Sample:
    +
    redis
    + - -   - + +   +
    engine_version
    string -
    - + + always -
    Version of ElastiCache engine
    -
    -
    Sample:
    -
    3.2.4
    - +
    Version of ElastiCache engine
    +
    +
    Sample:
    +
    3.2.4
    + - -   - + +   +
    notification_configuration
    complex -
    - + + if notifications are enabled -
    Configuration of notifications
    -
    - +
    Configuration of notifications
    +
    + - -   -   - + +   +   +
    topic_arn
    string -
    - + + if notifications are enabled -
    ARN of notification destination topic
    -
    -
    Sample:
    -
    arn:aws:sns:*:123456789012:my_topic
    - +
    ARN of notification destination topic
    +
    +
    Sample:
    +
    arn:aws:sns:*:123456789012:my_topic
    + - -   -   - + +   +   +
    topic_name
    string -
    - + + if notifications are enabled -
    Name of notification destination topic
    -
    -
    Sample:
    -
    MyTopic
    - +
    Name of notification destination topic
    +
    +
    Sample:
    +
    MyTopic
    + - - -   - + + +   +
    num_cache_nodes
    integer -
    - + + always -
    Number of Cache Nodes
    -
    -
    Sample:
    -
    1
    - +
    Number of Cache Nodes
    +
    +
    Sample:
    +
    1
    + - -   - + +   +
    pending_modified_values
    complex -
    - + + always -
    Values that are pending modification
    -
    - +
    Values that are pending modification
    +
    + - -   - + +   +
    preferred_availability_zone
    string -
    - + + always -
    Preferred Availability Zone
    -
    -
    Sample:
    -
    ap-southeast-2b
    - +
    Preferred Availability Zone
    +
    +
    Sample:
    +
    ap-southeast-2b
    + - -   - + +   +
    preferred_maintenance_window
    string -
    - + + always -
    Time slot for preferred maintenance window
    -
    -
    Sample:
    -
    sat:12:00-sat:13:00
    - +
    Time slot for preferred maintenance window
    +
    +
    Sample:
    +
    sat:12:00-sat:13:00
    + - -   - + +   +
    replication_group_id
    string -
    - + + always -
    Replication Group Id
    -
    -
    Sample:
    -
    replication-001
    - +
    Replication Group Id
    +
    +
    Sample:
    +
    replication-001
    + - -   - + +   +
    security_groups
    complex -
    - + + always -
    List of Security Groups associated with ElastiCache
    -
    - +
    List of Security Groups associated with ElastiCache
    +
    + - -   -   - + +   +   +
    security_group_id
    string -
    - + + always -
    Security Group ID
    -
    -
    Sample:
    -
    sg-abcd1234
    - +
    Security Group ID
    +
    +
    Sample:
    +
    sg-abcd1234
    + - -   -   - + +   +   +
    status
    string -
    - + + always -
    Status of Security Group
    -
    -
    Sample:
    -
    active
    - +
    Status of Security Group
    +
    +
    Sample:
    +
    active
    + - - -   - + + +   +
    tags
    complex -
    - + + always -
    Tags applied to the ElastiCache cluster
    -
    -
    Sample:
    -
    {'Application': 'web', 'Environment': 'test'}
    - +
    Tags applied to the ElastiCache cluster
    +
    +
    Sample:
    +
    {'Application': 'web', 'Environment': 'test'}
    + - - + +

    @@ -913,5 +930,3 @@ Authors ~~~~~~~ - Will Thames (@willthames) - - diff --git a/docs/community.aws.elasticache_module.rst b/docs/community.aws.elasticache_module.rst index 264fd43bfef..8aa849199f3 100644 --- a/docs/community.aws.elasticache_module.rst +++ b/docs/community.aws.elasticache_module.rst @@ -37,392 +37,411 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cache_engine_version
    string -
    -     		- -
    The version number of the cache engine.
    -     		+ +
    The version number of the cache engine.
    +
    +
    cache_parameter_group
    string -
    -     		- -
    The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.
    -

    aliases: parameter_group
    -     		+ +
    The name of the cache parameter group to associate with this cache cluster. If this argument is omitted, the default cache parameter group for the specified engine will be used.
    +

    aliases: parameter_group
    +
    +
    cache_port
    integer -
    -     		- -
    The port number on which each of the cache nodes will accept connections.
    -     		+ +
    The port number on which each of the cache nodes will accept connections.
    +
    +
    cache_security_groups
    list - / elements=string
    -     		- -
    A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
    -     		+ +
    A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
    +
    +
    cache_subnet_group
    string -
    -     		- -
    The subnet group name to associate with. Only use if inside a vpc.
    -
    Required if inside a vpc
    -     		+ +
    The subnet group name to associate with. Only use if inside a vpc.
    +
    Required if inside a vpc
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    engine
    string -
    -     		- Default:
    "memcached"
    -     		-
    Name of the cache engine to be used.
    -
    Supported values are redis and memcached.
    -     		+ Default:
    "memcached"
    +     		+
    Name of the cache engine to be used.
    +
    Supported values are redis and memcached.
    +
    +
    hard_modify
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
    +
    +
    name
    string - / required
    -     		- -
    The cache cluster identifier.
    -     		+ +
    The cache cluster identifier.
    +
    +
    node_type
    string -
    -     		- Default:
    "cache.t2.small"
    -     		-
    The compute and memory capacity of the nodes in the cache cluster.
    -     		+ Default:
    "cache.t2.small"
    +     		+
    The compute and memory capacity of the nodes in the cache cluster.
    +
    +
    num_nodes
    integer -
    -     		- Default:
    1
    -     		-
    The initial number of cache nodes that the cache cluster will have.
    -
    Required when state=present.
    -     		+ Default:
    1
    +     		+
    The initial number of cache nodes that the cache cluster will have.
    +
    Required when state=present.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_group_ids
    list - / elements=string
    -     		- -
    A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
    -     		+ +
    A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • rebooted
      • -
    -     		-
    absent or present are idempotent actions that will create or destroy a cache cluster as needed.
    -
    rebooted will reboot the cluster, resulting in a momentary outage.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • rebooted
      • +
    +     		+
    absent or present are idempotent actions that will create or destroy a cache cluster as needed.
    +
    rebooted will reboot the cluster, resulting in a momentary outage.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for cache cluster result before returning.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for cache cluster result before returning.
    +
    +
    zone
    string -
    -     		- -
    The EC2 Availability Zone in which the cache cluster will be created.
    -     		+ +
    The EC2 Availability Zone in which the cache cluster will be created.
    +
    +
    @@ -430,7 +449,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -441,7 +460,6 @@ Examples .. code-block:: yaml+jinja - # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -472,8 +490,6 @@ Examples - - Status ------ @@ -482,5 +498,3 @@ Authors ~~~~~~~ - Jim Dalton (@jsdalton) - - diff --git a/docs/community.aws.elasticache_parameter_group_module.rst b/docs/community.aws.elasticache_parameter_group_module.rst index 87c32316aea..d0109d76579 100644 --- a/docs/community.aws.elasticache_parameter_group_module.rst +++ b/docs/community.aws.elasticache_parameter_group_module.rst @@ -38,250 +38,269 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A user-specified description for the cache parameter group.
    -     		+ +
    A user-specified description for the cache parameter group.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    group_family
    string -
    -     		-
      Choices: -
    • memcached1.4
      • -
    • memcached1.5
      • -
    • redis2.6
      • -
    • redis2.8
      • -
    • redis3.2
      • -
    • redis4.0
      • -
    • redis5.0
      • -
    -     		-
    The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
    -     		+
      Choices: +
    • memcached1.4
      • +
    • memcached1.5
      • +
    • redis2.6
      • +
    • redis2.8
      • +
    • redis3.2
      • +
    • redis4.0
      • +
    • redis5.0
      • +
    +     		+
    The name of the cache parameter group family that the cache parameter group can be used with. Required when creating a cache parameter group.
    +
    +
    name
    string - / required
    -     		- -
    A user-specified name for the cache parameter group.
    -     		+ +
    A user-specified name for the cache parameter group.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • reset
      • -
    -     		-
    Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • reset
      • +
    +     		+
    Idempotent actions that will create/modify, destroy, or reset a cache parameter group as needed.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    values
    dictionary -
    -     		- -
    A user-specified dictionary of parameters to reset or modify for the cache parameter group.
    -     		+ +
    A user-specified dictionary of parameters to reset or modify for the cache parameter group.
    +
    +
    @@ -289,7 +308,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -300,7 +319,6 @@ Examples .. code-block:: yaml+jinja - # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. --- @@ -331,7 +349,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -344,41 +361,41 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    if the cache parameter group has changed
    -
    -
    Sample:
    -
    {'changed': True}
    - +
    if the cache parameter group has changed
    +
    +
    Sample:
    +
    {'changed': True}
    + - - + +
    elasticache
    dictionary -
    - + + always -
    cache parameter group information and response metadata
    -
    -
    Sample:
    -
    {'cache_parameter_group': {'cache_parameter_group_family': 'redis3.2', 'cache_parameter_group_name': 'test-please-delete', 'description': 'initial description'}, 'response_metadata': {'http_headers': {'content-length': '562', 'content-type': 'text/xml', 'date': 'Mon, 06 Feb 2017 22:14:08 GMT', 'x-amzn-requestid': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1'}, 'http_status_code': 200, 'request_id': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1', 'retry_attempts': 0}}
    - +
    cache parameter group information and response metadata
    +
    +
    Sample:
    +
    {'cache_parameter_group': {'cache_parameter_group_family': 'redis3.2', 'cache_parameter_group_name': 'test-please-delete', 'description': 'initial description'}, 'response_metadata': {'http_headers': {'content-length': '562', 'content-type': 'text/xml', 'date': 'Mon, 06 Feb 2017 22:14:08 GMT', 'x-amzn-requestid': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1'}, 'http_status_code': 200, 'request_id': '947291f9-ecb9-11e6-85bd-3baa4eca2cc1', 'retry_attempts': 0}}
    + - +

    @@ -390,5 +407,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.elasticache_snapshot_module.rst b/docs/community.aws.elasticache_snapshot_module.rst index 93841ae3b73..b6134273b09 100644 --- a/docs/community.aws.elasticache_snapshot_module.rst +++ b/docs/community.aws.elasticache_snapshot_module.rst @@ -38,256 +38,275 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bucket
    string -
    -     		- -
    The s3 bucket to which the snapshot is exported.
    -     		+ +
    The s3 bucket to which the snapshot is exported.
    +
    +
    cluster_id
    string -
    -     		- -
    The name of an existing cache cluster in the replication group to make the snapshot.
    -     		+ +
    The name of an existing cache cluster in the replication group to make the snapshot.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name of the snapshot we want to create, copy, delete.
    -     		+ +
    The name of the snapshot we want to create, copy, delete.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    replication_id
    string -
    -     		- -
    The name of the existing replication group to make the snapshot.
    -     		+ +
    The name of the existing replication group to make the snapshot.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • copy
      • -
    -     		-
    Actions that will create, destroy, or copy a snapshot.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • copy
      • +
    +     		+
    Actions that will create, destroy, or copy a snapshot.
    +
    +
    target
    string -
    -     		- -
    The name of a snapshot copy.
    -     		+ +
    The name of a snapshot copy.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -295,7 +314,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -306,7 +325,6 @@ Examples .. code-block:: yaml+jinja - # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -319,7 +337,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -332,58 +349,58 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    if a snapshot has been created, deleted, or copied
    -
    -
    Sample:
    -
    {'changed': True}
    - +
    if a snapshot has been created, deleted, or copied
    +
    +
    Sample:
    +
    {'changed': True}
    + - - + +
    response_metadata
    dictionary -
    - + + always -
    response metadata about the snapshot
    -
    -
    Sample:
    -
    {'http_headers': {'content-length': 1490, 'content-type': 'text/xml', 'date': 'Tue, 07 Feb 2017 16:43:04 GMT', 'x-amzn-requestid': '7f436dea-ed54-11e6-a04c-ab2372a1f14d'}, 'http_status_code': 200, 'request_id': '7f436dea-ed54-11e6-a04c-ab2372a1f14d', 'retry_attempts': 0}
    - +
    response metadata about the snapshot
    +
    +
    Sample:
    +
    {'http_headers': {'content-length': 1490, 'content-type': 'text/xml', 'date': 'Tue, 07 Feb 2017 16:43:04 GMT', 'x-amzn-requestid': '7f436dea-ed54-11e6-a04c-ab2372a1f14d'}, 'http_status_code': 200, 'request_id': '7f436dea-ed54-11e6-a04c-ab2372a1f14d', 'retry_attempts': 0}
    + - - + +
    snapshot
    dictionary -
    - + + always -
    snapshot data
    -
    -
    Sample:
    -
    {'auto_minor_version_upgrade': True, 'cache_cluster_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_cluster_id': 'test-please-delete', 'cache_node_type': 'cache.m1.small', 'cache_parameter_group_name': 'default.redis3.2', 'cache_subnet_group_name': 'default', 'engine': 'redis', 'engine_version': '3.2.4', 'node_snapshots': {'cache_node_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_node_id': 1, 'cache_size': None}, 'num_cache_nodes': 1, 'port': 11211, 'preferred_availability_zone': 'us-east-1d', 'preferred_maintenance_window': 'wed:03:00-wed:04:00', 'snapshot_name': 'deletesnapshot', 'snapshot_retention_limit': 0, 'snapshot_source': 'manual', 'snapshot_status': 'creating', 'snapshot_window': '10:00-11:00', 'vpc_id': 'vpc-c248fda4'}
    - +
    snapshot data
    +
    +
    Sample:
    +
    {'auto_minor_version_upgrade': True, 'cache_cluster_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_cluster_id': 'test-please-delete', 'cache_node_type': 'cache.m1.small', 'cache_parameter_group_name': 'default.redis3.2', 'cache_subnet_group_name': 'default', 'engine': 'redis', 'engine_version': '3.2.4', 'node_snapshots': {'cache_node_create_time': '2017-02-01T17:43:58.261000+00:00', 'cache_node_id': 1, 'cache_size': None}, 'num_cache_nodes': 1, 'port': 11211, 'preferred_availability_zone': 'us-east-1d', 'preferred_maintenance_window': 'wed:03:00-wed:04:00', 'snapshot_name': 'deletesnapshot', 'snapshot_retention_limit': 0, 'snapshot_source': 'manual', 'snapshot_status': 'creating', 'snapshot_window': '10:00-11:00', 'vpc_id': 'vpc-c248fda4'}
    + - +

    @@ -395,5 +412,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.elasticache_subnet_group_module.rst b/docs/community.aws.elasticache_subnet_group_module.rst index 9a788bdcaea..9fd7b01d723 100644 --- a/docs/community.aws.elasticache_subnet_group_module.rst +++ b/docs/community.aws.elasticache_subnet_group_module.rst @@ -35,225 +35,244 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    ElastiCache subnet group description. Only set when a new group is added.
    -     		+ +
    ElastiCache subnet group description. Only set when a new group is added.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Database subnet group identifier.
    -     		+ +
    Database subnet group identifier.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the subnet should be present or absent.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the subnet should be present or absent.
    +
    +
    subnets
    list - / elements=string
    -     		- -
    List of subnet IDs that make up the ElastiCache subnet group.
    -     		+ +
    List of subnet IDs that make up the ElastiCache subnet group.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -261,7 +280,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -272,7 +291,6 @@ Examples .. code-block:: yaml+jinja - - name: Add or change a subnet group community.aws.elasticache_subnet_group: state: present @@ -290,7 +308,6 @@ Examples - Status ------ @@ -299,5 +316,3 @@ Authors ~~~~~~~ - Tim Mahoney (@timmahoney) - - diff --git a/docs/community.aws.elb_application_lb_info_module.rst b/docs/community.aws.elb_application_lb_info_module.rst index 1efd5604f84..c08d485cf83 100644 --- a/docs/community.aws.elb_application_lb_info_module.rst +++ b/docs/community.aws.elb_application_lb_info_module.rst @@ -37,191 +37,210 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    load_balancer_arns
    list -
    -     		- -
    The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
    -     		+ +
    The Amazon Resource Names (ARN) of the load balancers. You can specify up to 20 load balancers in a single call.
    +
    +
    names
    list -
    -     		- -
    The names of the load balancers.
    -     		+ +
    The names of the load balancers.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -229,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -240,7 +259,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all target groups @@ -262,12 +280,11 @@ Examples names: "alb-name" region: "aws-region" register: alb_info - - debug: + - ansible.builtin.debug: var: alb_info - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -280,347 +297,347 @@ Common return values are documented `here Returned Description - - + +
    load_balancers
    complex -
    - + + always -
    a list of load balancers
    -
    - +
    a list of load balancers
    +
    + - -   - + +   +
    access_logs_s3_bucket
    string -
    - + + when status is present -
    The name of the S3 bucket for the access logs.
    -
    -
    Sample:
    -
    mys3bucket
    - +
    The name of the S3 bucket for the access logs.
    +
    +
    Sample:
    +
    mys3bucket
    + - -   - + +   +
    access_logs_s3_enabled
    string -
    - + + when status is present -
    Indicates whether access logs stored in Amazon S3 are enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether access logs stored in Amazon S3 are enabled.
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    access_logs_s3_prefix
    string -
    - + + when status is present -
    The prefix for the location in the S3 bucket.
    -
    -
    Sample:
    -
    /my/logs
    - +
    The prefix for the location in the S3 bucket.
    +
    +
    Sample:
    +
    /my/logs
    + - -   - + +   +
    availability_zones
    list -
    - + + when status is present -
    The Availability Zones for the load balancer.
    -
    -
    Sample:
    -
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    - +
    The Availability Zones for the load balancer.
    +
    +
    Sample:
    +
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    + - -   - + +   +
    canonical_hosted_zone_id
    string -
    - + + when status is present -
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    -
    -
    Sample:
    -
    ABCDEF12345678
    - +
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    +
    +
    Sample:
    +
    ABCDEF12345678
    + - -   - + +   +
    created_time
    string -
    - + + when status is present -
    The date and time the load balancer was created.
    -
    -
    Sample:
    -
    2015-02-12T02:14:02+00:00
    - +
    The date and time the load balancer was created.
    +
    +
    Sample:
    +
    2015-02-12T02:14:02+00:00
    + - -   - + +   +
    deletion_protection_enabled
    string -
    - + + when status is present -
    Indicates whether deletion protection is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether deletion protection is enabled.
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    dns_name
    string -
    - + + when status is present -
    The public DNS name of the load balancer.
    -
    -
    Sample:
    -
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    - +
    The public DNS name of the load balancer.
    +
    +
    Sample:
    +
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    + - -   - + +   +
    idle_timeout_timeout_seconds
    string -
    - + + when status is present -
    The idle timeout value, in seconds.
    -
    -
    Sample:
    -
    60
    - +
    The idle timeout value, in seconds.
    +
    +
    Sample:
    +
    60
    + - -   - + +   +
    ip_address_type
    string -
    - + + when status is present -
    The type of IP addresses used by the subnets for the load balancer.
    -
    -
    Sample:
    -
    ipv4
    - +
    The type of IP addresses used by the subnets for the load balancer.
    +
    +
    Sample:
    +
    ipv4
    + - -   - + +   +
    load_balancer_arn
    string -
    - + + when status is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    - +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    + - -   - + +   +
    load_balancer_name
    string -
    - + + when status is present -
    The name of the load balancer.
    -
    -
    Sample:
    -
    my-elb
    - +
    The name of the load balancer.
    +
    +
    Sample:
    +
    my-elb
    + - -   - + +   +
    scheme
    string -
    - + + when status is present -
    Internet-facing or internal load balancer.
    -
    -
    Sample:
    -
    internal
    - +
    Internet-facing or internal load balancer.
    +
    +
    Sample:
    +
    internal
    + - -   - + +   +
    security_groups
    list -
    - + + when status is present -
    The IDs of the security groups for the load balancer.
    -
    -
    Sample:
    -
    ['sg-0011223344']
    - +
    The IDs of the security groups for the load balancer.
    +
    +
    Sample:
    +
    ['sg-0011223344']
    + - -   - + +   +
    state
    dictionary -
    - + + when status is present -
    The state of the load balancer.
    -
    -
    Sample:
    -
    {'code': 'active'}
    - +
    The state of the load balancer.
    +
    +
    Sample:
    +
    {'code': 'active'}
    + - -   - + +   +
    tags
    dictionary -
    - + + when status is present -
    The tags attached to the load balancer.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    - +
    The tags attached to the load balancer.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    + - -   - + +   +
    type
    string -
    - + + when status is present -
    The type of load balancer.
    -
    -
    Sample:
    -
    application
    - +
    The type of load balancer.
    +
    +
    Sample:
    +
    application
    + - -   - + +   +
    vpc_id
    string -
    - + + when status is present -
    The ID of the VPC for the load balancer.
    -
    -
    Sample:
    -
    vpc-0011223344
    - +
    The ID of the VPC for the load balancer.
    +
    +
    Sample:
    +
    vpc-0011223344
    + - - + +

    @@ -632,5 +649,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.elb_application_lb_module.rst b/docs/community.aws.elb_application_lb_module.rst index b0bca5d3711..8f42d1241dd 100644 --- a/docs/community.aws.elb_application_lb_module.rst +++ b/docs/community.aws.elb_application_lb_module.rst @@ -36,680 +36,699 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - + / required + + + - - - + + - - + / required + + + - - - + + - - - - - - - + + + + + + + - - + + + + - - - - + + + - - + + + + - - - - + + + - - - - - - - + + + + + + + - - - - - - + + + + + + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    access_logs_enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to enable access logs.
    -
    When set, access_logs_s3_bucket must also be set.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to enable access logs.
    +
    When set, access_logs_s3_bucket must also be set.
    +
    +
    access_logs_s3_bucket
    string -
    -     		- -
    The name of the S3 bucket for the access logs.
    -
    The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
    -
    Required if access logs in Amazon S3 are enabled.
    -
    When set, access_logs_enabled must also be set.
    -
    + + + +
    The name of the S3 bucket for the access logs.
    +
    The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permission to write to the bucket.
    +
    Required if access logs in Amazon S3 are enabled.
    +
    When set, access_logs_enabled must also be set.
    +
    access_logs_s3_prefix
    string -
    -     		- -
    The prefix for the log location in the S3 bucket.
    -
    If you don't specify a prefix, the access logs are stored in the root of the bucket.
    -
    Cannot begin or end with a slash.
    -     		+ +
    The prefix for the log location in the S3 bucket.
    +
    If you don't specify a prefix, the access logs are stored in the root of the bucket.
    +
    Cannot begin or end with a slash.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    deletion_protection
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether deletion protection for the ELB is enabled.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether deletion protection for the ELB is enabled.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    http2
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether to enable HTTP2 routing.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether to enable HTTP2 routing.
    +
    +
    idle_timeout
    integer -
    -     		- -
    The number of seconds to wait before an idle connection is closed.
    -     		+ +
    The number of seconds to wait before an idle connection is closed.
    +
    +
    listeners
    list -
    -     		- -
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    -
    + / elements=dictionary + + +
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    +
    Certificates
    list -
    -     		- -
    The SSL server certificate.
    -
    + / elements=dictionary + + +
    The SSL server certificate.
    +
    CertificateArn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the certificate.
    -
    + + + +
    The Amazon Resource Name (ARN) of the certificate.
    +
    DefaultActions
    list - / required
    -     		- -
    The default actions for the listener.
    -
    + / elements=dictionary / required + + +
    The default actions for the listener.
    +
    TargetGroupArn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the target group.
    -     		+ +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    Type
    string -
    -     		- -
    The type of action.
    -
    + + + +
    The type of action.
    +
    Port
    integer - / required
    -     		- -
    The port on which the load balancer is listening.
    -     		+ +
    The port on which the load balancer is listening.
    +
    +
    Protocol
    string - / required
    -     		- -
    The protocol for connections from clients to the load balancer.
    -     		+ +
    The protocol for connections from clients to the load balancer.
    +
    +
    Rules
    list -
    -     		- -
    A list of ALB Listener Rules.
    -
    For the complete documentation of possible Conditions and Actions please see the boto3 documentation:
    -
    https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_rule
    -
    + / elements=dictionary + + +
    A list of ALB Listener Rules.
    +
    For the complete documentation of possible Conditions and Actions please see the boto3 documentation:
    +
    https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/elbv2.html#ElasticLoadBalancingv2.Client.create_rule
    +
    Actions
    list -
    -     		- -
    Actions to apply if all of the rule's conditions are met.
    -     		+ +
    Actions to apply if all of the rule's conditions are met.
    +
    +
    Conditions
    list -
    -     		- -
    Conditions which must be met for the actions to be applied.
    -     		+ +
    Conditions which must be met for the actions to be applied.
    +
    +
    Priority
    integer -
    -     		- -
    The rule priority.
    -
    + + + +
    The rule priority.
    +
    SslPolicy
    string -
    -     		- -
    The security policy that defines which ciphers and protocols are supported.
    -
    + + + +
    The security policy that defines which ciphers and protocols are supported.
    +
    name
    string - / required
    -     		- -
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    -     		+ +
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_listeners
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
    +
    +
    purge_rules
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    scheme
    string -
    -     		-
      Choices: -
    • internet-facing ←
      • -
    • internal
      • -
    -     		-
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    -     		+
      Choices: +
    • internet-facing ←
      • +
    • internal
      • +
    +     		+
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    +
    +
    security_groups
    list -
    -     		- Default:
    []
    -     		-
    A list of the names or IDs of the security groups to assign to the load balancer.
    -
    Required if state=present.
    -     		+ Default:
    []
    +     		+
    A list of the names or IDs of the security groups to assign to the load balancer.
    +
    Required if state=present.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or destroy the load balancer.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or destroy the load balancer.
    +
    +
    subnets
    list -
    -     		- -
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    -
    Required if state=present.
    -     		+ +
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    +
    Required if state=present.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of one or more tags to assign to the load balancer.
    -     		+ +
    A dictionary of one or more tags to assign to the load balancer.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait for the load balancer to have a state of 'active' before completing. A status check is performed every 15 seconds until a successful state is reached. An error is returned after 40 failed checks.
    +
    +
    wait_timeout
    integer -
    -     		- -
    The time in seconds to use in conjunction with wait.
    -
    + + + + + +
    The time in seconds to use in conjunction with wait.
    + + +
    @@ -719,7 +738,7 @@ Notes .. note:: - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -730,7 +749,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Create an ELB and attach a listener @@ -848,8 +866,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -862,515 +878,515 @@ Common return values are documented `here Returned Description - - + +
    access_logs_s3_bucket
    string -
    - + + when state is present -
    The name of the S3 bucket for the access logs.
    -
    -
    Sample:
    -
    mys3bucket
    - - - - +
    The name of the S3 bucket for the access logs.
    +
    +
    Sample:
    +
    mys3bucket
    + + + +
    access_logs_s3_enabled
    string -
    - + + when state is present -
    Indicates whether access logs stored in Amazon S3 are enabled.
    -
    -
    Sample:
    -
    True
    - - - - +
    Indicates whether access logs stored in Amazon S3 are enabled.
    +
    +
    Sample:
    +
    True
    + + + +
    access_logs_s3_prefix
    string -
    - + + when state is present -
    The prefix for the location in the S3 bucket.
    -
    -
    Sample:
    -
    my/logs
    - - - - +
    The prefix for the location in the S3 bucket.
    +
    +
    Sample:
    +
    my/logs
    + + + +
    availability_zones
    list -
    - + + when state is present -
    The Availability Zones for the load balancer.
    -
    -
    Sample:
    -
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    - - - - +
    The Availability Zones for the load balancer.
    +
    +
    Sample:
    +
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a'}]
    + + + +
    canonical_hosted_zone_id
    string -
    - + + when state is present -
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    -
    -
    Sample:
    -
    ABCDEF12345678
    - - - - +
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    +
    +
    Sample:
    +
    ABCDEF12345678
    + + + +
    created_time
    string -
    - + + when state is present -
    The date and time the load balancer was created.
    -
    -
    Sample:
    -
    2015-02-12T02:14:02+00:00
    - - - - +
    The date and time the load balancer was created.
    +
    +
    Sample:
    +
    2015-02-12T02:14:02+00:00
    + + + +
    deletion_protection_enabled
    string -
    - + + when state is present -
    Indicates whether deletion protection is enabled.
    -
    -
    Sample:
    -
    True
    - - - - +
    Indicates whether deletion protection is enabled.
    +
    +
    Sample:
    +
    True
    + + + +
    dns_name
    string -
    - + + when state is present -
    The public DNS name of the load balancer.
    -
    -
    Sample:
    -
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    - - - - +
    The public DNS name of the load balancer.
    +
    +
    Sample:
    +
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    + + + +
    idle_timeout_timeout_seconds
    integer -
    - + + when state is present -
    The idle timeout value, in seconds.
    -
    -
    Sample:
    -
    60
    - - - - +
    The idle timeout value, in seconds.
    +
    +
    Sample:
    +
    60
    + + + +
    ip_address_type
    string -
    - + + when state is present -
    The type of IP addresses used by the subnets for the load balancer.
    -
    -
    Sample:
    -
    ipv4
    - - - - +
    The type of IP addresses used by the subnets for the load balancer.
    +
    +
    Sample:
    +
    ipv4
    + + + +
    listeners
    complex -
    - + + when state is present -
    Information about the listeners.
    -
    - +
    Information about the listeners.
    +
    + - -   - + +   +
    certificates
    complex -
    - + + when state is present -
    The SSL server certificate.
    -
    - +
    The SSL server certificate.
    +
    + - -   -   - + +   +   +
    certificate_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the certificate.
    -
    - +
    The Amazon Resource Name (ARN) of the certificate.
    +
    + - - -   - + + +   +
    default_actions
    string -
    - + + when state is present -
    The default actions for the listener.
    -
    - +
    The default actions for the listener.
    +
    + - -   -   - + +   +   +
    target_group_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the target group.
    -
    - - - -   -   - +
    The Amazon Resource Name (ARN) of the target group.
    +
    + + + +   +   +
    type
    string -
    - + + when state is present -
    The type of action.
    -
    - +
    The type of action.
    +
    + - - -   - + + +   +
    listener_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the listener.
    -
    - +
    The Amazon Resource Name (ARN) of the listener.
    +
    + - -   - + +   +
    load_balancer_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    - +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    + - -   - + +   +
    port
    integer -
    - + + when state is present -
    The port on which the load balancer is listening.
    -
    -
    Sample:
    -
    80
    - - - -   - +
    The port on which the load balancer is listening.
    +
    +
    Sample:
    +
    80
    + + + +   +
    protocol
    string -
    - + + when state is present -
    The protocol for connections from clients to the load balancer.
    -
    -
    Sample:
    -
    HTTPS
    - - - -   - +
    The protocol for connections from clients to the load balancer.
    +
    +
    Sample:
    +
    HTTPS
    + + + +   +
    ssl_policy
    string -
    - + + when state is present -
    The security policy that defines which ciphers and protocols are supported.
    -
    - +
    The security policy that defines which ciphers and protocols are supported.
    +
    + - - - + + +
    load_balancer_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    - - - - +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    + + + +
    load_balancer_name
    string -
    - + + when state is present -
    The name of the load balancer.
    -
    -
    Sample:
    -
    my-elb
    - - - - +
    The name of the load balancer.
    +
    +
    Sample:
    +
    my-elb
    + + + +
    routing_http2_enabled
    string -
    - + + when state is present -
    Indicates whether HTTP/2 is enabled.
    -
    -
    Sample:
    -
    True
    - - - - +
    Indicates whether HTTP/2 is enabled.
    +
    +
    Sample:
    +
    True
    + + + +
    scheme
    string -
    - + + when state is present -
    Internet-facing or internal load balancer.
    -
    -
    Sample:
    -
    internal
    - - - - +
    Internet-facing or internal load balancer.
    +
    +
    Sample:
    +
    internal
    + + + +
    security_groups
    list -
    - + + when state is present -
    The IDs of the security groups for the load balancer.
    -
    -
    Sample:
    -
    ['sg-0011223344']
    - - - - +
    The IDs of the security groups for the load balancer.
    +
    +
    Sample:
    +
    ['sg-0011223344']
    + + + +
    state
    dictionary -
    - + + when state is present -
    The state of the load balancer.
    -
    -
    Sample:
    -
    {'code': 'active'}
    - - - - +
    The state of the load balancer.
    +
    +
    Sample:
    +
    {'code': 'active'}
    + + + +
    tags
    dictionary -
    - + + when state is present -
    The tags attached to the load balancer.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    - - - - +
    The tags attached to the load balancer.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    + + + +
    type
    string -
    - + + when state is present -
    The type of load balancer.
    -
    -
    Sample:
    -
    application
    - - - - +
    The type of load balancer.
    +
    +
    Sample:
    +
    application
    + + + +
    vpc_id
    string -
    - + + when state is present -
    The ID of the VPC for the load balancer.
    -
    -
    Sample:
    -
    vpc-0011223344
    - +
    The ID of the VPC for the load balancer.
    +
    +
    Sample:
    +
    vpc-0011223344
    + - +

    @@ -1382,5 +1398,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.elb_classic_lb_info_module.rst b/docs/community.aws.elb_classic_lb_info_module.rst index 8985f283859..3a564897d1f 100644 --- a/docs/community.aws.elb_classic_lb_info_module.rst +++ b/docs/community.aws.elb_classic_lb_info_module.rst @@ -38,176 +38,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    names
    list -
    -     		- -
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    -     		+ +
    List of ELB names to gather information about. Pass this option to gather information about a set of ELBs, otherwise, all ELBs are returned.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -215,7 +234,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -226,7 +245,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Output format tries to match amazon.aws.ec2_elb_lb module input parameters @@ -234,7 +252,7 @@ Examples - community.aws.elb_classic_lb_info: register: elb_info - - debug: + - ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" @@ -243,7 +261,7 @@ Examples names: frontend-prod-elb register: elb_info - - debug: + - ansible.builtin.debug: msg: "{{ elb_info.elbs.0.dns_name }}" # Gather information about a set of ELBs @@ -253,14 +271,12 @@ Examples - backend-prod-elb register: elb_info - - debug: + - ansible.builtin.debug: msg: "{{ item.dns_name }}" loop: "{{ elb_info.elbs }}" - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -273,24 +289,24 @@ Common return values are documented `here Returned Description - - + +
    elbs
    list -
    - + + always -
    a list of load balancers
    -
    -
    Sample:
    -
    {'elbs': [{'attributes': {'access_log': {'enabled': False}, 'connection_draining': {'enabled': True, 'timeout': 300}, 'connection_settings': {'idle_timeout': 60}, 'cross_zone_load_balancing': {'enabled': True}}, 'availability_zones': ['us-east-1a', 'us-east-1b', 'us-east-1c', 'us-east-1d', 'us-east-1e'], 'backend_server_description': [], 'canonical_hosted_zone_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'canonical_hosted_zone_name_id': 'XXXXXXXXXXXXXX', 'created_time': '2017-08-23T18:25:03.280000+00:00', 'dns_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'health_check': {'healthy_threshold': 10, 'interval': 30, 'target': 'HTTP:80/index.html', 'timeout': 5, 'unhealthy_threshold': 2}, 'instances': [], 'instances_inservice': [], 'instances_inservice_count': 0, 'instances_outofservice': [], 'instances_outofservice_count': 0, 'instances_unknownservice': [], 'instances_unknownservice_count': 0, 'listener_descriptions': [{'listener': {'instance_port': 80, 'instance_protocol': 'HTTP', 'load_balancer_port': 80, 'protocol': 'HTTP'}, 'policy_names': []}], 'load_balancer_name': 'test-lb', 'policies': {'app_cookie_stickiness_policies': [], 'lb_cookie_stickiness_policies': [], 'other_policies': []}, 'scheme': 'internet-facing', 'security_groups': ['sg-29d13055'], 'source_security_group': {'group_name': 'default', 'owner_alias': 'XXXXXXXXXXXX'}, 'subnets': ['subnet-XXXXXXXX', 'subnet-XXXXXXXX'], 'tags': {}, 'vpc_id': 'vpc-c248fda4'}]}
    - +
    a list of load balancers
    +
    +
    Sample:
    +
    {'elbs': [{'attributes': {'access_log': {'enabled': False}, 'connection_draining': {'enabled': True, 'timeout': 300}, 'connection_settings': {'idle_timeout': 60}, 'cross_zone_load_balancing': {'enabled': True}}, 'availability_zones': ['us-east-1a', 'us-east-1b', 'us-east-1c', 'us-east-1d', 'us-east-1e'], 'backend_server_description': [], 'canonical_hosted_zone_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'canonical_hosted_zone_name_id': 'XXXXXXXXXXXXXX', 'created_time': '2017-08-23T18:25:03.280000+00:00', 'dns_name': 'test-lb-XXXXXXXXXXXX.us-east-1.elb.amazonaws.com', 'health_check': {'healthy_threshold': 10, 'interval': 30, 'target': 'HTTP:80/index.html', 'timeout': 5, 'unhealthy_threshold': 2}, 'instances': [], 'instances_inservice': [], 'instances_inservice_count': 0, 'instances_outofservice': [], 'instances_outofservice_count': 0, 'instances_unknownservice': [], 'instances_unknownservice_count': 0, 'listener_descriptions': [{'listener': {'instance_port': 80, 'instance_protocol': 'HTTP', 'load_balancer_port': 80, 'protocol': 'HTTP'}, 'policy_names': []}], 'load_balancer_name': 'test-lb', 'policies': {'app_cookie_stickiness_policies': [], 'lb_cookie_stickiness_policies': [], 'other_policies': []}, 'scheme': 'internet-facing', 'security_groups': ['sg-29d13055'], 'source_security_group': {'group_name': 'default', 'owner_alias': 'XXXXXXXXXXXX'}, 'subnets': ['subnet-XXXXXXXX', 'subnet-XXXXXXXX'], 'tags': {}, 'vpc_id': 'vpc-c248fda4'}]}
    + - +

    @@ -303,5 +319,3 @@ Authors - Michael Schultz (@mjschultz) - Fernando Jose Pando (@nand0p) - - diff --git a/docs/community.aws.elb_classic_lb_module.rst b/docs/community.aws.elb_classic_lb_module.rst index 5ff27670508..198d6383a71 100644 --- a/docs/community.aws.elb_classic_lb_module.rst +++ b/docs/community.aws.elb_classic_lb_module.rst @@ -36,524 +36,543 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / elements=dictionary + + + - - + - - + / required + + + - - + - - + + + + - - + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - + / elements=string + + + - - + - - + / elements=string + + + - - + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    access_logs
    dictionary -
    -     		- -
    An associative array of access logs configuration settings (see example)
    -     		+ +
    An associative array of access logs configuration settings (see example)
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    connection_draining_timeout
    integer -
    -     		- -
    Wait a specified timeout allowing connections to drain before terminating an instance
    -     		+ +
    Wait a specified timeout allowing connections to drain before terminating an instance
    +
    +
    cross_az_load_balancing
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Distribute load across all configured Availability Zones
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Distribute load across all configured Availability Zones
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    health_check
    dictionary -
    -     		- -
    An associative array of health check configuration settings (see example)
    -     		+ +
    An associative array of health check configuration settings (see example)
    +
    +
    idle_timeout
    integer -
    -     		- -
    ELB connections from clients and to servers are timed out after this amount of time
    -     		+ +
    ELB connections from clients and to servers are timed out after this amount of time
    +
    +
    instance_ids
    list -
    -     		- -
    List of instance ids to attach to this ELB
    -     		+ +
    List of instance ids to attach to this ELB
    +
    +
    listeners
    list -
    -     		- -
    List of ports/protocols for this ELB to listen on (see example)
    -     		+ +
    List of ports/protocols for this ELB to listen on (see example)
    +
    +
    name
    string - / required
    -     		- -
    The name of the ELB
    -     		+ +
    The name of the ELB
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_instance_ids
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing instance ids on ELB that are not found in instance_ids
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing instance ids on ELB that are not found in instance_ids
    +
    purge_listeners
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Purge existing listeners on ELB that are not found in listeners
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Purge existing listeners on ELB that are not found in listeners
    +
    purge_subnets
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing subnet on ELB that are not found in subnets
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing subnet on ELB that are not found in subnets
    +
    purge_zones
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Purge existing availability zones on ELB that are not found in zones
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Purge existing availability zones on ELB that are not found in zones
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    scheme
    string -
    -     		-
      Choices: -
    • internal
      • -
    • internet-facing ←
      • -
    -     		-
    The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
    -
    + + +
      Choices: +
    • internal
      • +
    • internet-facing ←
      • +
    +     		+
    The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
    +
    security_group_ids
    list -
    -     		- -
    A list of security groups to apply to the elb
    -     		+ +
    A list of security groups to apply to the elb
    +
    +
    security_group_names
    list -
    -     		- -
    A list of security group names to apply to the elb
    -     		+ +
    A list of security group names to apply to the elb
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or destroy the ELB
    -
    + / required + +
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or destroy the ELB
    +
    stickiness
    dictionary -
    -     		- -
    An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
    -     		+ +
    An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
    +
    +
    subnets
    list -
    -     		- -
    A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
    -     		+ +
    A list of VPC subnets to use when creating ELB. Zones should be empty if using this.
    +
    +
    tags
    dictionary -
    -     		- -
    An associative array of tags. To delete all tags, supply an empty dict.
    -     		+ +
    An associative array of tags. To delete all tags, supply an empty dict.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS.
    +
    wait_timeout
    integer -
    -     		- Default:
    60
    -     		-
    Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
    -
    + + + Default:
    60
    +     		+
    Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
    +
    zones
    list -
    -     		- -
    List of availability zones to enable on this ELB
    -
    + / elements=string + + + + +
    List of availability zones to enable on this ELB
    + + +
    @@ -561,7 +580,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -572,7 +591,6 @@ Examples .. code-block:: yaml+jinja - # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. @@ -796,7 +814,6 @@ Examples - Status ------ @@ -805,5 +822,3 @@ Authors ~~~~~~~ - Jim Dalton (@jsdalton) - - diff --git a/docs/community.aws.elb_instance_module.rst b/docs/community.aws.elb_instance_module.rst index d0f1a853ba6..69e6c3436b2 100644 --- a/docs/community.aws.elb_instance_module.rst +++ b/docs/community.aws.elb_instance_module.rst @@ -37,264 +37,283 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_elbs
    list -
    -     		- -
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    -     		+ +
    List of ELB names, required for registration. The ec2_elbs fact should be used if there was a previous de-register.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    enable_availability_zone
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to enable the availability zone of the instance on the target ELB if the availability zone has not already been enabled. If set to no, the task will fail if the availability zone is not enabled on the ELB.
    +
    +
    instance_id
    string - / required
    -     		- -
    EC2 Instance ID
    -     		+ +
    EC2 Instance ID
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    register or deregister the instance
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    register or deregister the instance
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for instance registration or deregistration to complete successfully before returning.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for instance registration or deregistration to complete successfully before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    0
    -     		-
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    -     		+ Default:
    0
    +     		+
    Number of seconds to wait for an instance to change state. If 0 then this module may return an error if a transient error occurs. If non-zero then any transient errors are ignored until the timeout is reached. Ignored when wait=no.
    +
    +
    @@ -302,7 +321,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -313,7 +332,6 @@ Examples .. code-block:: yaml+jinja - # basic pre_task and post_task example pre_tasks: - name: Instance De-register @@ -335,7 +353,6 @@ Examples - Status ------ @@ -344,5 +361,3 @@ Authors ~~~~~~~ - John Jarvis (@jarv) - - diff --git a/docs/community.aws.elb_network_lb_module.rst b/docs/community.aws.elb_network_lb_module.rst index 34b94598c2c..7c93c2fdff0 100644 --- a/docs/community.aws.elb_network_lb_module.rst +++ b/docs/community.aws.elb_network_lb_module.rst @@ -36,524 +36,543 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - - + + - - + / elements=dictionary + + + - - - - + + + - - + + + + - - - - + + - - + / elements=dictionary / required + + + - - - - + + + - - + + + + - - - - + + + - - + + + + - - - - + + - - + / required + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cross_zone_load_balancing
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether cross-zone load balancing is enabled.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether cross-zone load balancing is enabled.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    deletion_protection
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates whether deletion protection for the ELB is enabled.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates whether deletion protection for the ELB is enabled.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    listeners
    list - / elements=dictionary
    -     		- -
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    -     		+ +
    A list of dicts containing listeners to attach to the ELB. See examples for detail of the dict required. Note that listener keys are CamelCased.
    +
    +
    Certificates
    list - / elements=dictionary
    -     		- -
    The SSL server certificate.
    -     		+ +
    The SSL server certificate.
    +
    +
    CertificateArn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the certificate.
    -     		+ +
    The Amazon Resource Name (ARN) of the certificate.
    +
    + +
    DefaultActions
    list - / elements=dictionary / required
    -     		- -
    The default actions for the listener.
    -     		+ +
    The default actions for the listener.
    +
    +
    TargetGroupArn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the target group.
    -     		+ +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    Type
    string -
    -     		- -
    The type of action.
    -     		+ +
    The type of action.
    +
    + +
    Port
    integer - / required
    -     		- -
    The port on which the load balancer is listening.
    -     		+ +
    The port on which the load balancer is listening.
    +
    +
    Protocol
    string - / required
    -     		- -
    The protocol for connections from clients to the load balancer.
    -     		+ +
    The protocol for connections from clients to the load balancer.
    +
    +
    SslPolicy
    string -
    -     		- -
    The security policy that defines which ciphers and protocols are supported.
    -     		+ +
    The security policy that defines which ciphers and protocols are supported.
    +
    + +
    name
    string - / required
    -     		- -
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    -     		+ +
    The name of the load balancer. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_listeners
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If purge_listeners=true, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
    -
    If the listeners parameter is not set then listeners will not be modified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If purge_listeners=true, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
    +
    If the listeners parameter is not set then listeners will not be modified.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If purge_tags=true, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
    -
    If the tags parameter is not set then tags will not be modified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If purge_tags=true, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
    +
    If the tags parameter is not set then tags will not be modified.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    scheme
    string -
    -     		-
      Choices: -
    • internet-facing ←
      • -
    • internal
      • -
    -     		-
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    -     		+
      Choices: +
    • internet-facing ←
      • +
    • internal
      • +
    +     		+
    Internet-facing or internal load balancer. An ELB scheme can not be modified after creation.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or destroy the load balancer.
    -
    The current default is absent. However, this behavior is inconsistent with other modules and as such the default will change to present in 2.14. To maintain the existing behavior explicitly set state=absent.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or destroy the load balancer.
    +
    The current default is absent. However, this behavior is inconsistent with other modules and as such the default will change to present in 2.14. To maintain the existing behavior explicitly set state=absent.
    +
    +
    subnet_mappings
    list - / elements=dictionary
    -     		- -
    A list of dicts containing the IDs of the subnets to attach to the load balancer. You can also specify the allocation ID of an Elastic IP to attach to the load balancer. You can specify one Elastic IP address per subnet.
    -
    This parameter is mutually exclusive with subnets.
    -     		+ +
    A list of dicts containing the IDs of the subnets to attach to the load balancer. You can also specify the allocation ID of an Elastic IP to attach to the load balancer. You can specify one Elastic IP address per subnet.
    +
    This parameter is mutually exclusive with subnets.
    +
    +
    subnets
    list -
    -     		- -
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    -
    Required when state=present.
    -
    This parameter is mutually exclusive with subnet_mappings.
    -     		+ +
    A list of the IDs of the subnets to attach to the load balancer. You can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability Zones.
    +
    Required when state=present.
    +
    This parameter is mutually exclusive with subnet_mappings.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of one or more tags to assign to the load balancer.
    -     		+ +
    A dictionary of one or more tags to assign to the load balancer.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the network load balancer to reach the desired state.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the network load balancer to reach the desired state.
    +
    +
    wait_timeout
    integer -
    -     		- -
    The duration in seconds to wait, used in conjunction with wait.
    -     		+ +
    The duration in seconds to wait, used in conjunction with wait.
    +
    +
    @@ -563,7 +582,7 @@ Notes .. note:: - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -574,7 +593,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create an ELB and attach a listener @@ -612,8 +630,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -626,447 +642,447 @@ Common return values are documented `here Returned Description - - + +
    availability_zones
    list -
    - + + when state is present -
    The Availability Zones for the load balancer.
    -
    -
    Sample:
    -
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a', 'load_balancer_addresses': []}]
    - +
    The Availability Zones for the load balancer.
    +
    +
    Sample:
    +
    [{'subnet_id': 'subnet-aabbccddff', 'zone_name': 'ap-southeast-2a', 'load_balancer_addresses': []}]
    + - - + +
    canonical_hosted_zone_id
    string -
    - + + when state is present -
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    -
    -
    Sample:
    -
    ABCDEF12345678
    - +
    The ID of the Amazon Route 53 hosted zone associated with the load balancer.
    +
    +
    Sample:
    +
    ABCDEF12345678
    + - - + +
    created_time
    string -
    - + + when state is present -
    The date and time the load balancer was created.
    -
    -
    Sample:
    -
    2015-02-12T02:14:02+00:00
    - +
    The date and time the load balancer was created.
    +
    +
    Sample:
    +
    2015-02-12T02:14:02+00:00
    + - - + +
    deletion_protection_enabled
    string -
    - + + when state is present -
    Indicates whether deletion protection is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether deletion protection is enabled.
    +
    +
    Sample:
    +
    True
    + - - + +
    dns_name
    string -
    - + + when state is present -
    The public DNS name of the load balancer.
    -
    -
    Sample:
    -
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    - +
    The public DNS name of the load balancer.
    +
    +
    Sample:
    +
    internal-my-elb-123456789.ap-southeast-2.elb.amazonaws.com
    + - - + +
    idle_timeout_timeout_seconds
    string -
    - + + when state is present -
    The idle timeout value, in seconds.
    -
    -
    Sample:
    -
    60
    - +
    The idle timeout value, in seconds.
    +
    +
    Sample:
    +
    60
    + - - + +
    ip_address_type
    string -
    - + + when state is present -
    The type of IP addresses used by the subnets for the load balancer.
    -
    -
    Sample:
    -
    ipv4
    - +
    The type of IP addresses used by the subnets for the load balancer.
    +
    +
    Sample:
    +
    ipv4
    + - - + +
    listeners
    complex -
    - + + when state is present -
    Information about the listeners.
    -
    - +
    Information about the listeners.
    +
    + - -   - + +   +
    certificates
    complex -
    - + + when state is present -
    The SSL server certificate.
    -
    - +
    The SSL server certificate.
    +
    + - -   -   - + +   +   +
    certificate_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the certificate.
    -
    - +
    The Amazon Resource Name (ARN) of the certificate.
    +
    + - - -   - + + +   +
    default_actions
    string -
    - + + when state is present -
    The default actions for the listener.
    -
    - +
    The default actions for the listener.
    +
    + - -   -   - + +   +   +
    target_group_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the target group.
    -
    - +
    The Amazon Resource Name (ARN) of the target group.
    +
    + - -   -   - + +   +   +
    type
    string -
    - + + when state is present -
    The type of action.
    -
    - +
    The type of action.
    +
    + - - -   - + + +   +
    listener_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the listener.
    -
    - +
    The Amazon Resource Name (ARN) of the listener.
    +
    + - -   - + +   +
    load_balancer_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    - +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    + - -   - + +   +
    port
    integer -
    - + + when state is present -
    The port on which the load balancer is listening.
    -
    -
    Sample:
    -
    80
    - +
    The port on which the load balancer is listening.
    +
    +
    Sample:
    +
    80
    + - -   - + +   +
    protocol
    string -
    - + + when state is present -
    The protocol for connections from clients to the load balancer.
    -
    -
    Sample:
    -
    HTTPS
    - +
    The protocol for connections from clients to the load balancer.
    +
    +
    Sample:
    +
    HTTPS
    + - -   - + +   +
    ssl_policy
    string -
    - + + when state is present -
    The security policy that defines which ciphers and protocols are supported.
    -
    - +
    The security policy that defines which ciphers and protocols are supported.
    +
    + - - - + + +
    load_balancer_arn
    string -
    - + + when state is present -
    The Amazon Resource Name (ARN) of the load balancer.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    - +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:0123456789:loadbalancer/app/my-elb/001122334455
    + - - + +
    load_balancer_name
    string -
    - + + when state is present -
    The name of the load balancer.
    -
    -
    Sample:
    -
    my-elb
    - +
    The name of the load balancer.
    +
    +
    Sample:
    +
    my-elb
    + - - + +
    load_balancing_cross_zone_enabled
    string -
    - + + when state is present -
    Indicates whether cross-zone load balancing is enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether cross-zone load balancing is enabled.
    +
    +
    Sample:
    +
    True
    + - - + +
    scheme
    string -
    - + + when state is present -
    Internet-facing or internal load balancer.
    -
    -
    Sample:
    -
    internal
    - +
    Internet-facing or internal load balancer.
    +
    +
    Sample:
    +
    internal
    + - - + +
    state
    dictionary -
    - + + when state is present -
    The state of the load balancer.
    -
    -
    Sample:
    -
    {'code': 'active'}
    - +
    The state of the load balancer.
    +
    +
    Sample:
    +
    {'code': 'active'}
    + - - + +
    tags
    dictionary -
    - + + when state is present -
    The tags attached to the load balancer.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    - +
    The tags attached to the load balancer.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    + - - + +
    type
    string -
    - + + when state is present -
    The type of load balancer.
    -
    -
    Sample:
    -
    network
    - +
    The type of load balancer.
    +
    +
    Sample:
    +
    network
    + - - + +
    vpc_id
    string -
    - + + when state is present -
    The ID of the VPC for the load balancer.
    -
    -
    Sample:
    -
    vpc-0011223344
    - +
    The ID of the VPC for the load balancer.
    +
    +
    Sample:
    +
    vpc-0011223344
    + - +

    @@ -1078,5 +1094,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.elb_target_group_info_module.rst b/docs/community.aws.elb_target_group_info_module.rst index 3a05c418629..c7525a5fd49 100644 --- a/docs/community.aws.elb_target_group_info_module.rst +++ b/docs/community.aws.elb_target_group_info_module.rst @@ -37,225 +37,244 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    collect_targets_health
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When set to "yes", output contains targets health description
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When set to "yes", output contains targets health description
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    load_balancer_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the load balancer.
    -     		+ +
    The Amazon Resource Name (ARN) of the load balancer.
    +
    +
    names
    list -
    -     		- -
    The names of the target groups.
    -     		+ +
    The names of the target groups.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    target_group_arns
    list -
    -     		- -
    The Amazon Resource Names (ARN) of the target groups.
    -     		+ +
    The Amazon Resource Names (ARN) of the target groups.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -263,7 +282,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -274,7 +293,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all target groups @@ -292,8 +310,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -306,495 +322,495 @@ Common return values are documented `here Returned Description - - + +
    target_groups
    complex -
    - + + always -
    a list of target groups
    -
    - +
    a list of target groups
    +
    + - -   - + +   +
    deregistration_delay_timeout_seconds
    integer -
    - + + always -
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    -
    -
    Sample:
    -
    300
    - - - -   - +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    +
    +
    Sample:
    +
    300
    + + + +   +
    health_check_interval_seconds
    integer -
    - + + always -
    The approximate amount of time, in seconds, between health checks of an individual target.
    -
    -
    Sample:
    -
    30
    - - - -   - +
    The approximate amount of time, in seconds, between health checks of an individual target.
    +
    +
    Sample:
    +
    30
    + + + +   +
    health_check_path
    string -
    - + + always -
    The destination for the health check request.
    -
    -
    Sample:
    -
    /index.html
    - - - -   - +
    The destination for the health check request.
    +
    +
    Sample:
    +
    /index.html
    + + + +   +
    health_check_port
    string -
    - + + always -
    The port to use to connect with the target.
    -
    -
    Sample:
    -
    traffic-port
    - - - -   - +
    The port to use to connect with the target.
    +
    +
    Sample:
    +
    traffic-port
    + + + +   +
    health_check_protocol
    string -
    - + + always -
    The protocol to use to connect with the target.
    -
    -
    Sample:
    -
    HTTP
    - - - -   - +
    The protocol to use to connect with the target.
    +
    +
    Sample:
    +
    HTTP
    + + + +   +
    health_check_timeout_seconds
    integer -
    - + + always -
    The amount of time, in seconds, during which no response means a failed health check.
    -
    -
    Sample:
    -
    5
    - - - -   - +
    The amount of time, in seconds, during which no response means a failed health check.
    +
    +
    Sample:
    +
    5
    + + + +   +
    healthy_threshold_count
    integer -
    - + + always -
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    -
    -
    Sample:
    -
    5
    - - - -   - +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    +
    +
    Sample:
    +
    5
    + + + +   +
    load_balancer_arns
    list -
    - + + always -
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    -
    - +
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    +
    + - -   - + +   +
    matcher
    dictionary -
    - + + always -
    The HTTP codes to use when checking for a successful response from a target.
    -
    -
    Sample:
    -
    {'http_code': '200'}
    - - - -   - +
    The HTTP codes to use when checking for a successful response from a target.
    +
    +
    Sample:
    +
    {'http_code': '200'}
    + + + +   +
    port
    integer -
    - + + always -
    The port on which the targets are listening.
    -
    -
    Sample:
    -
    80
    - - - -   - +
    The port on which the targets are listening.
    +
    +
    Sample:
    +
    80
    + + + +   +
    protocol
    string -
    - + + always -
    The protocol to use for routing traffic to the targets.
    -
    -
    Sample:
    -
    HTTP
    - - - -   - +
    The protocol to use for routing traffic to the targets.
    +
    +
    Sample:
    +
    HTTP
    + + + +   +
    stickiness_enabled
    boolean -
    - + + always -
    Indicates whether sticky sessions are enabled.
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Indicates whether sticky sessions are enabled.
    +
    +
    Sample:
    +
    True
    + + + +   +
    stickiness_lb_cookie_duration_seconds
    integer -
    - + + always -
    Indicates whether sticky sessions are enabled.
    -
    -
    Sample:
    -
    86400
    - - - -   - +
    Indicates whether sticky sessions are enabled.
    +
    +
    Sample:
    +
    86400
    + + + +   +
    stickiness_type
    string -
    - + + always -
    The type of sticky sessions.
    -
    -
    Sample:
    -
    lb_cookie
    - - - -   - +
    The type of sticky sessions.
    +
    +
    Sample:
    +
    lb_cookie
    + + + +   +
    tags
    dictionary -
    - + + always -
    The tags attached to the target group.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    - - - -   - +
    The tags attached to the target group.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    + + + +   +
    target_group_arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    - - - -   - +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    + + + +   +
    target_group_name
    string -
    - + + always -
    The name of the target group.
    -
    -
    Sample:
    -
    mytargetgroup
    - - - -   - +
    The name of the target group.
    +
    +
    Sample:
    +
    mytargetgroup
    + + + +   +
    targets_health_description
    complex -
    - + + when collect_targets_health is enabled -
    Targets health description.
    -
    - +
    Targets health description.
    +
    + - -   -   - + +   +   +
    health_check_port
    string -
    - + + always -
    The port to check target health.
    -
    -
    Sample:
    -
    80
    - - - -   -   - +
    The port to check target health.
    +
    +
    Sample:
    +
    80
    + + + +   +   +
    target
    complex -
    - + + always -
    The target metadata.
    -
    - +
    The target metadata.
    +
    + - -   -   -   - + +   +   +   +
    id
    string -
    - + + always -
    The ID of the target.
    -
    -
    Sample:
    -
    i-0123456789
    - - - -   -   -   - +
    The ID of the target.
    +
    +
    Sample:
    +
    i-0123456789
    + + + +   +   +   +
    port
    integer -
    - + + always -
    The port to use to connect with the target.
    -
    -
    Sample:
    -
    80
    - - - - -   -   - +
    The port to use to connect with the target.
    +
    +
    Sample:
    +
    80
    + + + + +   +   +
    target_health
    complex -
    - + + always -
    The target health status.
    -
    - +
    The target health status.
    +
    + - -   -   -   - + +   +   +   +
    state
    string -
    - + + always -
    The state of the target health.
    -
    -
    Sample:
    -
    healthy
    - - - - - -   - +
    The state of the target health.
    +
    +
    Sample:
    +
    healthy
    + + + + + +   +
    unhealthy_threshold_count
    integer -
    - + + always -
    The number of consecutive health check failures required before considering the target unhealthy.
    -
    -
    Sample:
    -
    2
    - - - -   - +
    The number of consecutive health check failures required before considering the target unhealthy.
    +
    +
    Sample:
    +
    2
    + + + +   +
    vpc_id
    string -
    - + + always -
    The ID of the VPC for the targets.
    -
    -
    Sample:
    -
    vpc-0123456
    - +
    The ID of the VPC for the targets.
    +
    +
    Sample:
    +
    vpc-0123456
    + - - + +

    @@ -806,5 +822,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.elb_target_group_module.rst b/docs/community.aws.elb_target_group_module.rst index 49fac29647d..13f0826806f 100644 --- a/docs/community.aws.elb_target_group_module.rst +++ b/docs/community.aws.elb_target_group_module.rst @@ -36,581 +36,600 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    deregistration_delay_timeout
    integer -
    -     		- -
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
    -     		+ +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    health_check_interval
    integer -
    -     		- -
    The approximate amount of time, in seconds, between health checks of an individual target.
    -     		+ +
    The approximate amount of time, in seconds, between health checks of an individual target.
    +
    +
    health_check_path
    string -
    -     		- -
    The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
    -
    Requires the health_check_protocol parameter to be set.
    -     		+ +
    The ping path that is the destination on the targets for health checks. The path must be defined in order to set a health check.
    +
    Requires the health_check_protocol parameter to be set.
    +
    +
    health_check_port
    string -
    -     		- -
    The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
    -
    When not defined will default to the port on which each target receives traffic from the load balancer.
    -     		+ +
    The port the load balancer uses when performing health checks on targets. Can be set to 'traffic-port' to match target port.
    +
    When not defined will default to the port on which each target receives traffic from the load balancer.
    +
    +
    health_check_protocol
    string -
    -     		-
      Choices: -
    • http
      • -
    • https
      • -
    • tcp
      • -
    • tls
      • -
    • udp
      • -
    • tcp_udp
      • -
    • HTTP
      • -
    • HTTPS
      • -
    • TCP
      • -
    • TLS
      • -
    • UDP
      • -
    • TCP_UDP
      • -
    -     		-
    The protocol the load balancer uses when performing health checks on targets.
    -     		+
      Choices: +
    • http
      • +
    • https
      • +
    • tcp
      • +
    • tls
      • +
    • udp
      • +
    • tcp_udp
      • +
    • HTTP
      • +
    • HTTPS
      • +
    • TCP
      • +
    • TLS
      • +
    • UDP
      • +
    • TCP_UDP
      • +
    +     		+
    The protocol the load balancer uses when performing health checks on targets.
    +
    +
    health_check_timeout
    integer -
    -     		- -
    The amount of time, in seconds, during which no response from a target means a failed health check.
    -     		+ +
    The amount of time, in seconds, during which no response from a target means a failed health check.
    +
    +
    healthy_threshold_count
    integer -
    -     		- -
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    -     		+ +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    +
    +
    modify_targets
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to alter existing targets in the group to match what is passed with the module
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to alter existing targets in the group to match what is passed with the module
    +
    +
    name
    string - / required
    -     		- -
    The name of the target group.
    -     		+ +
    The name of the target group.
    +
    +
    port
    integer -
    -     		- -
    The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if state is present.
    -     		+ +
    The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. Required if state is present.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    protocol
    string -
    -     		-
      Choices: -
    • http
      • -
    • https
      • -
    • tcp
      • -
    • tls
      • -
    • udp
      • -
    • tcp_udp
      • -
    • HTTP
      • -
    • HTTPS
      • -
    • TCP
      • -
    • TLS
      • -
    • UDP
      • -
    • TCP_UDP
      • -
    -     		-
    The protocol to use for routing traffic to the targets. Required when state is present.
    -     		+
      Choices: +
    • http
      • +
    • https
      • +
    • tcp
      • +
    • tls
      • +
    • udp
      • +
    • tcp_udp
      • +
    • HTTP
      • +
    • HTTPS
      • +
    • TCP
      • +
    • TLS
      • +
    • UDP
      • +
    • TCP_UDP
      • +
    +     		+
    The protocol to use for routing traffic to the targets. Required when state is present.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tag parameter is not set then tags will not be modified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tag parameter is not set then tags will not be modified.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or destroy the target group.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or destroy the target group.
    +
    +
    stickiness_enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Indicates whether sticky sessions are enabled.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Indicates whether sticky sessions are enabled.
    +
    +
    stickiness_lb_cookie_duration
    integer -
    -     		- -
    The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
    -     		+ +
    The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds).
    +
    +
    stickiness_type
    string -
    -     		- -
    The type of sticky sessions.
    -
    If not set AWS will default to lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
    -     		+ +
    The type of sticky sessions.
    +
    If not set AWS will default to lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
    +
    +
    successful_response_codes
    string -
    -     		- -
    The HTTP codes to use when checking for a successful response from a target.
    -
    Accepts multiple values (for example, "200,202") or a range of values (for example, "200-299").
    -
    Requires the health_check_protocol parameter to be set.
    -     		+ +
    The HTTP codes to use when checking for a successful response from a target.
    +
    Accepts multiple values (for example, "200,202") or a range of values (for example, "200-299").
    +
    Requires the health_check_protocol parameter to be set.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of one or more tags to assign to the target group.
    -     		+ +
    A dictionary of one or more tags to assign to the target group.
    +
    +
    target_type
    string -
    -     		-
      Choices: -
    • instance
      • -
    • ip
      • -
    • lambda
      • -
    -     		-
    The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID), ip (targets are specified by IP address) or lambda (target is specified by ARN). Note that you can't specify targets for a target group using more than one type. Target type lambda only accept one target. When more than one target is specified, only the first one is used. All additional targets are ignored. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
    -
    The default behavior is instance.
    -     		+
      Choices: +
    • instance
      • +
    • ip
      • +
    • lambda
      • +
    +     		+
    The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID), ip (targets are specified by IP address) or lambda (target is specified by ARN). Note that you can't specify targets for a target group using more than one type. Target type lambda only accept one target. When more than one target is specified, only the first one is used. All additional targets are ignored. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.
    +
    The default behavior is instance.
    +
    +
    targets
    list -
    -     		- -
    A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
    -     		+ +
    A list of targets to assign to the target group. This parameter defaults to an empty list. Unless you set the 'modify_targets' parameter then all existing targets will be removed from the group. The list should be an Id and a Port parameter. See the Examples for detail.
    +
    +
    unhealthy_threshold_count
    integer -
    -     		- -
    The number of consecutive health check failures required before considering a target unhealthy.
    -     		+ +
    The number of consecutive health check failures required before considering a target unhealthy.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string -
    -     		- -
    The identifier of the virtual private cloud (VPC). Required when state is present.
    -     		+ +
    The identifier of the virtual private cloud (VPC). Required when state is present.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for the target group.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for the target group.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    200
    -     		-
    The time to wait for the target group.
    -     		+ Default:
    200
    +     		+
    The time to wait for the target group.
    +
    +
    @@ -619,7 +638,7 @@ Notes .. note:: - Once a target group has been created, only its health check can then be modified using subsequent calls - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -630,7 +649,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a target group with a default health check @@ -733,8 +751,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -747,328 +763,328 @@ Common return values are documented `here Returned Description - - + +
    deregistration_delay_timeout_seconds
    integer -
    - + + when state present -
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    -
    -
    Sample:
    -
    300
    - +
    The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused.
    +
    +
    Sample:
    +
    300
    + - - + +
    health_check_interval_seconds
    integer -
    - + + when state present -
    The approximate amount of time, in seconds, between health checks of an individual target.
    -
    -
    Sample:
    -
    30
    - +
    The approximate amount of time, in seconds, between health checks of an individual target.
    +
    +
    Sample:
    +
    30
    + - - + +
    health_check_path
    string -
    - + + when state present -
    The destination for the health check request.
    -
    -
    Sample:
    -
    /index.html
    - +
    The destination for the health check request.
    +
    +
    Sample:
    +
    /index.html
    + - - + +
    health_check_port
    string -
    - + + when state present -
    The port to use to connect with the target.
    -
    -
    Sample:
    -
    traffic-port
    - +
    The port to use to connect with the target.
    +
    +
    Sample:
    +
    traffic-port
    + - - + +
    health_check_protocol
    string -
    - + + when state present -
    The protocol to use to connect with the target.
    -
    -
    Sample:
    -
    HTTP
    - +
    The protocol to use to connect with the target.
    +
    +
    Sample:
    +
    HTTP
    + - - + +
    health_check_timeout_seconds
    integer -
    - + + when state present -
    The amount of time, in seconds, during which no response means a failed health check.
    -
    -
    Sample:
    -
    5
    - +
    The amount of time, in seconds, during which no response means a failed health check.
    +
    +
    Sample:
    +
    5
    + - - + +
    healthy_threshold_count
    integer -
    - + + when state present -
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    -
    -
    Sample:
    -
    5
    - +
    The number of consecutive health checks successes required before considering an unhealthy target healthy.
    +
    +
    Sample:
    +
    5
    + - - + +
    load_balancer_arns
    list -
    - + + when state present -
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    -
    - +
    The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group.
    +
    + - - + +
    matcher
    dictionary -
    - + + when state present -
    The HTTP codes to use when checking for a successful response from a target.
    -
    -
    Sample:
    -
    {'http_code': '200'}
    - +
    The HTTP codes to use when checking for a successful response from a target.
    +
    +
    Sample:
    +
    {'http_code': '200'}
    + - - + +
    port
    integer -
    - + + when state present -
    The port on which the targets are listening.
    -
    -
    Sample:
    -
    80
    - +
    The port on which the targets are listening.
    +
    +
    Sample:
    +
    80
    + - - + +
    protocol
    string -
    - + + when state present -
    The protocol to use for routing traffic to the targets.
    -
    -
    Sample:
    -
    HTTP
    - +
    The protocol to use for routing traffic to the targets.
    +
    +
    Sample:
    +
    HTTP
    + - - + +
    stickiness_enabled
    boolean -
    - + + when state present -
    Indicates whether sticky sessions are enabled.
    -
    -
    Sample:
    -
    True
    - +
    Indicates whether sticky sessions are enabled.
    +
    +
    Sample:
    +
    True
    + - - + +
    stickiness_lb_cookie_duration_seconds
    integer -
    - + + when state present -
    The time period, in seconds, during which requests from a client should be routed to the same target.
    -
    -
    Sample:
    -
    86400
    - +
    The time period, in seconds, during which requests from a client should be routed to the same target.
    +
    +
    Sample:
    +
    86400
    + - - + +
    stickiness_type
    string -
    - + + when state present -
    The type of sticky sessions.
    -
    -
    Sample:
    -
    lb_cookie
    - +
    The type of sticky sessions.
    +
    +
    Sample:
    +
    lb_cookie
    + - - + +
    tags
    dictionary -
    - + + when state present -
    The tags attached to the target group.
    -
    -
    Sample:
    -
    { 'Tag': 'Example' }
    - +
    The tags attached to the target group.
    +
    +
    Sample:
    +
    { 'Tag': 'Example' }
    + - - + +
    target_group_arn
    string -
    - + + when state present -
    The Amazon Resource Name (ARN) of the target group.
    -
    -
    Sample:
    -
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    - +
    The Amazon Resource Name (ARN) of the target group.
    +
    +
    Sample:
    +
    arn:aws:elasticloadbalancing:ap-southeast-2:01234567890:targetgroup/mytargetgroup/aabbccddee0044332211
    + - - + +
    target_group_name
    string -
    - + + when state present -
    The name of the target group.
    -
    -
    Sample:
    -
    mytargetgroup
    - +
    The name of the target group.
    +
    +
    Sample:
    +
    mytargetgroup
    + - - + +
    unhealthy_threshold_count
    integer -
    - + + when state present -
    The number of consecutive health check failures required before considering the target unhealthy.
    -
    -
    Sample:
    -
    2
    - +
    The number of consecutive health check failures required before considering the target unhealthy.
    +
    +
    Sample:
    +
    2
    + - - + +
    vpc_id
    string -
    - + + when state present -
    The ID of the VPC for the targets.
    -
    -
    Sample:
    -
    vpc-0123456
    - +
    The ID of the VPC for the targets.
    +
    +
    Sample:
    +
    vpc-0123456
    + - +

    @@ -1080,5 +1096,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.elb_target_info_module.rst b/docs/community.aws.elb_target_info_module.rst index c2cf10de75a..e96e19a5ad1 100644 --- a/docs/community.aws.elb_target_info_module.rst +++ b/docs/community.aws.elb_target_info_module.rst @@ -38,195 +38,214 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    get_unused_target_groups
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether or not to get target groups not used by any load balancers.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether or not to get target groups not used by any load balancers.
    +
    +
    instance_id
    string - / required
    -     		- -
    What instance ID to get information for.
    -     		+ +
    What instance ID to get information for.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -234,7 +253,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -245,7 +264,6 @@ Examples .. code-block:: yaml+jinja - # practical use case - dynamically de-registering and re-registering nodes - name: Get EC2 Metadata @@ -259,7 +277,7 @@ Examples register: target_info - name: save fact for later - set_fact: + ansible.builtin.set_fact: original_tgs: "{{ target_info.instance_target_groups }}" - name: Deregister instance from all target groups @@ -327,7 +345,7 @@ Examples # instance - useful in case the playbook fails mid-run and manual # rollback is required - name: "reregistration commands: ELBv2s" - debug: + ansible.builtin.debug: msg: > aws --region {{ansible_ec2_placement_region}} elbv2 register-targets --target-group-arn {{item.target_group_arn}} @@ -340,8 +358,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -354,212 +370,212 @@ Common return values are documented `here Returned Description - - + +
    instance_target_groups
    complex -
    - + + always -
    a list of target groups to which the instance is registered to
    -
    - +
    a list of target groups to which the instance is registered to
    +
    + - -   - + +   +
    target_group_arn
    string -
    - + + always -
    The ARN of the target group
    -
    -
    Sample:
    -
    ['arn:aws:elasticloadbalancing:eu-west-1:111111111111:targetgroup/target-group/deadbeefdeadbeef']
    - +
    The ARN of the target group
    +
    +
    Sample:
    +
    ['arn:aws:elasticloadbalancing:eu-west-1:111111111111:targetgroup/target-group/deadbeefdeadbeef']
    + - -   - + +   +
    target_group_type
    string -
    - + + always -
    Which target type is used for this group
    -
    -
    Sample:
    -
    ['ip', 'instance']
    - +
    Which target type is used for this group
    +
    +
    Sample:
    +
    ['ip', 'instance']
    + - -   - + +   +
    targets
    complex -
    - + + always -
    A list of targets that point to this instance ID
    -
    - +
    A list of targets that point to this instance ID
    +
    + - -   -   - + +   +   +
    target_az
    string -
    - + + when an AZ is associated with this instance -
    which availability zone is explicitly associated with this target
    -
    -
    Sample:
    -
    ['us-west-2a']
    - +
    which availability zone is explicitly associated with this target
    +
    +
    Sample:
    +
    ['us-west-2a']
    + - -   -   - + +   +   +
    target_health
    complex -
    - + + always -
    The target health description.
    - -
    - +
    The target health description.
    + +
    + - -   -   -   - + +   +   +   +
    description
    string -
    - + + if state!=present -
    description of target health
    -
    -
    Sample:
    -
    ['Target desregistration is in progress']
    - +
    description of target health
    +
    +
    Sample:
    +
    ['Target desregistration is in progress']
    + - -   -   -   - + +   +   +   +
    reason
    string -
    - + + if state!=healthy -
    reason code for target health
    -
    -
    Sample:
    -
    ['Target.Deregistration in progress']
    - +
    reason code for target health
    +
    +
    Sample:
    +
    ['Target.Deregistration in progress']
    + - -   -   -   - + +   +   +   +
    state
    string -
    - + + always -
    health state
    -
    -
    Sample:
    -
    ['healthy', 'draining', 'initial', 'unhealthy', 'unused', 'unavailable']
    - +
    health state
    +
    +
    Sample:
    +
    ['healthy', 'draining', 'initial', 'unhealthy', 'unused', 'unavailable']
    + - - -   -   - + + +   +   +
    target_id
    string -
    - + + always -
    the target ID referring to this instance
    -
    -
    Sample:
    -
    ['i-deadbeef', '1.2.3.4']
    - +
    the target ID referring to this instance
    +
    +
    Sample:
    +
    ['i-deadbeef', '1.2.3.4']
    + - -   -   - + +   +   +
    target_port
    string -
    - + + always -
    which port this target is listening on
    -
    -
    Sample:
    -
    [80]
    - +
    which port this target is listening on
    +
    +
    Sample:
    +
    [80]
    + - - - + + +

    @@ -571,5 +587,3 @@ Authors ~~~~~~~ - Yaakov Kuperman (@yaakov-github) - - diff --git a/docs/community.aws.elb_target_module.rst b/docs/community.aws.elb_target_module.rst index 3eb8c10c08b..11c9d8bfa21 100644 --- a/docs/community.aws.elb_target_module.rst +++ b/docs/community.aws.elb_target_module.rst @@ -35,314 +35,333 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    deregister_unused
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Register or deregister the target.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Register or deregister the target.
    +
    +
    target_az
    string -
    -     		- -
    An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
    -     		+ +
    An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
    +
    +
    target_group_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
    -     		+ +
    The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
    +
    +
    target_group_name
    string -
    -     		- -
    The name of the target group. Mutually exclusive of target_group_arn.
    -     		+ +
    The name of the target group. Mutually exclusive of target_group_arn.
    +
    +
    target_id
    string - / required
    -     		- -
    The ID of the target.
    -     		+ +
    The ID of the target.
    +
    +
    target_port
    integer -
    -     		- -
    The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
    -
    The default port for a target is the port for the target group.
    -     		+ +
    The port on which the target is listening. You can specify a port override. If a target is already registered, you can register it again using a different port.
    +
    The default port for a target is the port for the target group.
    +
    +
    target_status
    string -
    -     		-
      Choices: -
    • initial
      • -
    • healthy
      • -
    • unhealthy
      • -
    • unused
      • -
    • draining
      • -
    • unavailable
      • -
    -     		-
    Blocks and waits for the target status to equal given value. For more detail on target status see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states
    -     		+
      Choices: +
    • initial
      • +
    • healthy
      • +
    • unhealthy
      • +
    • unused
      • +
    • draining
      • +
    • unavailable
      • +
    +     		+
    Blocks and waits for the target status to equal given value. For more detail on target status see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#target-health-states
    +
    +
    target_status_timeout
    integer -
    -     		- Default:
    60
    -     		-
    Maximum time in seconds to wait for target_status change
    -     		+ Default:
    60
    +     		+
    Maximum time in seconds to wait for target_status change
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -351,7 +370,7 @@ Notes .. note:: - If you specified a port override when you registered a target, you must specify both the target ID and the port when you deregister it. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -362,7 +381,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Register an IP address target to a target group @@ -394,8 +412,6 @@ Examples - - Status ------ @@ -404,5 +420,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.execute_lambda_module.rst b/docs/community.aws.execute_lambda_module.rst index acd00876d59..c1b395144de 100644 --- a/docs/community.aws.execute_lambda_module.rst +++ b/docs/community.aws.execute_lambda_module.rst @@ -36,279 +36,298 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    dry_run
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Do not *actually* invoke the function. A DryRun call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Do not *actually* invoke the function. A DryRun call will check that the caller has permissions to call the function, especially for checking cross-account permissions.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    function_arn
    string -
    -     		- -
    The name of the function to be invoked
    -     		+ +
    The name of the function to be invoked
    +
    +
    name
    string -
    -     		- -
    The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use function_arn to specify the full ARN.
    -     		+ +
    The name of the function to be invoked. This can only be used for invocations within the calling account. To invoke a function in another account, use function_arn to specify the full ARN.
    +
    +
    payload
    dictionary -
    -     		- Default:
    {}
    -     		-
    A dictionary in any form to be provided as input to the Lambda function.
    -     		+ Default:
    {}
    +     		+
    A dictionary in any form to be provided as input to the Lambda function.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    tail_log
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If tail_log=yes, the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation wait=yes. This is usually used for development or testing Lambdas.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If tail_log=yes, the result of the task will include the last 4 KB of the CloudWatch log for the function execution. Log tailing only works if you use synchronous invocation wait=yes. This is usually used for development or testing Lambdas.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    version_qualifier
    string -
    -     		- -
    Which version/alias of the function to run. This defaults to the LATEST revision, but can be set to any existing version or alias. See https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
    -     		+ +
    Which version/alias of the function to run. This defaults to the LATEST revision, but can be set to any existing version or alias. See https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html for details.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to wait for the function results or not. If wait=no the task will not return any results. To wait for the Lambda function to complete, set wait=yes and the result will be available in the output key.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to wait for the function results or not. If wait=no the task will not return any results. To wait for the Lambda function to complete, set wait=yes and the result will be available in the output key.
    +
    +
    @@ -318,7 +337,7 @@ Notes .. note:: - Async invocation will always return an empty ``output`` key. - Synchronous invocation may result in a function timeout, resulting in an empty ``output`` key. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -329,7 +348,6 @@ Examples .. code-block:: yaml+jinja - - community.aws.execute_lambda: name: test-function # the payload is automatically serialized and sent to the function @@ -366,7 +384,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -379,56 +396,56 @@ Common return values are documented `here Returned Description - - + +
    logs
    string -
    - + + if tail_log == true -
    The last 4KB of the function logs. Only provided if tail_log is true
    -
    - +
    The last 4KB of the function logs. Only provided if tail_log is true
    +
    + - - + +
    output
    dictionary -
    - + + success -
    Function output if wait=true and the function returns a value
    -
    -
    Sample:
    -
    { 'output': 'something' }
    - +
    Function output if wait=true and the function returns a value
    +
    +
    Sample:
    +
    { 'output': 'something' }
    + - - + +
    status
    integer -
    - + + always -
    StatusCode of API call exit (200 for synchronous invokes, 202 for async)
    -
    -
    Sample:
    -
    200
    - +
    StatusCode of API call exit (200 for synchronous invokes, 202 for async)
    +
    +
    Sample:
    +
    200
    + - +

    @@ -440,5 +457,3 @@ Authors ~~~~~~~ - Ryan Scott Brown (@ryansb) - - diff --git a/docs/community.aws.iam_cert_module.rst b/docs/community.aws.iam_cert_module.rst index 8d0cf82ecc7..51e81660f00 100644 --- a/docs/community.aws.iam_cert_module.rst +++ b/docs/community.aws.iam_cert_module.rst @@ -35,309 +35,328 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cert
    string -
    -     		- -
    The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    -     		+ +
    The path to, or content of the certificate body in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    +
    +
    cert_chain
    string -
    -     		- -
    The path to, or content of, the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    -     		+ +
    The path to, or content of, the CA certificate chain in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    dup_ok
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    By default the module will not upload a certificate that is already uploaded into AWS.
    -
    If dup_ok=True, it will upload the certificate as long as the name is unique.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    By default the module will not upload a certificate that is already uploaded into AWS.
    +
    If dup_ok=True, it will upload the certificate as long as the name is unique.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    key
    string -
    -     		- -
    The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    -     		+ +
    The path to, or content of the private key in PEM encoded format. As of 2.4 content is accepted. If the parameter is not a file, it is assumed to be content.
    +
    +
    name
    string - / required
    -     		- -
    Name of certificate to add, update or remove.
    -     		+ +
    Name of certificate to add, update or remove.
    +
    +
    new_name
    string -
    -     		- -
    When state is present, this will update the name of the cert.
    -
    The cert, key and cert_chain parameters will be ignored if this is defined.
    -     		+ +
    When state is present, this will update the name of the cert.
    +
    The cert, key and cert_chain parameters will be ignored if this is defined.
    +
    +
    new_path
    string -
    -     		- -
    When state is present, this will update the path of the cert.
    -
    The cert, key and cert_chain parameters will be ignored if this is defined.
    -     		+ +
    When state is present, this will update the path of the cert.
    +
    The cert, key and cert_chain parameters will be ignored if this is defined.
    +
    +
    path
    string -
    -     		- Default:
    "/"
    -     		-
    When creating or updating, specify the desired path of the certificate.
    -     		+ Default:
    "/"
    +     		+
    When creating or updating, specify the desired path of the certificate.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Whether to create(or update) or delete the certificate.
    -
    If new_path or new_name is defined, specifying present will attempt to make an update these.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Whether to create(or update) or delete the certificate.
    +
    If new_path or new_name is defined, specifying present will attempt to make an update these.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -345,7 +364,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -356,7 +375,6 @@ Examples .. code-block:: yaml+jinja - - name: Basic server certificate upload from local file community.aws.iam_cert: name: very_ssl @@ -391,8 +409,6 @@ Examples - - Status ------ @@ -401,5 +417,3 @@ Authors ~~~~~~~ - Jonathan I. Davila (@defionscode) - - diff --git a/docs/community.aws.iam_group_module.rst b/docs/community.aws.iam_group_module.rst index 1ea0674ae6d..1683e54b0ad 100644 --- a/docs/community.aws.iam_group_module.rst +++ b/docs/community.aws.iam_group_module.rst @@ -37,266 +37,285 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    managed_policies
    list - / elements=string
    -     		- -
    A list of managed policy ARNs or friendly names to attach to the role.
    -
    To embed an inline policy, use community.aws.iam_policy.
    -

    aliases: managed_policy
    -     		+ +
    A list of managed policy ARNs or friendly names to attach to the role.
    +
    To embed an inline policy, use community.aws.iam_policy.
    +

    aliases: managed_policy
    +
    +
    name
    string - / required
    -     		- -
    The name of the group to create.
    -     		+ +
    The name of the group to create.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_policies
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    -

    aliases: purge_policy, purge_managed_policies
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    +

    aliases: purge_policy, purge_managed_policies
    +
    +
    purge_users
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When purge_users=true users which are not included in users will be detached.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When purge_users=true users which are not included in users will be detached.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or remove the IAM group.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or remove the IAM group.
    +
    +
    users
    list - / elements=string
    -     		- -
    A list of existing users to add as members of the group.
    -     		+ +
    A list of existing users to add as members of the group.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -304,7 +323,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -315,7 +334,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a group @@ -361,8 +379,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -375,247 +391,247 @@ Common return values are documented `here Returned Description - - + +
    iam_group
    complex -
    - + + success -
    dictionary containing all the group information including group membership
    -
    - +
    dictionary containing all the group information including group membership
    +
    + - -   - + +   +
    group
    complex -
    - + + success -
    dictionary containing all the group information
    -
    - +
    dictionary containing all the group information
    +
    + - -   -   - + +   +   +
    arn
    string -
    - + + -
    the Amazon Resource Name (ARN) specifying the group
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:group/testgroup1
    - +
    the Amazon Resource Name (ARN) specifying the group
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:group/testgroup1
    + - -   -   - + +   +   +
    create_date
    string -
    - + + -
    the date and time, in ISO 8601 date-time format, when the group was created
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    - +
    the date and time, in ISO 8601 date-time format, when the group was created
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    + - -   -   - + +   +   +
    group_id
    string -
    - + + -
    the stable and unique string identifying the group
    -
    -
    Sample:
    -
    AGPAIDBWE12NSFINE55TM
    - +
    the stable and unique string identifying the group
    +
    +
    Sample:
    +
    AGPAIDBWE12NSFINE55TM
    + - -   -   - + +   +   +
    group_name
    string -
    - + + -
    the friendly name that identifies the group
    -
    -
    Sample:
    -
    testgroup1
    - +
    the friendly name that identifies the group
    +
    +
    Sample:
    +
    testgroup1
    + - -   -   - + +   +   +
    path
    string -
    - + + -
    the path to the group
    -
    -
    Sample:
    -
    /
    - +
    the path to the group
    +
    +
    Sample:
    +
    /
    + - - -   - + + +   +
    users
    complex -
    - + + success -
    list containing all the group members
    -
    - +
    list containing all the group members
    +
    + - -   -   - + +   +   +
    arn
    string -
    - + + -
    the Amazon Resource Name (ARN) specifying the user
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:user/test_user1
    - +
    the Amazon Resource Name (ARN) specifying the user
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:user/test_user1
    + - -   -   - + +   +   +
    create_date
    string -
    - + + -
    the date and time, in ISO 8601 date-time format, when the user was created
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    - +
    the date and time, in ISO 8601 date-time format, when the user was created
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    + - -   -   - + +   +   +
    path
    string -
    - + + -
    the path to the user
    -
    -
    Sample:
    -
    /
    - +
    the path to the user
    +
    +
    Sample:
    +
    /
    + - -   -   - + +   +   +
    user_id
    string -
    - + + -
    the stable and unique string identifying the user
    -
    -
    Sample:
    -
    AIDAIZTPY123YQRS22YU2
    - +
    the stable and unique string identifying the user
    +
    +
    Sample:
    +
    AIDAIZTPY123YQRS22YU2
    + - -   -   - + +   +   +
    user_name
    string -
    - + + -
    the friendly name that identifies the user
    -
    -
    Sample:
    -
    testgroup1
    - +
    the friendly name that identifies the user
    +
    +
    Sample:
    +
    testgroup1
    + - - - + + +

    @@ -628,5 +644,3 @@ Authors - Nick Aslanidis (@naslanidis) - Maksym Postument (@infectsoldier) - - diff --git a/docs/community.aws.iam_managed_policy_module.rst b/docs/community.aws.iam_managed_policy_module.rst index f1c1541cf54..5eefe87b023 100644 --- a/docs/community.aws.iam_managed_policy_module.rst +++ b/docs/community.aws.iam_managed_policy_module.rst @@ -37,283 +37,302 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    fail_on_delete
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The fail_on_delete option does nothing and will be removed after 2022-06-01
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The fail_on_delete option does nothing and will be removed after 2022-06-01
    +
    +
    make_default
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Make this revision the default revision.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Make this revision the default revision.
    +
    +
    only_version
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Remove all other non default revisions, if this is used with make_default it will result in all other versions of this policy being deleted.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Remove all other non default revisions, if this is used with make_default it will result in all other versions of this policy being deleted.
    +
    +
    policy
    json -
    -     		- -
    A properly json formatted policy
    -     		+ +
    A properly json formatted policy
    +
    +
    policy_description
    string -
    -     		- Default:
    ""
    -     		-
    A helpful description of this policy, this value is immutable and only set when creating a new policy.
    -     		+ Default:
    ""
    +     		+
    A helpful description of this policy, this value is immutable and only set when creating a new policy.
    +
    +
    policy_name
    string - / required
    -     		- -
    The name of the managed policy.
    -     		+ +
    The name of the managed policy.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Should this managed policy be present or absent. Set to absent to detach all entities from this policy and remove it if found.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -321,7 +340,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -332,7 +351,6 @@ Examples .. code-block:: yaml+jinja - # Create Policy ex nihilo - name: Create IAM Managed Policy community.aws.iam_managed_policy: @@ -352,7 +370,12 @@ Examples - name: Create IAM Managed Policy community.aws.iam_managed_policy: policy_name: "ManagedPolicy" - policy: "{{ lookup('file', 'managed_policy_update.json') }}" + policy: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Action: "logs:CreateLogGroup" + Resource: "*" make_default: false state: present @@ -360,7 +383,15 @@ Examples - name: Create IAM Managed Policy community.aws.iam_managed_policy: policy_name: "ManagedPolicy" - policy: "{ 'Version': '2012-10-17', 'Statement':[{'Effect': 'Allow','Action': '*','Resource': '*'}]}" + policy: | + { + "Version": "2012-10-17", + "Statement":[{ + "Effect": "Allow", + "Action": "logs:PutRetentionPolicy", + "Resource": "*" + }] + } only_version: true state: present @@ -372,7 +403,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -385,24 +415,24 @@ Common return values are documented `here Returned Description - - + +
    policy
    string -
    - + + success -
    Returns the policy json structure, when state == absent this will return the value of the removed policy.
    -
    -
    Sample:
    -
    { "arn": "arn:aws:iam::aws:policy/AdministratorAccess " "attachment_count": 0, "create_date": "2017-03-01T15:42:55.981000+00:00", "default_version_id": "v1", "is_attachable": true, "path": "/", "policy_id": "ANPALM4KLDMTFXGOOJIHL", "policy_name": "AdministratorAccess", "update_date": "2017-03-01T15:42:55.981000+00:00" }
    - +
    Returns the policy json structure, when state == absent this will return the value of the removed policy.
    +
    +
    Sample:
    +
    { "arn": "arn:aws:iam::aws:policy/AdministratorAccess " "attachment_count": 0, "create_date": "2017-03-01T15:42:55.981000+00:00", "default_version_id": "v1", "is_attachable": true, "path": "/", "policy_id": "ANPALM4KLDMTFXGOOJIHL", "policy_name": "AdministratorAccess", "update_date": "2017-03-01T15:42:55.981000+00:00" }
    + - +

    @@ -414,5 +444,3 @@ Authors ~~~~~~~ - Dan Kozlowski (@dkhenry) - - diff --git a/docs/community.aws.iam_mfa_device_info_module.rst b/docs/community.aws.iam_mfa_device_info_module.rst index d60035243fa..05c0a39e602 100644 --- a/docs/community.aws.iam_mfa_device_info_module.rst +++ b/docs/community.aws.iam_mfa_device_info_module.rst @@ -38,176 +38,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    user_name
    string -
    -     		- -
    The name of the user whose MFA devices will be listed
    -     		+ +
    The name of the user whose MFA devices will be listed
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -215,7 +234,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -226,7 +245,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # more details: https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html @@ -244,7 +262,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -257,24 +274,24 @@ Common return values are documented `here Returned Description - - + +
    mfa_devices
    list -
    - + + always -
    The MFA devices registered for the given user
    -
    -
    Sample:
    -
    [{'enable_date': '2016-03-11T23:25:36+00:00', 'serial_number': 'arn:aws:iam::085120003701:mfa/pwnall', 'user_name': 'pwnall'}, {'enable_date': '2016-03-11T23:25:37+00:00', 'serial_number': 'arn:aws:iam::085120003702:mfa/pwnall', 'user_name': 'pwnall'}]
    - +
    The MFA devices registered for the given user
    +
    +
    Sample:
    +
    [{'enable_date': '2016-03-11T23:25:36+00:00', 'serial_number': 'arn:aws:iam::085120003701:mfa/pwnall', 'user_name': 'pwnall'}, {'enable_date': '2016-03-11T23:25:37+00:00', 'serial_number': 'arn:aws:iam::085120003702:mfa/pwnall', 'user_name': 'pwnall'}]
    + - +

    @@ -286,5 +303,3 @@ Authors ~~~~~~~ - Victor Costan (@pwnall) - - diff --git a/docs/community.aws.iam_module.rst b/docs/community.aws.iam_module.rst index b5802e50289..1f5f78fa016 100644 --- a/docs/community.aws.iam_module.rst +++ b/docs/community.aws.iam_module.rst @@ -35,403 +35,422 @@ Parameters .. raw:: html - + - + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    access_key_ids
    list -
    -     		- -
    A list of the keys that you want affected by the access_key_state parameter.
    -     		+ +
    A list of the keys that you want affected by the access_key_state parameter.
    +
    +
    access_key_state
    string -
    -     		-
      Choices: -
    • create
      • -
    • remove
      • -
    • active
      • -
    • inactive
      • -
    • Create
      • -
    • Remove
      • -
    • Active
      • -
    • Inactive
      • -
    -     		-
    When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
    -     		+
      Choices: +
    • create
      • +
    • remove
      • +
    • active
      • +
    • inactive
      • +
    • Create
      • +
    • Remove
      • +
    • Active
      • +
    • Inactive
      • +
    +     		+
    When type is user, it creates, removes, deactivates or activates a user's access key(s). Note that actions apply only to keys specified.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    groups
    list -
    -     		- -
    A list of groups the user should belong to. When state=update, will gracefully remove groups not listed.
    -     		+ +
    A list of groups the user should belong to. When state=update, will gracefully remove groups not listed.
    +
    +
    iam_type
    string - / required
    -     		-
      Choices: -
    • user
      • -
    • group
      • -
    • role
      • -
    -     		-
    Type of IAM resource.
    -     		+
      Choices: +
    • user
      • +
    • group
      • +
    • role
      • +
    +     		+
    Type of IAM resource.
    +
    +
    key_count
    integer -
    -     		- Default:
    1
    -     		-
    When access_key_state=create it will ensure this quantity of keys are present.
    -     		+ Default:
    1
    +     		+
    When access_key_state=create it will ensure this quantity of keys are present.
    +
    +
    name
    string - / required
    -     		- -
    Name of IAM resource to create or identify.
    -     		+ +
    Name of IAM resource to create or identify.
    +
    +
    new_name
    string -
    -     		- -
    When state=update, will replace name with new_name on IAM resource.
    -     		+ +
    When state=update, will replace name with new_name on IAM resource.
    +
    +
    new_path
    string -
    -     		- -
    When state=update, will replace the path with new_path on the IAM resource.
    -     		+ +
    When state=update, will replace the path with new_path on the IAM resource.
    +
    +
    password
    string -
    -     		- -
    When type=user and either state=present or state=update, define the users login password.
    -
    Note that this will always return 'changed'.
    -     		+ +
    When type=user and either state=present or state=update, define the users login password.
    +
    Note that this will always return 'changed'.
    +
    +
    path
    string -
    -     		- Default:
    "/"
    -     		-
    When creating or updating, specify the desired path of the resource.
    -
    If state=present, it will replace the current path to match what is passed in when they do not match.
    -     		+ Default:
    "/"
    +     		+
    When creating or updating, specify the desired path of the resource.
    +
    If state=present, it will replace the current path to match what is passed in when they do not match.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • update
      • -
    -     		-
    Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • update
      • +
    +     		+
    Whether to create, delete or update the IAM resource. Note, roles cannot be updated.
    +
    +
    trust_policy
    dictionary -
    -     		- -
    The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role.
    -
    Mutually exclusive with trust_policy_filepath.
    -     		+ +
    The inline (JSON or YAML) trust policy document that grants an entity permission to assume the role.
    +
    Mutually exclusive with trust_policy_filepath.
    +
    +
    trust_policy_filepath
    string -
    -     		- -
    The path to the trust policy document that grants an entity permission to assume the role.
    -
    Mutually exclusive with trust_policy.
    -     		+ +
    The path to the trust policy document that grants an entity permission to assume the role.
    +
    Mutually exclusive with trust_policy.
    +
    +
    update_password
    string -
    -     		-
      Choices: -
    • always ←
      • -
    • on_create
      • -
    -     		-
    When to update user passwords.
    -
    update_password=always will ensure the password is set to password.
    -
    update_password=on_create will only set the password for newly created users.
    -     		+
      Choices: +
    • always ←
      • +
    • on_create
      • +
    +     		+
    When to update user passwords.
    +
    update_password=always will ensure the password is set to password.
    +
    update_password=on_create will only set the password for newly created users.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -440,7 +459,7 @@ Notes .. note:: - Currently boto does not support the removal of Managed Policies, the module will error out if your user/group/role has managed policies when you try to do state=absent. They will need to be removed manually. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -451,7 +470,6 @@ Examples .. code-block:: yaml+jinja - # Basic user creation example - name: Create two new IAM users with API keys community.aws.iam: @@ -500,8 +518,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -514,41 +530,41 @@ Common return values are documented `here Returned Description - - + +
    role_result
    string -
    - + + if iam_type=role and state=present -
    the IAM.role dict returned by Boto
    -
    -
    Sample:
    -
    {'arn': 'arn:aws:iam::A1B2C3D4E5F6:role/my-new-role', 'assume_role_policy_document': '...truncated...', 'create_date': '2017-09-02T14:32:23Z', 'path': '/', 'role_id': 'AROAA1B2C3D4E5F6G7H8I', 'role_name': 'my-new-role'}
    - +
    the IAM.role dict returned by Boto
    +
    +
    Sample:
    +
    {'arn': 'arn:aws:iam::A1B2C3D4E5F6:role/my-new-role', 'assume_role_policy_document': '...truncated...', 'create_date': '2017-09-02T14:32:23Z', 'path': '/', 'role_id': 'AROAA1B2C3D4E5F6G7H8I', 'role_name': 'my-new-role'}
    + - - + +
    roles
    list -
    - + + if iam_type=role and state=present -
    a list containing the name of the currently defined roles
    -
    -
    Sample:
    -
    ['my-new-role', 'my-existing-role-1', 'my-existing-role-2', 'my-existing-role-3', 'my-existing-role-...']
    - +
    a list containing the name of the currently defined roles
    +
    +
    Sample:
    +
    ['my-new-role', 'my-existing-role-1', 'my-existing-role-2', 'my-existing-role-3', 'my-existing-role-...']
    + - +

    @@ -561,5 +577,3 @@ Authors - Jonathan I. Davila (@defionscode) - Paul Seiffert (@seiffert) - - diff --git a/docs/community.aws.iam_password_policy_module.rst b/docs/community.aws.iam_password_policy_module.rst index 7ee644fd3fe..472e6987eba 100644 --- a/docs/community.aws.iam_password_policy_module.rst +++ b/docs/community.aws.iam_password_policy_module.rst @@ -37,347 +37,366 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    allow_pw_change
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Allow users to change their password.
    -

    aliases: allow_password_change
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Allow users to change their password.
    +

    aliases: allow_password_change
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    min_pw_length
    integer -
    -     		- Default:
    6
    -     		-
    Minimum password length.
    -

    aliases: minimum_password_length
    -     		+ Default:
    6
    +     		+
    Minimum password length.
    +

    aliases: minimum_password_length
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    pw_expire
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Prevents users from change an expired password.
    -

    aliases: password_expire, expire
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Prevents users from change an expired password.
    +

    aliases: password_expire, expire
    +
    +
    pw_max_age
    integer -
    -     		- Default:
    0
    -     		-
    Maximum age for a password in days. When this option is 0 then passwords do not expire automatically.
    -

    aliases: password_max_age
    -     		+ Default:
    0
    +     		+
    Maximum age for a password in days. When this option is 0 then passwords do not expire automatically.
    +

    aliases: password_max_age
    +
    +
    pw_reuse_prevent
    integer -
    -     		- Default:
    0
    -     		-
    Prevent re-use of passwords.
    -

    aliases: password_reuse_prevent, prevent_reuse
    -     		+ Default:
    0
    +     		+
    Prevent re-use of passwords.
    +

    aliases: password_reuse_prevent, prevent_reuse
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    require_lowercase
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require lowercase letters in password.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require lowercase letters in password.
    +
    +
    require_numbers
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require numbers in password.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require numbers in password.
    +
    +
    require_symbols
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require symbols in password.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require symbols in password.
    +
    +
    require_uppercase
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Require uppercase letters in password.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Require uppercase letters in password.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies the overall state of the password policy.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies the overall state of the password policy.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -385,7 +404,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -396,7 +415,6 @@ Examples .. code-block:: yaml+jinja - - name: Password policy for AWS account community.aws.iam_password_policy: state: present @@ -413,7 +431,6 @@ Examples - Status ------ @@ -422,5 +439,3 @@ Authors ~~~~~~~ - Aaron Smith (@slapula) - - diff --git a/docs/community.aws.iam_policy_info_module.rst b/docs/community.aws.iam_policy_info_module.rst index de27cd26404..ac6d53e14a8 100644 --- a/docs/community.aws.iam_policy_info_module.rst +++ b/docs/community.aws.iam_policy_info_module.rst @@ -35,211 +35,230 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    iam_name
    string - / required
    -     		- -
    Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name.
    -     		+ +
    Name of IAM resource you wish to retrieve inline policies for. In other words, the user name, group name or role name.
    +
    +
    iam_type
    string - / required
    -     		-
      Choices: -
    • user
      • -
    • group
      • -
    • role
      • -
    -     		-
    Type of IAM resource you wish to retrieve inline policies for.
    -     		+
      Choices: +
    • user
      • +
    • group
      • +
    • role
      • +
    +     		+
    Type of IAM resource you wish to retrieve inline policies for.
    +
    +
    policy_name
    string -
    -     		- -
    Name of a specific IAM inline policy you with to retrieve.
    -     		+ +
    Name of a specific IAM inline policy you with to retrieve.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -247,7 +266,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -258,7 +277,6 @@ Examples .. code-block:: yaml+jinja - - name: Describe all inline IAM policies on an IAM User community.aws.iam_policy_info: iam_type: user @@ -272,8 +290,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -286,85 +302,85 @@ Common return values are documented `here Returned Description - - + +
    all_policy_names
    list -
    - + + success -
    A list of names of all of the IAM inline policies on the queried object
    -
    - +
    A list of names of all of the IAM inline policies on the queried object
    +
    + - - + +
    policies
    complex -
    - + + success -
    A list containing the matching IAM inline policy names and their data
    -
    - +
    A list containing the matching IAM inline policy names and their data
    +
    + - -   - + +   +
    policy_document
    list -
    - + + success -
    The JSON document representing the inline IAM policy
    -
    - +
    The JSON document representing the inline IAM policy
    +
    + - -   - + +   +
    policy_name
    string -
    - + + success -
    The Name of the inline policy
    -
    - +
    The Name of the inline policy
    +
    + - - - + + +
    policy_names
    list -
    - + + success -
    A list of matching names of the IAM inline policies on the queried object
    -
    - +
    A list of matching names of the IAM inline policies on the queried object
    +
    + - +

    @@ -376,5 +392,3 @@ Authors ~~~~~~~ - Mark Chappell (@tremble) - - diff --git a/docs/community.aws.iam_policy_module.rst b/docs/community.aws.iam_policy_module.rst index b11694f041e..bd9c47e5974 100644 --- a/docs/community.aws.iam_policy_module.rst +++ b/docs/community.aws.iam_policy_module.rst @@ -36,284 +36,303 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    iam_name
    string - / required
    -     		- -
    Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
    -     		+ +
    Name of IAM resource you wish to target for policy actions. In other words, the user name, group name or role name.
    +
    +
    iam_type
    string - / required
    -     		-
      Choices: -
    • user
      • -
    • group
      • -
    • role
      • -
    -     		-
    Type of IAM resource.
    -     		+
      Choices: +
    • user
      • +
    • group
      • +
    • role
      • +
    +     		+
    Type of IAM resource.
    +
    +
    policy_document
    string -
    -     		- -
    The path to the properly json formatted policy file.
    -
    Mutually exclusive with policy_json.
    -
    This option has been deprecated and will be removed in 2.14. The existing behavior can be reproduced by using the policy_json option and reading the file using the lookup plugin.
    -     		+ +
    The path to the properly json formatted policy file.
    +
    Mutually exclusive with policy_json.
    +
    This option has been deprecated and will be removed in 2.14. The existing behavior can be reproduced by using the policy_json option and reading the file using the lookup plugin.
    +
    +
    policy_json
    json -
    -     		- -
    A properly json formatted policy as string.
    -
    Mutually exclusive with policy_document.
    - -     		+ +
    A properly json formatted policy as string.
    +
    Mutually exclusive with policy_document.
    + +
    +
    policy_name
    string - / required
    -     		- -
    The name label for the policy to create or remove.
    -     		+ +
    The name label for the policy to create or remove.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    skip_duplicates
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When skip_duplicates=true the module looks for any policies that match the document you pass in. If there is a match it will not make a new policy object with the same rules.
    -
    The current default is true. However, this behavior can be confusing and as such the default will change to false in 2.14. To maintain the existing behavior explicitly set skip_duplicates=true.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When skip_duplicates=true the module looks for any policies that match the document you pass in. If there is a match it will not make a new policy object with the same rules.
    +
    The current default is true. However, this behavior can be confusing and as such the default will change to false in 2.14. To maintain the existing behavior explicitly set skip_duplicates=true.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create or delete the IAM policy.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create or delete the IAM policy.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -321,7 +340,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -332,7 +351,6 @@ Examples .. code-block:: yaml+jinja - # Create a policy with the name of 'Admin' to the group 'administrators' - name: Assign a policy called Admin to the administrators group community.aws.iam_policy: @@ -378,8 +396,6 @@ Examples - - Status ------ @@ -389,5 +405,3 @@ Authors - Jonathan I. Davila (@defionscode) - Dennis Podkovyrin (@sbj-ss) - - diff --git a/docs/community.aws.iam_role_info_module.rst b/docs/community.aws.iam_role_info_module.rst index e0ba73016f9..b0735befda9 100644 --- a/docs/community.aws.iam_role_info_module.rst +++ b/docs/community.aws.iam_role_info_module.rst @@ -37,194 +37,213 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string -
    -     		- -
    Name of a role to search for.
    -
    Mutually exclusive with path_prefix.
    -

    aliases: role_name
    -     		+ +
    Name of a role to search for.
    +
    Mutually exclusive with path_prefix.
    +

    aliases: role_name
    +
    +
    path_prefix
    string -
    -     		- -
    Prefix of role to restrict IAM role search for.
    -
    Mutually exclusive with name.
    -     		+ +
    Prefix of role to restrict IAM role search for.
    +
    Mutually exclusive with name.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -232,7 +251,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -243,7 +262,6 @@ Examples .. code-block:: yaml+jinja - - name: find all existing IAM roles community.aws.iam_role_info: register: result @@ -258,7 +276,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -271,347 +288,347 @@ Common return values are documented `here Returned Description - - + +
    iam_roles
    complex -
    - + + always -
    List of IAM roles
    -
    - +
    List of IAM roles
    +
    + - -   - + +   +
    arn
    string -
    - + + always -
    Amazon Resource Name for IAM role.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:role/AnsibleTestRole
    - +
    Amazon Resource Name for IAM role.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:role/AnsibleTestRole
    + - -   - + +   +
    assume_role_policy_document
    string -
    - + + always -
    Policy Document describing what can assume the role.
    -
    - +
    Policy Document describing what can assume the role.
    +
    + - -   - + +   +
    create_date
    string -
    - + + always -
    Date IAM role was created.
    -
    -
    Sample:
    -
    2017-10-23T00:05:08+00:00
    - +
    Date IAM role was created.
    +
    +
    Sample:
    +
    2017-10-23T00:05:08+00:00
    + - -   - + +   +
    inline_policies
    list -
    - + + always -
    List of names of inline policies.
    -
    - +
    List of names of inline policies.
    +
    + - -   - + +   +
    instance_profiles
    complex -
    - + + always -
    List of attached instance profiles.
    -
    - +
    List of attached instance profiles.
    +
    + - -   -   - + +   +   +
    arn
    string -
    - + + always -
    Amazon Resource Name for the instance profile.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:instance-profile/AnsibleTestEC2Policy
    - +
    Amazon Resource Name for the instance profile.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:instance-profile/AnsibleTestEC2Policy
    + - -   -   - + +   +   +
    create_date
    string -
    - + + always -
    Date instance profile was created.
    -
    -
    Sample:
    -
    2017-10-23T00:05:08+00:00
    - +
    Date instance profile was created.
    +
    +
    Sample:
    +
    2017-10-23T00:05:08+00:00
    + - -   -   - + +   +   +
    instance_profile_id
    string -
    - + + always -
    Amazon Identifier for the instance profile.
    -
    -
    Sample:
    -
    AROAII7ABCD123456EFGH
    - +
    Amazon Identifier for the instance profile.
    +
    +
    Sample:
    +
    AROAII7ABCD123456EFGH
    + - -   -   - + +   +   +
    instance_profile_name
    string -
    - + + always -
    Name of instance profile.
    -
    -
    Sample:
    -
    AnsibleTestEC2Policy
    - +
    Name of instance profile.
    +
    +
    Sample:
    +
    AnsibleTestEC2Policy
    + - -   -   - + +   +   +
    path
    string -
    - + + always -
    Path of instance profile.
    -
    -
    Sample:
    -
    /
    - +
    Path of instance profile.
    +
    +
    Sample:
    +
    /
    + - -   -   - + +   +   +
    roles
    list -
    - + + always -
    List of roles associated with this instance profile.
    -
    - +
    List of roles associated with this instance profile.
    +
    + - - -   - + + +   +
    managed_policies
    complex -
    - + + always -
    List of attached managed policies.
    -
    - +
    List of attached managed policies.
    +
    + - -   -   - + +   +   +
    policy_arn
    string -
    - + + always -
    Amazon Resource Name for the policy.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:policy/AnsibleTestEC2Policy
    - +
    Amazon Resource Name for the policy.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:policy/AnsibleTestEC2Policy
    + - -   -   - + +   +   +
    policy_name
    string -
    - + + always -
    Name of managed policy.
    -
    -
    Sample:
    -
    AnsibleTestEC2Policy
    - +
    Name of managed policy.
    +
    +
    Sample:
    +
    AnsibleTestEC2Policy
    + - - -   - + + +   +
    path
    string -
    - + + always -
    Path of role.
    -
    -
    Sample:
    -
    /
    - +
    Path of role.
    +
    +
    Sample:
    +
    /
    + - -   - + +   +
    role_id
    string -
    - + + always -
    Amazon Identifier for the role.
    -
    -
    Sample:
    -
    AROAII7ABCD123456EFGH
    - +
    Amazon Identifier for the role.
    +
    +
    Sample:
    +
    AROAII7ABCD123456EFGH
    + - -   - + +   +
    role_name
    string -
    - + + always -
    Name of the role.
    -
    -
    Sample:
    -
    AnsibleTestRole
    - +
    Name of the role.
    +
    +
    Sample:
    +
    AnsibleTestRole
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    Role tags.
    -
    -
    Sample:
    -
    {"Env": "Prod"}
    - +
    Role tags.
    +
    +
    Sample:
    +
    {"Env": "Prod"}
    + - - + +

    @@ -623,5 +640,3 @@ Authors ~~~~~~~ - Will Thames (@willthames) - - diff --git a/docs/community.aws.iam_role_module.rst b/docs/community.aws.iam_role_module.rst index 7f8a2d60458..82dfe70f8a6 100644 --- a/docs/community.aws.iam_role_module.rst +++ b/docs/community.aws.iam_role_module.rst @@ -37,391 +37,410 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    assume_role_policy_document
    json -
    -     		- -
    The trust relationship policy document that grants an entity permission to assume the role.
    -
    This parameter is required when state=present.
    -     		+ +
    The trust relationship policy document that grants an entity permission to assume the role.
    +
    This parameter is required when state=present.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    boundary
    string -
    -     		- -
    The ARN of an IAM managed policy to use to restrict the permissions this role can pass on to IAM roles/users that it creates.
    -
    Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
    -
    This is intended for roles/users that have permissions to create new IAM objects.
    - -
    Requires botocore 1.10.57 or above.
    -

    aliases: boundary_policy_arn
    -     		+ +
    The ARN of an IAM managed policy to use to restrict the permissions this role can pass on to IAM roles/users that it creates.
    +
    Boundaries cannot be set on Instance Profiles, as such if this option is specified then create_instance_profile must be false.
    +
    This is intended for roles/users that have permissions to create new IAM objects.
    + +
    Requires botocore 1.10.57 or above.
    +

    aliases: boundary_policy_arn
    +
    +
    create_instance_profile
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Creates an IAM instance profile along with the role.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Creates an IAM instance profile along with the role.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delete_instance_profile
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When delete_instance_profile=true and state=absent deleting a role will also delete the instance profile created with the same name as the role.
    -
    Only applies when state=absent.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When delete_instance_profile=true and state=absent deleting a role will also delete the instance profile created with the same name as the role.
    +
    Only applies when state=absent.
    +
    +
    description
    string -
    -     		- -
    Provides a description of the role.
    -     		+ +
    Provides a description of the role.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    managed_policies
    list -
    -     		- -
    A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
    -
    To remove all policies set purge_polices=true and managed_policies=[None].
    -
    To embed an inline policy, use community.aws.iam_policy.
    -

    aliases: managed_policy
    -     		+ +
    A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.
    +
    To remove all policies set purge_polices=true and managed_policies=[None].
    +
    To embed an inline policy, use community.aws.iam_policy.
    +

    aliases: managed_policy
    +
    +
    max_session_duration
    integer -
    -     		- -
    The maximum duration (in seconds) of a session when assuming the role.
    -
    Valid values are between 1 and 12 hours (3600 and 43200 seconds).
    -     		+ +
    The maximum duration (in seconds) of a session when assuming the role.
    +
    Valid values are between 1 and 12 hours (3600 and 43200 seconds).
    +
    +
    name
    string - / required
    -     		- -
    The name of the role to create.
    -     		+ +
    The name of the role to create.
    +
    +
    path
    string -
    -     		- Default:
    "/"
    -     		-
    The path to the role. For more information about paths, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html.
    -     		+ Default:
    "/"
    +     		+
    The path to the role. For more information about paths, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_policies
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    -
    By default purge_policies=true. In Ansible 2.14 this will be changed to purge_policies=false.
    -

    aliases: purge_policy, purge_managed_policies
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    +
    By default purge_policies=true. In Ansible 2.14 this will be changed to purge_policies=false.
    +

    aliases: purge_policy, purge_managed_policies
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Remove tags not listed in tags when tags is specified.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Remove tags not listed in tags when tags is specified.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove the IAM role.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove the IAM role.
    +
    +
    tags
    dictionary -
    -     		- -
    Tag dict to apply to the queue.
    -
    Requires botocore 1.12.46 or above.
    -     		+ +
    Tag dict to apply to the queue.
    +
    Requires botocore 1.12.46 or above.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -429,7 +448,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -440,7 +459,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Create a role with description and tags @@ -472,8 +490,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -486,167 +502,167 @@ Common return values are documented `here Returned Description - - + +
    iam_role
    complex -
    - + + success -
    dictionary containing the IAM Role data
    -
    - +
    dictionary containing the IAM Role data
    +
    + - -   - + +   +
    arn
    string -
    - + + always -
    the Amazon Resource Name (ARN) specifying the role
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:role/mynewrole
    - +
    the Amazon Resource Name (ARN) specifying the role
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:role/mynewrole
    + - -   - + +   +
    assume_role_policy_document
    string -
    - + + always -
    the policy that grants an entity permission to assume the role
    -
    -
    Sample:
    -
    {'statement': [{'action': 'sts:AssumeRole', 'effect': 'Allow', 'principal': {'service': 'ec2.amazonaws.com'}, 'sid': ''}], 'version': '2012-10-17'}
    - +
    the policy that grants an entity permission to assume the role
    +
    +
    Sample:
    +
    {'statement': [{'action': 'sts:AssumeRole', 'effect': 'Allow', 'principal': {'service': 'ec2.amazonaws.com'}, 'sid': ''}], 'version': '2012-10-17'}
    + - -   - + +   +
    attached_policies
    list -
    - + + always -
    a list of dicts containing the name and ARN of the managed IAM policies attached to the role
    -
    -
    Sample:
    -
    [{'policy_arn': 'arn:aws:iam::aws:policy/PowerUserAccess', 'policy_name': 'PowerUserAccess'}]
    - +
    a list of dicts containing the name and ARN of the managed IAM policies attached to the role
    +
    +
    Sample:
    +
    [{'policy_arn': 'arn:aws:iam::aws:policy/PowerUserAccess', 'policy_name': 'PowerUserAccess'}]
    + - -   - + +   +
    create_date
    string -
    - + + always -
    the date and time, in ISO 8601 date-time format, when the role was created
    -
    -
    Sample:
    -
    2016-08-14T04:36:28+00:00
    - +
    the date and time, in ISO 8601 date-time format, when the role was created
    +
    +
    Sample:
    +
    2016-08-14T04:36:28+00:00
    + - -   - + +   +
    path
    string -
    - + + always -
    the path to the role
    -
    -
    Sample:
    -
    /
    - +
    the path to the role
    +
    +
    Sample:
    +
    /
    + - -   - + +   +
    role_id
    string -
    - + + always -
    the stable and unique string identifying the role
    -
    -
    Sample:
    -
    ABCDEFF4EZ4ABCDEFV4ZC
    - +
    the stable and unique string identifying the role
    +
    +
    Sample:
    +
    ABCDEFF4EZ4ABCDEFV4ZC
    + - -   - + +   +
    role_name
    string -
    - + + always -
    the friendly name that identifies the role
    -
    -
    Sample:
    -
    myrole
    - +
    the friendly name that identifies the role
    +
    +
    Sample:
    +
    myrole
    + - -   - + +   +
    tags
    dictionary -
    - + + always -
    role tags
    -
    -
    Sample:
    -
    {"Env": "Prod"}
    - +
    role tags
    +
    +
    Sample:
    +
    {"Env": "Prod"}
    + - - + +

    @@ -658,5 +674,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.iam_saml_federation_module.rst b/docs/community.aws.iam_saml_federation_module.rst index da4e8adb396..814dc3c4ec0 100644 --- a/docs/community.aws.iam_saml_federation_module.rst +++ b/docs/community.aws.iam_saml_federation_module.rst @@ -36,210 +36,229 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name of the provider to create.
    -     		+ +
    The name of the provider to create.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    saml_metadata_document
    string -
    -     		- -
    The XML document generated by an identity provider (IdP) that supports SAML 2.0.
    -     		+ +
    The XML document generated by an identity provider (IdP) that supports SAML 2.0.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether to create or delete identity provider. If 'present' is specified it will attempt to update the identity provider matching the name field.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether to create or delete identity provider. If 'present' is specified it will attempt to update the identity provider matching the name field.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -247,7 +266,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -258,7 +277,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # It is assumed that their matching environment variables are set. # Creates a new iam saml identity provider if not present @@ -283,7 +301,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -296,93 +313,93 @@ Common return values are documented `here Returned Description - - + +
    saml_provider
    complex -
    - + + present -
    Details of the SAML Identity Provider that was created/modified.
    -
    - +
    Details of the SAML Identity Provider that was created/modified.
    +
    + - -   - + +   +
    arn
    string -
    - + + present -
    The ARN of the identity provider.
    -
    -
    Sample:
    -
    arn:aws:iam::123456789012:saml-provider/my_saml_provider
    - +
    The ARN of the identity provider.
    +
    +
    Sample:
    +
    arn:aws:iam::123456789012:saml-provider/my_saml_provider
    + - -   - + +   +
    create_date
    string -
    - + + present -
    The date and time when the SAML provider was created in ISO 8601 date-time format.
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    - +
    The date and time when the SAML provider was created in ISO 8601 date-time format.
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    + - -   - + +   +
    expire_date
    string -
    - + + present -
    The expiration date and time for the SAML provider in ISO 8601 date-time format.
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    - +
    The expiration date and time for the SAML provider in ISO 8601 date-time format.
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    + - -   - + +   +
    metadata_document
    string -
    - + + present -
    The XML metadata document that includes information about an identity provider.
    -
    - +
    The XML metadata document that includes information about an identity provider.
    +
    + - - + +

    @@ -395,5 +412,3 @@ Authors - Tony (@axc450) - Aidan Rowe (@aidan-) - - diff --git a/docs/community.aws.iam_server_certificate_info_module.rst b/docs/community.aws.iam_server_certificate_info_module.rst index 7dcc4995460..a4d72a5199d 100644 --- a/docs/community.aws.iam_server_certificate_info_module.rst +++ b/docs/community.aws.iam_server_certificate_info_module.rst @@ -38,176 +38,195 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string -
    -     		- -
    The name of the server certificate you are retrieving attributes for.
    -     		+ +
    The name of the server certificate you are retrieving attributes for.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -215,7 +234,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -226,7 +245,6 @@ Examples .. code-block:: yaml+jinja - - name: Retrieve server certificate community.aws.iam_server_certificate_info: name: production-cert @@ -240,7 +258,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -253,126 +270,126 @@ Common return values are documented `here Returned Description - - + +
    arn
    string -
    - + + success -
    The Amazon resource name of the server certificate
    -
    -
    Sample:
    -
    arn:aws:iam::911277865346:server-certificate/server-cert-name
    - +
    The Amazon resource name of the server certificate
    +
    +
    Sample:
    +
    arn:aws:iam::911277865346:server-certificate/server-cert-name
    + - - + +
    certificate_body
    string -
    - + + success -
    The asn1der encoded PEM string
    -
    -
    Sample:
    -
    -----BEGIN CERTIFICATE----- bunch of random data -----END CERTIFICATE-----
    - +
    The asn1der encoded PEM string
    +
    +
    Sample:
    +
    -----BEGIN CERTIFICATE----- bunch of random data -----END CERTIFICATE-----
    + - - + +
    expiration
    string -
    - + + success -
    The date and time this server certificate will expire, in ISO 8601 format.
    -
    -
    Sample:
    -
    2017-06-15T12:00:00+00:00
    - +
    The date and time this server certificate will expire, in ISO 8601 format.
    +
    +
    Sample:
    +
    2017-06-15T12:00:00+00:00
    + - - + +
    path
    string -
    - + + success -
    The path of the server certificate
    -
    -
    Sample:
    -
    /
    - +
    The path of the server certificate
    +
    +
    Sample:
    +
    /
    + - - + +
    server_certificate_id
    string -
    - + + success -
    The 21 character certificate id
    -
    -
    Sample:
    -
    ADWAJXWTZAXIPIMQHMJPO
    - +
    The 21 character certificate id
    +
    +
    Sample:
    +
    ADWAJXWTZAXIPIMQHMJPO
    + - - + +
    server_certificate_name
    string -
    - + + success -
    The name of the server certificate
    -
    -
    Sample:
    -
    server-cert-name
    - +
    The name of the server certificate
    +
    +
    Sample:
    +
    server-cert-name
    + - - + +
    upload_date
    string -
    - + + success -
    The date and time this server certificate was uploaded, in ISO 8601 format.
    -
    -
    Sample:
    -
    2015-04-25T00:36:40+00:00
    - +
    The date and time this server certificate was uploaded, in ISO 8601 format.
    +
    +
    Sample:
    +
    2015-04-25T00:36:40+00:00
    + - +

    @@ -384,5 +401,3 @@ Authors ~~~~~~~ - Allen Sanabria (@linuxdynasty) - - diff --git a/docs/community.aws.iam_user_info_module.rst b/docs/community.aws.iam_user_info_module.rst index 8236d83bf83..561eecfc007 100644 --- a/docs/community.aws.iam_user_info_module.rst +++ b/docs/community.aws.iam_user_info_module.rst @@ -37,208 +37,227 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    group
    string -
    -     		- -
    The group name name of the IAM user to look for. Mutually exclusive with path.
    -     		+ +
    The group name name of the IAM user to look for. Mutually exclusive with path.
    +
    +
    name
    string -
    -     		- -
    The name of the IAM user to look for.
    -     		+ +
    The name of the IAM user to look for.
    +
    +
    path
    string -
    -     		- Default:
    "/"
    -     		-
    The path to the IAM user. Mutually exclusive with group.
    -
    If specified, then would get all user names whose path starts with user provided value.
    -     		+ Default:
    "/"
    +     		+
    The path to the IAM user. Mutually exclusive with group.
    +
    If specified, then would get all user names whose path starts with user provided value.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -246,7 +265,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -257,7 +276,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather facts about "test" user. - name: Get IAM user facts @@ -276,7 +294,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -289,131 +306,131 @@ Common return values are documented `here Returned Description - - + +
    iam_users
    complex -
    - + + success -
    list of maching iam users
    -
    - +
    list of maching iam users
    +
    + - -   - + +   +
    arn
    string -
    - + + if user exists -
    the ARN of the user
    -
    -
    Sample:
    -
    arn:aws:iam::156360693172:user/dev/test_user
    - +
    the ARN of the user
    +
    +
    Sample:
    +
    arn:aws:iam::156360693172:user/dev/test_user
    + - -   - + +   +
    create_date
    string -
    - + + if user exists -
    the datetime user was created
    -
    -
    Sample:
    -
    2016-05-24T12:24:59+00:00
    - +
    the datetime user was created
    +
    +
    Sample:
    +
    2016-05-24T12:24:59+00:00
    + - -   - + +   +
    password_last_used
    string -
    - + + if password was used at least once -
    the last datetime the password was used by user
    -
    -
    Sample:
    -
    2016-05-25T13:39:11+00:00
    - +
    the last datetime the password was used by user
    +
    +
    Sample:
    +
    2016-05-25T13:39:11+00:00
    + - -   - + +   +
    path
    string -
    - + + if user exists -
    the path to user
    -
    -
    Sample:
    -
    /dev/
    - +
    the path to user
    +
    +
    Sample:
    +
    /dev/
    + - -   - + +   +
    user_id
    string -
    - + + if user exists -
    the unique user id
    -
    -
    Sample:
    -
    AIDUIOOCQKTUGI6QJLGH2
    - +
    the unique user id
    +
    +
    Sample:
    +
    AIDUIOOCQKTUGI6QJLGH2
    + - -   - + +   +
    user_name
    string -
    - + + if user exists -
    the user name
    -
    -
    Sample:
    -
    test_user
    - +
    the user name
    +
    +
    Sample:
    +
    test_user
    + - - + +

    @@ -426,5 +443,3 @@ Authors - Constantin Bugneac (@Constantin07) - Abhijeet Kasurde (@Akasurde) - - diff --git a/docs/community.aws.iam_user_module.rst b/docs/community.aws.iam_user_module.rst index 6cdf3bf9d6c..95a84bb2f1f 100644 --- a/docs/community.aws.iam_user_module.rst +++ b/docs/community.aws.iam_user_module.rst @@ -37,232 +37,251 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    managed_policies
    list -
    -     		- -
    A list of managed policy ARNs or friendly names to attach to the user.
    -
    To embed an inline policy, use community.aws.iam_policy.
    -

    aliases: managed_policy
    -     		+ +
    A list of managed policy ARNs or friendly names to attach to the user.
    +
    To embed an inline policy, use community.aws.iam_policy.
    +

    aliases: managed_policy
    +
    +
    name
    string - / required
    -     		- -
    The name of the user to create.
    -     		+ +
    The name of the user to create.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_policies
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    -

    aliases: purge_policy, purge_managed_policies
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When purge_policies=true any managed policies not listed in managed_policies will be detatched.
    +

    aliases: purge_policy, purge_managed_policies
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Create or remove the IAM user.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Create or remove the IAM user.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -270,7 +289,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -281,7 +300,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Note: This module does not allow management of groups that users belong to. # Groups should manage their membership directly using `iam_group`, @@ -312,8 +330,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -326,113 +342,113 @@ Common return values are documented `here Returned Description - - + +
    user
    complex -
    - + + success -
    dictionary containing all the user information
    -
    - +
    dictionary containing all the user information
    +
    + - -   - + +   +
    arn
    string -
    - + + -
    the Amazon Resource Name (ARN) specifying the user
    -
    -
    Sample:
    -
    arn:aws:iam::1234567890:user/testuser1
    - +
    the Amazon Resource Name (ARN) specifying the user
    +
    +
    Sample:
    +
    arn:aws:iam::1234567890:user/testuser1
    + - -   - + +   +
    create_date
    string -
    - + + -
    the date and time, in ISO 8601 date-time format, when the user was created
    -
    -
    Sample:
    -
    2017-02-08T04:36:28+00:00
    - +
    the date and time, in ISO 8601 date-time format, when the user was created
    +
    +
    Sample:
    +
    2017-02-08T04:36:28+00:00
    + - -   - + +   +
    path
    string -
    - + + -
    the path to the user
    -
    -
    Sample:
    -
    /
    - +
    the path to the user
    +
    +
    Sample:
    +
    /
    + - -   - + +   +
    user_id
    string -
    - + + -
    the stable and unique string identifying the user
    -
    -
    Sample:
    -
    AGPAIDBWE12NSFINE55TM
    - +
    the stable and unique string identifying the user
    +
    +
    Sample:
    +
    AGPAIDBWE12NSFINE55TM
    + - -   - + +   +
    user_name
    string -
    - + + -
    the friendly name that identifies the user
    -
    -
    Sample:
    -
    testuser1
    - +
    the friendly name that identifies the user
    +
    +
    Sample:
    +
    testuser1
    + - - + +

    @@ -444,5 +460,3 @@ Authors ~~~~~~~ - Josh Souza (@joshsouza) - - diff --git a/docs/community.aws.kinesis_stream_module.rst b/docs/community.aws.kinesis_stream_module.rst index 1193e820132..2ee9ef5c92d 100644 --- a/docs/community.aws.kinesis_stream_module.rst +++ b/docs/community.aws.kinesis_stream_module.rst @@ -39,334 +39,353 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    encryption_state
    string -
    -     		-
      Choices: -
    • enabled
      • -
    • disabled
      • -
    -     		-
    Enable or Disable encryption on the Kinesis Stream.
    -     		+
      Choices: +
    • enabled
      • +
    • disabled
      • +
    +     		+
    Enable or Disable encryption on the Kinesis Stream.
    +
    +
    encryption_type
    string -
    -     		-
      Choices: -
    • KMS
      • -
    • NONE
      • -
    -     		-
    The type of encryption.
    -
    Defaults to KMS
    -     		+
      Choices: +
    • KMS
      • +
    • NONE
      • +
    +     		+
    The type of encryption.
    +
    Defaults to KMS
    +
    +
    key_id
    string -
    -     		- -
    The GUID or alias for the KMS key.
    -     		+ +
    The GUID or alias for the KMS key.
    +
    +
    name
    string - / required
    -     		- -
    The name of the Kinesis Stream you are managing.
    -     		+ +
    The name of the Kinesis Stream you are managing.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    retention_period
    integer -
    -     		- -
    The length of time (in hours) data records are accessible after they are added to the stream.
    -
    The default retention period is 24 hours and can not be less than 24 hours.
    -
    The maximum retention period is 168 hours.
    -
    The retention period can be modified during any point in time.
    -     		+ +
    The length of time (in hours) data records are accessible after they are added to the stream.
    +
    The default retention period is 24 hours and can not be less than 24 hours.
    +
    The maximum retention period is 168 hours.
    +
    The retention period can be modified during any point in time.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    shards
    integer -
    -     		- -
    The number of shards you want to have with this stream.
    -
    This is required when state=present
    -     		+ +
    The number of shards you want to have with this stream.
    +
    This is required when state=present
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or Delete the Kinesis Stream.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or Delete the Kinesis Stream.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.
    -

    aliases: resource_tags
    -     		+ +
    A dictionary of resource tags of the form: { tag1: value1, tag2: value2 }.
    +

    aliases: resource_tags
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for operation to complete before returning.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for operation to complete before returning.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    How many seconds to wait for an operation to complete before timing out.
    -     		+ Default:
    300
    +     		+
    How many seconds to wait for an operation to complete before timing out.
    +
    +
    @@ -374,7 +393,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -385,7 +404,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Basic creation example: @@ -455,7 +473,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -468,92 +485,92 @@ Common return values are documented `here Returned Description - - + +
    retention_period_hours
    integer -
    - + + when state == present. -
    Number of hours messages will be kept for a Kinesis Stream.
    -
    -
    Sample:
    -
    24
    - +
    Number of hours messages will be kept for a Kinesis Stream.
    +
    +
    Sample:
    +
    24
    + - - + +
    stream_arn
    string -
    - + + when state == present. -
    The amazon resource identifier
    -
    -
    Sample:
    -
    arn:aws:kinesis:east-side:123456789:stream/test-stream
    - +
    The amazon resource identifier
    +
    +
    Sample:
    +
    arn:aws:kinesis:east-side:123456789:stream/test-stream
    + - - + +
    stream_name
    string -
    - + + when state == present. -
    The name of the Kinesis Stream.
    -
    -
    Sample:
    -
    test-stream
    - +
    The name of the Kinesis Stream.
    +
    +
    Sample:
    +
    test-stream
    + - - + +
    stream_status
    string -
    - + + when state == present. -
    The current state of the Kinesis Stream.
    -
    -
    Sample:
    -
    ACTIVE
    - +
    The current state of the Kinesis Stream.
    +
    +
    Sample:
    +
    ACTIVE
    + - - + +
    tags
    dictionary -
    - + + when state == present. -
    Dictionary containing all the tags associated with the Kinesis stream.
    -
    -
    Sample:
    -
    {'Name': 'Splunk', 'Env': 'development'}
    - +
    Dictionary containing all the tags associated with the Kinesis stream.
    +
    +
    Sample:
    +
    {'Name': 'Splunk', 'Env': 'development'}
    + - +

    @@ -565,5 +582,3 @@ Authors ~~~~~~~ - Allen Sanabria (@linuxdynasty) - - diff --git a/docs/community.aws.lambda_alias_module.rst b/docs/community.aws.lambda_alias_module.rst index d7d677458a6..6afb9788adb 100644 --- a/docs/community.aws.lambda_alias_module.rst +++ b/docs/community.aws.lambda_alias_module.rst @@ -36,242 +36,261 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A short, user-defined function alias description.
    -     		+ +
    A short, user-defined function alias description.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    function_name
    string - / required
    -     		- -
    The name of the function alias.
    -     		+ +
    The name of the function alias.
    +
    +
    function_version
    integer -
    -     		- -
    Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
    -

    aliases: version
    -     		+ +
    Version associated with the Lambda function alias. A value of 0 (or omitted parameter) sets the alias to the $LATEST version.
    +

    aliases: version
    +
    +
    name
    string - / required
    -     		- -
    Name of the function alias.
    -

    aliases: alias_name
    -     		+ +
    Name of the function alias.
    +

    aliases: alias_name
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -279,7 +298,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -290,7 +309,6 @@ Examples .. code-block:: yaml+jinja - --- # Simple example to create a lambda function and publish a version - hosts: localhost @@ -322,7 +340,7 @@ Examples name: myLambdaFunction register: lambda_info - name: show results - debug: + ansible.builtin.debug: msg: "{{ lambda_info['lambda_facts'] }}" # The following will set the Dev alias to the latest version ($LATEST) since version is omitted (or = 0) @@ -354,7 +372,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -367,75 +384,75 @@ Common return values are documented `here Returned Description - - + +
    alias_arn
    string -
    - + + success -
    Full ARN of the function, including the alias
    -
    -
    Sample:
    -
    arn:aws:lambda:us-west-2:123456789012:function:myFunction:dev
    - +
    Full ARN of the function, including the alias
    +
    +
    Sample:
    +
    arn:aws:lambda:us-west-2:123456789012:function:myFunction:dev
    + - - + +
    description
    string -
    - + + success -
    A short description of the alias
    -
    -
    Sample:
    -
    The development stage for my hot new app
    - +
    A short description of the alias
    +
    +
    Sample:
    +
    The development stage for my hot new app
    + - - + +
    function_version
    string -
    - + + success -
    The qualifier that the alias refers to
    -
    -
    Sample:
    -
    $LATEST
    - +
    The qualifier that the alias refers to
    +
    +
    Sample:
    +
    $LATEST
    + - - + +
    name
    string -
    - + + success -
    The name of the alias assigned
    -
    -
    Sample:
    -
    dev
    - +
    The name of the alias assigned
    +
    +
    Sample:
    +
    dev
    + - +

    @@ -447,5 +464,3 @@ Authors ~~~~~~~ - Pierre Jodouin (@pjodouin), Ryan Scott Brown (@ryansb) - - diff --git a/docs/community.aws.lambda_event_module.rst b/docs/community.aws.lambda_event_module.rst index 4649d985667..fee94cd64ba 100644 --- a/docs/community.aws.lambda_event_module.rst +++ b/docs/community.aws.lambda_event_module.rst @@ -36,340 +36,359 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - - + + - - + + + + - - - + + - - + + + + - - - + + - - + / required + + + - - - + + - - + + + + - - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    alias
    string -
    -     		- -
    Name of the function alias.
    -
    Mutually exclusive with version.
    -     		+ +
    Name of the function alias.
    +
    Mutually exclusive with version.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    event_source
    string -
    -     		-
      Choices: -
    • stream ←
      • -
    • sqs
      • -
    -     		-
    Source of the event that triggers the lambda function.
    -
    For DynamoDB and Kinesis events, select stream
    -
    For SQS queues, select sqs
    -     		+
      Choices: +
    • stream ←
      • +
    • sqs
      • +
    +     		+
    Source of the event that triggers the lambda function.
    +
    For DynamoDB and Kinesis events, select stream
    +
    For SQS queues, select sqs
    +
    +
    lambda_function_arn
    string - / required
    -     		- -
    The name or ARN of the lambda function.
    -

    aliases: function_name, function_arn
    -     		+ +
    The name or ARN of the lambda function.
    +

    aliases: function_name, function_arn
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    source_params
    dictionary - / required
    -     		- -
    Sub-parameters required for event source.
    -     		+ +
    Sub-parameters required for event source.
    +
    +
    batch_size
    integer -
    -     		- Default:
    100
    -     		-
    The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
    -     		+ Default:
    100
    +     		+
    The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
    +
    +
    enabled
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    - Default:
    "true."
    -     		-
    Indicates whether AWS Lambda should begin polling or readin from the event source.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    + Default:
    "true."
    +     		+
    Indicates whether AWS Lambda should begin polling or readin from the event source.
    +
    +
    source_arn
    string - / required
    -     		- -
    The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
    -     		+ +
    The Amazon Resource Name (ARN) of the SQS queue, Kinesis stream or DynamoDB stream that is the event source.
    +
    +
    starting_position
    string -
    -     		-
      Choices: -
    • TRIM_HORIZON
      • -
    • LATEST
      • -
    -     		-
    The position in the stream where AWS Lambda should start reading.
    -
    Required when event_source=stream.
    -     		+
      Choices: +
    • TRIM_HORIZON
      • +
    • LATEST
      • +
    +     		+
    The position in the stream where AWS Lambda should start reading.
    +
    Required when event_source=stream.
    +
    + +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    version
    integer -
    -     		- -
    Version of the Lambda function.
    -
    Mutually exclusive with alias.
    -     		+ +
    Version of the Lambda function.
    +
    Mutually exclusive with alias.
    +
    +
    @@ -377,7 +396,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -388,7 +407,6 @@ Examples .. code-block:: yaml+jinja - # Example that creates a lambda event notification for a DynamoDB stream - name: DynamoDB stream event mapping community.aws.lambda_event: @@ -404,12 +422,11 @@ Examples register: event - name: Show source event - debug: + ansible.builtin.debug: var: event.lambda_stream_events - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -422,22 +439,22 @@ Common return values are documented `here Returned Description - - + +
    lambda_stream_events
    list -
    - + + success -
    list of dictionaries returned by the API describing stream event mappings
    -
    - +
    list of dictionaries returned by the API describing stream event mappings
    +
    + - +

    @@ -449,5 +466,3 @@ Authors ~~~~~~~ - Pierre Jodouin (@pjodouin), Ryan Brown (@ryansb) - - diff --git a/docs/community.aws.lambda_facts_module.rst b/docs/community.aws.lambda_facts_module.rst index d2f95f4a830..7396a687ec7 100644 --- a/docs/community.aws.lambda_facts_module.rst +++ b/docs/community.aws.lambda_facts_module.rst @@ -43,215 +43,234 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    event_source_arn
    string -
    -     		- -
    For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    -     		+ +
    For query type 'mappings', this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    +
    +
    function_name
    string -
    -     		- -
    The name of the lambda function for which facts are requested.
    -

    aliases: function, name
    -     		+ +
    The name of the lambda function for which facts are requested.
    +

    aliases: function, name
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    query
    string -
    -     		-
      Choices: -
    • aliases
      • -
    • all ←
      • -
    • config
      • -
    • mappings
      • -
    • policy
      • -
    • versions
      • -
    -     		-
    Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
    -     		+
      Choices: +
    • aliases
      • +
    • all ←
      • +
    • config
      • +
    • mappings
      • +
    • policy
      • +
    • versions
      • +
    +     		+
    Specifies the resource type for which to gather facts. Leave blank to retrieve all facts.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -259,7 +278,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -270,7 +289,6 @@ Examples .. code-block:: yaml+jinja - --- # Simple example of listing all info for a function - name: List all for a specific function @@ -292,12 +310,11 @@ Examples query: all max_items: 20 - name: show Lambda facts - debug: + ansible.builtin.debug: var: lambda_facts - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -310,52 +327,52 @@ Common return values are documented `here Returned Description - - + +
    lambda_facts
    dictionary -
    - + + success -
    lambda facts
    -
    - +
    lambda facts
    +
    + - - + +
    lambda_facts.function
    dictionary -
    - + + success -
    lambda function list
    -
    - +
    lambda function list
    +
    + - - + +
    lambda_facts.function.TheName
    dictionary -
    - + + success -
    lambda function information, including event, mapping, and version information
    -
    - +
    lambda function information, including event, mapping, and version information
    +
    + - +

    @@ -371,5 +388,3 @@ Authors ~~~~~~~ - Pierre Jodouin (@pjodouin) - - diff --git a/docs/community.aws.lambda_info_module.rst b/docs/community.aws.lambda_info_module.rst index f269b0c7986..80987bc814f 100644 --- a/docs/community.aws.lambda_info_module.rst +++ b/docs/community.aws.lambda_info_module.rst @@ -37,215 +37,234 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    event_source_arn
    string -
    -     		- -
    When query=mappings, this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    -     		+ +
    When query=mappings, this is the Amazon Resource Name (ARN) of the Amazon Kinesis or DynamoDB stream.
    +
    +
    function_name
    string -
    -     		- -
    The name of the lambda function for which information is requested.
    -

    aliases: function, name
    -     		+ +
    The name of the lambda function for which information is requested.
    +

    aliases: function, name
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    query
    string -
    -     		-
      Choices: -
    • aliases
      • -
    • all ←
      • -
    • config
      • -
    • mappings
      • -
    • policy
      • -
    • versions
      • -
    -     		-
    Specifies the resource type for which to gather information. Leave blank to retrieve all information.
    -     		+
      Choices: +
    • aliases
      • +
    • all ←
      • +
    • config
      • +
    • mappings
      • +
    • policy
      • +
    • versions
      • +
    +     		+
    Specifies the resource type for which to gather information. Leave blank to retrieve all information.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -253,7 +272,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -264,7 +283,6 @@ Examples .. code-block:: yaml+jinja - --- # Simple example of listing all info for a function - name: List all for a specific function @@ -285,12 +303,11 @@ Examples max_items: 20 register: output - name: show Lambda information - debug: + ansible.builtin.debug: msg: "{{ output['function'] }}" - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -303,37 +320,37 @@ Common return values are documented `here Returned Description - - + +
    function
    dictionary -
    - + + success -
    lambda function list
    -
    - +
    lambda function list
    +
    + - - + +
    function.TheName
    dictionary -
    - + + success -
    lambda function information, including event, mapping, and version information
    -
    - +
    lambda function information, including event, mapping, and version information
    +
    + - +

    @@ -345,5 +362,3 @@ Authors ~~~~~~~ - Pierre Jodouin (@pjodouin) - - diff --git a/docs/community.aws.lambda_module.rst b/docs/community.aws.lambda_module.rst index 84ecb936cec..3fdfd9dbfa9 100644 --- a/docs/community.aws.lambda_module.rst +++ b/docs/community.aws.lambda_module.rst @@ -36,453 +36,472 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    dead_letter_arn
    string -
    -     		- -
    The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
    -     		+ +
    The parent object that contains the target Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
    -     		+ +
    A short, user-defined function description. Lambda does not use this value. Assign a meaningful description as you see fit.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    environment_variables
    dictionary -
    -     		- -
    A dictionary of environment variables the Lambda function is given.
    -     		+ +
    A dictionary of environment variables the Lambda function is given.
    +
    +
    handler
    string -
    -     		- -
    The function within your code that Lambda calls to begin execution.
    -     		+ +
    The function within your code that Lambda calls to begin execution.
    +
    +
    memory_size
    integer -
    -     		- Default:
    128
    -     		-
    The amount of memory, in MB, your Lambda function is given.
    -     		+ Default:
    128
    +     		+
    The amount of memory, in MB, your Lambda function is given.
    +
    +
    name
    string - / required
    -     		- -
    The name you want to assign to the function you are uploading. Cannot be changed.
    -     		+ +
    The name you want to assign to the function you are uploading. Cannot be changed.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.
    -
    Required when state=present.
    -     		+ +
    The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes your function to access any other Amazon Web Services (AWS) resources. You may use the bare ARN if the role belongs to the same AWS account.
    +
    Required when state=present.
    +
    +
    runtime
    string -
    -     		- -
    The runtime environment for the Lambda function you are uploading.
    -
    Required when creating a function. Uses parameters as described in boto3 docs.
    -
    Required when state=present.
    - -     		+ +
    The runtime environment for the Lambda function you are uploading.
    +
    Required when creating a function. Uses parameters as described in boto3 docs.
    +
    Required when state=present.
    + +
    +
    s3_bucket
    string -
    -     		- -
    Amazon S3 bucket name where the .zip file containing your deployment package is stored.
    -
    If state=present then either zip_file or s3_bucket must be present.
    -
    s3_bucket and s3_key are required together.
    -     		+ +
    Amazon S3 bucket name where the .zip file containing your deployment package is stored.
    +
    If state=present then either zip_file or s3_bucket must be present.
    +
    s3_bucket and s3_key are required together.
    +
    +
    s3_key
    string -
    -     		- -
    The Amazon S3 object (the deployment package) key name you want to upload.
    -
    s3_bucket and s3_key are required together.
    -     		+ +
    The Amazon S3 object (the deployment package) key name you want to upload.
    +
    s3_bucket and s3_key are required together.
    +
    +
    s3_object_version
    string -
    -     		- -
    The Amazon S3 object (the deployment package) version you want to upload.
    -     		+ +
    The Amazon S3 object (the deployment package) version you want to upload.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete Lambda function.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete Lambda function.
    +
    +
    tags
    dictionary -
    -     		- -
    tag dict to apply to the function (requires botocore 1.5.40 or above).
    -     		+ +
    tag dict to apply to the function (requires botocore 1.5.40 or above).
    +
    +
    timeout
    integer -
    -     		- Default:
    3
    -     		-
    The function maximum execution time in seconds after which Lambda should terminate the function.
    -     		+ Default:
    3
    +     		+
    The function maximum execution time in seconds after which Lambda should terminate the function.
    +
    +
    tracing_mode
    string -
    -     		-
      Choices: -
    • Active
      • -
    • PassThrough
      • -
    -     		-
    Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
    -     		+
      Choices: +
    • Active
      • +
    • PassThrough
      • +
    +     		+
    Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned off (set to 'PassThrough') by default.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_security_group_ids
    list - / elements=string
    -     		- -
    List of VPC security group IDs to associate with the Lambda function.
    -
    Required when vpc_subnet_ids is used.
    -     		+ +
    List of VPC security group IDs to associate with the Lambda function.
    +
    Required when vpc_subnet_ids is used.
    +
    +
    vpc_subnet_ids
    list - / elements=string
    -     		- -
    List of subnet IDs to run Lambda function in.
    -
    Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
    -
    If set, vpc_security_group_ids must also be set.
    -     		+ +
    List of subnet IDs to run Lambda function in.
    +
    Use this option if you need to access resources in your VPC. Leave empty if you don't want to run the function in a VPC.
    +
    If set, vpc_security_group_ids must also be set.
    +
    +
    zip_file
    string -
    -     		- -
    A .zip file containing your deployment package
    -
    If state=present then either zip_file or s3_bucket must be present.
    -

    aliases: src
    -     		+ +
    A .zip file containing your deployment package
    +
    If state=present then either zip_file or s3_bucket must be present.
    +

    aliases: src
    +
    +
    @@ -490,7 +509,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -501,7 +520,6 @@ Examples .. code-block:: yaml+jinja - # Create Lambda functions - name: looped creation community.aws.lambda: @@ -554,7 +572,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -567,41 +584,41 @@ Common return values are documented `here Returned Description - - + +
    code
    dictionary -
    - + + success -
    the lambda function location returned by get_function in boto3
    -
    -
    Sample:
    -
    {'location': 'a presigned S3 URL', 'repository_type': 'S3'}
    - +
    the lambda function location returned by get_function in boto3
    +
    +
    Sample:
    +
    {'location': 'a presigned S3 URL', 'repository_type': 'S3'}
    + - - + +
    configuration
    dictionary -
    - + + success -
    the lambda function metadata returned by get_function in boto3
    -
    -
    Sample:
    -
    {'code_sha256': 'zOAGfF5JLFuzZoSNirUtOrQp+S341IOA3BcoXXoaIaU=', 'code_size': 123, 'description': 'My function', 'environment': {'variables': {'key': 'value'}}, 'function_arn': 'arn:aws:lambda:us-east-1:123456789012:function:myFunction:1', 'function_name': 'myFunction', 'handler': 'index.handler', 'last_modified': '2017-08-01T00:00:00.000+0000', 'memory_size': 128, 'revision_id': 'a2x9886d-d48a-4a0c-ab64-82abc005x80c', 'role': 'arn:aws:iam::123456789012:role/lambda_basic_execution', 'runtime': 'nodejs6.10', 'tracing_config': {'mode': 'Active'}, 'timeout': 3, 'version': '1', 'vpc_config': {'security_group_ids': [], 'subnet_ids': [], 'vpc_id': '123'}}
    - +
    the lambda function metadata returned by get_function in boto3
    +
    +
    Sample:
    +
    {'code_sha256': 'zOAGfF5JLFuzZoSNirUtOrQp+S341IOA3BcoXXoaIaU=', 'code_size': 123, 'description': 'My function', 'environment': {'variables': {'key': 'value'}}, 'function_arn': 'arn:aws:lambda:us-east-1:123456789012:function:myFunction:1', 'function_name': 'myFunction', 'handler': 'index.handler', 'last_modified': '2017-08-01T00:00:00.000+0000', 'memory_size': 128, 'revision_id': 'a2x9886d-d48a-4a0c-ab64-82abc005x80c', 'role': 'arn:aws:iam::123456789012:role/lambda_basic_execution', 'runtime': 'nodejs6.10', 'tracing_config': {'mode': 'Active'}, 'timeout': 3, 'version': '1', 'vpc_config': {'security_group_ids': [], 'subnet_ids': [], 'vpc_id': '123'}}
    + - +

    @@ -613,5 +630,3 @@ Authors ~~~~~~~ - Steyn Huizinga (@steynovich) - - diff --git a/docs/community.aws.lambda_policy_module.rst b/docs/community.aws.lambda_policy_module.rst index e9864920a4c..70af795a55b 100644 --- a/docs/community.aws.lambda_policy_module.rst +++ b/docs/community.aws.lambda_policy_module.rst @@ -38,321 +38,340 @@ Parameters .. raw:: html - + - + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    action
    string - / required
    -     		- -
    The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:*) to grant permission for all AWS Lambda actions.
    -     		+ +
    The AWS Lambda action you want to allow in this statement. Each Lambda action is a string starting with lambda: followed by the API name (see Operations ). For example, lambda:CreateFunction . You can use wildcard (lambda:*) to grant permission for all AWS Lambda actions.
    +
    +
    alias
    string -
    -     		- -
    Name of the function alias. Mutually exclusive with version.
    -     		+ +
    Name of the function alias. Mutually exclusive with version.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    event_source_token
    string -
    -     		- -
    Token string representing source ARN or account. Mutually exclusive with source_arn or source_account.
    -     		+ +
    Token string representing source ARN or account. Mutually exclusive with source_arn or source_account.
    +
    +
    function_name
    string - / required
    -     		- -
    Name of the Lambda function whose resource policy you are updating by adding a new permission.
    -
    You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the
    -
    function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to
    -
    specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the
    -
    ARN. If you specify only the function name, it is limited to 64 character in length.
    -

    aliases: lambda_function_arn, function_arn
    -     		+ +
    Name of the Lambda function whose resource policy you are updating by adding a new permission.
    +
    You can specify a function name (for example, Thumbnail ) or you can specify Amazon Resource Name (ARN) of the
    +
    function (for example, arn:aws:lambda:us-west-2:account-id:function:ThumbNail ). AWS Lambda also allows you to
    +
    specify partial ARN (for example, account-id:Thumbnail ). Note that the length constraint applies only to the
    +
    ARN. If you specify only the function name, it is limited to 64 character in length.
    +

    aliases: lambda_function_arn, function_arn
    +
    +
    principal
    string - / required
    -     		- -
    The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
    -     		+ +
    The principal who is getting this permission. It can be Amazon S3 service Principal (s3.amazonaws.com ) if you want Amazon S3 to invoke the function, an AWS account ID if you are granting cross-account permission, or any valid AWS service principal such as sns.amazonaws.com . For example, you might want to allow a custom application in another AWS account to push events to AWS Lambda by invoking your function.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    source_account
    string -
    -     		- -
    The AWS account ID (without a hyphen) of the source owner. For example, if source_arn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the source_arn ) owned by a specific account.
    -     		+ +
    The AWS account ID (without a hyphen) of the source owner. For example, if source_arn identifies a bucket, then this is the bucket owner's account ID. You can use this additional condition to ensure the bucket you specify is owned by a specific account (it is possible the bucket owner deleted the bucket and some other AWS account created the bucket). You can also use this condition to specify all sources (that is, you don't specify the source_arn ) owned by a specific account.
    +
    +
    source_arn
    string -
    -     		- -
    This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
    -     		+ +
    This is optional; however, when granting Amazon S3 permission to invoke your function, you should specify this field with the bucket Amazon Resource Name (ARN) as its value. This ensures that only events generated from the specified bucket can invoke the function.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    statement_id
    string - / required
    -     		- -
    A unique statement identifier.
    -

    aliases: sid
    -     		+ +
    A unique statement identifier.
    +

    aliases: sid
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    version
    integer -
    -     		- -
    Version of the Lambda function. Mutually exclusive with alias.
    -     		+ +
    Version of the Lambda function. Mutually exclusive with alias.
    +
    +
    @@ -360,7 +379,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -371,8 +390,6 @@ Examples .. code-block:: yaml+jinja - - - name: Lambda S3 event notification community.aws.lambda_policy: state: present @@ -386,12 +403,11 @@ Examples register: lambda_policy_action - name: show results - debug: + ansible.builtin.debug: var: lambda_policy_action - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -404,22 +420,22 @@ Common return values are documented `here Returned Description - - + +
    lambda_policy_action
    string -
    - + + success -
    describes what action was taken
    -
    - +
    describes what action was taken
    +
    + - +

    @@ -432,5 +448,3 @@ Authors - Pierre Jodouin (@pjodouin) - Michael De La Rue (@mikedlr) - - diff --git a/docs/community.aws.lightsail_module.rst b/docs/community.aws.lightsail_module.rst index e97535cdff1..c5adc12834d 100644 --- a/docs/community.aws.lightsail_module.rst +++ b/docs/community.aws.lightsail_module.rst @@ -37,316 +37,335 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    blueprint_id
    string -
    -     		- -
    ID of the instance blueprint image.
    -
    Required when state=present
    -     		+ +
    ID of the instance blueprint image.
    +
    Required when state=present
    +
    +
    bundle_id
    string -
    -     		- -
    Bundle of specification info for the instance.
    -
    Required when state=present.
    -     		+ +
    Bundle of specification info for the instance.
    +
    Required when state=present.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    key_pair_name
    string -
    -     		- -
    Name of the key pair to use with the instance.
    -
    If state=present and a key_pair_name is not provided, the default keypair from the region will be used.
    -     		+ +
    Name of the key pair to use with the instance.
    +
    If state=present and a key_pair_name is not provided, the default keypair from the region will be used.
    +
    +
    name
    string - / required
    -     		- -
    Name of the instance.
    -     		+ +
    Name of the instance.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • running
      • -
    • restarted
      • -
    • rebooted
      • -
    • stopped
      • -
    -     		-
    Indicate desired state of the target.
    -
    rebooted and restarted are aliases.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • running
      • +
    • restarted
      • +
    • rebooted
      • +
    • stopped
      • +
    +     		+
    Indicate desired state of the target.
    +
    rebooted and restarted are aliases.
    +
    +
    user_data
    string -
    -     		- -
    Launch script that can configure the instance with additional data.
    -     		+ +
    Launch script that can configure the instance with additional data.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Wait for the instance to be in state 'running' before returning.
    -
    If wait=false an ip_address may not be returned.
    -
    Has no effect when state=rebooted or state=absent.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Wait for the instance to be in state 'running' before returning.
    +
    If wait=false an ip_address may not be returned.
    +
    Has no effect when state=rebooted or state=absent.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    How long before wait gives up, in seconds.
    -     		+ Default:
    300
    +     		+
    How long before wait gives up, in seconds.
    +
    +
    zone
    string -
    -     		- -
    AWS availability zone in which to launch the instance.
    -
    Required when state=present
    -     		+ +
    AWS availability zone in which to launch the instance.
    +
    Required when state=present
    +
    +
    @@ -354,7 +373,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -365,7 +384,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a new Lightsail instance community.aws.lightsail: state: present @@ -386,8 +404,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -400,41 +416,41 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    if a snapshot has been modified/created
    -
    -
    Sample:
    -
    {'changed': True}
    - +
    if a snapshot has been modified/created
    +
    +
    Sample:
    +
    {'changed': True}
    + - - + +
    instance
    dictionary -
    - + + always -
    instance data
    -
    -
    Sample:
    -
    {'arn': 'arn:aws:lightsail:us-east-1:448830907657:Instance/1fef0175-d6c8-480e-84fa-214f969cda87', 'blueprint_id': 'ubuntu_16_04', 'blueprint_name': 'Ubuntu', 'bundle_id': 'nano_1_0', 'created_at': '2017-03-27T08:38:59.714000-04:00', 'hardware': {'cpu_count': 1, 'ram_size_in_gb': 0.5}, 'is_static_ip': False, 'location': {'availability_zone': 'us-east-1a', 'region_name': 'us-east-1'}, 'name': 'my_instance', 'networking': {'monthly_transfer': {'gb_per_month_allocated': 1024}, 'ports': [{'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 80, 'protocol': 'tcp', 'to_port': 80}, {'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 22, 'protocol': 'tcp', 'to_port': 22}]}, 'private_ip_address': '172.26.8.14', 'public_ip_address': '34.207.152.202', 'resource_type': 'Instance', 'ssh_key_name': 'keypair', 'state': {'code': 16, 'name': 'running'}, 'support_code': '588307843083/i-0997c97831ee21e33', 'username': 'ubuntu'}
    - +
    instance data
    +
    +
    Sample:
    +
    {'arn': 'arn:aws:lightsail:us-east-1:448830907657:Instance/1fef0175-d6c8-480e-84fa-214f969cda87', 'blueprint_id': 'ubuntu_16_04', 'blueprint_name': 'Ubuntu', 'bundle_id': 'nano_1_0', 'created_at': '2017-03-27T08:38:59.714000-04:00', 'hardware': {'cpu_count': 1, 'ram_size_in_gb': 0.5}, 'is_static_ip': False, 'location': {'availability_zone': 'us-east-1a', 'region_name': 'us-east-1'}, 'name': 'my_instance', 'networking': {'monthly_transfer': {'gb_per_month_allocated': 1024}, 'ports': [{'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 80, 'protocol': 'tcp', 'to_port': 80}, {'access_direction': 'inbound', 'access_from': 'Anywhere (0.0.0.0/0)', 'access_type': 'public', 'common_name': '', 'from_port': 22, 'protocol': 'tcp', 'to_port': 22}]}, 'private_ip_address': '172.26.8.14', 'public_ip_address': '34.207.152.202', 'resource_type': 'Instance', 'ssh_key_name': 'keypair', 'state': {'code': 16, 'name': 'running'}, 'support_code': '588307843083/i-0997c97831ee21e33', 'username': 'ubuntu'}
    + - +

    @@ -447,5 +463,3 @@ Authors - Nick Ball (@nickball) - Prasad Katti (@prasadkatti) - - diff --git a/docs/community.aws.rds_instance_info_module.rst b/docs/community.aws.rds_instance_info_module.rst index ebf08809687..1bdc6675e63 100644 --- a/docs/community.aws.rds_instance_info_module.rst +++ b/docs/community.aws.rds_instance_info_module.rst @@ -38,192 +38,211 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    db_instance_identifier
    string -
    -     		- -
    The RDS instance's unique identifier.
    -

    aliases: id
    -     		+ +
    The RDS instance's unique identifier.
    +

    aliases: id
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    filters
    dictionary -
    -     		- -
    A filter that specifies one or more DB instances to describe. See https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
    -     		+ +
    A filter that specifies one or more DB instances to describe. See https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -231,7 +250,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -242,7 +261,6 @@ Examples .. code-block:: yaml+jinja - - name: Get information about an instance community.aws.rds_instance_info: db_instance_identifier: new-database @@ -253,7 +271,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -266,1041 +283,1041 @@ Common return values are documented `here Returned Description - - + +
    instances
    complex -
    - + + always -
    List of RDS instances
    -
    - +
    List of RDS instances
    +
    + - -   - + +   +
    allocated_storage
    integer -
    - + + always -
    Gigabytes of storage allocated to the database
    -
    -
    Sample:
    -
    10
    - - - -   - +
    Gigabytes of storage allocated to the database
    +
    +
    Sample:
    +
    10
    + + + +   +
    auto_minor_version_upgrade
    boolean -
    - + + always -
    Whether minor version upgrades happen automatically
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether minor version upgrades happen automatically
    +
    +
    Sample:
    +
    True
    + + + +   +
    availability_zone
    string -
    - + + always -
    Availability Zone in which the database resides
    -
    -
    Sample:
    -
    us-west-2b
    - - - -   - +
    Availability Zone in which the database resides
    +
    +
    Sample:
    +
    us-west-2b
    + + + +   +
    backup_retention_period
    integer -
    - + + always -
    Days for which backups are retained
    -
    -
    Sample:
    -
    7
    - - - -   - +
    Days for which backups are retained
    +
    +
    Sample:
    +
    7
    + + + +   +
    ca_certificate_identifier
    string -
    - + + always -
    ID for the CA certificate
    -
    -
    Sample:
    -
    rds-ca-2015
    - - - -   - +
    ID for the CA certificate
    +
    +
    Sample:
    +
    rds-ca-2015
    + + + +   +
    copy_tags_to_snapshot
    boolean -
    - + + always -
    Whether DB tags should be copied to the snapshot
    -
    - +
    Whether DB tags should be copied to the snapshot
    +
    + - -   - + +   +
    db_instance_arn
    string -
    - + + always -
    ARN of the database instance
    -
    -
    Sample:
    -
    arn:aws:rds:us-west-2:111111111111:db:helloworld-rds
    - - - -   - +
    ARN of the database instance
    +
    +
    Sample:
    +
    arn:aws:rds:us-west-2:111111111111:db:helloworld-rds
    + + + +   +
    db_instance_class
    string -
    - + + always -
    Instance class of the database instance
    -
    -
    Sample:
    -
    db.t2.small
    - - - -   - +
    Instance class of the database instance
    +
    +
    Sample:
    +
    db.t2.small
    + + + +   +
    db_instance_identifier
    string -
    - + + always -
    Database instance identifier
    -
    -
    Sample:
    -
    helloworld-rds
    - - - -   - +
    Database instance identifier
    +
    +
    Sample:
    +
    helloworld-rds
    + + + +   +
    db_instance_port
    integer -
    - + + always -
    Port used by the database instance
    -
    - +
    Port used by the database instance
    +
    + - -   - + +   +
    db_instance_status
    string -
    - + + always -
    Status of the database instance
    -
    -
    Sample:
    -
    available
    - - - -   - +
    Status of the database instance
    +
    +
    Sample:
    +
    available
    + + + +   +
    db_name
    string -
    - + + always -
    Name of the database
    -
    -
    Sample:
    -
    management
    - - - -   - +
    Name of the database
    +
    +
    Sample:
    +
    management
    + + + +   +
    db_parameter_groups
    complex -
    - + + always -
    List of database parameter groups
    -
    - +
    List of database parameter groups
    +
    + - -   -   - + +   +   +
    db_parameter_group_name
    string -
    - + + always -
    Name of the database parameter group
    -
    -
    Sample:
    -
    psql-pg-helloworld
    - - - -   -   - +
    Name of the database parameter group
    +
    +
    Sample:
    +
    psql-pg-helloworld
    + + + +   +   +
    parameter_apply_status
    string -
    - + + always -
    Whether the parameter group has been applied
    -
    -
    Sample:
    -
    in-sync
    - +
    Whether the parameter group has been applied
    +
    +
    Sample:
    +
    in-sync
    + - - -   - + + +   +
    db_security_groups
    list -
    - + + always -
    List of security groups used by the database instance
    -
    - +
    List of security groups used by the database instance
    +
    + - -   - + +   +
    db_subnet_group
    complex -
    - + + always -
    list of subnet groups
    -
    - +
    list of subnet groups
    +
    + - -   -   - + +   +   +
    db_subnet_group_description
    string -
    - + + always -
    Description of the DB subnet group
    -
    -
    Sample:
    -
    My database subnet group
    - - - -   -   - +
    Description of the DB subnet group
    +
    +
    Sample:
    +
    My database subnet group
    + + + +   +   +
    db_subnet_group_name
    string -
    - + + always -
    Name of the database subnet group
    -
    -
    Sample:
    -
    my-subnet-group
    - - - -   -   - +
    Name of the database subnet group
    +
    +
    Sample:
    +
    my-subnet-group
    + + + +   +   +
    subnet_group_status
    string -
    - + + always -
    Subnet group status
    -
    -
    Sample:
    -
    Complete
    - - - -   -   - +
    Subnet group status
    +
    +
    Sample:
    +
    Complete
    + + + +   +   +
    subnets
    complex -
    - + + always -
    List of subnets in the subnet group
    -
    - +
    List of subnets in the subnet group
    +
    + - -   -   -   - + +   +   +   +
    subnet_availability_zone
    complex -
    - + + always -
    Availability zone of the subnet
    -
    - +
    Availability zone of the subnet
    +
    + - -   -   -   -   - + +   +   +   +   +
    name
    string -
    - + + always -
    Name of the availability zone
    -
    -
    Sample:
    -
    us-west-2c
    - - - - -   -   -   - +
    Name of the availability zone
    +
    +
    Sample:
    +
    us-west-2c
    + + + + +   +   +   +
    subnet_identifier
    string -
    - + + always -
    Subnet ID
    -
    -
    Sample:
    -
    subnet-abcd1234
    - - - -   -   -   - +
    Subnet ID
    +
    +
    Sample:
    +
    subnet-abcd1234
    + + + +   +   +   +
    subnet_status
    string -
    - + + always -
    Subnet status
    -
    -
    Sample:
    -
    Active
    - - - - -   -   - +
    Subnet status
    +
    +
    Sample:
    +
    Active
    + + + + +   +   +
    vpc_id
    string -
    - + + always -
    VPC id of the subnet group
    -
    -
    Sample:
    -
    vpc-abcd1234
    - +
    VPC id of the subnet group
    +
    +
    Sample:
    +
    vpc-abcd1234
    + - - -   - + + +   +
    dbi_resource_id
    string -
    - + + always -
    AWS Region-unique, immutable identifier for the DB instance
    -
    -
    Sample:
    -
    db-AAAAAAAAAAAAAAAAAAAAAAAAAA
    - - - -   - +
    AWS Region-unique, immutable identifier for the DB instance
    +
    +
    Sample:
    +
    db-AAAAAAAAAAAAAAAAAAAAAAAAAA
    + + + +   +
    domain_memberships
    list -
    - + + always -
    List of domain memberships
    -
    - +
    List of domain memberships
    +
    + - -   - + +   +
    endpoint
    complex -
    - + + always -
    Database endpoint
    -
    - +
    Database endpoint
    +
    + - -   -   - + +   +   +
    address
    string -
    - + + always -
    Database endpoint address
    -
    -
    Sample:
    -
    helloworld-rds.ctrqpe3so1sf.us-west-2.rds.amazonaws.com
    - - - -   -   - +
    Database endpoint address
    +
    +
    Sample:
    +
    helloworld-rds.ctrqpe3so1sf.us-west-2.rds.amazonaws.com
    + + + +   +   +
    hosted_zone_id
    string -
    - + + always -
    Route53 hosted zone ID
    -
    -
    Sample:
    -
    Z1PABCD0000000
    - - - -   -   - +
    Route53 hosted zone ID
    +
    +
    Sample:
    +
    Z1PABCD0000000
    + + + +   +   +
    port
    integer -
    - + + always -
    Database endpoint port
    -
    -
    Sample:
    -
    5432
    - +
    Database endpoint port
    +
    +
    Sample:
    +
    5432
    + - - -   - + + +   +
    engine
    string -
    - + + always -
    Database engine
    -
    -
    Sample:
    -
    postgres
    - - - -   - +
    Database engine
    +
    +
    Sample:
    +
    postgres
    + + + +   +
    engine_version
    string -
    - + + always -
    Database engine version
    -
    -
    Sample:
    -
    9.5.10
    - - - -   - +
    Database engine version
    +
    +
    Sample:
    +
    9.5.10
    + + + +   +
    iam_database_authentication_enabled
    boolean -
    - + + always -
    Whether database authentication through IAM is enabled
    -
    - +
    Whether database authentication through IAM is enabled
    +
    + - -   - + +   +
    instance_create_time
    string -
    - + + always -
    Date and time the instance was created
    -
    -
    Sample:
    -
    2017-10-10T04:00:07.434000+00:00
    - - - -   - +
    Date and time the instance was created
    +
    +
    Sample:
    +
    2017-10-10T04:00:07.434000+00:00
    + + + +   +
    kms_key_id
    string -
    - + + always -
    KMS Key ID
    -
    -
    Sample:
    -
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-0000-abcd-1111-0123456789ab
    - - - -   - +
    KMS Key ID
    +
    +
    Sample:
    +
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-0000-abcd-1111-0123456789ab
    + + + +   +
    latest_restorable_time
    string -
    - + + always -
    Latest time to which a database can be restored with point-in-time restore
    -
    -
    Sample:
    -
    2018-05-17T00:03:56+00:00
    - - - -   - +
    Latest time to which a database can be restored with point-in-time restore
    +
    +
    Sample:
    +
    2018-05-17T00:03:56+00:00
    + + + +   +
    license_model
    string -
    - + + always -
    License model
    -
    -
    Sample:
    -
    postgresql-license
    - - - -   - +
    License model
    +
    +
    Sample:
    +
    postgresql-license
    + + + +   +
    master_username
    string -
    - + + always -
    Database master username
    -
    -
    Sample:
    -
    dbadmin
    - - - -   - +
    Database master username
    +
    +
    Sample:
    +
    dbadmin
    + + + +   +
    monitoring_interval
    integer -
    - + + always -
    Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance
    -
    - +
    Interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance
    +
    + - -   - + +   +
    multi_az
    boolean -
    - + + always -
    Whether Multi-AZ is on
    -
    - +
    Whether Multi-AZ is on
    +
    + - -   - + +   +
    option_group_memberships
    complex -
    - + + always -
    List of option groups
    -
    - +
    List of option groups
    +
    + - -   -   - + +   +   +
    option_group_name
    string -
    - + + always -
    Option group name
    -
    -
    Sample:
    -
    default:postgres-9-5
    - - - -   -   - +
    Option group name
    +
    +
    Sample:
    +
    default:postgres-9-5
    + + + +   +   +
    status
    string -
    - + + always -
    Status of option group
    -
    -
    Sample:
    -
    in-sync
    - +
    Status of option group
    +
    +
    Sample:
    +
    in-sync
    + - - -   - + + +   +
    pending_modified_values
    complex -
    - + + always -
    Modified values pending application
    -
    - +
    Modified values pending application
    +
    + - -   - + +   +
    performance_insights_enabled
    boolean -
    - + + always -
    Whether performance insights are enabled
    -
    - +
    Whether performance insights are enabled
    +
    + - -   - + +   +
    preferred_backup_window
    string -
    - + + always -
    Preferred backup window
    -
    -
    Sample:
    -
    04:00-05:00
    - - - -   - +
    Preferred backup window
    +
    +
    Sample:
    +
    04:00-05:00
    + + + +   +
    preferred_maintenance_window
    string -
    - + + always -
    Preferred maintenance window
    -
    -
    Sample:
    -
    mon:05:00-mon:05:30
    - - - -   - +
    Preferred maintenance window
    +
    +
    Sample:
    +
    mon:05:00-mon:05:30
    + + + +   +
    publicly_accessible
    boolean -
    - + + always -
    Whether the DB is publicly accessible
    -
    - +
    Whether the DB is publicly accessible
    +
    + - -   - + +   +
    read_replica_db_instance_identifiers
    list -
    - + + always -
    List of database instance read replicas
    -
    - +
    List of database instance read replicas
    +
    + - -   - + +   +
    storage_encrypted
    boolean -
    - + + always -
    Whether the storage is encrypted
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether the storage is encrypted
    +
    +
    Sample:
    +
    True
    + + + +   +
    storage_type
    string -
    - + + always -
    Storage type of the Database instance
    -
    -
    Sample:
    -
    gp2
    - - - -   - +
    Storage type of the Database instance
    +
    +
    Sample:
    +
    gp2
    + + + +   +
    tags
    complex -
    - + + always -
    Tags used by the database instance
    -
    - +
    Tags used by the database instance
    +
    + - -   - + +   +
    vpc_security_groups
    complex -
    - + + always -
    List of VPC security groups
    -
    - +
    List of VPC security groups
    +
    + - -   -   - + +   +   +
    status
    string -
    - + + always -
    Status of the VPC security group
    -
    -
    Sample:
    -
    active
    - - - -   -   - +
    Status of the VPC security group
    +
    +
    Sample:
    +
    active
    + + + +   +   +
    vpc_security_group_id
    string -
    - + + always -
    VPC Security Group ID
    -
    -
    Sample:
    -
    sg-abcd1234
    - +
    VPC Security Group ID
    +
    +
    Sample:
    +
    sg-abcd1234
    + - - - + + +

    @@ -1313,5 +1330,3 @@ Authors - Will Thames (@willthames) - Michael De La Rue (@mikedlr) - - diff --git a/docs/community.aws.rds_instance_module.rst b/docs/community.aws.rds_instance_module.rst index 78ef27aa24e..231f76a2335 100644 --- a/docs/community.aws.rds_instance_module.rst +++ b/docs/community.aws.rds_instance_module.rst @@ -37,1359 +37,1378 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + + + + - - - + + - - - - - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    allocated_storage
    integer -
    -     		- -
    The amount of storage (in gibibytes) to allocate for the DB instance.
    -     		+ +
    The amount of storage (in gibibytes) to allocate for the DB instance.
    +
    +
    allow_major_version_upgrade
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to allow major version upgrades.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to allow major version upgrades.
    +
    +
    apply_immediately
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    A value that specifies whether modifying a cluster with new_db_instance_identifier and master_user_password should be applied as soon as possible, regardless of the preferred_maintenance_window setting. If false, changes are applied during the next maintenance window.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    A value that specifies whether modifying a cluster with new_db_instance_identifier and master_user_password should be applied as soon as possible, regardless of the preferred_maintenance_window setting. If false, changes are applied during the next maintenance window.
    +
    +
    auto_minor_version_upgrade
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether minor version upgrades are applied automatically to the DB instance during the maintenance window.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether minor version upgrades are applied automatically to the DB instance during the maintenance window.
    +
    +
    availability_zone
    string -
    -     		- -
    A list of EC2 Availability Zones that instances in the DB cluster can be created in. May be used when creating a cluster or when restoring from S3 or a snapshot. Mutually exclusive with multi_az.
    -

    aliases: az, zone
    -     		+ +
    A list of EC2 Availability Zones that instances in the DB cluster can be created in. May be used when creating a cluster or when restoring from S3 or a snapshot. Mutually exclusive with multi_az.
    +

    aliases: az, zone
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    backup_retention_period
    integer -
    -     		- -
    The number of days for which automated backups are retained.
    -
    When set to 0, automated backups will be disabled. (Not applicable if the DB instance is a source to read replicas)
    -
    May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    -     		+ +
    The number of days for which automated backups are retained.
    +
    When set to 0, automated backups will be disabled. (Not applicable if the DB instance is a source to read replicas)
    +
    May be used when creating a new cluster, when restoring from S3, or when modifying a cluster.
    +
    +
    ca_certificate_identifier
    string -
    -     		- -
    The identifier of the CA certificate for the DB instance.
    -     		+ +
    The identifier of the CA certificate for the DB instance.
    +
    +
    character_set_name
    string -
    -     		- -
    The character set to associate with the DB cluster.
    -     		+ +
    The character set to associate with the DB cluster.
    +
    +
    copy_tags_to_snapshot
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether or not to copy all tags from the DB instance to snapshots of the instance. When initially creating a DB instance the RDS API defaults this to false if unspecified.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether or not to copy all tags from the DB instance to snapshots of the instance. When initially creating a DB instance the RDS API defaults this to false if unspecified.
    +
    +
    creation_source
    string -
    -     		-
      Choices: -
    • snapshot
      • -
    • s3
      • -
    • instance
      • -
    -     		-
    Which source to use if restoring from a template (an existing instance, S3 bucket, or snapshot).
    -     		+
      Choices: +
    • snapshot
      • +
    • s3
      • +
    • instance
      • +
    +     		+
    Which source to use if restoring from a template (an existing instance, S3 bucket, or snapshot).
    +
    +
    db_cluster_identifier
    string -
    -     		- -
    The DB cluster (lowercase) identifier to add the aurora DB instance to. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    -

    aliases: cluster_id
    -     		+ +
    The DB cluster (lowercase) identifier to add the aurora DB instance to. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    +

    aliases: cluster_id
    +
    +
    db_instance_class
    string -
    -     		- -
    The compute and memory capacity of the DB instance, for example db.t2.micro.
    -

    aliases: class, instance_type
    -     		+ +
    The compute and memory capacity of the DB instance, for example db.t2.micro.
    +

    aliases: class, instance_type
    +
    +
    db_instance_identifier
    string - / required
    -     		- -
    The DB instance (lowercase) identifier. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    -

    aliases: instance_id, id
    -     		+ +
    The DB instance (lowercase) identifier. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens.
    +

    aliases: instance_id, id
    +
    +
    db_name
    string -
    -     		- -
    The name for your database. If a name is not provided Amazon RDS will not create a database.
    -     		+ +
    The name for your database. If a name is not provided Amazon RDS will not create a database.
    +
    +
    db_parameter_group_name
    string -
    -     		- -
    The name of the DB parameter group to associate with this DB instance. When creating the DB instance if this argument is omitted the default DBParameterGroup for the specified engine is used.
    -     		+ +
    The name of the DB parameter group to associate with this DB instance. When creating the DB instance if this argument is omitted the default DBParameterGroup for the specified engine is used.
    +
    +
    db_security_groups
    list -
    -     		- -
    (EC2-Classic platform) A list of DB security groups to associate with this DB instance.
    -     		+ +
    (EC2-Classic platform) A list of DB security groups to associate with this DB instance.
    +
    +
    db_snapshot_identifier
    string -
    -     		- -
    The identifier for the DB snapshot to restore from if using creation_source=snapshot.
    -     		+ +
    The identifier for the DB snapshot to restore from if using creation_source=snapshot.
    +
    +
    db_subnet_group_name
    string -
    -     		- -
    The DB subnet group name to use for the DB instance.
    -

    aliases: subnet_group
    -     		+ +
    The DB subnet group name to use for the DB instance.
    +

    aliases: subnet_group
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    domain
    string -
    -     		- -
    The Active Directory Domain to restore the instance in.
    -     		+ +
    The Active Directory Domain to restore the instance in.
    +
    +
    domain_iam_role_name
    string -
    -     		- -
    The name of the IAM role to be used when making API calls to the Directory Service.
    -     		+ +
    The name of the IAM role to be used when making API calls to the Directory Service.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    enable_cloudwatch_logs_exports
    list -
    -     		- -
    A list of log types that need to be enabled for exporting to CloudWatch Logs.
    -

    aliases: cloudwatch_log_exports
    -     		+ +
    A list of log types that need to be enabled for exporting to CloudWatch Logs.
    +

    aliases: cloudwatch_log_exports
    +
    +
    enable_iam_database_authentication
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. If this option is omitted when creating the cluster, Amazon RDS sets this to False.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. If this option is omitted when creating the cluster, Amazon RDS sets this to False.
    +
    +
    enable_performance_insights
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to enable Performance Insights for the DB instance.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to enable Performance Insights for the DB instance.
    +
    +
    engine
    string -
    -     		- -
    The name of the database engine to be used for this DB instance. This is required to create an instance. Valid choices are aurora | aurora-mysql | aurora-postgresql | mariadb | mysql | oracle-ee | oracle-se | oracle-se1 | oracle-se2 | postgres | sqlserver-ee | sqlserver-ex | sqlserver-se | sqlserver-web
    -     		+ +
    The name of the database engine to be used for this DB instance. This is required to create an instance. Valid choices are aurora | aurora-mysql | aurora-postgresql | mariadb | mysql | oracle-ee | oracle-se | oracle-se1 | oracle-se2 | postgres | sqlserver-ee | sqlserver-ex | sqlserver-se | sqlserver-web
    +
    +
    engine_version
    string -
    -     		- -
    The version number of the database engine to use. For Aurora MySQL that could be 5.6.10a , 5.7.12. Aurora PostgreSQL example, 9.6.3
    -     		+ +
    The version number of the database engine to use. For Aurora MySQL that could be 5.6.10a , 5.7.12. Aurora PostgreSQL example, 9.6.3
    +
    +
    final_db_snapshot_identifier
    string -
    -     		- -
    The DB instance snapshot identifier of the new DB instance snapshot created when skip_final_snapshot is false.
    -

    aliases: final_snapshot_identifier
    -     		+ +
    The DB instance snapshot identifier of the new DB instance snapshot created when skip_final_snapshot is false.
    +

    aliases: final_snapshot_identifier
    +
    +
    force_failover
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Set to true to conduct the reboot through a MultiAZ failover.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Set to true to conduct the reboot through a MultiAZ failover.
    +
    +
    force_update_password
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Set to True to update your cluster password with master_user_password. Since comparing passwords to determine if it needs to be updated is not possible this is set to False by default to allow idempotence.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Set to True to update your cluster password with master_user_password. Since comparing passwords to determine if it needs to be updated is not possible this is set to False by default to allow idempotence.
    +
    +
    iops
    integer -
    -     		- -
    The Provisioned IOPS (I/O operations per second) value. Is only set when using storage_type is set to io1.
    -     		+ +
    The Provisioned IOPS (I/O operations per second) value. Is only set when using storage_type is set to io1.
    +
    +
    kms_key_id
    string -
    -     		- -
    The ARN of the AWS KMS key identifier for an encrypted DB instance. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
    -
    If storage_encrypted is true and and this option is not provided, the default encryption key is used.
    -     		+ +
    The ARN of the AWS KMS key identifier for an encrypted DB instance. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
    +
    If storage_encrypted is true and and this option is not provided, the default encryption key is used.
    +
    +
    license_model
    string -
    -     		- -
    The license model for the DB instance.
    -
    Several options are license-included, bring-your-own-license, and general-public-license.
    -
    This option can also be omitted to default to an accepted value.
    -     		+ +
    The license model for the DB instance.
    +
    Several options are license-included, bring-your-own-license, and general-public-license.
    +
    This option can also be omitted to default to an accepted value.
    +
    +
    master_user_password
    string -
    -     		- -
    An 8-41 character password for the master database user. The password can contain any printable ASCII character except "/", """, or "@". To modify the password use force_password_update. Use apply immediately to change the password immediately, otherwise it is updated during the next maintenance window.
    -

    aliases: password
    -     		+ +
    An 8-41 character password for the master database user. The password can contain any printable ASCII character except "/", """, or "@". To modify the password use force_password_update. Use apply immediately to change the password immediately, otherwise it is updated during the next maintenance window.
    +

    aliases: password
    +
    +
    master_username
    string -
    -     		- -
    The name of the master user for the DB cluster. Must be 1-16 letters or numbers and begin with a letter.
    -

    aliases: username
    -     		+ +
    The name of the master user for the DB cluster. Must be 1-16 letters or numbers and begin with a letter.
    +

    aliases: username
    +
    +
    max_allocated_storage
    integer -
    -     		- -
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    -     		+ +
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    +
    +
    monitoring_interval
    integer -
    -     		- -
    The interval, in seconds, when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting metrics, specify 0. Amazon RDS defaults this to 0 if omitted when initially creating a DB instance.
    -     		+ +
    The interval, in seconds, when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting metrics, specify 0. Amazon RDS defaults this to 0 if omitted when initially creating a DB instance.
    +
    +
    monitoring_role_arn
    string -
    -     		- -
    The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
    -     		+ +
    The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs.
    +
    +
    multi_az
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies if the DB instance is a Multi-AZ deployment. Mutually exclusive with availability_zone.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies if the DB instance is a Multi-AZ deployment. Mutually exclusive with availability_zone.
    +
    +
    new_db_instance_identifier
    string -
    -     		- -
    The new DB cluster (lowercase) identifier for the DB cluster when renaming a DB instance. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens. Use apply_immediately to rename immediately, otherwise it is updated during the next maintenance window.
    -

    aliases: new_instance_id, new_id
    -     		+ +
    The new DB cluster (lowercase) identifier for the DB cluster when renaming a DB instance. The identifier must contain from 1 to 63 letters, numbers, or hyphens and the first character must be a letter and may not end in a hyphen or contain consecutive hyphens. Use apply_immediately to rename immediately, otherwise it is updated during the next maintenance window.
    +

    aliases: new_instance_id, new_id
    +
    +
    option_group_name
    string -
    -     		- -
    The option group to associate with the DB instance.
    -     		+ +
    The option group to associate with the DB instance.
    +
    +
    performance_insights_kms_key_id
    string -
    -     		- -
    The AWS KMS key identifier (ARN, name, or alias) for encryption of Performance Insights data.
    -     		+ +
    The AWS KMS key identifier (ARN, name, or alias) for encryption of Performance Insights data.
    +
    +
    performance_insights_retention_period
    integer -
    -     		- -
    The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731.
    -     		+ +
    The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731.
    +
    +
    port
    integer -
    -     		- -
    The port number on which the instances accept connections.
    -     		+ +
    The port number on which the instances accept connections.
    +
    +
    preferred_backup_window
    string -
    -     		- -
    The daily time range (in UTC) of at least 30 minutes, during which automated backups are created if automated backups are enabled using backup_retention_period. The option must be in the format of "hh24:mi-hh24:mi" and not conflict with preferred_maintenance_window.
    -

    aliases: backup_window
    -     		+ +
    The daily time range (in UTC) of at least 30 minutes, during which automated backups are created if automated backups are enabled using backup_retention_period. The option must be in the format of "hh24:mi-hh24:mi" and not conflict with preferred_maintenance_window.
    +

    aliases: backup_window
    +
    +
    preferred_maintenance_window
    string -
    -     		- -
    The weekly time range (in UTC) of at least 30 minutes, during which system maintenance can occur. The option must be in the format "ddd:hh24:mi-ddd:hh24:mi" where ddd is one of Mon, Tue, Wed, Thu, Fri, Sat, Sun.
    -

    aliases: maintenance_window
    -     		+ +
    The weekly time range (in UTC) of at least 30 minutes, during which system maintenance can occur. The option must be in the format "ddd:hh24:mi-ddd:hh24:mi" where ddd is one of Mon, Tue, Wed, Thu, Fri, Sat, Sun.
    +

    aliases: maintenance_window
    +
    +
    processor_features
    dictionary -
    -     		- -
    A dictionary of Name, Value pairs to indicate the number of CPU cores and the number of threads per core for the DB instance class of the DB instance. Names are threadsPerCore and coreCount. Set this option to an empty dictionary to use the default processor features.
    -
    + + + +
    A dictionary of Name, Value pairs to indicate the number of CPU cores and the number of threads per core for the DB instance class of the DB instance. Names are threadsPerCore and coreCount. Set this option to an empty dictionary to use the default processor features.
    +
    coreCount
    - -
    -     		- -
    The number of CPU cores
    -     		+ +
    The number of CPU cores
    +
    +
    threadsPerCore
    - -
    -     		- -
    The number of threads per core
    -
    + + + +
    The number of threads per core
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    promotion_tier
    string -
    -     		- -
    An integer that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
    -     		+ +
    An integer that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance.
    +
    +
    publicly_accessible
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
    +
    +
    purge_cloudwatch_logs_exports
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Set to False to retain any enabled cloudwatch logs that aren't specified in the task and are associated with the instance.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Set to False to retain any enabled cloudwatch logs that aren't specified in the task and are associated with the instance.
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Set to False to retain any tags that aren't specified in task and are associated with the instance.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Set to False to retain any tags that aren't specified in task and are associated with the instance.
    +
    +
    read_replica
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Set to False to promote a read replica cluster or true to create one. When creating a read replica creation_source should be set to 'instance' or not provided. source_db_instance_identifier must be provided with this option.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Set to False to promote a read replica cluster or true to create one. When creating a read replica creation_source should be set to 'instance' or not provided. source_db_instance_identifier must be provided with this option.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    restore_time
    string -
    -     		- -
    If using creation_source=instance this indicates the UTC date and time to restore from the source instance. For example, "2009-09-07T23:45:00Z".
    -
    May alternatively set use_latest_restore_time=True.
    -
    Only one of use_latest_restorable_time and restore_time may be provided.
    -     		+ +
    If using creation_source=instance this indicates the UTC date and time to restore from the source instance. For example, "2009-09-07T23:45:00Z".
    +
    May alternatively set use_latest_restore_time=True.
    +
    Only one of use_latest_restorable_time and restore_time may be provided.
    +
    +
    s3_bucket_name
    string -
    -     		- -
    The name of the Amazon S3 bucket that contains the data used to create the Amazon DB instance.
    -     		+ +
    The name of the Amazon S3 bucket that contains the data used to create the Amazon DB instance.
    +
    +
    s3_ingestion_role_arn
    string -
    -     		- -
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.
    -     		+ +
    The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.
    +
    +
    s3_prefix
    string -
    -     		- -
    The prefix for all of the file names that contain the data used to create the Amazon DB instance. If you do not specify a SourceS3Prefix value, then the Amazon DB instance is created by using all of the files in the Amazon S3 bucket.
    -     		+ +
    The prefix for all of the file names that contain the data used to create the Amazon DB instance. If you do not specify a SourceS3Prefix value, then the Amazon DB instance is created by using all of the files in the Amazon S3 bucket.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    skip_final_snapshot
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether a final DB cluster snapshot is created before the DB cluster is deleted. If this is false final_db_snapshot_identifier must be provided.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether a final DB cluster snapshot is created before the DB cluster is deleted. If this is false final_db_snapshot_identifier must be provided.
    +
    +
    snapshot_identifier
    string -
    -     		- -
    The ARN of the DB snapshot to restore from when using creation_source=snapshot.
    -     		+ +
    The ARN of the DB snapshot to restore from when using creation_source=snapshot.
    +
    +
    source_db_instance_identifier
    string -
    -     		- -
    The identifier or ARN of the source DB instance from which to restore when creating a read replica or spinning up a point-in-time DB instance using creation_source=instance. If the source DB is not in the same region this should be an ARN.
    -     		+ +
    The identifier or ARN of the source DB instance from which to restore when creating a read replica or spinning up a point-in-time DB instance using creation_source=instance. If the source DB is not in the same region this should be an ARN.
    +
    +
    source_engine
    string -
    -     		-
      Choices: -
    • mysql
      • -
    -     		-
    The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.
    -     		+
      Choices: +
    • mysql
      • +
    +     		+
    The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.
    +
    +
    source_engine_version
    string -
    -     		- -
    The version of the database that the backup files were created from.
    -     		+ +
    The version of the database that the backup files were created from.
    +
    +
    source_region
    string -
    -     		- -
    The region of the DB instance from which the replica is created.
    -     		+ +
    The region of the DB instance from which the replica is created.
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    • terminated
      • -
    • running
      • -
    • started
      • -
    • stopped
      • -
    • rebooted
      • -
    • restarted
      • -
    -     		-
    Whether the snapshot should exist or not. rebooted is not idempotent and will leave the DB instance in a running state and start it prior to rebooting if it was stopped. present will leave the DB instance in the current running/stopped state, (running if creating the DB instance).
    -
    state=running and state=started are synonyms, as are state=rebooted and state=restarted. Note - rebooting the instance is not idempotent.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    • terminated
      • +
    • running
      • +
    • started
      • +
    • stopped
      • +
    • rebooted
      • +
    • restarted
      • +
    +     		+
    Whether the snapshot should exist or not. rebooted is not idempotent and will leave the DB instance in a running state and start it prior to rebooting if it was stopped. present will leave the DB instance in the current running/stopped state, (running if creating the DB instance).
    +
    state=running and state=started are synonyms, as are state=rebooted and state=restarted. Note - rebooting the instance is not idempotent.
    +
    +
    storage_encrypted
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether the DB instance is encrypted.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether the DB instance is encrypted.
    +
    +
    storage_type
    string -
    -     		-
      Choices: -
    • standard
      • -
    • gp2
      • -
    • io1
      • -
    -     		-
    The storage type to be associated with the DB instance. storage_type does not apply to Aurora DB instances.
    -     		+
      Choices: +
    • standard
      • +
    • gp2
      • +
    • io1
      • +
    +     		+
    The storage type to be associated with the DB instance. storage_type does not apply to Aurora DB instances.
    +
    +
    tags
    dictionary -
    -     		- -
    A dictionary of key value pairs to assign the DB cluster.
    -     		+ +
    A dictionary of key value pairs to assign the DB cluster.
    +
    +
    tde_credential_arn
    string -
    -     		- -
    The ARN from the key store with which to associate the instance for Transparent Data Encryption. This is supported by Oracle or SQL Server DB instances and may be used in conjunction with storage_encrypted though it might slightly affect the performance of your database.
    -

    aliases: transparent_data_encryption_arn
    -     		+ +
    The ARN from the key store with which to associate the instance for Transparent Data Encryption. This is supported by Oracle or SQL Server DB instances and may be used in conjunction with storage_encrypted though it might slightly affect the performance of your database.
    +

    aliases: transparent_data_encryption_arn
    +
    +
    tde_credential_password
    string -
    -     		- -
    The password for the given ARN from the key store in order to access the device.
    -

    aliases: transparent_data_encryption_password
    -     		+ +
    The password for the given ARN from the key store in order to access the device.
    +

    aliases: transparent_data_encryption_password
    +
    +
    timezone
    string -
    -     		- -
    The time zone of the DB instance.
    -     		+ +
    The time zone of the DB instance.
    +
    +
    use_latest_restorable_time
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to restore the DB instance to the latest restorable backup time.
    -
    Only one of use_latest_restorable_time and restore_time may be provided.
    -

    aliases: restore_from_latest
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to restore the DB instance to the latest restorable backup time.
    +
    Only one of use_latest_restorable_time and restore_time may be provided.
    +

    aliases: restore_from_latest
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_security_group_ids
    list -
    -     		- -
    A list of EC2 VPC security groups to associate with the DB cluster.
    -     		+ +
    A list of EC2 VPC security groups to associate with the DB cluster.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to wait for the cluster to be available, stopped, or deleted. At a later time a wait_timeout option may be added. Following each API call to create/modify/delete the instance a waiter is used with a 60 second delay 30 times until the instance reaches the expected state (available/stopped/deleted). The total task time may also be influenced by AWSRetry which helps stabilize if the instance is in an invalid state to operate on to begin with (such as if you try to stop it when it is in the process of rebooting). If setting this to False task retries and delays may make your playbook execution better handle timeouts for major modifications.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    Whether to wait for the cluster to be available, stopped, or deleted. At a later time a wait_timeout option may be added. Following each API call to create/modify/delete the instance a waiter is used with a 60 second delay 30 times until the instance reaches the expected state (available/stopped/deleted). The total task time may also be influenced by AWSRetry which helps stabilize if the instance is in an invalid state to operate on to begin with (such as if you try to stop it when it is in the process of rebooting). If setting this to False task retries and delays may make your playbook execution better handle timeouts for major modifications.
    + + +
    @@ -1397,7 +1416,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -1408,7 +1427,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: create minimal aurora instance in default VPC and default subnet group community.aws.rds_instance: @@ -1444,7 +1462,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -1457,968 +1474,968 @@ Common return values are documented `here Returned Description - - + +
    allocated_storage
    integer -
    - + + always -
    The allocated storage size in gibibytes. This is always 1 for aurora database engines.
    -
    -
    Sample:
    -
    20
    - - - - +
    The allocated storage size in gibibytes. This is always 1 for aurora database engines.
    +
    +
    Sample:
    +
    20
    + + + +
    auto_minor_version_upgrade
    boolean -
    - + + always -
    Whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
    -
    -
    Sample:
    -
    True
    - - - - +
    Whether minor engine upgrades are applied automatically to the DB instance during the maintenance window.
    +
    +
    Sample:
    +
    True
    + + + +
    availability_zone
    string -
    - + + always -
    The availability zone for the DB instance.
    -
    -
    Sample:
    -
    us-east-1f
    - - - - +
    The availability zone for the DB instance.
    +
    +
    Sample:
    +
    us-east-1f
    + + + +
    backup_retention_period
    integer -
    - + + always -
    The number of days for which automated backups are retained.
    -
    -
    Sample:
    -
    1
    - - - - +
    The number of days for which automated backups are retained.
    +
    +
    Sample:
    +
    1
    + + + +
    ca_certificate_identifier
    string -
    - + + always -
    The identifier of the CA certificate for the DB instance.
    -
    -
    Sample:
    -
    rds-ca-2015
    - - - - +
    The identifier of the CA certificate for the DB instance.
    +
    +
    Sample:
    +
    rds-ca-2015
    + + + +
    copy_tags_to_snapshot
    boolean -
    - + + always -
    Whether tags are copied from the DB instance to snapshots of the DB instance.
    -
    - +
    Whether tags are copied from the DB instance to snapshots of the DB instance.
    +
    + - - + +
    db_instance_arn
    string -
    - + + always -
    The Amazon Resource Name (ARN) for the DB instance.
    -
    -
    Sample:
    -
    arn:aws:rds:us-east-1:123456789012:db:ansible-test
    - - - - +
    The Amazon Resource Name (ARN) for the DB instance.
    +
    +
    Sample:
    +
    arn:aws:rds:us-east-1:123456789012:db:ansible-test
    + + + +
    db_instance_class
    string -
    - + + always -
    The name of the compute and memory capacity class of the DB instance.
    -
    -
    Sample:
    -
    db.m4.large
    - - - - +
    The name of the compute and memory capacity class of the DB instance.
    +
    +
    Sample:
    +
    db.m4.large
    + + + +
    db_instance_identifier
    string -
    - + + always -
    The identifier of the DB instance
    -
    -
    Sample:
    -
    ansible-test
    - - - - +
    The identifier of the DB instance
    +
    +
    Sample:
    +
    ansible-test
    + + + +
    db_instance_port
    integer -
    - + + always -
    The port that the DB instance listens on.
    -
    - +
    The port that the DB instance listens on.
    +
    + - - + +
    db_instance_status
    string -
    - + + always -
    The current state of this database.
    -
    -
    Sample:
    -
    stopped
    - - - - +
    The current state of this database.
    +
    +
    Sample:
    +
    stopped
    + + + +
    db_parameter_groups
    complex -
    - + + always -
    The list of DB parameter groups applied to this DB instance.
    -
    - +
    The list of DB parameter groups applied to this DB instance.
    +
    + - -   - + +   +
    db_parameter_group_name
    string -
    - + + always -
    The name of the DP parameter group.
    -
    -
    Sample:
    -
    default.mariadb10.0
    - - - -   - +
    The name of the DP parameter group.
    +
    +
    Sample:
    +
    default.mariadb10.0
    + + + +   +
    parameter_apply_status
    string -
    - + + always -
    The status of parameter updates.
    -
    -
    Sample:
    -
    in-sync
    - +
    The status of parameter updates.
    +
    +
    Sample:
    +
    in-sync
    + - - - + + +
    db_security_groups
    list -
    - + + always -
    A list of DB security groups associated with this DB instance.
    -
    - +
    A list of DB security groups associated with this DB instance.
    +
    + - - + +
    db_subnet_group
    complex -
    - + + always -
    The subnet group associated with the DB instance.
    -
    - +
    The subnet group associated with the DB instance.
    +
    + - -   - + +   +
    db_subnet_group_description
    string -
    - + + always -
    The description of the DB subnet group.
    -
    -
    Sample:
    -
    default
    - - - -   - +
    The description of the DB subnet group.
    +
    +
    Sample:
    +
    default
    + + + +   +
    db_subnet_group_name
    string -
    - + + always -
    The name of the DB subnet group.
    -
    -
    Sample:
    -
    default
    - - - -   - +
    The name of the DB subnet group.
    +
    +
    Sample:
    +
    default
    + + + +   +
    subnet_group_status
    string -
    - + + always -
    The status of the DB subnet group.
    -
    -
    Sample:
    -
    Complete
    - - - -   - +
    The status of the DB subnet group.
    +
    +
    Sample:
    +
    Complete
    + + + +   +
    subnets
    complex -
    - + + always -
    A list of Subnet elements.
    -
    - +
    A list of Subnet elements.
    +
    + - -   -   - + +   +   +
    subnet_availability_zone
    complex -
    - + + always -
    The availability zone of the subnet.
    -
    - +
    The availability zone of the subnet.
    +
    + - -   -   -   - + +   +   +   +
    name
    string -
    - + + always -
    The name of the Availability Zone.
    -
    -
    Sample:
    -
    us-east-1c
    - - - - -   -   - +
    The name of the Availability Zone.
    +
    +
    Sample:
    +
    us-east-1c
    + + + + +   +   +
    subnet_identifier
    string -
    - + + always -
    The ID of the subnet.
    -
    -
    Sample:
    -
    subnet-12345678
    - - - -   -   - +
    The ID of the subnet.
    +
    +
    Sample:
    +
    subnet-12345678
    + + + +   +   +
    subnet_status
    string -
    - + + always -
    The status of the subnet.
    -
    -
    Sample:
    -
    Active
    - +
    The status of the subnet.
    +
    +
    Sample:
    +
    Active
    + - - -   - + + +   +
    vpc_id
    string -
    - + + always -
    The VpcId of the DB subnet group.
    -
    -
    Sample:
    -
    vpc-12345678
    - +
    The VpcId of the DB subnet group.
    +
    +
    Sample:
    +
    vpc-12345678
    + - - - + + +
    dbi_resource_id
    string -
    - + + always -
    The AWS Region-unique, immutable identifier for the DB instance.
    -
    -
    Sample:
    -
    db-UHV3QRNWX4KB6GALCIGRML6QFA
    - - - - +
    The AWS Region-unique, immutable identifier for the DB instance.
    +
    +
    Sample:
    +
    db-UHV3QRNWX4KB6GALCIGRML6QFA
    + + + +
    domain_memberships
    list -
    - + + always -
    The Active Directory Domain membership records associated with the DB instance.
    -
    - +
    The Active Directory Domain membership records associated with the DB instance.
    +
    + - - + +
    endpoint
    complex -
    - + + always -
    The connection endpoint.
    -
    - +
    The connection endpoint.
    +
    + - -   - + +   +
    address
    string -
    - + + always -
    The DNS address of the DB instance.
    -
    -
    Sample:
    -
    ansible-test.cvlrtwiennww.us-east-1.rds.amazonaws.com
    - - - -   - +
    The DNS address of the DB instance.
    +
    +
    Sample:
    +
    ansible-test.cvlrtwiennww.us-east-1.rds.amazonaws.com
    + + + +   +
    hosted_zone_id
    string -
    - + + always -
    The ID that Amazon Route 53 assigns when you create a hosted zone.
    -
    -
    Sample:
    -
    ZTR2ITUGPA61AM
    - - - -   - +
    The ID that Amazon Route 53 assigns when you create a hosted zone.
    +
    +
    Sample:
    +
    ZTR2ITUGPA61AM
    + + + +   +
    port
    integer -
    - + + always -
    The port that the database engine is listening on.
    -
    -
    Sample:
    -
    3306
    - +
    The port that the database engine is listening on.
    +
    +
    Sample:
    +
    3306
    + - - - + + +
    engine
    string -
    - + + always -
    The database engine version.
    -
    -
    Sample:
    -
    mariadb
    - - - - +
    The database engine version.
    +
    +
    Sample:
    +
    mariadb
    + + + +
    engine_version
    string -
    - + + always -
    The database engine version.
    -
    -
    Sample:
    -
    10.0.35
    - - - - +
    The database engine version.
    +
    +
    Sample:
    +
    10.0.35
    + + + +
    iam_database_authentication_enabled
    boolean -
    - + + always -
    Whether mapping of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.
    -
    - +
    Whether mapping of AWS Identity and Access Management (IAM) accounts to database accounts is enabled.
    +
    + - - + +
    instance_create_time
    string -
    - + + always -
    The date and time the DB instance was created.
    -
    -
    Sample:
    -
    2018-07-04T16:48:35.332000+00:00
    - - - - +
    The date and time the DB instance was created.
    +
    +
    Sample:
    +
    2018-07-04T16:48:35.332000+00:00
    + + + +
    kms_key_id
    string -
    - + + When storage_encrypted is true -
    The AWS KMS key identifier for the encrypted DB instance when storage_encrypted is true.
    -
    -
    Sample:
    -
    arn:aws:kms:us-east-1:123456789012:key/70c45553-ad2e-4a85-9f14-cfeb47555c33
    - - - - +
    The AWS KMS key identifier for the encrypted DB instance when storage_encrypted is true.
    +
    +
    Sample:
    +
    arn:aws:kms:us-east-1:123456789012:key/70c45553-ad2e-4a85-9f14-cfeb47555c33
    + + + +
    latest_restorable_time
    string -
    - + + always -
    The latest time to which a database can be restored with point-in-time restore.
    -
    -
    Sample:
    -
    2018-07-04T16:50:50.642000+00:00
    - - - - +
    The latest time to which a database can be restored with point-in-time restore.
    +
    +
    Sample:
    +
    2018-07-04T16:50:50.642000+00:00
    + + + +
    license_model
    string -
    - + + always -
    The License model information for this DB instance.
    -
    -
    Sample:
    -
    general-public-license
    - - - - +
    The License model information for this DB instance.
    +
    +
    Sample:
    +
    general-public-license
    + + + +
    master_username
    string -
    - + + always -
    The master username for the DB instance.
    -
    -
    Sample:
    -
    test
    - - - - +
    The master username for the DB instance.
    +
    +
    Sample:
    +
    test
    + + + +
    max_allocated_storage
    integer -
    - + + When max allocated storage is present. -
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    -
    -
    Sample:
    -
    100
    - - - - +
    The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
    +
    +
    Sample:
    +
    100
    + + + +
    monitoring_interval
    integer -
    - + + always -
    The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. 0 means collecting Enhanced Monitoring metrics is disabled.
    -
    - +
    The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. 0 means collecting Enhanced Monitoring metrics is disabled.
    +
    + - - + +
    multi_az
    boolean -
    - + + always -
    Whether the DB instance is a Multi-AZ deployment.
    -
    - +
    Whether the DB instance is a Multi-AZ deployment.
    +
    + - - + +
    option_group_memberships
    complex -
    - + + always -
    The list of option group memberships for this DB instance.
    -
    - +
    The list of option group memberships for this DB instance.
    +
    + - -   - + +   +
    option_group_name
    string -
    - + + always -
    The name of the option group that the instance belongs to.
    -
    -
    Sample:
    -
    default:mariadb-10-0
    - - - -   - +
    The name of the option group that the instance belongs to.
    +
    +
    Sample:
    +
    default:mariadb-10-0
    + + + +   +
    status
    string -
    - + + always -
    The status of the DB instance's option group membership.
    -
    -
    Sample:
    -
    in-sync
    - +
    The status of the DB instance's option group membership.
    +
    +
    Sample:
    +
    in-sync
    + - - - + + +
    pending_modified_values
    complex -
    - + + always -
    The changes to the DB instance that are pending.
    -
    - +
    The changes to the DB instance that are pending.
    +
    + - - + +
    performance_insights_enabled
    boolean -
    - + + always -
    True if Performance Insights is enabled for the DB instance, and otherwise false.
    -
    - +
    True if Performance Insights is enabled for the DB instance, and otherwise false.
    +
    + - - + +
    preferred_backup_window
    string -
    - + + always -
    The daily time range during which automated backups are created if automated backups are enabled.
    -
    -
    Sample:
    -
    07:01-07:31
    - - - - +
    The daily time range during which automated backups are created if automated backups are enabled.
    +
    +
    Sample:
    +
    07:01-07:31
    + + + +
    preferred_maintenance_window
    string -
    - + + always -
    The weekly time range (in UTC) during which system maintenance can occur.
    -
    -
    Sample:
    -
    sun:09:31-sun:10:01
    - - - - +
    The weekly time range (in UTC) during which system maintenance can occur.
    +
    +
    Sample:
    +
    sun:09:31-sun:10:01
    + + + +
    publicly_accessible
    boolean -
    - + + always -
    True for an Internet-facing instance with a publicly resolvable DNS name, False to indicate an internal instance with a DNS name that resolves to a private IP address.
    -
    -
    Sample:
    -
    True
    - - - - +
    True for an Internet-facing instance with a publicly resolvable DNS name, False to indicate an internal instance with a DNS name that resolves to a private IP address.
    +
    +
    Sample:
    +
    True
    + + + +
    read_replica_db_instance_identifiers
    list -
    - + + always -
    Identifiers of the Read Replicas associated with this DB instance.
    -
    - +
    Identifiers of the Read Replicas associated with this DB instance.
    +
    + - - + +
    storage_encrypted
    boolean -
    - + + always -
    Whether the DB instance is encrypted.
    -
    - +
    Whether the DB instance is encrypted.
    +
    + - - + +
    storage_type
    string -
    - + + always -
    The storage type to be associated with the DB instance.
    -
    -
    Sample:
    -
    standard
    - - - - +
    The storage type to be associated with the DB instance.
    +
    +
    Sample:
    +
    standard
    + + + +
    tags
    complex -
    - + + always -
    A dictionary of tags associated with the DB instance.
    -
    - +
    A dictionary of tags associated with the DB instance.
    +
    + - - + +
    vpc_security_groups
    complex -
    - + + always -
    A list of VPC security group elements that the DB instance belongs to.
    -
    - +
    A list of VPC security group elements that the DB instance belongs to.
    +
    + - -   - + +   +
    status
    string -
    - + + always -
    The status of the VPC security group.
    -
    -
    Sample:
    -
    active
    - - - -   - +
    The status of the VPC security group.
    +
    +
    Sample:
    +
    active
    + + + +   +
    vpc_security_group_id
    string -
    - + + always -
    The name of the VPC security group.
    -
    -
    Sample:
    -
    sg-12345678
    - +
    The name of the VPC security group.
    +
    +
    Sample:
    +
    sg-12345678
    + - - + +

    @@ -2430,5 +2447,3 @@ Authors ~~~~~~~ - Sloane Hertel (@s-hertel) - - diff --git a/docs/community.aws.rds_module.rst b/docs/community.aws.rds_module.rst index cf97a712f12..06b9909556a 100644 --- a/docs/community.aws.rds_module.rst +++ b/docs/community.aws.rds_module.rst @@ -39,766 +39,785 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - - - - + + + + + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    apply_immediately
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When apply_immediately=trye, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
    -
    Used only when command=modify.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When apply_immediately=true, the modifications will be applied as soon as possible rather than waiting for the next preferred maintenance window.
    +
    Used only when command=modify.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    backup_retention
    string -
    -     		- -
    Number of days backups are retained.
    -
    Set to 0 to disable backups.
    -
    Default is 1 day.
    -
    Valid range: 0-35.
    -
    Used only when command=create or command=modify.
    -
    + + + +
    Number of days backups are retained.
    +
    Set to 0 to disable backups.
    +
    Default is 1 day.
    +
    Valid range: 0-35.
    +
    Used only when command=create or command=modify.
    +
    backup_window
    string -
    -     		- -
    Backup window in format of hh24:mi-hh24:mi. (Example: 18:00-20:30)
    -
    Times are specified in UTC.
    -
    If not specified then a random backup window is assigned.
    -
    Used only when command=create or command=modify.
    -
    + + + +
    Backup window in format of hh24:mi-hh24:mi. (Example: 18:00-20:30)
    +
    Times are specified in UTC.
    +
    If not specified then a random backup window is assigned.
    +
    Used only when command=create or command=modify.
    +
    character_set_name
    string -
    -     		- -
    Associate the DB instance with a specified character set.
    -
    Used with command=create.
    -     		+ +
    Associate the DB instance with a specified character set.
    +
    Used with command=create.
    +
    +
    command
    string - / required
    -     		-
      Choices: -
    • create
      • -
    • replicate
      • -
    • delete
      • -
    • facts
      • -
    • modify
      • -
    • promote
      • -
    • snapshot
      • -
    • reboot
      • -
    • restore
      • -
    -     		-
    Specifies the action to take. The 'reboot' option is available starting at version 2.0.
    -     		+
      Choices: +
    • create
      • +
    • replicate
      • +
    • delete
      • +
    • facts
      • +
    • modify
      • +
    • promote
      • +
    • snapshot
      • +
    • reboot
      • +
    • restore
      • +
    +     		+
    Specifies the action to take. The 'reboot' option is available starting at version 2.0.
    +
    +
    db_engine
    string -
    -     		-
      Choices: -
    • mariadb
      • -
    • MySQL
      • -
    • oracle-se1
      • -
    • oracle-se2
      • -
    • oracle-se
      • -
    • oracle-ee
      • -
    • sqlserver-ee
      • -
    • sqlserver-se
      • -
    • sqlserver-ex
      • -
    • sqlserver-web
      • -
    • postgres
      • -
    • aurora
      • -
    -     		-
    The type of database.
    -
    Used only when command=create.
    -
    mariadb was added in version 2.2.
    -     		+
      Choices: +
    • mariadb
      • +
    • MySQL
      • +
    • oracle-se1
      • +
    • oracle-se2
      • +
    • oracle-se
      • +
    • oracle-ee
      • +
    • sqlserver-ee
      • +
    • sqlserver-se
      • +
    • sqlserver-ex
      • +
    • sqlserver-web
      • +
    • postgres
      • +
    • aurora
      • +
    +     		+
    The type of database.
    +
    Used only when command=create.
    +
    mariadb was added in version 2.2.
    +
    +
    db_name
    string -
    -     		- -
    Name of a database to create within the instance.
    -
    If not specified then no database is created.
    -
    Used only when command=create.
    -     		+ +
    Name of a database to create within the instance.
    +
    If not specified then no database is created.
    +
    Used only when command=create.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    engine_version
    string -
    -     		- -
    Version number of the database engine to use.
    -
    If not specified then the current Amazon RDS default engine version is used
    -
    Used only when command=create.
    -     		+ +
    Version number of the database engine to use.
    +
    If not specified then the current Amazon RDS default engine version is used
    +
    Used only when command=create.
    +
    +
    force_failover
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If enabled, the reboot is done using a MultiAZ failover.
    -
    Used only when command=reboot.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If enabled, the reboot is done using a MultiAZ failover.
    +
    Used only when command=reboot.
    +
    +
    instance_name
    string -
    -     		- -
    Database instance identifier.
    -
    Required except when using command=facts or command=delete on just a snapshot.
    -     		+ +
    Database instance identifier.
    +
    Required except when using command=facts or command=delete on just a snapshot.
    +
    +
    instance_type
    string -
    -     		- -
    The instance type of the database.
    -
    If not specified then the replica inherits the same instance type as the source instance.
    -
    Required when command=create.
    -
    Optional when command=replicate, command=modify or command=restore.
    -

    aliases: type
    -
    + + + +
    The instance type of the database.
    +
    If not specified then the replica inherits the same instance type as the source instance.
    +
    Required when command=create.
    +
    Optional when command=replicate, command=modify or command=restore.
    +

    aliases: type
    +
    iops
    string -
    -     		- -
    Specifies the number of IOPS for the instance.
    -
    Used only when command=create or command=modify.
    -
    Must be an integer greater than 1000.
    -     		+ +
    Specifies the number of IOPS for the instance.
    +
    Used only when command=create or command=modify.
    +
    Must be an integer greater than 1000.
    +
    +
    license_model
    string -
    -     		-
      Choices: -
    • license-included
      • -
    • bring-your-own-license
      • -
    • general-public-license
      • -
    • postgresql-license
      • -
    -     		-
    The license model for this DB instance.
    -
    Used only when command=create or command=restore.
    -     		+
      Choices: +
    • license-included
      • +
    • bring-your-own-license
      • +
    • general-public-license
      • +
    • postgresql-license
      • +
    +     		+
    The license model for this DB instance.
    +
    Used only when command=create or command=restore.
    +
    +
    maint_window
    string -
    -     		- -
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    -
    Times are specified in UTC.
    -
    If not specified then a random maintenance window is assigned.
    -
    Used only when command=create or command=modify.
    -
    + + + +
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    +
    Times are specified in UTC.
    +
    If not specified then a random maintenance window is assigned.
    +
    Used only when command=create or command=modify.
    +
    multi_zone
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Specifies if this is a Multi-availability-zone deployment.
    -
    Can not be used in conjunction with zone parameter.
    -
    Used only when command=create or command=modify.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Specifies if this is a Multi-availability-zone deployment.
    +
    Can not be used in conjunction with zone parameter.
    +
    Used only when command=create or command=modify.
    +
    +
    new_instance_name
    string -
    -     		- -
    Name to rename an instance to.
    -
    Used only when command=modify.
    -     		+ +
    Name to rename an instance to.
    +
    Used only when command=modify.
    +
    +
    option_group
    string -
    -     		- -
    The name of the option group to use.
    -
    If not specified then the default option group is used.
    -
    Used only when command=create.
    -     		+ +
    The name of the option group to use.
    +
    If not specified then the default option group is used.
    +
    Used only when command=create.
    +
    +
    parameter_group
    string -
    -     		- -
    Name of the DB parameter group to associate with this instance.
    -
    If omitted then the RDS default DBParameterGroup will be used.
    -
    Used only when command=create or command=modify.
    -     		+ +
    Name of the DB parameter group to associate with this instance.
    +
    If omitted then the RDS default DBParameterGroup will be used.
    +
    Used only when command=create or command=modify.
    +
    +
    password
    string -
    -     		- -
    Password for the master database username.
    -
    Used only when command=create or command=modify.
    -     		+ +
    Password for the master database username.
    +
    Used only when command=create or command=modify.
    +
    +
    port
    integer -
    -     		- -
    Port number that the DB instance uses for connections.
    -
    Used only when command=create or command=replicate.
    -
    Defaults to the standard ports for each db_engine: 3306 for MySQL and MariaDB, 1521 for Oracle 1433 for SQL Server, 5432 for PostgreSQL.
    -     		+ +
    Port number that the DB instance uses for connections.
    +
    Used only when command=create or command=replicate.
    +
    Defaults to the standard ports for each db_engine: 3306 for MySQL and MariaDB, 1521 for Oracle 1433 for SQL Server, 5432 for PostgreSQL.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    publicly_accessible
    string -
    -     		- -
    Explicitly set whether the resource should be publicly accessible or not.
    -
    Used with command=create, command=replicate.
    -
    Requires boto >= 2.26.0
    -     		+ +
    Explicitly set whether the resource should be publicly accessible or not.
    +
    Used with command=create, command=replicate.
    +
    Requires boto >= 2.26.0
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_groups
    string -
    -     		- -
    Comma separated list of one or more security groups.
    -
    Used only when command=create or command=modify.
    -     		+ +
    Comma separated list of one or more security groups.
    +
    Used only when command=create or command=modify.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    size
    string -
    -     		- -
    Size in gigabytes of the initial storage for the DB instance.
    -
    Used only when command=create or command=modify.
    -     		+ +
    Size in gigabytes of the initial storage for the DB instance.
    +
    Used only when command=create or command=modify.
    +
    +
    snapshot
    string -
    -     		- -
    Name of snapshot to take.
    -
    When command=delete, if no snapshot name is provided then no snapshot is taken.
    -
    When command=delete, if no instance_name is provided the snapshot is deleted.
    -
    Used with command=facts, command=delete or command=snapshot.
    -
    + + + +
    Name of snapshot to take.
    +
    When command=delete, if no snapshot name is provided then no snapshot is taken.
    +
    When command=delete, if no instance_name is provided the snapshot is deleted.
    +
    Used with command=facts, command=delete or command=snapshot.
    +
    source_instance
    string -
    -     		- -
    Name of the database to replicate.
    -
    Used only when command=replicate.
    -     		+ +
    Name of the database to replicate.
    +
    Used only when command=replicate.
    +
    +
    subnet
    string -
    -     		- -
    VPC subnet group.
    -
    If specified then a VPC instance is created.
    -
    Used only when command=create.
    -     		+ +
    VPC subnet group.
    +
    If specified then a VPC instance is created.
    +
    Used only when command=create.
    +
    +
    tags
    dictionary -
    -     		- -
    tags dict to apply to a resource.
    -
    Used with command=create, command=replicate, command=restore.
    -
    Requires boto >= 2.26.0
    -     		+ +
    tags dict to apply to a resource.
    +
    Used with command=create, command=replicate, command=restore.
    +
    Requires boto >= 2.26.0
    +
    +
    upgrade
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates that minor version upgrades should be applied automatically.
    -
    Used only when command=create or command=modify or command=restore or command=replicate.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates that minor version upgrades should be applied automatically.
    +
    Used only when command=create or command=modify or command=restore or command=replicate.
    +
    +
    username
    string -
    -     		- -
    Master database username.
    -
    Used only when command=create.
    -     		+ +
    Master database username.
    +
    Used only when command=create.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_security_groups
    list - / elements=string
    -     		- -
    Comma separated list of one or more vpc security group ids.
    -
    Also requires subnet to be specified.
    -
    Used only when command=create or command=modify.
    -     		+ +
    Comma separated list of one or more vpc security group ids.
    +
    Also requires subnet to be specified.
    +
    Used only when command=create or command=modify.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When command=create, replicate, modify or restore then wait for the database to enter the 'available' state.
    -
    When command=delete, wait for the database to be terminated.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When command=create, replicate, modify or restore then wait for the database to enter the 'available' state.
    +
    When command=delete, wait for the database to be terminated.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    How long before wait gives up, in seconds.
    -
    Used when wait=true.
    -     		+ Default:
    300
    +     		+
    How long before wait gives up, in seconds.
    +
    Used when wait=true.
    +
    +
    zone
    string -
    -     		- -
    availability zone in which to launch the instance.
    -
    Used only when command=create, command=replicate or command=restore.
    -
    Can not be used in conjunction with multi_zone parameter.
    -

    aliases: aws_zone, ec2_zone
    -
    + + + + + +
    availability zone in which to launch the instance.
    +
    Used only when command=create, command=replicate or command=restore.
    +
    Can not be used in conjunction with multi_zone parameter.
    +

    aliases: aws_zone, ec2_zone
    + + +
    @@ -806,7 +825,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -817,7 +836,6 @@ Examples .. code-block:: yaml+jinja - - name: Basic mysql provisioning example community.aws.rds: command: create @@ -887,12 +905,11 @@ Examples region: us-west-2 vpc_security_groups: sg-xxx945xx - - debug: + - ansible.builtin.debug: msg: "The new db endpoint is {{ rds.instance.endpoint }}" - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -905,766 +922,766 @@ Common return values are documented `here Returned Description - - + +
    instance
    complex -
    - + + always -
    the rds instance
    -
    - +
    the rds instance
    +
    + - -   - + +   +
    allocated_storage
    string -
    - + + when RDS instance exists -
    the allocated storage size in gigabytes (GB)
    -
    -
    Sample:
    -
    100
    - - - -   - +
    the allocated storage size in gigabytes (GB)
    +
    +
    Sample:
    +
    100
    + + + +   +
    auto_minor_version_upgrade
    boolean -
    - + + when RDS instance exists -
    indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window
    -
    -
    Sample:
    -
    true
    - - - -   - +
    indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window
    +
    +
    Sample:
    +
    true
    + + + +   +
    backup_window
    string -
    - + + when RDS instance exists and automated backups are enabled -
    the daily time range during which automated backups are created if automated backups are enabled
    -
    -
    Sample:
    -
    03:00-03:30
    - - - -   - +
    the daily time range during which automated backups are created if automated backups are enabled
    +
    +
    Sample:
    +
    03:00-03:30
    + + + +   +
    character_set_name
    string -
    - + + when RDS instance exists -
    the name of the character set that this instance is associated with
    -
    -
    Sample:
    -
    AL32UTF8
    - - - -   - +
    the name of the character set that this instance is associated with
    +
    +
    Sample:
    +
    AL32UTF8
    + + + +   +
    db_name
    string -
    - + + when RDS instance exists -
    the name of the database to create when the DB instance is created
    -
    -
    Sample:
    -
    ASERTG
    - - - -   - +
    the name of the database to create when the DB instance is created
    +
    +
    Sample:
    +
    ASERTG
    + + + +   +
    db_subnet_groups
    complex -
    - + + when RDS instance exists -
    information on the subnet group associated with this RDS instance
    -
    - +
    information on the subnet group associated with this RDS instance
    +
    + - -   -   - + +   +   +
    description
    string -
    - + + when RDS instance exists -
    the subnet group associated with the DB instance
    -
    -
    Sample:
    -
    Subnets for the UAT RDS SQL DB Instance
    - - - -   -   - +
    the subnet group associated with the DB instance
    +
    +
    Sample:
    +
    Subnets for the UAT RDS SQL DB Instance
    + + + +   +   +
    name
    string -
    - + + when RDS instance exists -
    the name of the DB subnet group
    -
    -
    Sample:
    -
    samplesubnetgrouprds-j6paiqkxqp4z
    - - - -   -   - +
    the name of the DB subnet group
    +
    +
    Sample:
    +
    samplesubnetgrouprds-j6paiqkxqp4z
    + + + +   +   +
    status
    string -
    - + + when RDS instance exists -
    the status of the DB subnet group
    -
    -
    Sample:
    -
    complete
    - - - -   -   - +
    the status of the DB subnet group
    +
    +
    Sample:
    +
    complete
    + + + +   +   +
    subnets
    complex -
    - + + when RDS instance exists -
    the description of the DB subnet group
    -
    - +
    the description of the DB subnet group
    +
    + - -   -   -   - + +   +   +   +
    availability_zone
    complex -
    - + + when RDS instance exists -
    subnet availability zone information
    -
    - +
    subnet availability zone information
    +
    + - -   -   -   -   - + +   +   +   +   +
    name
    string -
    - + + when RDS instance exists -
    availability zone
    -
    -
    Sample:
    -
    eu-west-1b
    - - - -   -   -   -   - +
    availability zone
    +
    +
    Sample:
    +
    eu-west-1b
    + + + +   +   +   +   +
    provisioned_iops_capable
    boolean -
    - + + when RDS instance exists -
    whether provisioned iops are available in AZ subnet
    -
    -
    Sample:
    -
    false
    - - - - -   -   -   - +
    whether provisioned iops are available in AZ subnet
    +
    +
    Sample:
    +
    false
    + + + + +   +   +   +
    identifier
    string -
    - + + when RDS instance exists -
    the identifier of the subnet
    -
    -
    Sample:
    -
    subnet-3fdba63e
    - - - -   -   -   - +
    the identifier of the subnet
    +
    +
    Sample:
    +
    subnet-3fdba63e
    + + + +   +   +   +
    status
    string -
    - + + when RDS instance exists -
    the status of the subnet
    -
    -
    Sample:
    -
    active
    - - - - - -   - +
    the status of the subnet
    +
    +
    Sample:
    +
    active
    + + + + + +   +
    endpoint
    string -
    - + + when RDS instance exists -
    the endpoint uri of the database instance
    -
    -
    Sample:
    -
    my-ansible-database.asdfaosdgih.us-east-1.rds.amazonaws.com
    - - - -   - +
    the endpoint uri of the database instance
    +
    +
    Sample:
    +
    my-ansible-database.asdfaosdgih.us-east-1.rds.amazonaws.com
    + + + +   +
    engine
    string -
    - + + when RDS instance exists -
    the name of the database engine
    -
    -
    Sample:
    -
    oracle-se
    - - - -   - +
    the name of the database engine
    +
    +
    Sample:
    +
    oracle-se
    + + + +   +
    engine_version
    string -
    - + + when RDS instance exists -
    the version of the database engine
    -
    -
    Sample:
    -
    11.2.0.4.v6
    - - - -   - +
    the version of the database engine
    +
    +
    Sample:
    +
    11.2.0.4.v6
    + + + +   +
    latest_restorable_time
    string -
    - + + when RDS instance exists -
    the latest time to which a database can be restored with point-in-time restore
    -
    -
    Sample:
    -
    1489707802.0
    - - - -   - +
    the latest time to which a database can be restored with point-in-time restore
    +
    +
    Sample:
    +
    1489707802.0
    + + + +   +
    license_model
    string -
    - + + when RDS instance exists -
    the license model information
    -
    -
    Sample:
    -
    bring-your-own-license
    - - - -   - +
    the license model information
    +
    +
    Sample:
    +
    bring-your-own-license
    + + + +   +
    option_groups
    complex -
    - + + when RDS instance exists -
    the list of option group memberships for this RDS instance
    -
    - +
    the list of option group memberships for this RDS instance
    +
    + - -   -   - + +   +   +
    option_group_name
    string -
    - + + when RDS instance exists -
    the option group name for this RDS instance
    -
    -
    Sample:
    -
    default:oracle-se-11-2
    - - - -   -   - +
    the option group name for this RDS instance
    +
    +
    Sample:
    +
    default:oracle-se-11-2
    + + + +   +   +
    status
    string -
    - + + when RDS instance exists -
    the status of the RDS instance's option group membership
    -
    -
    Sample:
    -
    in-sync
    - +
    the status of the RDS instance's option group membership
    +
    +
    Sample:
    +
    in-sync
    + - - -   - + + +   +
    parameter_groups
    complex -
    - + + when RDS instance exists and parameter groups are defined -
    the list of DB parameter groups applied to this RDS instance
    -
    - +
    the list of DB parameter groups applied to this RDS instance
    +
    + - -   -   - + +   +   +
    parameter_apply_status
    string -
    - + + when RDS instance exists -
    the status of parameter updates
    -
    -
    Sample:
    -
    in-sync
    - - - -   -   - +
    the status of parameter updates
    +
    +
    Sample:
    +
    in-sync
    + + + +   +   +
    parameter_group_name
    string -
    - + + when RDS instance exists -
    the name of the DP parameter group
    -
    -
    Sample:
    -
    testawsrpprodb01spfile-1ujg7nrs7sgyz
    - +
    the name of the DP parameter group
    +
    +
    Sample:
    +
    testawsrpprodb01spfile-1ujg7nrs7sgyz
    + - - -   - + + +   +
    pending_modified_values
    complex -
    - + + when RDS instance exists -
    a dictionary of changes to the RDS instance that are pending
    -
    - +
    a dictionary of changes to the RDS instance that are pending
    +
    + - -   -   - + +   +   +
    allocated_storage
    string -
    - + + when RDS instance exists -
    the new allocated storage size for this RDS instance that will be applied or is in progress
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    the new allocated storage size for this RDS instance that will be applied or is in progress
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    backup_retention_period
    string -
    - + + when RDS instance exists -
    the pending number of days for which automated backups are retained
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    the pending number of days for which automated backups are retained
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    db_instance_class
    string -
    - + + when RDS instance exists -
    the new DB instance class for this RDS instance that will be applied or is in progress
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    the new DB instance class for this RDS instance that will be applied or is in progress
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    db_instance_identifier
    string -
    - + + when RDS instance exists -
    the new DB instance identifier this RDS instance that will be applied or is in progress
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    the new DB instance identifier this RDS instance that will be applied or is in progress
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    engine_version
    string -
    - + + when RDS instance exists -
    indicates the database engine version
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    indicates the database engine version
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    iops
    string -
    - + + when RDS instance exists -
    the new provisioned IOPS value for this RDS instance that will be applied or is being applied
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    the new provisioned IOPS value for this RDS instance that will be applied or is being applied
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    master_user_password
    string -
    - + + when RDS instance exists -
    the pending or in-progress change of the master credentials for this RDS instance
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    the pending or in-progress change of the master credentials for this RDS instance
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    multi_az
    string -
    - + + when RDS instance exists -
    indicates that the single-AZ RDS instance is to change to a multi-AZ deployment
    -
    -
    Sample:
    -
    null
    - - - -   -   - +
    indicates that the single-AZ RDS instance is to change to a multi-AZ deployment
    +
    +
    Sample:
    +
    null
    + + + +   +   +
    port
    string -
    - + + when RDS instance exists -
    specifies the pending port for this RDS instance
    -
    -
    Sample:
    -
    null
    - +
    specifies the pending port for this RDS instance
    +
    +
    Sample:
    +
    null
    + - - -   - + + +   +
    port
    integer -
    - + + when RDS instance exists -
    the listening port of the database instance
    -
    -
    Sample:
    -
    3306
    - - - -   - +
    the listening port of the database instance
    +
    +
    Sample:
    +
    3306
    + + + +   +
    publicly_accessible
    boolean -
    - + + when RDS instance exists -
    the accessibility options for the DB instance
    -
    -
    Sample:
    -
    true
    - - - -   - +
    the accessibility options for the DB instance
    +
    +
    Sample:
    +
    true
    + + + +   +
    read_replica_source_dbinstance_identifier
    string -
    - + + when read replica RDS instance exists -
    the identifier of the source DB instance if this RDS instance is a read replica
    -
    -
    Sample:
    -
    null
    - - - -   - +
    the identifier of the source DB instance if this RDS instance is a read replica
    +
    +
    Sample:
    +
    null
    + + + +   +
    secondary_availability_zone
    string -
    - - when RDS instance exists and is multy-AZ - -
    the name of the secondary AZ for a DB instance with multi-AZ support
    -
    -
    Sample:
    -
    eu-west-1b
    - - - - + + + when RDS instance exists and is multi-AZ + +
    the name of the secondary AZ for a DB instance with multi-AZ support
    +
    +
    Sample:
    +
    eu-west-1b
    + + + +

    @@ -1677,5 +1694,3 @@ Authors - Bruce Pennypacker (@bpennypacker) - Will Thames (@willthames) - - diff --git a/docs/community.aws.rds_param_group_module.rst b/docs/community.aws.rds_param_group_module.rst index 3da04481638..bac8698e955 100644 --- a/docs/community.aws.rds_param_group_module.rst +++ b/docs/community.aws.rds_param_group_module.rst @@ -36,298 +36,317 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    Database parameter group description. Only set when a new group is added.
    -     		+ +
    Database parameter group description. Only set when a new group is added.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    engine
    string -
    -     		- -
    The type of database for this group.
    -
    Please use following command to get list of all supported db engines and their respective versions.
    -
    # aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
    -
    Required for state=present.
    -     		+ +
    The type of database for this group.
    +
    Please use following command to get list of all supported db engines and their respective versions.
    +
    # aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"
    +
    Required for state=present.
    +
    +
    immediate
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether to apply the changes immediately, or after the next reboot of any associated instances.
    -

    aliases: apply_immediately
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether to apply the changes immediately, or after the next reboot of any associated instances.
    +

    aliases: apply_immediately
    +
    +
    name
    string - / required
    -     		- -
    Database parameter group identifier.
    -     		+ +
    Database parameter group identifier.
    +
    +
    params
    dictionary -
    -     		- -
    Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
    -

    aliases: parameters
    -     		+ +
    Map of parameter names and values. Numeric values may be represented as K for kilo (1024), M for mega (1024^2), G for giga (1024^3), or T for tera (1024^4), and these values will be expanded into the appropriate number before being set in the parameter group.
    +

    aliases: parameters
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to remove tags that do not appear in the tags list.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to remove tags that do not appear in the tags list.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the group should be present or absent.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the group should be present or absent.
    +
    +
    tags
    dictionary -
    -     		- -
    Dictionary of tags to attach to the parameter group.
    -     		+ +
    Dictionary of tags to attach to the parameter group.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -335,7 +354,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -346,7 +365,6 @@ Examples .. code-block:: yaml+jinja - - name: Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 community.aws.rds_param_group: state: present @@ -366,7 +384,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -379,97 +396,97 @@ Common return values are documented `here Returned Description - - + +
    db_parameter_group_arn
    string -
    - + + when state is present -
    ARN of the DB parameter group
    -
    - +
    ARN of the DB parameter group
    +
    + - - + +
    db_parameter_group_family
    string -
    - + + when state is present -
    DB parameter group family that this DB parameter group is compatible with.
    -
    - +
    DB parameter group family that this DB parameter group is compatible with.
    +
    + - - + +
    db_parameter_group_name
    string -
    - + + when state is present -
    Name of DB parameter group
    -
    - +
    Name of DB parameter group
    +
    + - - + +
    description
    string -
    - + + when state is present -
    description of the DB parameter group
    -
    - +
    description of the DB parameter group
    +
    + - - + +
    errors
    list -
    - + + when state is present -
    list of errors from attempting to modify parameters that are not modifiable
    -
    - +
    list of errors from attempting to modify parameters that are not modifiable
    +
    + - - + +
    tags
    dictionary -
    - + + when state is present -
    dictionary of tags
    -
    - +
    dictionary of tags
    +
    + - +

    @@ -482,5 +499,3 @@ Authors - Scott Anderson (@tastychutney) - Will Thames (@willthames) - - diff --git a/docs/community.aws.rds_snapshot_info_module.rst b/docs/community.aws.rds_snapshot_info_module.rst index 9cbf19a48cd..fb8508d6c73 100644 --- a/docs/community.aws.rds_snapshot_info_module.rst +++ b/docs/community.aws.rds_snapshot_info_module.rst @@ -38,248 +38,267 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    db_cluster_identifier
    string -
    -     		- -
    RDS cluster name for which to find snapshots.
    -
    Mutually exclusive with db_snapshot_identifier, db_instance_identifier, db_cluster_snapshot_identifier
    -     		+ +
    RDS cluster name for which to find snapshots.
    +
    Mutually exclusive with db_snapshot_identifier, db_instance_identifier, db_cluster_snapshot_identifier
    +
    +
    db_cluster_snapshot_identifier
    string -
    -     		- -
    Name of an RDS cluster snapshot.
    -
    Mutually exclusive with db_instance_identifier, db_snapshot_identifier, db_cluster_identifier
    -     		+ +
    Name of an RDS cluster snapshot.
    +
    Mutually exclusive with db_instance_identifier, db_snapshot_identifier, db_cluster_identifier
    +
    +
    db_instance_identifier
    string -
    -     		- -
    RDS instance name for which to find snapshots.
    -
    Mutually exclusive with db_snapshot_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    -     		+ +
    RDS instance name for which to find snapshots.
    +
    Mutually exclusive with db_snapshot_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    +
    +
    db_snapshot_identifier
    string -
    -     		- -
    Name of an RDS (unclustered) snapshot.
    -
    Mutually exclusive with db_instance_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    -

    aliases: snapshot_name
    -     		+ +
    Name of an RDS (unclustered) snapshot.
    +
    Mutually exclusive with db_instance_identifier, db_cluster_identifier, db_cluster_snapshot_identifier
    +

    aliases: snapshot_name
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    snapshot_type
    string -
    -     		-
      Choices: -
    • automated
      • -
    • manual
      • -
    • shared
      • -
    • public
      • -
    -     		-
    Type of snapshot to find.
    -
    By default both automated and manual snapshots will be returned.
    -     		+
      Choices: +
    • automated
      • +
    • manual
      • +
    • shared
      • +
    • public
      • +
    +     		+
    Type of snapshot to find.
    +
    By default both automated and manual snapshots will be returned.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -287,7 +306,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -298,7 +317,6 @@ Examples .. code-block:: yaml+jinja - - name: Get information about an snapshot community.aws.rds_snapshot_info: db_snapshot_identifier: snapshot_name @@ -310,7 +328,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -323,765 +340,765 @@ Common return values are documented `here Returned Description - - + +
    cluster_snapshots
    complex -
    - + + always -
    List of cluster snapshots
    -
    - +
    List of cluster snapshots
    +
    + - -   - + +   +
    allocated_storage
    integer -
    - + + always -
    How many gigabytes of storage are allocated
    -
    -
    Sample:
    -
    1
    - +
    How many gigabytes of storage are allocated
    +
    +
    Sample:
    +
    1
    + - -   - + +   +
    availability_zones
    list -
    - + + always -
    The availability zones of the database from which the snapshot was taken
    -
    -
    Sample:
    -
    ['ca-central-1a', 'ca-central-1b']
    - +
    The availability zones of the database from which the snapshot was taken
    +
    +
    Sample:
    +
    ['ca-central-1a', 'ca-central-1b']
    + - -   - + +   +
    cluster_create_time
    string -
    - + + always -
    Date and time the cluster was created
    -
    -
    Sample:
    -
    2018-05-17T00:13:40.223000+00:00
    - +
    Date and time the cluster was created
    +
    +
    Sample:
    +
    2018-05-17T00:13:40.223000+00:00
    + - -   - + +   +
    db_cluster_identifier
    string -
    - + + always -
    Database cluster identifier
    -
    -
    Sample:
    -
    test-aurora-cluster
    - +
    Database cluster identifier
    +
    +
    Sample:
    +
    test-aurora-cluster
    + - -   - + +   +
    db_cluster_snapshot_arn
    string -
    - + + always -
    ARN of the database snapshot
    -
    -
    Sample:
    -
    arn:aws:rds:ca-central-1:111111111111:cluster-snapshot:test-aurora-snapshot
    - +
    ARN of the database snapshot
    +
    +
    Sample:
    +
    arn:aws:rds:ca-central-1:111111111111:cluster-snapshot:test-aurora-snapshot
    + - -   - + +   +
    db_cluster_snapshot_identifier
    string -
    - + + always -
    Snapshot identifier
    -
    -
    Sample:
    -
    test-aurora-snapshot
    - +
    Snapshot identifier
    +
    +
    Sample:
    +
    test-aurora-snapshot
    + - -   - + +   +
    engine
    string -
    - + + always -
    Database engine
    -
    -
    Sample:
    -
    aurora
    - +
    Database engine
    +
    +
    Sample:
    +
    aurora
    + - -   - + +   +
    engine_version
    string -
    - + + always -
    Database engine version
    -
    -
    Sample:
    -
    5.6.10a
    - +
    Database engine version
    +
    +
    Sample:
    +
    5.6.10a
    + - -   - + +   +
    iam_database_authentication_enabled
    boolean -
    - + + always -
    Whether database authentication through IAM is enabled
    -
    - +
    Whether database authentication through IAM is enabled
    +
    + - -   - + +   +
    kms_key_id
    string -
    - + + always -
    ID of the KMS Key encrypting the snapshot
    -
    -
    Sample:
    -
    arn:aws:kms:ca-central-1:111111111111:key/abcd1234-abcd-1111-aaaa-0123456789ab
    - +
    ID of the KMS Key encrypting the snapshot
    +
    +
    Sample:
    +
    arn:aws:kms:ca-central-1:111111111111:key/abcd1234-abcd-1111-aaaa-0123456789ab
    + - -   - + +   +
    license_model
    string -
    - + + always -
    License model
    -
    -
    Sample:
    -
    aurora
    - +
    License model
    +
    +
    Sample:
    +
    aurora
    + - -   - + +   +
    master_username
    string -
    - + + always -
    Database master username
    -
    -
    Sample:
    -
    shertel
    - +
    Database master username
    +
    +
    Sample:
    +
    shertel
    + - -   - + +   +
    percent_progress
    integer -
    - + + always -
    Percent progress of snapshot
    -
    - +
    Percent progress of snapshot
    +
    + - -   - + +   +
    port
    integer -
    - + + always -
    Database port
    -
    - +
    Database port
    +
    + - -   - + +   +
    snapshot_create_time
    string -
    - + + always -
    Date and time when the snapshot was created
    -
    -
    Sample:
    -
    2018-05-17T00:23:23.731000+00:00
    - +
    Date and time when the snapshot was created
    +
    +
    Sample:
    +
    2018-05-17T00:23:23.731000+00:00
    + - -   - + +   +
    snapshot_type
    string -
    - + + always -
    Type of snapshot
    -
    -
    Sample:
    -
    manual
    - +
    Type of snapshot
    +
    +
    Sample:
    +
    manual
    + - -   - + +   +
    status
    string -
    - + + always -
    Status of snapshot
    -
    -
    Sample:
    -
    creating
    - +
    Status of snapshot
    +
    +
    Sample:
    +
    creating
    + - -   - + +   +
    storage_encrypted
    boolean -
    - + + always -
    Whether the snapshot is encrypted
    -
    -
    Sample:
    -
    True
    - +
    Whether the snapshot is encrypted
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    tags
    complex -
    - + + when snapshot is not shared -
    Tags of the snapshot
    -
    - +
    Tags of the snapshot
    +
    + - -   - + +   +
    vpc_id
    string -
    - + + always -
    VPC of the database
    -
    -
    Sample:
    -
    vpc-abcd1234
    - +
    VPC of the database
    +
    +
    Sample:
    +
    vpc-abcd1234
    + - - - + + +
    snapshots
    complex -
    - + + When cluster parameters are not passed -
    List of non-clustered snapshots
    -
    - +
    List of non-clustered snapshots
    +
    + - -   - + +   +
    allocated_storage
    integer -
    - + + always -
    How many gigabytes of storage are allocated
    -
    -
    Sample:
    -
    10
    - +
    How many gigabytes of storage are allocated
    +
    +
    Sample:
    +
    10
    + - -   - + +   +
    availability_zone
    string -
    - + + always -
    The availability zone of the database from which the snapshot was taken
    -
    -
    Sample:
    -
    us-west-2b
    - +
    The availability zone of the database from which the snapshot was taken
    +
    +
    Sample:
    +
    us-west-2b
    + - -   - + +   +
    db_instance_identifier
    string -
    - + + always -
    Database instance identifier
    -
    -
    Sample:
    -
    hello-world-rds
    - +
    Database instance identifier
    +
    +
    Sample:
    +
    hello-world-rds
    + - -   - + +   +
    db_snapshot_arn
    string -
    - + + always -
    Snapshot ARN
    -
    -
    Sample:
    -
    arn:aws:rds:us-west-2:111111111111:snapshot:rds:hello-world-rds-us1-2018-05-16-04-03
    - +
    Snapshot ARN
    +
    +
    Sample:
    +
    arn:aws:rds:us-west-2:111111111111:snapshot:rds:hello-world-rds-us1-2018-05-16-04-03
    + - -   - + +   +
    db_snapshot_identifier
    string -
    - + + always -
    Snapshot name
    -
    -
    Sample:
    -
    rds:hello-world-rds-us1-2018-05-16-04-03
    - +
    Snapshot name
    +
    +
    Sample:
    +
    rds:hello-world-rds-us1-2018-05-16-04-03
    + - -   - + +   +
    encrypted
    boolean -
    - + + always -
    Whether the snapshot was encrypted
    -
    -
    Sample:
    -
    True
    - +
    Whether the snapshot was encrypted
    +
    +
    Sample:
    +
    True
    + - -   - + +   +
    engine
    string -
    - + + always -
    Database engine
    -
    -
    Sample:
    -
    postgres
    - +
    Database engine
    +
    +
    Sample:
    +
    postgres
    + - -   - + +   +
    engine_version
    string -
    - + + always -
    Database engine version
    -
    -
    Sample:
    -
    9.5.10
    - +
    Database engine version
    +
    +
    Sample:
    +
    9.5.10
    + - -   - + +   +
    iam_database_authentication_enabled
    boolean -
    - + + always -
    Whether database authentication through IAM is enabled
    -
    - +
    Whether database authentication through IAM is enabled
    +
    + - -   - + +   +
    instance_create_time
    string -
    - + + always -
    Time the Instance was created
    -
    -
    Sample:
    -
    2017-10-10T04:00:07.434000+00:00
    - +
    Time the Instance was created
    +
    +
    Sample:
    +
    2017-10-10T04:00:07.434000+00:00
    + - -   - + +   +
    kms_key_id
    string -
    - + + always -
    ID of the KMS Key encrypting the snapshot
    -
    -
    Sample:
    -
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-1234-aaaa-0000-1234567890ab
    - +
    ID of the KMS Key encrypting the snapshot
    +
    +
    Sample:
    +
    arn:aws:kms:us-west-2:111111111111:key/abcd1234-1234-aaaa-0000-1234567890ab
    + - -   - + +   +
    license_model
    string -
    - + + always -
    License model
    -
    -
    Sample:
    -
    postgresql-license
    - +
    License model
    +
    +
    Sample:
    +
    postgresql-license
    + - -   - + +   +
    master_username
    string -
    - + + always -
    Database master username
    -
    -
    Sample:
    -
    dbadmin
    - +
    Database master username
    +
    +
    Sample:
    +
    dbadmin
    + - -   - + +   +
    option_group_name
    string -
    - + + always -
    Database option group name
    -
    -
    Sample:
    -
    default:postgres-9-5
    - +
    Database option group name
    +
    +
    Sample:
    +
    default:postgres-9-5
    + - -   - + +   +
    percent_progress
    integer -
    - + + always -
    Percent progress of snapshot
    -
    -
    Sample:
    -
    100
    - +
    Percent progress of snapshot
    +
    +
    Sample:
    +
    100
    + - -   - + +   +
    snapshot_create_time
    string -
    - + + always -
    Time snapshot was created
    -
    -
    Sample:
    -
    2018-05-16T04:03:33.871000+00:00
    - +
    Time snapshot was created
    +
    +
    Sample:
    +
    2018-05-16T04:03:33.871000+00:00
    + - -   - + +   +
    snapshot_type
    string -
    - + + always -
    Type of snapshot
    -
    -
    Sample:
    -
    automated
    - +
    Type of snapshot
    +
    +
    Sample:
    +
    automated
    + - -   - + +   +
    status
    string -
    - + + always -
    Status of snapshot
    -
    -
    Sample:
    -
    available
    - +
    Status of snapshot
    +
    +
    Sample:
    +
    available
    + - -   - + +   +
    storage_type
    string -
    - + + always -
    Storage type of underlying DB
    -
    -
    Sample:
    -
    gp2
    - +
    Storage type of underlying DB
    +
    +
    Sample:
    +
    gp2
    + - -   - + +   +
    tags
    complex -
    - + + when snapshot is not shared -
    Snapshot tags
    -
    - +
    Snapshot tags
    +
    + - -   - + +   +
    vpc_id
    string -
    - + + always -
    ID of VPC containing the DB
    -
    -
    Sample:
    -
    vpc-abcd1234
    - +
    ID of VPC containing the DB
    +
    +
    Sample:
    +
    vpc-abcd1234
    + - - + +

    @@ -1093,5 +1110,3 @@ Authors ~~~~~~~ - Will Thames (@willthames) - - diff --git a/docs/community.aws.rds_snapshot_module.rst b/docs/community.aws.rds_snapshot_module.rst index 02805a49a39..8a7f1c418c6 100644 --- a/docs/community.aws.rds_snapshot_module.rst +++ b/docs/community.aws.rds_snapshot_module.rst @@ -36,281 +36,300 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    db_instance_identifier
    string -
    -     		- -
    Database instance identifier. Required when state is present.
    -

    aliases: instance_id
    -
    + + + +
    Database instance identifier. Required when state is present.
    +

    aliases: instance_id
    +
    db_snapshot_identifier
    string - / required
    -     		- -
    The snapshot to manage.
    -

    aliases: id, snapshot_id
    -
    + / required + + +
    The snapshot to manage.
    +

    aliases: id, snapshot_id
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    whether to remove tags not present in the tags parameter.
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    whether to remove tags not present in the tags parameter.
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Specify the desired state of the snapshot.
    -
    + + +
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Specify the desired state of the snapshot.
    +
    tags
    dictionary -
    -     		- -
    tags dict to apply to a snapshot.
    -
    + + + +
    tags dict to apply to a snapshot.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to wait for snapshot creation or deletion.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to wait for snapshot creation or deletion.
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    how long before wait gives up, in seconds.
    -
    + + + + Default:
    300
    + + +
    how long before wait gives up, in seconds.
    + + +
    @@ -318,7 +337,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -329,7 +348,6 @@ Examples .. code-block:: yaml+jinja - - name: Create snapshot community.aws.rds_snapshot: db_instance_identifier: new-database @@ -342,7 +360,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -355,390 +372,390 @@ Common return values are documented `here Returned Description - - + +
    allocated_storage
    integer -
    - + + always -
    How much storage is allocated in GB.
    -
    -
    Sample:
    -
    20
    - - - - +
    How much storage is allocated in GB.
    +
    +
    Sample:
    +
    20
    + + + +
    availability_zone
    string -
    - + + always -
    Availability zone of the database from which the snapshot was created.
    -
    -
    Sample:
    -
    us-west-2a
    - - - - +
    Availability zone of the database from which the snapshot was created.
    +
    +
    Sample:
    +
    us-west-2a
    + + + +
    db_instance_identifier
    string -
    - + + always -
    Database from which the snapshot was created.
    -
    -
    Sample:
    -
    ansible-test-16638696
    - - - - +
    Database from which the snapshot was created.
    +
    +
    Sample:
    +
    ansible-test-16638696
    + + + +
    db_snapshot_arn
    string -
    - + + always -
    Amazon Resource Name for the snapshot.
    -
    -
    Sample:
    -
    arn:aws:rds:us-west-2:123456789012:snapshot:ansible-test-16638696-test-snapshot
    - - - - +
    Amazon Resource Name for the snapshot.
    +
    +
    Sample:
    +
    arn:aws:rds:us-west-2:123456789012:snapshot:ansible-test-16638696-test-snapshot
    + + + +
    db_snapshot_identifier
    string -
    - + + always -
    Name of the snapshot.
    -
    -
    Sample:
    -
    ansible-test-16638696-test-snapshot
    - - - - +
    Name of the snapshot.
    +
    +
    Sample:
    +
    ansible-test-16638696-test-snapshot
    + + + +
    dbi_resource_id
    string -
    - + + always -
    The identifier for the source DB instance, which can't be changed and which is unique to an AWS Region.
    -
    -
    Sample:
    -
    db-MM4P2U35RQRAMWD3QDOXWPZP4U
    - - - - +
    The identifier for the source DB instance, which can't be changed and which is unique to an AWS Region.
    +
    +
    Sample:
    +
    db-MM4P2U35RQRAMWD3QDOXWPZP4U
    + + + +
    encrypted
    boolean -
    - + + always -
    Whether the snapshot is encrypted.
    -
    - +
    Whether the snapshot is encrypted.
    +
    + - - + +
    engine
    string -
    - + + always -
    Engine of the database from which the snapshot was created.
    -
    -
    Sample:
    -
    mariadb
    - - - - +
    Engine of the database from which the snapshot was created.
    +
    +
    Sample:
    +
    mariadb
    + + + +
    engine_version
    string -
    - + + always -
    Version of the database from which the snapshot was created.
    -
    -
    Sample:
    -
    10.2.21
    - - - - +
    Version of the database from which the snapshot was created.
    +
    +
    Sample:
    +
    10.2.21
    + + + +
    iam_database_authentication_enabled
    boolean -
    - + + always -
    Whether IAM database authentication is enabled.
    -
    - +
    Whether IAM database authentication is enabled.
    +
    + - - + +
    instance_create_time
    string -
    - + + always -
    Creation time of the instance from which the snapshot was created.
    -
    -
    Sample:
    -
    2019-06-15T10:15:56.221000+00:00
    - - - - +
    Creation time of the instance from which the snapshot was created.
    +
    +
    Sample:
    +
    2019-06-15T10:15:56.221000+00:00
    + + + +
    license_model
    string -
    - + + always -
    License model of the database.
    -
    -
    Sample:
    -
    general-public-license
    - - - - +
    License model of the database.
    +
    +
    Sample:
    +
    general-public-license
    + + + +
    master_username
    string -
    - + + always -
    Master username of the database.
    -
    -
    Sample:
    -
    test
    - - - - +
    Master username of the database.
    +
    +
    Sample:
    +
    test
    + + + +
    option_group_name
    string -
    - + + always -
    Option group of the database.
    -
    -
    Sample:
    -
    default:mariadb-10-2
    - - - - +
    Option group of the database.
    +
    +
    Sample:
    +
    default:mariadb-10-2
    + + + +
    percent_progress
    integer -
    - + + always -
    How much progress has been made taking the snapshot. Will be 100 for an available snapshot.
    -
    -
    Sample:
    -
    100
    - - - - +
    How much progress has been made taking the snapshot. Will be 100 for an available snapshot.
    +
    +
    Sample:
    +
    100
    + + + +
    port
    integer -
    - + + always -
    Port on which the database is listening.
    -
    -
    Sample:
    -
    3306
    - - - - +
    Port on which the database is listening.
    +
    +
    Sample:
    +
    3306
    + + + +
    processor_features
    list -
    - + + always -
    List of processor features of the database.
    -
    - +
    List of processor features of the database.
    +
    + - - + +
    snapshot_create_time
    string -
    - + + always -
    Creation time of the snapshot.
    -
    -
    Sample:
    -
    2019-06-15T10:46:23.776000+00:00
    - - - - +
    Creation time of the snapshot.
    +
    +
    Sample:
    +
    2019-06-15T10:46:23.776000+00:00
    + + + +
    snapshot_type
    string -
    - + + always -
    How the snapshot was created (always manual for this module!).
    -
    -
    Sample:
    -
    manual
    - - - - +
    How the snapshot was created (always manual for this module!).
    +
    +
    Sample:
    +
    manual
    + + + +
    status
    string -
    - + + always -
    Status of the snapshot.
    -
    -
    Sample:
    -
    available
    - - - - +
    Status of the snapshot.
    +
    +
    Sample:
    +
    available
    + + + +
    storage_type
    string -
    - + + always -
    Storage type of the database.
    -
    -
    Sample:
    -
    gp2
    - - - - +
    Storage type of the database.
    +
    +
    Sample:
    +
    gp2
    + + + +
    tags
    complex -
    - + + always -
    Tags applied to the snapshot.
    -
    - +
    Tags applied to the snapshot.
    +
    + - - + +
    vpc_id
    string -
    - + + always -
    ID of the VPC in which the DB lives.
    -
    -
    Sample:
    -
    vpc-09ff232e222710ae0
    - +
    ID of the VPC in which the DB lives.
    +
    +
    Sample:
    +
    vpc-09ff232e222710ae0
    + - +

    @@ -751,5 +768,3 @@ Authors - Will Thames (@willthames) - Michael De La Rue (@mikedlr) - - diff --git a/docs/community.aws.rds_subnet_group_module.rst b/docs/community.aws.rds_subnet_group_module.rst index b5fed6ab6bd..324ddcae414 100644 --- a/docs/community.aws.rds_subnet_group_module.rst +++ b/docs/community.aws.rds_subnet_group_module.rst @@ -35,227 +35,246 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / elements=string + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    description
    string -
    -     		- -
    Database subnet group description.
    -
    Required when state=present.
    -     		+ +
    Database subnet group description.
    +
    Required when state=present.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Database subnet group identifier.
    -     		+ +
    Database subnet group identifier.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the subnet should be present or absent.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the subnet should be present or absent.
    +
    +
    subnets
    list -
    -     		- -
    List of subnet IDs that make up the database subnet group.
    -
    Required when state=present.
    -     		+ +
    List of subnet IDs that make up the database subnet group.
    +
    Required when state=present.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -263,7 +282,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -274,7 +293,6 @@ Examples .. code-block:: yaml+jinja - - name: Add or change a subnet group community.aws.rds_subnet_group: state: present @@ -291,7 +309,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -304,103 +321,103 @@ Common return values are documented `here Returned Description - - + +
    subnet_group
    complex -
    - + + state=present -
    Dictionary of DB subnet group values
    -
    - +
    Dictionary of DB subnet group values
    +
    + - -   - + +   +
    description
    string -
    - + + state=present -
    The description of the DB subnet group
    -
    - +
    The description of the DB subnet group
    +
    + - -   - + +   +
    name
    string -
    - + + state=present -
    The name of the DB subnet group
    -
    - +
    The name of the DB subnet group
    +
    + - -   - + +   +
    status
    string -
    - + + state=present -
    The status of the DB subnet group
    -
    - +
    The status of the DB subnet group
    +
    + - -   - + +   +
    subnet_ids
    list -
    - + + state=present -
    Contains a list of Subnet IDs
    -
    - +
    Contains a list of Subnet IDs
    +
    + - -   - + +   +
    vpc_id
    string -
    - + + state=present -
    The VpcId of the DB subnet group
    -
    - +
    The VpcId of the DB subnet group
    +
    + - - + +

    @@ -412,5 +429,3 @@ Authors ~~~~~~~ - Scott Anderson (@tastychutney) - - diff --git a/docs/community.aws.redshift_cross_region_snapshots_module.rst b/docs/community.aws.redshift_cross_region_snapshots_module.rst index 2836242a7c7..012aa06685d 100644 --- a/docs/community.aws.redshift_cross_region_snapshots_module.rst +++ b/docs/community.aws.redshift_cross_region_snapshots_module.rst @@ -38,245 +38,264 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cluster_name
    string - / required
    -     		- -
    The name of the cluster to configure cross-region snapshots for.
    -

    aliases: cluster
    -     		+ +
    The name of the cluster to configure cross-region snapshots for.
    +

    aliases: cluster
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    destination_region
    string - / required
    -     		- -
    The region to copy snapshots to.
    -

    aliases: destination
    -     		+ +
    The region to copy snapshots to.
    +

    aliases: destination
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string - / required
    -     		- -
    The cluster's region.
    -

    aliases: source
    -     		+ +
    The cluster's region.
    +

    aliases: source
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    snapshot_copy_grant
    string -
    -     		- -
    A grant for Amazon Redshift to use a master key in the destination_region.
    - -

    aliases: copy_grant
    -     		+ +
    A grant for Amazon Redshift to use a master key in the destination_region.
    + +

    aliases: copy_grant
    +
    +
    snapshot_retention_period
    integer - / required
    -     		- -
    The number of days to keep cross-region snapshots for.
    -

    aliases: retention_period
    -     		+ +
    The number of days to keep cross-region snapshots for.
    +

    aliases: retention_period
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove the cross-region snapshot configuration.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove the cross-region snapshot configuration.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -284,7 +303,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -295,7 +314,6 @@ Examples .. code-block:: yaml+jinja - - name: configure cross-region snapshot on cluster `johniscool` community.aws.redshift_cross_region_snapshots: cluster_name: johniscool @@ -323,7 +341,6 @@ Examples - Status ------ @@ -332,5 +349,3 @@ Authors ~~~~~~~ - JR Kerkstra (@captainkerk) - - diff --git a/docs/community.aws.redshift_info_module.rst b/docs/community.aws.redshift_info_module.rst index 13156c32437..87324f6c5e5 100644 --- a/docs/community.aws.redshift_info_module.rst +++ b/docs/community.aws.redshift_info_module.rst @@ -37,193 +37,212 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    cluster_identifier
    string -
    -     		- -
    The prefix of cluster identifier of the Redshift cluster you are searching for.
    -
    This is a regular expression match with implicit '^'. Append '$' for a complete match.
    -

    aliases: name, identifier
    -
    + + + +
    The prefix of cluster identifier of the Redshift cluster you are searching for.
    +
    This is a regular expression match with implicit '^'. Append '$' for a complete match.
    +

    aliases: name, identifier
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    tags
    dictionary -
    -     		- -
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
    -
    + + + +
    A dictionary/hash of tags in the format { tag1_name: 'tag1_value', tag2_name: 'tag2_value' } to match against the security group(s) you are searching for.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -231,7 +250,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -242,7 +261,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do net set authentication details, see the AWS guide for details. - name: Find all clusters @@ -274,7 +292,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -287,548 +304,548 @@ Common return values are documented `here Returned Description - - + +
    allow_version_upgrade
    boolean -
    - + + success -
    A Boolean value that, if true, indicates that major version upgrades will be applied automatically to the cluster during the maintenance window.
    -
    -
    Sample:
    -
    true|false
    - +
    A Boolean value that, if true, indicates that major version upgrades will be applied automatically to the cluster during the maintenance window.
    +
    +
    Sample:
    +
    true|false
    + - - + +
    automated_snapshot_retention_period
    integer -
    - + + success -
    The number of days that automatic cluster snapshots are retained.
    -
    -
    Sample:
    -
    1
    - +
    The number of days that automatic cluster snapshots are retained.
    +
    +
    Sample:
    +
    1
    + - - + +
    availability_zone
    string -
    - + + success -
    The name of the Availability Zone in which the cluster is located.
    -
    -
    Sample:
    -
    us-east-1b
    - +
    The name of the Availability Zone in which the cluster is located.
    +
    +
    Sample:
    +
    us-east-1b
    + - - + +
    cluster_create_time
    string -
    - + + success -
    The date and time that the cluster was created.
    -
    -
    Sample:
    -
    2016-05-10T08:33:16.629000+00:00
    - +
    The date and time that the cluster was created.
    +
    +
    Sample:
    +
    2016-05-10T08:33:16.629000+00:00
    + - - + +
    cluster_identifier
    string -
    - + + success -
    Unique key to identify the cluster.
    -
    -
    Sample:
    -
    redshift-identifier
    - +
    Unique key to identify the cluster.
    +
    +
    Sample:
    +
    redshift-identifier
    + - - + +
    cluster_nodes
    list -
    - + + success -
    The nodes in the cluster.
    -
    -
    Sample:
    -
    [{'node_role': 'LEADER', 'private_ip_address': '10.0.0.1', 'public_ip_address': 'x.x.x.x'}, {'node_role': 'COMPUTE-1', 'private_ip_address': '10.0.0.3', 'public_ip_address': 'x.x.x.x'}]
    - +
    The nodes in the cluster.
    +
    +
    Sample:
    +
    [{'node_role': 'LEADER', 'private_ip_address': '10.0.0.1', 'public_ip_address': 'x.x.x.x'}, {'node_role': 'COMPUTE-1', 'private_ip_address': '10.0.0.3', 'public_ip_address': 'x.x.x.x'}]
    + - - + +
    cluster_paramater_groups
    list -
    - + + success -
    The list of cluster parameters that are associated with this cluster.
    -
    -
    Sample:
    -
    [{'cluster_parameter_status_list': [{'parameter_apply_status': 'in-sync', 'parameter_name': 'statement_timeout'}, {'parameter_apply_status': 'in-sync', 'parameter_name': 'require_ssl'}], 'parameter_apply_status': 'in-sync', 'parameter_group_name': 'tuba'}]
    - +
    The list of cluster parameters that are associated with this cluster.
    +
    +
    Sample:
    +
    [{'cluster_parameter_status_list': [{'parameter_apply_status': 'in-sync', 'parameter_name': 'statement_timeout'}, {'parameter_apply_status': 'in-sync', 'parameter_name': 'require_ssl'}], 'parameter_apply_status': 'in-sync', 'parameter_group_name': 'tuba'}]
    + - - + +
    cluster_public_keys
    string -
    - + + success -
    The public key for the cluster.
    -
    -
    Sample:
    -
    ssh-rsa anjigfam Amazon-Redshift
    - +
    The public key for the cluster.
    +
    +
    Sample:
    +
    ssh-rsa anjigfam Amazon-Redshift
    + - - + +
    cluster_revision_number
    string -
    - + + success -
    The specific revision number of the database in the cluster.
    -
    -
    Sample:
    -
    1231
    - +
    The specific revision number of the database in the cluster.
    +
    +
    Sample:
    +
    1231
    + - - + +
    cluster_security_groups
    list -
    - + + success -
    A list of cluster security groups that are associated with the cluster.
    -
    - +
    A list of cluster security groups that are associated with the cluster.
    +
    + - - + +
    cluster_snapshot_copy_status
    dictionary -
    - + + success -
    A value that returns the destination region and retention period that are configured for cross-region snapshot copy.
    -
    - +
    A value that returns the destination region and retention period that are configured for cross-region snapshot copy.
    +
    + - - + +
    cluster_status
    string -
    - + + success -
    Current state of the cluster.
    -
    -
    Sample:
    -
    available
    - +
    Current state of the cluster.
    +
    +
    Sample:
    +
    available
    + - - + +
    cluster_subnet_group_name
    string -
    - + + success -
    The name of the subnet group that is associated with the cluster.
    -
    -
    Sample:
    -
    redshift-subnet
    - +
    The name of the subnet group that is associated with the cluster.
    +
    +
    Sample:
    +
    redshift-subnet
    + - - + +
    cluster_version
    string -
    - + + success -
    The version ID of the Amazon Redshift engine that is running on the cluster.
    -
    -
    Sample:
    -
    1.0
    - +
    The version ID of the Amazon Redshift engine that is running on the cluster.
    +
    +
    Sample:
    +
    1.0
    + - - + +
    db_name
    string -
    - + + success -
    The name of the initial database that was created when the cluster was created.
    -
    -
    Sample:
    -
    dev
    - +
    The name of the initial database that was created when the cluster was created.
    +
    +
    Sample:
    +
    dev
    + - - + +
    elastic_ip_status
    dictionary -
    - + + success -
    The status of the elastic IP (EIP) address.
    -
    - +
    The status of the elastic IP (EIP) address.
    +
    + - - + +
    encrypted
    boolean -
    - + + success -
    Boolean value that, if true , indicates that data in the cluster is encrypted at rest.
    -
    -
    Sample:
    -
    true|false
    - +
    Boolean value that, if true , indicates that data in the cluster is encrypted at rest.
    +
    +
    Sample:
    +
    true|false
    + - - + +
    endpoint
    string -
    - + + success -
    The connection endpoint.
    -
    -
    Sample:
    -
    {'address': 'cluster-ds2.ocmugla0rf.us-east-1.redshift.amazonaws.com', 'port': 5439}
    - +
    The connection endpoint.
    +
    +
    Sample:
    +
    {'address': 'cluster-ds2.ocmugla0rf.us-east-1.redshift.amazonaws.com', 'port': 5439}
    + - - + +
    enhanced_vpc_routing
    boolean -
    - + + success -
    An option that specifies whether to create the cluster with enhanced VPC routing enabled.
    -
    -
    Sample:
    -
    true|false
    - +
    An option that specifies whether to create the cluster with enhanced VPC routing enabled.
    +
    +
    Sample:
    +
    true|false
    + - - + +
    hsm_status
    dictionary -
    - + + success -
    A value that reports whether the Amazon Redshift cluster has finished applying any hardware security module (HSM) settings changes specified in a modify cluster command.
    -
    - +
    A value that reports whether the Amazon Redshift cluster has finished applying any hardware security module (HSM) settings changes specified in a modify cluster command.
    +
    + - - + +
    iam_roles
    list -
    - + + success -
    List of IAM roles attached to the cluster.
    -
    - +
    List of IAM roles attached to the cluster.
    +
    + - - + +
    kms_key_id
    string -
    - + + success -
    The AWS Key Management Service (AWS KMS) key ID of the encryption key used to encrypt data in the cluster.
    -
    - +
    The AWS Key Management Service (AWS KMS) key ID of the encryption key used to encrypt data in the cluster.
    +
    + - - + +
    master_username
    string -
    - + + success -
    The master user name for the cluster.
    -
    -
    Sample:
    -
    admin
    - +
    The master user name for the cluster.
    +
    +
    Sample:
    +
    admin
    + - - + +
    modify_status
    string -
    - + + optional -
    The status of a modify operation.
    -
    - +
    The status of a modify operation.
    +
    + - - + +
    node_type
    string -
    - + + success -
    The node type for nodes in the cluster.
    -
    -
    Sample:
    -
    ds2.xlarge
    - +
    The node type for nodes in the cluster.
    +
    +
    Sample:
    +
    ds2.xlarge
    + - - + +
    number_of_nodes
    integer -
    - + + success -
    The number of compute nodes in the cluster.
    -
    -
    Sample:
    -
    12
    - +
    The number of compute nodes in the cluster.
    +
    +
    Sample:
    +
    12
    + - - + +
    pending_modified_values
    dictionary -
    - + + success -
    A value that, if present, indicates that changes to the cluster are pending.
    -
    - +
    A value that, if present, indicates that changes to the cluster are pending.
    +
    + - - + +
    preferred_maintenance_window
    string -
    - + + success -
    The weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur.
    -
    -
    Sample:
    -
    tue:07:30-tue:08:00
    - +
    The weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur.
    +
    +
    Sample:
    +
    tue:07:30-tue:08:00
    + - - + +
    publicly_accessible
    boolean -
    - + + success -
    A Boolean value that, if true , indicates that the cluster can be accessed from a public network.
    -
    -
    Sample:
    -
    true|false
    - +
    A Boolean value that, if true , indicates that the cluster can be accessed from a public network.
    +
    +
    Sample:
    +
    true|false
    + - - + +
    restore_status
    dictionary -
    - + + success -
    A value that describes the status of a cluster restore action.
    -
    - +
    A value that describes the status of a cluster restore action.
    +
    + - - + +
    tags
    list -
    - + + success -
    The list of tags for the cluster.
    -
    - +
    The list of tags for the cluster.
    +
    + - - + +
    vpc_id
    string -
    - + + success -
    The identifier of the VPC the cluster is in, if the cluster is in a VPC.
    -
    -
    Sample:
    -
    vpc-1234567
    - +
    The identifier of the VPC the cluster is in, if the cluster is in a VPC.
    +
    +
    Sample:
    +
    vpc-1234567
    + - - + +
    vpc_security_groups
    list -
    - + + success -
    A list of VPC security groups the are associated with the cluster.
    -
    -
    Sample:
    -
    [{'status': 'active', 'vpc_security_group_id': 'sg-12cghhg'}]
    - +
    A list of VPC security groups the are associated with the cluster.
    +
    +
    Sample:
    +
    [{'status': 'active', 'vpc_security_group_id': 'sg-12cghhg'}]
    + - +

    @@ -840,5 +857,3 @@ Authors ~~~~~~~ - Jens Carl (@j-carl) - - diff --git a/docs/community.aws.redshift_module.rst b/docs/community.aws.redshift_module.rst index 026de44e071..8aca4d1f59a 100644 --- a/docs/community.aws.redshift_module.rst +++ b/docs/community.aws.redshift_module.rst @@ -8,7 +8,7 @@ community.aws.redshift **create, delete, or modify an Amazon Redshift instance** -Version added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." - "Rafael Driutti (@rafaeldriutti)" +Version added: 1.0.0 .. contents:: :local: @@ -36,639 +36,658 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    allow_version_upgrade
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When allow_version_upgrade=true the cluster may be automatically upgraded during the maintenance window.
    -

    aliases: version_upgrade
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When allow_version_upgrade=true the cluster may be automatically upgraded during the maintenance window.
    +

    aliases: version_upgrade
    +
    +
    automated_snapshot_retention_period
    integer -
    -     		- -
    The number of days that automated snapshots are retained.
    -

    aliases: retention_period
    -     		+ +
    The number of days that automated snapshots are retained.
    +

    aliases: retention_period
    +
    +
    availability_zone
    string -
    -     		- -
    Availability zone in which to launch cluster.
    -

    aliases: zone, aws_zone
    -     		+ +
    Availability zone in which to launch cluster.
    +

    aliases: zone, aws_zone
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    cluster_parameter_group_name
    string -
    -     		- -
    Name of the cluster parameter group.
    -

    aliases: param_group_name
    -     		+ +
    Name of the cluster parameter group.
    +

    aliases: param_group_name
    +
    +
    cluster_security_groups
    list - / elements=string
    -     		- -
    In which security group the cluster belongs.
    -

    aliases: security_groups
    -     		+ +
    In which security group the cluster belongs.
    +

    aliases: security_groups
    +
    +
    cluster_subnet_group_name
    string -
    -     		- -
    Which subnet to place the cluster.
    -

    aliases: subnet
    -     		+ +
    Which subnet to place the cluster.
    +

    aliases: subnet
    +
    +
    cluster_type
    string -
    -     		-
      Choices: -
    • multi-node
      • -
    • single-node ←
      • -
    -     		-
    The type of cluster.
    -     		+
      Choices: +
    • multi-node
      • +
    • single-node ←
      • +
    +     		+
    The type of cluster.
    +
    +
    cluster_version
    string -
    -     		-
      Choices: -
    • 1.0
      • -
    -     		-
    Which version the cluster should have.
    -

    aliases: version
    -     		+
      Choices: +
    • 1.0
      • +
    +     		+
    Which version the cluster should have.
    +

    aliases: version
    +
    +
    command
    string - / required
    -     		-
      Choices: -
    • create
      • -
    • facts
      • -
    • delete
      • -
    • modify
      • -
    -     		-
    Specifies the action to take.
    -     		+
      Choices: +
    • create
      • +
    • facts
      • +
    • delete
      • +
    • modify
      • +
    +     		+
    Specifies the action to take.
    +
    +
    db_name
    string -
    -     		- -
    Name of the database.
    -     		+ +
    Name of the database.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    elastic_ip
    string -
    -     		- -
    An Elastic IP to use for the cluster.
    -     		+ +
    An Elastic IP to use for the cluster.
    +
    +
    encrypted
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If the cluster is encrypted or not.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If the cluster is encrypted or not.
    +
    +
    enhanced_vpc_routing
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether the cluster should have enhanced VPC routing enabled.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether the cluster should have enhanced VPC routing enabled.
    +
    +
    final_cluster_snapshot_identifier
    string -
    -     		- -
    Identifier of the final snapshot to be created before deleting the cluster.
    -
    If this parameter is provided, skip_final_cluster_snapshot must be false.
    -
    Used only when command=delete.
    -

    aliases: final_snapshot_id
    -     		+ +
    Identifier of the final snapshot to be created before deleting the cluster.
    +
    If this parameter is provided, skip_final_cluster_snapshot must be false.
    +
    Used only when command=delete.
    +

    aliases: final_snapshot_id
    +
    +
    identifier
    string - / required
    -     		- -
    Redshift cluster identifier.
    -     		+ +
    Redshift cluster identifier.
    +
    +
    new_cluster_identifier
    string -
    -     		- -
    Only used when command=modify.
    -

    aliases: new_identifier
    -     		+ +
    Only used when command=modify.
    +

    aliases: new_identifier
    +
    +
    node_type
    string -
    -     		-
      Choices: -
    • ds1.xlarge
      • -
    • ds1.8xlarge
      • -
    • ds2.xlarge
      • -
    • ds2.8xlarge
      • -
    • dc1.large
      • -
    • dc2.large
      • -
    • dc1.8xlarge
      • -
    • dw1.xlarge
      • -
    • dw1.8xlarge
      • -
    • dw2.large
      • -
    • dw2.8xlarge
      • -
    -     		-
    The node type of the cluster.
    -
    Require when command=create.
    -     		+
      Choices: +
    • ds1.xlarge
      • +
    • ds1.8xlarge
      • +
    • ds2.xlarge
      • +
    • ds2.8xlarge
      • +
    • dc1.large
      • +
    • dc2.large
      • +
    • dc1.8xlarge
      • +
    • dw1.xlarge
      • +
    • dw1.8xlarge
      • +
    • dw2.large
      • +
    • dw2.8xlarge
      • +
    +     		+
    The node type of the cluster.
    +
    Require when command=create.
    +
    +
    number_of_nodes
    integer -
    -     		- -
    Number of nodes.
    -
    Only used when cluster_type=multi-node.
    -     		+ +
    Number of nodes.
    +
    Only used when cluster_type=multi-node.
    +
    +
    password
    string -
    -     		- -
    Master database password.
    -
    Used only when command=create.
    -     		+ +
    Master database password.
    +
    Used only when command=create.
    +
    +
    port
    integer -
    -     		- -
    Which port the cluster is listening on.
    -     		+ +
    Which port the cluster is listening on.
    +
    +
    preferred_maintenance_window
    string -
    -     		- -
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    -
    Times are specified in UTC.
    -
    If not specified then a random 30 minute maintenance window is assigned.
    -

    aliases: maintance_window, maint_window
    -     		+ +
    Maintenance window in format of ddd:hh24:mi-ddd:hh24:mi. (Example: Mon:22:00-Mon:23:15)
    +
    Times are specified in UTC.
    +
    If not specified then a random 30 minute maintenance window is assigned.
    +

    aliases: maintance_window, maint_window
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    publicly_accessible
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If the cluster is accessible publicly or not.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If the cluster is accessible publicly or not.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    skip_final_cluster_snapshot
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Skip a final snapshot before deleting the cluster.
    -
    Used only when command=delete.
    -

    aliases: skip_final_snapshot
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Skip a final snapshot before deleting the cluster.
    +
    Used only when command=delete.
    +

    aliases: skip_final_snapshot
    +
    +
    username
    string -
    -     		- -
    Master database username.
    -
    Used only when command=create.
    -     		+ +
    Master database username.
    +
    Used only when command=create.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_security_group_ids
    list - / elements=string
    -     		- -
    VPC security group
    -

    aliases: vpc_security_groups
    -     		+ +
    VPC security group
    +

    aliases: vpc_security_groups
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    When command=create, command=modify or command=restore then wait for the database to enter the 'available' state.
    -
    When command=delete wait for the database to be terminated.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    When command=create, command=modify or command=restore then wait for the database to enter the 'available' state.
    +
    When command=delete wait for the database to be terminated.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    When wait=true defines how long in seconds before giving up.
    -
    + + + + Default:
    300
    + + +
    When wait=true defines how long in seconds before giving up.
    + + +
    @@ -676,7 +695,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -687,7 +706,6 @@ Examples .. code-block:: yaml+jinja - - name: Basic cluster provisioning example community.aws.redshift: command: create @@ -705,7 +723,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -718,219 +735,219 @@ Common return values are documented `here Returned Description - - + +
    cluster
    complex -
    - + + success -
    dictionary containing all the cluster information
    -
    - +
    dictionary containing all the cluster information
    +
    + - -   - + +   +
    availability_zone
    string -
    - + + success -
    Amazon availability zone where the cluster is located. "None" until cluster is available.
    -
    -
    Sample:
    -
    us-east-1b
    - - - -   - +
    Amazon availability zone where the cluster is located. "None" until cluster is available.
    +
    +
    Sample:
    +
    us-east-1b
    + + + +   +
    create_time
    float -
    - + + success -
    Time of the cluster creation as timestamp.
    -
    -
    Sample:
    -
    1430158536.308
    - - - -   - +
    Time of the cluster creation as timestamp.
    +
    +
    Sample:
    +
    1430158536.308
    + + + +   +
    db_name
    string -
    - + + success -
    Name of the database.
    -
    -
    Sample:
    -
    new_db_name
    - - - -   - +
    Name of the database.
    +
    +
    Sample:
    +
    new_db_name
    + + + +   +
    enhanced_vpc_routing
    boolean -
    - + + success -
    status of the enhanced vpc routing feature.
    -
    - +
    status of the enhanced vpc routing feature.
    +
    + - -   - + +   +
    identifier
    string -
    - + + success -
    Id of the cluster.
    -
    -
    Sample:
    -
    new_redshift_cluster
    - - - -   - +
    Id of the cluster.
    +
    +
    Sample:
    +
    new_redshift_cluster
    + + + +   +
    maintenance_window
    string -
    - + + success -
    Time frame when maintenance/upgrade are done.
    -
    -
    Sample:
    -
    sun:09:30-sun:10:00
    - - - -   - +
    Time frame when maintenance/upgrade are done.
    +
    +
    Sample:
    +
    sun:09:30-sun:10:00
    + + + +   +
    port
    integer -
    - + + success -
    Port of the cluster. "None" until cluster is available.
    -
    -
    Sample:
    -
    5439
    - - - -   - +
    Port of the cluster. "None" until cluster is available.
    +
    +
    Sample:
    +
    5439
    + + + +   +
    private_ip_address
    string -
    - + + success -
    Private IP address of the main node.
    -
    -
    Sample:
    -
    10.10.10.10
    - - - -   - +
    Private IP address of the main node.
    +
    +
    Sample:
    +
    10.10.10.10
    + + + +   +
    public_ip_address
    string -
    - + + success -
    Public IP address of the main node. "None" when enhanced_vpc_routing is enabled.
    -
    -
    Sample:
    -
    0.0.0.0
    - - - -   - +
    Public IP address of the main node. "None" when enhanced_vpc_routing is enabled.
    +
    +
    Sample:
    +
    0.0.0.0
    + + + +   +
    status
    string -
    - + + success -
    Status of the cluster.
    -
    -
    Sample:
    -
    available
    - - - -   - +
    Status of the cluster.
    +
    +
    Sample:
    +
    available
    + + + +   +
    url
    string -
    - + + success -
    FQDN of the main cluster node. "None" until cluster is available.
    -
    -
    Sample:
    -
    new-redshift_cluster.jfkdjfdkj.us-east-1.redshift.amazonaws.com
    - +
    FQDN of the main cluster node. "None" until cluster is available.
    +
    +
    Sample:
    +
    new-redshift_cluster.jfkdjfdkj.us-east-1.redshift.amazonaws.com
    + - - + +

    @@ -941,6 +958,5 @@ Status Authors ~~~~~~~ -- None - - +- Jens Carl (@j-carl), Hothead Games Inc. +- Rafael Driutti (@rafaeldriutti) diff --git a/docs/community.aws.redshift_subnet_group_module.rst b/docs/community.aws.redshift_subnet_group_module.rst index 3880fbce20f..6457827f096 100644 --- a/docs/community.aws.redshift_subnet_group_module.rst +++ b/docs/community.aws.redshift_subnet_group_module.rst @@ -8,7 +8,7 @@ community.aws.redshift_subnet_group **manage Redshift cluster subnet groups** -Version added: 1.0.0 - "Jens Carl (@j-carl), Hothead Games Inc." +Version added: 1.0.0 .. contents:: :local: @@ -35,228 +35,247 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    group_description
    string -
    -     		- -
    Database subnet group description.
    -

    aliases: description
    -     		+ +
    Database subnet group description.
    +

    aliases: description
    +
    +
    group_name
    string - / required
    -     		- -
    Cluster subnet group name.
    -

    aliases: name
    -     		+ +
    Cluster subnet group name.
    +

    aliases: name
    +
    +
    group_subnets
    list - / elements=string
    -     		- -
    List of subnet IDs that make up the cluster subnet group.
    -

    aliases: subnets
    -     		+ +
    List of subnet IDs that make up the cluster subnet group.
    +

    aliases: subnets
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Specifies whether the subnet should be present or absent.
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Specifies whether the subnet should be present or absent.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -264,7 +283,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -275,7 +294,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a Redshift subnet group community.aws.redshift_subnet_group: state: present @@ -292,7 +310,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -305,59 +322,59 @@ Common return values are documented `here Returned Description - - + +
    group
    complex -
    - + + success -
    dictionary containing all Redshift subnet group information
    -
    - +
    dictionary containing all Redshift subnet group information
    +
    + - -   - + +   +
    name
    string -
    - + + success -
    name of the Redshift subnet group
    -
    -
    Sample:
    -
    redshift_subnet_group_name
    - +
    name of the Redshift subnet group
    +
    +
    Sample:
    +
    redshift_subnet_group_name
    + - -   - + +   +
    vpc_id
    string -
    - + + success -
    Id of the VPC where the subnet is located
    -
    -
    Sample:
    -
    vpc-aabb1122
    - +
    Id of the VPC where the subnet is located
    +
    +
    Sample:
    +
    vpc-aabb1122
    + - - + +

    @@ -368,6 +385,4 @@ Status Authors ~~~~~~~ -- None - - +- Jens Carl (@j-carl), Hothead Games Inc. diff --git a/docs/community.aws.route53_health_check_module.rst b/docs/community.aws.route53_health_check_module.rst index cae430f758d..d3585ba8e22 100644 --- a/docs/community.aws.route53_health_check_module.rst +++ b/docs/community.aws.route53_health_check_module.rst @@ -36,326 +36,345 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    failure_threshold
    integer -
    -     		-
      Choices: -
    • 1
      • -
    • 2
      • -
    • 3 ←
      • -
    • 4
      • -
    • 5
      • -
    • 6
      • -
    • 7
      • -
    • 8
      • -
    • 9
      • -
    • 10
      • -
    -     		-
    The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
    -     		+
      Choices: +
    • 1
      • +
    • 2
      • +
    • 3 ←
      • +
    • 4
      • +
    • 5
      • +
    • 6
      • +
    • 7
      • +
    • 8
      • +
    • 9
      • +
    • 10
      • +
    +     		+
    The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa.
    +
    +
    fqdn
    string -
    -     		- -
    Domain name of the endpoint to check. Either this or ip_address has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
    -     		+ +
    Domain name of the endpoint to check. Either this or ip_address has to be provided. When both are given the `fqdn` is used in the `Host:` header of the HTTP request.
    +
    +
    ip_address
    string -
    -     		- -
    IP address of the end-point to check. Either this or fqdn has to be provided.
    -     		+ +
    IP address of the end-point to check. Either this or fqdn has to be provided.
    +
    +
    port
    integer -
    -     		- -
    The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
    -     		+ +
    The port on the endpoint on which you want Amazon Route 53 to perform health checks. Required for TCP checks.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    request_interval
    integer -
    -     		-
      Choices: -
    • 10
      • -
    • 30 ←
      • -
    -     		-
    The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
    -     		+
      Choices: +
    • 10
      • +
    • 30 ←
      • +
    +     		+
    The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health-check request.
    +
    +
    resource_path
    string -
    -     		- -
    The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.
    -
    Required for all checks except TCP.
    -
    The path must begin with a /
    -
    Maximum 255 characters.
    -     		+ +
    The path that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example the file /docs/route53-health-check.html.
    +
    Required for all checks except TCP.
    +
    The path must begin with a /
    +
    Maximum 255 characters.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Specifies the action to take.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Specifies the action to take.
    +
    +
    string_match
    string -
    -     		- -
    If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
    -     		+ +
    If the check type is HTTP_STR_MATCH or HTTP_STR_MATCH, the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the first 5120 bytes of the response body, Amazon Route 53 considers the resource healthy.
    +
    +
    type
    string - / required
    -     		-
      Choices: -
    • HTTP
      • -
    • HTTPS
      • -
    • HTTP_STR_MATCH
      • -
    • HTTPS_STR_MATCH
      • -
    • TCP
      • -
    -     		-
    The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
    -     		+
      Choices: +
    • HTTP
      • +
    • HTTPS
      • +
    • HTTP_STR_MATCH
      • +
    • HTTPS_STR_MATCH
      • +
    • TCP
      • +
    +     		+
    The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -363,7 +382,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -374,7 +393,6 @@ Examples .. code-block:: yaml+jinja - - name: Create a health-check for host1.example.com and use it in record community.aws.route53_health_check: state: present @@ -406,8 +424,6 @@ Examples - - Status ------ @@ -416,5 +432,3 @@ Authors ~~~~~~~ - zimbatm (@zimbatm) - - diff --git a/docs/community.aws.route53_info_module.rst b/docs/community.aws.route53_info_module.rst index a0f98c940ce..b4260fdc583 100644 --- a/docs/community.aws.route53_info_module.rst +++ b/docs/community.aws.route53_info_module.rst @@ -36,399 +36,418 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    change_id
    string -
    -     		- -
    The ID of the change batch request.
    -
    The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
    -
    Required if query=change.
    -     		+ +
    The ID of the change batch request.
    +
    The value that you specify here is the value that ChangeResourceRecordSets returned in the Id element when you submitted the request.
    +
    Required if query=change.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delegation_set_id
    string -
    -     		- -
    The DNS Zone delegation set ID.
    -     		+ +
    The DNS Zone delegation set ID.
    +
    +
    dns_name
    string -
    -     		- -
    The first name in the lexicographic ordering of domain names that you want the list_command to start listing from.
    -     		+ +
    The first name in the lexicographic ordering of domain names that you want the list_command to start listing from.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    health_check_id
    string -
    -     		- -
    The ID of the health check.
    -
    Required if query is set to health_check and health_check_method is set to details or status or failure_reason.
    -     		+ +
    The ID of the health check.
    +
    Required if query is set to health_check and health_check_method is set to details or status or failure_reason.
    +
    +
    health_check_method
    string -
    -     		-
      Choices: -
    • list ←
      • -
    • details
      • -
    • status
      • -
    • failure_reason
      • -
    • count
      • -
    • tags
      • -
    -     		-
    This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
    -     		+
      Choices: +
    • list ←
      • +
    • details
      • +
    • status
      • +
    • failure_reason
      • +
    • count
      • +
    • tags
      • +
    +     		+
    This is used in conjunction with query: health_check. It allows for listing details, counts or tags of various health check details.
    +
    +
    hosted_zone_id
    string -
    -     		- -
    The Hosted Zone ID of the DNS zone.
    -
    Required if query is set to hosted_zone and hosted_zone_method is set to details.
    -
    Required if query is set to record_sets.
    -     		+ +
    The Hosted Zone ID of the DNS zone.
    +
    Required if query is set to hosted_zone and hosted_zone_method is set to details.
    +
    Required if query is set to record_sets.
    +
    +
    hosted_zone_method
    string -
    -     		-
      Choices: -
    • details
      • -
    • list ←
      • -
    • list_by_name
      • -
    • count
      • -
    • tags
      • -
    -     		-
    This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
    -     		+
      Choices: +
    • details
      • +
    • list ←
      • +
    • list_by_name
      • +
    • count
      • +
    • tags
      • +
    +     		+
    This is used in conjunction with query: hosted_zone. It allows for listing details, counts or tags of various hosted zone details.
    +
    +
    max_items
    string -
    -     		- -
    Maximum number of items to return for various get/list requests.
    -     		+ +
    Maximum number of items to return for various get/list requests.
    +
    +
    next_marker
    string -
    -     		- -
    Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results.
    -     		+ +
    Some requests such as list_command: hosted_zones will return a maximum number of entries - EG 100 or the number specified by max_items. If the number of entries exceeds this maximum another request can be sent using the NextMarker entry from the first response to get the next page of results.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    query
    string - / required
    -     		-
      Choices: -
    • change
      • -
    • checker_ip_range
      • -
    • health_check
      • -
    • hosted_zone
      • -
    • record_sets
      • -
    • reusable_delegation_set
      • -
    -     		-
    Specifies the query action to take.
    -     		+
      Choices: +
    • change
      • +
    • checker_ip_range
      • +
    • health_check
      • +
    • hosted_zone
      • +
    • record_sets
      • +
    • reusable_delegation_set
      • +
    +     		+
    Specifies the query action to take.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    resource_id
    list - / elements=string
    -     		- -
    The ID/s of the specified resource/s.
    -
    Required if query=health_check and health_check_method=tags.
    -
    Required if query=hosted_zone and hosted_zone_method=tags.
    -

    aliases: resource_ids
    -     		+ +
    The ID/s of the specified resource/s.
    +
    Required if query=health_check and health_check_method=tags.
    +
    Required if query=hosted_zone and hosted_zone_method=tags.
    +

    aliases: resource_ids
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    start_record_name
    string -
    -     		- -
    The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from.
    -     		+ +
    The first name in the lexicographic ordering of domain names that you want the list_command: record_sets to start listing from.
    +
    +
    type
    string -
    -     		-
      Choices: -
    • A
      • -
    • CNAME
      • -
    • MX
      • -
    • AAAA
      • -
    • TXT
      • -
    • PTR
      • -
    • SRV
      • -
    • SPF
      • -
    • CAA
      • -
    • NS
      • -
    -     		-
    The type of DNS record.
    -     		+
      Choices: +
    • A
      • +
    • CNAME
      • +
    • MX
      • +
    • AAAA
      • +
    • TXT
      • +
    • PTR
      • +
    • SRV
      • +
    • SPF
      • +
    • CAA
      • +
    • NS
      • +
    +     		+
    The type of DNS record.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -436,7 +455,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -447,7 +466,6 @@ Examples .. code-block:: yaml+jinja - # Simple example of listing all hosted zones - name: List all hosted zones community.aws.route53_info: @@ -520,7 +538,6 @@ Examples - Status ------ @@ -529,5 +546,3 @@ Authors ~~~~~~~ - Karen Cheng (@Etherdaemon) - - diff --git a/docs/community.aws.route53_module.rst b/docs/community.aws.route53_module.rst index 6c758f244ea..be7e3ce8272 100644 --- a/docs/community.aws.route53_module.rst +++ b/docs/community.aws.route53_module.rst @@ -35,512 +35,531 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    alias
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Indicates if this is an alias record.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Indicates if this is an alias record.
    +
    +
    alias_evaluate_target_health
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Whether or not to evaluate an alias target health. Useful for aliases to Elastic Load Balancers.
    +
    +
    alias_hosted_zone_id
    string -
    -     		- -
    The hosted zone identifier.
    -     		+ +
    The hosted zone identifier.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    failover
    string -
    -     		-
      Choices: -
    • SECONDARY
      • -
    • PRIMARY
      • -
    -     		-
    Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
    -     		+
      Choices: +
    • SECONDARY
      • +
    • PRIMARY
      • +
    +     		+
    Failover resource record sets only. Whether this is the primary or secondary resource record set. Allowed values are PRIMARY and SECONDARY
    +
    +
    health_check
    string -
    -     		- -
    Health check to associate with this record
    -     		+ +
    Health check to associate with this record
    +
    +
    hosted_zone_id
    string -
    -     		- -
    The Hosted Zone ID of the DNS zone to modify.
    -
    This is a required parameter, if parameter zone is not supplied.
    -     		+ +
    The Hosted Zone ID of the DNS zone to modify.
    +
    This is a required parameter, if parameter zone is not supplied.
    +
    +
    identifier
    string -
    -     		- -
    Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    -     		+ +
    Have to be specified for Weighted, latency-based and failover resource record sets only. An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    +
    +
    overwrite
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    Whether an existing record should be overwritten on create if values do not match.
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    Whether an existing record should be overwritten on create if values do not match.
    +
    +
    private_zone
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    record
    string - / required
    -     		- -
    The full DNS record to create or delete.
    -     		+ +
    The full DNS record to create or delete.
    +
    +
    region
    string -
    -     		- -
    Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
    -     		+ +
    Latency-based resource record sets only Among resource record sets that have the same combination of DNS name and type, a value that determines which region this should be associated with for the latency-based routing
    +
    +
    retry_interval
    integer -
    -     		- Default:
    500
    -     		-
    In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
    -     		+ Default:
    500
    +     		+
    In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    • get
      • -
    • create
      • -
    • delete
      • -
    -     		-
    Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.
    -

    aliases: command
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    • get
      • +
    • create
      • +
    • delete
      • +
    +     		+
    Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.
    +

    aliases: command
    +
    +
    ttl
    integer -
    -     		- Default:
    3600
    -     		-
    The TTL, in second, to give the new record.
    -     		+ Default:
    3600
    +     		+
    The TTL, in second, to give the new record.
    +
    +
    type
    string - / required
    -     		-
      Choices: -
    • A
      • -
    • CNAME
      • -
    • MX
      • -
    • AAAA
      • -
    • TXT
      • -
    • PTR
      • -
    • SRV
      • -
    • SPF
      • -
    • CAA
      • -
    • NS
      • -
    • SOA
      • -
    -     		-
    The type of DNS record to create.
    -     		+
      Choices: +
    • A
      • +
    • CNAME
      • +
    • MX
      • +
    • AAAA
      • +
    • TXT
      • +
    • PTR
      • +
    • SRV
      • +
    • SPF
      • +
    • CAA
      • +
    • NS
      • +
    • SOA
      • +
    +     		+
    The type of DNS record to create.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    value
    list -
    -     		- -
    The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
    -
    When deleting a record all values for the record must be specified or Route53 will not delete it.
    -     		+ +
    The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
    +
    When deleting a record all values for the record must be specified or Route53 will not delete it.
    +
    +
    vpc_id
    string -
    -     		- -
    When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.
    -
    This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
    -     		+ +
    When used in conjunction with private_zone: true, this will only modify records in the private hosted zone attached to this VPC.
    +
    This allows you to have multiple private hosted zones, all with the same name, attached to different VPCs.
    +
    +
    wait
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Wait until the changes have been replicated to all Amazon Route 53 DNS servers.
    +
    +
    wait_timeout
    integer -
    -     		- Default:
    300
    -     		-
    How long to wait for the changes to be replicated, in seconds.
    -     		+ Default:
    300
    +     		+
    How long to wait for the changes to be replicated, in seconds.
    +
    +
    weight
    integer -
    -     		- -
    Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
    -     		+ +
    Weighted resource record sets only. Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location.
    +
    +
    zone
    string -
    -     		- -
    The DNS zone to modify.
    -
    This is a required parameter, if parameter hosted_zone_id is not supplied.
    -
    + + + + + +
    The DNS zone to modify.
    +
    This is a required parameter, if parameter hosted_zone_id is not supplied.
    + + +
    @@ -548,7 +567,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -559,7 +578,6 @@ Examples .. code-block:: yaml+jinja - - name: Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated community.aws.route53: state: present @@ -708,8 +726,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -722,250 +738,250 @@ Common return values are documented `here Returned Description - - + +
    nameservers
    list -
    - + + when state is 'get' -
    Nameservers associated with the zone.
    -
    -
    Sample:
    -
    ['ns-1036.awsdns-00.org.', 'ns-516.awsdns-00.net.', 'ns-1504.awsdns-00.co.uk.', 'ns-1.awsdns-00.com.']
    - - - - +
    Nameservers associated with the zone.
    +
    +
    Sample:
    +
    ['ns-1036.awsdns-00.org.', 'ns-516.awsdns-00.net.', 'ns-1504.awsdns-00.co.uk.', 'ns-1.awsdns-00.com.']
    + + + +
    set
    complex -
    - + + when state is 'get' -
    Info specific to the resource record.
    -
    - +
    Info specific to the resource record.
    +
    + - -   - + +   +
    alias
    boolean -
    - + + always -
    Whether this is an alias.
    -
    - +
    Whether this is an alias.
    +
    + - -   - + +   +
    failover
    string -
    - + + always -
    Whether this is the primary or secondary resource record set.
    -
    -
    Sample:
    -
    PRIMARY
    - - - -   - +
    Whether this is the primary or secondary resource record set.
    +
    +
    Sample:
    +
    PRIMARY
    + + + +   +
    health_check
    string -
    - + + always -
    health_check associated with this record.
    -
    - +
    health_check associated with this record.
    +
    + - -   - + +   +
    identifier
    string -
    - + + always -
    An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    -
    - +
    An identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
    +
    + - -   - + +   +
    record
    string -
    - + + always -
    Domain name for the record set.
    -
    -
    Sample:
    -
    new.foo.com.
    - - - -   - +
    Domain name for the record set.
    +
    +
    Sample:
    +
    new.foo.com.
    + + + +   +
    region
    string -
    - + + always -
    Which region this should be associated with for latency-based routing.
    -
    -
    Sample:
    -
    us-west-2
    - - - -   - +
    Which region this should be associated with for latency-based routing.
    +
    +
    Sample:
    +
    us-west-2
    + + + +   +
    ttl
    string -
    - + + always -
    Resource record cache TTL.
    -
    -
    Sample:
    -
    3600
    - - - -   - +
    Resource record cache TTL.
    +
    +
    Sample:
    +
    3600
    + + + +   +
    type
    string -
    - + + always -
    Resource record set type.
    -
    -
    Sample:
    -
    A
    - - - -   - +
    Resource record set type.
    +
    +
    Sample:
    +
    A
    + + + +   +
    value
    string -
    - + + always -
    Record value.
    -
    -
    Sample:
    -
    52.43.18.27
    - - - -   - +
    Record value.
    +
    +
    Sample:
    +
    52.43.18.27
    + + + +   +
    values
    list -
    - + + always -
    Record Values.
    -
    -
    Sample:
    -
    ['52.43.18.27']
    - - - -   - +
    Record Values.
    +
    +
    Sample:
    +
    ['52.43.18.27']
    + + + +   +
    weight
    string -
    - + + always -
    Weight of the record.
    -
    -
    Sample:
    -
    3
    - - - -   - +
    Weight of the record.
    +
    +
    Sample:
    +
    3
    + + + +   +
    zone
    string -
    - + + always -
    Zone this record set belongs to.
    -
    -
    Sample:
    -
    foo.bar.com.
    - +
    Zone this record set belongs to.
    +
    +
    Sample:
    +
    foo.bar.com.
    + - - + +

    @@ -978,5 +994,3 @@ Authors - Bruce Pennypacker (@bpennypacker) - Mike Buzzetti (@jimbydamonk) - - diff --git a/docs/community.aws.route53_zone_module.rst b/docs/community.aws.route53_zone_module.rst index 2943223a96d..54f7006e036 100644 --- a/docs/community.aws.route53_zone_module.rst +++ b/docs/community.aws.route53_zone_module.rst @@ -36,273 +36,292 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    comment
    string -
    -     		- Default:
    ""
    -     		-
    Comment associated with the zone.
    -     		+ Default:
    ""
    +     		+
    Comment associated with the zone.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delegation_set_id
    string -
    -     		- -
    The reusable delegation set ID to be associated with the zone.
    -
    Note that you can't associate a reusable delegation set with a private hosted zone.
    -     		+ +
    The reusable delegation set ID to be associated with the zone.
    +
    Note that you can't associate a reusable delegation set with a private hosted zone.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    hosted_zone_id
    string -
    -     		- -
    The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
    -
    Required if there are multiple zones identified with the above options.
    -     		+ +
    The unique zone identifier you want to delete or "all" if there are many zones with the same domain name.
    +
    Required if there are multiple zones identified with the above options.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Whether or not the zone should exist or not.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Whether or not the zone should exist or not.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    vpc_id
    string -
    -     		- -
    The VPC ID the zone should be a part of (if this is going to be a private zone).
    -     		+ +
    The VPC ID the zone should be a part of (if this is going to be a private zone).
    +
    +
    vpc_region
    string -
    -     		- -
    The VPC Region the zone should be a part of (if this is going to be a private zone).
    -     		+ +
    The VPC Region the zone should be a part of (if this is going to be a private zone).
    +
    +
    zone
    string - / required
    -     		- -
    The DNS zone record (eg: foo.com.)
    -     		+ +
    The DNS zone record (eg: foo.com.)
    +
    +
    @@ -310,7 +329,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -321,7 +340,6 @@ Examples .. code-block:: yaml+jinja - - name: create a public zone community.aws.route53_zone: zone: example.com @@ -347,7 +365,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -360,126 +377,126 @@ Common return values are documented `here Returned Description - - + +
    comment
    string -
    - + + when hosted zone exists -
    optional hosted zone comment
    -
    -
    Sample:
    -
    Private zone
    - +
    optional hosted zone comment
    +
    +
    Sample:
    +
    Private zone
    + - - + +
    delegation_set_id
    string -
    - + + for public hosted zones, if they have been associated with a reusable delegation set -
    id of the associated reusable delegation set
    -
    -
    Sample:
    -
    A1BCDEF2GHIJKL
    - +
    id of the associated reusable delegation set
    +
    +
    Sample:
    +
    A1BCDEF2GHIJKL
    + - - + +
    name
    string -
    - + + when hosted zone exists -
    hosted zone name
    -
    -
    Sample:
    -
    private.local.
    - +
    hosted zone name
    +
    +
    Sample:
    +
    private.local.
    + - - + +
    private_zone
    boolean -
    - + + when hosted zone exists -
    whether hosted zone is private or public
    -
    -
    Sample:
    -
    True
    - +
    whether hosted zone is private or public
    +
    +
    Sample:
    +
    True
    + - - + +
    vpc_id
    string -
    - + + for private hosted zone -
    id of vpc attached to private hosted zone
    -
    -
    Sample:
    -
    vpc-1d36c84f
    - +
    id of vpc attached to private hosted zone
    +
    +
    Sample:
    +
    vpc-1d36c84f
    + - - + +
    vpc_region
    string -
    - + + for private hosted zone -
    region of vpc attached to private hosted zone
    -
    -
    Sample:
    -
    eu-west-1
    - +
    region of vpc attached to private hosted zone
    +
    +
    Sample:
    +
    eu-west-1
    + - - + +
    zone_id
    string -
    - + + when hosted zone exists -
    hosted zone id
    -
    -
    Sample:
    -
    Z6JQG9820BEFMW
    - +
    hosted zone id
    +
    +
    Sample:
    +
    Z6JQG9820BEFMW
    + - +

    @@ -491,5 +508,3 @@ Authors ~~~~~~~ - Christopher Troup (@minichate) - - diff --git a/docs/community.aws.s3_bucket_notification_module.rst b/docs/community.aws.s3_bucket_notification_module.rst index dcbbc4fd7bd..f0a0a08249a 100644 --- a/docs/community.aws.s3_bucket_notification_module.rst +++ b/docs/community.aws.s3_bucket_notification_module.rst @@ -36,317 +36,336 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / elements=string + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bucket_name
    string - / required
    -     		- -
    S3 bucket name.
    -     		+ +
    S3 bucket name.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    event_name
    string - / required
    -     		- -
    Unique name for event notification on bucket.
    -     		+ +
    Unique name for event notification on bucket.
    +
    +
    events
    list - / elements=string
    -     		-
      Choices: -
    • s3:ObjectCreated:*
      • -
    • s3:ObjectCreated:Put
      • -
    • s3:ObjectCreated:Post
      • -
    • s3:ObjectCreated:Copy
      • -
    • s3:ObjectCreated:CompleteMultipartUpload
      • -
    • s3:ObjectRemoved:*
      • -
    • s3:ObjectRemoved:Delete
      • -
    • s3:ObjectRemoved:DeleteMarkerCreated
      • -
    • s3:ObjectRestore:Post
      • -
    • s3:ObjectRestore:Completed
      • -
    • s3:ReducedRedundancyLostObject
      • -
    -     		-
    Events that you want to be triggering notifications. You can select multiple events to send to the same destination, you can set up different events to send to different destinations, and you can set up a prefix or suffix for an event. However, for each bucket, individual events cannot have multiple configurations with overlapping prefixes or suffixes that could match the same object key.
    -
    Required when state=present.
    -     		+
      Choices: +
    • s3:ObjectCreated:*
      • +
    • s3:ObjectCreated:Put
      • +
    • s3:ObjectCreated:Post
      • +
    • s3:ObjectCreated:Copy
      • +
    • s3:ObjectCreated:CompleteMultipartUpload
      • +
    • s3:ObjectRemoved:*
      • +
    • s3:ObjectRemoved:Delete
      • +
    • s3:ObjectRemoved:DeleteMarkerCreated
      • +
    • s3:ObjectRestore:Post
      • +
    • s3:ObjectRestore:Completed
      • +
    • s3:ReducedRedundancyLostObject
      • +
    +     		+
    Events that you want to be triggering notifications. You can select multiple events to send to the same destination, you can set up different events to send to different destinations, and you can set up a prefix or suffix for an event. However, for each bucket, individual events cannot have multiple configurations with overlapping prefixes or suffixes that could match the same object key.
    +
    Required when state=present.
    +
    +
    lambda_alias
    string -
    -     		- -
    Name of the Lambda function alias.
    -
    Mutually exclusive with lambda_version.
    -     		+ +
    Name of the Lambda function alias.
    +
    Mutually exclusive with lambda_version.
    +
    +
    lambda_function_arn
    string -
    -     		- -
    The ARN of the lambda function.
    -

    aliases: function_arn
    -     		+ +
    The ARN of the lambda function.
    +

    aliases: function_arn
    +
    +
    lambda_version
    integer -
    -     		- -
    Version of the Lambda function.
    -
    Mutually exclusive with lambda_alias.
    -     		+ +
    Version of the Lambda function.
    +
    Mutually exclusive with lambda_alias.
    +
    +
    prefix
    string -
    -     		- -
    Optional prefix to limit the notifications to objects with keys that start with matching characters.
    -     		+ +
    Optional prefix to limit the notifications to objects with keys that start with matching characters.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Describes the desired state.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Describes the desired state.
    +
    +
    suffix
    string -
    -     		- -
    Optional suffix to limit the notifications to objects with keys that end with matching characters.
    -     		+ +
    Optional suffix to limit the notifications to objects with keys that end with matching characters.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -355,7 +374,7 @@ Notes .. note:: - This module heavily depends on :ref:`community.aws.lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -366,7 +385,6 @@ Examples .. code-block:: yaml+jinja - --- # Example that creates a lambda event notification for a bucket - name: Process jpg image @@ -381,7 +399,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -394,22 +411,22 @@ Common return values are documented `here Returned Description - - + +
    notification_configuration
    list -
    - + + success -
    list of currently applied notifications
    -
    - +
    list of currently applied notifications
    +
    + - +

    @@ -423,5 +440,3 @@ Authors - XLAB d.o.o. (@xlab-si) - Aljaz Kosir (@aljazkosir) - Miha Plesko (@miha-plesko) - - diff --git a/docs/community.aws.s3_lifecycle_module.rst b/docs/community.aws.s3_lifecycle_module.rst index 49eb0ab2973..c55f74ca544 100644 --- a/docs/community.aws.s3_lifecycle_module.rst +++ b/docs/community.aws.s3_lifecycle_module.rst @@ -36,445 +36,464 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / elements=dictionary + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    expiration_date
    string -
    -     		- -
    Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.
    -     		+ +
    Indicates the lifetime of the objects that are subject to the rule by the date they will expire. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified.
    +
    +
    expiration_days
    integer -
    -     		- -
    Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
    -     		+ +
    Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
    +
    +
    name
    string - / required
    -     		- -
    Name of the s3 bucket
    -     		+ +
    Name of the s3 bucket
    +
    +
    noncurrent_version_expiration_days
    integer -
    -     		- -
    Delete noncurrent versions this many days after they become noncurrent
    -     		+ +
    Delete noncurrent versions this many days after they become noncurrent
    +
    +
    noncurrent_version_storage_class
    string -
    -     		-
      Choices: -
    • glacier ←
      • -
    • onezone_ia
      • -
    • standard_ia
      • -
    -     		-
    Transition noncurrent versions to this storage class
    -     		+
      Choices: +
    • glacier ←
      • +
    • onezone_ia
      • +
    • standard_ia
      • +
    +     		+
    Transition noncurrent versions to this storage class
    +
    +
    noncurrent_version_transition_days
    integer -
    -     		- -
    Transition noncurrent versions this many days after they become noncurrent
    -     		+ +
    Transition noncurrent versions this many days after they become noncurrent
    +
    +
    noncurrent_version_transitions
    list -
    -     		- -
    A list of transition behaviors to be applied to noncurrent versions for the rule. Each storage class may be used only once. Each transition behavior contains these elements + / elements=dictionary
    +     		+ +
    A list of transition behaviors to be applied to noncurrent versions for the rule. Each storage class may be used only once. Each transition behavior contains these elements transition_days storage_class
    -
    +
    prefix
    string -
    -     		- -
    Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
    -     		+ +
    Prefix identifying one or more objects to which the rule applies. If no prefix is specified, the rule will apply to the whole bucket.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_transitions
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    "Whether to replace all the current transition(s) with the new transition(s). When false, the provided transition(s) will be added, replacing transitions with the same storage_class. When true, existing transitions will be removed and replaced with the new transition(s)
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    "Whether to replace all the current transition(s) with the new transition(s). When false, the provided transition(s) will be added, replacing transitions with the same storage_class. When true, existing transitions will be removed and replaced with the new transition(s)
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    requester_pays
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes
      • -
    -     		-
    The requester_pays option does nothing and will be removed after 2022-06-01
    -     		+
      Choices: +
    • no
      • +
    • yes
      • +
    +     		+
    The requester_pays option does nothing and will be removed after 2022-06-01
    +
    +
    rule_id
    string -
    -     		- -
    Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
    -     		+ +
    Unique identifier for the rule. The value cannot be longer than 255 characters. A unique value for the rule will be generated if no value is provided.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or remove the lifecycle rule
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or remove the lifecycle rule
    +
    +
    status
    string -
    -     		-
      Choices: -
    • enabled ←
      • -
    • disabled
      • -
    -     		-
    If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
    -     		+
      Choices: +
    • enabled ←
      • +
    • disabled
      • +
    +     		+
    If 'enabled', the rule is currently being applied. If 'disabled', the rule is not currently being applied.
    +
    +
    storage_class
    string -
    -     		-
      Choices: -
    • glacier ←
      • -
    • onezone_ia
      • -
    • standard_ia
      • -
    -     		-
    The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
    -
    The 'standard_ia' class is only being available from Ansible version 2.2.
    -     		+
      Choices: +
    • glacier ←
      • +
    • onezone_ia
      • +
    • standard_ia
      • +
    +     		+
    The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
    +
    The 'standard_ia' class is only being available from Ansible version 2.2.
    +
    +
    transition_date
    string -
    -     		- -
    Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required."
    -     		+ +
    Indicates the lifetime of the objects that are subject to the rule by the date they will transition to a different storage class. The value must be ISO-8601 format, the time must be midnight and a GMT timezone must be specified. If transition_days is not specified, this parameter is required."
    +
    +
    transition_days
    integer -
    -     		- -
    Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
    -     		+ +
    Indicates when, in days, an object transitions to a different storage class. If transition_date is not specified, this parameter is required.
    +
    +
    transitions
    list -
    -     		- -
    A list of transition behaviors to be applied to the rule. Each storage class may be used only once. Each transition behavior may contain these elements transition_days transition_date storage_class
    -     		+ +
    A list of transition behaviors to be applied to the rule. Each storage class may be used only once. Each transition behavior may contain these elements transition_days transition_date storage_class
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -484,7 +503,7 @@ Notes .. note:: - If specifying expiration time as days then transition time must also be specified in days - If specifying expiration time as a date then transition time must also be specified as a date - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -495,7 +514,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Configure a lifecycle rule on a bucket to expire (delete) items with a prefix of /logs/ after 30 days @@ -563,7 +581,6 @@ Examples - Status ------ @@ -572,5 +589,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.s3_logging_module.rst b/docs/community.aws.s3_logging_module.rst index 1662ee90d97..3ffc8732686 100644 --- a/docs/community.aws.s3_logging_module.rst +++ b/docs/community.aws.s3_logging_module.rst @@ -35,226 +35,245 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    Name of the s3 bucket.
    -     		+ +
    Name of the s3 bucket.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Enable or disable logging.
    -     		+
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Enable or disable logging.
    +
    +
    target_bucket
    string -
    -     		- -
    The bucket to log to. Required when state=present.
    -     		+ +
    The bucket to log to. Required when state=present.
    +
    +
    target_prefix
    string -
    -     		- Default:
    ""
    -     		-
    The prefix that should be prepended to the generated log files written to the target_bucket.
    -     		+ Default:
    ""
    +     		+
    The prefix that should be prepended to the generated log files written to the target_bucket.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -262,7 +281,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -273,7 +292,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Enable logging of s3 bucket mywebsite.com to s3 bucket mylogs @@ -291,8 +309,6 @@ Examples - - Status ------ @@ -301,5 +317,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.s3_sync_module.rst b/docs/community.aws.s3_sync_module.rst index ba5e284cbb8..ac4e710242f 100644 --- a/docs/community.aws.s3_sync_module.rst +++ b/docs/community.aws.s3_sync_module.rst @@ -38,374 +38,393 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    bucket
    string - / required
    -     		- -
    Bucket name.
    -     		+ +
    Bucket name.
    +
    +
    cache_control
    string -
    -     		- -
    Cache-Control header set on uploaded objects.
    -
    Directives are separated by commas.
    -     		+ +
    Cache-Control header set on uploaded objects.
    +
    Directives are separated by commas.
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delete
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Remove remote files that exist in bucket but are not present in the file root.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Remove remote files that exist in bucket but are not present in the file root.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    exclude
    string -
    -     		- Default:
    ".*"
    -     		-
    Shell pattern-style file matching.
    -
    Used after include to remove files (for instance, skip "*.txt")
    -
    For multiple patterns, comma-separate them.
    -     		+ Default:
    ".*"
    +     		+
    Shell pattern-style file matching.
    +
    Used after include to remove files (for instance, skip "*.txt")
    +
    For multiple patterns, comma-separate them.
    +
    +
    file_change_strategy
    string -
    -     		-
      Choices: -
    • force
      • -
    • checksum
      • -
    • date_size ←
      • -
    -     		-
    Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.
    -
    date_size will upload if file sizes don't match or if local file modified date is newer than s3's version
    -
    checksum will compare etag values based on s3's implementation of chunked md5s.
    -
    force will always upload all files.
    -     		+
      Choices: +
    • force
      • +
    • checksum
      • +
    • date_size ←
      • +
    +     		+
    Difference determination method to allow changes-only syncing. Unlike rsync, files are not patched- they are fully skipped or fully uploaded.
    +
    date_size will upload if file sizes don't match or if local file modified date is newer than s3's version
    +
    checksum will compare etag values based on s3's implementation of chunked md5s.
    +
    force will always upload all files.
    +
    +
    file_root
    path - / required
    -     		- -
    File/directory path for synchronization. This is a local path.
    -
    This root path is scrubbed from the key name, so subdirectories will remain as keys.
    -     		+ +
    File/directory path for synchronization. This is a local path.
    +
    This root path is scrubbed from the key name, so subdirectories will remain as keys.
    +
    +
    include
    string -
    -     		- Default:
    "*"
    -     		-
    Shell pattern-style file matching.
    -
    Used before exclude to determine eligible files (for instance, only "*.gif")
    -
    For multiple patterns, comma-separate them.
    -     		+ Default:
    "*"
    +     		+
    Shell pattern-style file matching.
    +
    Used before exclude to determine eligible files (for instance, only "*.gif")
    +
    For multiple patterns, comma-separate them.
    +
    +
    key_prefix
    string -
    -     		- -
    In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
    -     		+ +
    In addition to file path, prepend s3 path with this prefix. Module will add slash at end of prefix if necessary.
    +
    +
    mime_map
    dictionary -
    -     		- -
    Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example {".txt": "application/text", ".yml": "application/text"}
    -     		+ +
    Dict entry from extension to MIME type. This will override any default/sniffed MIME type. For example {".txt": "application/text", ".yml": "application/text"}
    +
    +
    mode
    string -
    -     		-
      Choices: -
    • push ←
      • -
    -     		-
    sync direction.
    -     		+
      Choices: +
    • push ←
      • +
    +     		+
    sync direction.
    +
    +
    permission
    string -
    -     		-
      Choices: -
    • private
      • -
    • public-read
      • -
    • public-read-write
      • -
    • authenticated-read
      • -
    • aws-exec-read
      • -
    • bucket-owner-read
      • -
    • bucket-owner-full-control
      • -
    -     		-
    Canned ACL to apply to synced files.
    -
    Changing this ACL only changes newly synced files, it does not trigger a full reupload.
    -     		+
      Choices: +
    • private
      • +
    • public-read
      • +
    • public-read-write
      • +
    • authenticated-read
      • +
    • aws-exec-read
      • +
    • bucket-owner-read
      • +
    • bucket-owner-full-control
      • +
    +     		+
    Canned ACL to apply to synced files.
    +
    Changing this ACL only changes newly synced files, it does not trigger a full reupload.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    retries
    string -
    -     		- -
    The retries option does nothing and will be removed after 2022-06-01
    -     		+ +
    The retries option does nothing and will be removed after 2022-06-01
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -413,7 +432,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -424,7 +443,6 @@ Examples .. code-block:: yaml+jinja - - name: basic upload community.aws.s3_sync: bucket: tedder @@ -446,7 +464,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -459,109 +476,109 @@ Common return values are documented `here Returned Description - - + +
    filelist_actionable
    list -
    - + + always -
    file listing (dicts) of files that will be uploaded after the strategy decision
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477931256, 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931256 / 1477929260'}]
    - +
    file listing (dicts) of files that will be uploaded after the strategy decision
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477931256, 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931256 / 1477929260'}]
    + - - + +
    filelist_initial
    list -
    - + + always -
    file listing (dicts) from initial globbing
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'modified_epoch': 1477416706}]
    - +
    file listing (dicts) from initial globbing
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'modified_epoch': 1477416706}]
    + - - + +
    filelist_local_etag
    list -
    - + + always -
    file listing (dicts) including calculated local etag
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    - +
    file listing (dicts) including calculated local etag
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    + - - + +
    filelist_s3
    list -
    - + + always -
    file listing (dicts) including information about previously-uploaded versions
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    - +
    file listing (dicts) including information about previously-uploaded versions
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706, 's3_path': 's3sync/policy.json'}]
    + - - + +
    filelist_typed
    list -
    - + + always -
    file listing (dicts) with calculated or overridden mime types
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706}]
    - +
    file listing (dicts) with calculated or overridden mime types
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 'mime_type': 'application/json', 'modified_epoch': 1477416706}]
    + - - + +
    uploaded
    list -
    - + + always -
    file listing (dicts) of files that were actually uploaded
    -
    -
    Sample:
    -
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931637 / 1477931489'}]
    - +
    file listing (dicts) of files that were actually uploaded
    +
    +
    Sample:
    +
    [{'bytes': 151, 'chopped_path': 'policy.json', 'fullpath': 'roles/cf/files/policy.json', 's3_path': 's3sync/policy.json', 'whysize': '151 / 151', 'whytime': '1477931637 / 1477931489'}]
    + - +

    @@ -573,5 +590,3 @@ Authors ~~~~~~~ - Ted Timmons (@tedder) - - diff --git a/docs/community.aws.s3_website_module.rst b/docs/community.aws.s3_website_module.rst index 8fd280997b0..1f4924b9df1 100644 --- a/docs/community.aws.s3_website_module.rst +++ b/docs/community.aws.s3_website_module.rst @@ -36,241 +36,260 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    error_key
    string -
    -     		- -
    The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
    -     		+ +
    The object key name to use when a 4XX class error occurs. To remove an error key, set to None.
    +
    +
    name
    string - / required
    -     		- -
    Name of the s3 bucket
    -     		+ +
    Name of the s3 bucket
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    redirect_all_requests
    string -
    -     		- -
    Describes the redirect behavior for every request to this s3 bucket website endpoint
    -     		+ +
    Describes the redirect behavior for every request to this s3 bucket website endpoint
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string - / required
    -     		-
      Choices: -
    • present
      • -
    • absent
      • -
    -     		-
    Add or remove s3 website configuration
    -     		+
      Choices: +
    • present
      • +
    • absent
      • +
    +     		+
    Add or remove s3 website configuration
    +
    +
    suffix
    string -
    -     		- Default:
    "index.html"
    -     		-
    Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.
    -     		+ Default:
    "index.html"
    +     		+
    Suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html). The suffix must not include a slash character.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -278,7 +297,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -289,7 +308,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Configure an s3 bucket to redirect all requests to example.com @@ -312,8 +330,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -326,306 +342,306 @@ Common return values are documented `here Returned Description - - + +
    error_document
    complex -
    - + + always -
    error document
    -
    - +
    error document
    +
    + - -   - + +   +
    key
    string -
    - + + when error_document parameter set -
    object key name to use when a 4XX class error occurs
    -
    -
    Sample:
    -
    error.html
    - +
    object key name to use when a 4XX class error occurs
    +
    +
    Sample:
    +
    error.html
    + - - - + + +
    index_document
    complex -
    - + + always -
    index document
    -
    - +
    index document
    +
    + - -   - + +   +
    suffix
    string -
    - + + success -
    suffix that is appended to a request that is for a directory on the website endpoint
    -
    -
    Sample:
    -
    index.html
    - +
    suffix that is appended to a request that is for a directory on the website endpoint
    +
    +
    Sample:
    +
    index.html
    + - - - + + +
    redirect_all_requests_to
    complex -
    - + + always -
    where to redirect requests
    -
    - +
    where to redirect requests
    +
    + - -   - + +   +
    host_name
    string -
    - + + when redirect all requests parameter set -
    name of the host where requests will be redirected.
    -
    -
    Sample:
    -
    ansible.com
    - +
    name of the host where requests will be redirected.
    +
    +
    Sample:
    +
    ansible.com
    + - -   - + +   +
    protocol
    string -
    - + + when redirect all requests parameter set -
    protocol to use when redirecting requests.
    -
    -
    Sample:
    -
    https
    - +
    protocol to use when redirecting requests.
    +
    +
    Sample:
    +
    https
    + - - - + + +
    routing_rules
    list -
    - + + always -
    routing rules
    -
    - +
    routing rules
    +
    + - -   - + +   +
    condition
    complex -
    - + + -
    A container for describing a condition that must be met for the specified redirect to apply.
    -
    - +
    A container for describing a condition that must be met for the specified redirect to apply.
    +
    + - -   -   - + +   +   +
    http_error_code_returned_equals
    string -
    - + + always -
    The HTTP error code when the redirect is applied.
    -
    - +
    The HTTP error code when the redirect is applied.
    +
    + - -   -   - + +   +   +
    key_prefix_equals
    string -
    - + + when routing rule present -
    object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html
    -
    -
    Sample:
    -
    docs/
    - +
    object key name prefix when the redirect is applied. For example, to redirect requests for ExamplePage.html, the key prefix will be ExamplePage.html
    +
    +
    Sample:
    +
    docs/
    + - - -   - + + +   +
    redirect
    complex -
    - + + always -
    Container for redirect information.
    -
    - +
    Container for redirect information.
    +
    + - -   -   - + +   +   +
    host_name
    string -
    - + + when host name set as part of redirect rule -
    name of the host where requests will be redirected.
    -
    -
    Sample:
    -
    ansible.com
    - +
    name of the host where requests will be redirected.
    +
    +
    Sample:
    +
    ansible.com
    + - -   -   - + +   +   +
    http_redirect_code
    string -
    - + + when routing rule present -
    The HTTP redirect code to use on the response.
    -
    - +
    The HTTP redirect code to use on the response.
    +
    + - -   -   - + +   +   +
    protocol
    string -
    - + + when routing rule present -
    Protocol to use when redirecting requests.
    -
    -
    Sample:
    -
    http
    - +
    Protocol to use when redirecting requests.
    +
    +
    Sample:
    +
    http
    + - -   -   - + +   +   +
    replace_key_prefix_with
    string -
    - + + when routing rule present -
    object key prefix to use in the redirect request
    -
    -
    Sample:
    -
    documents/
    - +
    object key prefix to use in the redirect request
    +
    +
    Sample:
    +
    documents/
    + - -   -   - + +   +   +
    replace_key_with
    string -
    - + + when routing rule present -
    object key prefix to use in the redirect request
    -
    -
    Sample:
    -
    documents/
    - +
    object key prefix to use in the redirect request
    +
    +
    Sample:
    +
    documents/
    + - - - + + +

    @@ -637,5 +653,3 @@ Authors ~~~~~~~ - Rob White (@wimnat) - - diff --git a/docs/community.aws.sns_module.rst b/docs/community.aws.sns_module.rst index 8a7f1cb26d1..3ba142330a7 100644 --- a/docs/community.aws.sns_module.rst +++ b/docs/community.aws.sns_module.rst @@ -37,364 +37,383 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    application
    string -
    -     		- -
    Message to send to application subscriptions.
    -     		+ +
    Message to send to application subscriptions.
    +
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    email
    string -
    -     		- -
    Message to send to email subscriptions.
    -     		+ +
    Message to send to email subscriptions.
    +
    +
    email_json
    string -
    -     		- -
    Message to send to email-json subscriptions.
    -     		+ +
    Message to send to email-json subscriptions.
    +
    +
    http
    string -
    -     		- -
    Message to send to HTTP subscriptions.
    -     		+ +
    Message to send to HTTP subscriptions.
    +
    +
    https
    string -
    -     		- -
    Message to send to HTTPS subscriptions.
    -     		+ +
    Message to send to HTTPS subscriptions.
    +
    +
    lambda
    string -
    -     		- -
    Message to send to Lambda subscriptions.
    -     		+ +
    Message to send to Lambda subscriptions.
    +
    +
    message_attributes
    dictionary -
    -     		- -
    Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
    -
    This is in AWS's distinct Name/Type/Value format; see example below.
    -     		+ +
    Dictionary of message attributes. These are optional structured data entries to be sent along to the endpoint.
    +
    This is in AWS's distinct Name/Type/Value format; see example below.
    +
    +
    message_structure
    string -
    -     		-
      Choices: -
    • json ←
      • -
    • string
      • -
    -     		-
    The payload format to use for the message.
    -
    This must be 'json' to support protocol-specific messages (http, https, email, sms, sqs).
    -
    It must be 'string' to support message_attributes.
    -     		+
      Choices: +
    • json ←
      • +
    • string
      • +
    +     		+
    The payload format to use for the message.
    +
    This must be 'json' to support protocol-specific messages (http, https, email, sms, sqs).
    +
    It must be 'string' to support message_attributes.
    +
    +
    msg
    string - / required
    -     		- -
    Default message for subscriptions without a more specific message.
    -

    aliases: default
    -     		+ +
    Default message for subscriptions without a more specific message.
    +

    aliases: default
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    sms
    string -
    -     		- -
    Message to send to SMS subscriptions.
    -     		+ +
    Message to send to SMS subscriptions.
    +
    +
    sqs
    string -
    -     		- -
    Message to send to SQS subscriptions.
    -     		+ +
    Message to send to SQS subscriptions.
    +
    +
    subject
    string -
    -     		- -
    Message subject
    -     		+ +
    Message subject
    +
    +
    topic
    string - / required
    -     		- -
    The name or ARN of the topic to publish to.
    -     		+ +
    The name or ARN of the topic to publish to.
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -402,7 +421,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -413,7 +432,6 @@ Examples .. code-block:: yaml+jinja - - name: Send default notification message via SNS community.aws.sns: msg: '{{ inventory_hostname }} has completed the play.' @@ -444,7 +462,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -457,41 +474,41 @@ Common return values are documented `here Returned Description - - + +
    message_id
    string -
    - + + when success -
    The message ID of the submitted message
    -
    -
    Sample:
    -
    2f681ef0-6d76-5c94-99b2-4ae3996ce57b
    - +
    The message ID of the submitted message
    +
    +
    Sample:
    +
    2f681ef0-6d76-5c94-99b2-4ae3996ce57b
    + - - + +
    msg
    string -
    - + + always -
    Human-readable diagnostic information
    -
    -
    Sample:
    -
    OK
    - +
    Human-readable diagnostic information
    +
    +
    Sample:
    +
    OK
    + - +

    @@ -504,5 +521,3 @@ Authors - Michael J. Schultz (@mjschultz) - Paul Arthur (@flowerysong) - - diff --git a/docs/community.aws.sns_topic_module.rst b/docs/community.aws.sns_topic_module.rst index c47c7f3f172..4e946e0ad93 100644 --- a/docs/community.aws.sns_topic_module.rst +++ b/docs/community.aws.sns_topic_module.rst @@ -36,308 +36,327 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - - - - - + + + + + + - - + / required + + + - - - + + - - - - - - + + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    delivery_policy
    dictionary -
    -     		- -
    Delivery policy to apply to the SNS topic.
    -     		+ +
    Delivery policy to apply to the SNS topic.
    +
    +
    display_name
    string -
    -     		- -
    Display name of the topic.
    -     		+ +
    Display name of the topic.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    name
    string - / required
    -     		- -
    The name or ARN of the SNS topic to manage.
    -     		+ +
    The name or ARN of the SNS topic to manage.
    +
    +
    policy
    dictionary -
    -     		- -
    Policy to apply to the SNS topic.
    -     		+ +
    Policy to apply to the SNS topic.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    purge_subscriptions
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    Whether to purge any subscriptions not listed here. NOTE: AWS does not allow you to purge any PendingConfirmation subscriptions, so if any exist and would be purged, they are silently skipped. This means that somebody could come back later and confirm the subscription. Sorry. Blame Amazon.
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    state
    string -
    -     		-
      Choices: -
    • absent
      • -
    • present ←
      • -
    -     		-
    Whether to create or destroy an SNS topic.
    -     		+
      Choices: +
    • absent
      • +
    • present ←
      • +
    +     		+
    Whether to create or destroy an SNS topic.
    +
    +
    subscriptions
    list - / elements=dictionary
    -     		- Default:
    []
    -     		-
    List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
    -
    + / elements=dictionary + + Default:
    []
    +     		+
    List of subscriptions to apply to the topic. Note that AWS requires subscriptions to be confirmed, so you will need to confirm any new subscriptions.
    +
    endpoint
    - - / required
    -     		- -
    Endpoint of subscription.
    -     		+ +
    Endpoint of subscription.
    +
    +
    protocol
    - - / required
    -     		- -
    Protocol of subscription.
    -
    + / required + + +
    Protocol of subscription.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    + + +
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    + + +
    @@ -345,7 +364,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -356,8 +375,6 @@ Examples .. code-block:: yaml+jinja - - - name: Create alarm SNS topic community.aws.sns_topic: name: "alarms" @@ -382,8 +399,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -396,366 +411,366 @@ Common return values are documented `here Returned Description - - + +
    community.aws.sns_topic
    complex -
    - + + always -
    Dict of sns topic details
    -
    - +
    Dict of sns topic details
    +
    + - -   - + +   +
    attributes_set
    list -
    - + + always -
    list of attributes set during this run
    -
    - +
    list of attributes set during this run
    +
    + - -   - + +   +
    check_mode
    boolean -
    - + + always -
    whether check mode was on
    -
    - +
    whether check mode was on
    +
    + - -   - + +   +
    delivery_policy
    string -
    - + + when topic is owned by this AWS account -
    Delivery policy for the SNS topic
    -
    -
    Sample:
    -
    {"http":{"defaultHealthyRetryPolicy":{"minDelayTarget":20,"maxDelayTarget":20,"numRetries":3,"numMaxDelayRetries":0, "numNoDelayRetries":0,"numMinDelayRetries":0,"backoffFunction":"linear"},"disableSubscriptionOverrides":false}}
    - - - -   - +
    Delivery policy for the SNS topic
    +
    +
    Sample:
    +
    {"http":{"defaultHealthyRetryPolicy":{"minDelayTarget":20,"maxDelayTarget":20,"numRetries":3,"numMaxDelayRetries":0, "numNoDelayRetries":0,"numMinDelayRetries":0,"backoffFunction":"linear"},"disableSubscriptionOverrides":false}}
    + + + +   +
    display_name
    string -
    - + + when topic is owned by this AWS account -
    Display name for SNS topic
    -
    -
    Sample:
    -
    My topic name
    - - - -   - +
    Display name for SNS topic
    +
    +
    Sample:
    +
    My topic name
    + + + +   +
    name
    string -
    - + + always -
    Topic name
    -
    -
    Sample:
    -
    ansible-test-dummy-topic
    - - - -   - +
    Topic name
    +
    +
    Sample:
    +
    ansible-test-dummy-topic
    + + + +   +
    owner
    string -
    - + + when topic is owned by this AWS account -
    AWS account that owns the topic
    -
    -
    Sample:
    -
    111111111111
    - - - -   - +
    AWS account that owns the topic
    +
    +
    Sample:
    +
    111111111111
    + + + +   +
    policy
    string -
    - + + when topic is owned by this AWS account -
    Policy for the SNS topic
    -
    -
    Sample:
    -
    {"Version":"2012-10-17","Id":"SomePolicyId","Statement":[{"Sid":"ANewSid","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111111111111:root"}, "Action":"sns:Subscribe","Resource":"arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic","Condition":{"StringEquals":{"sns:Protocol":"email"}}}]}
    - - - -   - +
    Policy for the SNS topic
    +
    +
    Sample:
    +
    {"Version":"2012-10-17","Id":"SomePolicyId","Statement":[{"Sid":"ANewSid","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111111111111:root"}, "Action":"sns:Subscribe","Resource":"arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic","Condition":{"StringEquals":{"sns:Protocol":"email"}}}]}
    + + + +   +
    state
    string -
    - + + always -
    whether the topic is present or absent
    -
    -
    Sample:
    -
    present
    - - - -   - +
    whether the topic is present or absent
    +
    +
    Sample:
    +
    present
    + + + +   +
    subscriptions
    list -
    - + + always -
    List of subscribers to the topic in this AWS account
    -
    - +
    List of subscribers to the topic in this AWS account
    +
    + - -   - + +   +
    subscriptions_added
    list -
    - + + always -
    List of subscribers added in this run
    -
    - +
    List of subscribers added in this run
    +
    + - -   - + +   +
    subscriptions_confirmed
    string -
    - + + when topic is owned by this AWS account -
    Count of confirmed subscriptions
    -
    -
    Sample:
    -
    0
    - - - -   - +
    Count of confirmed subscriptions
    +
    +
    Sample:
    +
    0
    + + + +   +
    subscriptions_deleted
    string -
    - + + when topic is owned by this AWS account -
    Count of deleted subscriptions
    -
    -
    Sample:
    -
    0
    - - - -   - +
    Count of deleted subscriptions
    +
    +
    Sample:
    +
    0
    + + + +   +
    subscriptions_existing
    list -
    - + + always -
    List of existing subscriptions
    -
    - +
    List of existing subscriptions
    +
    + - -   - + +   +
    subscriptions_new
    list -
    - + + always -
    List of new subscriptions
    -
    - +
    List of new subscriptions
    +
    + - -   - + +   +
    subscriptions_pending
    string -
    - + + when topic is owned by this AWS account -
    Count of pending subscriptions
    -
    -
    Sample:
    -
    0
    - - - -   - +
    Count of pending subscriptions
    +
    +
    Sample:
    +
    0
    + + + +   +
    subscriptions_purge
    boolean -
    - + + always -
    Whether or not purge_subscriptions was set
    -
    -
    Sample:
    -
    True
    - - - -   - +
    Whether or not purge_subscriptions was set
    +
    +
    Sample:
    +
    True
    + + + +   +
    topic_arn
    string -
    - + + when topic is owned by this AWS account -
    ARN of the SNS topic (equivalent to sns_arn)
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic
    - - - -   - +
    ARN of the SNS topic (equivalent to sns_arn)
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-2:111111111111:ansible-test-dummy-topic
    + + + +   +
    topic_created
    boolean -
    - + + always -
    Whether the topic was created
    -
    - +
    Whether the topic was created
    +
    + - -   - + +   +
    topic_deleted
    boolean -
    - + + always -
    Whether the topic was deleted
    -
    - +
    Whether the topic was deleted
    +
    + - - - + + +
    sns_arn
    string -
    - + + always -
    The ARN of the topic you are modifying
    -
    -
    Sample:
    -
    arn:aws:sns:us-east-2:111111111111:my_topic_name
    - +
    The ARN of the topic you are modifying
    +
    +
    Sample:
    +
    arn:aws:sns:us-east-2:111111111111:my_topic_name
    + - +

    @@ -769,5 +784,3 @@ Authors - Joel Thompson (@joelthompson) - Fernando Jose Pando (@nand0p) - Will Thames (@willthames) - - diff --git a/docs/community.aws.sqs_queue_module.rst b/docs/community.aws.sqs_queue_module.rst index e6213d4ae27..31047c4515d 100644 --- a/docs/community.aws.sqs_queue_module.rst +++ b/docs/community.aws.sqs_queue_module.rst @@ -37,408 +37,427 @@ Parameters .. raw:: html - + - + - - + - - - - - + + + + + + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - - - + + + + + - - - -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -
    + + + +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -
    + + + +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -
    + + + +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    content_based_deduplication
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Enables content-based deduplication. Used for FIFOs only.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Enables content-based deduplication. Used for FIFOs only.
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    delay_seconds
    integer -
    -     		- -
    The delivery delay in seconds.
    -

    aliases: delivery_delay
    -
    + + + +
    The delivery delay in seconds.
    +

    aliases: delivery_delay
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -
    + + + +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    kms_data_key_reuse_period_seconds
    integer -
    -     		- -
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    -

    aliases: kms_data_key_reuse_period
    -
    + + + +
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    +

    aliases: kms_data_key_reuse_period
    +
    kms_master_key_id
    string -
    -     		- -
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    -
    + + + +
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    +
    maximum_message_size
    integer -
    -     		- -
    The maximum message size in bytes.
    -
    + + + +
    The maximum message size in bytes.
    +
    message_retention_period
    integer -
    -     		- -
    The message retention period in seconds.
    -
    + + + +
    The message retention period in seconds.
    +
    name
    string - / required
    -     		- -
    Name of the queue.
    -
    + / required + + +
    Name of the queue.
    +
    policy
    dictionary -
    -     		- -
    The JSON dict policy to attach to queue.
    -
    + + + +
    The JSON dict policy to attach to queue.
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -
    + + + +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    purge_tags
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Remove tags not listed in tags.
    -
    + + +
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Remove tags not listed in tags.
    +
    queue_type
    string -
    -     		-
      Choices: -
    • standard ←
      • -
    • fifo
      • -
    -     		-
    Standard or FIFO queue.
    -
    queue_type can only be set at queue creation and will otherwise be ignored.
    -
    + + +
      Choices: +
    • standard ←
      • +
    • fifo
      • +
    +     		+
    Standard or FIFO queue.
    +
    queue_type can only be set at queue creation and will otherwise be ignored.
    +
    receive_message_wait_time_seconds
    integer -
    -     		- -
    The receive message wait time in seconds.
    -

    aliases: receive_message_wait_time
    -
    + + + +
    The receive message wait time in seconds.
    +

    aliases: receive_message_wait_time
    +
    redrive_policy
    dictionary -
    -     		- -
    JSON dict with the redrive_policy (see example).
    -
    + + + +
    JSON dict with the redrive_policy (see example).
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -
    + + + +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -
    + + + +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    state
    string -
    -     		-
      Choices: -
    • present ←
      • -
    • absent
      • -
    -     		-
    Create or delete the queue.
    -
    + + +
      Choices: +
    • present ←
      • +
    • absent
      • +
    +     		+
    Create or delete the queue.
    +
    tags
    dictionary -
    -     		- -
    Tag dict to apply to the queue (requires botocore 1.5.40 or above).
    -
    To remove all tags set tags={} and purge_tags=true.
    -
    + + + +
    Tag dict to apply to the queue (requires botocore 1.5.40 or above).
    +
    To remove all tags set tags={} and purge_tags=true.
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -
    + + +
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    visibility_timeout
    integer -
    -     		- -
    The default visibility timeout in seconds.
    -

    aliases: default_visibility_timeout
    -
    + + + + + +
    The default visibility timeout in seconds.
    +

    aliases: default_visibility_timeout
    + + +
    @@ -446,7 +465,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -457,7 +476,6 @@ Examples .. code-block:: yaml+jinja - - name: Create SQS queue with redrive policy community.aws.sqs_queue: name: my-queue @@ -507,7 +525,6 @@ Examples - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -520,224 +537,224 @@ Common return values are documented `here Returned Description - - + +
    content_based_deduplication
    boolean -
    - + + always -
    Enables content-based deduplication. Used for FIFOs only.
    -
    -
    Sample:
    -
    True
    - - - - +
    Enables content-based deduplication. Used for FIFOs only.
    +
    +
    Sample:
    +
    True
    + + + +
    delay_seconds
    integer -
    - + + always -
    The delivery delay in seconds.
    -
    - +
    The delivery delay in seconds.
    +
    + - - + +
    kms_data_key_reuse_period_seconds
    integer -
    - + + always -
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    -
    -
    Sample:
    -
    300
    - - - - +
    The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
    +
    +
    Sample:
    +
    300
    + + + +
    kms_master_key_id
    string -
    - + + always -
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    -
    -
    Sample:
    -
    alias/MyAlias
    - - - - +
    The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.
    +
    +
    Sample:
    +
    alias/MyAlias
    + + + +
    maximum_message_size
    integer -
    - + + always -
    The maximum message size in bytes.
    -
    -
    Sample:
    -
    262144
    - - - - +
    The maximum message size in bytes.
    +
    +
    Sample:
    +
    262144
    + + + +
    message_retention_period
    integer -
    - + + always -
    The message retention period in seconds.
    -
    -
    Sample:
    -
    345600
    - - - - +
    The message retention period in seconds.
    +
    +
    Sample:
    +
    345600
    + + + +
    name
    string -
    - + + always -
    Name of the SQS Queue
    -
    -
    Sample:
    -
    queuename-987d2de0
    - - - - +
    Name of the SQS Queue
    +
    +
    Sample:
    +
    queuename-987d2de0
    + + + +
    queue_arn
    string -
    - + + on success -
    The queue's Amazon resource name (ARN).
    -
    -
    Sample:
    -
    arn:aws:sqs:us-east-1:199999999999:queuename-987d2de0
    - - - - +
    The queue's Amazon resource name (ARN).
    +
    +
    Sample:
    +
    arn:aws:sqs:us-east-1:199999999999:queuename-987d2de0
    + + + +
    queue_url
    string -
    - + + on success -
    URL to access the queue
    -
    -
    Sample:
    -
    https://queue.amazonaws.com/123456789012/MyQueue
    - - - - +
    URL to access the queue
    +
    +
    Sample:
    +
    https://queue.amazonaws.com/123456789012/MyQueue
    + + + +
    receive_message_wait_time_seconds
    integer -
    - + + always -
    The receive message wait time in seconds.
    -
    - +
    The receive message wait time in seconds.
    +
    + - - + +
    region
    string -
    - + + always -
    Region that the queue was created within
    -
    -
    Sample:
    -
    us-east-1
    - - - - +
    Region that the queue was created within
    +
    +
    Sample:
    +
    us-east-1
    + + + +
    tags
    dictionary -
    - + + always -
    List of queue tags
    -
    -
    Sample:
    -
    {"Env": "prod"}
    - - - - +
    List of queue tags
    +
    +
    Sample:
    +
    {"Env": "prod"}
    + + + +
    visibility_timeout
    integer -
    - + + always -
    The default visibility timeout in seconds.
    -
    -
    Sample:
    -
    30
    - +
    The default visibility timeout in seconds.
    +
    +
    Sample:
    +
    30
    + - +

    @@ -752,5 +769,3 @@ Authors - Fernando Jose Pando (@nand0p) - Nadir Lloret (@nadirollo) - Dennis Podkovyrin (@sbj-ss) - - diff --git a/docs/community.aws.sts_assume_role_module.rst b/docs/community.aws.sts_assume_role_module.rst index f10e29cf764..ba469d142fa 100644 --- a/docs/community.aws.sts_assume_role_module.rst +++ b/docs/community.aws.sts_assume_role_module.rst @@ -37,268 +37,287 @@ Parameters .. raw:: html - + - + - - + - - + + + + - - + + + + + + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + / required + + + - - + - - + / required + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    duration_seconds
    integer -
    -     		- -
    The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
    -
    The max depends on the IAM role's sessions duration setting.
    -
    By default, the value is set to 3600 seconds.
    -     		+ +
    The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 43200 seconds (12 hours).
    +
    The max depends on the IAM role's sessions duration setting.
    +
    By default, the value is set to 3600 seconds.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    external_id
    string -
    -     		- -
    A unique identifier that is used by third parties to assume a role in their customers' accounts.
    -     		+ +
    A unique identifier that is used by third parties to assume a role in their customers' accounts.
    +
    +
    mfa_serial_number
    string -
    -     		- -
    The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
    -     		+ +
    The identification number of the MFA device that is associated with the user who is making the AssumeRole call.
    +
    +
    mfa_token
    string -
    -     		- -
    The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
    -     		+ +
    The value provided by the MFA device, if the trust policy of the role being assumed requires MFA.
    +
    +
    policy
    string -
    -     		- -
    Supplemental policy to use in addition to assumed role's policies.
    -     		+ +
    Supplemental policy to use in addition to assumed role's policies.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    role_arn
    string - / required
    -     		- -
    The Amazon Resource Name (ARN) of the role that the caller is assuming https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs.
    -     		+ +
    The Amazon Resource Name (ARN) of the role that the caller is assuming https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs.
    +
    +
    role_session_name
    string - / required
    -     		- -
    Name of the role's session - will be used by CloudTrail.
    -     		+ +
    Name of the role's session - will be used by CloudTrail.
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -307,7 +326,7 @@ Notes .. note:: - In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -318,7 +337,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # Assume an existing role (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) @@ -339,8 +357,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -353,56 +369,56 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    True if obtaining the credentials succeeds
    -
    - +
    True if obtaining the credentials succeeds
    +
    + - - + +
    sts_creds
    dictionary -
    - + + always -
    The temporary security credentials, which include an access key ID, a secret access key, and a security (or session) token
    -
    -
    Sample:
    -
    {'access_key': 'XXXXXXXXXXXXXXXXXXXX', 'expiration': '2017-11-11T11:11:11+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    - +
    The temporary security credentials, which include an access key ID, a secret access key, and a security (or session) token
    +
    +
    Sample:
    +
    {'access_key': 'XXXXXXXXXXXXXXXXXXXX', 'expiration': '2017-11-11T11:11:11+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    + - - + +
    sts_user
    dictionary -
    - + + always -
    The Amazon Resource Name (ARN) and the assumed role ID
    -
    -
    Sample:
    -
    {'assumed_role_id': 'arn:aws:sts::123456789012:assumed-role/demo/Bob', 'arn': 'ARO123EXAMPLE123:Bob'}
    - +
    The Amazon Resource Name (ARN) and the assumed role ID
    +
    +
    Sample:
    +
    {'assumed_role_id': 'arn:aws:sts::123456789012:assumed-role/demo/Bob', 'arn': 'ARO123EXAMPLE123:Bob'}
    + - +

    @@ -415,5 +431,3 @@ Authors - Boris Ekelchik (@bekelchik) - Marek Piatek (@piontas) - - diff --git a/docs/community.aws.sts_session_token_module.rst b/docs/community.aws.sts_session_token_module.rst index 57ae9ee3893..c95a54565b9 100644 --- a/docs/community.aws.sts_session_token_module.rst +++ b/docs/community.aws.sts_session_token_module.rst @@ -37,206 +37,225 @@ Parameters .. raw:: html - + - + - - + - - + + + + + + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + - - + - - + + + + -
    Parameter Choices/DefaultsCommentsComments
    +
    aws_access_key
    string -
    -     		- -
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    -

    aliases: ec2_access_key, access_key
    -     		+ +
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +

    aliases: ec2_access_key, access_key
    +
    +
    + aws_ca_bundle + +
    + path +
    +     		+ +
    The location of a CA Bundle to use when validating SSL certificates.
    +
    Only used for boto3 based modules.
    +
    Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
    +
    +
    aws_config
    dictionary -
    -     		- -
    A dictionary to modify the botocore configuration.
    - -
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    -     		+ +
    A dictionary to modify the botocore configuration.
    + +
    Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
    +
    +
    aws_secret_key
    string -
    -     		- -
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    -

    aliases: ec2_secret_key, secret_key
    -     		+ +
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +

    aliases: ec2_secret_key, secret_key
    +
    +
    debug_botocore_endpoint_logs
    boolean -
    -     		-
      Choices: -
    • no ←
      • -
    • yes
      • -
    -     		-
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    -     		+
      Choices: +
    • no ←
      • +
    • yes
      • +
    +     		+
    Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
    +
    +
    duration_seconds
    integer -
    -     		- -
    The duration, in seconds, of the session token. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
    -     		+ +
    The duration, in seconds, of the session token. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html#API_GetSessionToken_RequestParameters for acceptable and default values.
    +
    +
    ec2_url
    string -
    -     		- -
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    -     		+ +
    Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
    +

    aliases: aws_endpoint_url, endpoint_url
    +
    +
    mfa_serial_number
    string -
    -     		- -
    The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
    -     		+ +
    The identification number of the MFA device that is associated with the user who is making the GetSessionToken call.
    +
    +
    mfa_token
    string -
    -     		- -
    The value provided by the MFA device, if the trust policy of the user requires MFA.
    -     		+ +
    The value provided by the MFA device, if the trust policy of the user requires MFA.
    +
    +
    profile
    string -
    -     		- -
    Uses a boto profile. Only works with boto >= 2.24.0.
    -     		+ +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +

    aliases: aws_profile
    +
    +
    region
    string -
    -     		- -
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    -

    aliases: aws_region, ec2_region
    -     		+ +
    The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
    +

    aliases: aws_region, ec2_region
    +
    +
    security_token
    string -
    -     		- -
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    -

    aliases: access_token
    -     		+ +
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +

    aliases: aws_security_token, access_token
    +
    +
    validate_certs
    boolean -
    -     		-
      Choices: -
    • no
      • -
    • yes ←
      • -
    -     		-
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    -     		+
      Choices: +
    • no
      • +
    • yes ←
      • +
    +     		+
    When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
    +
    +
    @@ -245,7 +264,7 @@ Notes .. note:: - In order to use the session token in a following playbook task you must pass the *access_key*, *access_secret* and *access_token*. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -256,7 +275,6 @@ Examples .. code-block:: yaml+jinja - # Note: These examples do not set authentication details, see the AWS Guide for details. # (more details: https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html) @@ -277,8 +295,6 @@ Examples - - Return Values ------------- Common return values are documented `here `_, the following are the fields unique to this module: @@ -291,39 +307,39 @@ Common return values are documented `here Returned Description - - + +
    changed
    boolean -
    - + + always -
    True if obtaining the credentials succeeds
    -
    - +
    True if obtaining the credentials succeeds
    +
    + - - + +
    sts_creds
    list -
    - + + always -
    The Credentials object returned by the AWS Security Token Service
    -
    -
    Sample:
    -
    {'access_key': 'ASXXXXXXXXXXXXXXXXXX', 'expiration': '2016-04-08T11:59:47+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    - +
    The Credentials object returned by the AWS Security Token Service
    +
    +
    Sample:
    +
    {'access_key': 'ASXXXXXXXXXXXXXXXXXX', 'expiration': '2016-04-08T11:59:47+00:00', 'secret_key': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'session_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'}
    + - +

    @@ -335,5 +351,3 @@ Authors ~~~~~~~ - Victor Costan (@pwnall) - - diff --git a/galaxy.yml b/galaxy.yml index b56d493151d..cf4fe742d7a 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: community name: aws -version: 1.0.0 +version: 1.1.0 readme: README.md authors: - Ansible (https://github.com/ansible) @@ -8,7 +8,7 @@ description: null license_file: COPYING tags: [community, aws, cloud, amazon] dependencies: - amazon.aws: '>=0.1.0' + amazon.aws: '>=1.1.0' repository: https://github.com/ansible-collections/community.aws documentation: https://github.com/ansible-collections/community.aws/tree/main/docs homepage: https://github.com/ansible-collections/community.aws diff --git a/meta/runtime.yml b/meta/runtime.yml index 09a846da2e1..ab0ae7a969e 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,3 +1,5 @@ +--- +requires_ansible: '>=2.9.10' action_groups: aws: - ec2 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 00000000000..5c4c76b86f0 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,3 @@ +boto>=2.49.0 +botocore>=1.12.249 +boto3>=1.9.249 diff --git a/tests/requirements.yml b/tests/requirements.yml index 8f7e0afd53c..5b38580e603 100644 --- a/tests/requirements.yml +++ b/tests/requirements.yml @@ -1,6 +1,7 @@ integration_tests_dependencies: +- amazon.aws >= 1.1.0 - ansible.windows - community.crypto - community.general unit_tests_dependencies: -- amazon.aws +- amazon.aws >= 1.1.0 From 2caf6a08498135e11adb71b1ad4c166aa0263141 Mon Sep 17 00:00:00 2001 From: flowerysong Date: Sat, 15 Aug 2020 07:02:41 -0400 Subject: [PATCH 064/129] ec2_instance: Fix spurious error message when we lose a race (#7) It is possible for all instances to stop matching the filters between the initial check for existing instances and the first call to find_instances() in change_instance_state(). If this happened, find_instances() would previously be called a second time with an empty list of instance IDs and no filters, which should not happen and immediately ends module execution with the error "No filters provided when they were required". --- plugins/modules/ec2_instance.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index bbaa092bd5c..595cac73157 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -1556,7 +1556,9 @@ def change_instance_state(filters, desired_state, ec2=None): await_instances(ids=list(changed) + list(unchanged), state=desired_state) change_failed = list(to_change - changed) - instances = find_instances(ec2, ids=list(i['InstanceId'] for i in instances)) + + if instances: + instances = find_instances(ec2, ids=list(i['InstanceId'] for i in instances)) return changed, change_failed, instances, failure_reason From ffe14f95186399dc080019554035021015765872 Mon Sep 17 00:00:00 2001 From: Vincent Vinet Date: Sat, 15 Aug 2020 09:11:59 -0400 Subject: [PATCH 065/129] =?UTF-8?q?Python=203=20compatibility=20error=20ha?= =?UTF-8?q?ndling:=20use=20to=5Fnative(e)=20instead=20of=20str(e)=20or=20e?= =?UTF-8?q?.me=E2=80=A6=20(#26)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Py3 compat error handling: use to_native(e) instead of str(e) or e.message * PR comment changes, use fail_json_aws and is_boto3_error_code --- plugins/modules/dynamodb_ttl.py | 7 ++-- plugins/modules/ec2_customer_gateway.py | 2 +- plugins/modules/ec2_instance_info.py | 2 +- plugins/modules/ec2_lc_info.py | 2 +- plugins/modules/ec2_vpc_endpoint.py | 38 +++++++++------------ plugins/modules/ec2_vpc_endpoint_info.py | 3 +- plugins/modules/ec2_vpc_nat_gateway.py | 18 ++++++---- plugins/modules/ec2_vpc_nat_gateway_info.py | 3 +- plugins/modules/ec2_vpc_peering_info.py | 5 +-- plugins/modules/ec2_vpc_route_table_info.py | 2 +- plugins/modules/ecs_taskdefinition.py | 2 +- plugins/modules/elasticache.py | 15 +++----- plugins/modules/elasticache_subnet_group.py | 3 +- plugins/modules/elb_application_lb_info.py | 21 ++++++------ plugins/modules/elb_classic_lb.py | 6 ++-- plugins/modules/elb_target_group_info.py | 19 ++++++----- plugins/modules/iam_mfa_device_info.py | 2 +- plugins/modules/rds.py | 19 ++++++----- plugins/modules/s3_logging.py | 9 ++--- plugins/modules/s3_website.py | 29 ++++++++-------- 20 files changed, 104 insertions(+), 103 deletions(-) diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index 52b5055db8b..ed2dc49fd4a 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -75,7 +75,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info @@ -157,11 +156,11 @@ def main(): result['current_status'] = current_state except botocore.exceptions.ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to get or update ttl state") except botocore.exceptions.ParamValidationError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed due to invalid parameters") except ValueError as e: - module.fail_json(msg=str(e)) + module.fail_json_aws(e, msg="Failed") module.exit_json(**result) diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index 5c10f4655e4..bcaf9aca2f3 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -133,7 +133,7 @@ def __init__(self, module): module.fail_json(msg="Region must be specified as a parameter, in EC2_REGION or AWS_REGION environment variables or in boto configuration file") self.ec2 = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) except ClientError as e: - module.fail_json(msg=e.message) + module.fail_json_aws(e, msg="Failed to get connection") @AWSRetry.jittered_backoff(delay=2, max_delay=30, retries=6, catch_extra_error_codes=['IncorrectState']) def ensure_cgw_absent(self, gw_id): diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index 707df983c1b..88a07d05f61 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -516,7 +516,7 @@ def list_ec2_instances(connection, module): reservations_paginator = connection.get_paginator('describe_instances') reservations = reservations_paginator.paginate(InstanceIds=instance_ids, Filters=filters).build_full_result() except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to list ec2 instances") # Get instances from reservations instances = [] diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 8ddc71083e9..1bed66e0f65 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -175,7 +175,7 @@ def list_launch_configs(connection, module): pg = connection.get_paginator('describe_launch_configurations') launch_configs = pg.paginate(LaunchConfigurationNames=launch_config_name).build_full_result() except ClientError as e: - module.fail_json(msg=e.message) + module.fail_json_aws(e, msg="Failed to list launch configs") snaked_launch_configs = [] for launch_config in launch_configs['LaunchConfigurations']: diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index e4e98fb4067..3eaf2850e6e 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -186,8 +186,10 @@ pass # Handled by AnsibleAWSModule from ansible.module_utils.six import string_types +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -289,19 +291,15 @@ def create_vpc_endpoint(client, module): status_achieved, result = wait_for_status(client, module, result['vpc_endpoint_id'], 'available') if not status_achieved: module.fail_json(msg='Error waiting for vpc endpoint to become available - please check the AWS console') - except botocore.exceptions.ClientError as e: - if "DryRunOperation" in e.message: - changed = True - result = 'Would have created VPC Endpoint if not in check mode' - elif "IdempotentParameterMismatch" in e.message: - module.fail_json(msg="IdempotentParameterMismatch - updates of endpoints are not allowed by the API") - elif "RouteAlreadyExists" in e.message: - module.fail_json(msg="RouteAlreadyExists for one of the route tables - update is not allowed by the API") - else: - module.fail_json(msg=str(e), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except is_boto3_error_code('DryRunOperation'): + changed = True + result = 'Would have created VPC Endpoint if not in check mode' + except is_boto3_error_code('IdempotentParameterMismatch'): # pylint: disable=duplicate-except + module.fail_json(msg="IdempotentParameterMismatch - updates of endpoints are not allowed by the API") + except is_boto3_error_code('RouteAlreadyExists'): # pylint: disable=duplicate-except + module.fail_json(msg="RouteAlreadyExists for one of the route tables - update is not allowed by the API") except Exception as e: - module.fail_json(msg=str(e), exception=traceback.format_exc(), + module.fail_json(msg=to_native(e), exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) return changed, result @@ -319,15 +317,13 @@ def setup_removal(client, module): result = client.delete_vpc_endpoints(**params)['Unsuccessful'] if not module.check_mode and (result != []): module.fail_json(msg=result) - except botocore.exceptions.ClientError as e: - if "DryRunOperation" in e.message: - changed = True - result = 'Would have deleted VPC Endpoint if not in check mode' - else: - module.fail_json(msg=str(e), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except is_boto3_error_code('DryRunOperation'): + changed = True + result = 'Would have deleted VPC Endpoint if not in check mode' + except botocore.exceptions.ClientError as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, "Failed to delete VPC endpoint") except Exception as e: - module.fail_json(msg=str(e), exception=traceback.format_exc(), + module.fail_json(msg=to_native(e), exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) return changed, result @@ -362,7 +358,7 @@ def main(): region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) except NameError as e: # Getting around the get_aws_connection_info boto reliance for region - if "global name 'boto' is not defined" in e.message: + if "global name 'boto' is not defined" in to_native(e): module.params['region'] = botocore.session.get_session().get_config_variable('region') if not module.params['region']: module.fail_json(msg="Error - no region provided") diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index a48b886a179..f2b6da3adfa 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -113,6 +113,7 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info @@ -156,7 +157,7 @@ def get_endpoints(client, module): try: results = json.loads(json.dumps(results, default=date_handler)) except Exception as e: - module.fail_json(msg=str(e.message)) + module.fail_json_aws(e, msg="Failed to get endpoints") return dict(vpc_endpoints=[camel_dict_to_snake_dict(result) for result in results]) diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 2216ffe2276..37dd9160084 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -204,7 +204,9 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -698,13 +700,15 @@ def create(client, subnet_id, allocation_id, client_token=None, 'NAT gateway {0} created'.format(result['nat_gateway_id']) ) - except botocore.exceptions.ClientError as e: - if "IdempotentParameterMismatch" in e.message: - err_msg = ( - 'NAT Gateway does not support update and token has already been provided: ' + str(e) - ) - else: - err_msg = str(e) + except is_boto3_error_code('IdempotentParameterMismatch'): + err_msg = ( + 'NAT Gateway does not support update and token has already been provided: ' + err_msg + ) + success = False + changed = False + result = None + except botocore.exceptions.ClientError as e: # pylint: disable=duplicate-except + err_msg = to_native(e) success = False changed = False result = None diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index 7f49c708857..9ebeb63fcbb 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -83,6 +83,7 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn @@ -105,7 +106,7 @@ def get_nat_gateways(client, module, nat_gateway_id=None): try: result = json.loads(json.dumps(client.describe_nat_gateways(**params), default=date_handler)) except Exception as e: - module.fail_json(msg=str(e.message)) + module.fail_json(msg=to_native(e)) for gateway in result['NatGateways']: # Turn the boto3 result into ansible_friendly_snaked_names diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index acd5aed83e1..423a04962da 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -74,6 +74,7 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn @@ -94,7 +95,7 @@ def get_vpc_peers(client, module): try: result = json.loads(json.dumps(client.describe_vpc_peering_connections(**params), default=date_handler)) except Exception as e: - module.fail_json(msg=str(e.message)) + module.fail_json(msg=to_native(e)) return result['VpcPeeringConnections'] @@ -114,7 +115,7 @@ def main(): region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) except NameError as e: # Getting around the get_aws_connection_info boto reliance for region - if "global name 'boto' is not defined" in e.message: + if "global name 'boto' is not defined" in to_native(e): module.params['region'] = botocore.session.get_session().get_config_variable('region') if not module.params['region']: module.fail_json(msg="Error - no region provided") diff --git a/plugins/modules/ec2_vpc_route_table_info.py b/plugins/modules/ec2_vpc_route_table_info.py index 1b8dc09c6c5..9ff9959c271 100644 --- a/plugins/modules/ec2_vpc_route_table_info.py +++ b/plugins/modules/ec2_vpc_route_table_info.py @@ -91,7 +91,7 @@ def list_ec2_vpc_route_tables(connection, module): try: all_route_tables = connection.get_all_route_tables(filters=filters) except BotoServerError as e: - module.fail_json(msg=e.message) + module.fail_json_aws(e, msg="Failed to get route tables") for route_table in all_route_tables: route_table_dict_array.append(get_route_table_info(route_table)) diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index 98831a850e8..b7afe864ee8 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -273,7 +273,7 @@ def register_task(self, family, task_role_arn, execution_role_arn, network_mode, try: response = self.ecs.register_task_definition(**params) except botocore.exceptions.ClientError as e: - self.module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + self.module.fail_json_aws(e, msg="Failed to register task") return response['taskDefinition'] diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index b74dce611e2..ab2a9f18fdb 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -227,8 +227,7 @@ def create(self): self.conn.create_cache_cluster(**kwargs) except botocore.exceptions.ClientError as e: - self.module.fail_json(msg=e.message, exception=format_exc(), - **camel_dict_to_snake_dict(e.response)) + self.module.fail_json_aws(e, msg="Failed to create cache cluster") self._refresh_data() @@ -255,8 +254,7 @@ def delete(self): try: response = self.conn.delete_cache_cluster(CacheClusterId=self.name) except botocore.exceptions.ClientError as e: - self.module.fail_json(msg=e.message, exception=format_exc(), - **camel_dict_to_snake_dict(e.response)) + self.module.fail_json_aws(e, msg="Failed to delete cache cluster") cache_cluster_data = response['CacheCluster'] self._refresh_data(cache_cluster_data) @@ -306,8 +304,7 @@ def modify(self): ApplyImmediately=True, EngineVersion=self.cache_engine_version) except botocore.exceptions.ClientError as e: - self.module.fail_json(msg=e.message, exception=format_exc(), - **camel_dict_to_snake_dict(e.response)) + self.module.fail_json_aws(e, msg="Failed to modify cache cluster") self._refresh_data() @@ -335,8 +332,7 @@ def reboot(self): self.conn.reboot_cache_cluster(CacheClusterId=self.name, CacheNodeIdsToReboot=cache_node_ids) except botocore.exceptions.ClientError as e: - self.module.fail_json(msg=e.message, exception=format_exc(), - **camel_dict_to_snake_dict(e.response)) + self.module.fail_json_aws(e, msg="Failed to reboot cache cluster") self._refresh_data() @@ -455,8 +451,7 @@ def _refresh_data(self, cache_cluster_data=None): self.status = 'gone' return else: - self.module.fail_json(msg=e.message, exception=format_exc(), - **camel_dict_to_snake_dict(e.response)) + self.module.fail_json_aws(e, msg="Failed to describe cache clusters") cache_cluster_data = response['CacheClusters'][0] self.data = cache_cluster_data self.status = self.data['CacheClusterStatus'] diff --git a/plugins/modules/elasticache_subnet_group.py b/plugins/modules/elasticache_subnet_group.py index 15cbd596843..ab25e294eeb 100644 --- a/plugins/modules/elasticache_subnet_group.py +++ b/plugins/modules/elasticache_subnet_group.py @@ -64,6 +64,7 @@ except ImportError: pass # Handled by HAS_BOTO +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info @@ -105,7 +106,7 @@ def main(): try: conn = connect_to_region(region_name=region, **aws_connect_kwargs) except boto.exception.NoAuthHandlerFound as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) try: changed = False diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index ef02d59e54f..1ed3d4c7cd2 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -170,7 +170,9 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -182,7 +184,7 @@ def get_elb_listeners(connection, module, elb_arn): try: return connection.describe_listeners(LoadBalancerArn=elb_arn)['Listeners'] except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to describe elb listeners") def get_listener_rules(connection, module, listener_arn): @@ -190,7 +192,7 @@ def get_listener_rules(connection, module, listener_arn): try: return connection.describe_rules(ListenerArn=listener_arn)['Rules'] except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to describe listener rules") def get_load_balancer_attributes(connection, module, load_balancer_arn): @@ -198,7 +200,7 @@ def get_load_balancer_attributes(connection, module, load_balancer_arn): try: load_balancer_attributes = boto3_tag_list_to_ansible_dict(connection.describe_load_balancer_attributes(LoadBalancerArn=load_balancer_arn)['Attributes']) except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to describe load balancer attributes") # Replace '.' with '_' in attribute key names to make it more Ansibley for k, v in list(load_balancer_attributes.items()): @@ -213,7 +215,7 @@ def get_load_balancer_tags(connection, module, load_balancer_arn): try: return boto3_tag_list_to_ansible_dict(connection.describe_tags(ResourceArns=[load_balancer_arn])['TagDescriptions'][0]['Tags']) except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to describe load balancer tags") def list_load_balancers(connection, module): @@ -229,13 +231,12 @@ def list_load_balancers(connection, module): load_balancers = load_balancer_paginator.paginate(LoadBalancerArns=load_balancer_arns).build_full_result() if names: load_balancers = load_balancer_paginator.paginate(Names=names).build_full_result() - except ClientError as e: - if e.response['Error']['Code'] == 'LoadBalancerNotFound': - module.exit_json(load_balancers=[]) - else: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except is_boto3_error_code('LoadBalancerNotFound'): + module.exit_json(load_balancers=[]) + except ClientError as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to list load balancers") except NoCredentialsError as e: - module.fail_json(msg="AWS authentication problem. " + e.message, exception=traceback.format_exc()) + module.fail_json(msg="AWS authentication problem. " + to_native(e), exception=traceback.format_exc()) for load_balancer in load_balancers['LoadBalancers']: # Get the attributes for each elb diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index 52aee159373..5d35fca3bc5 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -459,7 +459,7 @@ def __init__(self, module, name, listeners=None, purge_listeners=None, try: self.elb = self._get_elb() except boto.exception.BotoServerError as e: - module.fail_json(msg='unable to get all load balancers: %s' % e.message, exception=traceback.format_exc()) + module.fail_json(msg='unable to get all load balancers: %s' % to_native(e), exception=traceback.format_exc()) self.ec2_conn = self._get_ec2_connection() @@ -820,7 +820,7 @@ def _enable_zones(self, zones): try: self.elb.enable_zones(zones) except boto.exception.BotoServerError as e: - self.module.fail_json(msg='unable to enable zones: %s' % e.message, exception=traceback.format_exc()) + self.module.fail_json(msg='unable to enable zones: %s' % to_native(e), exception=traceback.format_exc()) self.changed = True @@ -828,7 +828,7 @@ def _disable_zones(self, zones): try: self.elb.disable_zones(zones) except boto.exception.BotoServerError as e: - self.module.fail_json(msg='unable to disable zones: %s' % e.message, exception=traceback.format_exc()) + self.module.fail_json(msg='unable to disable zones: %s' % to_native(e), exception=traceback.format_exc()) self.changed = True def _attach_subnets(self, subnets): diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 88f670f8e04..c444521d887 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -215,7 +215,9 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -227,7 +229,7 @@ def get_target_group_attributes(connection, module, target_group_arn): try: target_group_attributes = boto3_tag_list_to_ansible_dict(connection.describe_target_group_attributes(TargetGroupArn=target_group_arn)['Attributes']) except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to describe target group attributes") # Replace '.' with '_' in attribute key names to make it more Ansibley return dict((k.replace('.', '_'), v) @@ -239,7 +241,7 @@ def get_target_group_tags(connection, module, target_group_arn): try: return boto3_tag_list_to_ansible_dict(connection.describe_tags(ResourceArns=[target_group_arn])['TagDescriptions'][0]['Tags']) except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to describe group tags") def get_target_group_targets_health(connection, module, target_group_arn): @@ -247,7 +249,7 @@ def get_target_group_targets_health(connection, module, target_group_arn): try: return connection.describe_target_health(TargetGroupArn=target_group_arn)['TargetHealthDescriptions'] except ClientError as e: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to get target health") def list_target_groups(connection, module): @@ -267,13 +269,12 @@ def list_target_groups(connection, module): target_groups = target_group_paginator.paginate(TargetGroupArns=target_group_arns).build_full_result() if names: target_groups = target_group_paginator.paginate(Names=names).build_full_result() - except ClientError as e: - if e.response['Error']['Code'] == 'TargetGroupNotFound': - module.exit_json(target_groups=[]) - else: - module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except is_boto3_error_code('TargetGroupNotFound'): + module.exit_json(target_groups=[]) + except ClientError as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to list target groups") except NoCredentialsError as e: - module.fail_json(msg="AWS authentication problem. " + e.message, exception=traceback.format_exc()) + module.fail_json(msg="AWS authentication problem. " + to_native(e), exception=traceback.format_exc()) # Get the attributes and tags for each target group for target_group in target_groups['TargetGroups']: diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index 727242751a6..c107c39f67b 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -82,7 +82,7 @@ def list_mfa_devices(connection, module): try: response = connection.list_mfa_devices(**args) except ClientError as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to list MFA devices") module.exit_json(changed=changed, **camel_dict_to_snake_dict(response)) diff --git a/plugins/modules/rds.py b/plugins/modules/rds.py index 38e60662c05..1321186497a 100644 --- a/plugins/modules/rds.py +++ b/plugins/modules/rds.py @@ -532,6 +532,7 @@ except ImportError: HAS_RDS2 = False +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO @@ -983,7 +984,7 @@ def create_db_instance(module, conn): module.params.get('username'), module.params.get('password'), **params) changed = True except RDSException as e: - module.fail_json(msg="Failed to create instance: %s" % e.message) + module.fail_json(msg="Failed to create instance: %s" % to_native(e)) if module.params.get('wait'): resource = await_resource(conn, result, 'available', module) @@ -1010,7 +1011,7 @@ def replicate_db_instance(module, conn): result = conn.create_db_instance_read_replica(instance_name, source_instance, **params) changed = True except RDSException as e: - module.fail_json(msg="Failed to create replica instance: %s " % e.message) + module.fail_json(msg="Failed to create replica instance: %s " % to_native(e)) if module.params.get('wait'): resource = await_resource(conn, result, 'available', module) @@ -1049,7 +1050,7 @@ def delete_db_instance_or_snapshot(module, conn): else: result = conn.delete_db_snapshot(snapshot) except RDSException as e: - module.fail_json(msg="Failed to delete instance: %s" % e.message) + module.fail_json(msg="Failed to delete instance: %s" % to_native(e)) # If we're not waiting for a delete to complete then we're all done # so just return @@ -1062,7 +1063,7 @@ def delete_db_instance_or_snapshot(module, conn): if e.code == 'DBInstanceNotFound': module.exit_json(changed=True) else: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) except Exception as e: module.fail_json(msg=str(e)) @@ -1099,7 +1100,7 @@ def modify_db_instance(module, conn): try: result = conn.modify_db_instance(instance_name, **params) except RDSException as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) if params.get('apply_immediately'): if new_instance_name: # Wait until the new instance name is valid @@ -1137,7 +1138,7 @@ def promote_db_instance(module, conn): result = conn.promote_read_replica(instance_name, **params) changed = True except RDSException as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) else: changed = False @@ -1162,7 +1163,7 @@ def snapshot_db_instance(module, conn): result = conn.create_db_snapshot(snapshot, instance_name, **params) changed = True except RDSException as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) if module.params.get('wait'): resource = await_resource(conn, result, 'available', module) @@ -1187,7 +1188,7 @@ def reboot_db_instance(module, conn): result = conn.reboot_db_instance(instance_name, **params) changed = True except RDSException as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) if module.params.get('wait'): resource = await_resource(conn, result, 'available', module) @@ -1218,7 +1219,7 @@ def restore_db_instance(module, conn): result = conn.restore_db_instance_from_db_snapshot(instance_name, snapshot, instance_type, **params) changed = True except RDSException as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) if module.params.get('wait'): resource = await_resource(conn, result, 'available', module) diff --git a/plugins/modules/s3_logging.py b/plugins/modules/s3_logging.py index 7cc2f58d733..24f4004eec7 100644 --- a/plugins/modules/s3_logging.py +++ b/plugins/modules/s3_logging.py @@ -65,6 +65,7 @@ except ImportError: pass # Handled by HAS_BOTO +from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info @@ -90,7 +91,7 @@ def enable_bucket_logging(connection, module): try: bucket = connection.get_bucket(bucket_name) except S3ResponseError as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) try: if not compare_bucket_logging(bucket, target_bucket, target_prefix): @@ -101,14 +102,14 @@ def enable_bucket_logging(connection, module): if e.status == 301: module.fail_json(msg="the logging target bucket must be in the same region as the bucket being logged") else: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) target_bucket_obj.set_as_logging_target() bucket.enable_logging(target_bucket, target_prefix) changed = True except S3ResponseError as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) module.exit_json(changed=changed) @@ -124,7 +125,7 @@ def disable_bucket_logging(connection, module): bucket.disable_logging() changed = True except S3ResponseError as e: - module.fail_json(msg=e.message) + module.fail_json(msg=to_native(e)) module.exit_json(changed=changed) diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index a003331adaf..a281f60f37e 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -168,6 +168,7 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info @@ -221,22 +222,21 @@ def enable_or_update_bucket_as_website(client_connection, resource_connection, m try: bucket_website = resource_connection.BucketWebsite(bucket_name) except ClientError as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to get bucket") try: website_config = client_connection.get_bucket_website(Bucket=bucket_name) - except ClientError as e: - if e.response['Error']['Code'] == 'NoSuchWebsiteConfiguration': - website_config = None - else: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + except is_boto3_error_code('NoSuchWebsiteConfiguration'): + website_config = None + except ClientError as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to get website configuration") if website_config is None: try: bucket_website.put(WebsiteConfiguration=_create_website_configuration(suffix, error_key, redirect_all_requests)) changed = True except (ClientError, ParamValidationError) as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to set bucket website configuration") except ValueError as e: module.fail_json(msg=str(e)) else: @@ -249,13 +249,13 @@ def enable_or_update_bucket_as_website(client_connection, resource_connection, m bucket_website.put(WebsiteConfiguration=_create_website_configuration(suffix, error_key, redirect_all_requests)) changed = True except (ClientError, ParamValidationError) as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to update bucket website configuration") except KeyError as e: try: bucket_website.put(WebsiteConfiguration=_create_website_configuration(suffix, error_key, redirect_all_requests)) changed = True except (ClientError, ParamValidationError) as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json(e, msg="Failed to update bucket website configuration") except ValueError as e: module.fail_json(msg=str(e)) @@ -273,17 +273,16 @@ def disable_bucket_as_website(client_connection, module): try: client_connection.get_bucket_website(Bucket=bucket_name) - except ClientError as e: - if e.response['Error']['Code'] == 'NoSuchWebsiteConfiguration': - module.exit_json(changed=changed) - else: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + except is_boto3_error_code('NoSuchWebsiteConfiguration'): + module.exit_json(changed=changed) + except ClientError as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to get bucket website") try: client_connection.delete_bucket_website(Bucket=bucket_name) changed = True except ClientError as e: - module.fail_json(msg=e.message, **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to delete bucket website") module.exit_json(changed=changed) From 25b966155db19db910bd16520147e869ac811690 Mon Sep 17 00:00:00 2001 From: Rob White Date: Sun, 16 Aug 2020 00:04:56 +1000 Subject: [PATCH 066/129] Update documentation for security_groups parameter (#61) Clarified documentation surrounding using security_groups for any VPC other than Default. --- plugins/modules/ec2_launch_template.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index 2f7b529146e..4553a8e794d 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -307,7 +307,9 @@ type: list elements: str security_groups: - description: A list of security group names (VPC or EC2-Classic) that the new instances will be added to. + description: > + A list of security group names (Default VPC or EC2-Classic) that the new instances will be added to. + For any VPC other than Default, you must use I(security_group_ids). type: list elements: str tags: From 6423be537b2fde82734a899f8f748873df95e7eb Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 16 Aug 2020 09:41:00 -0400 Subject: [PATCH 067/129] Bugfix/ec2 instance mod sgs (#22) Fixes #54174 * Added SG handling for existing instances + some cleanup * tests(ec2_instance): Tests for SG modifications to existing instances * tests(ec2_instance): Test simultaneous state and SG changes * refactor(ec2_instance): Move security out of for loop * style(ec2_instance): Update fail message to reflect security groups * Add changelog Co-authored-by: Andrea Tartaglia Co-authored-by: Mark Chappell --- .../fragments/22-ec2_instance-mod-sgs.yml | 2 + plugins/modules/ec2_instance.py | 54 ++++++++++--- .../targets/ec2_instance/inventory | 1 + .../roles/ec2_instance/tasks/env_cleanup.yml | 11 +++ .../roles/ec2_instance/tasks/env_setup.yml | 16 ++++ .../ec2_instance/tasks/security_group.yml | 81 +++++++++++++++++++ 6 files changed, 154 insertions(+), 11 deletions(-) create mode 100644 changelogs/fragments/22-ec2_instance-mod-sgs.yml create mode 100644 tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/security_group.yml diff --git a/changelogs/fragments/22-ec2_instance-mod-sgs.yml b/changelogs/fragments/22-ec2_instance-mod-sgs.yml new file mode 100644 index 00000000000..c8145d6624c --- /dev/null +++ b/changelogs/fragments/22-ec2_instance-mod-sgs.yml @@ -0,0 +1,2 @@ +bugfixes: +- ec2_instance - fixes issue where security groups were not changed if the instance already existed. https://github.com/ansible-collections/community.aws/pull/22 diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index 595cac73157..ddedd379573 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -808,9 +808,9 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible.module_utils.six import text_type, string_types +from ansible.module_utils.six import string_types from ansible.module_utils.six.moves.urllib import parse as urlparse -from ansible.module_utils._text import to_bytes, to_native +from ansible.module_utils._text import to_native import ansible_collections.amazon.aws.plugins.module_utils.ec2 as ec2_utils from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, ansible_dict_to_boto3_filter_list, @@ -1337,15 +1337,47 @@ def value_wrapper(v): ] for mapping in param_mappings: - if params.get(mapping.param_key) is not None and mapping.instance_key not in skip: - value = AWSRetry.jittered_backoff()(ec2.describe_instance_attribute)(Attribute=mapping.attribute_name, InstanceId=id_) - if params.get(mapping.param_key) is not None and value[mapping.instance_key]['Value'] != params.get(mapping.param_key): - arguments = dict( - InstanceId=instance['InstanceId'], - # Attribute=mapping.attribute_name, - ) - arguments[mapping.instance_key] = mapping.add_value(params.get(mapping.param_key)) - changes_to_apply.append(arguments) + if params.get(mapping.param_key) is None: + continue + if mapping.instance_key in skip: + continue + + value = AWSRetry.jittered_backoff()(ec2.describe_instance_attribute)(Attribute=mapping.attribute_name, InstanceId=id_) + if value[mapping.instance_key]['Value'] != params.get(mapping.param_key): + arguments = dict( + InstanceId=instance['InstanceId'], + # Attribute=mapping.attribute_name, + ) + arguments[mapping.instance_key] = mapping.add_value(params.get(mapping.param_key)) + changes_to_apply.append(arguments) + + if params.get('security_group') or params.get('security_groups'): + value = AWSRetry.jittered_backoff()(ec2.describe_instance_attribute)(Attribute="groupSet", InstanceId=id_) + # managing security groups + if params.get('vpc_subnet_id'): + subnet_id = params.get('vpc_subnet_id') + else: + default_vpc = get_default_vpc(ec2) + if default_vpc is None: + module.fail_json( + msg="No default subnet could be found - you must include a VPC subnet ID (vpc_subnet_id parameter) to modify security groups.") + else: + sub = get_default_subnet(ec2, default_vpc) + subnet_id = sub['SubnetId'] + + groups = discover_security_groups( + group=params.get('security_group'), + groups=params.get('security_groups'), + subnet_id=subnet_id, + ec2=ec2 + ) + expected_groups = [g['GroupId'] for g in groups] + instance_groups = [g['GroupId'] for g in value['Groups']] + if set(instance_groups) != set(expected_groups): + changes_to_apply.append(dict( + Groups=expected_groups, + InstanceId=instance['InstanceId'] + )) if (params.get('network') or {}).get('source_dest_check') is not None: # network.source_dest_check is nested, so needs to be treated separately diff --git a/tests/integration/targets/ec2_instance/inventory b/tests/integration/targets/ec2_instance/inventory index 44b46ec88f7..09bae76beb1 100644 --- a/tests/integration/targets/ec2_instance/inventory +++ b/tests/integration/targets/ec2_instance/inventory @@ -11,6 +11,7 @@ iam_instance_role termination_protection tags_and_vpc_settings checkmode_tests +security_group [all:vars] ansible_connection=local diff --git a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml index 1b6c79e0d95..07c7f72bd8e 100644 --- a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml +++ b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_cleanup.yml @@ -33,6 +33,17 @@ ignore_errors: yes retries: 10 +- name: "remove the second security group" + ec2_group: + name: "{{ resource_prefix }}-sg-2" + description: a security group for ansible tests + vpc_id: "{{ testing_vpc.vpc.id }}" + state: absent + register: removed + until: removed is not failed + ignore_errors: yes + retries: 10 + - name: "remove routing rules" ec2_vpc_route_table: state: absent diff --git a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml index 6c76b7bf79f..7c99f807177 100644 --- a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml +++ b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/env_setup.yml @@ -77,3 +77,19 @@ to_port: 80 cidr_ip: 0.0.0.0/0 register: sg + + - name: "create secondary security group with the vpc" + ec2_group: + name: "{{ resource_prefix }}-sg-2" + description: a secondary security group for ansible tests + vpc_id: "{{ testing_vpc.vpc.id }}" + rules: + - proto: tcp + from_port: 22 + to_port: 22 + cidr_ip: 0.0.0.0/0 + - proto: tcp + from_port: 80 + to_port: 80 + cidr_ip: 0.0.0.0/0 + register: sg2 diff --git a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/security_group.yml b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/security_group.yml new file mode 100644 index 00000000000..c0e52a5f386 --- /dev/null +++ b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/security_group.yml @@ -0,0 +1,81 @@ +- block: + - name: "New instance with 2 security groups" + ec2_instance: + name: "{{ resource_prefix }}-test-security-groups" + image_id: "{{ ec2_ami_image }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ resource_prefix }}" + instance_type: t2.micro + wait: false + security_groups: + - "{{ sg.group_id }}" + - "{{ sg2.group_id }}" + register: security_groups_test + + - name: "Recreate same instance with 2 security groups ( Idempotency )" + ec2_instance: + name: "{{ resource_prefix }}-test-security-groups" + image_id: "{{ ec2_ami_image }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ resource_prefix }}" + instance_type: t2.micro + wait: false + security_groups: + - "{{ sg.group_id }}" + - "{{ sg2.group_id }}" + register: security_groups_test_idempotency + + - name: "Gather ec2 facts to check SGs have been added" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-security-groups" + "instance-state-name": "running" + register: dual_sg_instance_facts + until: dual_sg_instance_facts.instances | length > 0 + retries: 10 + + - name: "Remove secondary security group from instance" + ec2_instance: + name: "{{ resource_prefix }}-test-security-groups" + image_id: "{{ ec2_ami_image }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ resource_prefix }}" + instance_type: t2.micro + security_groups: + - "{{ sg.group_id }}" + register: remove_secondary_security_group + + - name: "Gather ec2 facts to check seconday SG has been removed" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-security-groups" + "instance-state-name": "running" + register: single_sg_instance_facts + until: single_sg_instance_facts.instances | length > 0 + retries: 10 + + - name: "Add secondary security group to instance" + ec2_instance: + name: "{{ resource_prefix }}-test-security-groups" + image_id: "{{ ec2_ami_image }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ resource_prefix }}" + instance_type: t2.micro + security_groups: + - "{{ sg.group_id }}" + - "{{ sg2.group_id }}" + register: add_secondary_security_group + + - assert: + that: + - security_groups_test is not failed + - security_groups_test is changed + - security_groups_test_idempotency is not changed + - remove_secondary_security_group is changed + - single_sg_instance_facts.instances.0.security_groups | length == 1 + - dual_sg_instance_facts.instances.0.security_groups | length == 2 + - add_secondary_security_group is changed From afc1296a4c34a32f87bcb2cf3ae3314f46caaedc Mon Sep 17 00:00:00 2001 From: ichekaldin <39010411+ichekaldin@users.noreply.github.com> Date: Wed, 19 Aug 2020 13:37:52 -0400 Subject: [PATCH 068/129] Correctly handle a situation when a repository has no description (#195) * Correctly handle a situation when a repository has no description If a repository was created without a description, API call response will not include 'repositoryDescription' attribute: ``` $ aws codecommit get-repository --repository-name test { "repositoryMetadata": { "accountId": "123412341234", "repositoryId": "abcd1234-abcd-abcd-1234-abcd1234abc", "repositoryName": "test", "defaultBranch": "master", "lastModifiedDate": 1597770987.868, "creationDate": 1579544888.152, "cloneUrlHttp": "https://git-codecommit.us-east-1.amazonaws.com/v1/repos/test", "cloneUrlSsh": "ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/test", "Arn": "arn:aws:codecommit:us-east-1:123412341234:test" } } ``` As a result, module execution fails with the following stacktrace: ``` Traceback (most recent call last): File \"/root/.ansible/tmp/ansible-tmp-1597769457.193254-7427-16306174619296/AnsiballZ_aws_codecommit.py\", line 102, in _ansiballz_main() File \"/root/.ansible/tmp/ansible-tmp-1597769457.193254-7427-16306174619296/AnsiballZ_aws_codecommit.py\", line 94, in _ansiballz_main invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS) File \"/root/.ansible/tmp/ansible-tmp-1597769457.193254-7427-16306174619296/AnsiballZ_aws_codecommit.py\", line 40, in invoke_module runpy.run_module(mod_name='ansible_collections.community.aws.plugins.modules.aws_codecommit', init_globals=None, run_name='__main__', alter_sys=True) File \"/root/.pyenv/versions/3.8.1/lib/python3.8/runpy.py\", line 206, in run_module return _run_module_code(code, init_globals, run_name, mod_spec) File \"/root/.pyenv/versions/3.8.1/lib/python3.8/runpy.py\", line 96, in _run_module_code _run_code(code, mod_globals, init_globals, File \"/root/.pyenv/versions/3.8.1/lib/python3.8/runpy.py\", line 86, in _run_code exec(code, run_globals) File \"/tmp/ansible_community.aws.aws_codecommit_payload_0zfnkbv7/ansible_community.aws.aws_codecommit_payload.zip/ansible_collections/community/aws/plugins/modules/aws_codecommit.py\", line 245, in File \"/tmp/ansible_community.aws.aws_codecommit_payload_0zfnkbv7/ansible_community.aws.aws_codecommit_payload.zip/ansible_collections/community/aws/plugins/modules/aws_codecommit.py\", line 240, in main File \"/tmp/ansible_community.aws.aws_codecommit_payload_0zfnkbv7/ansible_community.aws.aws_codecommit_payload.zip/ansible_collections/community/aws/plugins/modules/aws_codecommit.py\", line 165, in process KeyError: 'repositoryDescription' ``` * Add integration tests Additional tests do the following: - Create a new repository with no description - Update a repository with no description - Delete a repository * Add change log fragment Co-authored-by: Ivan Chekaldin --- .../195-aws_codecommit-empty-description.yaml | 2 ++ plugins/modules/aws_codecommit.py | 2 ++ .../targets/aws_codecommit/tasks/main.yml | 29 +++++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 changelogs/fragments/195-aws_codecommit-empty-description.yaml diff --git a/changelogs/fragments/195-aws_codecommit-empty-description.yaml b/changelogs/fragments/195-aws_codecommit-empty-description.yaml new file mode 100644 index 00000000000..2ab88e6bc7a --- /dev/null +++ b/changelogs/fragments/195-aws_codecommit-empty-description.yaml @@ -0,0 +1,2 @@ +bugfixes: +- aws_codecommit - fixes issue where module execution would fail if an existing repository has empty description (https://github.com/ansible-collections/community.aws/pull/195) diff --git a/plugins/modules/aws_codecommit.py b/plugins/modules/aws_codecommit.py index 5fe907cc37d..18fc10a2d69 100644 --- a/plugins/modules/aws_codecommit.py +++ b/plugins/modules/aws_codecommit.py @@ -162,6 +162,8 @@ def process(self): result['changed'] = True else: metadata = self._get_repository()['repositoryMetadata'] + if not metadata.get('repositoryDescription'): + metadata['repositoryDescription'] = '' if metadata['repositoryDescription'] != self._module.params['description']: if not self._check_mode: self._update_repository() diff --git a/tests/integration/targets/aws_codecommit/tasks/main.yml b/tests/integration/targets/aws_codecommit/tasks/main.yml index 29b9f6b27e5..acf194e1ef1 100644 --- a/tests/integration/targets/aws_codecommit/tasks/main.yml +++ b/tests/integration/targets/aws_codecommit/tasks/main.yml @@ -96,6 +96,35 @@ that: - output is not changed + - name: Create a repository without description + aws_codecommit: + name: "{{ resource_prefix }}_repo" + state: present + register: output + - assert: + that: + - output is changed + - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo' + + - name: No-op update to repository without description + aws_codecommit: + name: "{{ resource_prefix }}_repo" + state: present + register: output + - assert: + that: + - output is not changed + - output.repository_metadata.repository_name == '{{ resource_prefix }}_repo' + + - name: Delete a repository without description + aws_codecommit: + name: "{{ resource_prefix }}_repo" + state: absent + register: output + - assert: + that: + - output is changed + always: ###### TEARDOWN STARTS HERE ###### - name: Delete a repository From 2d16b541b5c47f1b0d67ba6206e2671ec7fcfc61 Mon Sep 17 00:00:00 2001 From: ichekaldin <39010411+ichekaldin@users.noreply.github.com> Date: Mon, 24 Aug 2020 14:28:42 -0400 Subject: [PATCH 069/129] aws_kms_info - Gracefully Handle Keys That Don't Allow kms:GetKeyRotationStatus API Calls (#199) * Gracefully handle keys that don't allow kms:GetKeyRotationStatus API calls Some AWS KMS keys (e.g. aws/acm) do not allow permissions to call the API kms:GetKeyRotationStatus. As a result, module execution fails, even if the user execuing it has full admin privileges. Example: https://forums.aws.amazon.com/thread.jspa?threadID=312992 * change log fragment * Return None if key rotation status can't be determined Update documentation to reflect this use case. Use helper to track the exception. * Add integration tests --- .../199-aws_kms_info-key-rotation-status.yaml | 5 ++ plugins/modules/aws_kms_info.py | 9 ++- .../targets/aws_kms/tasks/main.yml | 16 ++++ .../console-policy-no-key-rotation.j2 | 81 +++++++++++++++++++ 4 files changed, 109 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml create mode 100644 tests/integration/targets/aws_kms/templates/console-policy-no-key-rotation.j2 diff --git a/changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml b/changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml new file mode 100644 index 00000000000..be3f33c23d8 --- /dev/null +++ b/changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml @@ -0,0 +1,5 @@ +bugfixes: +- aws_kms_info - fixes issue where module execution fails because certain AWS KMS keys (e.g. aws/acm) + do not permit the calling the API kms:GetKeyRotationStatus + (example - https://forums.aws.amazon.com/thread.jspa?threadID=312992) + (https://github.com/ansible-collections/community.aws/pull/199) diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index eced250e158..d0c741eea0a 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -105,7 +105,7 @@ returned: always sample: false enable_key_rotation: - description: Whether the automatically key rotation every year is enabled. + description: Whether the automatically key rotation every year is enabled. Returns None if key rotation status can't be determined. type: bool returned: always sample: false @@ -223,6 +223,7 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry @@ -290,7 +291,11 @@ def get_key_policy_with_backoff(connection, key_id, policy_name): @AWSRetry.backoff(tries=5, delay=5, backoff=2.0) def get_enable_key_rotation_with_backoff(connection, key_id): - current_rotation_status = connection.get_key_rotation_status(KeyId=key_id) + try: + current_rotation_status = connection.get_key_rotation_status(KeyId=key_id) + except is_boto3_error_code('AccessDeniedException') as e: + return None + return current_rotation_status.get('KeyRotationEnabled') diff --git a/tests/integration/targets/aws_kms/tasks/main.yml b/tests/integration/targets/aws_kms/tasks/main.yml index 14ecde0a954..a27475c58f0 100644 --- a/tests/integration/targets/aws_kms/tasks/main.yml +++ b/tests/integration/targets/aws_kms/tasks/main.yml @@ -344,6 +344,22 @@ - update_key.key_state == "Disabled" - update_key.changed + - name: update policy to remove access to key rotation status + aws_kms: + alias: "alias/{{ resource_prefix }}-kms" + policy: "{{ lookup('template', 'console-policy-no-key-rotation.j2') | to_json }}" + + - name: find facts about the key without key rotation status + aws_kms_info: + filters: + alias: "{{ resource_prefix }}-kms" + register: update_key + + - name: assert that key rotation status is set to None + assert: + that: + - update_key.enable_key_rotation is undefined + - name: delete the key aws_kms: alias: "{{ resource_prefix }}-kms" diff --git a/tests/integration/targets/aws_kms/templates/console-policy-no-key-rotation.j2 b/tests/integration/targets/aws_kms/templates/console-policy-no-key-rotation.j2 new file mode 100644 index 00000000000..0e019d20295 --- /dev/null +++ b/tests/integration/targets/aws_kms/templates/console-policy-no-key-rotation.j2 @@ -0,0 +1,81 @@ +{ + "Id": "key-consolepolicy-3", + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "Enable IAM User Permissions", + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::{{ aws_caller_info.account }}:root" + }, + "Action": "kms:*", + "Resource": "*" + }, + { + "Sid": "Allow access for Key Administrators", + "Effect": "Allow", + "Principal": { + "AWS": "{{ aws_caller_info.arn }}" + }, + "Action": [ + "kms:Create*", + "kms:Describe*", + "kms:Enable*", + "kms:List*", + "kms:Put*", + "kms:Update*", + "kms:Revoke*", + "kms:Disable*", + "kms:Get*", + "kms:Delete*", + "kms:TagResource", + "kms:UntagResource", + "kms:ScheduleKeyDeletion", + "kms:CancelKeyDeletion" + ], + "Resource": "*" + }, + { + "Sid": "Allow use of the key", + "Effect": "Allow", + "Principal": { + "AWS": "{{ aws_caller_info.arn }}" + }, + "Action": [ + "kms:Encrypt", + "kms:Decrypt", + "kms:ReEncrypt*", + "kms:GenerateDataKey*", + "kms:DescribeKey" + ], + "Resource": "*" + }, + { + "Sid": "Allow attachment of persistent resources", + "Effect": "Allow", + "Principal": { + "AWS": "{{ aws_caller_info.arn }}" + }, + "Action": [ + "kms:CreateGrant", + "kms:ListGrants", + "kms:RevokeGrant" + ], + "Resource": "*", + "Condition": { + "Bool": { + "kms:GrantIsForAWSResource": "true" + } + } + }, + { + "Sid": "Disable access to key rotation status", + "Effect": "Deny", + "Principal": { + "AWS": "{{ aws_caller_info.arn }}" + }, + "Action": "kms:GetKeyRotationStatus", + "Resource": "*" + } + ] +} From f5eb2c77f20f159be73e2d595fc70d9f9c1cef36 Mon Sep 17 00:00:00 2001 From: Matt Clay Date: Tue, 25 Aug 2020 23:13:21 -0700 Subject: [PATCH 070/129] Fix false positive no_log warning in iam module. (#202) --- changelogs/fragments/iam_no_log.yml | 2 ++ plugins/modules/iam.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/iam_no_log.yml diff --git a/changelogs/fragments/iam_no_log.yml b/changelogs/fragments/iam_no_log.yml new file mode 100644 index 00000000000..12aaf5b186b --- /dev/null +++ b/changelogs/fragments/iam_no_log.yml @@ -0,0 +1,2 @@ +bugfixes: + - iam - Fix false positive warning regarding use of ``no_log`` on ``update_password`` diff --git a/plugins/modules/iam.py b/plugins/modules/iam.py index eee782c1b1f..823bfb89925 100644 --- a/plugins/modules/iam.py +++ b/plugins/modules/iam.py @@ -622,7 +622,8 @@ def main(): groups=dict(type='list', default=None, required=False, elements='str'), state=dict(required=True, choices=['present', 'absent', 'update']), password=dict(default=None, required=False, no_log=True), - update_password=dict(default='always', required=False, choices=['always', 'on_create']), + # setting no_log=False on update_password avoids a false positive warning about not setting no_log + update_password=dict(default='always', required=False, choices=['always', 'on_create'], no_log=False), access_key_state=dict(default=None, required=False, choices=[ 'active', 'inactive', 'create', 'remove', 'Active', 'Inactive', 'Create', 'Remove']), From 6bdf00d2198927bdaa119ae76ddd379a8b6eeb3d Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 26 Aug 2020 11:35:32 +0200 Subject: [PATCH 071/129] Cleanup: Bulk Migration from boto3_conn to module.client() (#188) * Migrate from boto3_conn to module.client * Simplify error handling when creating connections * Simplify Region handling * Remove unused imports * Changelog --- changelogs/fragments/188-boto3_conn.yml | 2 ++ plugins/modules/aws_direct_connect_gateway.py | 8 +++---- ...s_direct_connect_link_aggregation_group.py | 13 ++++------ plugins/modules/aws_kms_info.py | 12 ++++------ plugins/modules/aws_s3_bucket_info.py | 9 ++++--- plugins/modules/cloudfront_info.py | 16 +++---------- plugins/modules/cloudwatchlogs_log_group.py | 8 +++---- .../modules/cloudwatchlogs_log_group_info.py | 8 +++---- plugins/modules/data_pipeline.py | 14 ++++------- plugins/modules/dynamodb_table.py | 10 ++++---- plugins/modules/dynamodb_ttl.py | 9 +++---- plugins/modules/ec2_customer_gateway.py | 12 ++++------ plugins/modules/ec2_instance_info.py | 13 ++++------ plugins/modules/ec2_lc.py | 18 ++++++-------- plugins/modules/ec2_lc_find.py | 13 ++++++---- plugins/modules/ec2_lc_info.py | 13 ++++------ plugins/modules/ec2_snapshot_copy.py | 10 ++++---- plugins/modules/ec2_vpc_endpoint.py | 24 +++---------------- plugins/modules/ec2_vpc_endpoint_info.py | 12 +++------- plugins/modules/ec2_vpc_igw_info.py | 9 +++---- plugins/modules/ec2_vpc_nat_gateway.py | 16 +++---------- plugins/modules/ec2_vpc_nat_gateway_info.py | 12 +++------- plugins/modules/ec2_vpc_peer.py | 11 ++++----- plugins/modules/ec2_vpc_peering_info.py | 20 +++------------- plugins/modules/ec2_vpc_vgw.py | 9 +++---- plugins/modules/ec2_vpc_vgw_info.py | 9 +++---- plugins/modules/ecs_attribute.py | 14 ++++------- plugins/modules/ecs_cluster.py | 12 ++++------ plugins/modules/elasticache.py | 11 ++++----- .../modules/elasticache_parameter_group.py | 14 ++++------- plugins/modules/elasticache_snapshot.py | 14 ++++------- plugins/modules/elb_application_lb_info.py | 13 ++++------ plugins/modules/elb_target.py | 9 +++---- plugins/modules/elb_target_group_info.py | 13 ++++------ plugins/modules/execute_lambda.py | 15 +++--------- plugins/modules/iam_managed_policy.py | 11 +++------ plugins/modules/iam_mfa_device_info.py | 12 ++++------ .../modules/iam_server_certificate_info.py | 10 ++++---- plugins/modules/kinesis_stream.py | 19 +++------------ plugins/modules/rds_param_group.py | 14 +++-------- plugins/modules/route53_info.py | 8 +++---- plugins/modules/s3_sync.py | 10 ++++---- plugins/modules/s3_website.py | 15 +++++------- plugins/modules/sts_session_token.py | 12 ++++------ 44 files changed, 180 insertions(+), 356 deletions(-) create mode 100644 changelogs/fragments/188-boto3_conn.yml diff --git a/changelogs/fragments/188-boto3_conn.yml b/changelogs/fragments/188-boto3_conn.yml new file mode 100644 index 00000000000..6572d78a728 --- /dev/null +++ b/changelogs/fragments/188-boto3_conn.yml @@ -0,0 +1,2 @@ +minor_changes: +- Migrate the remaning boto3 based modules to the module based helpers for creating AWS connections. diff --git a/plugins/modules/aws_direct_connect_gateway.py b/plugins/modules/aws_direct_connect_gateway.py index 2e0c3a0fa81..b34d6c52a15 100644 --- a/plugins/modules/aws_direct_connect_gateway.py +++ b/plugins/modules/aws_direct_connect_gateway.py @@ -108,8 +108,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn def dx_gateway_info(client, gateway_id, module): @@ -353,8 +351,10 @@ def main(): state = module.params.get('state') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - client = boto3_conn(module, conn_type='client', resource='directconnect', region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + client = module.client('directconnect') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') if state == 'present': (changed, results) = ensure_present(client, module) diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index aef1576c528..fec3f3dfc99 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -171,9 +171,7 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import delete_connection @@ -424,13 +422,10 @@ def main(): required_if=[('state', 'present', ('location', 'bandwidth'))], ) - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg="Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set.") - - connection = boto3_conn(module, conn_type='client', - resource='directconnect', region=region, - endpoint=ec2_url, **aws_connect_kwargs) + try: + connection = module.client('directconnect') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') state = module.params.get('state') response = {} diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index d0c741eea0a..160ca5e13c7 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -224,8 +224,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict @@ -416,12 +414,10 @@ def main(): if module._name == 'aws_kms_facts': module.deprecate("The 'aws_kms_facts' module has been renamed to 'aws_kms_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - - if region: - connection = boto3_conn(module, conn_type='client', resource='kms', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('kms') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') all_keys = get_kms_info(connection, module) module.exit_json(keys=[key for key in all_keys if key_matches_filters(key, module.params['filters'])]) diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index ca47bf42db0..cd8b81f36c9 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -59,9 +59,7 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_bucket_list(module, connection): @@ -96,9 +94,10 @@ def main(): "and the renamed one no longer returns ansible_facts", date='2021-12-01', collection_name='community.aws') # Set up connection - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - connection = boto3_conn(module, conn_type='client', resource='s3', region=region, endpoint=ec2_url, - **aws_connect_params) + try: + connection = module.client('s3') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') # Gather results result['buckets'] = get_bucket_list(module, connection) diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index f395ee801dc..293cd2f0aa6 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -271,8 +271,6 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -284,17 +282,9 @@ def __init__(self, module): self.module = module try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - self.client = boto3_conn(module, conn_type='client', - resource='cloudfront', region=region, - endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoRegionError: - self.module.fail_json(msg="Region must be specified as a parameter, in AWS_DEFAULT_REGION " - "environment variable or in boto configuration file") - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Can't establish connection - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + self.client = module.client('cloudfront') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') def get_distribution(self, distribution_id): try: diff --git a/plugins/modules/cloudwatchlogs_log_group.py b/plugins/modules/cloudwatchlogs_log_group.py index 93138c13773..e8890988509 100644 --- a/plugins/modules/cloudwatchlogs_log_group.py +++ b/plugins/modules/cloudwatchlogs_log_group.py @@ -139,8 +139,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def create_log_group(client, log_group_name, kms_key_id, tags, retention, module): @@ -250,8 +248,10 @@ def main(): mutually_exclusive = [['retention', 'purge_retention_policy'], ['purge_retention_policy', 'overwrite']] module = AnsibleAWSModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive) - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - logs = boto3_conn(module, conn_type='client', resource='logs', region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + logs = module.client('logs') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') state = module.params.get('state') changed = False diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index 98fe63195b7..153aac7baf0 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -82,8 +82,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def describe_log_group(client, log_group_name, module): @@ -112,8 +110,10 @@ def main(): module.deprecate("The 'cloudwatchlogs_log_group_facts' module has been renamed to 'cloudwatchlogs_log_group_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - logs = boto3_conn(module, conn_type='client', resource='logs', region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + logs = module.client('logs') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') desc_log_group = describe_log_group(client=logs, log_group_name=module.params['log_group_name'], diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index 34cf4df343c..2e49dcc6aaa 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -204,6 +204,7 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule @@ -211,8 +212,6 @@ from ansible.module_utils._text import to_text from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -618,14 +617,9 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=False) try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg="Region must be specified as a parameter, in EC2_REGION or AWS_REGION environment variables or in boto configuration file") - client = boto3_conn(module, conn_type='client', - resource='datapipeline', region=region, - endpoint=ec2_url, **aws_connect_kwargs) - except ClientError as e: - module.fail_json(msg="Can't authorize connection - " + str(e)) + client = module.client('datapipeline') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') state = module.params.get('state') if state == 'present': diff --git a/plugins/modules/dynamodb_table.py b/plugins/modules/dynamodb_table.py index 47b8bc9f678..35d9cd4d64a 100644 --- a/plugins/modules/dynamodb_table.py +++ b/plugins/modules/dynamodb_table.py @@ -195,7 +195,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info @@ -492,13 +491,12 @@ def main(): if module.params.get('tags'): try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - boto3_dynamodb = boto3_conn(module, conn_type='client', resource='dynamodb', region=region, endpoint=ec2_url, **aws_connect_kwargs) + boto3_dynamodb = module.client('dynamodb') if not hasattr(boto3_dynamodb, 'tag_resource'): module.fail_json(msg='boto3 connection does not have tag_resource(), likely due to using an old version') - boto3_sts = boto3_conn(module, conn_type='client', resource='sts', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg='cannot connect to AWS', exception=traceback.format_exc()) + boto3_sts = module.client('sts') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') else: boto3_dynamodb = None boto3_sts = None diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index ed2dc49fd4a..b23c0ab076e 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -74,8 +74,6 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_current_ttl_state(c, table_name): @@ -133,10 +131,9 @@ def main(): module.fail_json(msg='Found botocore in version {0}, but >= {1} is required for TTL support'.format(botocore.__version__, '1.5.24')) try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - dbclient = boto3_conn(module, conn_type='client', resource='dynamodb', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg=str(e)) + dbclient = module.client('dynamodb') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') result = {'changed': False} state = module.params['state'] diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index bcaf9aca2f3..1e9fc1ded47 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -112,14 +112,13 @@ try: from botocore.exceptions import ClientError import boto3 + import botocore except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class Ec2CustomerGatewayManager: @@ -128,12 +127,9 @@ def __init__(self, module): self.module = module try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg="Region must be specified as a parameter, in EC2_REGION or AWS_REGION environment variables or in boto configuration file") - self.ec2 = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except ClientError as e: - module.fail_json_aws(e, msg="Failed to get connection") + self.ec2 = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') @AWSRetry.jittered_backoff(delay=2, max_delay=30, retries=6, catch_extra_error_codes=['IncorrectState']) def ensure_cgw_absent(self, gw_id): diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index 88a07d05f61..1c4c1f0df33 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -495,16 +495,15 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_ec2_instances(connection, module): @@ -550,12 +549,10 @@ def main(): if module._name == 'ec2_instance_facts': module.deprecate("The 'ec2_instance_facts' module has been renamed to 'ec2_instance_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - - if region: - connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') list_ec2_instances(connection, module) diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index 59d2ec4cd7e..7555cf68a0c 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -458,11 +458,8 @@ from ansible.module_utils._text import to_text from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ec2_connect from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_ec2_security_group_ids_from_names -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict @@ -516,11 +513,13 @@ def create_launch_config(connection, module): name = module.params.get('name') vpc_id = module.params.get('vpc_id') try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - ec2_connection = boto3_conn(module, 'client', 'ec2', region, ec2_url, **aws_connect_kwargs) + ec2_connection = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') + try: security_groups = get_ec2_security_group_ids_from_names(module.params.get('security_groups'), ec2_connection, vpc_id=vpc_id, boto3=True) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to get Security Group IDs", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to get Security Group IDs') except ValueError as e: module.fail_json(msg="Failed to get Security Group IDs", exception=traceback.format_exc()) user_data = module.params.get('user_data') @@ -680,10 +679,7 @@ def main(): ) try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - connection = boto3_conn(module, conn_type='client', resource='autoscaling', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoRegionError: - module.fail_json(msg=("region must be specified as a parameter in AWS_DEFAULT_REGION environment variable or in boto configuration file")) + connection = module.client('autoscaling') except botocore.exceptions.ClientError as e: module.fail_json(msg="unable to establish connection - " + str(e), exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) diff --git a/plugins/modules/ec2_lc_find.py b/plugins/modules/ec2_lc_find.py index e2a31cef47c..1db33a20036 100644 --- a/plugins/modules/ec2_lc_find.py +++ b/plugins/modules/ec2_lc_find.py @@ -137,9 +137,12 @@ ''' import re +try: + import botocore +except ImportError: + pass # Handled by AnsibleAWSModule + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def find_launch_configs(client, module): @@ -202,9 +205,11 @@ def main(): argument_spec=argument_spec, ) - region, ec2_url, aws_connect_params = get_aws_connection_info(module, True) + try: + client = module.client('autoscaling') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') - client = boto3_conn(module=module, conn_type='client', resource='autoscaling', region=region, **aws_connect_params) find_launch_configs(client, module) diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 1bed66e0f65..1d680c37bc9 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -153,14 +153,13 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_launch_configs(connection, module): @@ -213,12 +212,10 @@ def main(): if module._name == 'ec2_lc_facts': module.deprecate("The 'ec2_lc_facts' module has been renamed to 'ec2_lc_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - - if region: - connection = boto3_conn(module, conn_type='client', resource='autoscaling', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('autoscaling') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') list_launch_configs(connection, module) diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 25101cbac17..85f44d60000 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -113,6 +113,7 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError, WaiterError except ImportError: pass # Handled by AnsibleAWSModule @@ -120,8 +121,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -184,9 +183,10 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec) - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - client = boto3_conn(module, conn_type='client', resource='ec2', - region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + client = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') copy_snapshot(module, client) diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 3eaf2850e6e..771ea52ba75 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -190,8 +190,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -355,25 +353,9 @@ def main(): state = module.params.get('state') try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - except NameError as e: - # Getting around the get_aws_connection_info boto reliance for region - if "global name 'boto' is not defined" in to_native(e): - module.params['region'] = botocore.session.get_session().get_config_variable('region') - if not module.params['region']: - module.fail_json(msg="Error - no region provided") - else: - module.fail_json(msg="Can't retrieve connection information - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - - try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - ec2 = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg="Failed to connect to AWS due to wrong or missing credentials: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + ec2 = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') # Ensure resource is present if state == 'present': diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index f2b6da3adfa..e72b487db3d 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -115,8 +115,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry @@ -174,13 +172,9 @@ def main(): # Validate Requirements try: - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - if region: - connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg=str(e)) + connection = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') invocations = { 'services': get_supported_services, diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index 9cca904fa7e..4719d495fd8 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -94,8 +94,6 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list @@ -136,10 +134,9 @@ def main(): # Validate Requirements try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg="Can't authorize connection - " + str(e)) + connection = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') # call your function here results = list_internet_gateways(connection, module) diff --git a/plugins/modules/ec2_vpc_nat_gateway.py b/plugins/modules/ec2_vpc_nat_gateway.py index 37dd9160084..9072a8e32b6 100644 --- a/plugins/modules/ec2_vpc_nat_gateway.py +++ b/plugins/modules/ec2_vpc_nat_gateway.py @@ -207,8 +207,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -969,17 +967,9 @@ def main(): if_exist_do_not_create = module.params.get('if_exist_do_not_create') try: - region, ec2_url, aws_connect_kwargs = ( - get_aws_connection_info(module, boto3=True) - ) - client = ( - boto3_conn( - module, conn_type='client', resource='ec2', - region=region, endpoint=ec2_url, **aws_connect_kwargs - ) - ) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Boto3 Client Error - " + str(e.msg)) + client = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') changed = False err_msg = '' diff --git a/plugins/modules/ec2_vpc_nat_gateway_info.py b/plugins/modules/ec2_vpc_nat_gateway_info.py index 9ebeb63fcbb..97816c72362 100644 --- a/plugins/modules/ec2_vpc_nat_gateway_info.py +++ b/plugins/modules/ec2_vpc_nat_gateway_info.py @@ -85,8 +85,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict @@ -133,13 +131,9 @@ def main(): date='2021-12-01', collection_name='community.aws') try: - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - if region: - connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg=str(e)) + connection = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') results = get_nat_gateways(connection, module) diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 9b74a5f2c3f..31f6ea203a7 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -225,8 +225,6 @@ import traceback from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code @@ -414,12 +412,11 @@ def main(): peering_id = module.params.get('peering_id') vpc_id = module.params.get('vpc_id') peer_vpc_id = module.params.get('peer_vpc_id') + try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - client = boto3_conn(module, conn_type='client', resource='ec2', - region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg="Can't authorize connection - " + str(e)) + client = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') if state == 'present': (changed, results) = create_peer_connection(client, module) diff --git a/plugins/modules/ec2_vpc_peering_info.py b/plugins/modules/ec2_vpc_peering_info.py index 423a04962da..117992e76c6 100644 --- a/plugins/modules/ec2_vpc_peering_info.py +++ b/plugins/modules/ec2_vpc_peering_info.py @@ -77,8 +77,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -112,21 +110,9 @@ def main(): module.deprecate("The 'ec2_vpc_peering_facts' module has been renamed to 'ec2_vpc_peering_info'", date='2021-12-01', collection_name='community.aws') try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - except NameError as e: - # Getting around the get_aws_connection_info boto reliance for region - if "global name 'boto' is not defined" in to_native(e): - module.params['region'] = botocore.session.get_session().get_config_variable('region') - if not module.params['region']: - module.fail_json(msg="Error - no region provided") - else: - module.fail_json(msg="Can't retrieve connection information - " + str(e)) - - try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - ec2 = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg=str(e)) + ec2 = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') # Turn the boto3 result in to ansible friendly_snaked_names results = [camel_dict_to_snake_dict(peer) for peer in get_vpc_peers(ec2, module)] diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index b44d36c1142..2f8702ecace 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -124,8 +124,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter @@ -557,10 +555,9 @@ def main(): state = module.params.get('state').lower() try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - client = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg="Can't authorize connection - %s" % to_native(e), exception=traceback.format_exc()) + client = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') if state == 'present': (changed, results) = ensure_vgw_present(client, module) diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index 4c8f0af1c28..692c291a87b 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -97,8 +97,6 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list @@ -141,10 +139,9 @@ def main(): module.deprecate("The 'ec2_vpc_vgw_facts' module has been renamed to 'ec2_vpc_vgw_info'", date='2021-12-01', collection_name='community.aws') try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - connection = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg="Can't authorize connection - " + str(e)) + connection = module.client('ec2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') # call your function here results = list_virtual_gateways(connection, module) diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index d96e81dd000..552747ba10c 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -112,13 +112,12 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError, EndpointConnectionError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class EcsAttributes(object): @@ -188,13 +187,10 @@ def __init__(self, module, cluster, ec2_id): self.cluster = cluster self.ec2_id = ec2_id - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg=("Region must be specified as a parameter," - " in EC2_REGION or AWS_REGION environment" - " variables or in boto configuration file")) - self.ecs = boto3_conn(module, conn_type='client', resource='ecs', - region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + self.ecs = module.client('ecs') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') self.ecs_arn = self._get_ecs_arn() diff --git a/plugins/modules/ecs_cluster.py b/plugins/modules/ecs_cluster.py index eb68b933ce3..ed0dc1c78ff 100644 --- a/plugins/modules/ecs_cluster.py +++ b/plugins/modules/ecs_cluster.py @@ -107,12 +107,11 @@ try: import boto3 + import botocore except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info class EcsClusterManager: @@ -120,11 +119,10 @@ class EcsClusterManager: def __init__(self, module): self.module = module - - # self.ecs = boto3.client('ecs') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - self.ecs = boto3_conn(module, conn_type='client', resource='ecs', - region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + self.ecs = module.client('ecs') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') def find_in_array(self, array_of_clusters, cluster_name, field_name='clusterArn'): for c in array_of_clusters: diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index ab2a9f18fdb..b8848f324af 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -137,7 +137,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -423,12 +422,10 @@ def _requires_destroy_and_create(self): def _get_elasticache_connection(self): """Get an elasticache connection""" - region, ec2_url, aws_connect_params = get_aws_connection_info(self.module, boto3=True) - if region: - return boto3_conn(self.module, conn_type='client', resource='elasticache', - region=region, endpoint=ec2_url, **aws_connect_params) - else: - self.module.fail_json(msg="region must be specified") + try: + return self.module.client('elasticache') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg='Failed to connect to AWS') def _get_port(self): """Get the port. Where this information is retrieved from is engine dependent.""" diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index b30a00bfacd..1e9c574178d 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -118,8 +118,6 @@ # import module snippets from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -293,14 +291,10 @@ def main(): state = module.params.get('state') values = module.params.get('values') - # Retrieve any AWS settings from the environment. - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg="Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set.") - - connection = boto3_conn(module, conn_type='client', - resource='elasticache', region=region, - endpoint=ec2_url, **aws_connect_kwargs) + try: + connection = module.client('elasticache') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') exists = get_info(connection, parameter_group_name) diff --git a/plugins/modules/elasticache_snapshot.py b/plugins/modules/elasticache_snapshot.py index 373654d99fa..dc92df6b3c2 100644 --- a/plugins/modules/elasticache_snapshot.py +++ b/plugins/modules/elasticache_snapshot.py @@ -120,8 +120,6 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict @@ -189,14 +187,10 @@ def main(): target = module.params.get('target') bucket = module.params.get('bucket') - # Retrieve any AWS settings from the environment. - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg=str("Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set.")) - - connection = boto3_conn(module, conn_type='client', - resource='elasticache', region=region, - endpoint=ec2_url, **aws_connect_kwargs) + try: + connection = module.client('elasticache') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') changed = False response = {} diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index 1ed3d4c7cd2..06e1f3ae229 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -166,6 +166,7 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError, NoCredentialsError except ImportError: pass # Handled by AnsibleAWSModule @@ -173,10 +174,8 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_elb_listeners(connection, module, elb_arn): @@ -275,12 +274,10 @@ def main(): module.deprecate("The 'elb_application_lb_facts' module has been renamed to 'elb_application_lb_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - - if region: - connection = boto3_conn(module, conn_type='client', resource='elbv2', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('elbv2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') list_load_balancers(connection, module) diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index 3e001eccdac..06ff79e2653 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -113,6 +113,7 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError, BotoCoreError except ImportError: pass # Handled by AnsibleAWSModule @@ -120,9 +121,7 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry @@ -334,8 +333,10 @@ def main(): mutually_exclusive=[['target_group_arn', 'target_group_name']], ) - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - connection = boto3_conn(module, conn_type='client', resource='elbv2', region=region, endpoint=ec2_url, **aws_connect_params) + try: + connection = module.client('elbv2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') state = module.params.get("state") diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index c444521d887..a9694428872 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -211,6 +211,7 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError, NoCredentialsError except ImportError: pass # Handled by AnsibleAWSModule @@ -218,10 +219,8 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_target_group_attributes(connection, module, target_group_arn): @@ -310,12 +309,10 @@ def main(): if module._name == 'elb_target_group_facts': module.deprecate("The 'elb_target_group_facts' module has been renamed to 'elb_target_group_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - - if region: - connection = boto3_conn(module, conn_type='client', resource='elbv2', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('elbv2') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') list_target_groups(connection, module) diff --git a/plugins/modules/execute_lambda.py b/plugins/modules/execute_lambda.py index c1372dfaf22..ca97f6619c9 100644 --- a/plugins/modules/execute_lambda.py +++ b/plugins/modules/execute_lambda.py @@ -139,8 +139,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def main(): @@ -172,17 +170,10 @@ def main(): if not (name or function_arn): module.fail_json(msg="Must provide either a function_arn or a name to invoke.") - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg="The AWS region must be specified as an " - "environment variable or in the AWS credentials " - "profile.") - try: - client = boto3_conn(module, conn_type='client', resource='lambda', - region=region, endpoint=ec2_url, **aws_connect_kwargs) - except (botocore.exceptions.ClientError, botocore.exceptions.ValidationError) as e: - module.fail_json(msg="Failure connecting boto3 to AWS: %s" % to_native(e), exception=traceback.format_exc()) + client = module.client('lambda') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') invoke_params = {} diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index 552b93b1b23..a0b7c3c48af 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -140,8 +140,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies @@ -321,12 +319,9 @@ def main(): policy = json.dumps(json.loads(module.params.get('policy'))) try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - iam = boto3_conn(module, conn_type='client', resource='iam', - region=region, endpoint=ec2_url, **aws_connect_kwargs) - except (botocore.exceptions.NoCredentialsError, botocore.exceptions.ProfileNotFound) as e: - module.fail_json(msg="Can't authorize connection. Check your credentials and profile.", - exceptions=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + iam = module.client('iam') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') p = get_policy_by_name(module, iam, name) if state == 'present': diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index c107c39f67b..c79afab095f 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -62,14 +62,13 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def list_mfa_devices(connection, module): @@ -96,11 +95,10 @@ def main(): if module._name == 'iam_mfa_device_facts': module.deprecate("The 'iam_mfa_device_facts' module has been renamed to 'iam_mfa_device_info'", date='2021-12-01', collection_name='community.aws') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if region: - connection = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('iam') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') list_mfa_devices(connection, module) diff --git a/plugins/modules/iam_server_certificate_info.py b/plugins/modules/iam_server_certificate_info.py index 9b41aa3bab8..6e37185680f 100644 --- a/plugins/modules/iam_server_certificate_info.py +++ b/plugins/modules/iam_server_certificate_info.py @@ -81,13 +81,12 @@ try: import boto3 + import botocore import botocore.exceptions except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def get_server_certs(iam, name=None): @@ -151,10 +150,9 @@ def main(): date='2021-12-01', collection_name='community.aws') try: - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - iam = boto3_conn(module, conn_type='client', resource='iam', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Boto3 Client Error - " + str(e.msg)) + iam = module.client('iam') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') cert_name = module.params.get('name') results = get_server_certs(iam, cert_name) diff --git a/plugins/modules/kinesis_stream.py b/plugins/modules/kinesis_stream.py index c16adbea3c2..51ca85ddc94 100644 --- a/plugins/modules/kinesis_stream.py +++ b/plugins/modules/kinesis_stream.py @@ -192,8 +192,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def convert_to_lower(data): @@ -1364,20 +1362,9 @@ def main(): check_mode = module.check_mode try: - region, ec2_url, aws_connect_kwargs = ( - get_aws_connection_info(module, boto3=True) - ) - client = ( - boto3_conn( - module, conn_type='client', resource='kinesis', - region=region, endpoint=ec2_url, **aws_connect_kwargs - ) - ) - except botocore.exceptions.ClientError as e: - err_msg = 'Boto3 Client Error - {0}'.format(to_native(e.msg)) - module.fail_json( - success=False, changed=False, result={}, msg=err_msg - ) + client = module.client('kinesis') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') if state == 'present': success, changed, err_msg, results = ( diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index 92261e61f8b..536698473e1 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -125,8 +125,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list @@ -328,16 +326,10 @@ def main(): required_if=[['state', 'present', ['description', 'engine']]], ) - # Retrieve any AWS settings from the environment. - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - - if not region: - module.fail_json(msg="Region must be present") - try: - conn = boto3_conn(module, conn_type='client', resource='rds', region=region, endpoint=ec2_url, **aws_connect_kwargs) - except botocore.exceptions.NoCredentialsError as e: - module.fail_json(msg="Couldn't connect to AWS: %s" % str(e)) + conn = module.client('rds') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') state = module.params.get('state') if state == 'present': diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index 64caeaef23c..38d0bc540f5 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -214,8 +214,6 @@ from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3 @@ -467,8 +465,10 @@ def main(): if not (HAS_BOTO or HAS_BOTO3): module.fail_json(msg='json and boto/boto3 is required.') - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - route53 = boto3_conn(module, conn_type='client', resource='route53', region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + route53 = module.client('route53') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') invocations = { 'change': change_details, diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 12828c51958..8909b3524f3 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -245,8 +245,6 @@ # import module snippets from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception @@ -528,10 +526,10 @@ def main(): result = {} mode = module.params['mode'] - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if not region: - module.fail_json(msg="Region must be specified") - s3 = boto3_conn(module, conn_type='client', resource='s3', region=region, endpoint=ec2_url, **aws_connect_kwargs) + try: + s3 = module.client('s3') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') if mode == 'push': try: diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index a281f60f37e..6f7aa898391 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -163,15 +163,14 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError, ParamValidationError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def _create_redirect_dict(url): @@ -305,13 +304,11 @@ def main(): ], ) - region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True) - - if region: - client_connection = boto3_conn(module, conn_type='client', resource='s3', region=region, endpoint=ec2_url, **aws_connect_params) - resource_connection = boto3_conn(module, conn_type='resource', resource='s3', region=region, endpoint=ec2_url, **aws_connect_params) - else: - module.fail_json(msg="region must be specified") + try: + client_connection = module.client('s3') + resource_connection = module.resource('s3') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') state = module.params.get("state") diff --git a/plugins/modules/sts_session_token.py b/plugins/modules/sts_session_token.py index 48f05efe1a8..4183b976d15 100644 --- a/plugins/modules/sts_session_token.py +++ b/plugins/modules/sts_session_token.py @@ -81,13 +81,12 @@ try: import boto3 + import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info def normalize_credentials(credentials): @@ -136,11 +135,10 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec) - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True) - if region: - connection = boto3_conn(module, conn_type='client', resource='sts', region=region, endpoint=ec2_url, **aws_connect_kwargs) - else: - module.fail_json(msg="region must be specified") + try: + connection = module.client('sts') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') get_session_token(connection, module) From 31fc869552d811eea02e52c78292e1ba1663bc57 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 28 Aug 2020 01:43:09 +0200 Subject: [PATCH 072/129] Add a .keep file to avoid the fragments directory itself going away after a release (#196) --- changelogs/fragments/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelogs/fragments/.keep diff --git a/changelogs/fragments/.keep b/changelogs/fragments/.keep new file mode 100644 index 00000000000..e69de29bb2d From 5e2d356171996b3b4bbf183055e414ea9dccbe3a Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 28 Aug 2020 02:12:41 +0200 Subject: [PATCH 073/129] ec2_instance - Fix check_mode behaviour with tags (#189) * Add test for changing tags in check_mode * ec2_instance: Fix check_mode behaviour with tags * Add changelog fragment --- .../189-ec2_instance-check_mode-tags.yml | 2 ++ plugins/modules/ec2_instance.py | 2 ++ .../ec2_instance/tasks/checkmode_tests.yml | 29 +++++++++++++++++++ 3 files changed, 33 insertions(+) create mode 100644 changelogs/fragments/189-ec2_instance-check_mode-tags.yml diff --git a/changelogs/fragments/189-ec2_instance-check_mode-tags.yml b/changelogs/fragments/189-ec2_instance-check_mode-tags.yml new file mode 100644 index 00000000000..fd215f64e16 --- /dev/null +++ b/changelogs/fragments/189-ec2_instance-check_mode-tags.yml @@ -0,0 +1,2 @@ +bugfixes: +- ec2_instance - Fix a bug where tags were updated in check_mode. diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index ddedd379573..e87f64cdf29 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -894,6 +894,8 @@ def manage_tags(match, new_tags, purge_tags, ec2): old_tags, new_tags, purge_tags=purge_tags, ) + if module.check_mode: + return bool(tags_to_delete or tags_to_set) if tags_to_set: ec2.create_tags( Resources=[match['InstanceId']], diff --git a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml index b161eca636e..e13ad44063b 100644 --- a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml +++ b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/checkmode_tests.yml @@ -10,6 +10,7 @@ wait: false tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" register: basic_instance - name: "Make basic instance (check mode)" @@ -22,6 +23,7 @@ vpc_subnet_id: "{{ testing_subnet_b.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" check_mode: yes - name: "fact presented ec2 instance" @@ -49,6 +51,7 @@ vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" check_mode: yes - name: "fact ec2 instance" @@ -69,6 +72,7 @@ vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" register: instance_stop until: not instance_stop.failed retries: 10 @@ -91,6 +95,7 @@ vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" check_mode: yes - name: "fact ec2 instance" @@ -111,6 +116,7 @@ vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" - name: "fact ec2 instance." ec2_instance_info: @@ -123,6 +129,27 @@ that: - '"{{ confirm_runninginstance_fact.instances[0].state.name }}" == "running"' + - name: "Tag instance." + ec2_instance: + state: running + name: "{{ resource_prefix }}-checkmode-comparison" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Other Value" + check_mode: yes + + - name: "fact ec2 instance." + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-checkmode-comparison" + register: confirm_not_tagged + + - name: "Verify that it hasn't been re-tagged." + assert: + that: + - '"{{ confirm_not_tagged.instances[0].tags.TestTag }}" == "Some Value"' + - name: "Terminate instance in check mode." ec2_instance: state: absent @@ -130,6 +157,7 @@ vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" check_mode: yes - name: "fact ec2 instance" @@ -150,6 +178,7 @@ vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" tags: TestId: "{{ ec2_instance_tag_TestId }}" + TestTag: "Some Value" - name: "fact ec2 instance" ec2_instance_info: From 6d404e3a9f9c7668b438b8fb1d3e955846b9c098 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 28 Aug 2020 02:12:49 +0200 Subject: [PATCH 074/129] aws_api_gateway : Switch to jittered backoff and retry on TooManyRequests (#161) * aws_api_gateway : Switch to jittered backoff and retry on TooManyRequests * Mark aws_api_gateway stable again... * Add changelog --- changelogs/fragments/161-retries.yml | 2 ++ plugins/modules/aws_api_gateway.py | 10 +++++----- tests/integration/targets/aws_api_gateway/aliases | 2 -- 3 files changed, 7 insertions(+), 7 deletions(-) create mode 100644 changelogs/fragments/161-retries.yml diff --git a/changelogs/fragments/161-retries.yml b/changelogs/fragments/161-retries.yml new file mode 100644 index 00000000000..c6d257f0b7e --- /dev/null +++ b/changelogs/fragments/161-retries.yml @@ -0,0 +1,2 @@ +minor_changes: +- Add retries for aws_api_gateway when AWS throws `TooManyRequestsException` diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index 8be32b12289..08f276b6303 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -315,25 +315,25 @@ def ensure_api_in_correct_state(module, client, api_id, api_data): return configure_response, deploy_response -retry_params = {"tries": 10, "delay": 5, "backoff": 1.2} +retry_params = {"retries": 10, "delay": 10, "catch_extra_error_codes": ['TooManyRequestsException']} -@AWSRetry.backoff(**retry_params) +@AWSRetry.jittered_backoff(**retry_params) def create_api(client, name=None, description=None, endpoint_type=None): return client.create_rest_api(name="ansible-temp-api", description=description, endpointConfiguration={'types': [endpoint_type]}) -@AWSRetry.backoff(**retry_params) +@AWSRetry.jittered_backoff(**retry_params) def delete_api(client, api_id): return client.delete_rest_api(restApiId=api_id) -@AWSRetry.backoff(**retry_params) +@AWSRetry.jittered_backoff(**retry_params) def configure_api(client, api_id, api_data=None, mode="overwrite"): return client.put_rest_api(restApiId=api_id, mode=mode, body=api_data) -@AWSRetry.backoff(**retry_params) +@AWSRetry.jittered_backoff(**retry_params) def create_deployment(client, rest_api_id, **params): canary_settings = params.get('stage_canary_settings') diff --git a/tests/integration/targets/aws_api_gateway/aliases b/tests/integration/targets/aws_api_gateway/aliases index f24be68b2e4..6e3860bee23 100644 --- a/tests/integration/targets/aws_api_gateway/aliases +++ b/tests/integration/targets/aws_api_gateway/aliases @@ -1,4 +1,2 @@ cloud/aws shippable/aws/group2 -# https://github.com/ansible-collections/community.aws/issues/158 -unstable From 00a766054092a587033e2d64aa476e2c2147dfe2 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 28 Aug 2020 22:42:48 +0200 Subject: [PATCH 075/129] ec2_metrix_alarm test - Create the instance in the subnet we just created not the default VPC (#212) --- tests/integration/targets/ec2_metric_alarm/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/integration/targets/ec2_metric_alarm/tasks/main.yml b/tests/integration/targets/ec2_metric_alarm/tasks/main.yml index 00705636448..102747f48a8 100644 --- a/tests/integration/targets/ec2_metric_alarm/tasks/main.yml +++ b/tests/integration/targets/ec2_metric_alarm/tasks/main.yml @@ -46,6 +46,7 @@ tags: TestId: "{{ resource_prefix }}" security_groups: "{{ sg.group_id }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" instance_type: t2.micro wait: true register: ec2_instance_results From 315f54619a07fc0d7520aa318d9b8d1cf2b1070f Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Fri, 28 Aug 2020 13:56:08 -0700 Subject: [PATCH 076/129] Prepare 1.2.0 release (#208) * Prepare 1.2.0 release Run add_docs.py Run antsibull-changelog Bump release in galaxy.yml Bump required amazon.aws release in test requirements * Manually remove extraneous single quote on aws_kms line from 1.0.0 --- CHANGELOG.rst | 36 +++++++--- changelogs/changelog.yaml | 32 ++++++++- changelogs/fragments/161-retries.yml | 2 - changelogs/fragments/188-boto3_conn.yml | 2 - .../189-ec2_instance-check_mode-tags.yml | 2 - .../195-aws_codecommit-empty-description.yaml | 2 - .../199-aws_kms_info-key-rotation-status.yaml | 5 -- .../fragments/22-ec2_instance-mod-sgs.yml | 2 - changelogs/fragments/iam_no_log.yml | 2 - docs/community.aws.aws_acm_info_module.rst | 27 +++++-- docs/community.aws.aws_acm_module.rst | 15 +++- docs/community.aws.aws_api_gateway_module.rst | 12 +++- ....aws_application_scaling_policy_module.rst | 33 ++++++--- ...s.aws_batch_compute_environment_module.rst | 45 ++++++++---- ...ty.aws.aws_batch_job_definition_module.rst | 42 +++++++---- ...mmunity.aws.aws_batch_job_queue_module.rst | 22 ++++-- docs/community.aws.aws_codebuild_module.rst | 45 ++++++++---- docs/community.aws.aws_codecommit_module.rst | 18 +++-- .../community.aws.aws_codepipeline_module.rst | 28 ++++++-- ...onfig_aggregation_authorization_module.rst | 18 +++-- ...unity.aws.aws_config_aggregator_module.rst | 31 +++++--- ...aws.aws_config_delivery_channel_module.rst | 18 +++-- ...mmunity.aws.aws_config_recorder_module.rst | 15 +++- docs/community.aws.aws_config_rule_module.rst | 18 +++-- ...rect_connect_confirm_connection_module.rst | 12 +++- ...s.aws_direct_connect_connection_module.rst | 15 +++- ....aws.aws_direct_connect_gateway_module.rst | 12 +++- ..._connect_link_aggregation_group_module.rst | 15 +++- ...irect_connect_virtual_interface_module.rst | 21 ++++-- docs/community.aws.aws_eks_cluster_module.rst | 21 ++++-- ...ty.aws.aws_elasticbeanstalk_app_module.rst | 12 +++- ...mmunity.aws.aws_glue_connection_module.rst | 24 +++++-- docs/community.aws.aws_glue_job_module.rst | 21 ++++-- ...munity.aws.aws_inspector_target_module.rst | 15 +++- docs/community.aws.aws_kms_info_module.rst | 14 +++- docs/community.aws.aws_kms_module.rst | 24 +++++-- docs/community.aws.aws_region_info_module.rst | 12 +++- ...ommunity.aws.aws_s3_bucket_info_module.rst | 12 +++- docs/community.aws.aws_s3_cors_module.rst | 21 ++++-- docs/community.aws.aws_secret_module.rst | 15 +++- .../community.aws.aws_ses_identity_module.rst | 15 +++- ...ity.aws.aws_ses_identity_policy_module.rst | 18 +++-- .../community.aws.aws_ses_rule_set_module.rst | 15 +++- docs/community.aws.aws_sgw_info_module.rst | 12 +++- docs/community.aws.aws_ssm_connection.rst | 2 +- ...ity.aws.aws_ssm_parameter_store_module.rst | 15 +++- ...nctions_state_machine_execution_module.rst | 12 +++- ...ws_step_functions_state_machine_module.rst | 15 +++- ...community.aws.aws_waf_condition_module.rst | 24 +++++-- docs/community.aws.aws_waf_info_module.rst | 12 +++- docs/community.aws.aws_waf_rule_module.rst | 27 +++++-- docs/community.aws.aws_waf_web_acl_module.rst | 27 +++++-- ...aws.cloudformation_exports_info_module.rst | 12 +++- ...ty.aws.cloudformation_stack_set_module.rst | 24 +++++-- ...ity.aws.cloudfront_distribution_module.rst | 72 +++++++++++++------ docs/community.aws.cloudfront_info_module.rst | 12 +++- ...ity.aws.cloudfront_invalidation_module.rst | 16 ++++- ...oudfront_origin_access_identity_module.rst | 12 +++- docs/community.aws.cloudtrail_module.rst | 12 +++- ...munity.aws.cloudwatchevent_rule_module.rst | 24 +++++-- ...s.cloudwatchlogs_log_group_info_module.rst | 12 +++- ...tchlogs_log_group_metric_filter_module.rst | 21 ++++-- ...ty.aws.cloudwatchlogs_log_group_module.rst | 15 +++- docs/community.aws.data_pipeline_module.rst | 30 +++++--- docs/community.aws.dms_endpoint_module.rst | 21 ++++-- ...ws.dms_replication_subnet_group_module.rst | 22 ++++-- docs/community.aws.dynamodb_table_module.rst | 27 +++++-- docs/community.aws.dynamodb_ttl_module.rst | 18 +++-- docs/community.aws.ec2_ami_copy_module.rst | 18 +++-- docs/community.aws.ec2_asg_info_module.rst | 12 +++- ...nity.aws.ec2_asg_lifecycle_hook_module.rst | 18 +++-- docs/community.aws.ec2_asg_module.rst | 48 +++++++++---- ...y.aws.ec2_customer_gateway_info_module.rst | 15 +++- ...munity.aws.ec2_customer_gateway_module.rst | 18 +++-- docs/community.aws.ec2_eip_info_module.rst | 12 +++- docs/community.aws.ec2_eip_module.rst | 12 +++- docs/community.aws.ec2_elb_info_module.rst | 15 +++- docs/community.aws.ec2_elb_module.rst | 21 ++++-- ...community.aws.ec2_instance_info_module.rst | 30 +++++--- docs/community.aws.ec2_instance_module.rst | 42 +++++++---- ...mmunity.aws.ec2_launch_template_module.rst | 35 ++++++--- docs/community.aws.ec2_lc_find_module.rst | 15 +++- docs/community.aws.ec2_lc_info_module.rst | 15 +++- docs/community.aws.ec2_lc_module.rst | 27 +++++-- .../community.aws.ec2_metric_alarm_module.rst | 24 +++++-- ...ty.aws.ec2_placement_group_info_module.rst | 15 +++- ...mmunity.aws.ec2_placement_group_module.rst | 15 +++- ...ommunity.aws.ec2_scaling_policy_module.rst | 18 +++-- ...community.aws.ec2_snapshot_copy_module.rst | 18 +++-- ...ty.aws.ec2_transit_gateway_info_module.rst | 15 +++- ...mmunity.aws.ec2_transit_gateway_module.rst | 12 +++- ...ommunity.aws.ec2_vpc_egress_igw_module.rst | 15 +++- ...unity.aws.ec2_vpc_endpoint_info_module.rst | 18 +++-- .../community.aws.ec2_vpc_endpoint_module.rst | 15 +++- .../community.aws.ec2_vpc_igw_info_module.rst | 15 +++- docs/community.aws.ec2_vpc_igw_module.rst | 15 +++- ...community.aws.ec2_vpc_nacl_info_module.rst | 24 +++++-- docs/community.aws.ec2_vpc_nacl_module.rst | 21 ++++-- ...ty.aws.ec2_vpc_nat_gateway_info_module.rst | 15 +++- ...mmunity.aws.ec2_vpc_nat_gateway_module.rst | 12 +++- docs/community.aws.ec2_vpc_peer_module.rst | 12 +++- ...munity.aws.ec2_vpc_peering_info_module.rst | 15 +++- ...ty.aws.ec2_vpc_route_table_info_module.rst | 12 +++- ...mmunity.aws.ec2_vpc_route_table_module.rst | 21 ++++-- .../community.aws.ec2_vpc_vgw_info_module.rst | 15 +++- docs/community.aws.ec2_vpc_vgw_module.rst | 12 +++- .../community.aws.ec2_vpc_vpn_info_module.rst | 15 +++- docs/community.aws.ec2_vpc_vpn_module.rst | 18 +++-- .../community.aws.ec2_win_password_module.rst | 15 +++- docs/community.aws.ecs_attribute_module.rst | 28 ++++++-- docs/community.aws.ecs_cluster_module.rst | 18 +++-- docs/community.aws.ecs_ecr_module.rst | 15 +++- .../community.aws.ecs_service_info_module.rst | 21 ++++-- docs/community.aws.ecs_service_module.rst | 60 +++++++++++----- docs/community.aws.ecs_tag_module.rst | 15 +++- docs/community.aws.ecs_task_module.rst | 30 +++++--- ...ity.aws.ecs_taskdefinition_info_module.rst | 15 +++- ...ommunity.aws.ecs_taskdefinition_module.rst | 24 +++++-- docs/community.aws.efs_info_module.rst | 15 +++- docs/community.aws.efs_module.rst | 21 ++++-- .../community.aws.elasticache_info_module.rst | 12 +++- docs/community.aws.elasticache_module.rst | 24 +++++-- ...aws.elasticache_parameter_group_module.rst | 18 +++-- ...munity.aws.elasticache_snapshot_module.rst | 18 +++-- ...ty.aws.elasticache_subnet_group_module.rst | 21 ++++-- ...ity.aws.elb_application_lb_info_module.rst | 18 +++-- ...ommunity.aws.elb_application_lb_module.rst | 40 ++++++++--- ...mmunity.aws.elb_classic_lb_info_module.rst | 15 +++- docs/community.aws.elb_classic_lb_module.rst | 36 +++++++--- docs/community.aws.elb_instance_module.rst | 21 ++++-- docs/community.aws.elb_network_lb_module.rst | 37 +++++++--- ...unity.aws.elb_target_group_info_module.rst | 18 +++-- .../community.aws.elb_target_group_module.rst | 21 ++++-- docs/community.aws.elb_target_info_module.rst | 15 +++- docs/community.aws.elb_target_module.rst | 18 +++-- docs/community.aws.execute_lambda_module.rst | 12 +++- docs/community.aws.iam_cert_module.rst | 18 +++-- docs/community.aws.iam_group_module.rst | 24 +++++-- ...ommunity.aws.iam_managed_policy_module.rst | 15 +++- ...mmunity.aws.iam_mfa_device_info_module.rst | 12 +++- docs/community.aws.iam_module.rst | 27 +++++-- ...mmunity.aws.iam_password_policy_module.rst | 15 +++- docs/community.aws.iam_policy_info_module.rst | 18 +++-- docs/community.aws.iam_policy_module.rst | 21 ++++-- docs/community.aws.iam_role_info_module.rst | 12 +++- docs/community.aws.iam_role_module.rst | 18 +++-- ...mmunity.aws.iam_saml_federation_module.rst | 15 +++- ...aws.iam_server_certificate_info_module.rst | 12 +++- docs/community.aws.iam_user_info_module.rst | 12 +++- docs/community.aws.iam_user_module.rst | 21 ++++-- docs/community.aws.kinesis_stream_module.rst | 15 +++- docs/community.aws.lambda_alias_module.rst | 18 +++-- docs/community.aws.lambda_event_module.rst | 21 ++++-- docs/community.aws.lambda_facts_module.rst | 12 +++- docs/community.aws.lambda_info_module.rst | 12 +++- docs/community.aws.lambda_module.rst | 21 ++++-- docs/community.aws.lambda_policy_module.rst | 24 +++++-- docs/community.aws.lightsail_module.rst | 15 +++- ...community.aws.rds_instance_info_module.rst | 12 +++- docs/community.aws.rds_instance_module.rst | 24 +++++-- docs/community.aws.rds_module.rst | 18 +++-- docs/community.aws.rds_param_group_module.rst | 18 +++-- ...community.aws.rds_snapshot_info_module.rst | 12 +++- docs/community.aws.rds_snapshot_module.rst | 15 +++- .../community.aws.rds_subnet_group_module.rst | 21 ++++-- ...redshift_cross_region_snapshots_module.rst | 24 +++++-- docs/community.aws.redshift_info_module.rst | 12 +++- docs/community.aws.redshift_module.rst | 24 +++++-- ...unity.aws.redshift_subnet_group_module.rst | 21 ++++-- ...munity.aws.route53_health_check_module.rst | 15 +++- docs/community.aws.route53_info_module.rst | 18 +++-- docs/community.aws.route53_module.rst | 24 +++++-- docs/community.aws.route53_zone_module.rst | 15 +++- ...nity.aws.s3_bucket_notification_module.rst | 21 ++++-- docs/community.aws.s3_lifecycle_module.rst | 21 ++++-- docs/community.aws.s3_logging_module.rst | 15 +++- docs/community.aws.s3_sync_module.rst | 18 +++-- docs/community.aws.s3_website_module.rst | 18 +++-- docs/community.aws.sns_module.rst | 18 +++-- docs/community.aws.sns_topic_module.rst | 24 +++++-- docs/community.aws.sqs_queue_module.rst | 15 +++- docs/community.aws.sts_assume_role_module.rst | 18 +++-- ...community.aws.sts_session_token_module.rst | 12 +++- galaxy.yml | 4 +- tests/requirements.yml | 4 +- 185 files changed, 2668 insertions(+), 814 deletions(-) delete mode 100644 changelogs/fragments/161-retries.yml delete mode 100644 changelogs/fragments/188-boto3_conn.yml delete mode 100644 changelogs/fragments/189-ec2_instance-check_mode-tags.yml delete mode 100644 changelogs/fragments/195-aws_codecommit-empty-description.yaml delete mode 100644 changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml delete mode 100644 changelogs/fragments/22-ec2_instance-mod-sgs.yml delete mode 100644 changelogs/fragments/iam_no_log.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 5be40e94986..d16cf927037 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,24 @@ community.aws Release Notes .. contents:: Topics +v1.2.0 +====== + +Minor Changes +------------- + +- Add retries for aws_api_gateway when AWS throws `TooManyRequestsException` +- Migrate the remaning boto3 based modules to the module based helpers for creating AWS connections. + +Bugfixes +-------- + +- aws_codecommit - fixes issue where module execution would fail if an existing repository has empty description (https://github.com/ansible-collections/community.aws/pull/195) +- aws_kms_info - fixes issue where module execution fails because certain AWS KMS keys (e.g. aws/acm) do not permit the calling the API kms:GetKeyRotationStatus (example - https://forums.aws.amazon.com/thread.jspa?threadID=312992) (https://github.com/ansible-collections/community.aws/pull/199) +- ec2_instance - Fix a bug where tags were updated in check_mode. +- ec2_instance - fixes issue where security groups were not changed if the instance already existed. https://github.com/ansible-collections/community.aws/pull/22 +- iam - Fix false positive warning regarding use of ``no_log`` on ``update_password`` + v1.1.0 ====== @@ -19,14 +37,14 @@ Deprecated Features - data_pipeline - the ``version`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. - ec2_eip - the ``wait_timeout`` option has been deprecated and will be removed in a later release. It has had no effect since Ansible 2.3. -- ec2_lc - the ``associate_public_ip_address`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- ec2_lc - the ``associate_public_ip_address`` option has been deprecated and will be removed after a later release. It has always been ignored by the module. - elb_network_lb - in a later release, the default behaviour for the ``state`` option will change from ``absent`` to ``present``. To maintain the existing behavior explicitly set state to ``absent``. -- iam_managed_policy - the ``fail_on_delete`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- iam_managed_policy - the ``fail_on_delete`` option has been deprecated and will be removed after a later release. It has always been ignored by the module. - iam_policy - in a later release, the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``. To maintain the existing behavior explicitly set it to ``true``. -- iam_policy - the ``policy_document`` option has been deprecated and will be removed in a later release. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. +- iam_policy - the ``policy_document`` option has been deprecated and will be removed after a later release. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. - iam_role - in a later release, the ``purge_policies`` option (also know as ``purge_policy``) default value will change from ``true`` to ``false`` -- s3_lifecycle - the ``requester_pays`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. -- s3_sync - the ``retries`` option has been deprecated and will be removed in a later release. It has always been ignored by the module. +- s3_lifecycle - the ``requester_pays`` option has been deprecated and will be removed after a later release. It has always been ignored by the module. +- s3_sync - the ``retries`` option has been deprecated and will be removed after 2022-06-01. It has always been ignored by the module. v1.0.0 ====== @@ -39,10 +57,10 @@ Minor Changes - aws_acm - Update automatic retries to stabilize the integration tests. - aws_codecommit - Support updating the description - aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically key rotation. -- aws_kms: code refactor, some error messages updated +- aws_kms - code refactor, some error messages updated - aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. -- ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups - ec2_asg - Add support for Max Instance Lifetime +- ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups - ec2_asg - Migrated to AnsibleAWSModule - ec2_placement_group - make ``name`` a required field. - ecs_task_definition - Add network_mode=default to support Windows ECS tasks. @@ -74,7 +92,7 @@ Deprecated Features - ec2_key - The ``wait_timeout`` option had no effect and will be removed after 2022-06-01 - ec2_key - The ``wait`` option had no effect and will be removed after 2022-06-01 - ec2_lc - The ``associate_public_ip_address`` option had no effect and will be removed after 2022-06-01 -- elb_network_lb: The current default value of the ``state`` option has been deprecated and will change from absent to present after 2022-06-01 +- elb_network_lb - The current default value of the ``state`` option has been deprecated and will change from absent to present after 2022-06-01 - iam_managed_policy - The ``fail_on_delete`` option had no effect and will be removed after 2022-06-01 - iam_policy - The ``policy_document`` will be removed after 2022-06-01. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin. - iam_policy - The default value of ``skip_duplicates`` will change after 2022-06-01 from ``true`` to ``false``. @@ -96,7 +114,7 @@ Bugfixes - cloudfront_distribution - Always add field_level_encryption_id to cache behaviour to match AWS requirements - cloudwatchlogs_log_group - Fix a KeyError when updating a log group that does not have a retention period (https://github.com/ansible/ansible/issues/47945) - cloudwatchlogs_log_group_info - remove limitation of max 50 results -- ec2_asg: Ensure "wait" is honored during replace operations +- ec2_asg - Ensure "wait" is honored during replace operations - ec2_launch_template - Update output to include latest_version and default_version, matching the documentation - ec2_transit_gateway - Use AWSRetry before ClientError is handled when describing transit gateways - ec2_transit_gateway - fixed issue where auto_attach set to yes was not being honored (https://github.com/ansible/ansible/issues/61907) diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 0494c2b8cef..b1e25c93aa4 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -77,11 +77,11 @@ releases: - aws_codecommit - Support updating the description - aws_kms - Adds the ``enable_key_rotation`` option to enable or disable automatically key rotation. - - aws_kms - code refactor, some error messages updated' + - aws_kms - code refactor, some error messages updated - aws_kms_info - Adds the ``enable_key_rotation`` info to the return value. + - ec2_asg - Add support for Max Instance Lifetime - ec2_asg - Add the ability to use mixed_instance_policy in launch template driven autoscaling groups - - ec2_asg - Add support for Max Instance Lifetime - ec2_asg - Migrated to AnsibleAWSModule - ec2_placement_group - make ``name`` a required field. - ecs_task_definition - Add network_mode=default to support Windows ECS tasks. @@ -683,7 +683,8 @@ releases: option will change from ``absent`` to ``present``. To maintain the existing behavior explicitly set state to ``absent``. - iam_managed_policy - the ``fail_on_delete`` option has been deprecated and - will be removed after a later release. It has always been ignored by the module. + will be removed after a later release. It has always been ignored by the + module. - iam_policy - in a later release, the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``. To maintain the existing behavior explicitly set it to ``true``. @@ -704,3 +705,28 @@ releases: - porting-guide.yml - sanity_fix_future_boilerplate.yml release_date: '2020-08-13' + 1.2.0: + changes: + bugfixes: + - aws_codecommit - fixes issue where module execution would fail if an existing + repository has empty description (https://github.com/ansible-collections/community.aws/pull/195) + - aws_kms_info - fixes issue where module execution fails because certain AWS + KMS keys (e.g. aws/acm) do not permit the calling the API kms:GetKeyRotationStatus + (example - https://forums.aws.amazon.com/thread.jspa?threadID=312992) (https://github.com/ansible-collections/community.aws/pull/199) + - ec2_instance - Fix a bug where tags were updated in check_mode. + - ec2_instance - fixes issue where security groups were not changed if the instance + already existed. https://github.com/ansible-collections/community.aws/pull/22 + - iam - Fix false positive warning regarding use of ``no_log`` on ``update_password`` + minor_changes: + - Add retries for aws_api_gateway when AWS throws `TooManyRequestsException` + - Migrate the remaning boto3 based modules to the module based helpers for creating + AWS connections. + fragments: + - 161-retries.yml + - 188-boto3_conn.yml + - 189-ec2_instance-check_mode-tags.yml + - 195-aws_codecommit-empty-description.yaml + - 199-aws_kms_info-key-rotation-status.yaml + - 22-ec2_instance-mod-sgs.yml + - iam_no_log.yml + release_date: '2020-08-28' diff --git a/changelogs/fragments/161-retries.yml b/changelogs/fragments/161-retries.yml deleted file mode 100644 index c6d257f0b7e..00000000000 --- a/changelogs/fragments/161-retries.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Add retries for aws_api_gateway when AWS throws `TooManyRequestsException` diff --git a/changelogs/fragments/188-boto3_conn.yml b/changelogs/fragments/188-boto3_conn.yml deleted file mode 100644 index 6572d78a728..00000000000 --- a/changelogs/fragments/188-boto3_conn.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- Migrate the remaning boto3 based modules to the module based helpers for creating AWS connections. diff --git a/changelogs/fragments/189-ec2_instance-check_mode-tags.yml b/changelogs/fragments/189-ec2_instance-check_mode-tags.yml deleted file mode 100644 index fd215f64e16..00000000000 --- a/changelogs/fragments/189-ec2_instance-check_mode-tags.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- ec2_instance - Fix a bug where tags were updated in check_mode. diff --git a/changelogs/fragments/195-aws_codecommit-empty-description.yaml b/changelogs/fragments/195-aws_codecommit-empty-description.yaml deleted file mode 100644 index 2ab88e6bc7a..00000000000 --- a/changelogs/fragments/195-aws_codecommit-empty-description.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- aws_codecommit - fixes issue where module execution would fail if an existing repository has empty description (https://github.com/ansible-collections/community.aws/pull/195) diff --git a/changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml b/changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml deleted file mode 100644 index be3f33c23d8..00000000000 --- a/changelogs/fragments/199-aws_kms_info-key-rotation-status.yaml +++ /dev/null @@ -1,5 +0,0 @@ -bugfixes: -- aws_kms_info - fixes issue where module execution fails because certain AWS KMS keys (e.g. aws/acm) - do not permit the calling the API kms:GetKeyRotationStatus - (example - https://forums.aws.amazon.com/thread.jspa?threadID=312992) - (https://github.com/ansible-collections/community.aws/pull/199) diff --git a/changelogs/fragments/22-ec2_instance-mod-sgs.yml b/changelogs/fragments/22-ec2_instance-mod-sgs.yml deleted file mode 100644 index c8145d6624c..00000000000 --- a/changelogs/fragments/22-ec2_instance-mod-sgs.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- ec2_instance - fixes issue where security groups were not changed if the instance already existed. https://github.com/ansible-collections/community.aws/pull/22 diff --git a/changelogs/fragments/iam_no_log.yml b/changelogs/fragments/iam_no_log.yml deleted file mode 100644 index 12aaf5b186b..00000000000 --- a/changelogs/fragments/iam_no_log.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - iam - Fix false positive warning regarding use of ``no_log`` on ``update_password`` diff --git a/docs/community.aws.aws_acm_info_module.rst b/docs/community.aws.aws_acm_info_module.rst index 74b7b666a8e..01527f459d0 100644 --- a/docs/community.aws.aws_acm_info_module.rst +++ b/docs/community.aws.aws_acm_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -191,6 +195,8 @@ Parameters @@ -223,6 +229,8 @@ Parameters @@ -233,7 +241,8 @@ Parameters
    list - / elements=string
    + / elements=string +
    Parameter Choices/Defaults Comments
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_access_key, access_key
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_secret_key, secret_key
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
    +
    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

    aliases: aws_profile
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: aws_security_token, access_token
      Choices: @@ -292,7 +301,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -509,7 +518,8 @@ Common return values are documented `here
      list - / elements=string
      + / elements=string +
    		always @@ -565,7 +575,8 @@ Common return values are documented `here
    list - / elements=string
    + / elements=string +     		always @@ -746,7 +757,8 @@ Common return values are documented `here
    list - / elements=string
    + / elements=string +     		always @@ -913,7 +925,8 @@ Common return values are documented `here
    list - / elements=string
    + / elements=string +     		always diff --git a/docs/community.aws.aws_acm_module.rst b/docs/community.aws.aws_acm_module.rst index 40b9be63f00..5a0ac96dc79 100644 --- a/docs/community.aws.aws_acm_module.rst +++ b/docs/community.aws.aws_acm_module.rst @@ -52,7 +52,7 @@ Parameters .. raw:: html - + @@ -70,6 +70,8 @@ Parameters @@ -120,6 +122,8 @@ Parameters @@ -282,6 +286,8 @@ Parameters @@ -314,6 +320,8 @@ Parameters @@ -364,7 +372,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -435,7 +443,8 @@ Common return values are documented `here
    list - / elements=string
    + / elements=string +
    Parameter Choices/Defaults Comments
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_access_key, access_key
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_secret_key, secret_key
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
    +
    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

    aliases: aws_profile
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: aws_security_token, access_token
    when state=absent diff --git a/docs/community.aws.aws_api_gateway_module.rst b/docs/community.aws.aws_api_gateway_module.rst index 7b3da60f236..c8b19465013 100644 --- a/docs/community.aws.aws_api_gateway_module.rst +++ b/docs/community.aws.aws_api_gateway_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html - + @@ -72,6 +72,8 @@ Parameters @@ -122,6 +124,8 @@ Parameters @@ -255,6 +259,8 @@ Parameters @@ -287,6 +293,8 @@ Parameters @@ -454,7 +462,7 @@ Notes .. note:: - A future version of this module will probably use tags or another ID so that an API can be create only once. - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_application_scaling_policy_module.rst b/docs/community.aws.aws_application_scaling_policy_module.rst index 566b546f187..8fc9b7307b2 100644 --- a/docs/community.aws.aws_application_scaling_policy_module.rst +++ b/docs/community.aws.aws_application_scaling_policy_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
    Parameter Choices/Defaults Comments
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_access_key, access_key
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_secret_key, secret_key
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
    +
    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

    aliases: aws_profile
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: aws_security_token, access_token
    - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -200,7 +204,8 @@ Parameters
    string - / required
    + / required + @@ -215,7 +220,8 @@ Parameters
    string - / required
    + / required + @@ -266,7 +274,8 @@ Parameters
    string - / required
    + / required + @@ -281,7 +290,8 @@ Parameters
    string - / required
    + / required + @@ -322,7 +334,8 @@ Parameters
    string - / required
    + / required +
    Parameter Choices/Defaults Comments
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_access_key, access_key
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_secret_key, secret_key
      Choices: @@ -240,6 +246,8 @@ Parameters
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
    +
    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

    aliases: aws_profile
      Choices: @@ -312,6 +322,8 @@ Parameters
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: aws_security_token, access_token
      Choices: @@ -344,7 +357,8 @@ Parameters
      string - / required
      + / required +
      Choices: @@ -517,7 +531,7 @@ Notes .. note:: - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/application-autoscaling.html#ApplicationAutoScaling.Client.put_scaling_policy - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -882,7 +896,8 @@ Common return values are documented `here
      list - / elements=dictionary
      + / elements=dictionary +
    		when state present and the policy type is StepScaling diff --git a/docs/community.aws.aws_batch_compute_environment_module.rst b/docs/community.aws.aws_batch_compute_environment_module.rst index d270d6a5d6b..b280808e998 100644 --- a/docs/community.aws.aws_batch_compute_environment_module.rst +++ b/docs/community.aws.aws_batch_compute_environment_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -132,7 +136,8 @@ Parameters
    string - / required
    + / required + @@ -168,7 +173,8 @@ Parameters
    string - / required
    + / required + @@ -282,7 +289,9 @@ Parameters
    list - / elements=string / required
    + / elements=string + / required + @@ -297,7 +306,8 @@ Parameters
    integer - / required
    + / required + @@ -312,7 +322,8 @@ Parameters
    integer - / required
    + / required + @@ -333,6 +344,8 @@ Parameters @@ -359,7 +372,9 @@ Parameters
    list - / elements=string / required
    + / elements=string + / required + @@ -380,6 +395,8 @@ Parameters @@ -390,7 +407,8 @@ Parameters
    string - / required
    + / required + @@ -439,7 +457,9 @@ Parameters
    list - / elements=string / required
    + / elements=string + / required + @@ -469,7 +489,8 @@ Parameters
    string - / required
    + / required +
    Parameter Choices/Defaults Comments
    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_access_key, access_key
    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: ec2_secret_key, secret_key
      Choices: @@ -267,7 +273,8 @@ Parameters
      string - / required
      + / required +
    Uses a boto profile. Only works with boto >= 2.24.0.
    +
    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
    +
    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

    aliases: aws_profile
    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
    +
    If profile is set this parameter is ignored.
    +
    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

    aliases: aws_security_token, access_token
      Choices: @@ -508,7 +529,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_batch_job_definition_module.rst b/docs/community.aws.aws_batch_job_definition_module.rst index e41b3ad6bc6..4e151ca1de1 100644 --- a/docs/community.aws.aws_batch_job_definition_module.rst +++ b/docs/community.aws.aws_batch_job_definition_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -71,6 +71,8 @@ Parameters @@ -121,6 +123,8 @@ Parameters @@ -131,7 +135,8 @@ Parameters
      list - / elements=string
      + / elements=string + @@ -181,7 +186,8 @@ Parameters
      list - / elements=dictionary
      + / elements=dictionary + @@ -229,7 +235,8 @@ Parameters
      string - / required
      + / required + @@ -259,7 +266,8 @@ Parameters
      string - / required
      + / required + @@ -289,7 +297,8 @@ Parameters
      integer - / required
      + / required + @@ -304,7 +313,8 @@ Parameters
      list - / elements=dictionary
      + / elements=dictionary + @@ -404,6 +414,8 @@ Parameters @@ -451,6 +463,8 @@ Parameters @@ -480,7 +494,8 @@ Parameters
      string - / required
      + / required + @@ -495,7 +510,8 @@ Parameters
      list - / elements=dictionary
      + / elements=dictionary + @@ -593,7 +609,8 @@ Parameters
      integer - / required
      + / required + @@ -608,7 +625,8 @@ Parameters
      list - / elements=dictionary
      + / elements=dictionary + @@ -657,7 +675,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_batch_job_queue_module.rst b/docs/community.aws.aws_batch_job_queue_module.rst index 108aec0d249..700a240b99c 100644 --- a/docs/community.aws.aws_batch_job_queue_module.rst +++ b/docs/community.aws.aws_batch_job_queue_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
      Parameter Choices/Defaults Comments
      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_access_key, access_key
      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_secret_key, secret_key
      Uses a boto profile. Only works with boto >= 2.24.0.
      +
      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
      +
      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

      aliases: aws_profile
      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: aws_security_token, access_token
      - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -116,7 +120,9 @@ Parameters
      list - / elements=dictionary / required
      + / elements=dictionary + / required + @@ -199,7 +205,8 @@ Parameters
      string - / required
      + / required + @@ -233,7 +240,8 @@ Parameters
      integer - / required
      + / required + @@ -254,6 +262,8 @@ Parameters @@ -286,6 +296,8 @@ Parameters @@ -335,7 +347,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_codebuild_module.rst b/docs/community.aws.aws_codebuild_module.rst index fe5872f9bbe..113984f2af1 100644 --- a/docs/community.aws.aws_codebuild_module.rst +++ b/docs/community.aws.aws_codebuild_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
      Parameter Choices/Defaults Comments
      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_access_key, access_key
      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_secret_key, secret_key
      Uses a boto profile. Only works with boto >= 2.24.0.
      +
      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
      +
      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

      aliases: aws_profile
      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: aws_security_token, access_token
      - + @@ -49,7 +49,8 @@ Parameters
      dictionary - / required
      + / required + @@ -148,7 +149,8 @@ Parameters
      - - / required
      + / required + @@ -170,6 +172,8 @@ Parameters @@ -220,6 +224,8 @@ Parameters @@ -246,7 +252,8 @@ Parameters
      - - / required
      + / required + @@ -262,7 +269,8 @@ Parameters
      - - / required
      + / required + @@ -359,7 +367,8 @@ Parameters
      - - / required
      + / required + @@ -393,7 +402,8 @@ Parameters
      - - / required
      + / required + @@ -425,7 +435,8 @@ Parameters
      - - / required
      + / required + @@ -441,7 +452,8 @@ Parameters
      string - / required
      + / required + @@ -462,6 +474,8 @@ Parameters @@ -494,6 +508,8 @@ Parameters @@ -519,7 +535,8 @@ Parameters
      dictionary - / required
      + / required + @@ -603,7 +620,8 @@ Parameters
      string - / required
      + / required + @@ -638,7 +656,8 @@ Parameters
      list - / elements=dictionary
      + / elements=dictionary + @@ -738,7 +757,7 @@ Notes .. note:: - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codebuild.html. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_codecommit_module.rst b/docs/community.aws.aws_codecommit_module.rst index ac3d996b448..c99a8d6d4fd 100644 --- a/docs/community.aws.aws_codecommit_module.rst +++ b/docs/community.aws.aws_codecommit_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
      Parameter Choices/Defaults Comments
      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_access_key, access_key
      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_secret_key, secret_key
      Uses a boto profile. Only works with boto >= 2.24.0.
      +
      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
      +
      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

      aliases: aws_profile
      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: aws_security_token, access_token
      - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -167,7 +171,8 @@ Parameters
      string - / required
      + / required + @@ -188,6 +193,8 @@ Parameters @@ -220,6 +227,8 @@ Parameters @@ -230,7 +239,8 @@ Parameters
      string - / required
      + / required +
      Parameter Choices/Defaults Comments
      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_access_key, access_key
      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: ec2_secret_key, secret_key
      Uses a boto profile. Only works with boto >= 2.24.0.
      +
      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
      +
      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

      aliases: aws_profile
      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
      +
      If profile is set this parameter is ignored.
      +
      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

      aliases: aws_security_token, access_token
        Choices: @@ -269,7 +279,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_codepipeline_module.rst b/docs/community.aws.aws_codepipeline_module.rst index d9a93479a0e..807b7d38626 100644 --- a/docs/community.aws.aws_codepipeline_module.rst +++ b/docs/community.aws.aws_codepipeline_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -49,7 +49,8 @@ Parameters
        dictionary - / required
        + / required + @@ -103,6 +104,8 @@ Parameters @@ -153,6 +156,8 @@ Parameters @@ -198,7 +203,8 @@ Parameters
        string - / required
        + / required + @@ -219,6 +225,8 @@ Parameters @@ -245,7 +253,8 @@ Parameters
        string - / required
        + / required + @@ -266,6 +275,8 @@ Parameters @@ -276,7 +287,9 @@ Parameters
        list - / elements=dictionary / required
        + / elements=dictionary + / required + @@ -292,7 +305,8 @@ Parameters
        list - / elements=dictionary
        + / elements=dictionary + @@ -381,7 +395,7 @@ Notes .. note:: - for details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/codepipeline.html - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_config_aggregation_authorization_module.rst b/docs/community.aws.aws_config_aggregation_authorization_module.rst index 4e91d76e0ec..e864f003df8 100644 --- a/docs/community.aws.aws_config_aggregation_authorization_module.rst +++ b/docs/community.aws.aws_config_aggregation_authorization_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -49,7 +49,8 @@ Parameters
        string - / required
        + / required + @@ -64,7 +65,8 @@ Parameters
        string - / required
        + / required + @@ -85,6 +87,8 @@ Parameters @@ -135,6 +139,8 @@ Parameters @@ -186,6 +192,8 @@ Parameters @@ -218,6 +226,8 @@ Parameters @@ -267,7 +277,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_config_aggregator_module.rst b/docs/community.aws.aws_config_aggregator_module.rst index 5f2bd66cc21..129f99b2ed7 100644 --- a/docs/community.aws.aws_config_aggregator_module.rst +++ b/docs/community.aws.aws_config_aggregator_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -49,7 +49,9 @@ Parameters
        list - / elements=dictionary / required
        + / elements=dictionary + / required + @@ -65,7 +67,8 @@ Parameters
        list - / elements=string
        + / elements=string + @@ -101,7 +104,8 @@ Parameters
        list - / elements=string
        + / elements=string + @@ -123,6 +127,8 @@ Parameters @@ -173,6 +179,8 @@ Parameters @@ -218,7 +226,8 @@ Parameters
        string - / required
        + / required + @@ -233,7 +242,8 @@ Parameters
        dictionary - / required
        + / required + @@ -269,7 +279,8 @@ Parameters
        list - / elements=string
        + / elements=string + @@ -307,6 +318,8 @@ Parameters @@ -339,6 +352,8 @@ Parameters @@ -388,7 +403,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_config_delivery_channel_module.rst b/docs/community.aws.aws_config_delivery_channel_module.rst index 8adc38fe662..9b4ecccb2db 100644 --- a/docs/community.aws.aws_config_delivery_channel_module.rst +++ b/docs/community.aws.aws_config_delivery_channel_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -172,7 +176,8 @@ Parameters
        string - / required
        + / required + @@ -193,6 +198,8 @@ Parameters @@ -219,7 +226,8 @@ Parameters
        string - / required
        + / required + @@ -255,6 +263,8 @@ Parameters @@ -319,7 +329,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_config_recorder_module.rst b/docs/community.aws.aws_config_recorder_module.rst index 00e5dd1864c..88e2a320de5 100644 --- a/docs/community.aws.aws_config_recorder_module.rst +++ b/docs/community.aws.aws_config_recorder_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
        string - / required
        + / required + @@ -171,6 +176,8 @@ Parameters @@ -290,6 +297,8 @@ Parameters @@ -339,7 +348,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_config_rule_module.rst b/docs/community.aws.aws_config_rule_module.rst index 5ca9cbd3490..68a63f10445 100644 --- a/docs/community.aws.aws_config_rule_module.rst +++ b/docs/community.aws.aws_config_rule_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -202,7 +206,8 @@ Parameters
        string - / required
        + / required + @@ -223,6 +228,8 @@ Parameters @@ -335,6 +342,8 @@ Parameters @@ -345,7 +354,8 @@ Parameters
        dictionary - / required
        + / required + @@ -452,7 +462,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_direct_connect_confirm_connection_module.rst b/docs/community.aws.aws_direct_connect_confirm_connection_module.rst index a2d4ec8e631..6b7cbd7617e 100644 --- a/docs/community.aws.aws_direct_connect_confirm_connection_module.rst +++ b/docs/community.aws.aws_direct_connect_confirm_connection_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -189,6 +193,8 @@ Parameters @@ -221,6 +227,8 @@ Parameters @@ -251,7 +259,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_direct_connect_connection_module.rst b/docs/community.aws.aws_direct_connect_connection_module.rst index 87858e73181..b5144c71813 100644 --- a/docs/community.aws.aws_direct_connect_connection_module.rst +++ b/docs/community.aws.aws_direct_connect_connection_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -260,6 +264,8 @@ Parameters @@ -292,6 +298,8 @@ Parameters @@ -302,7 +310,8 @@ Parameters
        string - / required
        + / required +
        Parameter Choices/Defaults Comments
        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_access_key, access_key
        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: ec2_secret_key, secret_key
        Uses a boto profile. Only works with boto >= 2.24.0.
        +
        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
        +
        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

        aliases: aws_profile
        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
        +
        If profile is set this parameter is ignored.
        +
        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

        aliases: aws_security_token, access_token
          Choices: @@ -341,7 +350,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_direct_connect_gateway_module.rst b/docs/community.aws.aws_direct_connect_gateway_module.rst index 838fa801f73..fb8c2dc052b 100644 --- a/docs/community.aws.aws_direct_connect_gateway_module.rst +++ b/docs/community.aws.aws_direct_connect_gateway_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html - + @@ -73,6 +73,8 @@ Parameters @@ -123,6 +125,8 @@ Parameters @@ -205,6 +209,8 @@ Parameters @@ -237,6 +243,8 @@ Parameters @@ -318,7 +326,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst index 13b327e3191..3ccba0b5fc9 100644 --- a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst +++ b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
          Parameter Choices/Defaults Comments
          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
          +
          If profile is set this parameter is ignored.
          +
          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

          aliases: ec2_access_key, access_key
          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
          +
          If profile is set this parameter is ignored.
          +
          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

          aliases: ec2_secret_key, secret_key
          Uses a boto profile. Only works with boto >= 2.24.0.
          +
          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
          +
          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

          aliases: aws_profile
          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
          +
          If profile is set this parameter is ignored.
          +
          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

          aliases: aws_security_token, access_token
          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -299,6 +303,8 @@ Parameters @@ -331,6 +337,8 @@ Parameters @@ -341,7 +349,8 @@ Parameters
          string - / required
          + / required +
          Parameter Choices/Defaults Comments
          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
          +
          If profile is set this parameter is ignored.
          +
          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

          aliases: ec2_access_key, access_key
          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
          +
          If profile is set this parameter is ignored.
          +
          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

          aliases: ec2_secret_key, secret_key
          Uses a boto profile. Only works with boto >= 2.24.0.
          +
          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
          +
          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

          aliases: aws_profile
          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
          +
          If profile is set this parameter is ignored.
          +
          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

          aliases: aws_security_token, access_token
            Choices: @@ -417,7 +426,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst index 18d055c93a0..01cda9b0587 100644 --- a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst +++ b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -100,6 +100,8 @@ Parameters @@ -150,6 +152,8 @@ Parameters @@ -176,7 +180,8 @@ Parameters
            list - / elements=string
            + / elements=string + @@ -257,7 +262,8 @@ Parameters
            string - / required
            + / required + @@ -294,6 +300,8 @@ Parameters @@ -345,6 +353,8 @@ Parameters @@ -355,7 +365,8 @@ Parameters
            string - / required
            + / required +
            Parameter Choices/Defaults Comments
            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
            +
            If profile is set this parameter is ignored.
            +
            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

            aliases: ec2_access_key, access_key
            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
            +
            If profile is set this parameter is ignored.
            +
            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

            aliases: ec2_secret_key, secret_key
            Uses a boto profile. Only works with boto >= 2.24.0.
            +
            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
            +
            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

            aliases: aws_profile
            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
            +
            If profile is set this parameter is ignored.
            +
            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

            aliases: aws_security_token, access_token
              Choices: @@ -441,7 +452,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_eks_cluster_module.rst b/docs/community.aws.aws_eks_cluster_module.rst index 3e55dd4097f..52a13fe9642 100644 --- a/docs/community.aws.aws_eks_cluster_module.rst +++ b/docs/community.aws.aws_eks_cluster_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
              string - / required
              + / required + @@ -171,6 +176,8 @@ Parameters @@ -212,7 +219,8 @@ Parameters
              list - / elements=string
              + / elements=string + @@ -233,6 +241,8 @@ Parameters @@ -262,7 +272,8 @@ Parameters
              list - / elements=string
              + / elements=string + @@ -347,7 +358,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_elasticbeanstalk_app_module.rst b/docs/community.aws.aws_elasticbeanstalk_app_module.rst index 7c50f8ac67f..1701e846825 100644 --- a/docs/community.aws.aws_elasticbeanstalk_app_module.rst +++ b/docs/community.aws.aws_elasticbeanstalk_app_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
              Parameter Choices/Defaults Comments
              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: ec2_access_key, access_key
              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: ec2_secret_key, secret_key
              Uses a boto profile. Only works with boto >= 2.24.0.
              +
              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
              +
              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

              aliases: aws_profile
              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: aws_security_token, access_token
              - + @@ -69,6 +69,8 @@ Parameters @@ -119,6 +121,8 @@ Parameters @@ -185,6 +189,8 @@ Parameters @@ -217,6 +223,8 @@ Parameters @@ -285,7 +293,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_glue_connection_module.rst b/docs/community.aws.aws_glue_connection_module.rst index 82645217a19..3980d4fdf83 100644 --- a/docs/community.aws.aws_glue_connection_module.rst +++ b/docs/community.aws.aws_glue_connection_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
              Parameter Choices/Defaults Comments
              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: ec2_access_key, access_key
              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: ec2_secret_key, secret_key
              Uses a boto profile. Only works with boto >= 2.24.0.
              +
              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
              +
              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

              aliases: aws_profile
              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: aws_security_token, access_token
              - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -214,7 +218,8 @@ Parameters
              list - / elements=string
              + / elements=string + @@ -229,7 +234,8 @@ Parameters
              string - / required
              + / required + @@ -250,6 +256,8 @@ Parameters @@ -276,7 +284,8 @@ Parameters
              list - / elements=string
              + / elements=string + @@ -297,6 +306,8 @@ Parameters @@ -307,7 +318,8 @@ Parameters
              string - / required
              + / required +
              Parameter Choices/Defaults Comments
              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: ec2_access_key, access_key
              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: ec2_secret_key, secret_key
              Uses a boto profile. Only works with boto >= 2.24.0.
              +
              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
              +
              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

              aliases: aws_profile
              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
              +
              If profile is set this parameter is ignored.
              +
              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

              aliases: aws_security_token, access_token
                Choices: @@ -361,7 +373,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_glue_job_module.rst b/docs/community.aws.aws_glue_job_module.rst index 1856b2389e9..56dd091dbcc 100644 --- a/docs/community.aws.aws_glue_job_module.rst +++ b/docs/community.aws.aws_glue_job_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html - + @@ -69,6 +69,8 @@ Parameters @@ -119,6 +121,8 @@ Parameters @@ -161,7 +165,8 @@ Parameters
                list - / elements=string
                + / elements=string + @@ -271,7 +276,8 @@ Parameters
                string - / required
                + / required + @@ -292,6 +298,8 @@ Parameters @@ -340,6 +348,8 @@ Parameters @@ -350,7 +360,8 @@ Parameters
                string - / required
                + / required +
                Parameter Choices/Defaults Comments
                AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                +
                If profile is set this parameter is ignored.
                +
                Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                aliases: ec2_access_key, access_key
                AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                +
                If profile is set this parameter is ignored.
                +
                Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                aliases: ec2_secret_key, secret_key
                Uses a boto profile. Only works with boto >= 2.24.0.
                +
                Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                +
                aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                aliases: aws_profile
                AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                +
                If profile is set this parameter is ignored.
                +
                Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                aliases: aws_security_token, access_token
                  Choices: @@ -404,7 +415,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_inspector_target_module.rst b/docs/community.aws.aws_inspector_target_module.rst index 6c61e1fcf03..bb8e5cfb35b 100644 --- a/docs/community.aws.aws_inspector_target_module.rst +++ b/docs/community.aws.aws_inspector_target_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
                  string - / required
                  + / required + @@ -171,6 +176,8 @@ Parameters @@ -203,6 +210,8 @@ Parameters @@ -268,7 +277,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_kms_info_module.rst b/docs/community.aws.aws_kms_info_module.rst index 420b18fbb8d..d40ded1373d 100644 --- a/docs/community.aws.aws_kms_info_module.rst +++ b/docs/community.aws.aws_kms_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                  Parameter Choices/Defaults Comments
                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_access_key, access_key
                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_secret_key, secret_key
                  Uses a boto profile. Only works with boto >= 2.24.0.
                  +
                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                  +
                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                  aliases: aws_profile
                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: aws_security_token, access_token
                  - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -189,6 +193,8 @@ Parameters @@ -221,6 +227,8 @@ Parameters @@ -251,7 +259,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -390,7 +398,7 @@ Common return values are documented `here diff --git a/docs/community.aws.aws_kms_module.rst b/docs/community.aws.aws_kms_module.rst index 0e9ab4a7da5..f5372c760ab 100644 --- a/docs/community.aws.aws_kms_module.rst +++ b/docs/community.aws.aws_kms_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                  Parameter Choices/Defaults Comments
                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_access_key, access_key
                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_secret_key, secret_key
                  Uses a boto profile. Only works with boto >= 2.24.0.
                  +
                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                  +
                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                  aliases: aws_profile
                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: aws_security_token, access_token
                  always -
                  Whether the automatically key rotation every year is enabled.
                  +
                  Whether the automatically key rotation every year is enabled. Returns None if key rotation status can't be determined.
                  - + @@ -69,6 +69,8 @@ Parameters @@ -119,6 +121,8 @@ Parameters @@ -217,7 +221,8 @@ Parameters
                  list - / elements=dictionary
                  + / elements=dictionary + @@ -252,7 +257,8 @@ Parameters
                  string - / required
                  + / required + @@ -268,7 +274,8 @@ Parameters
                  list - / elements=string
                  + / elements=string + @@ -454,6 +462,8 @@ Parameters @@ -524,6 +534,8 @@ Parameters @@ -588,7 +600,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_region_info_module.rst b/docs/community.aws.aws_region_info_module.rst index cad84e911e2..344c84cc87f 100644 --- a/docs/community.aws.aws_region_info_module.rst +++ b/docs/community.aws.aws_region_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                  Parameter Choices/Defaults Comments
                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_access_key, access_key
                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_secret_key, secret_key
                    Choices: @@ -369,7 +376,8 @@ Parameters
                    list - / elements=string
                    + / elements=string +
                  Uses a boto profile. Only works with boto >= 2.24.0.
                  +
                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                  +
                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                  aliases: aws_profile
                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: aws_security_token, access_token
                  - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -178,6 +182,8 @@ Parameters @@ -210,6 +216,8 @@ Parameters @@ -240,7 +248,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_s3_bucket_info_module.rst b/docs/community.aws.aws_s3_bucket_info_module.rst index c0b8306aaa0..b76abae9775 100644 --- a/docs/community.aws.aws_s3_bucket_info_module.rst +++ b/docs/community.aws.aws_s3_bucket_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                  Parameter Choices/Defaults Comments
                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_access_key, access_key
                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_secret_key, secret_key
                  Uses a boto profile. Only works with boto >= 2.24.0.
                  +
                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                  +
                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                  aliases: aws_profile
                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: aws_security_token, access_token
                  - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -156,6 +160,8 @@ Parameters @@ -188,6 +194,8 @@ Parameters @@ -218,7 +226,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_s3_cors_module.rst b/docs/community.aws.aws_s3_cors_module.rst index bbbd16da1ca..7ba7f85729d 100644 --- a/docs/community.aws.aws_s3_cors_module.rst +++ b/docs/community.aws.aws_s3_cors_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                  Parameter Choices/Defaults Comments
                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_access_key, access_key
                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_secret_key, secret_key
                  Uses a boto profile. Only works with boto >= 2.24.0.
                  +
                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                  +
                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                  aliases: aws_profile
                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: aws_security_token, access_token
                  - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -148,7 +152,8 @@ Parameters
                  string - / required
                  + / required + @@ -169,6 +174,8 @@ Parameters @@ -195,7 +202,8 @@ Parameters
                  list - / elements=string
                  + / elements=string + @@ -216,6 +224,8 @@ Parameters @@ -226,7 +236,8 @@ Parameters
                  string - / required
                  + / required +
                  Parameter Choices/Defaults Comments
                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_access_key, access_key
                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: ec2_secret_key, secret_key
                  Uses a boto profile. Only works with boto >= 2.24.0.
                  +
                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                  +
                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                  aliases: aws_profile
                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                  +
                  If profile is set this parameter is ignored.
                  +
                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                  aliases: aws_security_token, access_token
                    Choices: @@ -265,7 +276,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_secret_module.rst b/docs/community.aws.aws_secret_module.rst index b376dcf4c13..8505e4f1691 100644 --- a/docs/community.aws.aws_secret_module.rst +++ b/docs/community.aws.aws_secret_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -180,7 +184,8 @@ Parameters
                    string - / required
                    + / required + @@ -201,6 +206,8 @@ Parameters @@ -317,6 +324,8 @@ Parameters @@ -381,7 +390,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_ses_identity_module.rst b/docs/community.aws.aws_ses_identity_module.rst index 445b309d524..67a60de22aa 100644 --- a/docs/community.aws.aws_ses_identity_module.rst +++ b/docs/community.aws.aws_ses_identity_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -338,7 +342,8 @@ Parameters
                    string - / required
                    + / required + @@ -360,6 +365,8 @@ Parameters @@ -392,6 +399,8 @@ Parameters @@ -441,7 +450,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_ses_identity_policy_module.rst b/docs/community.aws.aws_ses_identity_policy_module.rst index 0404b1a3526..b3c9277026a 100644 --- a/docs/community.aws.aws_ses_identity_policy_module.rst +++ b/docs/community.aws.aws_ses_identity_policy_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -151,7 +155,8 @@ Parameters
                    string - / required
                    + / required + @@ -182,7 +187,8 @@ Parameters
                    string - / required
                    + / required + @@ -203,6 +209,8 @@ Parameters @@ -235,6 +243,8 @@ Parameters @@ -284,7 +294,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_ses_rule_set_module.rst b/docs/community.aws.aws_ses_rule_set_module.rst index ff95e898d93..7dc1b09cc2e 100644 --- a/docs/community.aws.aws_ses_rule_set_module.rst +++ b/docs/community.aws.aws_ses_rule_set_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -77,6 +77,8 @@ Parameters @@ -127,6 +129,8 @@ Parameters @@ -191,7 +195,8 @@ Parameters
                    string - / required
                    + / required + @@ -212,6 +217,8 @@ Parameters @@ -244,6 +251,8 @@ Parameters @@ -293,7 +302,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_sgw_info_module.rst b/docs/community.aws.aws_sgw_info_module.rst index 628f900e2cc..0e75bd134a2 100644 --- a/docs/community.aws.aws_sgw_info_module.rst +++ b/docs/community.aws.aws_sgw_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -232,6 +236,8 @@ Parameters @@ -264,6 +270,8 @@ Parameters @@ -294,7 +302,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_ssm_connection.rst b/docs/community.aws.aws_ssm_connection.rst index 83d87eef8ef..da3d5c515df 100644 --- a/docs/community.aws.aws_ssm_connection.rst +++ b/docs/community.aws.aws_ssm_connection.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + diff --git a/docs/community.aws.aws_ssm_parameter_store_module.rst b/docs/community.aws.aws_ssm_parameter_store_module.rst index 61ecc63feda..a0f653a9fe1 100644 --- a/docs/community.aws.aws_ssm_parameter_store_module.rst +++ b/docs/community.aws.aws_ssm_parameter_store_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Configuration
                    - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -201,7 +205,8 @@ Parameters
                    string - / required
                    + / required + @@ -242,6 +247,8 @@ Parameters @@ -274,6 +281,8 @@ Parameters @@ -359,7 +368,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst index c739e85b155..e8bd554f809 100644 --- a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst +++ b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -72,6 +72,8 @@ Parameters @@ -122,6 +124,8 @@ Parameters @@ -251,6 +255,8 @@ Parameters @@ -283,6 +289,8 @@ Parameters @@ -328,7 +336,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_step_functions_state_machine_module.rst b/docs/community.aws.aws_step_functions_state_machine_module.rst index dff3042b9aa..f56bd56ad87 100644 --- a/docs/community.aws.aws_step_functions_state_machine_module.rst +++ b/docs/community.aws.aws_step_functions_state_machine_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -165,7 +169,8 @@ Parameters
                    string - / required
                    + / required + @@ -186,6 +191,8 @@ Parameters @@ -253,6 +260,8 @@ Parameters @@ -317,7 +326,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_waf_condition_module.rst b/docs/community.aws.aws_waf_condition_module.rst index 4fe42e72fd5..5c6fc396cdd 100644 --- a/docs/community.aws.aws_waf_condition_module.rst +++ b/docs/community.aws.aws_waf_condition_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                    - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -148,7 +152,8 @@ Parameters
                    list - / elements=dictionary
                    + / elements=dictionary + @@ -332,7 +337,8 @@ Parameters
                    list - / elements=string
                    + / elements=string + @@ -409,7 +415,8 @@ Parameters
                    string - / required
                    + / required + @@ -430,6 +437,8 @@ Parameters @@ -481,6 +490,8 @@ Parameters @@ -510,7 +521,8 @@ Parameters
                    string - / required
                    + / required +
                    Parameter Choices/Defaults Comments
                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_access_key, access_key
                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: ec2_secret_key, secret_key
                    Uses a boto profile. Only works with boto >= 2.24.0.
                    +
                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                    +
                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                    aliases: aws_profile
                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                    +
                    If profile is set this parameter is ignored.
                    +
                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                    aliases: aws_security_token, access_token
                      Choices: @@ -573,7 +585,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_waf_info_module.rst b/docs/community.aws.aws_waf_info_module.rst index 61c8b7ae285..ee5162922a9 100644 --- a/docs/community.aws.aws_waf_info_module.rst +++ b/docs/community.aws.aws_waf_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -171,6 +175,8 @@ Parameters @@ -203,6 +209,8 @@ Parameters @@ -252,7 +260,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_waf_rule_module.rst b/docs/community.aws.aws_waf_rule_module.rst index d90ed10f9c1..2d818d5aa82 100644 --- a/docs/community.aws.aws_waf_rule_module.rst +++ b/docs/community.aws.aws_waf_rule_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -113,7 +117,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -129,7 +134,8 @@ Parameters
                      string - / required
                      + / required + @@ -145,7 +151,8 @@ Parameters
                      boolean - / required
                      + / required + @@ -263,6 +272,8 @@ Parameters @@ -314,6 +325,8 @@ Parameters @@ -382,7 +395,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.aws_waf_web_acl_module.rst b/docs/community.aws.aws_waf_web_acl_module.rst index 0a6c11d9ef8..a4ebfac329b 100644 --- a/docs/community.aws.aws_waf_web_acl_module.rst +++ b/docs/community.aws.aws_waf_web_acl_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                        Choices: @@ -165,7 +172,8 @@ Parameters
                        string - / required
                        + / required +
                        Choices: @@ -242,7 +250,8 @@ Parameters
                        string - / required
                        + / required +
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -186,7 +190,8 @@ Parameters
                      string - / required
                      + / required + @@ -207,6 +212,8 @@ Parameters @@ -252,7 +259,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -268,7 +276,8 @@ Parameters
                      string - / required
                      + / required + @@ -284,7 +293,8 @@ Parameters
                      string - / required
                      + / required + @@ -300,7 +310,8 @@ Parameters
                      integer - / required
                      + / required + @@ -342,6 +353,8 @@ Parameters @@ -410,7 +423,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudformation_exports_info_module.rst b/docs/community.aws.cloudformation_exports_info_module.rst index da610f3d474..c98f1b87b50 100644 --- a/docs/community.aws.cloudformation_exports_info_module.rst +++ b/docs/community.aws.cloudformation_exports_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -155,6 +159,8 @@ Parameters @@ -187,6 +193,8 @@ Parameters @@ -217,7 +225,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudformation_stack_set_module.rst b/docs/community.aws.cloudformation_stack_set_module.rst index a7ba8a2aac1..0758f018607 100644 --- a/docs/community.aws.cloudformation_stack_set_module.rst +++ b/docs/community.aws.cloudformation_stack_set_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -49,7 +49,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -88,6 +89,8 @@ Parameters @@ -138,6 +141,8 @@ Parameters @@ -148,7 +153,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -362,6 +369,8 @@ Parameters @@ -408,7 +417,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -430,6 +440,8 @@ Parameters @@ -585,7 +597,7 @@ Notes .. note:: - To make an individual stack, you want the :ref:`amazon.aws.cloudformation ` module. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudfront_distribution_module.rst b/docs/community.aws.cloudfront_distribution_module.rst index 0f409f72045..4f70c08585e 100644 --- a/docs/community.aws.cloudfront_distribution_module.rst +++ b/docs/community.aws.cloudfront_distribution_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                        Choices: @@ -324,7 +330,8 @@ Parameters
                        string - / required
                        + / required +
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -63,7 +63,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -85,6 +86,8 @@ Parameters @@ -135,6 +138,8 @@ Parameters @@ -145,7 +150,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -197,7 +203,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -216,7 +223,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -292,7 +300,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -344,7 +353,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -362,7 +372,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -472,7 +483,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -550,7 +562,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -650,7 +663,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -802,7 +816,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -821,7 +836,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -897,7 +913,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -949,7 +966,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -967,7 +985,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -1077,7 +1096,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -1155,7 +1175,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -1447,7 +1468,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -1463,7 +1485,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -1617,7 +1640,8 @@ Parameters
                      list - / elements=string
                      + / elements=string + @@ -1731,6 +1755,8 @@ Parameters @@ -1931,6 +1957,8 @@ Parameters @@ -2153,7 +2181,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudfront_info_module.rst b/docs/community.aws.cloudfront_info_module.rst index 4e9509dd0c3..7074801fb1e 100644 --- a/docs/community.aws.cloudfront_info_module.rst +++ b/docs/community.aws.cloudfront_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -74,6 +74,8 @@ Parameters @@ -124,6 +126,8 @@ Parameters @@ -434,6 +438,8 @@ Parameters @@ -466,6 +472,8 @@ Parameters @@ -556,7 +564,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudfront_invalidation_module.rst b/docs/community.aws.cloudfront_invalidation_module.rst index 7c64f2e6d18..b1b02e912a9 100644 --- a/docs/community.aws.cloudfront_invalidation_module.rst +++ b/docs/community.aws.cloudfront_invalidation_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -69,6 +69,8 @@ Parameters @@ -119,6 +121,8 @@ Parameters @@ -202,6 +206,8 @@ Parameters @@ -234,6 +240,8 @@ Parameters @@ -244,7 +252,9 @@ Parameters
                      list - / elements=string / required
                      + / elements=string + / required + @@ -280,7 +290,7 @@ Notes .. note:: - does not support check mode - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudfront_origin_access_identity_module.rst b/docs/community.aws.cloudfront_origin_access_identity_module.rst index 33afee9fb02..289f3ec9c44 100644 --- a/docs/community.aws.cloudfront_origin_access_identity_module.rst +++ b/docs/community.aws.cloudfront_origin_access_identity_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -200,6 +204,8 @@ Parameters @@ -232,6 +238,8 @@ Parameters @@ -282,7 +290,7 @@ Notes .. note:: - Does not support check mode. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudtrail_module.rst b/docs/community.aws.cloudtrail_module.rst index de5f1f40b07..e7b031c8d9e 100644 --- a/docs/community.aws.cloudtrail_module.rst +++ b/docs/community.aws.cloudtrail_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -303,6 +307,8 @@ Parameters @@ -368,6 +374,8 @@ Parameters @@ -454,7 +462,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudwatchevent_rule_module.rst b/docs/community.aws.cloudwatchevent_rule_module.rst index 7c56bee0820..70f28a0ccaa 100644 --- a/docs/community.aws.cloudwatchevent_rule_module.rst +++ b/docs/community.aws.cloudwatchevent_rule_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -179,7 +183,8 @@ Parameters
                      string - / required
                      + / required + @@ -200,6 +205,8 @@ Parameters @@ -262,6 +269,8 @@ Parameters @@ -292,7 +301,8 @@ Parameters
                      list - / elements=dictionary
                      + / elements=dictionary + @@ -308,7 +318,8 @@ Parameters
                      string - / required
                      + / required + @@ -375,7 +386,8 @@ Parameters
                      string - / required
                      + / required + @@ -463,7 +475,7 @@ Notes .. note:: - A rule must contain at least an *event_pattern* or *schedule_expression*. A rule can have both an *event_pattern* and a *schedule_expression*, in which case the rule will trigger on matching events as well as on a schedule. - When specifying targets, *input* and *input_path* are mutually-exclusive and optional parameters. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst index d9bb44238d4..b63996742f1 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -172,6 +176,8 @@ Parameters @@ -204,6 +210,8 @@ Parameters @@ -234,7 +242,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst index c32f7470e6b..7c2bd4c35ee 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                      - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -151,7 +155,8 @@ Parameters
                      string - / required
                      + / required + @@ -181,7 +186,8 @@ Parameters
                      string - / required
                      + / required + @@ -282,6 +288,8 @@ Parameters @@ -314,6 +322,8 @@ Parameters @@ -324,7 +334,8 @@ Parameters
                      string - / required
                      + / required +
                      Parameter Choices/Defaults Comments
                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_access_key, access_key
                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: ec2_secret_key, secret_key
                      Uses a boto profile. Only works with boto >= 2.24.0.
                      +
                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                      +
                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                      aliases: aws_profile
                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                      +
                      If profile is set this parameter is ignored.
                      +
                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                      aliases: aws_security_token, access_token
                        Choices: @@ -363,7 +374,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.cloudwatchlogs_log_group_module.rst b/docs/community.aws.cloudwatchlogs_log_group_module.rst index c00633fbf5b..ec0487c2247 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -166,7 +170,8 @@ Parameters
                        string - / required
                        + / required + @@ -207,6 +212,8 @@ Parameters @@ -276,6 +283,8 @@ Parameters @@ -341,7 +350,7 @@ Notes .. note:: - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/logs.html. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.data_pipeline_module.rst b/docs/community.aws.data_pipeline_module.rst index eb515b19242..cb76f528188 100644 --- a/docs/community.aws.data_pipeline_module.rst +++ b/docs/community.aws.data_pipeline_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -167,7 +171,8 @@ Parameters
                        string - / required
                        + / required + @@ -182,7 +187,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary + @@ -198,7 +204,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary + @@ -301,7 +308,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary + @@ -317,7 +325,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary + @@ -390,6 +399,8 @@ Parameters @@ -422,6 +433,8 @@ Parameters @@ -503,7 +516,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary + @@ -567,7 +581,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.dms_endpoint_module.rst b/docs/community.aws.dms_endpoint_module.rst index d7dad3d6be2..b60dcf6ec23 100644 --- a/docs/community.aws.dms_endpoint_module.rst +++ b/docs/community.aws.dms_endpoint_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -223,7 +227,8 @@ Parameters
                        string - / required
                        + / required + @@ -238,7 +243,8 @@ Parameters
                        string - / required
                        + / required + @@ -461,6 +470,8 @@ Parameters @@ -626,7 +637,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.dms_replication_subnet_group_module.rst b/docs/community.aws.dms_replication_subnet_group_module.rst index 426d49daf4b..3d5ede46d58 100644 --- a/docs/community.aws.dms_replication_subnet_group_module.rst +++ b/docs/community.aws.dms_replication_subnet_group_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                          Choices: @@ -257,7 +263,8 @@ Parameters
                          string - / required
                          + / required +
                          Choices: @@ -398,6 +405,8 @@ Parameters
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -132,7 +136,8 @@ Parameters
                        string - / required
                        + / required + @@ -163,7 +168,8 @@ Parameters
                        string - / required
                        + / required + @@ -184,6 +190,8 @@ Parameters @@ -216,6 +224,8 @@ Parameters @@ -245,7 +255,9 @@ Parameters
                        list - / elements=string / required
                        + / elements=string + / required + @@ -280,7 +292,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.dynamodb_table_module.rst b/docs/community.aws.dynamodb_table_module.rst index ed55ec8bf02..2830a0ad5d1 100644 --- a/docs/community.aws.dynamodb_table_module.rst +++ b/docs/community.aws.dynamodb_table_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -57,6 +57,8 @@ Parameters @@ -107,6 +109,8 @@ Parameters @@ -188,7 +192,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary + @@ -255,7 +261,8 @@ Parameters
                        string - / required
                        + / required + @@ -319,7 +326,8 @@ Parameters
                        string - / required
                        + / required + @@ -352,7 +360,8 @@ Parameters
                        string - / required
                        + / required + @@ -373,6 +382,8 @@ Parameters @@ -456,6 +467,8 @@ Parameters @@ -553,7 +566,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.dynamodb_ttl_module.rst b/docs/community.aws.dynamodb_ttl_module.rst index 18d3190e114..ad349c13c71 100644 --- a/docs/community.aws.dynamodb_ttl_module.rst +++ b/docs/community.aws.dynamodb_ttl_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Default:
                        []
                        @@ -207,7 +212,8 @@ Parameters
                        string - / required
                        + / required +
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -50,7 +50,8 @@ Parameters
                        string - / required
                        + / required + @@ -72,6 +73,8 @@ Parameters @@ -122,6 +125,8 @@ Parameters @@ -173,6 +178,8 @@ Parameters @@ -205,6 +212,8 @@ Parameters @@ -234,7 +243,8 @@ Parameters
                        string - / required
                        + / required + @@ -269,7 +279,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_ami_copy_module.rst b/docs/community.aws.ec2_ami_copy_module.rst index a0aeffd6970..552943b4c2b 100644 --- a/docs/community.aws.ec2_ami_copy_module.rst +++ b/docs/community.aws.ec2_ami_copy_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -220,6 +224,8 @@ Parameters @@ -252,6 +258,8 @@ Parameters @@ -262,7 +270,8 @@ Parameters
                        string - / required
                        + / required + @@ -277,7 +286,8 @@ Parameters
                        string - / required
                        + / required + @@ -382,7 +392,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_asg_info_module.rst b/docs/community.aws.ec2_asg_info_module.rst index a7c3dc2461e..425666502e3 100644 --- a/docs/community.aws.ec2_asg_info_module.rst +++ b/docs/community.aws.ec2_asg_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -172,6 +176,8 @@ Parameters @@ -204,6 +210,8 @@ Parameters @@ -249,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst index c89630575a7..c00bb25e6bc 100644 --- a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst +++ b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -50,7 +50,8 @@ Parameters
                        string - / required
                        + / required + @@ -71,6 +72,8 @@ Parameters @@ -121,6 +124,8 @@ Parameters @@ -201,7 +206,8 @@ Parameters
                        string - / required
                        + / required + @@ -254,6 +260,8 @@ Parameters @@ -301,6 +309,8 @@ Parameters @@ -371,7 +381,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_asg_module.rst b/docs/community.aws.ec2_asg_module.rst index bbf66a874cf..194fe290b56 100644 --- a/docs/community.aws.ec2_asg_module.rst +++ b/docs/community.aws.ec2_asg_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -50,7 +50,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -72,6 +73,8 @@ Parameters @@ -122,6 +125,8 @@ Parameters @@ -333,7 +338,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -434,7 +440,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -499,7 +507,8 @@ Parameters
                        string - / required
                        + / required + @@ -529,7 +538,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -627,7 +639,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -648,6 +661,8 @@ Parameters @@ -677,7 +692,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -714,7 +731,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -729,7 +747,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -819,7 +839,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_customer_gateway_info_module.rst b/docs/community.aws.ec2_customer_gateway_info_module.rst index 893ead7e0b6..4263316fbd5 100644 --- a/docs/community.aws.ec2_customer_gateway_info_module.rst +++ b/docs/community.aws.ec2_customer_gateway_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Default:
                        ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupTerminatingInstances", "GroupTotalInstances"]
                        @@ -483,7 +490,8 @@ Parameters
                        list - / elements=string
                        + / elements=string +                         		Default:
                        ["autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"]
                        @@ -566,6 +576,8 @@ Parameters
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        Default:
                        []
                        @@ -697,7 +713,8 @@ Parameters
                        list - / elements=dictionary
                        + / elements=dictionary +                         		Default:
                        "Default"
                        @@ -768,7 +787,8 @@ Parameters
                        list - / elements=string
                        + / elements=string +
                        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -115,7 +119,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -186,6 +191,8 @@ Parameters @@ -218,6 +225,8 @@ Parameters @@ -248,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_customer_gateway_module.rst b/docs/community.aws.ec2_customer_gateway_module.rst index 2abee19b453..c4ff5ff1c53 100644 --- a/docs/community.aws.ec2_customer_gateway_module.rst +++ b/docs/community.aws.ec2_customer_gateway_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -165,7 +169,8 @@ Parameters
                        string - / required
                        + / required + @@ -180,7 +185,8 @@ Parameters
                        string - / required
                        + / required + @@ -201,6 +207,8 @@ Parameters @@ -252,6 +260,8 @@ Parameters @@ -303,7 +313,7 @@ Notes .. note:: - You cannot create more than one customer gateway with the same IP address. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources. - Return values contain customer_gateway and customer_gateways keys which are identical dicts. You should use customer_gateway. See https://github.com/ansible/ansible-modules-extras/issues/2773 for details. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_eip_info_module.rst b/docs/community.aws.ec2_eip_info_module.rst index 010e0f66a18..48ac479ecbc 100644 --- a/docs/community.aws.ec2_eip_info_module.rst +++ b/docs/community.aws.ec2_eip_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -171,6 +175,8 @@ Parameters @@ -203,6 +209,8 @@ Parameters @@ -233,7 +241,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_eip_module.rst b/docs/community.aws.ec2_eip_module.rst index e33ab8148a5..366ec5f2da1 100644 --- a/docs/community.aws.ec2_eip_module.rst +++ b/docs/community.aws.ec2_eip_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -73,6 +73,8 @@ Parameters @@ -123,6 +125,8 @@ Parameters @@ -225,6 +229,8 @@ Parameters @@ -328,6 +334,8 @@ Parameters @@ -425,7 +433,7 @@ Notes .. note:: - There may be a delay between the time the EIP is assigned and when the cloud instance is reachable via the new address. Use wait_for and pause to delay further playbook execution until the instance is reachable, if necessary. - This module returns multiple changed statuses on disassociation or release. It returns an overall status based on any changes occurring. It also returns individual changed statuses for disassociation and release. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_elb_info_module.rst b/docs/community.aws.ec2_elb_info_module.rst index 84a9c91fa27..f03e94fba5d 100644 --- a/docs/community.aws.ec2_elb_info_module.rst +++ b/docs/community.aws.ec2_elb_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -149,7 +153,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -170,6 +175,8 @@ Parameters @@ -202,6 +209,8 @@ Parameters @@ -232,7 +241,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_elb_module.rst b/docs/community.aws.ec2_elb_module.rst index bd7ab66cae7..f8c22d56048 100644 --- a/docs/community.aws.ec2_elb_module.rst +++ b/docs/community.aws.ec2_elb_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                        - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -134,7 +138,8 @@ Parameters
                        list - / elements=string
                        + / elements=string + @@ -185,7 +190,8 @@ Parameters
                        string - / required
                        + / required + @@ -206,6 +212,8 @@ Parameters @@ -238,6 +246,8 @@ Parameters @@ -248,7 +258,8 @@ Parameters
                        string - / required
                        + / required +
                        Parameter Choices/Defaults Comments
                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_access_key, access_key
                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: ec2_secret_key, secret_key
                        Uses a boto profile. Only works with boto >= 2.24.0.
                        +
                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                        +
                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                        aliases: aws_profile
                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                        +
                        If profile is set this parameter is ignored.
                        +
                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                        aliases: aws_security_token, access_token
                          Choices: @@ -322,7 +333,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_instance_info_module.rst b/docs/community.aws.ec2_instance_info_module.rst index c39ff9731e9..d55e2c6d153 100644 --- a/docs/community.aws.ec2_instance_info_module.rst +++ b/docs/community.aws.ec2_instance_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -167,7 +171,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -188,6 +193,8 @@ Parameters @@ -220,6 +227,8 @@ Parameters @@ -250,7 +259,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -1007,7 +1016,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          always @@ -1065,7 +1075,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always @@ -1179,7 +1190,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always @@ -1501,7 +1513,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always @@ -1626,7 +1639,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always diff --git a/docs/community.aws.ec2_instance_module.rst b/docs/community.aws.ec2_instance_module.rst index 4232d031243..b65b17689ae 100644 --- a/docs/community.aws.ec2_instance_module.rst +++ b/docs/community.aws.ec2_instance_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html - + @@ -73,6 +73,8 @@ Parameters @@ -123,6 +125,8 @@ Parameters @@ -172,7 +176,8 @@ Parameters
                          integer - / required
                          + / required + @@ -188,7 +193,8 @@ Parameters
                          integer - / required
                          + / required + @@ -762,6 +769,8 @@ Parameters @@ -822,7 +831,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -843,6 +853,8 @@ Parameters @@ -1032,7 +1044,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -1101,7 +1114,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -1898,7 +1911,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                            Choices: @@ -377,7 +383,8 @@ Parameters
                            list - / elements=string
                            + / elements=string +
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          always @@ -1956,7 +1970,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always @@ -2070,7 +2085,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always @@ -2392,7 +2408,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always @@ -2517,7 +2534,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +                           		always diff --git a/docs/community.aws.ec2_launch_template_module.rst b/docs/community.aws.ec2_launch_template_module.rst index cf7011d2f19..6084bc6f570 100644 --- a/docs/community.aws.ec2_launch_template_module.rst +++ b/docs/community.aws.ec2_launch_template_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -116,7 +120,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -496,7 +501,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -785,7 +791,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -873,7 +880,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -905,7 +913,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -1071,6 +1080,8 @@ Parameters @@ -1112,7 +1123,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -1127,12 +1139,13 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -1148,6 +1161,8 @@ Parameters @@ -1262,7 +1277,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_lc_find_module.rst b/docs/community.aws.ec2_lc_find_module.rst index 4a6a2a11e45..99a9b61cf2d 100644 --- a/docs/community.aws.ec2_lc_find_module.rst +++ b/docs/community.aws.ec2_lc_find_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          -
                          A list of security group names (VPC or EC2-Classic) that the new instances will be added to.
                          +
                          A list of security group names (Default VPC or EC2-Classic) that the new instances will be added to. For any VPC other than Default, you must use security_group_ids.
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -57,6 +57,8 @@ Parameters @@ -107,6 +109,8 @@ Parameters @@ -168,7 +172,8 @@ Parameters
                          string - / required
                          + / required + @@ -190,6 +195,8 @@ Parameters @@ -222,6 +229,8 @@ Parameters @@ -271,7 +280,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_lc_info_module.rst b/docs/community.aws.ec2_lc_info_module.rst index b9691bb00e2..3904079fd98 100644 --- a/docs/community.aws.ec2_lc_info_module.rst +++ b/docs/community.aws.ec2_lc_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -204,6 +211,8 @@ Parameters @@ -310,7 +319,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_lc_module.rst b/docs/community.aws.ec2_lc_module.rst index c72e37d26d7..68c6e2348b1 100644 --- a/docs/community.aws.ec2_lc_module.rst +++ b/docs/community.aws.ec2_lc_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Default:
                          []
                          @@ -172,6 +177,8 @@ Parameters
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -93,6 +93,8 @@ Parameters @@ -143,6 +145,8 @@ Parameters @@ -168,7 +172,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -347,7 +352,8 @@ Parameters
                          string - / required
                          + / required + @@ -388,6 +394,8 @@ Parameters @@ -429,7 +437,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -450,6 +459,8 @@ Parameters @@ -543,7 +554,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -580,7 +592,8 @@ Parameters
                          string - / required
                          + / required + @@ -740,7 +753,7 @@ Notes .. note:: - Amazon ASG Autoscaling Launch Configurations are immutable once created, so modifying the configuration after it is changed will not modify the launch configuration on AWS. You must create a new config and assign it to the ASG instead. - encrypted volumes are supported on versions >= 2.4 - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_metric_alarm_module.rst b/docs/community.aws.ec2_metric_alarm_module.rst index 547c74d9bf8..6db3511014c 100644 --- a/docs/community.aws.ec2_metric_alarm_module.rst +++ b/docs/community.aws.ec2_metric_alarm_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -48,7 +48,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -69,6 +70,8 @@ Parameters @@ -119,6 +122,8 @@ Parameters @@ -237,7 +242,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -268,7 +274,8 @@ Parameters
                          string - / required
                          + / required + @@ -298,7 +305,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -334,6 +342,8 @@ Parameters @@ -366,6 +376,8 @@ Parameters @@ -518,7 +530,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_placement_group_info_module.rst b/docs/community.aws.ec2_placement_group_info_module.rst index 43407b43c14..a4304271945 100644 --- a/docs/community.aws.ec2_placement_group_info_module.rst +++ b/docs/community.aws.ec2_placement_group_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -149,7 +153,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -203,6 +210,8 @@ Parameters @@ -233,7 +242,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_placement_group_module.rst b/docs/community.aws.ec2_placement_group_module.rst index 1a96c08bfe0..d86500ecad8 100644 --- a/docs/community.aws.ec2_placement_group_module.rst +++ b/docs/community.aws.ec2_placement_group_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Default:
                          []
                          @@ -171,6 +176,8 @@ Parameters
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -148,7 +152,8 @@ Parameters
                          string - / required
                          + / required + @@ -169,6 +174,8 @@ Parameters @@ -201,6 +208,8 @@ Parameters @@ -269,7 +278,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_scaling_policy_module.rst b/docs/community.aws.ec2_scaling_policy_module.rst index ae3a92357be..70daec2511a 100644 --- a/docs/community.aws.ec2_scaling_policy_module.rst +++ b/docs/community.aws.ec2_scaling_policy_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -68,7 +68,8 @@ Parameters
                          string - / required
                          + / required + @@ -89,6 +90,8 @@ Parameters @@ -139,6 +142,8 @@ Parameters @@ -214,7 +219,8 @@ Parameters
                          string - / required
                          + / required + @@ -235,6 +241,8 @@ Parameters @@ -282,6 +290,8 @@ Parameters @@ -331,7 +341,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_snapshot_copy_module.rst b/docs/community.aws.ec2_snapshot_copy_module.rst index 99e9a456acf..68b68e4fb3b 100644 --- a/docs/community.aws.ec2_snapshot_copy_module.rst +++ b/docs/community.aws.ec2_snapshot_copy_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -204,6 +208,8 @@ Parameters @@ -236,6 +242,8 @@ Parameters @@ -246,7 +254,8 @@ Parameters
                          string - / required
                          + / required + @@ -261,7 +270,8 @@ Parameters
                          string - / required
                          + / required + @@ -346,7 +356,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_transit_gateway_info_module.rst b/docs/community.aws.ec2_transit_gateway_info_module.rst index cf17e520a9c..3a3e807b3f0 100644 --- a/docs/community.aws.ec2_transit_gateway_info_module.rst +++ b/docs/community.aws.ec2_transit_gateway_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -171,6 +175,8 @@ Parameters @@ -203,6 +209,8 @@ Parameters @@ -213,7 +221,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -249,7 +258,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_transit_gateway_module.rst b/docs/community.aws.ec2_transit_gateway_module.rst index 9cf7c9c958a..a318344d39e 100644 --- a/docs/community.aws.ec2_transit_gateway_module.rst +++ b/docs/community.aws.ec2_transit_gateway_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -130,6 +130,8 @@ Parameters @@ -180,6 +182,8 @@ Parameters @@ -265,6 +269,8 @@ Parameters @@ -316,6 +322,8 @@ Parameters @@ -450,7 +458,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_egress_igw_module.rst b/docs/community.aws.ec2_vpc_egress_igw_module.rst index 05dad438d6f..0bbb3380bf9 100644 --- a/docs/community.aws.ec2_vpc_egress_igw_module.rst +++ b/docs/community.aws.ec2_vpc_egress_igw_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -154,6 +158,8 @@ Parameters @@ -186,6 +192,8 @@ Parameters @@ -234,7 +242,8 @@ Parameters
                          string - / required
                          + / required + @@ -250,7 +259,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_endpoint_info_module.rst b/docs/community.aws.ec2_vpc_endpoint_info_module.rst index 4950abae3a3..1baf738914d 100644 --- a/docs/community.aws.ec2_vpc_endpoint_info_module.rst +++ b/docs/community.aws.ec2_vpc_endpoint_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -171,6 +175,8 @@ Parameters @@ -181,7 +187,8 @@ Parameters
                          string - / required
                          + / required + @@ -251,7 +260,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -267,7 +277,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_endpoint_module.rst b/docs/community.aws.ec2_vpc_endpoint_module.rst index a6ecdaadc0c..9dc3dd6b3d8 100644 --- a/docs/community.aws.ec2_vpc_endpoint_module.rst +++ b/docs/community.aws.ec2_vpc_endpoint_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                            Choices: @@ -222,6 +229,8 @@ Parameters
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -205,6 +209,8 @@ Parameters @@ -231,7 +237,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -252,6 +259,8 @@ Parameters @@ -383,7 +392,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_igw_info_module.rst b/docs/community.aws.ec2_vpc_igw_info_module.rst index b73e80d8792..26501c07324 100644 --- a/docs/community.aws.ec2_vpc_igw_info_module.rst +++ b/docs/community.aws.ec2_vpc_igw_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -165,7 +169,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -186,6 +191,8 @@ Parameters @@ -218,6 +225,8 @@ Parameters @@ -248,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_igw_module.rst b/docs/community.aws.ec2_vpc_igw_module.rst index 690f99603ec..7666f959200 100644 --- a/docs/community.aws.ec2_vpc_igw_module.rst +++ b/docs/community.aws.ec2_vpc_igw_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -156,6 +160,8 @@ Parameters @@ -188,6 +194,8 @@ Parameters @@ -252,7 +260,8 @@ Parameters
                          string - / required
                          + / required + @@ -268,7 +277,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_nacl_info_module.rst b/docs/community.aws.ec2_vpc_nacl_info_module.rst index 3aab5d5a7d9..2c65f0821ae 100644 --- a/docs/community.aws.ec2_vpc_nacl_info_module.rst +++ b/docs/community.aws.ec2_vpc_nacl_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -166,7 +170,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -221,6 +228,8 @@ Parameters @@ -252,7 +261,7 @@ Notes .. note:: - By default, the module will return all Network ACLs. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -316,7 +325,8 @@ Common return values are documented `here
                          list - / elements=list
                          + / elements=list +
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Default:
                          []
                          @@ -189,6 +194,8 @@ Parameters
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          always @@ -335,7 +345,8 @@ Common return values are documented `here
                          list - / elements=list
                          + / elements=list +                           		always @@ -386,7 +397,8 @@ Common return values are documented `here
                          list - / elements=string
                          + / elements=string +                           		always diff --git a/docs/community.aws.ec2_vpc_nacl_module.rst b/docs/community.aws.ec2_vpc_nacl_module.rst index da56bd5b456..eea6e32831d 100644 --- a/docs/community.aws.ec2_vpc_nacl_module.rst +++ b/docs/community.aws.ec2_vpc_nacl_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -151,7 +155,8 @@ Parameters
                          list - / elements=list
                          + / elements=list + @@ -253,6 +261,8 @@ Parameters @@ -283,7 +293,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -351,7 +362,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst index bb32c7a7ffa..15179783301 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Default:
                          []
                          @@ -167,7 +172,8 @@ Parameters
                          list - / elements=list
                          + / elements=list +                           		Default:
                          []
                          @@ -221,6 +227,8 @@ Parameters
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -165,7 +169,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -186,6 +191,8 @@ Parameters @@ -218,6 +225,8 @@ Parameters @@ -248,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_nat_gateway_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_module.rst index b115f2c6f43..7beb9612ce0 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_module.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -70,6 +70,8 @@ Parameters @@ -120,6 +122,8 @@ Parameters @@ -235,6 +239,8 @@ Parameters @@ -288,6 +294,8 @@ Parameters @@ -387,7 +395,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_peer_module.rst b/docs/community.aws.ec2_vpc_peer_module.rst index dd96bc3e077..f518d226230 100644 --- a/docs/community.aws.ec2_vpc_peer_module.rst +++ b/docs/community.aws.ec2_vpc_peer_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -217,6 +221,8 @@ Parameters @@ -249,6 +255,8 @@ Parameters @@ -330,7 +338,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_peering_info_module.rst b/docs/community.aws.ec2_vpc_peering_info_module.rst index 34e69f606aa..ffdb565fa5b 100644 --- a/docs/community.aws.ec2_vpc_peering_info_module.rst +++ b/docs/community.aws.ec2_vpc_peering_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -165,7 +169,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -186,6 +191,8 @@ Parameters @@ -218,6 +225,8 @@ Parameters @@ -248,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_route_table_info_module.rst b/docs/community.aws.ec2_vpc_route_table_info_module.rst index 1bd7d93ee4b..56ae4dd03ea 100644 --- a/docs/community.aws.ec2_vpc_route_table_info_module.rst +++ b/docs/community.aws.ec2_vpc_route_table_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -170,6 +174,8 @@ Parameters @@ -202,6 +208,8 @@ Parameters @@ -232,7 +240,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_route_table_module.rst b/docs/community.aws.ec2_vpc_route_table_module.rst index db7ed4ce224..f1d179eeac6 100644 --- a/docs/community.aws.ec2_vpc_route_table_module.rst +++ b/docs/community.aws.ec2_vpc_route_table_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -173,6 +177,8 @@ Parameters @@ -183,7 +189,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -288,7 +295,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -309,6 +317,8 @@ Parameters @@ -338,7 +348,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -405,7 +416,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_vgw_info_module.rst b/docs/community.aws.ec2_vpc_vgw_info_module.rst index a2c494ea25c..1d0fef4366b 100644 --- a/docs/community.aws.ec2_vpc_vgw_info_module.rst +++ b/docs/community.aws.ec2_vpc_vgw_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -171,6 +175,8 @@ Parameters @@ -203,6 +209,8 @@ Parameters @@ -232,7 +240,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -248,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_vgw_module.rst b/docs/community.aws.ec2_vpc_vgw_module.rst index 6a1ee4fb25c..8e6fe8c5908 100644 --- a/docs/community.aws.ec2_vpc_vgw_module.rst +++ b/docs/community.aws.ec2_vpc_vgw_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -72,6 +72,8 @@ Parameters @@ -122,6 +124,8 @@ Parameters @@ -188,6 +192,8 @@ Parameters @@ -220,6 +226,8 @@ Parameters @@ -350,7 +358,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_vpn_info_module.rst b/docs/community.aws.ec2_vpc_vpn_info_module.rst index b9a88856f97..e8eda1b5c95 100644 --- a/docs/community.aws.ec2_vpc_vpn_info_module.rst +++ b/docs/community.aws.ec2_vpc_vpn_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -171,6 +175,8 @@ Parameters @@ -203,6 +209,8 @@ Parameters @@ -232,7 +240,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -248,7 +257,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_vpc_vpn_module.rst b/docs/community.aws.ec2_vpc_vpn_module.rst index cd75eaf264b..72426420bc2 100644 --- a/docs/community.aws.ec2_vpc_vpn_module.rst +++ b/docs/community.aws.ec2_vpc_vpn_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -380,6 +384,8 @@ Parameters @@ -444,7 +450,8 @@ Parameters
                          list - / elements=string
                          + / elements=string + @@ -465,6 +472,8 @@ Parameters @@ -528,7 +537,8 @@ Parameters
                          list - / elements=dictionary
                          + / elements=dictionary + @@ -642,7 +652,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ec2_win_password_module.rst b/docs/community.aws.ec2_win_password_module.rst index dbb14cb625c..dc384260d46 100644 --- a/docs/community.aws.ec2_win_password_module.rst +++ b/docs/community.aws.ec2_win_password_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
                          string - / required
                          + / required + @@ -218,6 +223,8 @@ Parameters @@ -250,6 +257,8 @@ Parameters @@ -316,7 +325,7 @@ Notes .. note:: - As of Ansible 2.4, this module requires the python cryptography module rather than the older pycrypto module. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ecs_attribute_module.rst b/docs/community.aws.ecs_attribute_module.rst index c0bf8c0b3ba..1bb479db5ac 100644 --- a/docs/community.aws.ecs_attribute_module.rst +++ b/docs/community.aws.ecs_attribute_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          - + @@ -49,7 +49,9 @@ Parameters
                          list - / elements=dictionary / required
                          + / elements=dictionary + / required + @@ -65,7 +67,8 @@ Parameters
                          string - / required
                          + / required + @@ -103,6 +106,8 @@ Parameters @@ -153,6 +158,8 @@ Parameters @@ -163,7 +170,8 @@ Parameters
                          string - / required
                          + / required + @@ -197,7 +205,8 @@ Parameters
                          string - / required
                          + / required + @@ -234,6 +243,8 @@ Parameters @@ -266,6 +277,8 @@ Parameters @@ -315,7 +328,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -385,7 +398,8 @@ Common return values are documented `here
                          list - / elements=dictionary
                          + / elements=dictionary +
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                          diff --git a/docs/community.aws.ecs_cluster_module.rst b/docs/community.aws.ecs_cluster_module.rst index c7cc3c9baf4..43831341e6a 100644 --- a/docs/community.aws.ecs_cluster_module.rst +++ b/docs/community.aws.ecs_cluster_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -165,7 +169,8 @@ Parameters
                          string - / required
                          + / required + @@ -186,6 +191,8 @@ Parameters @@ -234,6 +241,8 @@ Parameters @@ -244,7 +253,8 @@ Parameters
                          string - / required
                          + / required +
                          Parameter Choices/Defaults Comments
                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_access_key, access_key
                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: ec2_secret_key, secret_key
                          Uses a boto profile. Only works with boto >= 2.24.0.
                          +
                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                          +
                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                          aliases: aws_profile
                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                          +
                          If profile is set this parameter is ignored.
                          +
                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                          aliases: aws_security_token, access_token
                            Choices: @@ -286,7 +296,7 @@ Notes .. note:: - When deleting a cluster, the information returned is the state of the cluster prior to deletion. - It will also wait for a cluster to have instances registered to it. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ecs_ecr_module.rst b/docs/community.aws.ecs_ecr_module.rst index b3ca43aa53a..0c17a0863e7 100644 --- a/docs/community.aws.ecs_ecr_module.rst +++ b/docs/community.aws.ecs_ecr_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -202,7 +206,8 @@ Parameters
                            string - / required
                            + / required + @@ -238,6 +243,8 @@ Parameters @@ -326,6 +333,8 @@ Parameters @@ -375,7 +384,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ecs_service_info_module.rst b/docs/community.aws.ecs_service_info_module.rst index 3f88a3749d3..11414624b85 100644 --- a/docs/community.aws.ecs_service_info_module.rst +++ b/docs/community.aws.ecs_service_info_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            - + @@ -57,6 +57,8 @@ Parameters @@ -107,6 +109,8 @@ Parameters @@ -211,6 +215,8 @@ Parameters @@ -243,6 +249,8 @@ Parameters @@ -253,7 +261,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -288,7 +297,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -366,7 +375,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            always @@ -398,7 +408,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +                             		when events is true diff --git a/docs/community.aws.ecs_service_module.rst b/docs/community.aws.ecs_service_module.rst index a27bb6ae9cc..39b9fc3f3dd 100644 --- a/docs/community.aws.ecs_service_module.rst +++ b/docs/community.aws.ecs_service_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -316,7 +320,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -331,7 +336,8 @@ Parameters
                            string - / required
                            + / required + @@ -384,7 +390,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -400,7 +407,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -416,7 +424,8 @@ Parameters
                            list - / elements=dictionary
                            + / elements=dictionary + @@ -465,7 +474,8 @@ Parameters
                            list - / elements=dictionary
                            + / elements=dictionary + @@ -519,6 +529,8 @@ Parameters @@ -602,6 +614,8 @@ Parameters @@ -612,7 +626,8 @@ Parameters
                            list - / elements=dictionary
                            + / elements=dictionary + @@ -676,7 +691,8 @@ Parameters
                            string - / required
                            + / required +
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                              Choices: @@ -735,7 +751,7 @@ Notes - The service role specified must be assumable. (i.e. have a trust relationship for the ecs service, ecs.amazonaws.com) - For details of the parameters and returns see https://boto3.readthedocs.io/en/latest/reference/services/ecs.html. - An IAM role must have been previously created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -901,7 +917,8 @@ Facts returned by this module are added/updated in the ``hostvars`` host facts a
                              list - / elements=dictionary
                              + / elements=dictionary +
                            		always @@ -935,7 +952,8 @@ Facts returned by this module are added/updated in the ``hostvars`` host facts a
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always @@ -1041,7 +1059,8 @@ Facts returned by this module are added/updated in the ``hostvars`` host facts a
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always @@ -1095,7 +1114,8 @@ Facts returned by this module are added/updated in the ``hostvars`` host facts a
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always @@ -1333,7 +1353,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always @@ -1365,7 +1386,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always @@ -1465,7 +1487,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always @@ -1516,7 +1539,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +                             		always diff --git a/docs/community.aws.ecs_tag_module.rst b/docs/community.aws.ecs_tag_module.rst index 8a3fa75dd79..268a9b8b018 100644 --- a/docs/community.aws.ecs_tag_module.rst +++ b/docs/community.aws.ecs_tag_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -116,7 +120,8 @@ Parameters
                            string - / required
                            + / required + @@ -172,6 +177,8 @@ Parameters @@ -262,6 +269,8 @@ Parameters @@ -328,7 +337,7 @@ Notes .. note:: - none - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ecs_task_module.rst b/docs/community.aws.ecs_task_module.rst index 8f821a8f728..77ffea44c44 100644 --- a/docs/community.aws.ecs_task_module.rst +++ b/docs/community.aws.ecs_task_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -131,7 +135,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -231,7 +236,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -247,7 +253,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -263,7 +270,8 @@ Parameters
                            string - / required
                            + / required + @@ -336,6 +346,8 @@ Parameters @@ -426,7 +438,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file @@ -563,7 +575,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                              Choices: @@ -304,6 +312,8 @@ Parameters
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            only when details is true @@ -643,7 +656,8 @@ Common return values are documented `here
                            list - / elements=dictionary
                            + / elements=dictionary +                             		only when details is true diff --git a/docs/community.aws.ecs_taskdefinition_info_module.rst b/docs/community.aws.ecs_taskdefinition_info_module.rst index 5cd1be9bc22..d444d4579df 100644 --- a/docs/community.aws.ecs_taskdefinition_info_module.rst +++ b/docs/community.aws.ecs_taskdefinition_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -157,6 +161,8 @@ Parameters @@ -189,6 +195,8 @@ Parameters @@ -199,7 +207,8 @@ Parameters
                            string - / required
                            + / required + @@ -236,7 +245,7 @@ Notes .. note:: - For details of the parameters and returns see http://boto3.readthedocs.io/en/latest/reference/services/ecs.html#ECS.Client.describe_task_definition - This module was called ``ecs_taskdefinition_facts`` before Ansible 2.9. The usage did not change. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.ecs_taskdefinition_module.rst b/docs/community.aws.ecs_taskdefinition_module.rst index 040b5a0cb47..9dec6ee0f82 100644 --- a/docs/community.aws.ecs_taskdefinition_module.rst +++ b/docs/community.aws.ecs_taskdefinition_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            - + @@ -71,6 +71,8 @@ Parameters @@ -121,6 +123,8 @@ Parameters @@ -131,7 +135,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -312,6 +317,8 @@ Parameters @@ -359,6 +366,8 @@ Parameters @@ -369,7 +378,8 @@ Parameters
                            string - / required
                            + / required + @@ -438,7 +449,8 @@ Parameters
                            string - / required
                            + / required + @@ -455,7 +467,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.efs_info_module.rst b/docs/community.aws.efs_info_module.rst index 85601f63fac..c7c354e76ab 100644 --- a/docs/community.aws.efs_info_module.rst +++ b/docs/community.aws.efs_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                              Choices: @@ -422,7 +432,8 @@ Parameters
                              list - / elements=dictionary
                              + / elements=dictionary +
                            - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -187,6 +191,8 @@ Parameters @@ -219,6 +225,8 @@ Parameters @@ -244,7 +252,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -280,7 +289,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.efs_module.rst b/docs/community.aws.efs_module.rst index 92481e55fe8..52bdeef7989 100644 --- a/docs/community.aws.efs_module.rst +++ b/docs/community.aws.efs_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -238,6 +242,8 @@ Parameters @@ -305,6 +311,8 @@ Parameters @@ -349,7 +357,8 @@ Parameters
                            list - / elements=dictionary
                            + / elements=dictionary + @@ -381,7 +390,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -397,7 +407,8 @@ Parameters
                            - - / required
                            + / required + @@ -488,7 +499,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elasticache_info_module.rst b/docs/community.aws.elasticache_info_module.rst index e2a78da6b3f..34c698e53f5 100644 --- a/docs/community.aws.elasticache_info_module.rst +++ b/docs/community.aws.elasticache_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -170,6 +174,8 @@ Parameters @@ -202,6 +208,8 @@ Parameters @@ -232,7 +240,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elasticache_module.rst b/docs/community.aws.elasticache_module.rst index 8aa849199f3..88963c4a5b1 100644 --- a/docs/community.aws.elasticache_module.rst +++ b/docs/community.aws.elasticache_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                            - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -161,7 +165,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -263,7 +268,8 @@ Parameters
                            string - / required
                            + / required + @@ -317,6 +323,8 @@ Parameters @@ -343,7 +351,8 @@ Parameters
                            list - / elements=string
                            + / elements=string + @@ -364,6 +373,8 @@ Parameters @@ -374,7 +385,8 @@ Parameters
                            string - / required
                            + / required +
                            Parameter Choices/Defaults Comments
                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_access_key, access_key
                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: ec2_secret_key, secret_key
                            Uses a boto profile. Only works with boto >= 2.24.0.
                            +
                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                            +
                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                            aliases: aws_profile
                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                            +
                            If profile is set this parameter is ignored.
                            +
                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                            aliases: aws_security_token, access_token
                              Choices: @@ -449,7 +461,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elasticache_parameter_group_module.rst b/docs/community.aws.elasticache_parameter_group_module.rst index d0109d76579..f458bbda6b8 100644 --- a/docs/community.aws.elasticache_parameter_group_module.rst +++ b/docs/community.aws.elasticache_parameter_group_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -190,7 +194,8 @@ Parameters
                              string - / required
                              + / required + @@ -211,6 +216,8 @@ Parameters @@ -243,6 +250,8 @@ Parameters @@ -253,7 +262,8 @@ Parameters
                              string - / required
                              + / required +
                              Parameter Choices/Defaults Comments
                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                              +
                              If profile is set this parameter is ignored.
                              +
                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                              aliases: ec2_access_key, access_key
                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                              +
                              If profile is set this parameter is ignored.
                              +
                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                              aliases: ec2_secret_key, secret_key
                              Uses a boto profile. Only works with boto >= 2.24.0.
                              +
                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                              +
                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                              aliases: aws_profile
                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                              +
                              If profile is set this parameter is ignored.
                              +
                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                              aliases: aws_security_token, access_token
                                Choices: @@ -308,7 +318,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elasticache_snapshot_module.rst b/docs/community.aws.elasticache_snapshot_module.rst index b6134273b09..3ac68c664bd 100644 --- a/docs/community.aws.elasticache_snapshot_module.rst +++ b/docs/community.aws.elasticache_snapshot_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -181,7 +185,8 @@ Parameters
                                string - / required
                                + / required + @@ -202,6 +207,8 @@ Parameters @@ -249,6 +256,8 @@ Parameters @@ -259,7 +268,8 @@ Parameters
                                string - / required
                                + / required +
                                Parameter Choices/Defaults Comments
                                AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                +
                                If profile is set this parameter is ignored.
                                +
                                Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                aliases: ec2_access_key, access_key
                                AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                +
                                If profile is set this parameter is ignored.
                                +
                                Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                aliases: ec2_secret_key, secret_key
                                Uses a boto profile. Only works with boto >= 2.24.0.
                                +
                                Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                +
                                aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                aliases: aws_profile
                                AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                +
                                If profile is set this parameter is ignored.
                                +
                                Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                aliases: aws_security_token, access_token
                                  Choices: @@ -314,7 +324,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elasticache_subnet_group_module.rst b/docs/community.aws.elasticache_subnet_group_module.rst index 9fd7b01d723..f566eb8d07f 100644 --- a/docs/community.aws.elasticache_subnet_group_module.rst +++ b/docs/community.aws.elasticache_subnet_group_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -163,7 +167,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -184,6 +189,8 @@ Parameters @@ -216,6 +223,8 @@ Parameters @@ -226,7 +235,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -280,7 +291,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_application_lb_info_module.rst b/docs/community.aws.elb_application_lb_info_module.rst index c08d485cf83..fb0e67cc590 100644 --- a/docs/community.aws.elb_application_lb_info_module.rst +++ b/docs/community.aws.elb_application_lb_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                  Parameter Choices/Defaults Comments
                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_access_key, access_key
                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_secret_key, secret_key
                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                  +
                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                  +
                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                  aliases: aws_profile
                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: aws_security_token, access_token
                                    Choices: @@ -245,7 +255,8 @@ Parameters
                                    list - / elements=string
                                    + / elements=string +
                                  - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -165,7 +170,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -186,6 +192,8 @@ Parameters @@ -218,6 +226,8 @@ Parameters @@ -248,7 +258,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_application_lb_module.rst b/docs/community.aws.elb_application_lb_module.rst index 8f42d1241dd..7ea443c49a2 100644 --- a/docs/community.aws.elb_application_lb_module.rst +++ b/docs/community.aws.elb_application_lb_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                  Parameter Choices/Defaults Comments
                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_access_key, access_key
                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_secret_key, secret_key
                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                  +
                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                  +
                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                  aliases: aws_profile
                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: aws_security_token, access_token
                                  - + @@ -109,6 +109,8 @@ Parameters @@ -159,6 +161,8 @@ Parameters @@ -257,7 +261,8 @@ Parameters
                                  list - / elements=dictionary
                                  + / elements=dictionary + @@ -273,7 +278,8 @@ Parameters
                                  list - / elements=dictionary
                                  + / elements=dictionary + @@ -307,7 +313,9 @@ Parameters
                                  list - / elements=dictionary / required
                                  + / elements=dictionary + / required + @@ -358,7 +366,8 @@ Parameters
                                  integer - / required
                                  + / required + @@ -374,7 +383,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -390,7 +400,8 @@ Parameters
                                  list - / elements=dictionary
                                  + / elements=dictionary + @@ -476,7 +487,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -497,6 +509,8 @@ Parameters @@ -599,7 +613,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -651,7 +668,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -738,7 +756,7 @@ Notes .. note:: - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_classic_lb_info_module.rst b/docs/community.aws.elb_classic_lb_info_module.rst index 3a564897d1f..8a2658fb30c 100644 --- a/docs/community.aws.elb_classic_lb_info_module.rst +++ b/docs/community.aws.elb_classic_lb_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                  Parameter Choices/Defaults Comments
                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_access_key, access_key
                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_secret_key, secret_key
                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                  +
                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                  +
                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                  aliases: aws_profile
                                  Default:
                                  []
                                  @@ -622,6 +637,8 @@ Parameters
                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: aws_security_token, access_token
                                  - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -151,7 +155,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -172,6 +177,8 @@ Parameters @@ -204,6 +211,8 @@ Parameters @@ -234,7 +243,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_classic_lb_module.rst b/docs/community.aws.elb_classic_lb_module.rst index 198d6383a71..177e119e7e6 100644 --- a/docs/community.aws.elb_classic_lb_module.rst +++ b/docs/community.aws.elb_classic_lb_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                  Parameter Choices/Defaults Comments
                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_access_key, access_key
                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_secret_key, secret_key
                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                  +
                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                  +
                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                  aliases: aws_profile
                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: aws_security_token, access_token
                                  - + @@ -69,6 +69,8 @@ Parameters @@ -119,6 +121,8 @@ Parameters @@ -228,7 +232,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -243,7 +248,8 @@ Parameters
                                  list - / elements=dictionary
                                  + / elements=dictionary + @@ -258,7 +264,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -279,6 +286,8 @@ Parameters @@ -400,7 +409,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -415,7 +425,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -436,6 +447,8 @@ Parameters @@ -446,7 +459,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -564,7 +579,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -580,7 +596,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_instance_module.rst b/docs/community.aws.elb_instance_module.rst index 69e6c3436b2..5f642a591d7 100644 --- a/docs/community.aws.elb_instance_module.rst +++ b/docs/community.aws.elb_instance_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                  Parameter Choices/Defaults Comments
                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_access_key, access_key
                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_secret_key, secret_key
                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                  +
                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                  +
                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                  aliases: aws_profile
                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: aws_security_token, access_token
                                    Choices: @@ -480,7 +494,8 @@ Parameters
                                    list - / elements=string
                                    + / elements=string +
                                  - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -134,7 +138,8 @@ Parameters
                                  list - / elements=string
                                  + / elements=string + @@ -184,7 +189,8 @@ Parameters
                                  string - / required
                                  + / required + @@ -205,6 +211,8 @@ Parameters @@ -237,6 +245,8 @@ Parameters @@ -247,7 +257,8 @@ Parameters
                                  string - / required
                                  + / required +
                                  Parameter Choices/Defaults Comments
                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_access_key, access_key
                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: ec2_secret_key, secret_key
                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                  +
                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                  +
                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                  aliases: aws_profile
                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                  +
                                  If profile is set this parameter is ignored.
                                  +
                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                  aliases: aws_security_token, access_token
                                    Choices: @@ -321,7 +332,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_network_lb_module.rst b/docs/community.aws.elb_network_lb_module.rst index 7c93c2fdff0..ed7f91a05bf 100644 --- a/docs/community.aws.elb_network_lb_module.rst +++ b/docs/community.aws.elb_network_lb_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -187,7 +191,8 @@ Parameters
                                    list - / elements=dictionary
                                    + / elements=dictionary + @@ -203,7 +208,8 @@ Parameters
                                    list - / elements=dictionary
                                    + / elements=dictionary + @@ -237,7 +243,9 @@ Parameters
                                    list - / elements=dictionary / required
                                    + / elements=dictionary + / required + @@ -288,7 +296,8 @@ Parameters
                                    integer - / required
                                    + / required + @@ -304,7 +313,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -336,7 +346,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -357,6 +368,8 @@ Parameters @@ -448,6 +461,8 @@ Parameters @@ -478,7 +493,8 @@ Parameters
                                    list - / elements=dictionary
                                    + / elements=dictionary + @@ -494,7 +510,8 @@ Parameters
                                    list - / elements=string
                                    + / elements=string + @@ -582,7 +599,7 @@ Notes .. note:: - Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_target_group_info_module.rst b/docs/community.aws.elb_target_group_info_module.rst index c7525a5fd49..83511da09a7 100644 --- a/docs/community.aws.elb_target_group_info_module.rst +++ b/docs/community.aws.elb_target_group_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                    - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -184,7 +188,8 @@ Parameters
                                    list - / elements=string
                                    + / elements=string + @@ -205,6 +210,8 @@ Parameters @@ -237,6 +244,8 @@ Parameters @@ -247,7 +256,8 @@ Parameters
                                    list - / elements=string
                                    + / elements=string + @@ -282,7 +292,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_target_group_module.rst b/docs/community.aws.elb_target_group_module.rst index 13f0826806f..5b39b157349 100644 --- a/docs/community.aws.elb_target_group_module.rst +++ b/docs/community.aws.elb_target_group_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                    - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -289,7 +293,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -325,6 +330,8 @@ Parameters @@ -405,6 +412,8 @@ Parameters @@ -415,7 +424,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -638,7 +649,7 @@ Notes .. note:: - Once a target group has been created, only its health check can then be modified using subsequent calls - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_target_info_module.rst b/docs/community.aws.elb_target_info_module.rst index e96e19a5ad1..918be270c54 100644 --- a/docs/community.aws.elb_target_info_module.rst +++ b/docs/community.aws.elb_target_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                      Choices: @@ -537,7 +547,8 @@ Parameters
                                      list - / elements=dictionary
                                      + / elements=dictionary +
                                    - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -170,7 +174,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -191,6 +196,8 @@ Parameters @@ -223,6 +230,8 @@ Parameters @@ -253,7 +262,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.elb_target_module.rst b/docs/community.aws.elb_target_module.rst index 11c9d8bfa21..d208c11de88 100644 --- a/docs/community.aws.elb_target_module.rst +++ b/docs/community.aws.elb_target_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                    - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -173,6 +177,8 @@ Parameters @@ -205,6 +211,8 @@ Parameters @@ -215,7 +223,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -370,7 +380,7 @@ Notes .. note:: - If you specified a port override when you registered a target, you must specify both the target ID and the port when you deregister it. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.execute_lambda_module.rst b/docs/community.aws.execute_lambda_module.rst index c1b395144de..917a3c56e5a 100644 --- a/docs/community.aws.execute_lambda_module.rst +++ b/docs/community.aws.execute_lambda_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                      Choices: @@ -279,7 +288,8 @@ Parameters
                                      string - / required
                                      + / required +
                                    - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -220,6 +224,8 @@ Parameters @@ -252,6 +258,8 @@ Parameters @@ -337,7 +345,7 @@ Notes .. note:: - Async invocation will always return an empty ``output`` key. - Synchronous invocation may result in a function timeout, resulting in an empty ``output`` key. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_cert_module.rst b/docs/community.aws.iam_cert_module.rst index 51e81660f00..f76ee1ed3dc 100644 --- a/docs/community.aws.iam_cert_module.rst +++ b/docs/community.aws.iam_cert_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                    - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -213,7 +217,8 @@ Parameters
                                    string - / required
                                    + / required + @@ -282,6 +287,8 @@ Parameters @@ -314,6 +321,8 @@ Parameters @@ -324,7 +333,8 @@ Parameters
                                    string - / required
                                    + / required +
                                    Parameter Choices/Defaults Comments
                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_access_key, access_key
                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: ec2_secret_key, secret_key
                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                    +
                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                    +
                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                    aliases: aws_profile
                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                    +
                                    If profile is set this parameter is ignored.
                                    +
                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                    aliases: aws_security_token, access_token
                                      Choices: @@ -364,7 +374,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_group_module.rst b/docs/community.aws.iam_group_module.rst index 1683e54b0ad..9ee2a4e6f82 100644 --- a/docs/community.aws.iam_group_module.rst +++ b/docs/community.aws.iam_group_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
                                      list - / elements=string
                                      + / elements=string + @@ -167,7 +172,8 @@ Parameters
                                      string - / required
                                      + / required + @@ -188,6 +194,8 @@ Parameters @@ -259,6 +267,8 @@ Parameters @@ -269,7 +279,8 @@ Parameters
                                      string - / required
                                      + / required + @@ -323,7 +335,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_managed_policy_module.rst b/docs/community.aws.iam_managed_policy_module.rst index 5eefe87b023..05567a58001 100644 --- a/docs/community.aws.iam_managed_policy_module.rst +++ b/docs/community.aws.iam_managed_policy_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                      Parameter Choices/Defaults Comments
                                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_access_key, access_key
                                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_secret_key, secret_key
                                      Uses a boto profile. Only works with boto >= 2.24.0.
                                      +
                                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                      +
                                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                      aliases: aws_profile
                                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: aws_security_token, access_token
                                        Choices: @@ -288,7 +299,8 @@ Parameters
                                        list - / elements=string
                                        + / elements=string +
                                      - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -238,7 +242,8 @@ Parameters
                                      string - / required
                                      + / required + @@ -259,6 +264,8 @@ Parameters @@ -291,6 +298,8 @@ Parameters @@ -340,7 +349,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_mfa_device_info_module.rst b/docs/community.aws.iam_mfa_device_info_module.rst index 05c0a39e602..96e267dd8ee 100644 --- a/docs/community.aws.iam_mfa_device_info_module.rst +++ b/docs/community.aws.iam_mfa_device_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                      Parameter Choices/Defaults Comments
                                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_access_key, access_key
                                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_secret_key, secret_key
                                      Uses a boto profile. Only works with boto >= 2.24.0.
                                      +
                                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                      +
                                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                      aliases: aws_profile
                                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: aws_security_token, access_token
                                      - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -157,6 +161,8 @@ Parameters @@ -189,6 +195,8 @@ Parameters @@ -234,7 +242,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_module.rst b/docs/community.aws.iam_module.rst index 1f5f78fa016..936ee464e94 100644 --- a/docs/community.aws.iam_module.rst +++ b/docs/community.aws.iam_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                      Parameter Choices/Defaults Comments
                                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_access_key, access_key
                                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_secret_key, secret_key
                                      Uses a boto profile. Only works with boto >= 2.24.0.
                                      +
                                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                      +
                                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                      aliases: aws_profile
                                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: aws_security_token, access_token
                                      - + @@ -47,7 +47,8 @@ Parameters
                                      list - / elements=string
                                      + / elements=string + @@ -93,6 +94,8 @@ Parameters @@ -143,6 +146,8 @@ Parameters @@ -188,7 +193,8 @@ Parameters
                                      list - / elements=string
                                      + / elements=string + @@ -203,7 +209,8 @@ Parameters
                                      string - / required
                                      + / required + @@ -323,6 +331,8 @@ Parameters @@ -355,6 +365,8 @@ Parameters @@ -365,7 +377,8 @@ Parameters
                                      string - / required
                                      + / required +
                                      Parameter Choices/Defaults Comments
                                      AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_access_key, access_key
                                      AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: ec2_secret_key, secret_key
                                        Choices: @@ -239,7 +246,8 @@ Parameters
                                        string - / required
                                        + / required +
                                      Uses a boto profile. Only works with boto >= 2.24.0.
                                      +
                                      Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                      +
                                      aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                      aliases: aws_profile
                                      AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                      +
                                      If profile is set this parameter is ignored.
                                      +
                                      Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                      aliases: aws_security_token, access_token
                                        Choices: @@ -459,7 +472,7 @@ Notes .. note:: - Currently boto does not support the removal of Managed Policies, the module will error out if your user/group/role has managed policies when you try to do state=absent. They will need to be removed manually. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_password_policy_module.rst b/docs/community.aws.iam_password_policy_module.rst index 472e6987eba..7d4133619ed 100644 --- a/docs/community.aws.iam_password_policy_module.rst +++ b/docs/community.aws.iam_password_policy_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -75,6 +75,8 @@ Parameters @@ -125,6 +127,8 @@ Parameters @@ -193,6 +197,8 @@ Parameters @@ -355,6 +361,8 @@ Parameters @@ -365,7 +373,8 @@ Parameters
                                        string - / required
                                        + / required +
                                        Parameter Choices/Defaults Comments
                                        AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                        +
                                        If profile is set this parameter is ignored.
                                        +
                                        Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                        aliases: ec2_access_key, access_key
                                        AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                        +
                                        If profile is set this parameter is ignored.
                                        +
                                        Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                        aliases: ec2_secret_key, secret_key
                                        Uses a boto profile. Only works with boto >= 2.24.0.
                                        +
                                        Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                        +
                                        aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                        aliases: aws_profile
                                        AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                        +
                                        If profile is set this parameter is ignored.
                                        +
                                        Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                        aliases: aws_security_token, access_token
                                          Choices: @@ -404,7 +413,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_policy_info_module.rst b/docs/community.aws.iam_policy_info_module.rst index ac6d53e14a8..3fffa1c62b7 100644 --- a/docs/community.aws.iam_policy_info_module.rst +++ b/docs/community.aws.iam_policy_info_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -148,7 +152,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -163,7 +168,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -236,6 +244,8 @@ Parameters @@ -266,7 +276,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_policy_module.rst b/docs/community.aws.iam_policy_module.rst index bd9c47e5974..bdbb15cc7c2 100644 --- a/docs/community.aws.iam_policy_module.rst +++ b/docs/community.aws.iam_policy_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                            Choices: @@ -204,6 +210,8 @@ Parameters
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -149,7 +153,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -164,7 +169,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -239,6 +246,8 @@ Parameters @@ -271,6 +280,8 @@ Parameters @@ -340,7 +351,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_role_info_module.rst b/docs/community.aws.iam_role_info_module.rst index b0735befda9..1c6c56914cb 100644 --- a/docs/community.aws.iam_role_info_module.rst +++ b/docs/community.aws.iam_role_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                            Choices: @@ -218,7 +224,8 @@ Parameters
                                            string - / required
                                            + / required +
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -189,6 +193,8 @@ Parameters @@ -221,6 +227,8 @@ Parameters @@ -251,7 +259,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_role_module.rst b/docs/community.aws.iam_role_module.rst index 82dfe70f8a6..efdb1928a51 100644 --- a/docs/community.aws.iam_role_module.rst +++ b/docs/community.aws.iam_role_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -71,6 +71,8 @@ Parameters @@ -121,6 +123,8 @@ Parameters @@ -240,7 +244,8 @@ Parameters
                                          list - / elements=string
                                          + / elements=string + @@ -274,7 +279,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -311,6 +317,8 @@ Parameters @@ -383,6 +391,8 @@ Parameters @@ -448,7 +458,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_saml_federation_module.rst b/docs/community.aws.iam_saml_federation_module.rst index 814dc3c4ec0..c741777dd30 100644 --- a/docs/community.aws.iam_saml_federation_module.rst +++ b/docs/community.aws.iam_saml_federation_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -149,7 +153,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -170,6 +175,8 @@ Parameters @@ -217,6 +224,8 @@ Parameters @@ -266,7 +275,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_server_certificate_info_module.rst b/docs/community.aws.iam_server_certificate_info_module.rst index a4d72a5199d..a4201eccfc9 100644 --- a/docs/community.aws.iam_server_certificate_info_module.rst +++ b/docs/community.aws.iam_server_certificate_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -172,6 +176,8 @@ Parameters @@ -204,6 +210,8 @@ Parameters @@ -234,7 +242,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_user_info_module.rst b/docs/community.aws.iam_user_info_module.rst index 561eecfc007..f1d460c3ef6 100644 --- a/docs/community.aws.iam_user_info_module.rst +++ b/docs/community.aws.iam_user_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -203,6 +207,8 @@ Parameters @@ -235,6 +241,8 @@ Parameters @@ -265,7 +273,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.iam_user_module.rst b/docs/community.aws.iam_user_module.rst index 95a84bb2f1f..d3065e79540 100644 --- a/docs/community.aws.iam_user_module.rst +++ b/docs/community.aws.iam_user_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                          - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -150,7 +154,8 @@ Parameters
                                          list - / elements=string
                                          + / elements=string + @@ -167,7 +172,8 @@ Parameters
                                          string - / required
                                          + / required + @@ -188,6 +194,8 @@ Parameters @@ -240,6 +248,8 @@ Parameters @@ -250,7 +260,8 @@ Parameters
                                          string - / required
                                          + / required +
                                          Parameter Choices/Defaults Comments
                                          AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_access_key, access_key
                                          AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: ec2_secret_key, secret_key
                                          Uses a boto profile. Only works with boto >= 2.24.0.
                                          +
                                          Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                          +
                                          aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                          aliases: aws_profile
                                          AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                          +
                                          If profile is set this parameter is ignored.
                                          +
                                          Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                          aliases: aws_security_token, access_token
                                            Choices: @@ -289,7 +300,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.kinesis_stream_module.rst b/docs/community.aws.kinesis_stream_module.rst index 2ee9ef5c92d..721b75ed6eb 100644 --- a/docs/community.aws.kinesis_stream_module.rst +++ b/docs/community.aws.kinesis_stream_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html - + @@ -57,6 +57,8 @@ Parameters @@ -107,6 +109,8 @@ Parameters @@ -206,7 +210,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -227,6 +232,8 @@ Parameters @@ -277,6 +284,8 @@ Parameters @@ -393,7 +402,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lambda_alias_module.rst b/docs/community.aws.lambda_alias_module.rst index 6afb9788adb..5ff81ec22f0 100644 --- a/docs/community.aws.lambda_alias_module.rst +++ b/docs/community.aws.lambda_alias_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -164,7 +168,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -195,7 +200,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -217,6 +223,8 @@ Parameters @@ -249,6 +257,8 @@ Parameters @@ -298,7 +308,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lambda_event_module.rst b/docs/community.aws.lambda_event_module.rst index fee94cd64ba..15ae5096543 100644 --- a/docs/community.aws.lambda_event_module.rst +++ b/docs/community.aws.lambda_event_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -70,6 +70,8 @@ Parameters @@ -120,6 +122,8 @@ Parameters @@ -186,7 +190,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -208,6 +213,8 @@ Parameters @@ -240,6 +247,8 @@ Parameters @@ -250,7 +259,8 @@ Parameters
                                            dictionary - / required
                                            + / required + @@ -304,7 +314,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -396,7 +407,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lambda_facts_module.rst b/docs/community.aws.lambda_facts_module.rst index 7396a687ec7..e3176d53608 100644 --- a/docs/community.aws.lambda_facts_module.rst +++ b/docs/community.aws.lambda_facts_module.rst @@ -43,7 +43,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -61,6 +61,8 @@ Parameters @@ -111,6 +113,8 @@ Parameters @@ -193,6 +197,8 @@ Parameters @@ -248,6 +254,8 @@ Parameters @@ -278,7 +286,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lambda_info_module.rst b/docs/community.aws.lambda_info_module.rst index 80987bc814f..e7ae0f1acf7 100644 --- a/docs/community.aws.lambda_info_module.rst +++ b/docs/community.aws.lambda_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -187,6 +191,8 @@ Parameters @@ -242,6 +248,8 @@ Parameters @@ -272,7 +280,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lambda_module.rst b/docs/community.aws.lambda_module.rst index 3fdfd9dbfa9..c3d07a7be52 100644 --- a/docs/community.aws.lambda_module.rst +++ b/docs/community.aws.lambda_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -225,7 +229,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -246,6 +251,8 @@ Parameters @@ -360,6 +367,8 @@ Parameters @@ -458,7 +467,8 @@ Parameters
                                            list - / elements=string
                                            + / elements=string + @@ -474,7 +484,8 @@ Parameters
                                            list - / elements=string
                                            + / elements=string + @@ -509,7 +520,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lambda_policy_module.rst b/docs/community.aws.lambda_policy_module.rst index 70af795a55b..9f07149200a 100644 --- a/docs/community.aws.lambda_policy_module.rst +++ b/docs/community.aws.lambda_policy_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -50,7 +50,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -86,6 +87,8 @@ Parameters @@ -136,6 +139,8 @@ Parameters @@ -196,7 +201,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -216,7 +222,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -237,6 +244,8 @@ Parameters @@ -269,6 +278,8 @@ Parameters @@ -328,7 +339,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -379,7 +391,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.lightsail_module.rst b/docs/community.aws.lightsail_module.rst index c5adc12834d..fdf328bba65 100644 --- a/docs/community.aws.lightsail_module.rst +++ b/docs/community.aws.lightsail_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -198,7 +202,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -219,6 +224,8 @@ Parameters @@ -251,6 +258,8 @@ Parameters @@ -373,7 +382,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_instance_info_module.rst b/docs/community.aws.rds_instance_info_module.rst index 1bdc6675e63..6071634a1f3 100644 --- a/docs/community.aws.rds_instance_info_module.rst +++ b/docs/community.aws.rds_instance_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -188,6 +192,8 @@ Parameters @@ -220,6 +226,8 @@ Parameters @@ -250,7 +258,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_instance_module.rst b/docs/community.aws.rds_instance_module.rst index 231f76a2335..48984b9de6f 100644 --- a/docs/community.aws.rds_instance_module.rst +++ b/docs/community.aws.rds_instance_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -143,6 +143,8 @@ Parameters @@ -193,6 +195,8 @@ Parameters @@ -321,7 +325,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -367,7 +372,8 @@ Parameters
                                            list - / elements=string
                                            + / elements=string + @@ -478,7 +484,8 @@ Parameters
                                            list - / elements=string
                                            + / elements=string + @@ -922,6 +929,8 @@ Parameters @@ -1107,6 +1116,8 @@ Parameters @@ -1381,7 +1392,8 @@ Parameters
                                            list - / elements=string
                                            + / elements=string + @@ -1416,7 +1428,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_module.rst b/docs/community.aws.rds_module.rst index 06b9909556a..46ed148e695 100644 --- a/docs/community.aws.rds_module.rst +++ b/docs/community.aws.rds_module.rst @@ -39,7 +39,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -77,6 +77,8 @@ Parameters @@ -127,6 +129,8 @@ Parameters @@ -190,7 +194,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -603,6 +610,8 @@ Parameters @@ -752,7 +761,8 @@ Parameters
                                            list - / elements=string
                                            + / elements=string + @@ -825,7 +835,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_param_group_module.rst b/docs/community.aws.rds_param_group_module.rst index bac8698e955..89f14e0d3e0 100644 --- a/docs/community.aws.rds_param_group_module.rst +++ b/docs/community.aws.rds_param_group_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                              Choices: @@ -538,6 +543,8 @@ Parameters
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                            - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -202,7 +206,8 @@ Parameters
                                            string - / required
                                            + / required + @@ -239,6 +244,8 @@ Parameters @@ -290,6 +297,8 @@ Parameters @@ -300,7 +309,8 @@ Parameters
                                            string - / required
                                            + / required +
                                            Parameter Choices/Defaults Comments
                                            AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_access_key, access_key
                                            AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: ec2_secret_key, secret_key
                                            Uses a boto profile. Only works with boto >= 2.24.0.
                                            +
                                            Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                            +
                                            aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                            aliases: aws_profile
                                            AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                            +
                                            If profile is set this parameter is ignored.
                                            +
                                            Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                            aliases: aws_security_token, access_token
                                              Choices: @@ -354,7 +364,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_snapshot_info_module.rst b/docs/community.aws.rds_snapshot_info_module.rst index fb8508d6c73..87b76fccabf 100644 --- a/docs/community.aws.rds_snapshot_info_module.rst +++ b/docs/community.aws.rds_snapshot_info_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -222,6 +226,8 @@ Parameters @@ -254,6 +260,8 @@ Parameters @@ -306,7 +314,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_snapshot_module.rst b/docs/community.aws.rds_snapshot_module.rst index 8a7f1c418c6..903e7bd5f39 100644 --- a/docs/community.aws.rds_snapshot_module.rst +++ b/docs/community.aws.rds_snapshot_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                              - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -130,7 +134,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -187,6 +192,8 @@ Parameters @@ -238,6 +245,8 @@ Parameters @@ -337,7 +346,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.rds_subnet_group_module.rst b/docs/community.aws.rds_subnet_group_module.rst index 324ddcae414..d72d4c4164d 100644 --- a/docs/community.aws.rds_subnet_group_module.rst +++ b/docs/community.aws.rds_subnet_group_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                              - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -164,7 +168,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -185,6 +190,8 @@ Parameters @@ -217,6 +224,8 @@ Parameters @@ -227,7 +236,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -282,7 +293,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.redshift_cross_region_snapshots_module.rst b/docs/community.aws.redshift_cross_region_snapshots_module.rst index 012aa06685d..2a3c96ac85e 100644 --- a/docs/community.aws.redshift_cross_region_snapshots_module.rst +++ b/docs/community.aws.redshift_cross_region_snapshots_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                                Choices: @@ -246,7 +256,8 @@ Parameters
                                                list - / elements=string
                                                + / elements=string +
                                              - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -116,7 +120,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -151,7 +156,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -189,6 +195,8 @@ Parameters @@ -199,7 +207,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -221,6 +230,8 @@ Parameters @@ -248,7 +259,8 @@ Parameters
                                              integer - / required
                                              + / required + @@ -303,7 +315,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.redshift_info_module.rst b/docs/community.aws.redshift_info_module.rst index 87324f6c5e5..8de44f0b838 100644 --- a/docs/community.aws.redshift_info_module.rst +++ b/docs/community.aws.redshift_info_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                              - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -173,6 +177,8 @@ Parameters @@ -205,6 +211,8 @@ Parameters @@ -250,7 +258,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.redshift_module.rst b/docs/community.aws.redshift_module.rst index 8aca4d1f59a..f1397c0a027 100644 --- a/docs/community.aws.redshift_module.rst +++ b/docs/community.aws.redshift_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                              - + @@ -106,6 +106,8 @@ Parameters @@ -156,6 +158,8 @@ Parameters @@ -182,7 +186,8 @@ Parameters
                                              list - / elements=string
                                              + / elements=string + @@ -252,7 +257,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -525,6 +532,8 @@ Parameters @@ -576,6 +585,8 @@ Parameters @@ -642,7 +653,8 @@ Parameters
                                              list - / elements=string
                                              + / elements=string + @@ -695,7 +707,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.redshift_subnet_group_module.rst b/docs/community.aws.redshift_subnet_group_module.rst index 6457827f096..c1097805de4 100644 --- a/docs/community.aws.redshift_subnet_group_module.rst +++ b/docs/community.aws.redshift_subnet_group_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                                Choices: @@ -394,7 +400,8 @@ Parameters
                                                string - / required
                                                + / required +
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                              - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -164,7 +168,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -180,7 +185,8 @@ Parameters
                                              list - / elements=string
                                              + / elements=string + @@ -202,6 +208,8 @@ Parameters @@ -234,6 +242,8 @@ Parameters @@ -244,7 +254,8 @@ Parameters
                                              string - / required
                                              + / required + @@ -483,7 +484,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create SQS queue with redrive policy community.aws.sqs_queue: diff --git a/docs/community.aws.sts_assume_role_module.rst b/docs/community.aws.sts_assume_role_module.rst index 0de6e76c81b..16b197c2bce 100644 --- a/docs/community.aws.sts_assume_role_module.rst +++ b/docs/community.aws.sts_assume_role_module.rst @@ -345,7 +345,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.sts_session_token_module.rst b/docs/community.aws.sts_session_token_module.rst index 432dda4191a..26dae630d73 100644 --- a/docs/community.aws.sts_session_token_module.rst +++ b/docs/community.aws.sts_session_token_module.rst @@ -281,7 +281,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/galaxy.yml b/galaxy.yml index 991e6c90978..65fd909bbaa 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: community name: aws -version: 1.2.1 +version: 1.3.0 readme: README.md authors: - Ansible (https://github.com/ansible) @@ -8,7 +8,7 @@ description: null license_file: COPYING tags: [community, aws, cloud, amazon] dependencies: - amazon.aws: '>=1.2.1' + amazon.aws: '>=1.3.0' repository: https://github.com/ansible-collections/community.aws documentation: https://github.com/ansible-collections/community.aws/tree/main/docs homepage: https://github.com/ansible-collections/community.aws diff --git a/tests/requirements.yml b/tests/requirements.yml index 481ff1020dd..d7efc78d867 100644 --- a/tests/requirements.yml +++ b/tests/requirements.yml @@ -1,7 +1,7 @@ integration_tests_dependencies: -- amazon.aws >= 1.2.1 +- amazon.aws >= 1.3.0 - ansible.windows - community.crypto - community.general unit_tests_dependencies: -- amazon.aws >= 1.2.1 +- amazon.aws >= 1.3.0 From 4ad9fd36e6c0a754416ebf67c22daca3d122bb6f Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Tue, 15 Dec 2020 01:29:41 +0100 Subject: [PATCH 118/129] Launch Template cleanup retries and add tests into CI (#326) * Mark ec2_launch_template tests as supported * Update launch template test to use permitted harmless managed policy * Make sure we delete the instance profile * Cleanup imports * use ansible_dict_to_boto3_tag_list * Make sure retries are enabled * Update role names in line with CI policy * Lookup AMI name rather than hardcoding IDs * Add changelog fragment --- .../fragments/326-launch_template_retry.yml | 2 ++ plugins/modules/ec2_launch_template.py | 29 +++++++++-------- .../targets/ec2_launch_template/aliases | 2 +- .../ec2_launch_template/defaults/main.yml | 19 ++--------- .../ec2_launch_template/tasks/cpu_options.yml | 2 +- .../tasks/iam_instance_role.yml | 32 +++++++++---------- .../roles/ec2_launch_template/tasks/main.yml | 10 ++++++ .../tasks/tags_and_vpc_settings.yml | 10 +++--- .../ec2_launch_template/tasks/versions.yml | 6 ++-- 9 files changed, 55 insertions(+), 57 deletions(-) create mode 100644 changelogs/fragments/326-launch_template_retry.yml diff --git a/changelogs/fragments/326-launch_template_retry.yml b/changelogs/fragments/326-launch_template_retry.yml new file mode 100644 index 00000000000..ab7506d8847 --- /dev/null +++ b/changelogs/fragments/326-launch_template_retry.yml @@ -0,0 +1,2 @@ +minor_changes: +- ec2_launch_template - Add retries on common AWS failures (https://github.com/ansible-collections/community.aws/pull/326). diff --git a/plugins/modules/ec2_launch_template.py b/plugins/modules/ec2_launch_template.py index 4553a8e794d..4a35812cfb4 100644 --- a/plugins/modules/ec2_launch_template.py +++ b/plugins/modules/ec2_launch_template.py @@ -367,13 +367,14 @@ from uuid import uuid4 from ansible.module_utils._text import to_text -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters -from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict, snake_dict_to_camel_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (ansible_dict_to_boto3_tag_list, - AWSRetry, - boto3_tag_list_to_ansible_dict, - ansible_dict_to_boto3_tag_list, - ) +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict +from ansible.module_utils.common.dict_transformations import snake_dict_to_camel_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict try: from botocore.exceptions import ClientError, BotoCoreError, WaiterError @@ -399,9 +400,9 @@ def existing_templates(module): matches = None try: if module.params.get('template_id'): - matches = ec2.describe_launch_templates(LaunchTemplateIds=[module.params.get('template_id')]) + matches = ec2.describe_launch_templates(LaunchTemplateIds=[module.params.get('template_id')], aws_retry=True) elif module.params.get('template_name'): - matches = ec2.describe_launch_templates(LaunchTemplateNames=[module.params.get('template_name')]) + matches = ec2.describe_launch_templates(LaunchTemplateNames=[module.params.get('template_name')], aws_retry=True) except is_boto3_error_code('InvalidLaunchTemplateName.NotFoundException') as e: # no named template was found, return nothing/empty versions return None, [] @@ -418,20 +419,18 @@ def existing_templates(module): template = matches['LaunchTemplates'][0] template_id, template_version, template_default = template['LaunchTemplateId'], template['LatestVersionNumber'], template['DefaultVersionNumber'] try: - return template, ec2.describe_launch_template_versions(LaunchTemplateId=template_id)['LaunchTemplateVersions'] + return template, ec2.describe_launch_template_versions(LaunchTemplateId=template_id, aws_retry=True)['LaunchTemplateVersions'] except (ClientError, BotoCoreError, WaiterError) as e: module.fail_json_aws(e, msg='Could not find launch template versions for {0} (ID: {1}).'.format(template['LaunchTemplateName'], template_id)) def params_to_launch_data(module, template_params): if template_params.get('tags'): + tag_list = ansible_dict_to_boto3_tag_list(template_params.get('tags')) template_params['tag_specifications'] = [ { 'resource_type': r_type, - 'tags': [ - {'Key': k, 'Value': v} for k, v - in template_params['tags'].items() - ] + 'tags': tag_list } for r_type in ('instance', 'volume') ] @@ -456,6 +455,7 @@ def delete_template(module): v_resp = ec2.delete_launch_template_versions( LaunchTemplateId=template['LaunchTemplateId'], Versions=non_default_versions, + aws_retry=True, ) if v_resp['UnsuccessfullyDeletedLaunchTemplateVersions']: module.warn('Failed to delete template versions {0} on launch template {1}'.format( @@ -468,6 +468,7 @@ def delete_template(module): try: resp = ec2.delete_launch_template( LaunchTemplateId=template['LaunchTemplateId'], + aws_retry=True, ) except (ClientError, BotoCoreError) as e: module.fail_json_aws(e, msg="Could not delete launch template {0}".format(template['LaunchTemplateId'])) diff --git a/tests/integration/targets/ec2_launch_template/aliases b/tests/integration/targets/ec2_launch_template/aliases index 56927195182..157ce0c9d4c 100644 --- a/tests/integration/targets/ec2_launch_template/aliases +++ b/tests/integration/targets/ec2_launch_template/aliases @@ -1,2 +1,2 @@ cloud/aws -unsupported +shippable/aws/group3 diff --git a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/defaults/main.yml b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/defaults/main.yml index 9651b91642a..19eb792b91d 100644 --- a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/defaults/main.yml +++ b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/defaults/main.yml @@ -1,18 +1,3 @@ --- -resource_prefix: ansible-test-default-group -ec2_ami_image: - # https://wiki.centos.org/Cloud/AWS collected 2018-01-10 - ap-northeast-1: ami-571e3c30 - ap-northeast-2: ami-97cb19f9 - ap-south-1: ami-11f0837e - ap-southeast-1: ami-30318f53 - ap-southeast-2: ami-24959b47 - ca-central-1: ami-daeb57be - eu-central-1: ami-7cbc6e13 - eu-west-1: ami-0d063c6b - eu-west-2: ami-c22236a6 - sa-east-1: ami-864f2dea - us-east-1: ami-ae7bfdb8 - us-east-2: ami-9cbf9bf9 - us-west-1: ami-7c280d1c - us-west-2: ami-0c2aba6c +ec2_ami_name: amzn2-ami-hvm-2.*-x86_64-gp2 +test_role_name: ansible-test-{{ resource_prefix }} diff --git a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/cpu_options.yml b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/cpu_options.yml index 8d610a2ea75..b98c3dceaa8 100644 --- a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/cpu_options.yml +++ b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/cpu_options.yml @@ -11,7 +11,7 @@ - name: create c4.large instance with cpu_options ec2_launch_template: name: "{{ resource_prefix }}-c4large-1-threads-per-core" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" tags: TestId: "{{ resource_prefix }}" instance_type: c4.large diff --git a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/iam_instance_role.yml b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/iam_instance_role.yml index 5e9b7f563de..a303cc628cc 100644 --- a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/iam_instance_role.yml +++ b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/iam_instance_role.yml @@ -1,30 +1,30 @@ - block: - name: Create IAM role for test iam_role: - name: "{{ resource_prefix }}-test-policy" + name: "{{ test_role_name }}-1" assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" state: present create_instance_profile: yes managed_policy: - - AmazonS3ReadOnlyAccess + - AWSDenyAll register: iam_role - name: Create second IAM role for test iam_role: - name: "{{ resource_prefix }}-test-policy-2" + name: "{{ test_role_name }}-2" assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" state: present create_instance_profile: yes managed_policy: - - AmazonS3ReadOnlyAccess + - AWSDenyAll register: iam_role_2 - name: Make instance with an instance_role ec2_launch_template: name: "{{ resource_prefix }}-test-instance-role" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" instance_type: t2.micro - iam_instance_profile: "{{ resource_prefix }}-test-policy" + iam_instance_profile: "{{ test_role_name }}-1" register: template_with_role - assert: @@ -34,9 +34,9 @@ - name: Create template again, with no change to instance_role ec2_launch_template: name: "{{ resource_prefix }}-test-instance-role" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" instance_type: t2.micro - iam_instance_profile: "{{ resource_prefix }}-test-policy" + iam_instance_profile: "{{ test_role_name }}-1" register: template_with_role - assert: @@ -47,9 +47,9 @@ - name: Update instance with new instance_role ec2_launch_template: name: "{{ resource_prefix }}-test-instance-role" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" instance_type: t2.micro - iam_instance_profile: "{{ resource_prefix }}-test-policy-2" + iam_instance_profile: "{{ test_role_name }}-2" register: template_with_updated_role - assert: @@ -63,9 +63,9 @@ - name: Re-set with same new instance_role ec2_launch_template: name: "{{ resource_prefix }}-test-instance-role" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" instance_type: t2.micro - iam_instance_profile: "{{ resource_prefix }}-test-policy-2" + iam_instance_profile: "{{ test_role_name }}-2" register: template_with_updated_role - assert: @@ -84,20 +84,20 @@ retries: 10 - name: Delete IAM role for test iam_role: - name: "{{ resource_prefix }}-test-policy" + name: "{{ test_role_name }}-1" assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" state: absent - create_instance_profile: yes + delete_instance_profile: yes register: iam_removed until: iam_removed is not failed ignore_errors: yes retries: 10 - name: Delete IAM role for test iam_role: - name: "{{ resource_prefix }}-test-policy-2" + name: "{{ test_role_name }}-2" assume_role_policy_document: "{{ lookup('file','assume-role-policy.json') }}" state: absent - create_instance_profile: yes + delete_instance_profile: yes register: iam_2_removed until: iam_2_removed is not failed ignore_errors: yes diff --git a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/main.yml b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/main.yml index 4976da276e0..d3b24d64181 100644 --- a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/main.yml +++ b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/main.yml @@ -15,6 +15,16 @@ security_token: "{{ security_token | default(omit) }}" region: "{{ aws_region }}" block: + + - name: Find AMI to use + ec2_ami_info: + owners: 'amazon' + filters: + name: '{{ ec2_ami_name }}' + register: ec2_amis + - set_fact: + ec2_ami_image: '{{ ec2_amis.images[0].image_id }}' + - include_tasks: cpu_options.yml - include_tasks: iam_instance_role.yml - include_tasks: versions.yml diff --git a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/tags_and_vpc_settings.yml b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/tags_and_vpc_settings.yml index 7da7f770af6..aab9e61b98f 100644 --- a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/tags_and_vpc_settings.yml +++ b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/tags_and_vpc_settings.yml @@ -49,7 +49,7 @@ - name: Make instance in the testing subnet created in the test VPC ec2_instance: name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" user_data: | #cloud-config package_upgrade: true @@ -71,7 +71,7 @@ - name: Try to re-make the instance, hopefully this shows changed=False ec2_instance: name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" user_data: | #cloud-config package_upgrade: true @@ -96,7 +96,7 @@ - name: Alter it by adding tags ec2_instance: name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" tags: TestId: "{{ resource_prefix }}" Another: thing @@ -113,11 +113,11 @@ that: - check_tags.instances[0].tags.Another == 'thing' - check_tags.instances[0].tags.Something == 'else' - + - name: Purge a tag ec2_instance: name: "{{ resource_prefix }}-test-basic-vpc-create" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" purge_tags: true tags: TestId: "{{ resource_prefix }}" diff --git a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/versions.yml b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/versions.yml index 9035467a60f..d188d9c2e51 100644 --- a/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/versions.yml +++ b/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/versions.yml @@ -2,7 +2,7 @@ - name: create simple instance template ec2_launch_template: name: "{{ resource_prefix }}-simple" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" tags: TestId: "{{ resource_prefix }}" instance_type: c4.large @@ -20,7 +20,7 @@ ec2_launch_template: name: "{{ resource_prefix }}-simple" default_version: 1 - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" tags: TestId: "{{ resource_prefix }}" instance_type: m5.large @@ -37,7 +37,7 @@ - name: update simple instance template ec2_launch_template: name: "{{ resource_prefix }}-simple" - image_id: "{{ ec2_ami_image[aws_region] }}" + image_id: "{{ ec2_ami_image }}" tags: TestId: "{{ resource_prefix }}" instance_type: t3.medium From 4d1aa98dcae938d095544691250a934e16a947e4 Mon Sep 17 00:00:00 2001 From: Phoosha Date: Tue, 15 Dec 2020 21:21:39 +0100 Subject: [PATCH 119/129] Fix eip association when both instance id and private ip address are passed (#328) * Fix ec2_eip with both instance_id and private_ip_address * Add changelog fragment for the ec2_eip fix --- ...ix-ec2_eip-instance-id-private-ip-address.yml | 2 ++ plugins/modules/ec2_eip.py | 2 +- tests/integration/targets/ec2_eip/tasks/main.yml | 16 ++++++++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/328-fix-ec2_eip-instance-id-private-ip-address.yml diff --git a/changelogs/fragments/328-fix-ec2_eip-instance-id-private-ip-address.yml b/changelogs/fragments/328-fix-ec2_eip-instance-id-private-ip-address.yml new file mode 100644 index 00000000000..8701cdd8694 --- /dev/null +++ b/changelogs/fragments/328-fix-ec2_eip-instance-id-private-ip-address.yml @@ -0,0 +1,2 @@ +bugfixes: + - ec2_eip - fix eip association by instance id & private ip address due to case-sensitivity of the ``PrivateIpAddress`` parameter (https://github.com/ansible-collections/community.aws/pull/328). diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index 6aa2a531069..54624f59182 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -241,7 +241,7 @@ def associate_ip_and_device(ec2, module, address, private_ip_address, device_id, AllowReassociation=allow_reassociation, ) if private_ip_address: - params['PrivateIPAddress'] = private_ip_address + params['PrivateIpAddress'] = private_ip_address if address['Domain'] == 'vpc': params['AllocationId'] = address['AllocationId'] else: diff --git a/tests/integration/targets/ec2_eip/tasks/main.yml b/tests/integration/targets/ec2_eip/tasks/main.yml index 6d904003012..83093572697 100644 --- a/tests/integration/targets/ec2_eip/tasks/main.yml +++ b/tests/integration/targets/ec2_eip/tasks/main.yml @@ -571,6 +571,22 @@ - instance_eip is success - eip_info.addresses[0].allocation_id is defined - eip_info.addresses[0].instance_id == '{{ instance_info.instances[0].instance_id }}' + - name: Attach eip to an EC2 instance with private Ip specified + ec2_eip: + device_id: '{{ instance_info.instances[0].instance_id }}' + private_ip_address: '{{ instance_info.instances[0].private_ip_address }}' + state: present + release_on_disassociation: yes + register: instance_eip + - ec2_eip_info: + filters: + public-ip: '{{ instance_eip.public_ip }}' + register: eip_info + - assert: + that: + - instance_eip is success + - eip_info.addresses[0].allocation_id is defined + - eip_info.addresses[0].instance_id == '{{ instance_info.instances[0].instance_id }}' # ===================================================== - name: Cleanup instance ec2_instance: From 46102ffd4566291c5a31407ce7b14c78c2dfabaa Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 16 Dec 2020 21:06:15 +0100 Subject: [PATCH 120/129] Use botocore_at_least rather than LooseVersion/StrictVersion directly (#280) * Use botocore_at_least rather than LooseVersion/StrictVersion directly * changelog --- changelogs/fragments/280-cleanup-botocore_at_least.yml | 4 ++++ plugins/modules/dynamodb_ttl.py | 5 ++--- plugins/modules/ec2_vpc_peer.py | 3 +-- plugins/modules/ecs_task.py | 9 +++------ 4 files changed, 10 insertions(+), 11 deletions(-) create mode 100644 changelogs/fragments/280-cleanup-botocore_at_least.yml diff --git a/changelogs/fragments/280-cleanup-botocore_at_least.yml b/changelogs/fragments/280-cleanup-botocore_at_least.yml new file mode 100644 index 00000000000..359bfaa110e --- /dev/null +++ b/changelogs/fragments/280-cleanup-botocore_at_least.yml @@ -0,0 +1,4 @@ +minor_changes: +- dynamodb_ttl - use ``botocore_at_least`` helper for checking the available botocore version (https://github.com/ansible-collections/community.aws/pull/280). +- ec2_vpc_peer - use ``botocore_at_least`` helper for checking the available botocore version (https://github.com/ansible-collections/community.aws/pull/280). +- ecs_task - use ``botocore_at_least`` helper for checking the available botocore version (https://github.com/ansible-collections/community.aws/pull/280). diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index b23c0ab076e..e04dedfafbb 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -65,7 +65,6 @@ - { "AttributeName": "deploy_timestamp", "Enabled": true } ''' -import distutils.version import traceback try: @@ -126,8 +125,8 @@ def main(): argument_spec=argument_spec, ) - if distutils.version.StrictVersion(botocore.__version__) < distutils.version.StrictVersion('1.5.24'): - # TTL was added in this version. + if not module.botocore_at_least('1.5.24'): + # TTL was added in 1.5.24 module.fail_json(msg='Found botocore in version {0}, but >= {1} is required for TTL support'.format(botocore.__version__, '1.5.24')) try: diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index 31f6ea203a7..c7efeff3829 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -221,7 +221,6 @@ except ImportError: pass # Handled by AnsibleAWSModule -import distutils.version import traceback from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule @@ -279,7 +278,7 @@ def create_peer_connection(client, module): params['VpcId'] = module.params.get('vpc_id') params['PeerVpcId'] = module.params.get('peer_vpc_id') if module.params.get('peer_region'): - if distutils.version.StrictVersion(botocore.__version__) < distutils.version.StrictVersion('1.8.6'): + if not module.botocore_at_least('1.8.6'): module.fail_json(msg="specifying peer_region parameter requires botocore >= 1.8.6") params['PeerRegion'] = module.params.get('peer_region') if module.params.get('peer_owner_id'): diff --git a/plugins/modules/ecs_task.py b/plugins/modules/ecs_task.py index f43cd700d27..e8eeb9c57ea 100644 --- a/plugins/modules/ecs_task.py +++ b/plugins/modules/ecs_task.py @@ -307,29 +307,26 @@ def stop_task(self, cluster, task): return response['task'] def ecs_api_handles_launch_type(self): - from distutils.version import LooseVersion # There doesn't seem to be a nice way to inspect botocore to look # for attributes (and networkConfiguration is not an explicit argument # to e.g. ecs.run_task, it's just passed as a keyword argument) - return LooseVersion(botocore.__version__) >= LooseVersion('1.8.4') + return self.module.botocore_at_least('1.8.4') def ecs_task_long_format_enabled(self): account_support = self.ecs.list_account_settings(name='taskLongArnFormat', effectiveSettings=True) return account_support['settings'][0]['value'] == 'enabled' def ecs_api_handles_tags(self): - from distutils.version import LooseVersion # There doesn't seem to be a nice way to inspect botocore to look # for attributes (and networkConfiguration is not an explicit argument # to e.g. ecs.run_task, it's just passed as a keyword argument) - return LooseVersion(botocore.__version__) >= LooseVersion('1.12.46') + return self.module.botocore_at_least('1.12.46') def ecs_api_handles_network_configuration(self): - from distutils.version import LooseVersion # There doesn't seem to be a nice way to inspect botocore to look # for attributes (and networkConfiguration is not an explicit argument # to e.g. ecs.run_task, it's just passed as a keyword argument) - return LooseVersion(botocore.__version__) >= LooseVersion('1.7.44') + return self.module.botocore_at_least('1.7.44') def main(): From e088eda61b04f669d05472e1b3621cbb51405bd4 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Tue, 5 Jan 2021 19:31:36 +0100 Subject: [PATCH 121/129] ec2_metric_alarm - tweak example to be more generic (#339) * ec2_metric_alarm - Update docs to remove reference to slave We don't need to specifically talk about bamboo, and they now use 'agent' * Tweak import order in line with PEP-0008 --- plugins/modules/ec2_metric_alarm.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/modules/ec2_metric_alarm.py b/plugins/modules/ec2_metric_alarm.py index 09e95d2fd6c..c7b4c28a8ad 100644 --- a/plugins/modules/ec2_metric_alarm.py +++ b/plugins/modules/ec2_metric_alarm.py @@ -180,7 +180,7 @@ period: 300 evaluation_periods: 3 unit: "Percent" - description: "This will alarm when a bamboo slave's cpu usage average is lower than 5% for 15 minutes " + description: "This will alarm when a instance's CPU usage average is lower than 5% for 15 minutes" dimensions: {'InstanceId':'i-XXX'} alarm_actions: ["action1","action2"] @@ -203,13 +203,13 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule - try: from botocore.exceptions import ClientError except ImportError: pass # protected by AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule + def create_metric_alarm(connection, module): From 0cf5326bfcf479d446cacf9144e79176a655192f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gon=C3=A9ri=20Le=20Bouder?= Date: Tue, 12 Jan 2021 12:47:34 -0500 Subject: [PATCH 122/129] elb_application_lb: also clean up the associate listeners (#350) state=`absent`: Properly remove the associated listeners before the final removal of the object. See: https://github.com/ansible/ansible/issues/49291 --- .../fragments/350_elb_application_lb_purges_listeners.yaml | 3 +++ plugins/modules/elb_application_lb.py | 5 +++++ 2 files changed, 8 insertions(+) create mode 100644 changelogs/fragments/350_elb_application_lb_purges_listeners.yaml diff --git a/changelogs/fragments/350_elb_application_lb_purges_listeners.yaml b/changelogs/fragments/350_elb_application_lb_purges_listeners.yaml new file mode 100644 index 00000000000..616ffa019bd --- /dev/null +++ b/changelogs/fragments/350_elb_application_lb_purges_listeners.yaml @@ -0,0 +1,3 @@ +--- +bugfixes: +- elb_application_lb - during the removal of an instance, the associated listeners are also removed. diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index f18a00816b8..f154c8803ff 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -589,6 +589,11 @@ def create_or_update_elb(elb_obj): def delete_elb(elb_obj): if elb_obj.elb: + listeners_obj = ELBListeners(elb_obj.connection, elb_obj.module, elb_obj.elb['LoadBalancerArn']) + for listener_to_delete in [i['ListenerArn'] for i in listeners_obj.current_listeners]: + listener_obj = ELBListener(elb_obj.connection, elb_obj.module, listener_to_delete, elb_obj.elb['LoadBalancerArn']) + listener_obj.delete() + elb_obj.delete() elb_obj.module.exit_json(changed=elb_obj.changed) From 384af185982589991743f0299328ae4ece5a7cd3 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 13 Jan 2021 13:26:38 +0100 Subject: [PATCH 123/129] ec2_eip - Formally deprecate the 'instance_id' alias. (#349) * ec2_eip - Formally deprecate the 'instance_id' alias. We've been issuing a warning for a while, formally deprecate it so we can start cleaning up the code. --- .../fragments/349-ec2_eip-deprecate-instance_id.yml | 2 ++ plugins/modules/ec2_eip.py | 9 +++++---- 2 files changed, 7 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/349-ec2_eip-deprecate-instance_id.yml diff --git a/changelogs/fragments/349-ec2_eip-deprecate-instance_id.yml b/changelogs/fragments/349-ec2_eip-deprecate-instance_id.yml new file mode 100644 index 00000000000..35bfd8835c7 --- /dev/null +++ b/changelogs/fragments/349-ec2_eip-deprecate-instance_id.yml @@ -0,0 +1,2 @@ +deprecated_features: +- ec2_eip - formally deprecate the ``instance_id`` alias for ``device_id`` (https://github.com/ansible-collections/community.aws/pull/349). diff --git a/plugins/modules/ec2_eip.py b/plugins/modules/ec2_eip.py index 54624f59182..adf6f0bda41 100644 --- a/plugins/modules/ec2_eip.py +++ b/plugins/modules/ec2_eip.py @@ -20,6 +20,7 @@ device_id: description: - The id of the device for the EIP. Can be an EC2 Instance id or Elastic Network Interface (ENI) id. + - The I(instance_id) alias has been deprecated and will be removed after 2022-12-01. required: false aliases: [ instance_id ] type: str @@ -519,7 +520,10 @@ def generate_tag_dict(module, tag_name, tag_value): def main(): argument_spec = dict( - device_id=dict(required=False, aliases=['instance_id']), + device_id=dict(required=False, aliases=['instance_id'], + deprecated_aliases=[dict(name='instance_id', + date='2022-12-01', + collection_name='community.aws')]), public_ip=dict(required=False, aliases=['ip']), state=dict(required=False, default='present', choices=['present', 'absent']), @@ -560,7 +564,6 @@ def main(): public_ipv4_pool = module.params.get('public_ipv4_pool') if instance_id: - warnings = ["instance_id is no longer used, please use device_id going forward"] is_instance = True device_id = instance_id else: @@ -629,8 +632,6 @@ def main(): except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: module.fail_json_aws(str(e)) - if instance_id: - result['warnings'] = warnings module.exit_json(**result) From 7ff21336e87509a1bf0dcb1c2c02bc93c5c7384a Mon Sep 17 00:00:00 2001 From: Sean Cavanaugh Date: Wed, 13 Jan 2021 13:48:15 -0500 Subject: [PATCH 124/129] add uptime parameter for ec2_instance_info module in minutes (#356) * syncing module and tests for uptime with tons of help from Yanis, we now have uptime in there * updating pr with fixes from suggestions adding to https://github.com/ansible-collections/community.aws/pull/356 with comments from @tremble and @duderamos * Create 356_add_minimum_uptime_parameter.yaml adding changelog fragment per @gravesm suggestion * Update 356_add_minimum_uptime_parameter.yaml last comment from @tremble Co-authored-by: Sean Cavanaugh --- .../356_add_minimum_uptime_parameter.yaml | 3 + plugins/modules/ec2_instance_info.py | 33 +++++++++- .../roles/ec2_instance/tasks/uptime.yml | 66 +++++++++++++++++++ 3 files changed, 99 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/356_add_minimum_uptime_parameter.yaml create mode 100644 tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/uptime.yml diff --git a/changelogs/fragments/356_add_minimum_uptime_parameter.yaml b/changelogs/fragments/356_add_minimum_uptime_parameter.yaml new file mode 100644 index 00000000000..c436c96f0ea --- /dev/null +++ b/changelogs/fragments/356_add_minimum_uptime_parameter.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: +- ec2_instance_info - added ``minimum_uptime`` option with alias ``uptime`` for filtering instances that have only been online for certain duration of time in minutes (https://github.com/ansible-collections/community.aws/pull/356). diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index 1c4c1f0df33..e37f2cf9cd1 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -33,6 +33,13 @@ required: false default: {} type: dict + minimum_uptime: + description: + - Minimum running uptime in minutes of instances. For example if I(uptime) is C(60) return all instances that have run more than 60 minutes. + required: false + aliases: ['uptime'] + type: int + extends_documentation_fragment: - amazon.aws.aws @@ -66,6 +73,15 @@ filters: instance-state-name: [ "shutting-down", "stopping", "stopped" ] +- name: Gather information about any instance with Name beginning with RHEL and an uptime of at least 60 minutes + community.aws.ec2_instance_info: + region: "{{ ec2_region }}" + uptime: 60 + filters: + "tag:Name": "RHEL-*" + instance-state-name: [ "running"] + register: ec2_node_info + ''' RETURN = r''' @@ -492,6 +508,8 @@ ''' import traceback +import datetime + try: import boto3 @@ -509,6 +527,7 @@ def list_ec2_instances(connection, module): instance_ids = module.params.get("instance_ids") + uptime = module.params.get('minimum_uptime') filters = ansible_dict_to_boto3_filter_list(module.params.get("filters")) try: @@ -517,10 +536,17 @@ def list_ec2_instances(connection, module): except ClientError as e: module.fail_json_aws(e, msg="Failed to list ec2 instances") - # Get instances from reservations instances = [] - for reservation in reservations['Reservations']: - instances = instances + reservation['Instances'] + + if uptime: + timedelta = int(uptime) if uptime else 0 + oldest_launch_time = datetime.datetime.utcnow() - datetime.timedelta(minutes=timedelta) + # Get instances from reservations + for reservation in reservations['Reservations']: + instances += [instance for instance in reservation['Instances'] if instance['LaunchTime'].replace(tzinfo=None) < oldest_launch_time] + else: + for reservation in reservations['Reservations']: + instances = instances + reservation['Instances'] # Turn the boto3 result in to ansible_friendly_snaked_names snaked_instances = [camel_dict_to_snake_dict(instance) for instance in instances] @@ -535,6 +561,7 @@ def list_ec2_instances(connection, module): def main(): argument_spec = dict( + minimum_uptime=dict(required=False, type='int', default=None, aliases=['uptime']), instance_ids=dict(default=[], type='list', elements='str'), filters=dict(default={}, type='dict') ) diff --git a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/uptime.yml b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/uptime.yml new file mode 100644 index 00000000000..6f6c5fe0d49 --- /dev/null +++ b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/uptime.yml @@ -0,0 +1,66 @@ +--- +- block: + - name: "create t3.nano instance" + ec2_instance: + name: "{{ resource_prefix }}-test-uptime" + region: "{{ ec2_region }}" + image_id: "{{ ec2_ami_image }}" + tags: + TestId: "{{ ec2_instance_tag_TestId }}" + vpc_subnet_id: "{{ testing_subnet_a.subnet.id }}" + instance_type: t3.nano + wait: yes + + - name: "check ec2 instance" + ec2_instance_info: + filters: + "tag:Name": "{{ resource_prefix }}-test-uptime" + instance-state-name: [ "running"] + register: instance_facts + + - name: "Confirm existence of instance id." + assert: + that: + - "{{ instance_facts.instances | length }} == 1" + + - name: "check using uptime 100 hours - should find nothing" + ec2_instance_info: + region: "{{ ec2_region }}" + uptime: 6000 + filters: + instance-state-name: [ "running"] + "tag:Name": "{{ resource_prefix }}-test-uptime" + register: instance_facts + + - name: "Confirm there is no running instance" + assert: + that: + - "{{ instance_facts.instances | length }} == 0" + + - name: Sleep for 61 seconds and continue with play + wait_for: + timeout: 61 + delegate_to: localhost + + - name: "check using uptime 1 minute" + ec2_instance_info: + region: "{{ ec2_region }}" + uptime: 1 + filters: + instance-state-name: [ "running"] + "tag:Name": "{{ resource_prefix }}-test-uptime" + register: instance_facts + + - name: "Confirm there is one running instance" + assert: + that: + - "{{ instance_facts.instances | length }} == 1" + + always: + - name: "Terminate instances" + ec2_instance: + state: absent + filters: + "tag:TestId": "{{ ec2_instance_tag_TestId }}" + wait: yes + ignore_errors: yes From 406c57778359bbdd9377a5590bb87c81e22d7c3a Mon Sep 17 00:00:00 2001 From: Thulasiram Date: Thu, 14 Jan 2021 03:18:06 +0530 Subject: [PATCH 125/129] aws_ssm signed url using v2 and thus aws_ssm generates incompatible curl request to download s3 object for ansible python (#352) - AWS SDKs that were released before May 2016, request Signature Version 4 - fix generated url for aws s3 object for ansible python that executes ansible playbook usingh aws_ssm --- ...ix-aws-region-and-v4-signature-for-s3-boto-client.yml | 2 ++ plugins/connection/aws_ssm.py | 9 ++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/352-fix-aws-region-and-v4-signature-for-s3-boto-client.yml diff --git a/changelogs/fragments/352-fix-aws-region-and-v4-signature-for-s3-boto-client.yml b/changelogs/fragments/352-fix-aws-region-and-v4-signature-for-s3-boto-client.yml new file mode 100644 index 00000000000..8fe59379698 --- /dev/null +++ b/changelogs/fragments/352-fix-aws-region-and-v4-signature-for-s3-boto-client.yml @@ -0,0 +1,2 @@ +bugfixes: + - aws_ssm - fix the generation of CURL URL used to download Ansible Python file from S3 bucket by ```_get_url()``` due to due to non-assignment of aws region in the URL and not using V4 signature as specified for AWS S3 signature URL by ```_get_boto_client()``` in (https://github.com/ansible-collections/community.aws/pull/352). \ No newline at end of file diff --git a/plugins/connection/aws_ssm.py b/plugins/connection/aws_ssm.py index 94289eeef9f..c5fd3e22eef 100644 --- a/plugins/connection/aws_ssm.py +++ b/plugins/connection/aws_ssm.py @@ -162,7 +162,6 @@ import os import getpass import json -import os import pty import random import re @@ -177,6 +176,7 @@ except ImportError as e: HAS_BOTO_3_ERROR = str(e) HAS_BOTO_3 = False +from botocore.client import Config from functools import wraps from ansible import constants as C @@ -497,7 +497,8 @@ def _flush_stderr(self, subprocess): def _get_url(self, client_method, bucket_name, out_path, http_method): ''' Generate URL for get_object / put_object ''' - client = self._get_boto_client('s3') + region_name = self.get_option('region') or 'us-east-1' + client = self._get_boto_client('s3', region_name) return client.generate_presigned_url(client_method, Params={'Bucket': bucket_name, 'Key': out_path}, ExpiresIn=3600, HttpMethod=http_method) def _get_boto_client(self, service, region_name=None): @@ -515,7 +516,9 @@ def _get_boto_client(self, service, region_name=None): aws_access_key_id=aws_access_key_id, aws_secret_access_key=aws_secret_access_key, aws_session_token=aws_session_token, - region_name=region_name) + region_name=region_name, + config=Config(signature_version="s3v4") + ) return client @_ssm_retry From 130cf3cc5980014020632f19fdab79c9bcf28add Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Sat, 16 Jan 2021 10:50:49 +0100 Subject: [PATCH 126/129] Bulk import cleanup (#360) * Split imports and reorder * Import camel_dict_to_snake_dict and snake_dict_to_camel_dict direct from ansible.module_utils.common.dict_transformations * Remove unused imports * Route53 Info was migrated to Boto3 drop the HAS_BOTO check and import * changelog --- changelogs/fragments/360-imports-cleanup.yml | 2 ++ .../aws_config_aggregation_authorization.py | 1 - .../modules/aws_config_delivery_channel.py | 8 +++++--- plugins/modules/aws_config_recorder.py | 8 +++++--- plugins/modules/aws_config_rule.py | 8 +++++--- plugins/modules/cloudformation_stack_set.py | 19 +++++++++---------- .../cloudfront_origin_access_identity.py | 13 +++++-------- .../cloudwatchlogs_log_group_metric_filter.py | 9 +++------ plugins/modules/dynamodb_ttl.py | 2 -- plugins/modules/ec2_ami_copy.py | 13 +++++++------ plugins/modules/ec2_customer_gateway.py | 5 ++--- plugins/modules/ec2_elb.py | 1 - plugins/modules/ec2_instance.py | 16 +++++++--------- plugins/modules/ec2_instance_info.py | 6 ++---- plugins/modules/ec2_lc_info.py | 4 ++-- plugins/modules/ec2_snapshot_copy.py | 4 +--- plugins/modules/ec2_vpc_endpoint_info.py | 6 +++--- plugins/modules/ec2_vpc_vgw.py | 1 - plugins/modules/ecs_attribute.py | 1 - plugins/modules/ecs_cluster.py | 2 +- plugins/modules/ecs_taskdefinition.py | 4 ++-- .../modules/elasticache_parameter_group.py | 4 +--- plugins/modules/elb_application_lb_info.py | 4 ++-- plugins/modules/elb_instance.py | 1 - plugins/modules/elb_target.py | 5 ++--- plugins/modules/elb_target_group_info.py | 4 ++-- plugins/modules/iam_mfa_device_info.py | 4 ++-- .../modules/iam_server_certificate_info.py | 1 - plugins/modules/iam_user_info.py | 9 +++++---- plugins/modules/lambda_event.py | 5 ++--- plugins/modules/route53_health_check.py | 5 +---- plugins/modules/route53_info.py | 11 ++--------- plugins/modules/s3_metrics_configuration.py | 8 ++++---- plugins/modules/s3_website.py | 4 ++-- plugins/modules/sns.py | 1 - plugins/modules/sts_session_token.py | 1 - 36 files changed, 86 insertions(+), 114 deletions(-) create mode 100644 changelogs/fragments/360-imports-cleanup.yml diff --git a/changelogs/fragments/360-imports-cleanup.yml b/changelogs/fragments/360-imports-cleanup.yml new file mode 100644 index 00000000000..dae43e8d1ec --- /dev/null +++ b/changelogs/fragments/360-imports-cleanup.yml @@ -0,0 +1,2 @@ +minor_changes: +- various community.aws modules - cleanup of Python imports (https://github.com/ansible-collections/community.aws/pull/360). diff --git a/plugins/modules/aws_config_aggregation_authorization.py b/plugins/modules/aws_config_aggregation_authorization.py index 5a4ee38bf81..e0f4af6f5b4 100644 --- a/plugins/modules/aws_config_aggregation_authorization.py +++ b/plugins/modules/aws_config_aggregation_authorization.py @@ -55,7 +55,6 @@ try: import botocore - from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # handled by AnsibleAWSModule diff --git a/plugins/modules/aws_config_delivery_channel.py b/plugins/modules/aws_config_delivery_channel.py index 6e7fe5b2fa9..117afe80c0b 100644 --- a/plugins/modules/aws_config_delivery_channel.py +++ b/plugins/modules/aws_config_delivery_channel.py @@ -68,12 +68,14 @@ try: import botocore - from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry # this waits for an IAM role to become fully available, at the cost of diff --git a/plugins/modules/aws_config_recorder.py b/plugins/modules/aws_config_recorder.py index 2d3bf003d3b..e740241c082 100644 --- a/plugins/modules/aws_config_recorder.py +++ b/plugins/modules/aws_config_recorder.py @@ -82,12 +82,14 @@ try: import botocore - from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry def resource_exists(client, module, params): diff --git a/plugins/modules/aws_config_rule.py b/plugins/modules/aws_config_rule.py index 80550586aa8..0beae0b63a8 100644 --- a/plugins/modules/aws_config_rule.py +++ b/plugins/modules/aws_config_rule.py @@ -110,12 +110,14 @@ try: import botocore - from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry def rule_exists(client, module, params): diff --git a/plugins/modules/cloudformation_stack_set.py b/plugins/modules/cloudformation_stack_set.py index 148cbe61047..ac7b57bfe9d 100644 --- a/plugins/modules/cloudformation_stack_set.py +++ b/plugins/modules/cloudformation_stack_set.py @@ -296,26 +296,25 @@ ''' # NOQA -import time import datetime -import uuid import itertools +import time +import uuid try: - import boto3 - import botocore.exceptions from botocore.exceptions import ClientError, BotoCoreError except ImportError: # handled by AnsibleAWSModule pass -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, - boto3_tag_list_to_ansible_dict, - ansible_dict_to_boto3_tag_list, - camel_dict_to_snake_dict, - ) -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict def create_stack_set(module, stack_params, cfn): diff --git a/plugins/modules/cloudfront_origin_access_identity.py b/plugins/modules/cloudfront_origin_access_identity.py index 00f188222c5..7370f98625c 100644 --- a/plugins/modules/cloudfront_origin_access_identity.py +++ b/plugins/modules/cloudfront_origin_access_identity.py @@ -120,21 +120,18 @@ ''' -from ansible_collections.amazon.aws.plugins.module_utils.cloudfront_facts import CloudFrontFactsServiceManager -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule import datetime -from functools import partial -import json -import traceback try: - import botocore - from botocore.signers import CloudFrontSigner from botocore.exceptions import ClientError, BotoCoreError except ImportError: pass # caught by imported AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.cloudfront_facts import CloudFrontFactsServiceManager +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule + class CloudFrontOriginAccessIdentityServiceManager(object): """ diff --git a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py index a05c7fe2029..04d0219e48b 100644 --- a/plugins/modules/cloudwatchlogs_log_group_metric_filter.py +++ b/plugins/modules/cloudwatchlogs_log_group_metric_filter.py @@ -100,13 +100,10 @@ ] """ -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code, get_boto3_client_method_parameters -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -try: - from botocore.exceptions import ClientError, BotoCoreError, WaiterError -except ImportError: - pass # caught by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule def metricTransformationHandler(metricTransformations, originMetricTransformations=None): diff --git a/plugins/modules/dynamodb_ttl.py b/plugins/modules/dynamodb_ttl.py index e04dedfafbb..95bf95ffe78 100644 --- a/plugins/modules/dynamodb_ttl.py +++ b/plugins/modules/dynamodb_ttl.py @@ -65,8 +65,6 @@ - { "AttributeName": "deploy_timestamp", "Enabled": true } ''' -import traceback - try: import botocore except ImportError: diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index 38f1123168f..a3a23454b28 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -135,16 +135,17 @@ sample: ami-e689729e ''' -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list -from ansible.module_utils._text import to_native - try: - from botocore.exceptions import ClientError, NoCredentialsError, WaiterError, BotoCoreError + from botocore.exceptions import ClientError, WaiterError, BotoCoreError except ImportError: pass # caught by AnsibleAWSModule +from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list + def copy_image(module, ec2): """ diff --git a/plugins/modules/ec2_customer_gateway.py b/plugins/modules/ec2_customer_gateway.py index 1e9fc1ded47..5343b316a4f 100644 --- a/plugins/modules/ec2_customer_gateway.py +++ b/plugins/modules/ec2_customer_gateway.py @@ -110,15 +110,14 @@ ''' try: - from botocore.exceptions import ClientError - import boto3 import botocore except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict class Ec2CustomerGatewayManager: diff --git a/plugins/modules/ec2_elb.py b/plugins/modules/ec2_elb.py index d9a6231f6b5..f2c124e6e00 100644 --- a/plugins/modules/ec2_elb.py +++ b/plugins/modules/ec2_elb.py @@ -84,7 +84,6 @@ import boto.ec2 import boto.ec2.autoscale import boto.ec2.elb - from boto.regioninfo import RegionInfo except ImportError: pass # Handled by HAS_BOTO diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index aba7ac26b10..a240a350d13 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -795,32 +795,30 @@ sample: vpc-0011223344 ''' +from collections import namedtuple import re -import uuid import string import textwrap import time -from collections import namedtuple +import uuid try: - import boto3 import botocore.exceptions except ImportError: pass # caught by AnsibleAWSModule +from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict +from ansible.module_utils.common.dict_transformations import snake_dict_to_camel_dict from ansible.module_utils.six import string_types from ansible.module_utils.six.moves.urllib import parse as urlparse -from ansible.module_utils._text import to_bytes -from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags module = None diff --git a/plugins/modules/ec2_instance_info.py b/plugins/modules/ec2_instance_info.py index e37f2cf9cd1..be5f1e68892 100644 --- a/plugins/modules/ec2_instance_info.py +++ b/plugins/modules/ec2_instance_info.py @@ -507,21 +507,19 @@ sample: vpc-0011223344 ''' -import traceback import datetime - try: - import boto3 import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def list_ec2_instances(connection, module): diff --git a/plugins/modules/ec2_lc_info.py b/plugins/modules/ec2_lc_info.py index 1d680c37bc9..1a51eb580b3 100644 --- a/plugins/modules/ec2_lc_info.py +++ b/plugins/modules/ec2_lc_info.py @@ -152,14 +152,14 @@ ''' try: - import boto3 import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def list_launch_configs(connection, module): diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 85f44d60000..695d0027d12 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -112,16 +112,14 @@ import traceback try: - import boto3 import botocore from botocore.exceptions import ClientError, WaiterError except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def copy_snapshot(module, ec2): diff --git a/plugins/modules/ec2_vpc_endpoint_info.py b/plugins/modules/ec2_vpc_endpoint_info.py index e72b487db3d..7e259c6ca8e 100644 --- a/plugins/modules/ec2_vpc_endpoint_info.py +++ b/plugins/modules/ec2_vpc_endpoint_info.py @@ -113,11 +113,11 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list def date_handler(obj): diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index 2f8702ecace..d54e7264103 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -116,7 +116,6 @@ try: import botocore - import boto3 except ImportError: pass # Handled by AnsibleAWSModule diff --git a/plugins/modules/ecs_attribute.py b/plugins/modules/ecs_attribute.py index 552747ba10c..be9210f3272 100644 --- a/plugins/modules/ecs_attribute.py +++ b/plugins/modules/ecs_attribute.py @@ -111,7 +111,6 @@ ''' try: - import boto3 import botocore from botocore.exceptions import ClientError, EndpointConnectionError except ImportError: diff --git a/plugins/modules/ecs_cluster.py b/plugins/modules/ecs_cluster.py index ed0dc1c78ff..87e0476be9b 100644 --- a/plugins/modules/ecs_cluster.py +++ b/plugins/modules/ecs_cluster.py @@ -103,10 +103,10 @@ type: str sample: ACTIVE ''' + import time try: - import boto3 import botocore except ImportError: pass # Handled by AnsibleAWSModule diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index 6158fb4ec21..ed2825d0942 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -213,10 +213,10 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible.module_utils._text import to_text +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule + class EcsTaskManager: """Handles ECS Tasks""" diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index 1e9c574178d..00992a91e51 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -108,17 +108,15 @@ import traceback try: - import boto3 import botocore except ImportError: pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_text +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible.module_utils.six import string_types -# import module snippets from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def create(module, conn, name, group_family, description): diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index 06e1f3ae229..14937befba8 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -165,17 +165,17 @@ import traceback try: - import boto3 import botocore from botocore.exceptions import ClientError, NoCredentialsError except ImportError: pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def get_elb_listeners(connection, module, elb_arn): diff --git a/plugins/modules/elb_instance.py b/plugins/modules/elb_instance.py index fe10d6cd8dc..97682acb659 100644 --- a/plugins/modules/elb_instance.py +++ b/plugins/modules/elb_instance.py @@ -90,7 +90,6 @@ import boto.ec2 import boto.ec2.autoscale import boto.ec2.elb - from boto.regioninfo import RegionInfo except ImportError: pass # Handled by HAS_BOTO diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index b8cda233814..31761953b17 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -111,20 +111,19 @@ ''' -import traceback from time import time, sleep +import traceback try: - import boto3 import botocore from botocore.exceptions import ClientError, BotoCoreError except ImportError: pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index a9694428872..00cc425e0de 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -210,17 +210,17 @@ import traceback try: - import boto3 import botocore from botocore.exceptions import ClientError, NoCredentialsError except ImportError: pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def get_target_group_attributes(connection, module, target_group_arn): diff --git a/plugins/modules/iam_mfa_device_info.py b/plugins/modules/iam_mfa_device_info.py index c79afab095f..e86687134a9 100644 --- a/plugins/modules/iam_mfa_device_info.py +++ b/plugins/modules/iam_mfa_device_info.py @@ -61,14 +61,14 @@ ''' try: - import boto3 import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def list_mfa_devices(connection, module): diff --git a/plugins/modules/iam_server_certificate_info.py b/plugins/modules/iam_server_certificate_info.py index 6e37185680f..994344147e4 100644 --- a/plugins/modules/iam_server_certificate_info.py +++ b/plugins/modules/iam_server_certificate_info.py @@ -80,7 +80,6 @@ try: - import boto3 import botocore import botocore.exceptions except ImportError: diff --git a/plugins/modules/iam_user_info.py b/plugins/modules/iam_user_info.py index 8e1856b1763..f6aaa842eef 100644 --- a/plugins/modules/iam_user_info.py +++ b/plugins/modules/iam_user_info.py @@ -101,15 +101,16 @@ sample: "test_user" ''' -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry - try: - import botocore from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # caught by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + @AWSRetry.exponential_backoff() def list_iam_users_with_backoff(client, operation, **kwargs): diff --git a/plugins/modules/lambda_event.py b/plugins/modules/lambda_event.py index e0009d13582..3906771255f 100644 --- a/plugins/modules/lambda_event.py +++ b/plugins/modules/lambda_event.py @@ -115,17 +115,16 @@ ''' import re -import sys try: - import boto3 from botocore.exceptions import ClientError, ParamValidationError, MissingParametersError except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_conn -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info diff --git a/plugins/modules/route53_health_check.py b/plugins/modules/route53_health_check.py index a1f9c9a268c..03ac8b09af0 100644 --- a/plugins/modules/route53_health_check.py +++ b/plugins/modules/route53_health_check.py @@ -118,18 +118,15 @@ import uuid try: - import boto import boto.ec2 - from boto import route53 from boto.route53 import Route53Connection, exception from boto.route53.healthcheck import HealthCheck except ImportError: pass # Handled by HAS_BOTO -# import module snippets from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info # Things that can't get changed: diff --git a/plugins/modules/route53_info.py b/plugins/modules/route53_info.py index 38d0bc540f5..abdf7e44709 100644 --- a/plugins/modules/route53_info.py +++ b/plugins/modules/route53_info.py @@ -204,18 +204,15 @@ start_record_name: "host1.workshop.test.io" register: RECORDS ''' + try: - import boto import botocore - import boto3 except ImportError: - pass # Handled by HAS_BOTO and HAS_BOTO3 + pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO3 def get_hosted_zone(client, module): @@ -461,10 +458,6 @@ def main(): if module._name == 'route53_facts': module.deprecate("The 'route53_facts' module has been renamed to 'route53_info'", date='2021-12-01', collection_name='community.aws') - # Validate Requirements - if not (HAS_BOTO or HAS_BOTO3): - module.fail_json(msg='json and boto/boto3 is required.') - try: route53 = module.client('route53') except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: diff --git a/plugins/modules/s3_metrics_configuration.py b/plugins/modules/s3_metrics_configuration.py index 729503cf88b..2480d1d7560 100644 --- a/plugins/modules/s3_metrics_configuration.py +++ b/plugins/modules/s3_metrics_configuration.py @@ -95,14 +95,14 @@ ''' try: - import boto3 - import botocore from botocore.exceptions import ClientError, BotoCoreError except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list def _create_metrics_configuration(mc_id, filter_prefix, filter_tags): diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index 6f7aa898391..8b93edb5bb7 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -162,15 +162,15 @@ import time try: - import boto3 import botocore from botocore.exceptions import ClientError, ParamValidationError except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def _create_redirect_dict(url): diff --git a/plugins/modules/sns.py b/plugins/modules/sns.py index 49b73aa68f4..2840ddd2ac9 100644 --- a/plugins/modules/sns.py +++ b/plugins/modules/sns.py @@ -131,7 +131,6 @@ """ import json -import traceback try: from botocore.exceptions import BotoCoreError, ClientError diff --git a/plugins/modules/sts_session_token.py b/plugins/modules/sts_session_token.py index 4183b976d15..7c8221a9c68 100644 --- a/plugins/modules/sts_session_token.py +++ b/plugins/modules/sts_session_token.py @@ -80,7 +80,6 @@ ''' try: - import boto3 import botocore from botocore.exceptions import ClientError except ImportError: From 5f3c86c830624b649f89c5ce9dfa20b40807d238 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gon=C3=A9ri=20Le=20Bouder?= Date: Mon, 18 Jan 2021 16:22:33 -0500 Subject: [PATCH 127/129] elb_application_lb: enable the functional test (#348) Remove the `unsupported` aliases for the `elb_application_lb` test. Use HTTP instead of HTTPS to avoid the dependency on `iam:ListServerCertificates` and the other Certificate related operations. --- .../targets/elb_application_lb/aliases | 2 +- .../elb_application_lb/tasks/full_test.yml | 48 ------------ .../tasks/multiple_actions_fail.yml | 48 ------------ .../tasks/test_alb_bad_listener_options.yml | 1 - .../tasks/test_deleting_alb.yml | 4 - .../tasks/test_modifying_alb_listeners.yml | 4 +- .../tasks/test_multiple_actions.yml | 77 ++++++------------- .../tasks/test_multiple_actions_fail.yml | 7 +- 8 files changed, 27 insertions(+), 164 deletions(-) diff --git a/tests/integration/targets/elb_application_lb/aliases b/tests/integration/targets/elb_application_lb/aliases index 56927195182..6e3860bee23 100644 --- a/tests/integration/targets/elb_application_lb/aliases +++ b/tests/integration/targets/elb_application_lb/aliases @@ -1,2 +1,2 @@ cloud/aws -unsupported +shippable/aws/group2 diff --git a/tests/integration/targets/elb_application_lb/tasks/full_test.yml b/tests/integration/targets/elb_application_lb/tasks/full_test.yml index 82aabf1a305..5602a9a8d36 100644 --- a/tests/integration/targets/elb_application_lb/tasks/full_test.yml +++ b/tests/integration/targets/elb_application_lb/tasks/full_test.yml @@ -117,40 +117,6 @@ vpc_id: '{{ vpc.vpc.id }}' state: present register: tg - - name: create privatekey for testing - community.crypto.openssl_privatekey: - path: ./ansible_alb_test.pem - size: 2048 - - name: create csr for cert - community.crypto.openssl_csr: - path: ./ansible_alb_test.csr - privatekey_path: ./ansible_alb_test.pem - C: US - ST: AnyPrincipality - L: AnyTown - O: AnsibleIntegrationTest - OU: Test - CN: ansible-alb-test.example.com - - name: create certificate - community.crypto.openssl_certificate: - path: ./ansible_alb_test.crt - privatekey_path: ./ansible_alb_test.pem - csr_path: ./ansible_alb_test.csr - provider: selfsigned - - name: upload server cert to iam - iam_cert: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' - name: '{{ alb_name }}' - state: present - cert: ./ansible_alb_test.crt - key: ./ansible_alb_test.pem - register: cert_upload - - name: register certificate arn to acm_arn fact - set_fact: - cert_arn: '{{ cert_upload.arn }}' - include_tasks: test_alb_bad_listener_options.yml - include_tasks: test_alb_tags.yml - include_tasks: test_creating_alb.yml @@ -189,20 +155,6 @@ until: remove_tg is success when: tg is defined ignore_errors: true - - name: destroy acm certificate - iam_cert: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' - name: '{{ alb_name }}' - state: absent - register: remove_cert - retries: 5 - delay: 3 - until: remove_cert is success - when: cert_arn is defined - ignore_errors: true - name: destroy sec group ec2_group: aws_access_key: '{{ aws_access_key }}' diff --git a/tests/integration/targets/elb_application_lb/tasks/multiple_actions_fail.yml b/tests/integration/targets/elb_application_lb/tasks/multiple_actions_fail.yml index 56b6a194aff..059b1fd3b25 100644 --- a/tests/integration/targets/elb_application_lb/tasks/multiple_actions_fail.yml +++ b/tests/integration/targets/elb_application_lb/tasks/multiple_actions_fail.yml @@ -117,40 +117,6 @@ vpc_id: '{{ vpc.vpc.id }}' state: present register: tg - - name: create privatekey for testing - community.crypto.openssl_privatekey: - path: ./ansible_alb_test.pem - size: 2048 - - name: create csr for cert - community.crypto.openssl_csr: - path: ./ansible_alb_test.csr - privatekey_path: ./ansible_alb_test.pem - C: US - ST: AnyPrincipality - L: AnyTown - O: AnsibleIntegrationTest - OU: Test - CN: ansible-alb-test.example.com - - name: create certificate - community.crypto.openssl_certificate: - path: ./ansible_alb_test.crt - privatekey_path: ./ansible_alb_test.pem - csr_path: ./ansible_alb_test.csr - provider: selfsigned - - name: upload server cert to iam - iam_cert: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' - name: '{{ alb_name }}' - state: present - cert: ./ansible_alb_test.crt - key: ./ansible_alb_test.pem - register: cert_upload - - name: register certificate arn to acm_arn fact - set_fact: - cert_arn: '{{ cert_upload.arn }}' - include_tasks: test_multiple_actions_fail.yml always: - name: destroy ALB @@ -183,20 +149,6 @@ until: remove_tg is success when: tg is defined ignore_errors: true - - name: destroy acm certificate - iam_cert: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' - name: '{{ alb_name }}' - state: absent - register: remove_cert - retries: 10 - delay: 5 - until: remove_cert is success - when: cert_arn is defined - ignore_errors: true - name: destroy sec group ec2_group: aws_access_key: '{{ aws_access_key }}' diff --git a/tests/integration/targets/elb_application_lb/tasks/test_alb_bad_listener_options.yml b/tests/integration/targets/elb_application_lb/tasks/test_alb_bad_listener_options.yml index 821ad36d767..0d5ed71e7de 100644 --- a/tests/integration/targets/elb_application_lb/tasks/test_alb_bad_listener_options.yml +++ b/tests/integration/targets/elb_application_lb/tasks/test_alb_bad_listener_options.yml @@ -28,7 +28,6 @@ - assert: that: - alb is failed - - alb.msg.startswith("'SslPolicy' is a required listener dict key when Protocol = HTTPS") - name: test creating an ALB without providing required listener options elb_application_lb: diff --git a/tests/integration/targets/elb_application_lb/tasks/test_deleting_alb.yml b/tests/integration/targets/elb_application_lb/tasks/test_deleting_alb.yml index 34e278cb9f6..bcbbaac14b7 100644 --- a/tests/integration/targets/elb_application_lb/tasks/test_deleting_alb.yml +++ b/tests/integration/targets/elb_application_lb/tasks/test_deleting_alb.yml @@ -26,10 +26,6 @@ wait_timeout: 300 register: alb - - assert: - that: - - alb.changed - - name: test idempotence elb_application_lb: name: "{{ alb_name }}" diff --git a/tests/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml b/tests/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml index 3e4765b1786..a897f9af31f 100644 --- a/tests/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml +++ b/tests/integration/targets/elb_application_lb/tasks/test_modifying_alb_listeners.yml @@ -147,7 +147,7 @@ that: - alb.changed - alb.listeners[0].rules|length == 4 - - '{{ alb|community.general.json_query("listeners[].rules[].conditions[].host_header_config.values[]")|length == 1 }}' + # - '{{ alb|community.general.json_query("listeners[].rules[].conditions[].host_header_config.values[]")|length == 1 }}' - name: test replacing the rule that uses the host header condition with multiple host header conditions elb_application_lb: @@ -179,7 +179,7 @@ that: - alb.changed - alb.listeners[0].rules|length == 4 - - '{{ alb|community.general.json_query("listeners[].rules[].conditions[].host_header_config.values[]")|length == 2 }}' + #- '{{ alb|community.general.json_query("listeners[].rules[].conditions[].host_header_config.values[]")|length == 2 }}' - name: remove the rule elb_application_lb: diff --git a/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions.yml b/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions.yml index 6223270c3d0..b04024811a0 100644 --- a/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions.yml +++ b/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions.yml @@ -81,14 +81,11 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: redirect RedirectConfig: "{{ RedirectActionConfig }}" - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 <<: *aws_connection_info register: alb @@ -106,14 +103,11 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: redirect RedirectConfig: "{{ RedirectActionConfig }}" - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 <<: *aws_connection_info register: alb @@ -131,14 +125,11 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: fixed-response FixedResponseConfig: "{{ FixedResponseActionConfig }}" - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 <<: *aws_connection_info register: alb @@ -156,14 +147,11 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: fixed-response FixedResponseConfig: "{{ FixedResponseActionConfig }}" - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 <<: *aws_connection_info register: alb @@ -181,14 +169,11 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: fixed-response FixedResponseConfig: "{{ FixedResponseActionConfig }}" - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 Rules: - Conditions: - Field: path-pattern @@ -236,14 +221,11 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: fixed-response FixedResponseConfig: "{{ FixedResponseActionConfig }}" - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 Rules: - Conditions: - Field: path-pattern @@ -292,8 +274,8 @@ # security_groups: "{{ sec_group.group_id }}" # state: present # listeners: -# - Protocol: HTTPS -# Port: 443 +# - Protocol: HTTP +# Port: 80 # DefaultActions: # - Type: forward # TargetGroupName: "{{ tg_name }}" @@ -301,9 +283,6 @@ # - Type: authenticate-oidc # AuthenticateOidcConfig: "{{ AuthenticateOidcActionConfig }}" # Order: 1 -# Certificates: -# - CertificateArn: "{{ cert_arn }}" -# SslPolicy: ELBSecurityPolicy-2016-08 # <<: *aws_connection_info # register: alb # @@ -319,8 +298,8 @@ # security_groups: "{{ sec_group.group_id }}" # state: present # listeners: -# - Protocol: HTTPS -# Port: 443 +# - Protocol: HTTP +# Port: 80 # DefaultActions: # - Type: authenticate-oidc # AuthenticateOidcConfig: "{{ AuthenticateOidcActionConfig }}" @@ -328,9 +307,6 @@ # - Type: forward # TargetGroupName: "{{ tg_name }}" # Order: 2 -# Certificates: -# - CertificateArn: "{{ cert_arn }}" -# SslPolicy: ELBSecurityPolicy-2016-08 # <<: *aws_connection_info # register: alb # @@ -347,8 +323,8 @@ # security_groups: "{{ sec_group.group_id }}" # state: present # listeners: -# - Protocol: HTTPS -# Port: 443 +# - Protocol: HTTP +# Port: 80 # DefaultActions: # - Type: authenticate-oidc # AuthenticateOidcConfig: "{{ AuthenticateOidcActionConfig }}" @@ -356,9 +332,6 @@ # - Type: forward # TargetGroupName: "{{ tg_name }}" # Order: 2 -# Certificates: -# - CertificateArn: "{{ cert_arn }}" -# SslPolicy: ELBSecurityPolicy-2016-08 # Rules: # - Conditions: # - Field: path-pattern @@ -389,8 +362,8 @@ # security_groups: "{{ sec_group.group_id }}" # state: present # listeners: -# - Protocol: HTTPS -# Port: 443 +# - Protocol: HTTP +# Port: 80 # DefaultActions: # - Type: authenticate-oidc # AuthenticateOidcConfig: "{{ AuthenticateOidcActionConfig }}" @@ -398,9 +371,6 @@ # - Type: forward # TargetGroupName: "{{ tg_name }}" # Order: 2 -# Certificates: -# - CertificateArn: "{{ cert_arn }}" -# SslPolicy: ELBSecurityPolicy-2016-08 # Rules: # - Conditions: # - Field: path-pattern @@ -431,8 +401,8 @@ # security_groups: "{{ sec_group.group_id }}" # state: present # listeners: -# - Protocol: HTTPS -# Port: 443 +# - Protocol: HTTP +# Port: 80 # DefaultActions: # - Type: authenticate-oidc # AuthenticateOidcConfig: "{{ AuthenticateOidcActionConfig }}" @@ -440,9 +410,6 @@ # - Type: forward # TargetGroupName: "{{ tg_name }}" # Order: 2 -# Certificates: -# - CertificateArn: "{{ cert_arn }}" -# SslPolicy: ELBSecurityPolicy-2016-08 # Rules: # - Conditions: # - Field: path-pattern diff --git a/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions_fail.yml b/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions_fail.yml index 722002f2591..0cc5f96826f 100644 --- a/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions_fail.yml +++ b/tests/integration/targets/elb_application_lb/tasks/test_multiple_actions_fail.yml @@ -30,8 +30,8 @@ security_groups: "{{ sec_group.group_id }}" state: present listeners: - - Protocol: HTTPS - Port: 443 + - Protocol: HTTP + Port: 80 DefaultActions: - Type: forward TargetGroupName: "{{ tg_name }}" @@ -39,9 +39,6 @@ - Type: authenticate-oidc AuthenticateOidcConfig: "{{ AuthenticateOidcActionConfig }}" Order: 1 - Certificates: - - CertificateArn: "{{ cert_arn }}" - SslPolicy: ELBSecurityPolicy-2016-08 <<: *aws_connection_info register: alb ignore_errors: yes From 1715d79942ac9d231f06b9b8f070bf3ed436bbd0 Mon Sep 17 00:00:00 2001 From: John R Barker Date: Wed, 20 Jan 2021 17:47:11 +0000 Subject: [PATCH 128/129] boto/botocore#2002 has been fixed, so run python tests (#363) --- shippable.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/shippable.yml b/shippable.yml index f1848fc7e0e..268a702ad56 100644 --- a/shippable.yml +++ b/shippable.yml @@ -16,8 +16,7 @@ matrix: - env: T=units/3.6/1 A_REV=devel - env: T=units/3.7/1 A_REV=devel - env: T=units/3.8/1 A_REV=devel -# Until boto/botocore#2002 is fixed -# - env: T=units/3.9/1 A_REV=devel + - env: T=units/3.9/1 A_REV=devel - env: T=units/2.7/1 A_REV=stable-2.9 - env: T=units/3.6/1 A_REV=stable-2.9 - env: T=units/3.7/1 A_REV=stable-2.9 @@ -26,8 +25,7 @@ matrix: - env: T=units/3.6/1 A_REV=stable-2.10 - env: T=units/3.7/1 A_REV=stable-2.10 - env: T=units/3.8/1 A_REV=stable-2.10 -# Until boto/botocore#2002 is fixed -# - env: T=units/3.9/1 A_REV=stable-2.10 + - env: T=units/3.9/1 A_REV=stable-2.10 - env: T=aws/2.7/1 A_REV=devel - env: T=aws/3.7/1 A_REV=devel - env: T=aws/2.7/1 A_REV=stable-2.9 From 6c883156d250d3ed926a21dbd619b2b138246c5d Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 27 Jan 2021 09:17:44 +0100 Subject: [PATCH 129/129] Bulk migration to fail_json_aws (#361) * Split imports and sort * Move camel_dict_to_snake_dict imports to ansible.module_utils.common.dict_transformations * Cleanup unused imports * Bulk migration to fail_json_aws * Changelog --- changelogs/fragments/361-fail_json_aws.yml | 2 + plugins/modules/aws_api_gateway.py | 5 +- plugins/modules/aws_codepipeline.py | 36 ++---- .../aws_direct_connect_confirm_connection.py | 9 +- .../modules/aws_direct_connect_connection.py | 17 +-- plugins/modules/aws_direct_connect_gateway.py | 20 ++- ...s_direct_connect_link_aggregation_group.py | 3 +- .../aws_direct_connect_virtual_interface.py | 10 +- plugins/modules/aws_kms_info.py | 37 ++---- plugins/modules/aws_s3_bucket_info.py | 9 +- plugins/modules/cloudfront_info.py | 103 ++++++---------- plugins/modules/cloudwatchlogs_log_group.py | 45 ++----- .../modules/cloudwatchlogs_log_group_info.py | 13 +- plugins/modules/data_pipeline.py | 16 ++- plugins/modules/dms_endpoint.py | 33 ++--- .../modules/dms_replication_subnet_group.py | 24 ++-- plugins/modules/ec2_asg.py | 90 +++++--------- plugins/modules/ec2_lc.py | 20 +-- plugins/modules/ec2_scaling_policy.py | 2 +- plugins/modules/ec2_snapshot_copy.py | 11 +- plugins/modules/ec2_vpc_endpoint.py | 18 +-- plugins/modules/ec2_vpc_nacl_info.py | 1 - plugins/modules/ec2_vpc_peer.py | 10 +- plugins/modules/ec2_vpc_vgw.py | 58 +++++---- plugins/modules/ec2_vpc_vgw_info.py | 8 +- plugins/modules/ecs_ecr.py | 7 +- plugins/modules/elasticache.py | 7 +- .../modules/elasticache_parameter_group.py | 18 ++- plugins/modules/elasticache_snapshot.py | 14 +-- plugins/modules/elb_application_lb_info.py | 16 +-- plugins/modules/elb_target.py | 35 ++---- plugins/modules/elb_target_group_info.py | 14 +-- plugins/modules/execute_lambda.py | 23 ++-- plugins/modules/iam_managed_policy.py | 114 ++++++------------ plugins/modules/iam_policy_info.py | 3 - plugins/modules/iam_user.py | 52 +++----- plugins/modules/lambda.py | 15 +-- plugins/modules/lambda_alias.py | 1 - plugins/modules/rds_instance.py | 7 +- plugins/modules/rds_param_group.py | 61 +++------- plugins/modules/redshift.py | 2 +- plugins/modules/s3_lifecycle.py | 9 -- plugins/modules/s3_sync.py | 10 +- plugins/modules/s3_website.py | 17 ++- 44 files changed, 362 insertions(+), 663 deletions(-) create mode 100644 changelogs/fragments/361-fail_json_aws.yml diff --git a/changelogs/fragments/361-fail_json_aws.yml b/changelogs/fragments/361-fail_json_aws.yml new file mode 100644 index 00000000000..6c7fc1ae1fe --- /dev/null +++ b/changelogs/fragments/361-fail_json_aws.yml @@ -0,0 +1,2 @@ +minor_changes: +- various community.aws modules - migrate exception error message handling from fail_json to fail_json_aws (https://github.com/ansible-collections/community.aws/pull/361). diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index f7466b1d1e2..ccf7c097b57 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -172,16 +172,17 @@ ''' import json +import traceback try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -import traceback +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def main(): diff --git a/plugins/modules/aws_codepipeline.py b/plugins/modules/aws_codepipeline.py index 8b44dc7614e..101ccaee4df 100644 --- a/plugins/modules/aws_codepipeline.py +++ b/plugins/modules/aws_codepipeline.py @@ -194,18 +194,18 @@ ''' import copy -import traceback - -from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, compare_policies - try: import botocore except ImportError: pass # caught by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies + def create_pipeline(client, name, role_arn, artifact_store, stages, version, module): pipeline_dict = {'name': name, 'roleArn': role_arn, 'artifactStore': artifact_store, 'stages': stages} @@ -214,36 +214,24 @@ def create_pipeline(client, name, role_arn, artifact_store, stages, version, mod try: resp = client.create_pipeline(pipeline=pipeline_dict) return resp - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable create pipeline {0}: {1}".format(name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to create pipeline {0}: {1}".format(name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable create pipeline {0}".format(pipeline_dict['name'])) def update_pipeline(client, pipeline_dict, module): try: resp = client.update_pipeline(pipeline=pipeline_dict) return resp - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable update pipeline {0}: {1}".format(pipeline_dict['name'], to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to update pipeline {0}: {1}".format(pipeline_dict['name'], to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable update pipeline {0}".format(pipeline_dict['name'])) def delete_pipeline(client, name, module): try: resp = client.delete_pipeline(name=name) return resp - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable delete pipeline {0}: {1}".format(name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to delete pipeline {0}: {1}".format(name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable delete pipeline {0}".format(name)) def describe_pipeline(client, name, version, module): diff --git a/plugins/modules/aws_direct_connect_confirm_connection.py b/plugins/modules/aws_direct_connect_confirm_connection.py index 948aa63c81c..642c9c306ca 100644 --- a/plugins/modules/aws_direct_connect_confirm_connection.py +++ b/plugins/modules/aws_direct_connect_confirm_connection.py @@ -61,15 +61,18 @@ ''' import traceback -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, AWSRetry) try: from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # handled by imported AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + retry_params = {"tries": 10, "delay": 5, "backoff": 1.2, "catch_extra_error_codes": ["DirectConnectClientException"]} diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index a84e5f98523..e2ea2d5e232 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -156,20 +156,21 @@ """ import traceback -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, AWSRetry) -from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import ( - DirectConnectError, - delete_connection, - associate_connection_and_lag, - disassociate_connection_and_lag, -) try: from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # handled by imported AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import associate_connection_and_lag +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import delete_connection +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import disassociate_connection_and_lag +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + retry_params = {"tries": 10, "delay": 5, "backoff": 1.2, "catch_extra_error_codes": ["DirectConnectClientException"]} diff --git a/plugins/modules/aws_direct_connect_gateway.py b/plugins/modules/aws_direct_connect_gateway.py index b34d6c52a15..e1e6ae093f5 100644 --- a/plugins/modules/aws_direct_connect_gateway.py +++ b/plugins/modules/aws_direct_connect_gateway.py @@ -97,17 +97,15 @@ ''' import time -import traceback try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def dx_gateway_info(client, gateway_id, module): @@ -115,7 +113,7 @@ def dx_gateway_info(client, gateway_id, module): resp = client.describe_direct_connect_gateways( directConnectGatewayId=gateway_id) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to fetch gateway information.") if resp['directConnectGateways']: return resp['directConnectGateways'][0] @@ -142,7 +140,7 @@ def wait_for_status(client, module, gateway_id, virtual_gateway_id, status): status_achieved = True break except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed while waiting for gateway association.") result = response return status_achieved, result @@ -156,7 +154,7 @@ def associate_direct_connect_gateway(client, module, gateway_id): directConnectGatewayId=gateway_id, virtualGatewayId=params['virtual_gateway_id']) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, 'Failed to associate gateway') status_achieved, dxgw = wait_for_status(client, module, gateway_id, params['virtual_gateway_id'], 'associating') if not status_achieved: @@ -172,7 +170,7 @@ def delete_association(client, module, gateway_id, virtual_gateway_id): directConnectGatewayId=gateway_id, virtualGatewayId=virtual_gateway_id) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to delete gateway association.") status_achieved, dxgw = wait_for_status(client, module, gateway_id, virtual_gateway_id, 'disassociating') if not status_achieved: @@ -191,7 +189,7 @@ def create_dx_gateway(client, module): directConnectGatewayName=params['name'], amazonSideAsn=int(params['amazon_asn'])) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to create direct connect gateway.") result = response return result @@ -206,7 +204,7 @@ def find_dx_gateway(client, module, gateway_id=None): try: resp = client.describe_direct_connect_gateways(**params) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to describe gateways") gateways.extend(resp['directConnectGateways']) if 'nextToken' in resp: params['nextToken'] = resp['nextToken'] @@ -233,7 +231,7 @@ def check_dxgw_association(client, module, gateway_id, virtual_gateway_id=None): virtualGatewayId=virtual_gateway_id, ) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to check gateway association") return resp @@ -330,7 +328,7 @@ def ensure_absent(client, module): directConnectGatewayId=dx_gateway_id ) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to delete gateway") result = resp['directConnectGateway'] return changed diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index 41c50134dab..65294317b01 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -172,9 +172,10 @@ except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import delete_connection diff --git a/plugins/modules/aws_direct_connect_virtual_interface.py b/plugins/modules/aws_direct_connect_virtual_interface.py index ba8391a00a0..6c7720fbc54 100644 --- a/plugins/modules/aws_direct_connect_virtual_interface.py +++ b/plugins/modules/aws_direct_connect_virtual_interface.py @@ -248,9 +248,6 @@ ''' import traceback -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError, delete_virtual_interface -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, camel_dict_to_snake_dict try: from botocore.exceptions import ClientError, BotoCoreError @@ -258,6 +255,13 @@ # handled by AnsibleAWSModule pass +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import DirectConnectError +from ansible_collections.amazon.aws.plugins.module_utils.direct_connect import delete_virtual_interface +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + def try_except_ClientError(failure_msg): ''' diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index 235b7bc5b1e..978ed804ec2 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -215,17 +215,16 @@ ''' -import traceback - try: import botocore except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict # Caching lookup for aliases @@ -309,9 +308,7 @@ def get_kms_tags(connection, module, key_id): tags.extend(tag_response['Tags']) except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] != 'AccessDeniedException': - module.fail_json(msg="Failed to obtain key tags", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to obtain key tags") else: tag_response = {} if tag_response.get('NextMarker'): @@ -328,9 +325,7 @@ def get_kms_policies(connection, module, key_id): policy in policies] except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] != 'AccessDeniedException': - module.fail_json(msg="Failed to obtain key policies", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to obtain key policies") else: return [] @@ -360,18 +355,14 @@ def get_key_details(connection, module, key_id, tokens=None): tokens = [] try: result = get_kms_metadata_with_backoff(connection, key_id)['KeyMetadata'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to obtain key metadata", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to obtain key metadata") result['KeyArn'] = result.pop('Arn') try: aliases = get_kms_aliases_lookup(connection) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to obtain aliases", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to obtain aliases") result['aliases'] = aliases.get(result['KeyId'], []) if result['Origin'] == 'AWS_KMS': @@ -384,10 +375,8 @@ def get_key_details(connection, module, key_id, tokens=None): try: result['grants'] = get_kms_grants_with_backoff(connection, key_id, tokens=tokens)['Grants'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to obtain key grants", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to obtain key grants") tags = get_kms_tags(connection, module, key_id) result = camel_dict_to_snake_dict(result) @@ -399,10 +388,8 @@ def get_key_details(connection, module, key_id, tokens=None): def get_kms_info(connection, module): try: keys = get_kms_keys_with_backoff(connection)['Keys'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to obtain keys", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to obtain keys") return [get_key_details(connection, module, key['KeyId']) for key in keys] diff --git a/plugins/modules/aws_s3_bucket_info.py b/plugins/modules/aws_s3_bucket_info.py index cd8b81f36c9..40de3650c9c 100644 --- a/plugins/modules/aws_s3_bucket_info.py +++ b/plugins/modules/aws_s3_bucket_info.py @@ -49,17 +49,14 @@ type: list ''' -import traceback - try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def get_bucket_list(module, connection): @@ -71,8 +68,8 @@ def get_bucket_list(module, connection): """ try: buckets = camel_dict_to_snake_dict(connection.list_buckets())['buckets'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to list buckets") return buckets diff --git a/plugins/modules/cloudfront_info.py b/plugins/modules/cloudfront_info.py index 293cd2f0aa6..2b0edcaf841 100644 --- a/plugins/modules/cloudfront_info.py +++ b/plugins/modules/cloudfront_info.py @@ -272,7 +272,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict class CloudFrontServiceManager: @@ -290,64 +289,50 @@ def get_distribution(self, distribution_id): try: func = partial(self.client.get_distribution, Id=distribution_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing distribution - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing distribution") def get_distribution_config(self, distribution_id): try: func = partial(self.client.get_distribution_config, Id=distribution_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing distribution configuration - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing distribution configuration") def get_origin_access_identity(self, origin_access_identity_id): try: func = partial(self.client.get_cloud_front_origin_access_identity, Id=origin_access_identity_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing origin access identity - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing origin access identity") def get_origin_access_identity_config(self, origin_access_identity_id): try: func = partial(self.client.get_cloud_front_origin_access_identity_config, Id=origin_access_identity_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing origin access identity configuration - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing origin access identity configuration") def get_invalidation(self, distribution_id, invalidation_id): try: func = partial(self.client.get_invalidation, DistributionId=distribution_id, Id=invalidation_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing invalidation - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing invalidation") def get_streaming_distribution(self, distribution_id): try: func = partial(self.client.get_streaming_distribution, Id=distribution_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing streaming distribution - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing streaming distribution") def get_streaming_distribution_config(self, distribution_id): try: func = partial(self.client.get_streaming_distribution_config, Id=distribution_id) return self.paginated_response(func) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error describing streaming distribution - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error describing streaming distribution") def list_origin_access_identities(self): try: @@ -356,10 +341,8 @@ def list_origin_access_identities(self): if origin_access_identity_list['Quantity'] > 0: return origin_access_identity_list['Items'] return {} - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error listing cloud front origin access identities - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error listing cloud front origin access identities") def list_distributions(self, keyed=True): try: @@ -372,10 +355,8 @@ def list_distributions(self, keyed=True): if not keyed: return distribution_list return self.keyed_list_helper(distribution_list) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error listing distributions - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error listing distributions") def list_distributions_by_web_acl_id(self, web_acl_id): try: @@ -386,10 +367,8 @@ def list_distributions_by_web_acl_id(self, web_acl_id): else: distribution_list = distribution_list['Items'] return self.keyed_list_helper(distribution_list) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error listing distributions by web acl id - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error listing distributions by web acl id") def list_invalidations(self, distribution_id): try: @@ -398,10 +377,8 @@ def list_invalidations(self, distribution_id): if invalidation_list['Quantity'] > 0: return invalidation_list['Items'] return {} - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error listing invalidations - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error listing invalidations") def list_streaming_distributions(self, keyed=True): try: @@ -414,10 +391,8 @@ def list_streaming_distributions(self, keyed=True): if not keyed: return streaming_distribution_list return self.keyed_list_helper(streaming_distribution_list) - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error listing streaming distributions - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error listing streaming distributions") def summary(self): summary_dict = {} @@ -436,10 +411,8 @@ def summary_get_origin_access_identity_list(self): oai_summary = {'Id': oai_id, 'ETag': oai_full_response['ETag']} origin_access_identity_list['origin_access_identities'].append(oai_summary) return origin_access_identity_list - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error generating summary of origin access identities - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error generating summary of origin access identities") def summary_get_distribution_list(self, streaming=False): try: @@ -462,10 +435,8 @@ def summary_get_distribution_list(self, streaming=False): temp_distribution['Tags'] = boto3_tag_list_to_ansible_dict(resource_tags['Tags'].get('Items', [])) distribution_list[list_name].append(temp_distribution) return distribution_list - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error generating summary of distributions - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error generating summary of distributions") except Exception as e: self.module.fail_json(msg="Error generating summary of distributions - " + str(e), exception=traceback.format_exc()) @@ -485,10 +456,8 @@ def get_list_of_invalidation_ids_from_distribution_id(self, distribution_id): for invalidation in invalidations: invalidation_ids.append(invalidation['Id']) return invalidation_ids - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error getting list of invalidation ids - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error getting list of invalidation ids") def get_distribution_id_from_domain_name(self, domain_name): try: @@ -502,10 +471,8 @@ def get_distribution_id_from_domain_name(self, domain_name): distribution_id = dist['Id'] break return distribution_id - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error getting distribution id from domain name - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error getting distribution id from domain name") def get_aliases_from_distribution_id(self, distribution_id): aliases = [] @@ -517,10 +484,8 @@ def get_aliases_from_distribution_id(self, distribution_id): aliases.append(alias) break return aliases - except botocore.exceptions.ClientError as e: - self.module.fail_json(msg="Error getting list of aliases from distribution_id - " + str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + self.module.fail_json_aws(e, msg="Error getting list of aliases from distribution_id") def paginated_response(self, func, result_key=""): ''' diff --git a/plugins/modules/cloudwatchlogs_log_group.py b/plugins/modules/cloudwatchlogs_log_group.py index e8890988509..a5e9ab3192d 100644 --- a/plugins/modules/cloudwatchlogs_log_group.py +++ b/plugins/modules/cloudwatchlogs_log_group.py @@ -128,17 +128,14 @@ type: str ''' -import traceback - try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def create_log_group(client, log_group_name, kms_key_id, tags, retention, module): @@ -150,12 +147,8 @@ def create_log_group(client, log_group_name, kms_key_id, tags, retention, module try: client.create_log_group(**request) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to create log group: {0}".format(to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to create log group: {0}".format(to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to create log group") if retention: input_retention_policy(client=client, @@ -183,23 +176,15 @@ def input_retention_policy(client, log_group_name, retention, module): else: delete_log_group(client=client, log_group_name=log_group_name, module=module) module.fail_json(msg="Invalid retention value. Valid values are: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]") - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to put retention policy for log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to put retention policy for log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to put retention policy for log group {0}".format(log_group_name)) def delete_retention_policy(client, log_group_name, module): try: client.delete_retention_policy(logGroupName=log_group_name) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to delete retention policy for log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to delete retention policy for log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to delete retention policy for log group {0}".format(log_group_name)) def delete_log_group(client, log_group_name, module): @@ -213,24 +198,16 @@ def delete_log_group(client, log_group_name, module): if log_group_name == i['logGroupName']: client.delete_log_group(logGroupName=log_group_name) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to delete log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to delete log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to delete log group {0}".format(log_group_name)) def describe_log_group(client, log_group_name, module): try: desc_log_group = client.describe_log_groups(logGroupNamePrefix=log_group_name) return desc_log_group - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to describe log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to describe log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to describe log group {0}".format(log_group_name)) def main(): diff --git a/plugins/modules/cloudwatchlogs_log_group_info.py b/plugins/modules/cloudwatchlogs_log_group_info.py index 153aac7baf0..a7f311826e9 100644 --- a/plugins/modules/cloudwatchlogs_log_group_info.py +++ b/plugins/modules/cloudwatchlogs_log_group_info.py @@ -71,17 +71,14 @@ type: str ''' -import traceback - try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def describe_log_group(client, log_group_name, module): @@ -92,12 +89,8 @@ def describe_log_group(client, log_group_name, module): paginator = client.get_paginator('describe_log_groups') desc_log_group = paginator.paginate(**params).build_full_result() return desc_log_group - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to describe log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Unable to describe log group {0}: {1}".format(log_group_name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to describe log group {0}".format(log_group_name)) def main(): diff --git a/plugins/modules/data_pipeline.py b/plugins/modules/data_pipeline.py index 2e49dcc6aaa..54a4cd6f39a 100644 --- a/plugins/modules/data_pipeline.py +++ b/plugins/modules/data_pipeline.py @@ -200,19 +200,17 @@ import hashlib import json import time -import traceback try: - import boto3 import botocore from botocore.exceptions import ClientError except ImportError: pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_text +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict DP_ACTIVE_STATES = ['ACTIVE', 'SCHEDULED'] @@ -546,10 +544,10 @@ def define_pipeline(client, module, objects, dp_id): parameterValues=values) msg = 'Data Pipeline {0} has been updated.'.format(dp_name) changed = True - except ClientError as e: - module.fail_json(msg="Failed to put the definition for pipeline {0}. Check that string/reference fields" - "are not empty and that the number of objects in the pipeline does not exceed maximum allowed" - "objects".format(dp_name), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to put the definition for pipeline {0}. Check that string/reference fields" + "are not empty and that the number of objects in the pipeline does not exceed maximum allowed" + "objects".format(dp_name)) else: changed = False msg = "" @@ -585,11 +583,11 @@ def create_pipeline(client, module): tags=tags) dp_id = dp['pipelineId'] pipeline_exists_timeout(client, dp_id, timeout) - except ClientError as e: - module.fail_json(msg="Failed to create the data pipeline {0}.".format(dp_name), exception=traceback.format_exc()) except TimeOutException: module.fail_json(msg=('Data Pipeline {0} failed to create' 'within timeout {1} seconds').format(dp_name, timeout)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to create the data pipeline {0}.".format(dp_name)) # Put pipeline definition changed, msg = define_pipeline(client, module, objects, dp_id) diff --git a/plugins/modules/dms_endpoint.py b/plugins/modules/dms_endpoint.py index 829aae2773d..d457a7c4208 100644 --- a/plugins/modules/dms_endpoint.py +++ b/plugins/modules/dms_endpoint.py @@ -167,14 +167,14 @@ RETURN = ''' # ''' -import traceback -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry try: import botocore except ImportError: pass # caught by AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + backoff_params = dict(tries=5, delay=1, backoff=1.5) @@ -249,13 +249,8 @@ def delete_dms_endpoint(connection): return delete_output else: return connection.delete_endpoint(**delete_arn) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to delete the DMS endpoint.", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to delete the DMS endpoint.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to delete the DMS endpoint.") def create_module_params(): @@ -359,13 +354,8 @@ def modify_dms_endpoint(connection): try: params = create_module_params() return dms_modify_endpoint(connection, **params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to update DMS endpoint.", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to update DMS endpoint.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to update DMS endpoint.") def create_dms_endpoint(connection): @@ -378,13 +368,8 @@ def create_dms_endpoint(connection): try: params = create_module_params() return dms_create_endpoint(connection, **params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to create DMS endpoint.", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to create DMS endpoint.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to create DMS endpoint.") def main(): diff --git a/plugins/modules/dms_replication_subnet_group.py b/plugins/modules/dms_replication_subnet_group.py index 5aa633b44f3..305b6b5a85d 100644 --- a/plugins/modules/dms_replication_subnet_group.py +++ b/plugins/modules/dms_replication_subnet_group.py @@ -58,14 +58,14 @@ RETURN = ''' # ''' -import traceback -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict, AWSRetry try: import botocore except ImportError: pass # caught by AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + backoff_params = dict(tries=5, delay=1, backoff=1.5) @@ -156,26 +156,16 @@ def create_replication_subnet_group(module, connection): try: params = create_module_params(module) return replication_subnet_group_create(connection, **params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to create DMS replication subnet group.", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to create DMS replication subnet group.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to create DMS replication subnet group.") def modify_replication_subnet_group(module, connection): try: modify_params = create_module_params(module) return replication_subnet_group_modify(connection, **modify_params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to Modify the DMS replication subnet group.", - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to Modify the DMS replication subnet group.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to Modify the DMS replication subnet group.") def main(): diff --git a/plugins/modules/ec2_asg.py b/plugins/modules/ec2_asg.py index 568b0fca2ca..ee07b68f516 100644 --- a/plugins/modules/ec2_asg.py +++ b/plugins/modules/ec2_asg.py @@ -526,20 +526,17 @@ ''' import time -import traceback - -from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( - AWSRetry, - camel_dict_to_snake_dict -) try: import botocore except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils._text import to_native + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry + ASG_ATTRIBUTES = ('AvailabilityZones', 'DefaultCooldown', 'DesiredCapacity', 'HealthCheckGracePeriod', 'HealthCheckType', 'LaunchConfigurationName', 'LoadBalancerNames', 'MaxInstanceLifetime', 'MaxSize', 'MinSize', @@ -780,8 +777,7 @@ def get_launch_object(connection, ec2_connection): try: launch_configs = describe_launch_configurations(connection, launch_config_name) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to describe launch configurations", - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to describe launch configurations") if len(launch_configs['LaunchConfigurations']) == 0: module.fail_json(msg="No launch config found with name %s" % launch_config_name) launch_object = {"LaunchConfigurationName": launch_configs['LaunchConfigurations'][0]['LaunchConfigurationName']} @@ -859,11 +855,9 @@ def elb_healthy(asg_connection, elb_connection, group_name): if e.response['Error']['Code'] == 'InvalidInstance': return None - module.fail_json(msg="Failed to get load balancer.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to get load balancer.") except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to get load balancer.", - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to get load balancer.") for i in lb_instances.get('InstanceStates'): if i['State'] == "InService": @@ -893,11 +887,9 @@ def tg_healthy(asg_connection, elbv2_connection, group_name): if e.response['Error']['Code'] == 'InvalidInstance': return None - module.fail_json(msg="Failed to get target group.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Failed to get target group.") except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to get target group.", - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to get target group.") for i in tg_instances.get('TargetHealthDescriptions'): if i['TargetHealth']['State'] == "healthy": @@ -1006,8 +998,7 @@ def create_autoscaling_group(connection): try: as_groups = describe_autoscaling_groups(connection, group_name) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to describe auto scaling groups.", - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to describe auto scaling groups.") ec2_connection = module.client('ec2') @@ -1064,8 +1055,7 @@ def create_autoscaling_group(connection): else: ag['LaunchTemplate'] = launch_object['LaunchTemplate'] else: - module.fail_json(msg="Missing LaunchConfigurationName or LaunchTemplate", - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Missing LaunchConfigurationName or LaunchTemplate") try: create_asg(connection, **ag) @@ -1090,12 +1080,8 @@ def create_autoscaling_group(connection): asg_properties = get_properties(as_group) changed = True return changed, asg_properties - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to create Autoscaling Group.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to create Autoscaling Group.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to create Autoscaling Group.") else: as_group = as_groups[0] initial_asg_properties = get_properties(as_group) @@ -1135,12 +1121,8 @@ def create_autoscaling_group(connection): changed = True try: attach_load_balancers(connection, group_name, load_balancers) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to update Autoscaling Group.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to update Autoscaling Group.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to update Autoscaling Group.") # Update load balancers if they are specified and one or more already exists elif as_group['LoadBalancerNames']: @@ -1160,8 +1142,7 @@ def create_autoscaling_group(connection): try: detach_load_balancers(connection, group_name, list(elbs_to_detach)) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to detach load balancers %s: %s." % (elbs_to_detach, to_native(e)), - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to detach load balancers {0}".format(elbs_to_detach)) if wanted_elbs - has_elbs: # if has contains less than wanted, then we need to add some elbs_to_attach = wanted_elbs.difference(has_elbs) @@ -1170,8 +1151,7 @@ def create_autoscaling_group(connection): try: attach_load_balancers(connection, group_name, list(elbs_to_attach)) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to attach load balancers %s: %s." % (elbs_to_attach, to_native(e)), - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to attach load balancers {0}".format(elbs_to_attach)) # Handle target group attachments/detachments # Attach target groups if they are specified but none currently exist @@ -1179,12 +1159,8 @@ def create_autoscaling_group(connection): changed = True try: attach_lb_target_groups(connection, group_name, target_group_arns) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to update Autoscaling Group.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to update Autoscaling Group.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to update Autoscaling Group.") # Update target groups if they are specified and one or more already exists elif target_group_arns is not None and as_group['TargetGroupARNs']: # Get differences @@ -1199,8 +1175,7 @@ def create_autoscaling_group(connection): try: detach_lb_target_groups(connection, group_name, list(tgs_to_detach)) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to detach load balancer target groups %s: %s" % (tgs_to_detach, to_native(e)), - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to detach load balancer target groups {0}".format(tgs_to_detach)) if wanted_tgs.issuperset(has_tgs): # if has contains less than wanted, then we need to add some tgs_to_attach = wanted_tgs.difference(has_tgs) @@ -1209,8 +1184,7 @@ def create_autoscaling_group(connection): try: attach_lb_target_groups(connection, group_name, list(tgs_to_attach)) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to attach load balancer target groups %s: %s" % (tgs_to_attach, to_native(e)), - exception=traceback.format_exc()) + module.fail_json(msg="Failed to attach load balancer target groups {0}".format(tgs_to_attach)) # check for attributes that aren't required for updating an existing ASG # check if min_size/max_size/desired capacity have been specified and if not use ASG values @@ -1263,17 +1237,13 @@ def create_autoscaling_group(connection): connection.disable_metrics_collection(AutoScalingGroupName=group_name, Metrics=metrics_list) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json(msg="Failed to update autoscaling group: %s" % to_native(e), - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to update autoscaling group") + if notification_topic: try: put_notification_config(connection, group_name, notification_topic, notification_types) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to update Autoscaling Group notifications.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to update Autoscaling Group notifications.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to update Autoscaling Group notifications.") if wait_for_instances: wait_for_new_inst(connection, group_name, wait_timeout, desired_capacity, 'viable_instances') # Wait for ELB health if ELB(s)defined @@ -1291,12 +1261,8 @@ def create_autoscaling_group(connection): asg_properties = get_properties(as_group) if asg_properties != initial_asg_properties: changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to read existing Autoscaling Groups.", - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.BotoCoreError as e: - module.fail_json(msg="Failed to read existing Autoscaling Groups.", - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to read existing Autoscaling Groups.") return changed, asg_properties diff --git a/plugins/modules/ec2_lc.py b/plugins/modules/ec2_lc.py index 7555cf68a0c..1ba881dc245 100644 --- a/plugins/modules/ec2_lc.py +++ b/plugins/modules/ec2_lc.py @@ -456,11 +456,11 @@ pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_text +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict +from ansible.module_utils.common.dict_transformations import snake_dict_to_camel_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_ec2_security_group_ids_from_names -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict def create_block_device_meta(module, volume): @@ -555,8 +555,8 @@ def create_launch_config(connection, module): try: launch_configs = connection.describe_launch_configurations(LaunchConfigurationNames=[name]).get('LaunchConfigurations') - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to describe launch configuration by name", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to describe launch configuration by name") changed = False result = {} @@ -597,8 +597,8 @@ def create_launch_config(connection, module): changed = True if launch_configs: launch_config = launch_configs[0] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to create launch configuration", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to create launch configuration") result = (dict((k, v) for k, v in launch_config.items() if k not in ['Connection', 'CreatedTime', 'InstanceMonitoring', 'BlockDeviceMappings'])) @@ -643,8 +643,8 @@ def delete_launch_config(connection, module): module.exit_json(changed=True) else: module.exit_json(changed=False) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Failed to delete launch configuration", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to delete launch configuration") def main(): @@ -680,8 +680,8 @@ def main(): try: connection = module.client('autoscaling') - except botocore.exceptions.ClientError as e: - module.fail_json(msg="unable to establish connection - " + str(e), exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="unable to establish connection") state = module.params.get('state') diff --git a/plugins/modules/ec2_scaling_policy.py b/plugins/modules/ec2_scaling_policy.py index 656519b43cb..7aeabd1d7da 100644 --- a/plugins/modules/ec2_scaling_policy.py +++ b/plugins/modules/ec2_scaling_policy.py @@ -317,7 +317,7 @@ def create_scaling_policy(connection, module): AutoScalingGroupName=asg_name, PolicyNames=[policy_name])['ScalingPolicies'] except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - module.fail_json_aws(msg="Failed to obtain autoscaling policy %s" % policy_name) + module.fail_json_aws(e, msg="Failed to obtain autoscaling policy %s" % policy_name) policy = camel_dict_to_snake_dict(policies[0]) # Backward compatible return values diff --git a/plugins/modules/ec2_snapshot_copy.py b/plugins/modules/ec2_snapshot_copy.py index 695d0027d12..2bf1d723b7e 100644 --- a/plugins/modules/ec2_snapshot_copy.py +++ b/plugins/modules/ec2_snapshot_copy.py @@ -109,16 +109,11 @@ sample: "snap-e9095e8c" ''' -import traceback - try: import botocore - from botocore.exceptions import ClientError, WaiterError except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict - from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule @@ -159,10 +154,8 @@ def copy_snapshot(module, ec2): Tags=[{'Key': k, 'Value': v} for k, v in module.params.get('tags').items()] ) - except WaiterError as we: - module.fail_json(msg='An error occurred waiting for the snapshot to become available. (%s)' % str(we), exception=traceback.format_exc()) - except ClientError as ce: - module.fail_json(msg=str(ce), exception=traceback.format_exc(), **camel_dict_to_snake_dict(ce.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='An error occurred waiting for the snapshot to become available.') module.exit_json(changed=True, snapshot_id=snapshot_id) diff --git a/plugins/modules/ec2_vpc_endpoint.py b/plugins/modules/ec2_vpc_endpoint.py index 771ea52ba75..4daaaeaa23e 100644 --- a/plugins/modules/ec2_vpc_endpoint.py +++ b/plugins/modules/ec2_vpc_endpoint.py @@ -186,11 +186,10 @@ pass # Handled by AnsibleAWSModule from ansible.module_utils.six import string_types -from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def date_handler(obj): @@ -210,9 +209,8 @@ def wait_for_status(client, module, resource_id, status): break else: time.sleep(polling_increment_secs) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=str(e), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failure while waiting for status') return status_achieved, resource @@ -296,9 +294,8 @@ def create_vpc_endpoint(client, module): module.fail_json(msg="IdempotentParameterMismatch - updates of endpoints are not allowed by the API") except is_boto3_error_code('RouteAlreadyExists'): # pylint: disable=duplicate-except module.fail_json(msg="RouteAlreadyExists for one of the route tables - update is not allowed by the API") - except Exception as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to create VPC.") return changed, result @@ -318,11 +315,8 @@ def setup_removal(client, module): except is_boto3_error_code('DryRunOperation'): changed = True result = 'Would have deleted VPC Endpoint if not in check mode' - except botocore.exceptions.ClientError as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, "Failed to delete VPC endpoint") - except Exception as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) return changed, result diff --git a/plugins/modules/ec2_vpc_nacl_info.py b/plugins/modules/ec2_vpc_nacl_info.py index aabe489c112..1e42e486cea 100644 --- a/plugins/modules/ec2_vpc_nacl_info.py +++ b/plugins/modules/ec2_vpc_nacl_info.py @@ -110,7 +110,6 @@ pass # caught by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible.module_utils._text import to_native from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, ansible_dict_to_boto3_filter_list, camel_dict_to_snake_dict, diff --git a/plugins/modules/ec2_vpc_peer.py b/plugins/modules/ec2_vpc_peer.py index c7efeff3829..cea160d34ff 100644 --- a/plugins/modules/ec2_vpc_peer.py +++ b/plugins/modules/ec2_vpc_peer.py @@ -221,8 +221,6 @@ except ImportError: pass # Handled by AnsibleAWSModule -import traceback - from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code @@ -333,10 +331,10 @@ def peer_status(client, module): try: vpc_peering_connection = client.describe_vpc_peering_connections(**params) return vpc_peering_connection['VpcPeeringConnections'][0]['Status']['Code'] - except is_boto3_error_code('InvalidVpcPeeringConnectionId.Malformed') as e: # pylint: disable=duplicate-except - module.fail_json(msg='Malformed connection ID: {0}'.format(e), traceback=traceback.format_exc()) - except botocore.exceptions.ClientError as e: # pylint: disable=duplicate-except - module.fail_json(msg='Error while describing peering connection by peering_id: {0}'.format(e), traceback=traceback.format_exc()) + except is_boto3_error_code('InvalidVpcPeeringConnectionId.Malformed') as e: + module.fail_json_aws(e, msg='Malformed connection ID') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg='Error while describing peering connection by peering_id') def accept_reject(state, client, module): diff --git a/plugins/modules/ec2_vpc_vgw.py b/plugins/modules/ec2_vpc_vgw.py index d54e7264103..ce68833bcfc 100644 --- a/plugins/modules/ec2_vpc_vgw.py +++ b/plugins/modules/ec2_vpc_vgw.py @@ -112,15 +112,12 @@ ''' import time -import traceback try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native - from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry @@ -162,8 +159,8 @@ def wait_for_status(client, module, vpn_gateway_id, status): break else: time.sleep(polling_increment_secs) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failure while waiting for status update') result = response return status_achieved, result @@ -181,8 +178,8 @@ def attach_vgw(client, module, vpn_gateway_id): catch_extra_error_codes=['InvalidParameterValue'] )(client.attach_vpn_gateway)(VpnGatewayId=vpn_gateway_id, VpcId=params['VpcId']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to attach VPC') status_achieved, vgw = wait_for_status(client, module, [vpn_gateway_id], 'attached') if not status_achieved: @@ -199,13 +196,13 @@ def detach_vgw(client, module, vpn_gateway_id, vpc_id=None): if vpc_id: try: response = client.detach_vpn_gateway(VpnGatewayId=vpn_gateway_id, VpcId=vpc_id) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to detach gateway') else: try: response = client.detach_vpn_gateway(VpnGatewayId=vpn_gateway_id, VpcId=params['VpcId']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to detach gateway') status_achieved, vgw = wait_for_status(client, module, [vpn_gateway_id], 'detached') if not status_achieved: @@ -229,12 +226,11 @@ def create_vgw(client, module): VpnGatewayIds=[response['VpnGateway']['VpnGatewayId']] ) except botocore.exceptions.WaiterError as e: - module.fail_json(msg="Failed to wait for Vpn Gateway {0} to be available".format(response['VpnGateway']['VpnGatewayId']), - exception=traceback.format_exc()) - except is_boto3_error_code('VpnGatewayLimitExceeded'): - module.fail_json(msg="Too many VPN gateways exist in this account.", exception=traceback.format_exc()) - except botocore.exceptions.ClientError as e: # pylint: disable=duplicate-except - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed to wait for Vpn Gateway {0} to be available".format(response['VpnGateway']['VpnGatewayId'])) + except is_boto3_error_code('VpnGatewayLimitExceeded') as e: + module.fail_json_aws(e, msg="Too many VPN gateways exist in this account.") + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg='Failed to create gateway') result = response return result @@ -244,8 +240,8 @@ def delete_vgw(client, module, vpn_gateway_id): try: response = client.delete_vpn_gateway(VpnGatewayId=vpn_gateway_id) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to delete gateway') # return the deleted VpnGatewayId as this is not included in the above response result = vpn_gateway_id @@ -257,8 +253,8 @@ def create_tags(client, module, vpn_gateway_id): try: response = client.create_tags(Resources=[vpn_gateway_id], Tags=load_tags(module)) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to add tags") result = response return result @@ -270,13 +266,13 @@ def delete_tags(client, module, vpn_gateway_id, tags_to_delete=None): if tags_to_delete: try: response = client.delete_tags(Resources=[vpn_gateway_id], Tags=tags_to_delete) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to delete tags') else: try: response = client.delete_tags(Resources=[vpn_gateway_id]) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to delete all tags') result = response return result @@ -301,8 +297,8 @@ def find_tags(client, module, resource_id=None): response = client.describe_tags(Filters=[ {'Name': 'resource-id', 'Values': [resource_id]} ]) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to describe tags searching by resource') result = response return result @@ -348,8 +344,8 @@ def find_vpc(client, module): if params['vpc_id']: try: response = client.describe_vpcs(VpcIds=[params['vpc_id']]) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to describe VPC') result = response return result @@ -368,8 +364,8 @@ def find_vgw(client, module, vpn_gateway_id=None): params['Filters'].append({'Name': 'state', 'Values': ['pending', 'available']}) try: response = client.describe_vpn_gateways(**params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=to_native(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg='Failed to describe gateway using filters') return sorted(response['VpnGateways'], key=lambda k: k['VpnGatewayId']) diff --git a/plugins/modules/ec2_vpc_vgw_info.py b/plugins/modules/ec2_vpc_vgw_info.py index 692c291a87b..5a27f9d672f 100644 --- a/plugins/modules/ec2_vpc_vgw_info.py +++ b/plugins/modules/ec2_vpc_vgw_info.py @@ -89,15 +89,15 @@ type: bool sample: "false" ''' -import traceback try: import botocore except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list @@ -121,8 +121,8 @@ def list_virtual_gateways(client, module): try: all_virtual_gateways = client.describe_vpn_gateways(**params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=str(e), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to list gateways") return [camel_dict_to_snake_dict(get_virtual_gateway_info(vgw)) for vgw in all_virtual_gateways['VpnGateways']] diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index 4ae7d40cd2a..5b7ddd261f4 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -192,10 +192,13 @@ except ImportError: pass # Handled by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception, compare_policies, sort_json_policy_dict from ansible.module_utils.six import string_types +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import sort_json_policy_dict + def build_kwargs(registry_id): """ diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index d6a649ba17b..5fb45a8883b 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -127,17 +127,14 @@ """ from time import sleep -from traceback import format_exc try: - import boto3 import botocore except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict class ElastiCacheManager(object): @@ -225,7 +222,7 @@ def create(self): try: self.conn.create_cache_cluster(**kwargs) - except botocore.exceptions.ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self.module.fail_json_aws(e, msg="Failed to create cache cluster") self._refresh_data() @@ -252,7 +249,7 @@ def delete(self): try: response = self.conn.delete_cache_cluster(CacheClusterId=self.name) - except botocore.exceptions.ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self.module.fail_json_aws(e, msg="Failed to delete cache cluster") cache_cluster_data = response['CacheCluster'] diff --git a/plugins/modules/elasticache_parameter_group.py b/plugins/modules/elasticache_parameter_group.py index 00992a91e51..dd5dffbc4e9 100644 --- a/plugins/modules/elasticache_parameter_group.py +++ b/plugins/modules/elasticache_parameter_group.py @@ -105,8 +105,6 @@ changed: true """ -import traceback - try: import botocore except ImportError: @@ -124,8 +122,8 @@ def create(module, conn, name, group_family, description): try: response = conn.create_cache_parameter_group(CacheParameterGroupName=name, CacheParameterGroupFamily=group_family, Description=description) changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to create cache parameter group.", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to create cache parameter group.") return response, changed @@ -135,8 +133,8 @@ def delete(module, conn, name): conn.delete_cache_parameter_group(CacheParameterGroupName=name) response = {} changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to delete cache parameter group.", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to delete cache parameter group.") return response, changed @@ -230,8 +228,8 @@ def modify(module, conn, name, values): format_parameters.append({'ParameterName': key, 'ParameterValue': value}) try: response = conn.modify_cache_parameter_group(CacheParameterGroupName=name, ParameterNameValues=format_parameters) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to modify cache parameter group.", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to modify cache parameter group.") return response @@ -254,8 +252,8 @@ def reset(module, conn, name, values): try: response = conn.reset_cache_parameter_group(CacheParameterGroupName=name, ParameterNameValues=format_parameters, ResetAllParameters=all_parameters) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to reset cache parameter group.", exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to reset cache parameter group.") # determine changed new_parameters_dict = make_current_modifiable_param_dict(module, conn, name) diff --git a/plugins/modules/elasticache_snapshot.py b/plugins/modules/elasticache_snapshot.py index dc92df6b3c2..d07125023bd 100644 --- a/plugins/modules/elasticache_snapshot.py +++ b/plugins/modules/elasticache_snapshot.py @@ -111,16 +111,14 @@ changed: true """ -import traceback - try: - import boto3 import botocore except ImportError: pass # Handled by AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict def create(module, connection, replication_id, cluster_id, name): @@ -135,7 +133,7 @@ def create(module, connection, replication_id, cluster_id, name): response = {} changed = False else: - module.fail_json(msg="Unable to create the snapshot.", exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Unable to create the snapshot.") return response, changed @@ -146,8 +144,8 @@ def copy(module, connection, name, target, bucket): TargetSnapshotName=target, TargetBucket=bucket) changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Unable to copy the snapshot.", exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to copy the snapshot.") return response, changed @@ -164,7 +162,7 @@ def delete(module, connection, name): module.fail_json(msg="Error: InvalidSnapshotState. The snapshot is not in an available state or failed state to allow deletion." "You may need to wait a few minutes.") else: - module.fail_json(msg="Unable to delete the snapshot.", exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Unable to delete the snapshot.") return response, changed diff --git a/plugins/modules/elb_application_lb_info.py b/plugins/modules/elb_application_lb_info.py index 14937befba8..e3003789911 100644 --- a/plugins/modules/elb_application_lb_info.py +++ b/plugins/modules/elb_application_lb_info.py @@ -162,15 +162,11 @@ sample: vpc-0011223344 ''' -import traceback - try: import botocore - from botocore.exceptions import ClientError, NoCredentialsError except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule @@ -182,7 +178,7 @@ def get_elb_listeners(connection, module, elb_arn): try: return connection.describe_listeners(LoadBalancerArn=elb_arn)['Listeners'] - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to describe elb listeners") @@ -190,7 +186,7 @@ def get_listener_rules(connection, module, listener_arn): try: return connection.describe_rules(ListenerArn=listener_arn)['Rules'] - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to describe listener rules") @@ -198,7 +194,7 @@ def get_load_balancer_attributes(connection, module, load_balancer_arn): try: load_balancer_attributes = boto3_tag_list_to_ansible_dict(connection.describe_load_balancer_attributes(LoadBalancerArn=load_balancer_arn)['Attributes']) - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to describe load balancer attributes") # Replace '.' with '_' in attribute key names to make it more Ansibley @@ -213,7 +209,7 @@ def get_load_balancer_tags(connection, module, load_balancer_arn): try: return boto3_tag_list_to_ansible_dict(connection.describe_tags(ResourceArns=[load_balancer_arn])['TagDescriptions'][0]['Tags']) - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to describe load balancer tags") @@ -232,10 +228,8 @@ def list_load_balancers(connection, module): load_balancers = load_balancer_paginator.paginate(Names=names).build_full_result() except is_boto3_error_code('LoadBalancerNotFound'): module.exit_json(load_balancers=[]) - except ClientError as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Failed to list load balancers") - except NoCredentialsError as e: - module.fail_json(msg="AWS authentication problem. " + to_native(e), exception=traceback.format_exc()) for load_balancer in load_balancers['LoadBalancers']: # Get the attributes for each elb diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index 31761953b17..4e3601a70a2 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -112,15 +112,12 @@ ''' from time import time, sleep -import traceback try: import botocore - from botocore.exceptions import ClientError, BotoCoreError except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule @@ -136,12 +133,8 @@ def convert_tg_name_to_arn(connection, module, tg_name): try: response = describe_target_groups_with_backoff(connection, tg_name) - except ClientError as e: - module.fail_json(msg="Unable to describe target group {0}: {1}".format(tg_name, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except BotoCoreError as e: - module.fail_json(msg="Unable to describe target group {0}: {1}".format(tg_name, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to describe target group {0}".format(tg_name)) tg_arn = response['TargetGroups'][0]['TargetGroupArn'] @@ -175,12 +168,8 @@ def describe_targets(connection, module, tg_arn, target=None): if not targets: return {} return targets[0] - except ClientError as e: - module.fail_json(msg="Unable to describe target health for target {0}: {1}".format(target, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except BotoCoreError as e: - module.fail_json(msg="Unable to describe target health for target {0}: {1}".format(target, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to describe target health for target {0}".format(target)) @AWSRetry.jittered_backoff(retries=10, delay=10) @@ -224,12 +213,8 @@ def register_target(connection, module): changed = True if target_status: target_status_check(connection, module, target_group_arn, target, target_status, target_status_timeout) - except ClientError as e: - module.fail_json(msg="Unable to deregister target {0}: {1}".format(target, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except BotoCoreError as e: - module.fail_json(msg="Unable to deregister target {0}: {1}".format(target, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to deregister target {0}".format(target)) # Get all targets for the target group target_descriptions = describe_targets(connection, module, target_group_arn) @@ -283,12 +268,8 @@ def deregister_target(connection, module): try: deregister_target_with_backoff(connection, target_group_arn, target) changed = True - except ClientError as e: - module.fail_json(msg="Unable to deregister target {0}: {1}".format(target, to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except BotoCoreError as e: - module.fail_json(msg="Unable to deregister target {0}: {1}".format(target, to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json(msg="Unable to deregister target {0}".format(target)) else: if current_target_reason != 'Target.NotRegistered' and current_target_state != 'draining': module.warn(warning="Your specified target has an 'unused' state but is still registered to the target group. " + diff --git a/plugins/modules/elb_target_group_info.py b/plugins/modules/elb_target_group_info.py index 00cc425e0de..973743766b1 100644 --- a/plugins/modules/elb_target_group_info.py +++ b/plugins/modules/elb_target_group_info.py @@ -207,15 +207,11 @@ sample: vpc-0123456 ''' -import traceback - try: import botocore - from botocore.exceptions import ClientError, NoCredentialsError except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule @@ -227,7 +223,7 @@ def get_target_group_attributes(connection, module, target_group_arn): try: target_group_attributes = boto3_tag_list_to_ansible_dict(connection.describe_target_group_attributes(TargetGroupArn=target_group_arn)['Attributes']) - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to describe target group attributes") # Replace '.' with '_' in attribute key names to make it more Ansibley @@ -239,7 +235,7 @@ def get_target_group_tags(connection, module, target_group_arn): try: return boto3_tag_list_to_ansible_dict(connection.describe_tags(ResourceArns=[target_group_arn])['TagDescriptions'][0]['Tags']) - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to describe group tags") @@ -247,7 +243,7 @@ def get_target_group_targets_health(connection, module, target_group_arn): try: return connection.describe_target_health(TargetGroupArn=target_group_arn)['TargetHealthDescriptions'] - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to get target health") @@ -270,10 +266,8 @@ def list_target_groups(connection, module): target_groups = target_group_paginator.paginate(Names=names).build_full_result() except is_boto3_error_code('TargetGroupNotFound'): module.exit_json(target_groups=[]) - except ClientError as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Failed to list target groups") - except NoCredentialsError as e: - module.fail_json(msg="AWS authentication problem. " + to_native(e), exception=traceback.format_exc()) # Get the attributes and tags for each target group for target_group in target_groups['TargetGroups']: diff --git a/plugins/modules/execute_lambda.py b/plugins/modules/execute_lambda.py index ca97f6619c9..199a50fd0a7 100644 --- a/plugins/modules/execute_lambda.py +++ b/plugins/modules/execute_lambda.py @@ -129,15 +129,12 @@ import base64 import json -import traceback try: import botocore except ImportError: pass # Handled by AnsibleAWSModule -from ansible.module_utils._text import to_native - from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule @@ -211,18 +208,14 @@ def main(): response = client.invoke(**invoke_params) except botocore.exceptions.ClientError as ce: if ce.response['Error']['Code'] == 'ResourceNotFoundException': - module.fail_json(msg="Could not find Lambda to execute. Make sure " - "the ARN is correct and your profile has " - "permissions to execute this function.", - exception=traceback.format_exc()) - module.fail_json(msg="Client-side error when invoking Lambda, check inputs and specific error", - exception=traceback.format_exc()) + module.fail_json_aws(ce, msg="Could not find Lambda to execute. Make sure " + "the ARN is correct and your profile has " + "permissions to execute this function.") + module.fail_json_aws(ce, msg="Client-side error when invoking Lambda, check inputs and specific error") except botocore.exceptions.ParamValidationError as ve: - module.fail_json(msg="Parameters to `invoke` failed to validate", - exception=traceback.format_exc()) + module.fail_json_aws(ve, msg="Parameters to `invoke` failed to validate") except Exception as e: - module.fail_json(msg="Unexpected failure while invoking Lambda function", - exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Unexpected failure while invoking Lambda function") results = { 'logs': '', @@ -235,13 +228,13 @@ def main(): # logs are base64 encoded in the API response results['logs'] = base64.b64decode(response.get('LogResult', '')) except Exception as e: - module.fail_json(msg="Failed while decoding logs", exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed while decoding logs") if invoke_params['InvocationType'] == 'RequestResponse': try: results['output'] = json.loads(response['Payload'].read().decode('utf8')) except Exception as e: - module.fail_json(msg="Failed while decoding function return value", exception=traceback.format_exc()) + module.fail_json_aws(e, msg="Failed while decoding function return value") if isinstance(results.get('output'), dict) and any( [results['output'].get('stackTrace'), results['output'].get('errorMessage')]): diff --git a/plugins/modules/iam_managed_policy.py b/plugins/modules/iam_managed_policy.py index a0b7c3c48af..aa668498ad1 100644 --- a/plugins/modules/iam_managed_policy.py +++ b/plugins/modules/iam_managed_policy.py @@ -130,7 +130,6 @@ ''' import json -import traceback try: import botocore @@ -138,10 +137,10 @@ pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies @@ -154,10 +153,8 @@ def list_policies_with_backoff(iam): def get_policy_by_name(module, iam, name): try: response = list_policies_with_backoff(iam) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't list policies: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't list policies") for policy in response['Policies']: if policy['PolicyName'] == name: return policy @@ -168,36 +165,28 @@ def delete_oldest_non_default_version(module, iam, policy): try: versions = [v for v in iam.list_policy_versions(PolicyArn=policy['Arn'])['Versions'] if not v['IsDefaultVersion']] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't list policy versions: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't list policy versions") versions.sort(key=lambda v: v['CreateDate'], reverse=True) for v in versions[-1:]: try: iam.delete_policy_version(PolicyArn=policy['Arn'], VersionId=v['VersionId']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't delete policy version: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't delete policy version") # This needs to return policy_version, changed def get_or_create_policy_version(module, iam, policy, policy_document): try: versions = iam.list_policy_versions(PolicyArn=policy['Arn'])['Versions'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't list policy versions: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't list policy versions") for v in versions: try: document = iam.get_policy_version(PolicyArn=policy['Arn'], VersionId=v['VersionId'])['PolicyVersion']['Document'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't get policy version %s: %s" % (v['VersionId'], str(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't get policy version {0}".format(v['VersionId'])) # If the current policy matches the existing one if not compare_policies(document, json.loads(to_native(policy_document))): return v, False @@ -217,23 +206,19 @@ def get_or_create_policy_version(module, iam, policy, policy_document): try: version = iam.create_policy_version(PolicyArn=policy['Arn'], PolicyDocument=policy_document)['PolicyVersion'] return version, True - except botocore.exceptions.ClientError as second_e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as second_e: e = second_e # Handle both when the exception isn't LimitExceeded or # the second attempt still failed - module.fail_json(msg="Couldn't create policy version: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Couldn't create policy version") def set_if_default(module, iam, policy, policy_version, is_default): if is_default and not policy_version['IsDefaultVersion']: try: iam.set_default_policy_version(PolicyArn=policy['Arn'], VersionId=policy_version['VersionId']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't set default policy version: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't set default policy version") return True return False @@ -243,17 +228,13 @@ def set_if_only(module, iam, policy, policy_version, is_only): try: versions = [v for v in iam.list_policy_versions(PolicyArn=policy['Arn'])[ 'Versions'] if not v['IsDefaultVersion']] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't list policy versions: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't list policy versions") for v in versions: try: iam.delete_policy_version(PolicyArn=policy['Arn'], VersionId=v['VersionId']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't delete policy version: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't delete policy version") return len(versions) > 0 return False @@ -261,32 +242,24 @@ def set_if_only(module, iam, policy, policy_version, is_only): def detach_all_entities(module, iam, policy, **kwargs): try: entities = iam.list_entities_for_policy(PolicyArn=policy['Arn'], **kwargs) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't detach list entities for policy %s: %s" % (policy['PolicyName'], str(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't detach list entities for policy {0}".format(policy['PolicyName'])) for g in entities['PolicyGroups']: try: iam.detach_group_policy(PolicyArn=policy['Arn'], GroupName=g['GroupName']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't detach group policy %s: %s" % (g['GroupName'], str(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't detach group policy {0}".format(g['GroupName'])) for u in entities['PolicyUsers']: try: iam.detach_user_policy(PolicyArn=policy['Arn'], UserName=u['UserName']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't detach user policy %s: %s" % (u['UserName'], str(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't detach user policy {0}".format(u['UserName'])) for r in entities['PolicyRoles']: try: iam.detach_role_policy(PolicyArn=policy['Arn'], RoleName=r['RoleName']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't detach role policy %s: %s" % (r['RoleName'], str(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't detach role policy {0}".format(r['RoleName'])) if entities['IsTruncated']: detach_all_entities(module, iam, policy, marker=entities['Marker']) @@ -330,10 +303,8 @@ def main(): try: rvalue = iam.create_policy(PolicyName=name, Path='/', PolicyDocument=policy, Description=description) - except Exception as e: - module.fail_json(msg="Couldn't create policy %s: %s" % (name, to_native(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't create policy {0}".format(name)) module.exit_json(changed=True, policy=camel_dict_to_snake_dict(rvalue['Policy'])) else: @@ -344,10 +315,8 @@ def main(): if changed: try: p = iam.get_policy(PolicyArn=p['Arn'])['Policy'] - except Exception as e: - module.fail_json(msg="Couldn't get policy: %s" % to_native(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json(msg="Couldn't get policy") module.exit_json(changed=changed, policy=camel_dict_to_snake_dict(p)) else: @@ -358,26 +327,21 @@ def main(): # Delete Versions try: versions = iam.list_policy_versions(PolicyArn=p['Arn'])['Versions'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't list policy versions: %s" % to_native(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't list policy versions") for v in versions: if not v['IsDefaultVersion']: try: iam.delete_policy_version(PolicyArn=p['Arn'], VersionId=v['VersionId']) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't delete policy version %s: %s" % - (v['VersionId'], to_native(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws( + e, msg="Couldn't delete policy version {0}".format(v['VersionId'])) # Delete policy try: iam.delete_policy(PolicyArn=p['Arn']) - except Exception as e: - module.fail_json(msg="Couldn't delete policy %s: %s" % (p['PolicyName'], to_native(e)), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't delete policy {0}".format(p['PolicyName'])) + # This is the one case where we will return the old policy module.exit_json(changed=True, policy=camel_dict_to_snake_dict(p)) else: diff --git a/plugins/modules/iam_policy_info.py b/plugins/modules/iam_policy_info.py index c919caec816..e934e09a621 100644 --- a/plugins/modules/iam_policy_info.py +++ b/plugins/modules/iam_policy_info.py @@ -77,8 +77,6 @@ type: list ''' -import json - try: from botocore.exceptions import BotoCoreError, ClientError except ImportError: @@ -86,7 +84,6 @@ from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible.module_utils.six import string_types class PolicyError(Exception): diff --git a/plugins/modules/iam_user.py b/plugins/modules/iam_user.py index 6b8efcda811..7bd8ebda423 100644 --- a/plugins/modules/iam_user.py +++ b/plugins/modules/iam_user.py @@ -106,17 +106,16 @@ sample: / ''' -from ansible.module_utils._text import to_native -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict - -import traceback - try: - from botocore.exceptions import ClientError, ParamValidationError, BotoCoreError + import botocore except ImportError: pass # caught by AnsibleAWSModule +from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule + def compare_attached_policies(current_attached_policies, new_attached_policies): @@ -176,11 +175,8 @@ def create_or_update_user(connection, module): try: connection.create_user(**params) changed = True - except ClientError as e: - module.fail_json(msg="Unable to create user: {0}".format(to_native(e)), exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except ParamValidationError as e: - module.fail_json(msg="Unable to create user: {0}".format(to_native(e)), exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to create user") # Manage managed policies current_attached_policies = get_attached_policy_list(connection, module, params['UserName']) @@ -197,14 +193,9 @@ def create_or_update_user(connection, module): if not module.check_mode: try: connection.detach_user_policy(UserName=params['UserName'], PolicyArn=policy_arn) - except ClientError as e: - module.fail_json(msg="Unable to detach policy {0} from user {1}: {2}".format( - policy_arn, params['UserName'], to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except ParamValidationError as e: - module.fail_json(msg="Unable to detach policy {0} from user {1}: {2}".format( - policy_arn, params['UserName'], to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to detach policy {0} from user {1}".format( + policy_arn, params['UserName'])) # If there are policies to adjust that aren't in the current list, then things have changed # Otherwise the only changes were in purging above @@ -215,14 +206,9 @@ def create_or_update_user(connection, module): for policy_arn in managed_policies: try: connection.attach_user_policy(UserName=params['UserName'], PolicyArn=policy_arn) - except ClientError as e: - module.fail_json(msg="Unable to attach policy {0} to user {1}: {2}".format( - policy_arn, params['UserName'], to_native(e)), - exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) - except ParamValidationError as e: - module.fail_json(msg="Unable to attach policy {0} to user {1}: {2}".format( - policy_arn, params['UserName'], to_native(e)), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Unable to attach policy {0} to user {1}".format( + policy_arn, params['UserName'])) if module.check_mode: module.exit_json(changed=changed) @@ -249,7 +235,7 @@ def destroy_user(connection, module): try: for policy in get_attached_policy_list(connection, module, user_name): connection.detach_user_policy(UserName=user_name, PolicyArn=policy['PolicyArn']) - except (ClientError, BotoCoreError) as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Unable to delete user {0}".format(user_name)) try: @@ -298,7 +284,7 @@ def destroy_user(connection, module): connection.remove_user_from_group(UserName=user_name, GroupName=group["GroupName"]) connection.delete_user(UserName=user_name) - except (ClientError, BotoCoreError) as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Unable to delete user {0}".format(user_name)) module.exit_json(changed=True) @@ -311,7 +297,7 @@ def get_user(connection, module, name): try: return connection.get_user(**params) - except ClientError as e: + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'NoSuchEntity': return None else: @@ -323,7 +309,7 @@ def get_attached_policy_list(connection, module, name): try: return connection.list_attached_user_policies(UserName=name)['AttachedPolicies'] - except ClientError as e: + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'NoSuchEntity': return None else: @@ -334,7 +320,7 @@ def delete_user_login_profile(connection, module, user_name): try: return connection.delete_login_profile(UserName=user_name) - except ClientError as e: + except botocore.exceptions.ClientError as e: if e.response["Error"]["Code"] == "NoSuchEntity": return None else: diff --git a/plugins/modules/lambda.py b/plugins/modules/lambda.py index 9cb2e0286cc..e559e181abe 100644 --- a/plugins/modules/lambda.py +++ b/plugins/modules/lambda.py @@ -211,13 +211,6 @@ } ''' -from ansible.module_utils._text import to_native -from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags - import base64 import hashlib import traceback @@ -228,6 +221,14 @@ except ImportError: pass # protected by AnsibleAWSModule +from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags + def get_account_info(module): """return the account information (account id and partition) we are currently working on diff --git a/plugins/modules/lambda_alias.py b/plugins/modules/lambda_alias.py index bd547a41341..8cd8a891289 100644 --- a/plugins/modules/lambda_alias.py +++ b/plugins/modules/lambda_alias.py @@ -144,7 +144,6 @@ import re try: - import boto3 from botocore.exceptions import ClientError, ParamValidationError, MissingParametersError except ImportError: pass # Handled by AnsibleAWSModule diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index 3aa9c7f67dc..169ace0e2fa 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -755,7 +755,6 @@ get_rds_method_attribute, get_tags, ) -from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list, AWSRetry from ansible.module_utils.six import string_types @@ -763,7 +762,7 @@ from time import sleep try: - from botocore.exceptions import ClientError, BotoCoreError, WaiterError + import botocore except ImportError: pass # caught by AnsibleAWSModule @@ -807,7 +806,7 @@ def get_instance(client, module, db_instance_id): sleep(3) else: instance = {} - except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg='Failed to describe DB instances') return instance @@ -820,7 +819,7 @@ def get_final_snapshot(client, module, snapshot_identifier): return {} except is_boto3_error_code('DBSnapshotNotFound') as e: # May not be using wait: True return {} - except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg='Failed to retrieve information about the final snapshot') diff --git a/plugins/modules/rds_param_group.py b/plugins/modules/rds_param_group.py index 536698473e1..ff18fc98300 100644 --- a/plugins/modules/rds_param_group.py +++ b/plugins/modules/rds_param_group.py @@ -113,8 +113,6 @@ returned: when state is present ''' -import traceback - try: import botocore except ImportError: @@ -123,12 +121,12 @@ from ansible.module_utils.parsing.convert_bool import BOOLEANS_TRUE from ansible.module_utils.six import string_types from ansible.module_utils._text import to_native +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags INT_MODIFIERS = { 'K': 1024, @@ -197,10 +195,8 @@ def update_parameters(module, connection): non_empty_slice = [item for item in modify_slice if item] try: connection.modify_db_parameter_group(DBParameterGroupName=groupname, Parameters=non_empty_slice) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't update parameters: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't update parameters") return True, errors return False, errors @@ -215,24 +211,15 @@ def update_tags(module, connection, group, tags): connection.add_tags_to_resource(ResourceName=group['DBParameterGroupArn'], Tags=ansible_dict_to_boto3_tag_list(to_update)) changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't add tags to parameter group: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) - except botocore.exceptions.ParamValidationError as e: - # Usually a tag value has been passed as an int or bool, needs to be a string - # The AWS exception message is reasonably ok for this purpose - module.fail_json(msg="Couldn't add tags to parameter group: %s." % str(e), - exception=traceback.format_exc()) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't add tags to parameter group") if to_delete: try: connection.remove_tags_from_resource(ResourceName=group['DBParameterGroupArn'], TagKeys=to_delete) changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't remove tags from parameter group: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't remove tags from parameter group") return changed @@ -247,9 +234,7 @@ def ensure_present(module, connection): if e.response['Error']['Code'] == 'DBParameterGroupNotFound': response = None else: - module.fail_json(msg="Couldn't access parameter group information: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Couldn't access parameter group information") if not response: params = dict(DBParameterGroupName=groupname, DBParameterGroupFamily=module.params['engine'], @@ -259,10 +244,8 @@ def ensure_present(module, connection): try: response = connection.create_db_parameter_group(**params) changed = True - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't create parameter group: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't create parameter group") else: group = response['DBParameterGroups'][0] if tags: @@ -275,16 +258,12 @@ def ensure_present(module, connection): try: response = connection.describe_db_parameter_groups(DBParameterGroupName=groupname) group = camel_dict_to_snake_dict(response['DBParameterGroups'][0]) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't obtain parameter group information: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't obtain parameter group information") try: tags = connection.list_tags_for_resource(ResourceName=group['db_parameter_group_arn'])['TagList'] - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't obtain parameter group tags: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't obtain parameter group tags") group['tags'] = boto3_tag_list_to_ansible_dict(tags) module.exit_json(changed=changed, errors=errors, **group) @@ -298,16 +277,12 @@ def ensure_absent(module, connection): if e.response['Error']['Code'] == 'DBParameterGroupNotFound': module.exit_json(changed=False) else: - module.fail_json(msg="Couldn't access parameter group information: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + module.fail_json_aws(e, msg="Couldn't access parameter group information") try: response = connection.delete_db_parameter_group(DBParameterGroupName=group) module.exit_json(changed=True) - except botocore.exceptions.ClientError as e: - module.fail_json(msg="Couldn't delete parameter group: %s" % str(e), - exception=traceback.format_exc(), - **camel_dict_to_snake_dict(e.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Couldn't delete parameter group") def main(): diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 7c992685494..c409545e62b 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -599,7 +599,7 @@ def modify_cluster(module, redshift): try: resource = _describe_cluster(redshift, identifier) except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: - module.fail_json(e, msg="Couldn't modify redshift cluster %s " % identifier) + module.fail_json_aws(e, msg="Couldn't modify redshift cluster %s " % identifier) if _ensure_tags(redshift, identifier, resource['Tags'], module): resource = redshift.describe_clusters(ClusterIdentifier=identifier)['Clusters'][0] diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index 5edceea50bf..967be374219 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -195,12 +195,6 @@ from copy import deepcopy import datetime -try: - import dateutil.parser - HAS_DATEUTIL = True -except ImportError: - HAS_DATEUTIL = False - try: from botocore.exceptions import BotoCoreError, ClientError except ImportError: @@ -469,9 +463,6 @@ def main(): ['noncurrent_version_transition_days', 'noncurrent_version_transitions'], ],) - if not HAS_DATEUTIL: - module.fail_json(msg='dateutil required for this module') - client = module.client('s3') expiration_date = module.params.get("expiration_date") diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 78326587941..1222d98cfd6 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -227,7 +227,6 @@ import mimetypes import os import stat as osstat # os.stat constants -import traceback try: from dateutil import tz @@ -247,8 +246,6 @@ # import module snippets from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto_exception # the following function, calculate_multipart_etag, is from tlastowka @@ -406,8 +403,6 @@ def head_s3(s3, bucket, s3keys): pass else: raise Exception(err) - # error_msg = boto_exception(err) - # return {'error': error_msg} retkeys.append(retentry) return retkeys @@ -546,9 +541,8 @@ def main(): if result.get('uploads') or result.get('removed'): result['changed'] = True # result.update(filelist=actionable_filelist) - except botocore.exceptions.ClientError as err: - error_msg = boto_exception(err) - module.fail_json(msg=error_msg, exception=traceback.format_exc(), **camel_dict_to_snake_dict(err.response)) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to push file") module.exit_json(**result) diff --git a/plugins/modules/s3_website.py b/plugins/modules/s3_website.py index 8b93edb5bb7..24a7cdf7afa 100644 --- a/plugins/modules/s3_website.py +++ b/plugins/modules/s3_website.py @@ -163,7 +163,6 @@ try: import botocore - from botocore.exceptions import ClientError, ParamValidationError except ImportError: pass # Handled by AnsibleAWSModule @@ -220,21 +219,21 @@ def enable_or_update_bucket_as_website(client_connection, resource_connection, m try: bucket_website = resource_connection.BucketWebsite(bucket_name) - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to get bucket") try: website_config = client_connection.get_bucket_website(Bucket=bucket_name) except is_boto3_error_code('NoSuchWebsiteConfiguration'): website_config = None - except ClientError as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Failed to get website configuration") if website_config is None: try: bucket_website.put(WebsiteConfiguration=_create_website_configuration(suffix, error_key, redirect_all_requests)) changed = True - except (ClientError, ParamValidationError) as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to set bucket website configuration") except ValueError as e: module.fail_json(msg=str(e)) @@ -247,14 +246,14 @@ def enable_or_update_bucket_as_website(client_connection, resource_connection, m try: bucket_website.put(WebsiteConfiguration=_create_website_configuration(suffix, error_key, redirect_all_requests)) changed = True - except (ClientError, ParamValidationError) as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to update bucket website configuration") except KeyError as e: try: bucket_website.put(WebsiteConfiguration=_create_website_configuration(suffix, error_key, redirect_all_requests)) changed = True - except (ClientError, ParamValidationError) as e: - module.fail_json(e, msg="Failed to update bucket website configuration") + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to update bucket website configuration") except ValueError as e: module.fail_json(msg=str(e)) @@ -274,13 +273,13 @@ def disable_bucket_as_website(client_connection, module): client_connection.get_bucket_website(Bucket=bucket_name) except is_boto3_error_code('NoSuchWebsiteConfiguration'): module.exit_json(changed=changed) - except ClientError as e: # pylint: disable=duplicate-except + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Failed to get bucket website") try: client_connection.delete_bucket_website(Bucket=bucket_name) changed = True - except ClientError as e: + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Failed to delete bucket website") module.exit_json(changed=changed)
                                              Parameter Choices/Defaults Comments
                                              AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_access_key, access_key
                                              AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: ec2_secret_key, secret_key
                                              Uses a boto profile. Only works with boto >= 2.24.0.
                                              +
                                              Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                              +
                                              aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                              aliases: aws_profile
                                              AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                              +
                                              If profile is set this parameter is ignored.
                                              +
                                              Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                              aliases: aws_security_token, access_token
                                                Choices: @@ -283,7 +294,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.route53_health_check_module.rst b/docs/community.aws.route53_health_check_module.rst index d3585ba8e22..7672b0d77b7 100644 --- a/docs/community.aws.route53_health_check_module.rst +++ b/docs/community.aws.route53_health_check_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -227,6 +231,8 @@ Parameters @@ -296,6 +302,8 @@ Parameters @@ -340,7 +348,8 @@ Parameters
                                                string - / required
                                                + / required + @@ -160,12 +161,13 @@ Parameters @@ -608,7 +610,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.elb_target_group_info_module.rst b/docs/community.aws.elb_target_group_info_module.rst index 83511da09a7..4ee35257c3c 100644 --- a/docs/community.aws.elb_target_group_info_module.rst +++ b/docs/community.aws.elb_target_group_info_module.rst @@ -301,7 +301,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.elb_target_group_module.rst b/docs/community.aws.elb_target_group_module.rst index 5b39b157349..231df473c1d 100644 --- a/docs/community.aws.elb_target_group_module.rst +++ b/docs/community.aws.elb_target_group_module.rst @@ -658,7 +658,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.elb_target_info_module.rst b/docs/community.aws.elb_target_info_module.rst index 918be270c54..53d29e3295c 100644 --- a/docs/community.aws.elb_target_info_module.rst +++ b/docs/community.aws.elb_target_info_module.rst @@ -271,7 +271,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # practical use case - dynamically de-registering and re-registering nodes diff --git a/docs/community.aws.elb_target_module.rst b/docs/community.aws.elb_target_module.rst index d208c11de88..f596429753d 100644 --- a/docs/community.aws.elb_target_module.rst +++ b/docs/community.aws.elb_target_module.rst @@ -17,7 +17,7 @@ Version added: 1.0.0 Synopsis -------- -- Used to register or deregister a target in a target group +- Used to register or deregister a target in a target group. @@ -140,12 +140,13 @@ Parameters @@ -248,7 +249,7 @@ Parameters @@ -263,7 +264,8 @@ Parameters @@ -278,7 +280,8 @@ Parameters @@ -349,7 +352,7 @@ Parameters Default:
                                                60
                                                @@ -389,7 +392,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.execute_lambda_module.rst b/docs/community.aws.execute_lambda_module.rst index 917a3c56e5a..4e9b5d6f4a2 100644 --- a/docs/community.aws.execute_lambda_module.rst +++ b/docs/community.aws.execute_lambda_module.rst @@ -354,7 +354,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - community.aws.execute_lambda: name: test-function diff --git a/docs/community.aws.iam_cert_module.rst b/docs/community.aws.iam_cert_module.rst index f76ee1ed3dc..52d02622b65 100644 --- a/docs/community.aws.iam_cert_module.rst +++ b/docs/community.aws.iam_cert_module.rst @@ -170,13 +170,14 @@ Parameters @@ -238,8 +239,8 @@ Parameters @@ -254,7 +255,7 @@ Parameters @@ -343,7 +344,7 @@ Parameters @@ -383,7 +384,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Basic server certificate upload from local file community.aws.iam_cert: diff --git a/docs/community.aws.iam_group_module.rst b/docs/community.aws.iam_group_module.rst index 9ee2a4e6f82..2eb85c16334 100644 --- a/docs/community.aws.iam_group_module.rst +++ b/docs/community.aws.iam_group_module.rst @@ -344,7 +344,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.iam_managed_policy_module.rst b/docs/community.aws.iam_managed_policy_module.rst index 05567a58001..56ed8f76cd9 100644 --- a/docs/community.aws.iam_managed_policy_module.rst +++ b/docs/community.aws.iam_managed_policy_module.rst @@ -358,7 +358,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Create Policy ex nihilo - name: Create IAM Managed Policy diff --git a/docs/community.aws.iam_mfa_device_info_module.rst b/docs/community.aws.iam_mfa_device_info_module.rst index 96e267dd8ee..b76f802ef87 100644 --- a/docs/community.aws.iam_mfa_device_info_module.rst +++ b/docs/community.aws.iam_mfa_device_info_module.rst @@ -251,7 +251,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.iam_module.rst b/docs/community.aws.iam_module.rst index 936ee464e94..be1e539d5d2 100644 --- a/docs/community.aws.iam_module.rst +++ b/docs/community.aws.iam_module.rst @@ -481,7 +481,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Basic user creation example - name: Create two new IAM users with API keys diff --git a/docs/community.aws.iam_password_policy_module.rst b/docs/community.aws.iam_password_policy_module.rst index 7d4133619ed..e1bdb8ce9fe 100644 --- a/docs/community.aws.iam_password_policy_module.rst +++ b/docs/community.aws.iam_password_policy_module.rst @@ -422,7 +422,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Password policy for AWS account community.aws.iam_password_policy: diff --git a/docs/community.aws.iam_policy_info_module.rst b/docs/community.aws.iam_policy_info_module.rst index 3fffa1c62b7..6d06db1d93f 100644 --- a/docs/community.aws.iam_policy_info_module.rst +++ b/docs/community.aws.iam_policy_info_module.rst @@ -285,7 +285,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Describe all inline IAM policies on an IAM User community.aws.iam_policy_info: diff --git a/docs/community.aws.iam_policy_module.rst b/docs/community.aws.iam_policy_module.rst index bdbb15cc7c2..f976ac1a4d0 100644 --- a/docs/community.aws.iam_policy_module.rst +++ b/docs/community.aws.iam_policy_module.rst @@ -360,7 +360,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Create a policy with the name of 'Admin' to the group 'administrators' - name: Assign a policy called Admin to the administrators group diff --git a/docs/community.aws.iam_role_info_module.rst b/docs/community.aws.iam_role_info_module.rst index 1c6c56914cb..2e3abc9fe1e 100644 --- a/docs/community.aws.iam_role_info_module.rst +++ b/docs/community.aws.iam_role_info_module.rst @@ -268,7 +268,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: find all existing IAM roles community.aws.iam_role_info: diff --git a/docs/community.aws.iam_role_module.rst b/docs/community.aws.iam_role_module.rst index efdb1928a51..e81541d815a 100644 --- a/docs/community.aws.iam_role_module.rst +++ b/docs/community.aws.iam_role_module.rst @@ -467,7 +467,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.iam_saml_federation_module.rst b/docs/community.aws.iam_saml_federation_module.rst index c741777dd30..3e9ac69b646 100644 --- a/docs/community.aws.iam_saml_federation_module.rst +++ b/docs/community.aws.iam_saml_federation_module.rst @@ -284,7 +284,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.iam_server_certificate_info_module.rst b/docs/community.aws.iam_server_certificate_info_module.rst index a4201eccfc9..c41d2407cb4 100644 --- a/docs/community.aws.iam_server_certificate_info_module.rst +++ b/docs/community.aws.iam_server_certificate_info_module.rst @@ -251,7 +251,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Retrieve server certificate community.aws.iam_server_certificate_info: diff --git a/docs/community.aws.iam_user_info_module.rst b/docs/community.aws.iam_user_info_module.rst index f1d460c3ef6..f33064c0dd6 100644 --- a/docs/community.aws.iam_user_info_module.rst +++ b/docs/community.aws.iam_user_info_module.rst @@ -282,7 +282,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather facts about "test" user. diff --git a/docs/community.aws.iam_user_module.rst b/docs/community.aws.iam_user_module.rst index d3065e79540..de70f8358d3 100644 --- a/docs/community.aws.iam_user_module.rst +++ b/docs/community.aws.iam_user_module.rst @@ -309,7 +309,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. # Note: This module does not allow management of groups that users belong to. diff --git a/docs/community.aws.kinesis_stream_module.rst b/docs/community.aws.kinesis_stream_module.rst index 721b75ed6eb..27b71b0b487 100644 --- a/docs/community.aws.kinesis_stream_module.rst +++ b/docs/community.aws.kinesis_stream_module.rst @@ -411,7 +411,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. @@ -461,6 +461,7 @@ Examples community.aws.kinesis_stream: name: test-stream state: present + shards: 1 encryption_state: enabled encryption_type: KMS key_id: alias/aws/kinesis @@ -473,6 +474,7 @@ Examples community.aws.kinesis_stream: name: test-stream state: present + shards: 1 encryption_state: disabled encryption_type: KMS key_id: alias/aws/kinesis diff --git a/docs/community.aws.lambda_alias_module.rst b/docs/community.aws.lambda_alias_module.rst index 5ff81ec22f0..9687be4015a 100644 --- a/docs/community.aws.lambda_alias_module.rst +++ b/docs/community.aws.lambda_alias_module.rst @@ -317,7 +317,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml --- # Simple example to create a lambda function and publish a version diff --git a/docs/community.aws.lambda_event_module.rst b/docs/community.aws.lambda_event_module.rst index 15ae5096543..9d10ac318e9 100644 --- a/docs/community.aws.lambda_event_module.rst +++ b/docs/community.aws.lambda_event_module.rst @@ -416,7 +416,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Example that creates a lambda event notification for a DynamoDB stream - name: DynamoDB stream event mapping diff --git a/docs/community.aws.lambda_facts_module.rst b/docs/community.aws.lambda_facts_module.rst index e3176d53608..369bd9399be 100644 --- a/docs/community.aws.lambda_facts_module.rst +++ b/docs/community.aws.lambda_facts_module.rst @@ -295,7 +295,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml --- # Simple example of listing all info for a function diff --git a/docs/community.aws.lambda_info_module.rst b/docs/community.aws.lambda_info_module.rst index e7ae0f1acf7..ce265e7087d 100644 --- a/docs/community.aws.lambda_info_module.rst +++ b/docs/community.aws.lambda_info_module.rst @@ -289,7 +289,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml --- # Simple example of listing all info for a function diff --git a/docs/community.aws.lambda_module.rst b/docs/community.aws.lambda_module.rst index c3d07a7be52..7368c05fed4 100644 --- a/docs/community.aws.lambda_module.rst +++ b/docs/community.aws.lambda_module.rst @@ -529,7 +529,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Create Lambda functions - name: looped creation diff --git a/docs/community.aws.lambda_policy_module.rst b/docs/community.aws.lambda_policy_module.rst index 9f07149200a..6b9fdbf943b 100644 --- a/docs/community.aws.lambda_policy_module.rst +++ b/docs/community.aws.lambda_policy_module.rst @@ -400,7 +400,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Lambda S3 event notification community.aws.lambda_policy: diff --git a/docs/community.aws.lightsail_module.rst b/docs/community.aws.lightsail_module.rst index fdf328bba65..5ff6b603b43 100644 --- a/docs/community.aws.lightsail_module.rst +++ b/docs/community.aws.lightsail_module.rst @@ -391,7 +391,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a new Lightsail instance community.aws.lightsail: diff --git a/docs/community.aws.rds_instance_info_module.rst b/docs/community.aws.rds_instance_info_module.rst index 6071634a1f3..3e199320cb1 100644 --- a/docs/community.aws.rds_instance_info_module.rst +++ b/docs/community.aws.rds_instance_info_module.rst @@ -267,7 +267,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Get information about an instance community.aws.rds_instance_info: diff --git a/docs/community.aws.rds_instance_module.rst b/docs/community.aws.rds_instance_module.rst index 48984b9de6f..aa2210fcf77 100644 --- a/docs/community.aws.rds_instance_module.rst +++ b/docs/community.aws.rds_instance_module.rst @@ -1437,7 +1437,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. - name: create minimal aurora instance in default VPC and default subnet group diff --git a/docs/community.aws.rds_module.rst b/docs/community.aws.rds_module.rst index 46ed148e695..c3391656668 100644 --- a/docs/community.aws.rds_module.rst +++ b/docs/community.aws.rds_module.rst @@ -844,7 +844,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Basic mysql provisioning example community.aws.rds: diff --git a/docs/community.aws.rds_param_group_module.rst b/docs/community.aws.rds_param_group_module.rst index 89f14e0d3e0..9905c5a88d8 100644 --- a/docs/community.aws.rds_param_group_module.rst +++ b/docs/community.aws.rds_param_group_module.rst @@ -373,7 +373,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Add or change a parameter group, in this case setting auto_increment_increment to 42 * 1024 community.aws.rds_param_group: diff --git a/docs/community.aws.rds_snapshot_info_module.rst b/docs/community.aws.rds_snapshot_info_module.rst index 87b76fccabf..8835ebf4347 100644 --- a/docs/community.aws.rds_snapshot_info_module.rst +++ b/docs/community.aws.rds_snapshot_info_module.rst @@ -323,7 +323,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Get information about an snapshot community.aws.rds_snapshot_info: diff --git a/docs/community.aws.rds_snapshot_module.rst b/docs/community.aws.rds_snapshot_module.rst index 903e7bd5f39..95ec276a159 100644 --- a/docs/community.aws.rds_snapshot_module.rst +++ b/docs/community.aws.rds_snapshot_module.rst @@ -355,7 +355,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create snapshot community.aws.rds_snapshot: diff --git a/docs/community.aws.rds_subnet_group_module.rst b/docs/community.aws.rds_subnet_group_module.rst index 6b681740a27..3b624ccdb09 100644 --- a/docs/community.aws.rds_subnet_group_module.rst +++ b/docs/community.aws.rds_subnet_group_module.rst @@ -302,7 +302,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Add or change a subnet group community.aws.rds_subnet_group: diff --git a/docs/community.aws.redshift_cross_region_snapshots_module.rst b/docs/community.aws.redshift_cross_region_snapshots_module.rst index 2a3c96ac85e..f1ad74a43b6 100644 --- a/docs/community.aws.redshift_cross_region_snapshots_module.rst +++ b/docs/community.aws.redshift_cross_region_snapshots_module.rst @@ -324,7 +324,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: configure cross-region snapshot on cluster `johniscool` community.aws.redshift_cross_region_snapshots: diff --git a/docs/community.aws.redshift_info_module.rst b/docs/community.aws.redshift_info_module.rst index 8de44f0b838..4d8230f0ea6 100644 --- a/docs/community.aws.redshift_info_module.rst +++ b/docs/community.aws.redshift_info_module.rst @@ -267,7 +267,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do net set authentication details, see the AWS guide for details. diff --git a/docs/community.aws.redshift_module.rst b/docs/community.aws.redshift_module.rst index f1397c0a027..27742aa8b82 100644 --- a/docs/community.aws.redshift_module.rst +++ b/docs/community.aws.redshift_module.rst @@ -556,6 +556,26 @@ Parameters
                                                If the cluster is accessible publicly or not.
                                                + + + + + + + + + + + + + + + + @@ -298,7 +299,8 @@ Parameters @@ -363,7 +365,7 @@ Parameters Default:
                                                500
                                                @@ -404,7 +406,7 @@ Parameters @@ -486,7 +488,7 @@ Parameters @@ -588,7 +590,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Add new.foo.com as an A record with 3 IPs and wait until the changes have been replicated community.aws.route53: diff --git a/docs/community.aws.route53_zone_module.rst b/docs/community.aws.route53_zone_module.rst index b2d46d9e36b..0af97d45d8f 100644 --- a/docs/community.aws.route53_zone_module.rst +++ b/docs/community.aws.route53_zone_module.rst @@ -347,7 +347,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create a public zone community.aws.route53_zone: diff --git a/docs/community.aws.s3_bucket_notification_module.rst b/docs/community.aws.s3_bucket_notification_module.rst index c7729792c5f..a801b0ded68 100644 --- a/docs/community.aws.s3_bucket_notification_module.rst +++ b/docs/community.aws.s3_bucket_notification_module.rst @@ -394,7 +394,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml --- # Example that creates a lambda event notification for a bucket diff --git a/docs/community.aws.s3_lifecycle_module.rst b/docs/community.aws.s3_lifecycle_module.rst index 4cad7c314af..9790bd8f547 100644 --- a/docs/community.aws.s3_lifecycle_module.rst +++ b/docs/community.aws.s3_lifecycle_module.rst @@ -221,6 +221,8 @@ Parameters
                                              • glacier ←
                                              • onezone_ia
                                              • standard_ia
                                                • +
                                              • intelligent_tiering
                                                • +
                                              • deep_archive
                                                • @@ -523,7 +527,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.s3_logging_module.rst b/docs/community.aws.s3_logging_module.rst index 545303e4c74..cba4b51503d 100644 --- a/docs/community.aws.s3_logging_module.rst +++ b/docs/community.aws.s3_logging_module.rst @@ -299,7 +299,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.s3_metrics_configuration_module.rst b/docs/community.aws.s3_metrics_configuration_module.rst new file mode 100644 index 00000000000..570d88bd6f3 --- /dev/null +++ b/docs/community.aws.s3_metrics_configuration_module.rst @@ -0,0 +1,372 @@ +.. _community.aws.s3_metrics_configuration_module: + + +************************************** +community.aws.s3_metrics_configuration +************************************** + +**Manage s3 bucket metrics configuration in AWS** + + +Version added: 1.3.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage s3 bucket metrics configuration in AWS which allows to get the CloudWatch request metrics for the objects in a bucket + + + +Requirements +------------ +The below requirements are needed on the host that executes this module. + +- python >= 2.6 +- boto + + +Parameters +---------- + +.. raw:: html + +
                                                Parameter Choices/Defaults Comments
                                                AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                +
                                                If profile is set this parameter is ignored.
                                                +
                                                Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                aliases: ec2_access_key, access_key
                                                AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                +
                                                If profile is set this parameter is ignored.
                                                +
                                                Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                aliases: ec2_secret_key, secret_key
                                                Uses a boto profile. Only works with boto >= 2.24.0.
                                                +
                                                Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                +
                                                aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                aliases: aws_profile
                                                AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                +
                                                If profile is set this parameter is ignored.
                                                +
                                                Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                aliases: aws_security_token, access_token
                                                  Choices: @@ -382,7 +391,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.route53_info_module.rst b/docs/community.aws.route53_info_module.rst index b4260fdc583..e6b62e7617a 100644 --- a/docs/community.aws.route53_info_module.rst +++ b/docs/community.aws.route53_info_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -310,6 +314,8 @@ Parameters @@ -320,7 +326,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -383,6 +391,8 @@ Parameters @@ -455,7 +465,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.route53_module.rst b/docs/community.aws.route53_module.rst index be7e3ce8272..1618d2a5c94 100644 --- a/docs/community.aws.route53_module.rst +++ b/docs/community.aws.route53_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                    Choices: @@ -359,7 +366,8 @@ Parameters
                                                    list - / elements=string
                                                    + / elements=string +
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                  - + @@ -106,6 +106,8 @@ Parameters @@ -156,6 +158,8 @@ Parameters @@ -310,6 +314,8 @@ Parameters @@ -320,7 +326,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -372,6 +379,8 @@ Parameters @@ -382,7 +391,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -567,7 +579,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.route53_zone_module.rst b/docs/community.aws.route53_zone_module.rst index 54f7006e036..b2d46d9e36b 100644 --- a/docs/community.aws.route53_zone_module.rst +++ b/docs/community.aws.route53_zone_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                    Choices: @@ -421,7 +431,8 @@ Parameters
                                                    string - / required
                                                    + / required +
                                                    Choices: @@ -468,7 +479,8 @@ Parameters
                                                    list - / elements=string
                                                    + / elements=string +
                                                  - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -203,6 +207,8 @@ Parameters @@ -235,6 +241,8 @@ Parameters @@ -313,7 +321,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -329,7 +338,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.s3_bucket_notification_module.rst b/docs/community.aws.s3_bucket_notification_module.rst index f0a0a08249a..c7729792c5f 100644 --- a/docs/community.aws.s3_bucket_notification_module.rst +++ b/docs/community.aws.s3_bucket_notification_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                  - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -114,7 +118,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -164,7 +169,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -179,7 +185,8 @@ Parameters
                                                  list - / elements=string
                                                  + / elements=string + @@ -309,6 +318,8 @@ Parameters @@ -374,7 +385,7 @@ Notes .. note:: - This module heavily depends on :ref:`community.aws.lambda_policy ` as you need to allow ``lambda:InvokeFunction`` permission for your lambda function. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.s3_lifecycle_module.rst b/docs/community.aws.s3_lifecycle_module.rst index c55f74ca544..4cad7c314af 100644 --- a/docs/community.aws.s3_lifecycle_module.rst +++ b/docs/community.aws.s3_lifecycle_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                    Choices: @@ -277,6 +284,8 @@ Parameters
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                  - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -179,7 +183,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -244,7 +249,8 @@ Parameters
                                                  list - / elements=dictionary
                                                  + / elements=dictionary + @@ -282,6 +288,8 @@ Parameters @@ -367,6 +375,8 @@ Parameters @@ -466,7 +476,8 @@ Parameters
                                                  list - / elements=dictionary
                                                  + / elements=dictionary + @@ -503,7 +514,7 @@ Notes .. note:: - If specifying expiration time as days then transition time must also be specified in days - If specifying expiration time as a date then transition time must also be specified as a date - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.s3_logging_module.rst b/docs/community.aws.s3_logging_module.rst index 3ffc8732686..545303e4c74 100644 --- a/docs/community.aws.s3_logging_module.rst +++ b/docs/community.aws.s3_logging_module.rst @@ -35,7 +35,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                  - + @@ -53,6 +53,8 @@ Parameters @@ -103,6 +105,8 @@ Parameters @@ -148,7 +152,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -169,6 +174,8 @@ Parameters @@ -201,6 +208,8 @@ Parameters @@ -281,7 +290,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.s3_sync_module.rst b/docs/community.aws.s3_sync_module.rst index ac4e710242f..735d89ebb3a 100644 --- a/docs/community.aws.s3_sync_module.rst +++ b/docs/community.aws.s3_sync_module.rst @@ -38,7 +38,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                  - + @@ -56,6 +56,8 @@ Parameters @@ -106,6 +108,8 @@ Parameters @@ -116,7 +120,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -242,7 +247,8 @@ Parameters
                                                  path - / required
                                                  + / required + @@ -355,6 +361,8 @@ Parameters @@ -402,6 +410,8 @@ Parameters @@ -432,7 +442,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.s3_website_module.rst b/docs/community.aws.s3_website_module.rst index 1f4924b9df1..b4d34254e0c 100644 --- a/docs/community.aws.s3_website_module.rst +++ b/docs/community.aws.s3_website_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                  - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -164,7 +168,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -185,6 +190,8 @@ Parameters @@ -232,6 +239,8 @@ Parameters @@ -242,7 +251,8 @@ Parameters
                                                  string - / required
                                                  + / required + @@ -259,12 +259,13 @@ Parameters @@ -278,13 +279,14 @@ Parameters @@ -320,6 +322,27 @@ Parameters
                                                  If not specified, the default registry is assumed.
                                                  + + + + + @@ -320,7 +320,7 @@ Parameters
                                                  list - / elements=string + / elements=dictionary
                                                  @@ -413,7 +413,7 @@ Parameters @@ -598,7 +598,8 @@ Parameters @@ -648,7 +649,7 @@ Parameters @@ -664,7 +665,7 @@ Parameters @@ -680,7 +681,7 @@ Parameters @@ -760,7 +761,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ecs_tag_module.rst b/docs/community.aws.ecs_tag_module.rst index 268a9b8b018..bbd6c2f793f 100644 --- a/docs/community.aws.ecs_tag_module.rst +++ b/docs/community.aws.ecs_tag_module.rst @@ -346,7 +346,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Ensure tags are present on a resource community.aws.ecs_tag: diff --git a/docs/community.aws.ecs_task_module.rst b/docs/community.aws.ecs_task_module.rst index 77ffea44c44..ce9bbb96799 100644 --- a/docs/community.aws.ecs_task_module.rst +++ b/docs/community.aws.ecs_task_module.rst @@ -447,7 +447,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Simple example of run task - name: Run task diff --git a/docs/community.aws.ecs_taskdefinition_info_module.rst b/docs/community.aws.ecs_taskdefinition_info_module.rst index d444d4579df..01f268e4ac5 100644 --- a/docs/community.aws.ecs_taskdefinition_info_module.rst +++ b/docs/community.aws.ecs_taskdefinition_info_module.rst @@ -254,7 +254,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ecs_taskdefinition_module.rst b/docs/community.aws.ecs_taskdefinition_module.rst index 9dec6ee0f82..2df741f9e84 100644 --- a/docs/community.aws.ecs_taskdefinition_module.rst +++ b/docs/community.aws.ecs_taskdefinition_module.rst @@ -135,7 +135,7 @@ Parameters
                                                  list - / elements=string + / elements=dictionary
                                                  @@ -276,7 +276,7 @@ Parameters @@ -476,7 +476,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create task definition community.aws.ecs_taskdefinition: diff --git a/docs/community.aws.efs_info_module.rst b/docs/community.aws.efs_info_module.rst index c7c354e76ab..ab8ebd81da8 100644 --- a/docs/community.aws.efs_info_module.rst +++ b/docs/community.aws.efs_info_module.rst @@ -298,7 +298,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Find all existing efs community.aws.efs_info: diff --git a/docs/community.aws.efs_module.rst b/docs/community.aws.efs_module.rst index 52bdeef7989..06279ae5a2b 100644 --- a/docs/community.aws.efs_module.rst +++ b/docs/community.aws.efs_module.rst @@ -508,7 +508,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: EFS provisioning community.aws.efs: diff --git a/docs/community.aws.elasticache_info_module.rst b/docs/community.aws.elasticache_info_module.rst index 34c698e53f5..34254514c00 100644 --- a/docs/community.aws.elasticache_info_module.rst +++ b/docs/community.aws.elasticache_info_module.rst @@ -249,7 +249,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: obtain all ElastiCache information community.aws.elasticache_info: diff --git a/docs/community.aws.elasticache_module.rst b/docs/community.aws.elasticache_module.rst index 88963c4a5b1..533176eec1f 100644 --- a/docs/community.aws.elasticache_module.rst +++ b/docs/community.aws.elasticache_module.rst @@ -171,7 +171,7 @@ Parameters @@ -186,8 +186,8 @@ Parameters @@ -253,12 +253,13 @@ Parameters @@ -357,7 +358,7 @@ Parameters @@ -470,7 +471,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.elasticache_parameter_group_module.rst b/docs/community.aws.elasticache_parameter_group_module.rst index f458bbda6b8..d7554eb5d56 100644 --- a/docs/community.aws.elasticache_parameter_group_module.rst +++ b/docs/community.aws.elasticache_parameter_group_module.rst @@ -327,7 +327,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.elasticache_snapshot_module.rst b/docs/community.aws.elasticache_snapshot_module.rst index 3ac68c664bd..73ccdec22d3 100644 --- a/docs/community.aws.elasticache_snapshot_module.rst +++ b/docs/community.aws.elasticache_snapshot_module.rst @@ -333,7 +333,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.elasticache_subnet_group_module.rst b/docs/community.aws.elasticache_subnet_group_module.rst index f566eb8d07f..cedd9859da5 100644 --- a/docs/community.aws.elasticache_subnet_group_module.rst +++ b/docs/community.aws.elasticache_subnet_group_module.rst @@ -300,7 +300,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Add or change a subnet group community.aws.elasticache_subnet_group: diff --git a/docs/community.aws.elb_application_lb_info_module.rst b/docs/community.aws.elb_application_lb_info_module.rst index fb0e67cc590..ef71064e90b 100644 --- a/docs/community.aws.elb_application_lb_info_module.rst +++ b/docs/community.aws.elb_application_lb_info_module.rst @@ -267,7 +267,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.elb_application_lb_module.rst b/docs/community.aws.elb_application_lb_module.rst index 7ea443c49a2..cae74399a5d 100644 --- a/docs/community.aws.elb_application_lb_module.rst +++ b/docs/community.aws.elb_application_lb_module.rst @@ -5,7 +5,7 @@ community.aws.elb_application_lb ******************************** -**Manage an Application load balancer** +**Manage an Application Load Balancer** Version added: 1.0.0 @@ -196,12 +196,13 @@ Parameters @@ -231,12 +232,13 @@ Parameters @@ -530,7 +532,8 @@ Parameters @@ -549,7 +552,7 @@ Parameters @@ -568,7 +571,8 @@ Parameters @@ -765,7 +769,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.elb_classic_lb_info_module.rst b/docs/community.aws.elb_classic_lb_info_module.rst index 8a2658fb30c..a6a90f89ee5 100644 --- a/docs/community.aws.elb_classic_lb_info_module.rst +++ b/docs/community.aws.elb_classic_lb_info_module.rst @@ -252,7 +252,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. # Output format tries to match amazon.aws.ec2_elb_lb module input parameters diff --git a/docs/community.aws.elb_classic_lb_module.rst b/docs/community.aws.elb_classic_lb_module.rst index 177e119e7e6..85612a0453c 100644 --- a/docs/community.aws.elb_classic_lb_module.rst +++ b/docs/community.aws.elb_classic_lb_module.rst @@ -53,7 +53,7 @@ Parameters @@ -138,7 +138,7 @@ Parameters @@ -152,12 +152,13 @@ Parameters @@ -207,7 +208,7 @@ Parameters @@ -222,7 +223,7 @@ Parameters @@ -238,7 +239,7 @@ Parameters @@ -254,7 +255,7 @@ Parameters @@ -270,7 +271,7 @@ Parameters @@ -307,7 +308,7 @@ Parameters @@ -326,7 +327,7 @@ Parameters @@ -345,7 +346,7 @@ Parameters @@ -364,7 +365,7 @@ Parameters @@ -399,7 +400,9 @@ Parameters @@ -415,7 +418,7 @@ Parameters @@ -431,7 +434,7 @@ Parameters @@ -469,7 +472,7 @@ Parameters @@ -484,7 +487,7 @@ Parameters @@ -534,7 +537,7 @@ Parameters @@ -569,7 +572,7 @@ Parameters Default:
                                                  60
                                                  @@ -585,7 +588,7 @@ Parameters
                                                  Parameter Choices/Defaults Comments
                                                  AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_access_key, access_key
                                                  AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: ec2_secret_key, secret_key
                                                  Uses a boto profile. Only works with boto >= 2.24.0.
                                                  +
                                                  Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                  +
                                                  aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                  aliases: aws_profile
                                                  AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                  +
                                                  If profile is set this parameter is ignored.
                                                  +
                                                  Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                  aliases: aws_security_token, access_token
                                                    Choices: @@ -297,7 +307,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.sns_module.rst b/docs/community.aws.sns_module.rst index 3ba142330a7..1e61ff15984 100644 --- a/docs/community.aws.sns_module.rst +++ b/docs/community.aws.sns_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html - + @@ -70,6 +70,8 @@ Parameters @@ -120,6 +122,8 @@ Parameters @@ -277,7 +281,8 @@ Parameters
                                                    string - / required
                                                    + / required + @@ -299,6 +304,8 @@ Parameters @@ -331,6 +338,8 @@ Parameters @@ -386,7 +395,8 @@ Parameters
                                                    string - / required
                                                    + / required + @@ -421,7 +431,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.sns_topic_module.rst b/docs/community.aws.sns_topic_module.rst index 4e946e0ad93..100aac00b38 100644 --- a/docs/community.aws.sns_topic_module.rst +++ b/docs/community.aws.sns_topic_module.rst @@ -36,7 +36,7 @@ Parameters .. raw:: html
                                                    Parameter Choices/Defaults Comments
                                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_access_key, access_key
                                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_secret_key, secret_key
                                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                                    +
                                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                    +
                                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                    aliases: aws_profile
                                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: aws_security_token, access_token
                                                    - + @@ -54,6 +54,8 @@ Parameters @@ -104,6 +106,8 @@ Parameters @@ -179,7 +183,8 @@ Parameters
                                                    string - / required
                                                    + / required + @@ -215,6 +220,8 @@ Parameters @@ -266,6 +273,8 @@ Parameters @@ -295,7 +304,8 @@ Parameters
                                                    list - / elements=dictionary
                                                    + / elements=dictionary + @@ -328,7 +339,8 @@ Parameters
                                                    - - / required
                                                    + / required + @@ -364,7 +376,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.sqs_queue_module.rst b/docs/community.aws.sqs_queue_module.rst index 31047c4515d..106e2c24083 100644 --- a/docs/community.aws.sqs_queue_module.rst +++ b/docs/community.aws.sqs_queue_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                                    Parameter Choices/Defaults Comments
                                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_access_key, access_key
                                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_secret_key, secret_key
                                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                                    +
                                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                    +
                                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                    aliases: aws_profile
                                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: aws_security_token, access_token
                                                    Default:
                                                    []
                                                    @@ -312,7 +322,8 @@ Parameters
                                                    - - / required
                                                    + / required +
                                                    - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -246,7 +250,8 @@ Parameters
                                                    string - / required
                                                    + / required + @@ -282,6 +287,8 @@ Parameters @@ -384,6 +391,8 @@ Parameters @@ -465,7 +474,7 @@ Notes ----- .. note:: - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.sts_assume_role_module.rst b/docs/community.aws.sts_assume_role_module.rst index ba469d142fa..0de6e76c81b 100644 --- a/docs/community.aws.sts_assume_role_module.rst +++ b/docs/community.aws.sts_assume_role_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                                    Parameter Choices/Defaults Comments
                                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_access_key, access_key
                                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_secret_key, secret_key
                                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                                    +
                                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                    +
                                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                    aliases: aws_profile
                                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: aws_security_token, access_token
                                                    - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -233,6 +237,8 @@ Parameters @@ -259,7 +265,8 @@ Parameters
                                                    string - / required
                                                    + / required + @@ -274,7 +281,8 @@ Parameters
                                                    string - / required
                                                    + / required + @@ -295,6 +303,8 @@ Parameters @@ -326,7 +336,7 @@ Notes .. note:: - In order to use the assumed role in a following playbook task you must pass the access_key, access_secret and access_token. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/docs/community.aws.sts_session_token_module.rst b/docs/community.aws.sts_session_token_module.rst index c95a54565b9..432dda4191a 100644 --- a/docs/community.aws.sts_session_token_module.rst +++ b/docs/community.aws.sts_session_token_module.rst @@ -37,7 +37,7 @@ Parameters .. raw:: html
                                                    Parameter Choices/Defaults Comments
                                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_access_key, access_key
                                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_secret_key, secret_key
                                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                                    +
                                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                    +
                                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                    aliases: aws_profile
                                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: aws_security_token, access_token
                                                    - + @@ -55,6 +55,8 @@ Parameters @@ -105,6 +107,8 @@ Parameters @@ -201,6 +205,8 @@ Parameters @@ -233,6 +239,8 @@ Parameters @@ -264,7 +272,7 @@ Notes .. note:: - In order to use the session token in a following playbook task you must pass the *access_key*, *access_secret* and *access_token*. - - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_CA_BUNDLE`` + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file diff --git a/galaxy.yml b/galaxy.yml index cf4fe742d7a..3a2958e0814 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: community name: aws -version: 1.1.0 +version: 1.2.0 readme: README.md authors: - Ansible (https://github.com/ansible) @@ -8,7 +8,7 @@ description: null license_file: COPYING tags: [community, aws, cloud, amazon] dependencies: - amazon.aws: '>=1.1.0' + amazon.aws: '>=1.2.0' repository: https://github.com/ansible-collections/community.aws documentation: https://github.com/ansible-collections/community.aws/tree/main/docs homepage: https://github.com/ansible-collections/community.aws diff --git a/tests/requirements.yml b/tests/requirements.yml index 5b38580e603..359b5600688 100644 --- a/tests/requirements.yml +++ b/tests/requirements.yml @@ -1,7 +1,7 @@ integration_tests_dependencies: -- amazon.aws >= 1.1.0 +- amazon.aws >= 1.2.0 - ansible.windows - community.crypto - community.general unit_tests_dependencies: -- amazon.aws >= 1.1.0 +- amazon.aws >= 1.2.0 From a147040a2d092e128823890ceac8f68e01eb8087 Mon Sep 17 00:00:00 2001 From: Flavio Elawi Date: Wed, 2 Sep 2020 17:25:13 +0200 Subject: [PATCH 077/129] aws_ssm connection plugin: add STS token parameters. (#218) * aws_ssm connection plugin: add STS token parameters. Fixes #24 Add the following parameters to aws_ssm.py connection plugin: * ansible_aws_ssm_access_key_id * ansible_aws_ssm_secret_access_key * ansible_aws_ssm_session_token --- ...-add-sts-token-to-aws-ssm-conn-plugin.yaml | 2 + plugins/connection/aws_ssm.py | 40 +++++++++++++++++-- 2 files changed, 38 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml diff --git a/changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml b/changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml new file mode 100644 index 00000000000..fb03b59eef8 --- /dev/null +++ b/changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml @@ -0,0 +1,2 @@ +minor_changes: + - aws_ssm connection plugin - add STS token options to aws_ssm connection plugin. diff --git a/plugins/connection/aws_ssm.py b/plugins/connection/aws_ssm.py index 83545374c01..777184fbeff 100644 --- a/plugins/connection/aws_ssm.py +++ b/plugins/connection/aws_ssm.py @@ -20,6 +20,21 @@ - The control machine must have the aws session manager plugin installed. - The remote EC2 linux instance must have the curl installed. options: + access_key_id: + description: The STS access key to use when connecting via session-manager. + vars: + - name: ansible_aws_ssm_access_key_id + version_added: 1.3.0 + secret_access_key: + description: The STS secret key to use when connecting via session-manager. + vars: + - name: ansible_aws_ssm_secret_access_key + version_added: 1.3.0 + session_token: + description: The STS session token to use when connecting via session-manager. + vars: + - name: ansible_aws_ssm_session_token + version_added: 1.3.0 instance_id: description: The EC2 instance ID. vars: @@ -289,8 +304,7 @@ def start_session(self): profile_name = '' region_name = self.get_option('region') ssm_parameters = dict() - - client = boto3.client('ssm', region_name=region_name) + client = self._get_boto_client('ssm', region_name=region_name) self._client = client response = client.start_session(Target=self.instance_id, Parameters=ssm_parameters) self._session_id = response['SessionId'] @@ -483,9 +497,27 @@ def _flush_stderr(self, subprocess): def _get_url(self, client_method, bucket_name, out_path, http_method): ''' Generate URL for get_object / put_object ''' - client = boto3.client('s3') + client = self._get_boto_client('s3') return client.generate_presigned_url(client_method, Params={'Bucket': bucket_name, 'Key': out_path}, ExpiresIn=3600, HttpMethod=http_method) + def _get_boto_client(self, service, region_name=None): + ''' Gets a boto3 client based on the STS token ''' + + aws_access_key_id = self.get_option('access_key_id') + aws_secret_access_key = self.get_option('secret_access_key') + aws_session_token = self.get_option('session_token') + if aws_access_key_id is None or aws_secret_access_key is None or aws_session_token is None: + aws_access_key_id = os.environ.get("AWS_ACCESS_KEY_ID", None) + aws_secret_access_key = os.environ.get("AWS_SECRET_ACCESS_KEY", None) + aws_session_token = os.environ.get("AWS_SESSION_TOKEN", None) + client = boto3.client( + service, + aws_access_key_id=aws_access_key_id, + aws_secret_access_key=aws_secret_access_key, + aws_session_token=aws_session_token, + region_name=region_name) + return client + @_ssm_retry def _file_transport_command(self, in_path, out_path, ssm_action): ''' transfer a file from using an intermediate S3 bucket ''' @@ -504,7 +536,7 @@ def _file_transport_command(self, in_path, out_path, ssm_action): get_command = "curl '%s' -o '%s'" % ( self._get_url('get_object', self.get_option('bucket_name'), s3_path, 'GET'), out_path) - client = boto3.client('s3') + client = self._get_boto_client('s3') if ssm_action == 'get': (returncode, stdout, stderr) = self.exec_command(put_command, in_data=None, sudoable=False) with open(to_bytes(out_path, errors='surrogate_or_strict'), 'wb') as data: From c19d479c1b95e496279d25565b5a20d07d4ef1e0 Mon Sep 17 00:00:00 2001 From: Pascal Morin Date: Thu, 10 Sep 2020 10:46:36 +0200 Subject: [PATCH 078/129] #223 Port rds_subnet_group to boto3 (#224) * Port rds_subnet_group to boto3 * Linting fixes * Add more meaningful error messages, add changelog fragment * Remove test on mandatory args for state absent --- .../224-port-rds_subnet_group-boto3.yaml | 2 + plugins/modules/rds_subnet_group.py | 185 ++++++++++-------- .../targets/rds_subnet_group/tasks/params.yml | 58 ++---- 3 files changed, 121 insertions(+), 124 deletions(-) create mode 100644 changelogs/fragments/224-port-rds_subnet_group-boto3.yaml diff --git a/changelogs/fragments/224-port-rds_subnet_group-boto3.yaml b/changelogs/fragments/224-port-rds_subnet_group-boto3.yaml new file mode 100644 index 00000000000..b5d35eb75cc --- /dev/null +++ b/changelogs/fragments/224-port-rds_subnet_group-boto3.yaml @@ -0,0 +1,2 @@ +minor_changes: + - rds_subnet_group module - Add Boto3 support and remove Boto support. diff --git a/plugins/modules/rds_subnet_group.py b/plugins/modules/rds_subnet_group.py index daa35abd0ad..bb0cc685a8a 100644 --- a/plugins/modules/rds_subnet_group.py +++ b/plugins/modules/rds_subnet_group.py @@ -1,8 +1,11 @@ #!/usr/bin/python +# -*- coding: utf-8 -*- + # Copyright: Ansible Project # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function + __metaclass__ = type @@ -66,10 +69,18 @@ type: complex contains: name: + description: The name of the DB subnet group (maintained for backward compatibility) + returned: I(state=present) + type: str + db_subnet_group_name: description: The name of the DB subnet group returned: I(state=present) type: str description: + description: The description of the DB subnet group (maintained for backward compatibility) + returned: I(state=present) + type: str + db_subnet_group_description: description: The description of the DB subnet group returned: I(state=present) type: str @@ -81,32 +92,32 @@ description: Contains a list of Subnet IDs returned: I(state=present) type: list + subnets: + description: Contains a list of Subnet elements (@see https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/rds.html#RDS.Client.describe_db_subnet_groups) # noqa + returned: I(state=present) + type: list status: + description: The status of the DB subnet group (maintained for backward compatibility) + returned: I(state=present) + type: str + subnet_group_status: description: The status of the DB subnet group returned: I(state=present) type: str + db_subnet_group_arn: + description: The ARN of the DB subnet group + returned: I(state=present) + type: str ''' -try: - import boto.rds - from boto.exception import BotoServerError -except ImportError: - pass # Handled by HAS_BOTO +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code -from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info - -def get_subnet_group_info(subnet_group): - return dict( - name=subnet_group.name, - description=subnet_group.description, - vpc_id=subnet_group.vpc_id, - subnet_ids=subnet_group.subnet_ids, - status=subnet_group.status - ) +try: + import botocore +except ImportError: + pass # Handled by AnsibleAWSModule def create_result(changed, subnet_group=None): @@ -114,11 +125,34 @@ def create_result(changed, subnet_group=None): return dict( changed=changed ) - else: - return dict( - changed=changed, - subnet_group=get_subnet_group_info(subnet_group) - ) + result_subnet_group = dict(camel_dict_to_snake_dict(subnet_group)) + result_subnet_group['name'] = result_subnet_group.get( + 'db_subnet_group_name') + result_subnet_group['description'] = result_subnet_group.get( + 'db_subnet_group_description') + result_subnet_group['status'] = result_subnet_group.get( + 'subnet_group_status') + result_subnet_group['subnet_ids'] = create_subnet_list( + subnet_group.get('Subnets')) + return dict( + changed=changed, + subnet_group=result_subnet_group + ) + + +def create_subnet_list(subnets): + ''' + Construct a list of subnet ids from a list of subnets dicts returned by boto. + Parameters: + subnets (list): A list of subnets definitions. + @see https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/rds.html#RDS.Client.describe_db_subnet_groups + Returns: + (list): List of subnet ids (str) + ''' + subnets_ids = [] + for subnet in subnets: + subnets_ids.append(subnet.get('SubnetIdentifier')) + return subnets_ids def main(): @@ -128,70 +162,63 @@ def main(): description=dict(required=False), subnets=dict(required=False, type='list', elements='str'), ) - module = AnsibleAWSModule(argument_spec=argument_spec) - - if not HAS_BOTO: - module.fail_json(msg='boto required for this module') - + required_if = [('state', 'present', ['description', 'subnets'])] + module = AnsibleAWSModule( + argument_spec=argument_spec, required_if=required_if) state = module.params.get('state') group_name = module.params.get('name').lower() group_description = module.params.get('description') - group_subnets = module.params.get('subnets') or {} - - if state == 'present': - for required in ['description', 'subnets']: - if not module.params.get(required): - module.fail_json(msg=str("Parameter %s required for state='present'" % required)) - else: - for not_allowed in ['description', 'subnets']: - if module.params.get(not_allowed): - module.fail_json(msg=str("Parameter %s not allowed for state='absent'" % not_allowed)) - - # Retrieve any AWS settings from the environment. - region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module) - - if not region: - module.fail_json(msg=str("Either region or AWS_REGION or EC2_REGION environment variable or boto config aws_region or ec2_region must be set.")) + group_subnets = module.params.get('subnets') or [] try: - conn = connect_to_aws(boto.rds, region, **aws_connect_kwargs) - except BotoServerError as e: - module.fail_json(msg=e.error_message) + conn = module.client('rds') + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: + module.fail_json_aws(e, 'Failed to instantiate AWS connection') + # Default. + result = create_result(False) try: - exists = False - result = create_result(False) - + matching_groups = conn.describe_db_subnet_groups( + DBSubnetGroupName=group_name, MaxRecords=100).get('DBSubnetGroups') + except is_boto3_error_code('DBSubnetGroupNotFoundFault'): + # No existing subnet, create it if needed, else we can just exit. + if state == 'present': + try: + new_group = conn.create_db_subnet_group( + DBSubnetGroupName=group_name, DBSubnetGroupDescription=group_description, SubnetIds=group_subnets) + result = create_result(True, new_group.get('DBSubnetGroup')) + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: + module.fail_json_aws(e, 'Failed to create a new subnet group') + module.exit_json(**result) + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, 'Failed to get subnet groups description') + # We have one or more subnets at this point. + if state == 'absent': try: - matching_groups = conn.get_all_db_subnet_groups(group_name, max_records=100) - exists = len(matching_groups) > 0 - except BotoServerError as e: - if e.error_code != 'DBSubnetGroupNotFoundFault': - module.fail_json(msg=e.error_message) - - if state == 'absent': - if exists: - conn.delete_db_subnet_group(group_name) - result = create_result(True) - else: - if not exists: - new_group = conn.create_db_subnet_group(group_name, desc=group_description, subnet_ids=group_subnets) - result = create_result(True, new_group) - else: - # Sort the subnet groups before we compare them - matching_groups[0].subnet_ids.sort() - group_subnets.sort() - if (matching_groups[0].name != group_name or - matching_groups[0].description != group_description or - matching_groups[0].subnet_ids != group_subnets): - changed_group = conn.modify_db_subnet_group(group_name, description=group_description, subnet_ids=group_subnets) - result = create_result(True, changed_group) - else: - result = create_result(False, matching_groups[0]) - except BotoServerError as e: - module.fail_json(msg=e.error_message) - - module.exit_json(**result) + conn.delete_db_subnet_group(DBSubnetGroupName=group_name) + result = create_result(True) + module.exit_json(**result) + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: + module.fail_json_aws(e, 'Failed to delete a subnet group') + + # Sort the subnet groups before we compare them + existing_subnets = create_subnet_list(matching_groups[0].get('Subnets')) + existing_subnets.sort() + group_subnets.sort() + # See if anything changed. + if (matching_groups[0].get('DBSubnetGroupName') == group_name and + matching_groups[0].get('DBSubnetGroupDescription') == group_description and + existing_subnets == group_subnets): + result = create_result(False, matching_groups[0]) + module.exit_json(**result) + # Modify existing group. + try: + changed_group = conn.modify_db_subnet_group( + DBSubnetGroupName=group_name, DBSubnetGroupDescription=group_description, SubnetIds=group_subnets) + result = create_result(True, changed_group.get('DBSubnetGroup')) + module.exit_json(**result) + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: + module.fail_json_aws(e, 'Failed to update a subnet group') if __name__ == '__main__': diff --git a/tests/integration/targets/rds_subnet_group/tasks/params.yml b/tests/integration/targets/rds_subnet_group/tasks/params.yml index 74da381ff7a..e6b042f7a2f 100644 --- a/tests/integration/targets/rds_subnet_group/tasks/params.yml +++ b/tests/integration/targets/rds_subnet_group/tasks/params.yml @@ -1,62 +1,30 @@ --- # Try creating without a description -- name: 'Create a subnet group (no description)' +- name: "Create a subnet group (no description)" rds_subnet_group: state: present - name: '{{ resource_prefix }}' + name: "{{ resource_prefix }}" subnets: - - '{{ subnet_ids[0] }}' - - '{{ subnet_ids[1] }}' + - "{{ subnet_ids[0] }}" + - "{{ subnet_ids[1] }}" ignore_errors: yes register: create_missing_param - assert: that: - - create_missing_param is failed - - "'description' in create_missing_param.msg" - - "\"required for state='present'\" in create_missing_param.msg" + - create_missing_param is failed + - "'description' in create_missing_param.msg" + - "'state is present but all of the following are missing' in create_missing_param.msg" # Try creating without subnets -- name: 'Create a subnet group (no subnets)' +- name: "Create a subnet group (no subnets)" rds_subnet_group: state: present - name: '{{ resource_prefix }}' - description: '{{ group_description }}' + name: "{{ resource_prefix }}" + description: "{{ group_description }}" ignore_errors: yes register: create_missing_param - assert: that: - - create_missing_param is failed - - "'subnets' in create_missing_param.msg" - - "\"required for state='present'\" in create_missing_param.msg" - -# XXX This feels like a bad pattern -# Try deleting with subnets -- name: 'Delete a subnet group (with subnets)' - rds_subnet_group: - state: absent - name: '{{ resource_prefix }}' - subnets: - - '{{ subnet_ids[0] }}' - - '{{ subnet_ids[1] }}' - ignore_errors: yes - register: delete_extra_param -- assert: - that: - - delete_extra_param is failed - - "'subnets' in delete_extra_param.msg" - - "\"not allowed for state='absent'\" in delete_extra_param.msg" - -# XXX This feels like a bad pattern -# Try deleting with a description -- name: 'Create a subnet group (with description)' - rds_subnet_group: - state: absent - name: '{{ resource_prefix }}' - description: '{{ group_description }}' - ignore_errors: yes - register: delete_extra_param -- assert: - that: - - delete_extra_param is failed - - "'description' in delete_extra_param.msg" - - "\"not allowed for state='absent'\" in delete_extra_param.msg" + - create_missing_param is failed + - "'subnets' in create_missing_param.msg" + - "'state is present but all of the following are missing' in create_missing_param.msg" From cfa8c5c8747ddf46e90ad716299ff8ac8e204e02 Mon Sep 17 00:00:00 2001 From: Andreas Jonsson Date: Fri, 11 Sep 2020 07:32:25 -0700 Subject: [PATCH 079/129] cloudfront_distribution - added support for TLSv1.2_2019 as a minimum_protocol_versions (#226) Co-authored-by: Andreas Jonsson --- plugins/modules/cloudfront_distribution.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 36e8e6bd1b8..5df16dc69db 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -1579,7 +1579,8 @@ def __init__(self, module): 'TLSv1', 'TLSv1_2016', 'TLSv1.1_2016', - 'TLSv1.2_2018' + 'TLSv1.2_2018', + 'TLSv1.2_2019' ]) self.__valid_viewer_certificate_certificate_sources = set([ 'cloudfront', From c37f50a1f3ce3842a49e4b9ab685695adc72c88f Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 18 Sep 2020 23:08:45 +0200 Subject: [PATCH 080/129] ec2_scaling_policy - migrate to boto3 (#197) * ec2_scaling_policy - migrate to boto3 * Add changelog * docs linting * Add AWSRetry * Address review recommendations * Remove UI quirk work around --- .../197-ec2_scaling_policy-boto3.yml | 3 + plugins/modules/ec2_scaling_policy.py | 383 +++++++++++++----- .../targets/ec2_scaling_policy/aliases | 2 + .../ec2_scaling_policy/defaults/main.yml | 3 + .../targets/ec2_scaling_policy/meta/main.yml | 3 + .../targets/ec2_scaling_policy/tasks/main.yml | 215 ++++++++++ 6 files changed, 517 insertions(+), 92 deletions(-) create mode 100644 changelogs/fragments/197-ec2_scaling_policy-boto3.yml create mode 100644 tests/integration/targets/ec2_scaling_policy/aliases create mode 100644 tests/integration/targets/ec2_scaling_policy/defaults/main.yml create mode 100644 tests/integration/targets/ec2_scaling_policy/meta/main.yml create mode 100644 tests/integration/targets/ec2_scaling_policy/tasks/main.yml diff --git a/changelogs/fragments/197-ec2_scaling_policy-boto3.yml b/changelogs/fragments/197-ec2_scaling_policy-boto3.yml new file mode 100644 index 00000000000..f09e1d36f59 --- /dev/null +++ b/changelogs/fragments/197-ec2_scaling_policy-boto3.yml @@ -0,0 +1,3 @@ +minor_changes: +- ec2_scaling_policy - Migrate from boto to boto3 +- ec2_scaling_policy - Add support for step_adjustments diff --git a/plugins/modules/ec2_scaling_policy.py b/plugins/modules/ec2_scaling_policy.py index 0b3eca1c3a1..656519b43cb 100644 --- a/plugins/modules/ec2_scaling_policy.py +++ b/plugins/modules/ec2_scaling_policy.py @@ -6,178 +6,377 @@ __metaclass__ = type -DOCUMENTATION = ''' +DOCUMENTATION = r''' module: ec2_scaling_policy short_description: Create or delete AWS scaling policies for Autoscaling groups version_added: 1.0.0 description: - Can create or delete scaling policies for autoscaling groups. - Referenced autoscaling groups must already exist. -author: "Zacharie Eakin (@Zeekin)" +author: + - Zacharie Eakin (@zeekin) + - Will Thames (@willthames) options: state: + type: str description: - Register or deregister the policy. - default: present choices: ['present', 'absent'] - type: str + default: 'present' name: + type: str description: - Unique name for the scaling policy. required: true - type: str asg_name: + type: str description: - Name of the associated autoscaling group. - required: true - type: str + - Required if I(state) is C(present). adjustment_type: + type: str description: - The type of change in capacity of the autoscaling group. - choices: ['ChangeInCapacity','ExactCapacity','PercentChangeInCapacity'] - type: str + - Required if I(state) is C(present). + choices: + - ChangeInCapacity + - ExactCapacity + - PercentChangeInCapacity scaling_adjustment: + type: int description: - The amount by which the autoscaling group is adjusted by the policy. - type: int + - A negative number has the effect of scaling down the ASG. + - Units are numbers of instances for C(ExactCapacity) or C(ChangeInCapacity) or percent + of existing instances for C(PercentChangeInCapacity). + - Required when I(policy_type) is C(SimpleScaling). min_adjustment_step: + type: int description: - Minimum amount of adjustment when policy is triggered. - type: int + - Only used when I(adjustment_type) is C(PercentChangeInCapacity). cooldown: + type: int description: - The minimum period of time (in seconds) between which autoscaling actions can take place. + - Only used when I(policy_type) is C(SimpleScaling). + policy_type: + type: str + description: + - Auto scaling adjustment policy. + choices: + - StepScaling + - SimpleScaling + default: SimpleScaling + metric_aggregation: + type: str + description: + - The aggregation type for the CloudWatch metrics. + - Only used when I(policy_type) is not C(SimpleScaling). + choices: + - Minimum + - Maximum + - Average + default: Average + step_adjustments: + type: list + description: + - list of dicts containing I(lower_bound), I(upper_bound) and I(scaling_adjustment) + - Intervals must not overlap or have a gap between them. + - At most, one item can have an undefined I(lower_bound). + If any item has a negative lower_bound, then there must be a step adjustment with an undefined I(lower_bound). + - At most, one item can have an undefined I(upper_bound). + If any item has a positive upper_bound, then there must be a step adjustment with an undefined I(upper_bound). + - The bounds are the amount over the alarm threshold at which the adjustment will trigger. + This means that for an alarm threshold of 50, triggering at 75 requires a lower bound of 25. + See U(http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_StepAdjustment.html). + elements: dict + suboptions: + lower_bound: + type: int + description: + - The lower bound for the difference between the alarm threshold and + the CloudWatch metric. + upper_bound: + type: int + description: + - The upper bound for the difference between the alarm threshold and + the CloudWatch metric. + scaling_adjustment: + type: int + description: + - The amount by which to scale. + required: true + estimated_instance_warmup: type: int + description: + - The estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 ''' - EXAMPLES = ''' -- community.aws.ec2_scaling_policy: +- name: Simple Scale Down policy + community.aws.ec2_scaling_policy: state: present region: US-XXX name: "scaledown-policy" adjustment_type: "ChangeInCapacity" - asg_name: "slave-pool" + asg_name: "application-asg" scaling_adjustment: -1 min_adjustment_step: 1 cooldown: 300 + +# For an alarm with a breach threshold of 20, the +# following creates a stepped policy: +# From 20-40 (0-20 above threshold), increase by 50% of existing capacity +# From 41-infinity, increase by 100% of existing capacity +- community.aws.ec2_scaling_policy: + state: present + region: US-XXX + name: "step-scale-up-policy" + policy_type: StepScaling + metric_aggregation: Maximum + step_adjustments: + - upper_bound: 20 + scaling_adjustment: 50 + - lower_bound: 20 + scaling_adjustment: 100 + adjustment_type: "PercentChangeInCapacity" + asg_name: "application-asg" +''' + +RETURN = ''' +adjustment_type: + description: Scaling policy adjustment type + returned: always + type: str + sample: PercentChangeInCapacity +alarms: + description: Cloudwatch alarms related to the policy + returned: always + type: complex + contains: + alarm_name: + description: name of the Cloudwatch alarm + returned: always + type: str + sample: cpu-very-high + alarm_arn: + description: ARN of the Cloudwatch alarm + returned: always + type: str + sample: arn:aws:cloudwatch:us-east-2:1234567890:alarm:cpu-very-high +arn: + description: ARN of the scaling policy. Provided for backward compatibility, value is the same as I(policy_arn) + returned: always + type: str + sample: arn:aws:autoscaling:us-east-2:123456789012:scalingPolicy:59e37526-bd27-42cf-adca-5cd3d90bc3b9:autoScalingGroupName/app-asg:policyName/app-policy +as_name: + description: Auto Scaling Group name. Provided for backward compatibility, value is the same as I(auto_scaling_group_name) + returned: always + type: str + sample: app-asg +auto_scaling_group_name: + description: Name of Auto Scaling Group + returned: always + type: str + sample: app-asg +metric_aggregation_type: + description: Method used to aggregate metrics + returned: when I(policy_type) is C(StepScaling) + type: str + sample: Maximum +name: + description: Name of the scaling policy. Provided for backward compatibility, value is the same as I(policy_name) + returned: always + type: str + sample: app-policy +policy_arn: + description: ARN of scaling policy. + returned: always + type: str + sample: arn:aws:autoscaling:us-east-2:123456789012:scalingPolicy:59e37526-bd27-42cf-adca-5cd3d90bc3b9:autoScalingGroupName/app-asg:policyName/app-policy +policy_name: + description: Name of scaling policy + returned: always + type: str + sample: app-policy +policy_type: + description: Type of auto scaling policy + returned: always + type: str + sample: StepScaling +scaling_adjustment: + description: Adjustment to make when alarm is triggered + returned: When I(policy_type) is C(SimpleScaling) + type: int + sample: 1 +step_adjustments: + description: List of step adjustments + returned: always + type: complex + contains: + metric_interval_lower_bound: + description: Lower bound for metric interval + returned: if step has a lower bound + type: float + sample: 20.0 + metric_interval_upper_bound: + description: Upper bound for metric interval + returned: if step has an upper bound + type: float + sample: 40.0 + scaling_adjustment: + description: Adjustment to make if this step is reached + returned: always + type: int + sample: 50 ''' try: - import boto.ec2.autoscale - import boto.exception - from boto.ec2.autoscale import ScalingPolicy - from boto.exception import BotoServerError + import botocore except ImportError: - pass # Taken care of by ec2.HAS_BOTO + pass # caught by imported AnsibleAWSModule +from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AnsibleAWSError -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import HAS_BOTO -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import connect_to_aws -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import get_aws_connection_info +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry def create_scaling_policy(connection, module): - sp_name = module.params.get('name') - adjustment_type = module.params.get('adjustment_type') - asg_name = module.params.get('asg_name') - scaling_adjustment = module.params.get('scaling_adjustment') - min_adjustment_step = module.params.get('min_adjustment_step') - cooldown = module.params.get('cooldown') - - scalingPolicies = connection.get_all_policies(as_group=asg_name, policy_names=[sp_name]) - - if not scalingPolicies: - sp = ScalingPolicy( - name=sp_name, - adjustment_type=adjustment_type, - as_name=asg_name, - scaling_adjustment=scaling_adjustment, - min_adjustment_step=min_adjustment_step, - cooldown=cooldown) + changed = False + asg_name = module.params['asg_name'] + policy_type = module.params['policy_type'] + policy_name = module.params['name'] - try: - connection.create_scaling_policy(sp) - policy = connection.get_all_policies(as_group=asg_name, policy_names=[sp_name])[0] - module.exit_json(changed=True, name=policy.name, arn=policy.policy_arn, as_name=policy.as_name, scaling_adjustment=policy.scaling_adjustment, - cooldown=policy.cooldown, adjustment_type=policy.adjustment_type, min_adjustment_step=policy.min_adjustment_step) - except BotoServerError as e: - module.fail_json(msg=str(e)) - else: - policy = scalingPolicies[0] - changed = False + params = dict(PolicyName=policy_name, + PolicyType=policy_type, + AutoScalingGroupName=asg_name, + AdjustmentType=module.params['adjustment_type']) - # min_adjustment_step attribute is only relevant if the adjustment_type - # is set to percentage change in capacity, so it is a special case - if getattr(policy, 'adjustment_type') == 'PercentChangeInCapacity': - if getattr(policy, 'min_adjustment_step') != module.params.get('min_adjustment_step'): - changed = True + # min_adjustment_step attribute is only relevant if the adjustment_type + # is set to percentage change in capacity, so it is a special case + if module.params['adjustment_type'] == 'PercentChangeInCapacity': + if module.params['min_adjustment_step']: + params['MinAdjustmentMagnitude'] = module.params['min_adjustment_step'] + + if policy_type == 'SimpleScaling': + # can't use required_if because it doesn't allow multiple criteria - + # it's only required if policy is SimpleScaling and state is present + if not module.params['scaling_adjustment']: + module.fail_json(msg='scaling_adjustment is required when policy_type is SimpleScaling ' + 'and state is present') + params['ScalingAdjustment'] = module.params['scaling_adjustment'] + if module.params['cooldown']: + params['Cooldown'] = module.params['cooldown'] + + if policy_type == 'StepScaling': + if not module.params['step_adjustments']: + module.fail_json(msg='step_adjustments is required when policy_type is StepScaling ' + 'and state is present') + params['StepAdjustments'] = [] + for step_adjustment in module.params['step_adjustments']: + step_adjust_params = dict(ScalingAdjustment=step_adjustment['scaling_adjustment']) + if step_adjustment.get('lower_bound'): + step_adjust_params['MetricIntervalLowerBound'] = step_adjustment['lower_bound'] + if step_adjustment.get('upper_bound'): + step_adjust_params['MetricIntervalUpperBound'] = step_adjustment['upper_bound'] + params['StepAdjustments'].append(step_adjust_params) + if module.params['metric_aggregation']: + params['MetricAggregationType'] = module.params['metric_aggregation'] + if module.params['estimated_instance_warmup']: + params['EstimatedInstanceWarmup'] = module.params['estimated_instance_warmup'] - # set the min adjustment step in case the user decided to change their - # adjustment type to percentage - setattr(policy, 'min_adjustment_step', module.params.get('min_adjustment_step')) + try: + policies = connection.describe_policies(aws_retry=True, + AutoScalingGroupName=asg_name, + PolicyNames=[policy_name])['ScalingPolicies'] + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to obtain autoscaling policy %s" % policy_name) - # check the remaining attributes - for attr in ('adjustment_type', 'scaling_adjustment', 'cooldown'): - if getattr(policy, attr) != module.params.get(attr): + before = after = {} + if not policies: + changed = True + else: + policy = policies[0] + for key in params: + if params[key] != policy.get(key): changed = True - setattr(policy, attr, module.params.get(attr)) + before[key] = params[key] + after[key] = policy.get(key) + if changed: + try: + connection.put_scaling_policy(aws_retry=True, **params) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to create autoscaling policy") try: - if changed: - connection.create_scaling_policy(policy) - policy = connection.get_all_policies(as_group=asg_name, policy_names=[sp_name])[0] - module.exit_json(changed=changed, name=policy.name, arn=policy.policy_arn, as_name=policy.as_name, scaling_adjustment=policy.scaling_adjustment, - cooldown=policy.cooldown, adjustment_type=policy.adjustment_type, min_adjustment_step=policy.min_adjustment_step) - except BotoServerError as e: - module.fail_json(msg=str(e)) + policies = connection.describe_policies(aws_retry=True, + AutoScalingGroupName=asg_name, + PolicyNames=[policy_name])['ScalingPolicies'] + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(msg="Failed to obtain autoscaling policy %s" % policy_name) + + policy = camel_dict_to_snake_dict(policies[0]) + # Backward compatible return values + policy['arn'] = policy['policy_arn'] + policy['as_name'] = policy['auto_scaling_group_name'] + policy['name'] = policy['policy_name'] + + if before and after: + module.exit_json(changed=changed, diff=dict(before=before, after=after), **policy) + else: + module.exit_json(changed=changed, **policy) def delete_scaling_policy(connection, module): - sp_name = module.params.get('name') - asg_name = module.params.get('asg_name') + policy_name = module.params.get('name') - scalingPolicies = connection.get_all_policies(as_group=asg_name, policy_names=[sp_name]) + try: + policy = connection.describe_policies(aws_retry=True, PolicyNames=[policy_name]) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to obtain autoscaling policy %s" % policy_name) - if scalingPolicies: + if policy['ScalingPolicies']: try: - connection.delete_policy(sp_name, asg_name) + connection.delete_policy(aws_retry=True, + AutoScalingGroupName=policy['ScalingPolicies'][0]['AutoScalingGroupName'], + PolicyName=policy_name) module.exit_json(changed=True) - except BotoServerError as e: - module.exit_json(changed=False, msg=str(e)) - else: - module.exit_json(changed=False) + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: + module.fail_json_aws(e, msg="Failed to delete autoscaling policy") + + module.exit_json(changed=False) def main(): + step_adjustment_spec = dict( + lower_bound=dict(type='int'), + upper_bound=dict(type='int'), + scaling_adjustment=dict(type='int', required=True)) + argument_spec = dict( - name=dict(required=True, type='str'), - adjustment_type=dict(type='str', choices=['ChangeInCapacity', 'ExactCapacity', 'PercentChangeInCapacity']), - asg_name=dict(required=True, type='str'), + name=dict(required=True), + adjustment_type=dict(choices=['ChangeInCapacity', 'ExactCapacity', 'PercentChangeInCapacity']), + asg_name=dict(), scaling_adjustment=dict(type='int'), min_adjustment_step=dict(type='int'), cooldown=dict(type='int'), state=dict(default='present', choices=['present', 'absent']), + metric_aggregation=dict(default='Average', choices=['Minimum', 'Maximum', 'Average']), + policy_type=dict(default='SimpleScaling', choices=['SimpleScaling', 'StepScaling']), + step_adjustments=dict(type='list', options=step_adjustment_spec, elements='dict'), + estimated_instance_warmup=dict(type='int') ) - module = AnsibleAWSModule(argument_spec=argument_spec, check_boto3=False) - - if not HAS_BOTO: - module.fail_json(msg='boto required for this module') + module = AnsibleAWSModule(argument_spec=argument_spec, + required_if=[['state', 'present', ['asg_name', 'adjustment_type']]]) - region, ec2_url, aws_connect_params = get_aws_connection_info(module) + connection = module.client('autoscaling', retry_decorator=AWSRetry.jittered_backoff()) state = module.params.get('state') - - try: - connection = connect_to_aws(boto.ec2.autoscale, region, **aws_connect_params) - except (boto.exception.NoAuthHandlerFound, AnsibleAWSError) as e: - module.fail_json(msg=str(e)) - if state == 'present': create_scaling_policy(connection, module) elif state == 'absent': diff --git a/tests/integration/targets/ec2_scaling_policy/aliases b/tests/integration/targets/ec2_scaling_policy/aliases new file mode 100644 index 00000000000..157ce0c9d4c --- /dev/null +++ b/tests/integration/targets/ec2_scaling_policy/aliases @@ -0,0 +1,2 @@ +cloud/aws +shippable/aws/group3 diff --git a/tests/integration/targets/ec2_scaling_policy/defaults/main.yml b/tests/integration/targets/ec2_scaling_policy/defaults/main.yml new file mode 100644 index 00000000000..9a895bdf79a --- /dev/null +++ b/tests/integration/targets/ec2_scaling_policy/defaults/main.yml @@ -0,0 +1,3 @@ +scaling_policy_lc_name: "{{ resource_prefix }}_lc" +scaling_policy_asg_name: "{{ resource_prefix }}_asg" +ec2_ami_name: 'amzn2-ami-hvm-2.*-x86_64-gp2' diff --git a/tests/integration/targets/ec2_scaling_policy/meta/main.yml b/tests/integration/targets/ec2_scaling_policy/meta/main.yml new file mode 100644 index 00000000000..1f64f1169a9 --- /dev/null +++ b/tests/integration/targets/ec2_scaling_policy/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - prepare_tests + - setup_ec2 diff --git a/tests/integration/targets/ec2_scaling_policy/tasks/main.yml b/tests/integration/targets/ec2_scaling_policy/tasks/main.yml new file mode 100644 index 00000000000..ba6c216310b --- /dev/null +++ b/tests/integration/targets/ec2_scaling_policy/tasks/main.yml @@ -0,0 +1,215 @@ +--- +# __Test Outline__ +# +# __ec2_scaling_policy__ +# create simplescaling scaling policy +# update simplescaling scaling policy +# remove simplescaling scaling policy +# create stepscaling scaling policy +# update stepscaling scaling policy +# remove stepscaling scaling policy + +- module_defaults: + group/aws: + region: "{{ aws_region }}" + aws_access_key: "{{ aws_access_key }}" + aws_secret_key: "{{ aws_secret_key }}" + security_token: "{{ security_token | default(omit) }}" + collections: + - amazon.aws + block: + + - name: Find AMI to use + ec2_ami_info: + owners: 'amazon' + filters: + name: '{{ ec2_ami_name }}' + register: ec2_amis + + - name: Set fact with latest AMI + vars: + latest_ami: '{{ ec2_amis.images | sort(attribute="creation_date") | last }}' + set_fact: + scaling_policy_image_id: '{{ latest_ami.image_id }}' + + - name: create trivial launch_configuration + ec2_lc: + name: "{{ scaling_policy_lc_name }}" + state: present + instance_type: t3.nano + image_id: "{{ scaling_policy_image_id }}" + + - name: create trivial ASG + ec2_asg: + name: "{{ scaling_policy_asg_name }}" + state: present + launch_config_name: "{{ scaling_policy_lc_name }}" + min_size: 0 + max_size: 1 + desired_capacity: 0 + + - name: Create Simple Scaling policy using implicit defaults + ec2_scaling_policy: + name: "{{ resource_prefix }}_simplescaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: present + adjustment_type: ChangeInCapacity + scaling_adjustment: 1 + register: result + + - assert: + that: + - result.policy_name == "{{ resource_prefix }}_simplescaling_policy" + - result.changed + + - name: Update Simple Scaling policy using explicit defaults + ec2_scaling_policy: + name: "{{ resource_prefix }}_simplescaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: present + adjustment_type: ChangeInCapacity + scaling_adjustment: 1 + policy_type: SimpleScaling + register: result + + - assert: + that: + - result.policy_name == "{{ resource_prefix }}_simplescaling_policy" + - not result.changed + + - name: min_adjustment_step is ignored with ChangeInCapacity + ec2_scaling_policy: + name: "{{ resource_prefix }}_simplescaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: present + adjustment_type: ChangeInCapacity + scaling_adjustment: 1 + min_adjustment_step: 1 + policy_type: SimpleScaling + register: result + + - assert: + that: + - result.policy_name == "{{ resource_prefix }}_simplescaling_policy" + - not result.changed + - result.adjustment_type == "ChangeInCapacity" + + - name: Change Simple Scaling policy adjustment_type to PercentChangeInCapacity + ec2_scaling_policy: + name: "{{ resource_prefix }}_simplescaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: present + adjustment_type: PercentChangeInCapacity + scaling_adjustment: 1 + min_adjustment_step: 1 + policy_type: SimpleScaling + register: result + + - assert: + that: + - result.policy_name == "{{ resource_prefix }}_simplescaling_policy" + - result.changed + - result.adjustment_type == "PercentChangeInCapacity" + + - name: Remove Simple Scaling policy + ec2_scaling_policy: + name: "{{ resource_prefix }}_simplescaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: absent + register: result + + - assert: + that: + - result.changed + + - name: Create Step Scaling policy + ec2_scaling_policy: + name: "{{ resource_prefix }}_stepscaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: present + policy_type: StepScaling + metric_aggregation: Maximum + step_adjustments: + - upper_bound: 20 + scaling_adjustment: 50 + - lower_bound: 20 + scaling_adjustment: 100 + adjustment_type: "PercentChangeInCapacity" + register: result + + - assert: + that: + - result.policy_name == "{{ resource_prefix }}_stepscaling_policy" + - result.changed + + - name: Add another step + ec2_scaling_policy: + name: "{{ resource_prefix }}_stepscaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: present + policy_type: StepScaling + metric_aggregation: Maximum + step_adjustments: + - upper_bound: 20 + scaling_adjustment: 50 + - lower_bound: 20 + upper_bound: 40 + scaling_adjustment: 75 + - lower_bound: 40 + scaling_adjustment: 100 + adjustment_type: "PercentChangeInCapacity" + register: result + + - assert: + that: + - result.policy_name == "{{ resource_prefix }}_stepscaling_policy" + - result.changed + - result.adjustment_type == "PercentChangeInCapacity" + + - name: Remove Step Scaling policy + ec2_scaling_policy: + name: "{{ resource_prefix }}_stepscaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: absent + register: result + + - assert: + that: + - result.changed + + - name: Remove Step Scaling policy (idemopotency) + ec2_scaling_policy: + name: "{{ resource_prefix }}_stepscaling_policy" + asg_name: "{{ scaling_policy_asg_name }}" + state: absent + register: result + + - assert: + that: + - result is not changed + - result is successful + + always: + + # ============================================================ + - name: Remove the scaling policies + ec2_scaling_policy: + name: "{{ item }}" + state: absent + register: result + with_items: + - "{{ resource_prefix }}_simplescaling_policy" + - "{{ resource_prefix }}_stepscaling_policy" + ignore_errors: yes + + - name: remove the ASG + ec2_asg: + name: "{{ scaling_policy_asg_name }}" + state: absent + ignore_errors: yes + + - name: remove the Launch Configuration + ec2_lc: + name: "{{ scaling_policy_lc_name }}" + state: absent + ignore_errors: yes From f674ee8e17c1bfc0e1496106c40c2205c46d56fd Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Tue, 22 Sep 2020 15:20:07 -0700 Subject: [PATCH 081/129] Fix timeout and Windows AMI in aws_ssm (#235) Windows AMIs get replaced every few months, don't be specific with image name Task timeout feature in ansible-base (#69284) resulted in timeout key not being properly passed to plugins. This was fixed in (#71722). The intent for the timeout option in this plugin is to not use Ansible's default timeout however, but to defer to the inventory var: https://github.com/ansible/ansible/pull/49652/commits/44f1427507d588d2748c7db34e590234de661564 Rename this internal value from `timeout` to `plugin_timeout`. --- .../fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml | 2 ++ plugins/connection/aws_ssm.py | 4 ++-- .../aws_ssm_integration_test_setup/defaults/main.yml | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml diff --git a/changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml b/changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml new file mode 100644 index 00000000000..3395ecb9542 --- /dev/null +++ b/changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml @@ -0,0 +1,2 @@ +minor_changes: + - aws_ssm connection plugin - Change the (internal) variable name from timeout to plugin_timeout to avoid conflicts with ansible/ansible default timeout (#69284, #71722). Developers subclassing this plugin will need to update accordingly. diff --git a/plugins/connection/aws_ssm.py b/plugins/connection/aws_ssm.py index 777184fbeff..7f7d69269a9 100644 --- a/plugins/connection/aws_ssm.py +++ b/plugins/connection/aws_ssm.py @@ -59,7 +59,7 @@ type: integer vars: - name: ansible_aws_ssm_retries - timeout: + ssm_timeout: description: Connection timeout seconds. default: 60 type: integer @@ -373,7 +373,7 @@ def exec_command(self, cmd, in_data=None, sudoable=True): stdout = '' win_line = '' begin = False - stop_time = int(round(time.time())) + self.get_option('timeout') + stop_time = int(round(time.time())) + self.get_option('ssm_timeout') while session.poll() is None: remaining = stop_time - int(round(time.time())) if remaining < 1: diff --git a/tests/integration/targets/connection_aws_ssm/aws_ssm_integration_test_setup/defaults/main.yml b/tests/integration/targets/connection_aws_ssm/aws_ssm_integration_test_setup/defaults/main.yml index d6e025594fa..f158bf3f4b5 100644 --- a/tests/integration/targets/connection_aws_ssm/aws_ssm_integration_test_setup/defaults/main.yml +++ b/tests/integration/targets/connection_aws_ssm/aws_ssm_integration_test_setup/defaults/main.yml @@ -1,4 +1,5 @@ --- instance_type: t2.micro linux_ami_name: amzn-ami-hvm-2018.03.0.20190611-x86_64-ebs -windows_ami_name: Windows_Server-2019-English-Full-Base-2019.11.13 +# Windows AMIs get replaced every few months, don't be too specific +windows_ami_name: Windows_Server-2019-English-Full-Base-* From cd938b2c0ef3d1bc98ac68b217187f45278af2b1 Mon Sep 17 00:00:00 2001 From: Tom Benninger Date: Fri, 25 Sep 2020 08:50:48 -0400 Subject: [PATCH 082/129] Type conversion issue for creating read replicas (#229) * Type conversion issue for creating read replicas * Added changelog snippet * Updated tests --- ...conversion-for-creating-read-replicas.yaml | 2 ++ plugins/modules/rds_instance.py | 6 ++++-- .../rds_instance/tasks/test_read_replica.yml | 20 +++++++++++++++++++ 3 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml diff --git a/changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml b/changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml new file mode 100644 index 00000000000..569dc4133dd --- /dev/null +++ b/changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml @@ -0,0 +1,2 @@ +bugfixes: + - rds_instance - fixed tag type conversion issue for creating read replicas. diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index e93322cc61b..ea2e8ba11b1 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -842,8 +842,10 @@ def get_parameters(client, module, parameters, method_name): if parameters.get('ProcessorFeatures') == [] and not method_name == 'modify_db_instance': parameters.pop('ProcessorFeatures') - if method_name == 'create_db_instance' and parameters.get('Tags'): - parameters['Tags'] = ansible_dict_to_boto3_tag_list(parameters['Tags']) + if method_name == 'create_db_instance' or method_name == 'create_db_instance_read_replica': + if parameters.get('Tags'): + parameters['Tags'] = ansible_dict_to_boto3_tag_list(parameters['Tags']) + if method_name == 'modify_db_instance': parameters = get_options_with_changing_values(client, module, parameters) diff --git a/tests/integration/targets/rds_instance/tasks/test_read_replica.yml b/tests/integration/targets/rds_instance/tasks/test_read_replica.yml index 157fd10597e..3ed091b3dc8 100644 --- a/tests/integration/targets/rds_instance/tasks/test_read_replica.yml +++ b/tests/integration/targets/rds_instance/tasks/test_read_replica.yml @@ -39,6 +39,9 @@ db_instance_class: "{{ db_instance_class }}" allocated_storage: "{{ allocated_storage }}" region: "{{ region_src }}" + tags: + Name: "{{ instance_id }}" + Created_by: Ansible rds_instance tests <<: *aws_connection_info register: source_db @@ -59,9 +62,20 @@ db_instance_class: "{{ db_instance_class }}" allocated_storage: "{{ allocated_storage }}" region: "{{ region_dest }}" + tags: + Name: "{{ instance_id }}" + Created_by: Ansible rds_instance tests <<: *aws_connection_info register: result + - assert: + that: + - result.changed + - "result.db_instance_identifier == '{{ instance_id }}-replica'" + - "result.tags | length == 2" + - "result.tags.Name == '{{ instance_id }}'" + - "result.tags.Created_by == 'Ansible rds_instance tests'" + - name: Test idempotence with a read replica rds_instance: id: "{{ instance_id }}-replica" @@ -73,6 +87,9 @@ db_instance_class: "{{ db_instance_class }}" allocated_storage: "{{ allocated_storage }}" region: "{{ region_dest }}" + tags: + Name: "{{ instance_id }}" + Created_by: Ansible rds_instance tests <<: *aws_connection_info register: result @@ -92,6 +109,9 @@ db_instance_class: "{{ db_instance_class }}" allocated_storage: "{{ allocated_storage }}" region: "{{ region_dest }}" + tags: + Name: "{{ instance_id }}" + Created_by: Ansible rds_instance tests <<: *aws_connection_info register: result From 921bd53103c2b543e95c9e6b863702db3ff54d0c Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Fri, 2 Oct 2020 11:37:37 -0700 Subject: [PATCH 083/129] aws_ssm: Namespace S3 buckets and delete transferred files (#237) Files transferred to instances via the SSM connection plugin should use folders within the bucket that are namespaced per-host, to prevent collisions. Files should also be deleted from buckets when they are no longer required. Fixes: #221 Fixes: #222 Based on work by abeluck changelog --- changelogs/fragments/221_222_ssm_bucket_operations.yaml | 2 ++ plugins/connection/aws_ssm.py | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/221_222_ssm_bucket_operations.yaml diff --git a/changelogs/fragments/221_222_ssm_bucket_operations.yaml b/changelogs/fragments/221_222_ssm_bucket_operations.yaml new file mode 100644 index 00000000000..247d5e3697e --- /dev/null +++ b/changelogs/fragments/221_222_ssm_bucket_operations.yaml @@ -0,0 +1,2 @@ +bugfixes: + - aws_ssm connection plugin - namespace file uploads to S3 into unique folders per host, to prevent name collisions. Also deletes files from S3 to ensure temp files are not left behind. (https://github.com/ansible-collections/community.aws/issues/221, https://github.com/ansible-collections/community.aws/issues/222) diff --git a/plugins/connection/aws_ssm.py b/plugins/connection/aws_ssm.py index 7f7d69269a9..94289eeef9f 100644 --- a/plugins/connection/aws_ssm.py +++ b/plugins/connection/aws_ssm.py @@ -522,7 +522,8 @@ def _get_boto_client(self, service, region_name=None): def _file_transport_command(self, in_path, out_path, ssm_action): ''' transfer a file from using an intermediate S3 bucket ''' - s3_path = out_path.replace('\\', '/') + path_unescaped = "{0}/{1}".format(self.instance_id, out_path) + s3_path = path_unescaped.replace('\\', '/') bucket_url = 's3://%s/%s' % (self.get_option('bucket_name'), s3_path) if self.is_windows: @@ -546,6 +547,9 @@ def _file_transport_command(self, in_path, out_path, ssm_action): client.upload_fileobj(data, self.get_option('bucket_name'), s3_path) (returncode, stdout, stderr) = self.exec_command(get_command, in_data=None, sudoable=False) + # Remove the files from the bucket after they've been transferred + client.delete_object(Bucket=self.get_option('bucket_name'), Key=s3_path) + # Check the return code if returncode == 0: return (returncode, stdout, stderr) From 052c9177fe1d158d34915f7d7b93f81ffe95544f Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Mon, 5 Oct 2020 18:32:35 -0700 Subject: [PATCH 084/129] Add test requirement for botocore 1.13.3, to support ECR scanning (#253) --- tests/integration/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/integration/requirements.txt b/tests/integration/requirements.txt index 4f1c4feb0c9..459ea5ebe81 100644 --- a/tests/integration/requirements.txt +++ b/tests/integration/requirements.txt @@ -1,3 +1,4 @@ # netaddr is needed for ansible.netcommon.ipv6 netaddr virtualenv +botocore >= 1.13.3 ; python_version >= '2.7' # adds support for ECR image scanning From 05dc527a0c78eb30a305443eec1ee6c86a296c66 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 8 Oct 2020 20:47:10 +0200 Subject: [PATCH 085/129] Initial tests for kinesis_stream (#42) * Initial tests for kinesis_stream * Add exceptions for broken check_mode behaviour (idemmpotency) * kinesis_stream requires shards to be defined, update the docs to match * Add tests for tagging and retention period * Yet more tests (and bugs) * Disable Kinesis KMS tests - not supported in CI right now * Apply minor changes from review Co-authored-by: Jill R <4121322+jillr@users.noreply.github.com> Co-authored-by: Jill R <4121322+jillr@users.noreply.github.com> --- plugins/modules/kinesis_stream.py | 2 + .../targets/kinesis_stream/aliases | 2 + .../targets/kinesis_stream/defaults/main.yml | 18 + .../targets/kinesis_stream/meta/main.yml | 3 + .../targets/kinesis_stream/tasks/main.yml | 713 ++++++++++++++++++ .../kinesis_stream/tasks/test_encryption.yml | 262 +++++++ 6 files changed, 1000 insertions(+) create mode 100644 tests/integration/targets/kinesis_stream/aliases create mode 100644 tests/integration/targets/kinesis_stream/defaults/main.yml create mode 100644 tests/integration/targets/kinesis_stream/meta/main.yml create mode 100644 tests/integration/targets/kinesis_stream/tasks/main.yml create mode 100644 tests/integration/targets/kinesis_stream/tasks/test_encryption.yml diff --git a/plugins/modules/kinesis_stream.py b/plugins/modules/kinesis_stream.py index 51ca85ddc94..4183444ebb3 100644 --- a/plugins/modules/kinesis_stream.py +++ b/plugins/modules/kinesis_stream.py @@ -128,6 +128,7 @@ community.aws.kinesis_stream: name: test-stream state: present + shards: 1 encryption_state: enabled encryption_type: KMS key_id: alias/aws/kinesis @@ -140,6 +141,7 @@ community.aws.kinesis_stream: name: test-stream state: present + shards: 1 encryption_state: disabled encryption_type: KMS key_id: alias/aws/kinesis diff --git a/tests/integration/targets/kinesis_stream/aliases b/tests/integration/targets/kinesis_stream/aliases new file mode 100644 index 00000000000..6e3860bee23 --- /dev/null +++ b/tests/integration/targets/kinesis_stream/aliases @@ -0,0 +1,2 @@ +cloud/aws +shippable/aws/group2 diff --git a/tests/integration/targets/kinesis_stream/defaults/main.yml b/tests/integration/targets/kinesis_stream/defaults/main.yml new file mode 100644 index 00000000000..bdaddb348e5 --- /dev/null +++ b/tests/integration/targets/kinesis_stream/defaults/main.yml @@ -0,0 +1,18 @@ +--- +kinesis_stream_name: '{{ resource_prefix }}' + +kms_cmk_alias_1: '{{ resource_prefix }}-1' +kms_cmk_alias_2: '{{ resource_prefix }}-2' + +# A variety of camelCase and PascalCase to test things don't get re-cased +# underneath us +kinesis_stream_tags_1: + tag: value + AnExample: AValue + somethingElse: Another Value + Bleep: bloop +# Adds 2 values, Deletes 2 and keeps a value +kinesis_stream_tags_2: + tag: value + foo: Bar + Baz: quuX diff --git a/tests/integration/targets/kinesis_stream/meta/main.yml b/tests/integration/targets/kinesis_stream/meta/main.yml new file mode 100644 index 00000000000..1f64f1169a9 --- /dev/null +++ b/tests/integration/targets/kinesis_stream/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - prepare_tests + - setup_ec2 diff --git a/tests/integration/targets/kinesis_stream/tasks/main.yml b/tests/integration/targets/kinesis_stream/tasks/main.yml new file mode 100644 index 00000000000..c55d16afa8a --- /dev/null +++ b/tests/integration/targets/kinesis_stream/tasks/main.yml @@ -0,0 +1,713 @@ +--- +# ============================================================ +# Known issues: +# +# - (CM) check_mode returns changed (always?) +# - (CM_snake) check_mode returns keys and values that don't directly +# map to those from non-check_mode +# - (Tag_snake) tag keys get snake_cased in return values +# - (Tag_changed) changing tags doesn't return changed +# - (Enc_snake) return values don't get snake_cased when updating encryption +# - (Enc_disable) disabling encryption Requires key and type be set +# - (Enc_idemp) Updating encryption settings isn't idempotent +# +# ============================================================ +- name: 'Setup AWS Module Defaults' + module_defaults: + group/aws: + aws_access_key: '{{ aws_access_key }}' + aws_secret_key: '{{ aws_secret_key }}' + security_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region }}' + kinesis_stream: + # Number of shards is mandatory when state=present + shards: 1 + + block: + # ============================================================ + # Set up some additional resources for later user + + - name: 'KMS test preperation - only run when explicitly enabled' + when: + - run_kms_tests | default(False) | bool + block: + # KMS Keys + # Note: Because we're not a producer / consumer we don't actually need + # access to the keys + - name: 'Create KMS key 1' + aws_kms: + alias: '{{ kms_cmk_alias_1 }}' + state: present + enabled: yes + register: create_kms_1 + - name: 'Create KMS key 2' + aws_kms: + alias: '{{ kms_cmk_alias_2 }}' + state: present + enabled: yes + register: create_kms_2 + - name: 'Assert that we sucessfully created our keys' + assert: + that: + - create_kms_1 is success + - create_kms_2 is success + - name: 'Store the Key IDs for later' + set_fact: + kms_cmk_id_1: '{{ create_kms_1.key_id }}' + kms_cmk_arn_1: '{{ create_kms_1.key_arn }}' + kms_cmk_id_2: '{{ create_kms_2.key_id }}' + kms_cmk_arn_2: '{{ create_kms_2.key_arn }}' + # All of the valid ways to describe the CMK + kms_cmk_1: + - '{{ create_kms_1.key_id }}' + - 'alias/{{ kms_cmk_alias_1 }}' + - '{{ create_kms_1.key_arn }}' + kms_cmk_2: + - '{{ create_kms_2.key_id }}' + - 'alias/{{ kms_cmk_alias_2 }}' + - '{{ create_kms_2.key_arn }}' + + # ============================================================ + # Basic creation + - name: 'Create a basic Kinesis stream (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + register: result + - name: 'Assert state is changed when first creating a stream (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Create a basic Kinesis stream' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + register: result + - name: 'Assert state is changed when first creating a stream' + assert: + that: + - result is success + - result is changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 24 + - result.stream_arn.startswith('arn:aws:kinesis:') + - result.stream_arn.endswith(':stream/' + kinesis_stream_name) + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + - result.tags == {} + + # We've run tests that the ARN matches the pattern we expect, we can just test + # it doesn't change. + - name: 'Save Stream ARN for later comparison' + set_fact: + kinesis_stream_arn: '{{ result.stream_arn }}' + + - name: 'Create a basic Kinesis stream - Idempotency (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + register: result + - name: 'Assert state is not changed when re-running the create (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Create a basic Kinesis stream - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + register: result + - name: 'Assert state is not changed when re-running the create' + assert: + that: + - result is success + - result is not changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 24 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + - result.tags == {} + + # ============================================================ + # Retention Period + # + - name: 'Increase the retention period (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 72 + register: result + - name: 'Assert state is changed when changing the retention period (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Increase the retention period' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 72 + register: result + - name: 'Assert state is changed when changing the retention period' + assert: + that: + - result is success + - result is changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 72 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + - result.tags == {} + + - name: 'Increase the retention period - Idempotency (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 72 + register: result + - name: 'Assert state is not changed when not changing the retention period (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Increase the retention period - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 72 + register: result + - name: 'Assert state is not changed when not changing the retention period' + assert: + that: + - result is success + - result is not changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 72 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + - result.tags == {} + + - name: 'Decrease the retention period (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 48 + register: result + - name: 'Assert state is changed when changing the retention period (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Decrease the retention period' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 48 + register: result + - name: 'Assert state is changed when changing the retention period' + assert: + that: + - result is success + - result is changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + - result.tags == {} + + - name: 'Decrease the retention period - Idempotency (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 48 + register: result + - name: 'Assert state is not changed when not changing the retention period (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Decrease the retention period - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + retention_period: 48 + register: result + - name: 'Assert state is not changed when not changing the retention period' + assert: + that: + - result is success + - result is not changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + + # ============================================================ + # Basic tagging + + - name: 'Set some tags (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_1 }}' + register: result + - name: 'Assert state is changed when adding tags (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Set some tags' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_1 }}' + register: result + - name: 'Assert state is changed when adding tags' + assert: + that: + - result is success + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + - name: 'Assert tags return as expected' + assert: + that: + - result is changed + - result.tags == kinesis_stream_tags_1 + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Set some tags - Idempotency (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_1 }}' + register: result + - name: 'Assert state is not changed when not changing the tags (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Set some tags - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_1 }}' + register: result + - name: 'Assert state is not changed when not changing the tags' + assert: + that: + - result is success + - result is not changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + # Merge this into the main assertion when the return values are no longer + # snake_cased + - name: 'Assert tags return as expected' + assert: + that: + - result.tags == kinesis_stream_tags_1 + # XXX BUG (Tag_snake) + ignore_errors: yes + + - name: 'Change some tags (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_2 }}' + register: result + - name: 'Assert state is changed when changing tags (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Change some tags' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_2 }}' + register: result + - name: 'Assert state is changed when changing tags' + assert: + that: + - result is success + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + # Merge this into the main assertion when the return values are no longer + # snake_cased + - name: 'Assert tags return as expected (tags2)' + assert: + that: + - result is changed + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_changed) (Tag_snake) + ignore_errors: yes + + - name: 'Change some tags - Idempotency (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_2 }}' + register: result + - name: 'Assert state is not changed when not changing the tags (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Change some tags - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + tags: '{{ kinesis_stream_tags_2 }}' + register: result + - name: 'Assert state is not changed when not changing the tags' + assert: + that: + - result is success + - result is not changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + # Merge this into the main assertion when the return values are no longer + # snake_cased + - name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + + # ============================================================ + # Number of shards + # + - name: 'Change the number of shards (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + shards: 2 + register: result + - name: 'Assert state is changed when changing the number of shards (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Change the number of shards' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + shards: 2 + register: result + - name: 'Assert state is changed when changing the number of shards' + assert: + that: + - result is success + - result is changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 2 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # Merge this into the main assertion when the tag keys are no longer + # snake_cased + - name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + + - name: 'Change the number of shards - Idempotency (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + shards: 2 + register: result + - name: 'Assert state is not changed when not changing the number of shards (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Change the number of shards - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + shards: 2 + register: result + - name: 'Assert state is not changed when not changing the number of shards' + assert: + that: + - result is success + - result is not changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 2 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # Merge this into the main assertion when the tag keys are no longer + # snake_cased + - name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + + # ============================================================ + # Shards has to be passed we can't test that it's not updated when we're not + # setting it. Let's reset it to the value we set in the module_defaults + + - name: 'Reset the number of shards' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + register: result + - name: 'Assert the change was successful' + assert: + that: + - result is success + - result is changed + - result.open_shards_count == 1 + + # DISABLED BY DEFAULT - KMS key creation/deletion not supported in CI at this time + - name: 'KMS tests - only run when explicitly enabled' + when: + - run_kms_tests | default(False) | bool + block: + # ============================================================ + # Encryption + - name: 'Test encryption' + vars: + key_type: '{{ item.type }}' + kinesis_key: '{{ item.key }}' + kinesis_key_id: '{{ kms_cmk_id_1 }}' + kinesis_key_alias: 'alias/{{ kms_cmk_alias_1 }}' + kinesis_key_arn: '{{ kms_cmk_arn_1 }}' + include_tasks: 'test_encryption.yml' + # Loop through and test the management and idempotency when using the + # various combinations of ID, alias and ARN of a CMK + loop: + - type: 'ID' + key: '{{ kms_cmk_id_1 }}' + - type: 'Alias' + key: 'alias/{{ kms_cmk_alias_1 }}' + - type: 'ARN' + key: '{{ kms_cmk_arn_1 }}' + + - name: 'Disable encryption - Idempotency (CHECK_MODE)' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'disabled' + - name: 'Assert state is not changed when encryption_state not changed (CHECK_MODE)' + ignore_errors: yes + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_idemp) + + - name: 'Disable encryption - Idempotency' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'disabled' + - name: 'Assert state is not changed when encryption_state not changed (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_idemp) + ignore_errors: yes + # Merge this into the main assertion when the main return keys are + # snake_cased + - name: 'Assert expected return values' + assert: + that: + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # XXX BUG (Enc_snake) + ignore_errors: yes + # Merge this into the main assertion when the tag keys are no longer + # snake_cased + - name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + + - name: 'Enable encryption' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kms_cmk_id_1 }}' + - name: 'Assert that state is changed when enabling encryption' + assert: + that: + - result is success + - result is changed + + - name: 'Test encryption changed state when updating key (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kms_cmk_id_2 }}' + - name: 'Assert state is changed when stream encryption key is changed (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Test encryption changed state when updating key' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kms_cmk_id_2 }}' + - name: 'Assert state is changed when stream encryption key is changed' + assert: + that: + - result is success + - result is changed + # Merge this into the main assertion when the main return keys are + # snake_cased + - name: 'Assert expected return values' + assert: + that: + - result.encryption_type == 'KMS' + - result.key_id in kms_cmk_2 + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # XXX BUG (Enc_snake) + ignore_errors: yes + # Merge this into the main assertion when the tag keys are no longer + # snake_cased + - name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + + # ============================================================ + + - name: 'Delete stream (CHECK_MODE)' + check_mode: yes + module_defaults: { kinesis_stream: {} } + kinesis_stream: + name: '{{ kinesis_stream_name }}' + state: absent + register: result + - name: 'Assert state is changed when deleting a stream (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + + - name: 'Delete stream' + module_defaults: { kinesis_stream: {} } + kinesis_stream: + name: '{{ kinesis_stream_name }}' + state: absent + register: result + - name: 'Assert state is changed when deleting a stream' + assert: + that: + - result is success + - result is changed + + - name: 'Delete stream - Idempotency (CHECK_MODE)' + check_mode: yes + module_defaults: { kinesis_stream: {} } + kinesis_stream: + name: '{{ kinesis_stream_name }}' + state: absent + register: result + - name: 'Assert state is not changed when deleting a stream that was previously deleted (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (CM) + ignore_errors: yes + + - name: 'Delete stream - Idempotency' + module_defaults: { kinesis_stream: {} } + kinesis_stream: + name: '{{ kinesis_stream_name }}' + state: absent + register: result + - name: 'Assert state is not changed when deleting a stream that was previously deleted' + assert: + that: + - result is success + - result is not changed + + always: + # ============================================================ + - name: 'Ensure Kinesis stream is gone' + ignore_errors: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + state: absent + + - name: 'KMS test preperation - only run when explicitly enabled' + when: + - run_kms_tests | default(False) | bool + block: + - name: 'Delete the KMS keys' + ignore_errors: yes + aws_kms: + state: absent + alias: '{{ item }}' + loop: + - '{{ kms_cmk_alias_1 }}' + - '{{ kms_cmk_alias_2 }}' diff --git a/tests/integration/targets/kinesis_stream/tasks/test_encryption.yml b/tests/integration/targets/kinesis_stream/tasks/test_encryption.yml new file mode 100644 index 00000000000..1ce2436930c --- /dev/null +++ b/tests/integration/targets/kinesis_stream/tasks/test_encryption.yml @@ -0,0 +1,262 @@ +--- +# Run through the different ways we can enable/change encryption +# Enable (check_mode) +# Enable +# Idempotency - compared to ID (idempotency) +# Idempotency - compared to ID +# Idempotency - compared to Alias (idempotency) +# Idempotency - compared to Alias +# Idempotency - compared to ARN (idempotency) +# Idempotency - compared to ARN +# Disable (check_mode) +# Disable +# +- name: 'Enable encryption using {{ key_type }} (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key }}' +- name: 'Assert state is changed when enabling encryption (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + +- name: 'Enable encryption using {{ key_type }}' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key }}' +- name: 'Assert that state is changed when enabling encryption' + assert: + that: + - result is success + - result is changed +# Merge this into the main assertion when the main return keys are +# snake_cased +- name: 'Assert expected return values' + assert: + that: + - result.encryption_type == 'KMS' + - result.key_id in kms_cmk_1 + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # XXX BUG (Enc_snake) + ignore_errors: yes +# Merge this into the main assertion when the tag keys are no longer +# snake_cased +- name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + +- name: 'Test encryption idempotency comparing {{ key_type }} and ID (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key_id }}' +- name: 'Assert state is changed when enabling encryption (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_Idemp) + ignore_errors: yes + +- name: 'Test encryption idempotency comparing {{ key_type }} and ID' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key_id }}' +- name: 'Assert that state is changed when enabling encryption' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_Idemp) + ignore_errors: yes +# Merge this into the main assertion when the main return keys are +# snake_cased +- name: 'Assert expected return values' + assert: + that: + - result.encryption_type == 'KMS' + - result.key_id in kms_cmk_1 + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # XXX BUG (Enc_snake) + ignore_errors: yes +# Merge this into the main assertion when the tag keys are no longer +# snake_cased +- name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + + +- name: 'Test encryption idempotency comparing {{ key_type }} and Alias (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key_alias }}' +- name: 'Assert state is changed when enabling encryption (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_Idemp) + ignore_errors: yes + +- name: 'Test encryption idempotency comparing {{ key_type }} and Alias' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key_alias }}' +- name: 'Assert that state is changed when enabling encryption' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_Idemp) + ignore_errors: yes +# Merge this into the main assertion when the main return keys are +# snake_cased +- name: 'Assert expected return values' + assert: + that: + - result.encryption_type == 'KMS' + - result.key_id in kms_cmk_1 + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # XXX BUG (Enc_snake) + ignore_errors: yes +# Merge this into the main assertion when the tag keys are no longer +# snake_cased +- name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + +- name: 'Test encryption idempotency comparing {{ key_type }} and ARN (CHECK_MODE)' + check_mode: yes + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key_arn }}' +- name: 'Assert state is changed when enabling encryption (CHECK_MODE)' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_Idemp) + ignore_errors: yes + +- name: 'Test encryption idempotency comparing {{ key_type }} and ARN' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'enabled' + encryption_type: 'KMS' + key_id: '{{ kinesis_key_arn }}' +- name: 'Assert that state is changed when enabling encryption' + assert: + that: + - result is success + - result is not changed + # XXX BUG (Enc_Idemp) + ignore_errors: yes +# Merge this into the main assertion when the main return keys are +# snake_cased +- name: 'Assert expected return values' + assert: + that: + - result.encryption_type == 'KMS' + - result.key_id in kms_cmk_1 + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 + # XXX BUG (Enc_snake) + ignore_errors: yes +# Merge this into the main assertion when the tag keys are no longer +# snake_cased +- name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes + +- name: 'Disable encryption (CHECK_MODE)' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'disabled' + # XXX BUG (Enc_Disable) + encryption_type: 'KMS' + # XXX Oddity of Kinesis - This needs to match the existing setting + key_id: '{{ kinesis_key_arn }}' +- name: 'Assert state is changed when disabling encryption (CHECK_MODE)' + # XXX BUG (CM) + ignore_errors: yes + assert: + that: + - result is success + - result is changed + +- name: 'Disable encryption' + kinesis_stream: + name: '{{ kinesis_stream_name }}' + encryption_state: 'disabled' + # XXX BUG (Enc_Disable) + encryption_type: 'KMS' + # XXX Oddity of Kinesis - This needs to match the existing setting + key_id: '{{ kinesis_key_arn }}' +- name: 'Assert state is not changed when disabling encryption (CHECK_MODE)' + assert: + that: + - result is success + - result is changed + - result.encryption_type == 'NONE' + - result.open_shards_count == 1 + - result.retention_period_hours == 48 + - result.stream_arn == kinesis_stream_arn + - result.stream_name == kinesis_stream_name + - result.stream_status == 'ACTIVE' + #- result.tags == kinesis_stream_tags_2 +# Merge this into the main assertion when the tag keys are no longer +# snake_cased +- name: 'Assert tags return as expected (tags2)' + assert: + that: + - result.tags == kinesis_stream_tags_2 + # XXX BUG (Tag_snake) + ignore_errors: yes From ed4100082910290ad2a23a8b76e85b34502b9094 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 8 Oct 2020 15:02:52 -0700 Subject: [PATCH 086/129] Prepare 1.2.1 release (#256) --- CHANGELOG.rst | 18 + changelogs/changelog.yaml | 24 + .../197-ec2_scaling_policy-boto3.yml | 3 - .../221_222_ssm_bucket_operations.yaml | 2 - .../224-port-rds_subnet_group-boto3.yaml | 2 - ...conversion-for-creating-read-replicas.yaml | 2 - ...-fix_ssm_inventory_plugin_timeout_var.yaml | 2 - ...-add-sts-token-to-aws-ssm-conn-plugin.yaml | 2 - docs/community.aws.aws_ssm_connection.rst | 59 ++- ...ommunity.aws.ec2_scaling_policy_module.rst | 500 +++++++++++++++++- .../community.aws.rds_subnet_group_module.rst | 84 ++- galaxy.yml | 4 +- tests/requirements.yml | 4 +- 13 files changed, 665 insertions(+), 41 deletions(-) delete mode 100644 changelogs/fragments/197-ec2_scaling_policy-boto3.yml delete mode 100644 changelogs/fragments/221_222_ssm_bucket_operations.yaml delete mode 100644 changelogs/fragments/224-port-rds_subnet_group-boto3.yaml delete mode 100644 changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml delete mode 100644 changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml delete mode 100644 changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index d16cf927037..7f88ea72945 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,24 @@ community.aws Release Notes .. contents:: Topics +v1.2.1 +====== + +Minor Changes +------------- + +- aws_ssm connection plugin - Change the (internal) variable name from timeout to plugin_timeout to avoid conflicts with ansible/ansible default timeout (#69284, +- aws_ssm connection plugin - add STS token options to aws_ssm connection plugin. +- ec2_scaling_policy - Add support for step_adjustments +- ec2_scaling_policy - Migrate from boto to boto3 +- rds_subnet_group module - Add Boto3 support and remove Boto support. + +Bugfixes +-------- + +- aws_ssm connection plugin - namespace file uploads to S3 into unique folders per host, to prevent name collisions. Also deletes files from S3 to ensure temp files are not left behind. (https://github.com/ansible-collections/community.aws/issues/221, https://github.com/ansible-collections/community.aws/issues/222) +- rds_instance - fixed tag type conversion issue for creating read replicas. + v1.2.0 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index b1e25c93aa4..d42c71fe91a 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -730,3 +730,27 @@ releases: - 22-ec2_instance-mod-sgs.yml - iam_no_log.yml release_date: '2020-08-28' + 1.2.1: + changes: + bugfixes: + - aws_ssm connection plugin - namespace file uploads to S3 into unique folders + per host, to prevent name collisions. Also deletes files from S3 to ensure + temp files are not left behind. (https://github.com/ansible-collections/community.aws/issues/221, + https://github.com/ansible-collections/community.aws/issues/222) + - rds_instance - fixed tag type conversion issue for creating read replicas. + minor_changes: + - aws_ssm connection plugin - Change the (internal) variable name from timeout + to plugin_timeout to avoid conflicts with ansible/ansible default timeout + (#69284, + - aws_ssm connection plugin - add STS token options to aws_ssm connection plugin. + - ec2_scaling_policy - Add support for step_adjustments + - ec2_scaling_policy - Migrate from boto to boto3 + - rds_subnet_group module - Add Boto3 support and remove Boto support. + fragments: + - 197-ec2_scaling_policy-boto3.yml + - 221_222_ssm_bucket_operations.yaml + - 224-port-rds_subnet_group-boto3.yaml + - 229-fix-type-conversion-for-creating-read-replicas.yaml + - 234-fix_ssm_inventory_plugin_timeout_var.yaml + - 25-add-sts-token-to-aws-ssm-conn-plugin.yaml + release_date: '2020-10-07' diff --git a/changelogs/fragments/197-ec2_scaling_policy-boto3.yml b/changelogs/fragments/197-ec2_scaling_policy-boto3.yml deleted file mode 100644 index f09e1d36f59..00000000000 --- a/changelogs/fragments/197-ec2_scaling_policy-boto3.yml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: -- ec2_scaling_policy - Migrate from boto to boto3 -- ec2_scaling_policy - Add support for step_adjustments diff --git a/changelogs/fragments/221_222_ssm_bucket_operations.yaml b/changelogs/fragments/221_222_ssm_bucket_operations.yaml deleted file mode 100644 index 247d5e3697e..00000000000 --- a/changelogs/fragments/221_222_ssm_bucket_operations.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - aws_ssm connection plugin - namespace file uploads to S3 into unique folders per host, to prevent name collisions. Also deletes files from S3 to ensure temp files are not left behind. (https://github.com/ansible-collections/community.aws/issues/221, https://github.com/ansible-collections/community.aws/issues/222) diff --git a/changelogs/fragments/224-port-rds_subnet_group-boto3.yaml b/changelogs/fragments/224-port-rds_subnet_group-boto3.yaml deleted file mode 100644 index b5d35eb75cc..00000000000 --- a/changelogs/fragments/224-port-rds_subnet_group-boto3.yaml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - rds_subnet_group module - Add Boto3 support and remove Boto support. diff --git a/changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml b/changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml deleted file mode 100644 index 569dc4133dd..00000000000 --- a/changelogs/fragments/229-fix-type-conversion-for-creating-read-replicas.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - rds_instance - fixed tag type conversion issue for creating read replicas. diff --git a/changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml b/changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml deleted file mode 100644 index 3395ecb9542..00000000000 --- a/changelogs/fragments/234-fix_ssm_inventory_plugin_timeout_var.yaml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - aws_ssm connection plugin - Change the (internal) variable name from timeout to plugin_timeout to avoid conflicts with ansible/ansible default timeout (#69284, #71722). Developers subclassing this plugin will need to update accordingly. diff --git a/changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml b/changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml deleted file mode 100644 index fb03b59eef8..00000000000 --- a/changelogs/fragments/25-add-sts-token-to-aws-ssm-conn-plugin.yaml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - aws_ssm connection plugin - add STS token options to aws_ssm connection plugin. diff --git a/docs/community.aws.aws_ssm_connection.rst b/docs/community.aws.aws_ssm_connection.rst index da3d5c515df..fc8c364abea 100644 --- a/docs/community.aws.aws_ssm_connection.rst +++ b/docs/community.aws.aws_ssm_connection.rst @@ -41,6 +41,25 @@ Parameters + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -286,7 +307,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_nacl_info_module.rst b/docs/community.aws.ec2_vpc_nacl_info_module.rst index 2c65f0821ae..2a433f70523 100644 --- a/docs/community.aws.ec2_vpc_nacl_info_module.rst +++ b/docs/community.aws.ec2_vpc_nacl_info_module.rst @@ -270,7 +270,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_nacl_module.rst b/docs/community.aws.ec2_vpc_nacl_module.rst index eea6e32831d..ebfc0f470b2 100644 --- a/docs/community.aws.ec2_vpc_nacl_module.rst +++ b/docs/community.aws.ec2_vpc_nacl_module.rst @@ -371,7 +371,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Complete example to create and delete a network ACL # that allows SSH, HTTP and ICMP in, and all traffic out. diff --git a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst index 15179783301..a0f96adcf3c 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_info_module.rst @@ -266,7 +266,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Simple example of listing all nat gateways - name: List all managed nat gateways in ap-southeast-2 diff --git a/docs/community.aws.ec2_vpc_nat_gateway_module.rst b/docs/community.aws.ec2_vpc_nat_gateway_module.rst index 7beb9612ce0..ec295043144 100644 --- a/docs/community.aws.ec2_vpc_nat_gateway_module.rst +++ b/docs/community.aws.ec2_vpc_nat_gateway_module.rst @@ -404,7 +404,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_peer_module.rst b/docs/community.aws.ec2_vpc_peer_module.rst index f518d226230..bd29531d21e 100644 --- a/docs/community.aws.ec2_vpc_peer_module.rst +++ b/docs/community.aws.ec2_vpc_peer_module.rst @@ -347,7 +347,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Complete example to create and accept a local peering connection. - name: Create local account VPC peering Connection diff --git a/docs/community.aws.ec2_vpc_peering_info_module.rst b/docs/community.aws.ec2_vpc_peering_info_module.rst index ffdb565fa5b..ba19ed0b2c9 100644 --- a/docs/community.aws.ec2_vpc_peering_info_module.rst +++ b/docs/community.aws.ec2_vpc_peering_info_module.rst @@ -266,7 +266,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Simple example of listing all VPC Peers - name: List all vpc peers diff --git a/docs/community.aws.ec2_vpc_route_table_info_module.rst b/docs/community.aws.ec2_vpc_route_table_info_module.rst index 56ae4dd03ea..99b8f0021f3 100644 --- a/docs/community.aws.ec2_vpc_route_table_info_module.rst +++ b/docs/community.aws.ec2_vpc_route_table_info_module.rst @@ -249,7 +249,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_route_table_module.rst b/docs/community.aws.ec2_vpc_route_table_module.rst index f1d179eeac6..b083c49731f 100644 --- a/docs/community.aws.ec2_vpc_route_table_module.rst +++ b/docs/community.aws.ec2_vpc_route_table_module.rst @@ -425,7 +425,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_vgw_info_module.rst b/docs/community.aws.ec2_vpc_vgw_info_module.rst index 1d0fef4366b..a61eb76c01b 100644 --- a/docs/community.aws.ec2_vpc_vgw_info_module.rst +++ b/docs/community.aws.ec2_vpc_vgw_info_module.rst @@ -266,7 +266,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_vgw_module.rst b/docs/community.aws.ec2_vpc_vgw_module.rst index 8e6fe8c5908..b6654ad119f 100644 --- a/docs/community.aws.ec2_vpc_vgw_module.rst +++ b/docs/community.aws.ec2_vpc_vgw_module.rst @@ -367,7 +367,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a new vgw attached to a specific VPC community.aws.ec2_vpc_vgw: diff --git a/docs/community.aws.ec2_vpc_vpn_info_module.rst b/docs/community.aws.ec2_vpc_vpn_info_module.rst index e8eda1b5c95..b182e0279ba 100644 --- a/docs/community.aws.ec2_vpc_vpn_info_module.rst +++ b/docs/community.aws.ec2_vpc_vpn_info_module.rst @@ -266,7 +266,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Gather information about all vpn connections diff --git a/docs/community.aws.ec2_vpc_vpn_module.rst b/docs/community.aws.ec2_vpc_vpn_module.rst index 72426420bc2..b6fca122c45 100644 --- a/docs/community.aws.ec2_vpc_vpn_module.rst +++ b/docs/community.aws.ec2_vpc_vpn_module.rst @@ -126,7 +126,7 @@ Parameters @@ -176,7 +176,7 @@ Parameters Default:
                                                    15
                                                    @@ -207,7 +207,7 @@ Parameters @@ -287,7 +287,7 @@ Parameters @@ -400,7 +400,7 @@ Parameters @@ -543,7 +543,7 @@ Parameters @@ -641,7 +641,7 @@ Parameters Default:
                                                    600
                                                    Parameter Choices/Defaults Comments
                                                    AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_access_key, access_key
                                                    AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: ec2_secret_key, secret_key
                                                    Uses a boto profile. Only works with boto >= 2.24.0.
                                                    +
                                                    Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                    +
                                                    aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.

                                                    aliases: aws_profile
                                                    AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                    +
                                                    If profile is set this parameter is ignored.
                                                    +
                                                    Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.

                                                    aliases: aws_security_token, access_token
                                                    Configuration Comments
                                                    +
                                                    + access_key_id + +
                                                    + - +
                                                    +
                                                    added in 1.3.0
                                                    +                                                     		+ +
                                                    var: ansible_aws_ssm_access_key_id
                                                    +                                                     		+
                                                    The STS access key to use when connecting via session-manager.
                                                    +
                                                    @@ -137,7 +156,45 @@ Parameters
                                                    - timeout + secret_access_key + +
                                                    + - +
                                                    +
                                                    added in 1.3.0
                                                    +                                                     		+ +
                                                    var: ansible_aws_ssm_secret_access_key
                                                    +                                                     		+
                                                    The STS secret key to use when connecting via session-manager.
                                                    +
                                                    +
                                                    + session_token + +
                                                    + - +
                                                    +
                                                    added in 1.3.0
                                                    +                                                     		+ +
                                                    var: ansible_aws_ssm_session_token
                                                    +                                                     		+
                                                    The STS session token to use when connecting via session-manager.
                                                    +
                                                    +
                                                    + ssm_timeout
                                                    integer diff --git a/docs/community.aws.ec2_scaling_policy_module.rst b/docs/community.aws.ec2_scaling_policy_module.rst index 70daec2511a..e501135c211 100644 --- a/docs/community.aws.ec2_scaling_policy_module.rst +++ b/docs/community.aws.ec2_scaling_policy_module.rst @@ -37,12 +37,12 @@ Parameters - + - - - - - - - - - - + + + + + + + + + + - - + + + + + - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -205,7 +205,8 @@ Parameters Default:
                                                    "Automatic deployment by Ansible."
                                                    @@ -241,9 +242,9 @@ Parameters @@ -327,10 +328,10 @@ Parameters @@ -395,7 +396,7 @@ Parameters @@ -425,7 +426,7 @@ Parameters @@ -460,7 +461,7 @@ Notes ----- .. note:: - - A future version of this module will probably use tags or another ID so that an API can be create only once. + - A future version of this module will probably use tags or another ID so that an API can be created only once. - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html @@ -471,7 +472,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Setup AWS API Gateway setup on AWS and deploy API definition community.aws.aws_api_gateway: diff --git a/docs/community.aws.aws_application_scaling_policy_module.rst b/docs/community.aws.aws_application_scaling_policy_module.rst index 8fc9b7307b2..8afeaa0e24a 100644 --- a/docs/community.aws.aws_application_scaling_policy_module.rst +++ b/docs/community.aws.aws_application_scaling_policy_module.rst @@ -17,7 +17,7 @@ Version added: 1.0.0 Synopsis -------- -- Creates, updates or removes a Scaling Policy +- Creates, updates or removes a Scaling Policy. @@ -189,12 +189,13 @@ Parameters @@ -367,7 +368,7 @@ Parameters @@ -382,7 +383,7 @@ Parameters @@ -397,7 +398,7 @@ Parameters @@ -499,7 +500,7 @@ Parameters @@ -540,7 +541,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_batch_compute_environment_module.rst b/docs/community.aws.aws_batch_compute_environment_module.rst index b280808e998..01271a753d9 100644 --- a/docs/community.aws.aws_batch_compute_environment_module.rst +++ b/docs/community.aws.aws_batch_compute_environment_module.rst @@ -538,7 +538,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: My Batch Compute Environment community.aws.aws_batch_compute_environment: diff --git a/docs/community.aws.aws_batch_job_definition_module.rst b/docs/community.aws.aws_batch_job_definition_module.rst index 4e151ca1de1..4b821215793 100644 --- a/docs/community.aws.aws_batch_job_definition_module.rst +++ b/docs/community.aws.aws_batch_job_definition_module.rst @@ -684,7 +684,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml --- - hosts: localhost diff --git a/docs/community.aws.aws_batch_job_queue_module.rst b/docs/community.aws.aws_batch_job_queue_module.rst index 700a240b99c..8fffc6d6d0d 100644 --- a/docs/community.aws.aws_batch_job_queue_module.rst +++ b/docs/community.aws.aws_batch_job_queue_module.rst @@ -356,7 +356,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: My Batch Job Queue community.aws.aws_batch_job_queue: diff --git a/docs/community.aws.aws_codebuild_module.rst b/docs/community.aws.aws_codebuild_module.rst index 113984f2af1..225a721095f 100644 --- a/docs/community.aws.aws_codebuild_module.rst +++ b/docs/community.aws.aws_codebuild_module.rst @@ -766,7 +766,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_codecommit_module.rst b/docs/community.aws.aws_codecommit_module.rst index c99a8d6d4fd..37f2d3bfe65 100644 --- a/docs/community.aws.aws_codecommit_module.rst +++ b/docs/community.aws.aws_codecommit_module.rst @@ -288,7 +288,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Create a new repository - community.aws.aws_codecommit: diff --git a/docs/community.aws.aws_codepipeline_module.rst b/docs/community.aws.aws_codepipeline_module.rst index 807b7d38626..7dc4353b821 100644 --- a/docs/community.aws.aws_codepipeline_module.rst +++ b/docs/community.aws.aws_codepipeline_module.rst @@ -404,7 +404,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_config_aggregation_authorization_module.rst b/docs/community.aws.aws_config_aggregation_authorization_module.rst index e864f003df8..6fccefcc774 100644 --- a/docs/community.aws.aws_config_aggregation_authorization_module.rst +++ b/docs/community.aws.aws_config_aggregation_authorization_module.rst @@ -286,7 +286,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Get current account ID community.aws.aws_caller_info: diff --git a/docs/community.aws.aws_config_aggregator_module.rst b/docs/community.aws.aws_config_aggregator_module.rst index 129f99b2ed7..174310c5eab 100644 --- a/docs/community.aws.aws_config_aggregator_module.rst +++ b/docs/community.aws.aws_config_aggregator_module.rst @@ -412,7 +412,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create cross-account aggregator community.aws.aws_config_aggregator: diff --git a/docs/community.aws.aws_config_delivery_channel_module.rst b/docs/community.aws.aws_config_delivery_channel_module.rst index 9b4ecccb2db..be94d2f101a 100644 --- a/docs/community.aws.aws_config_delivery_channel_module.rst +++ b/docs/community.aws.aws_config_delivery_channel_module.rst @@ -338,7 +338,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create Delivery Channel for AWS Config community.aws.aws_config_delivery_channel: diff --git a/docs/community.aws.aws_config_recorder_module.rst b/docs/community.aws.aws_config_recorder_module.rst index 88e2a320de5..74132eb51ad 100644 --- a/docs/community.aws.aws_config_recorder_module.rst +++ b/docs/community.aws.aws_config_recorder_module.rst @@ -357,7 +357,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create Configuration Recorder for AWS Config community.aws.aws_config_recorder: diff --git a/docs/community.aws.aws_config_rule_module.rst b/docs/community.aws.aws_config_rule_module.rst index 68a63f10445..d33a4f33334 100644 --- a/docs/community.aws.aws_config_rule_module.rst +++ b/docs/community.aws.aws_config_rule_module.rst @@ -471,7 +471,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create Config Rule for AWS Config community.aws.aws_config_rule: diff --git a/docs/community.aws.aws_direct_connect_confirm_connection_module.rst b/docs/community.aws.aws_direct_connect_confirm_connection_module.rst index 6b7cbd7617e..b105b278bbf 100644 --- a/docs/community.aws.aws_direct_connect_confirm_connection_module.rst +++ b/docs/community.aws.aws_direct_connect_confirm_connection_module.rst @@ -268,7 +268,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # confirm a Direct Connect by name - name: confirm the connection id diff --git a/docs/community.aws.aws_direct_connect_connection_module.rst b/docs/community.aws.aws_direct_connect_connection_module.rst index b5144c71813..10bf85bb695 100644 --- a/docs/community.aws.aws_direct_connect_connection_module.rst +++ b/docs/community.aws.aws_direct_connect_connection_module.rst @@ -195,12 +195,13 @@ Parameters @@ -359,7 +360,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # create a Direct Connect connection - community.aws.aws_direct_connect_connection: @@ -383,7 +384,7 @@ Examples name: ansible-test-connection location: EqDC2 bandwidth: 10Gbps - forced_update: True + forced_update: true # delete the connection - community.aws.aws_direct_connect_connection: diff --git a/docs/community.aws.aws_direct_connect_gateway_module.rst b/docs/community.aws.aws_direct_connect_gateway_module.rst index fb8c2dc052b..6e4a37bd3ae 100644 --- a/docs/community.aws.aws_direct_connect_gateway_module.rst +++ b/docs/community.aws.aws_direct_connect_gateway_module.rst @@ -335,7 +335,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a new direct connect gateway attached to virtual private gateway community.aws.aws_direct_connect_gateway: diff --git a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst index 3ccba0b5fc9..0aafe21240d 100644 --- a/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst +++ b/docs/community.aws.aws_direct_connect_link_aggregation_group_module.rst @@ -172,7 +172,7 @@ Parameters @@ -207,7 +207,7 @@ Parameters @@ -392,7 +392,7 @@ Parameters @@ -435,7 +435,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # create a Direct Connect connection - community.aws.aws_direct_connect_link_aggregation_group: diff --git a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst index 01cda9b0587..c959826cbce 100644 --- a/docs/community.aws.aws_direct_connect_virtual_interface_module.rst +++ b/docs/community.aws.aws_direct_connect_virtual_interface_module.rst @@ -461,7 +461,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml --- - name: create an association between a LAG and connection diff --git a/docs/community.aws.aws_eks_cluster_module.rst b/docs/community.aws.aws_eks_cluster_module.rst index 52a13fe9642..6a4e1be3b1c 100644 --- a/docs/community.aws.aws_eks_cluster_module.rst +++ b/docs/community.aws.aws_eks_cluster_module.rst @@ -367,7 +367,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_elasticbeanstalk_app_module.rst b/docs/community.aws.aws_elasticbeanstalk_app_module.rst index 1701e846825..5ce6e64dd8d 100644 --- a/docs/community.aws.aws_elasticbeanstalk_app_module.rst +++ b/docs/community.aws.aws_elasticbeanstalk_app_module.rst @@ -302,7 +302,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Create or update an application - community.aws.aws_elasticbeanstalk_app: diff --git a/docs/community.aws.aws_glue_connection_module.rst b/docs/community.aws.aws_glue_connection_module.rst index 3980d4fdf83..1222fc1a9c8 100644 --- a/docs/community.aws.aws_glue_connection_module.rst +++ b/docs/community.aws.aws_glue_connection_module.rst @@ -382,7 +382,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_glue_job_module.rst b/docs/community.aws.aws_glue_job_module.rst index 56dd091dbcc..fa81138ac0a 100644 --- a/docs/community.aws.aws_glue_job_module.rst +++ b/docs/community.aws.aws_glue_job_module.rst @@ -424,7 +424,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_inspector_target_module.rst b/docs/community.aws.aws_inspector_target_module.rst index bb8e5cfb35b..19d4cda8e15 100644 --- a/docs/community.aws.aws_inspector_target_module.rst +++ b/docs/community.aws.aws_inspector_target_module.rst @@ -286,7 +286,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create my_target Assessment Target community.aws.aws_inspector_target: diff --git a/docs/community.aws.aws_kms_info_module.rst b/docs/community.aws.aws_kms_info_module.rst index d40ded1373d..c8a33762150 100644 --- a/docs/community.aws.aws_kms_info_module.rst +++ b/docs/community.aws.aws_kms_info_module.rst @@ -268,7 +268,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_kms_module.rst b/docs/community.aws.aws_kms_module.rst index f5372c760ab..aee2ec1068d 100644 --- a/docs/community.aws.aws_kms_module.rst +++ b/docs/community.aws.aws_kms_module.rst @@ -609,7 +609,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Managing the KMS IAM Policy via policy_mode and policy_grant_types is fragile # and has been deprecated in favour of the policy option. diff --git a/docs/community.aws.aws_region_info_module.rst b/docs/community.aws.aws_region_info_module.rst index 344c84cc87f..dce1b7e7fe0 100644 --- a/docs/community.aws.aws_region_info_module.rst +++ b/docs/community.aws.aws_region_info_module.rst @@ -257,7 +257,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_s3_bucket_info_module.rst b/docs/community.aws.aws_s3_bucket_info_module.rst index b76abae9775..c06522686ec 100644 --- a/docs/community.aws.aws_s3_bucket_info_module.rst +++ b/docs/community.aws.aws_s3_bucket_info_module.rst @@ -235,7 +235,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_s3_cors_module.rst b/docs/community.aws.aws_s3_cors_module.rst index 7ba7f85729d..31f8b5bd7ad 100644 --- a/docs/community.aws.aws_s3_cors_module.rst +++ b/docs/community.aws.aws_s3_cors_module.rst @@ -285,7 +285,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_secret_module.rst b/docs/community.aws.aws_secret_module.rst index 8505e4f1691..9b72a3f31a4 100644 --- a/docs/community.aws.aws_secret_module.rst +++ b/docs/community.aws.aws_secret_module.rst @@ -399,7 +399,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Add string to AWS Secrets Manager community.aws.aws_secret: diff --git a/docs/community.aws.aws_ses_identity_module.rst b/docs/community.aws.aws_ses_identity_module.rst index 67a60de22aa..9cc37367205 100644 --- a/docs/community.aws.aws_ses_identity_module.rst +++ b/docs/community.aws.aws_ses_identity_module.rst @@ -459,7 +459,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_ses_identity_policy_module.rst b/docs/community.aws.aws_ses_identity_policy_module.rst index b3c9277026a..177b0f20617 100644 --- a/docs/community.aws.aws_ses_identity_policy_module.rst +++ b/docs/community.aws.aws_ses_identity_policy_module.rst @@ -303,7 +303,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_ses_rule_set_module.rst b/docs/community.aws.aws_ses_rule_set_module.rst index 7dc1b09cc2e..8734e4ccac3 100644 --- a/docs/community.aws.aws_ses_rule_set_module.rst +++ b/docs/community.aws.aws_ses_rule_set_module.rst @@ -311,7 +311,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.aws_sgw_info_module.rst b/docs/community.aws.aws_sgw_info_module.rst index 0e75bd134a2..00f665a0dab 100644 --- a/docs/community.aws.aws_sgw_info_module.rst +++ b/docs/community.aws.aws_sgw_info_module.rst @@ -311,7 +311,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.aws_ssm_connection.rst b/docs/community.aws.aws_ssm_connection.rst index fc8c364abea..63c2dfa2cbf 100644 --- a/docs/community.aws.aws_ssm_connection.rst +++ b/docs/community.aws.aws_ssm_connection.rst @@ -219,7 +219,7 @@ Parameters Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Stop Spooler Process on Windows Instances - name: Stop Spooler Service on Windows Instances diff --git a/docs/community.aws.aws_ssm_parameter_store_module.rst b/docs/community.aws.aws_ssm_parameter_store_module.rst index a0f653a9fe1..63994c7d5d5 100644 --- a/docs/community.aws.aws_ssm_parameter_store_module.rst +++ b/docs/community.aws.aws_ssm_parameter_store_module.rst @@ -377,7 +377,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create or update key/value pair in aws parameter store community.aws.aws_ssm_parameter_store: diff --git a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst index e8bd554f809..0e9159f0aca 100644 --- a/docs/community.aws.aws_step_functions_state_machine_execution_module.rst +++ b/docs/community.aws.aws_step_functions_state_machine_execution_module.rst @@ -345,7 +345,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Start an execution of a state machine community.aws.aws_step_functions_state_machine_execution: diff --git a/docs/community.aws.aws_step_functions_state_machine_module.rst b/docs/community.aws.aws_step_functions_state_machine_module.rst index f56bd56ad87..7a863fdcba0 100644 --- a/docs/community.aws.aws_step_functions_state_machine_module.rst +++ b/docs/community.aws.aws_step_functions_state_machine_module.rst @@ -335,7 +335,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Create a new AWS Step Functions state machine - name: Setup HelloWorld state machine diff --git a/docs/community.aws.aws_waf_condition_module.rst b/docs/community.aws.aws_waf_condition_module.rst index 5c6fc396cdd..a22b1d2989d 100644 --- a/docs/community.aws.aws_waf_condition_module.rst +++ b/docs/community.aws.aws_waf_condition_module.rst @@ -594,7 +594,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create WAF byte condition community.aws.aws_waf_condition: diff --git a/docs/community.aws.aws_waf_info_module.rst b/docs/community.aws.aws_waf_info_module.rst index ee5162922a9..afc3aba03f5 100644 --- a/docs/community.aws.aws_waf_info_module.rst +++ b/docs/community.aws.aws_waf_info_module.rst @@ -269,7 +269,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: obtain all WAF information community.aws.aws_waf_info: diff --git a/docs/community.aws.aws_waf_rule_module.rst b/docs/community.aws.aws_waf_rule_module.rst index 2d818d5aa82..f0a3dee30c5 100644 --- a/docs/community.aws.aws_waf_rule_module.rst +++ b/docs/community.aws.aws_waf_rule_module.rst @@ -404,7 +404,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create WAF rule community.aws.aws_waf_rule: diff --git a/docs/community.aws.aws_waf_web_acl_module.rst b/docs/community.aws.aws_waf_web_acl_module.rst index a4ebfac329b..b6031af80c4 100644 --- a/docs/community.aws.aws_waf_web_acl_module.rst +++ b/docs/community.aws.aws_waf_web_acl_module.rst @@ -432,7 +432,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create web ACL community.aws.aws_waf_web_acl: diff --git a/docs/community.aws.cloudformation_exports_info_module.rst b/docs/community.aws.cloudformation_exports_info_module.rst index c98f1b87b50..8047723c9ed 100644 --- a/docs/community.aws.cloudformation_exports_info_module.rst +++ b/docs/community.aws.cloudformation_exports_info_module.rst @@ -234,7 +234,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Get Exports community.aws.cloudformation_exports_info: diff --git a/docs/community.aws.cloudformation_stack_set_module.rst b/docs/community.aws.cloudformation_stack_set_module.rst index 0758f018607..268c58f6106 100644 --- a/docs/community.aws.cloudformation_stack_set_module.rst +++ b/docs/community.aws.cloudformation_stack_set_module.rst @@ -606,7 +606,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a stack set with instances in two accounts community.aws.cloudformation_stack_set: diff --git a/docs/community.aws.cloudfront_distribution_module.rst b/docs/community.aws.cloudfront_distribution_module.rst index 4f70c08585e..7fe2ada6fa1 100644 --- a/docs/community.aws.cloudfront_distribution_module.rst +++ b/docs/community.aws.cloudfront_distribution_module.rst @@ -69,7 +69,7 @@ Parameters @@ -770,7 +770,7 @@ Parameters @@ -1329,12 +1329,13 @@ Parameters @@ -1351,7 +1352,7 @@ Parameters @@ -1365,12 +1366,13 @@ Parameters @@ -1492,7 +1494,7 @@ Parameters @@ -1921,7 +1923,7 @@ Parameters @@ -1939,7 +1941,7 @@ Parameters @@ -1996,7 +1998,7 @@ Parameters @@ -2047,7 +2049,7 @@ Parameters @@ -2067,7 +2069,7 @@ Parameters @@ -2085,7 +2087,7 @@ Parameters @@ -2190,7 +2192,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create a basic distribution with defaults and tags community.aws.cloudfront_distribution: diff --git a/docs/community.aws.cloudfront_info_module.rst b/docs/community.aws.cloudfront_info_module.rst index 7074801fb1e..3bc0915dd8d 100644 --- a/docs/community.aws.cloudfront_info_module.rst +++ b/docs/community.aws.cloudfront_info_module.rst @@ -573,7 +573,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.cloudfront_invalidation_module.rst b/docs/community.aws.cloudfront_invalidation_module.rst index b1b02e912a9..eef95720fe4 100644 --- a/docs/community.aws.cloudfront_invalidation_module.rst +++ b/docs/community.aws.cloudfront_invalidation_module.rst @@ -299,7 +299,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create a batch of invalidations using a distribution_id for a reference community.aws.cloudfront_invalidation: diff --git a/docs/community.aws.cloudfront_origin_access_identity_module.rst b/docs/community.aws.cloudfront_origin_access_identity_module.rst index 289f3ec9c44..69a2da9de57 100644 --- a/docs/community.aws.cloudfront_origin_access_identity_module.rst +++ b/docs/community.aws.cloudfront_origin_access_identity_module.rst @@ -299,7 +299,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create an origin access identity community.aws.cloudfront_origin_access_identity: diff --git a/docs/community.aws.cloudtrail_module.rst b/docs/community.aws.cloudtrail_module.rst index e7b031c8d9e..b124fa5915e 100644 --- a/docs/community.aws.cloudtrail_module.rst +++ b/docs/community.aws.cloudtrail_module.rst @@ -471,7 +471,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create single region cloudtrail community.aws.cloudtrail: diff --git a/docs/community.aws.cloudwatchevent_rule_module.rst b/docs/community.aws.cloudwatchevent_rule_module.rst index 70f28a0ccaa..ec1834b10d7 100644 --- a/docs/community.aws.cloudwatchevent_rule_module.rst +++ b/docs/community.aws.cloudwatchevent_rule_module.rst @@ -484,7 +484,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - community.aws.cloudwatchevent_rule: name: MyCronTask diff --git a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst index b63996742f1..3635b8f5839 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_info_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_info_module.rst @@ -251,7 +251,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. - community.aws.cloudwatchlogs_log_group_info: diff --git a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst index 7c2bd4c35ee..c0e448046ba 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_metric_filter_module.rst @@ -383,7 +383,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: set metric filter on log group /fluentd/testcase community.aws.cloudwatchlogs_log_group_metric_filter: diff --git a/docs/community.aws.cloudwatchlogs_log_group_module.rst b/docs/community.aws.cloudwatchlogs_log_group_module.rst index ec0487c2247..2dbc487ef7c 100644 --- a/docs/community.aws.cloudwatchlogs_log_group_module.rst +++ b/docs/community.aws.cloudwatchlogs_log_group_module.rst @@ -359,7 +359,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.data_pipeline_module.rst b/docs/community.aws.data_pipeline_module.rst index cb76f528188..167cf82e78a 100644 --- a/docs/community.aws.data_pipeline_module.rst +++ b/docs/community.aws.data_pipeline_module.rst @@ -590,7 +590,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.dms_endpoint_module.rst b/docs/community.aws.dms_endpoint_module.rst index b60dcf6ec23..6c1730d99e4 100644 --- a/docs/community.aws.dms_endpoint_module.rst +++ b/docs/community.aws.dms_endpoint_module.rst @@ -646,7 +646,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details - name: Endpoint Creation diff --git a/docs/community.aws.dms_replication_subnet_group_module.rst b/docs/community.aws.dms_replication_subnet_group_module.rst index 3d5ede46d58..25e0fa5b98d 100644 --- a/docs/community.aws.dms_replication_subnet_group_module.rst +++ b/docs/community.aws.dms_replication_subnet_group_module.rst @@ -301,7 +301,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - community.aws.dms_replication_subnet_group: state: present diff --git a/docs/community.aws.dynamodb_table_module.rst b/docs/community.aws.dynamodb_table_module.rst index 2830a0ad5d1..8de198abe68 100644 --- a/docs/community.aws.dynamodb_table_module.rst +++ b/docs/community.aws.dynamodb_table_module.rst @@ -575,7 +575,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create dynamo table with hash and range primary key community.aws.dynamodb_table: diff --git a/docs/community.aws.dynamodb_ttl_module.rst b/docs/community.aws.dynamodb_ttl_module.rst index ad349c13c71..99a2502b13c 100644 --- a/docs/community.aws.dynamodb_ttl_module.rst +++ b/docs/community.aws.dynamodb_ttl_module.rst @@ -288,7 +288,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: enable TTL on my cowfacts table community.aws.dynamodb_ttl: diff --git a/docs/community.aws.ec2_ami_copy_module.rst b/docs/community.aws.ec2_ami_copy_module.rst index 552943b4c2b..42c5f779dff 100644 --- a/docs/community.aws.ec2_ami_copy_module.rst +++ b/docs/community.aws.ec2_ami_copy_module.rst @@ -172,7 +172,7 @@ Parameters @@ -208,7 +208,7 @@ Parameters Default:
                                                    "default"
                                                    @@ -364,7 +364,7 @@ Parameters @@ -380,8 +380,10 @@ Parameters Default:
                                                    600
                                                    ParameterParameter Choices/Defaults Comments
                                                    +
                                                    adjustment_type @@ -59,26 +59,27 @@ Parameters
                                                    The type of change in capacity of the autoscaling group.
                                                    +
                                                    Required if state is present.
                                                    +
                                                    asg_name
                                                    string - / required
                                                    Name of the associated autoscaling group.
                                                    +
                                                    Required if state is present.
                                                    +
                                                    aws_access_key @@ -96,7 +97,7 @@ Parameters
                                                    +
                                                    aws_ca_bundle @@ -113,7 +114,7 @@ Parameters
                                                    +
                                                    aws_config @@ -130,7 +131,7 @@ Parameters
                                                    +
                                                    aws_secret_key @@ -148,7 +149,7 @@ Parameters
                                                    +
                                                    cooldown @@ -160,10 +161,11 @@ Parameters
                                                    The minimum period of time (in seconds) between which autoscaling actions can take place.
                                                    +
                                                    Only used when policy_type is SimpleScaling.
                                                    +
                                                    debug_botocore_endpoint_logs @@ -182,7 +184,7 @@ Parameters
                                                    +
                                                    ec2_url @@ -198,7 +200,43 @@ Parameters
                                                    + +
                                                    + estimated_instance_warmup + +
                                                    + integer +
                                                    +                                                     		+ +
                                                    The estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics.
                                                    +
                                                    +
                                                    + metric_aggregation + +
                                                    + string +
                                                    +                                                     		+
                                                      Choices: +
                                                    • Minimum
                                                      • +
                                                    • Maximum
                                                      • +
                                                    • Average ←
                                                      • +
                                                    +                                                     		+
                                                    The aggregation type for the CloudWatch metrics.
                                                    +
                                                    Only used when policy_type is not SimpleScaling.
                                                    +
                                                    min_adjustment_step @@ -210,10 +248,11 @@ Parameters
                                                    Minimum amount of adjustment when policy is triggered.
                                                    +
                                                    Only used when adjustment_type is PercentChangeInCapacity.
                                                    +
                                                    name @@ -229,7 +268,26 @@ Parameters
                                                    + +
                                                    + policy_type + +
                                                    + string +
                                                    +                                                     		+
                                                      Choices: +
                                                    • StepScaling
                                                      • +
                                                    • SimpleScaling ←
                                                      • +
                                                    +                                                     		+
                                                    Auto scaling adjustment policy.
                                                    +
                                                    profile @@ -247,7 +305,7 @@ Parameters
                                                    +
                                                    region @@ -263,7 +321,7 @@ Parameters
                                                    +
                                                    scaling_adjustment @@ -275,10 +333,13 @@ Parameters
                                                    The amount by which the autoscaling group is adjusted by the policy.
                                                    +
                                                    A negative number has the effect of scaling down the ASG.
                                                    +
                                                    Units are numbers of instances for ExactCapacity or ChangeInCapacity or percent of existing instances for PercentChangeInCapacity.
                                                    +
                                                    Required when policy_type is SimpleScaling.
                                                    +
                                                    security_token @@ -296,7 +357,7 @@ Parameters
                                                    +
                                                    state @@ -315,7 +376,77 @@ Parameters
                                                    +
                                                    + step_adjustments + +
                                                    + list + / elements=dictionary +
                                                    +                                                     		+ +
                                                    list of dicts containing lower_bound, upper_bound and scaling_adjustment
                                                    +
                                                    Intervals must not overlap or have a gap between them.
                                                    +
                                                    At most, one item can have an undefined lower_bound. If any item has a negative lower_bound, then there must be a step adjustment with an undefined lower_bound.
                                                    +
                                                    At most, one item can have an undefined upper_bound. If any item has a positive upper_bound, then there must be a step adjustment with an undefined upper_bound.
                                                    +
                                                    The bounds are the amount over the alarm threshold at which the adjustment will trigger. This means that for an alarm threshold of 50, triggering at 75 requires a lower bound of 25. See http://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_StepAdjustment.html.
                                                    +
                                                    +
                                                    + lower_bound + +
                                                    + integer +
                                                    +                                                     		+ +
                                                    The lower bound for the difference between the alarm threshold and the CloudWatch metric.
                                                    +
                                                    +
                                                    + scaling_adjustment + +
                                                    + integer + / required +
                                                    +                                                     		+ +
                                                    The amount by which to scale.
                                                    +
                                                    +
                                                    + upper_bound + +
                                                    + integer +
                                                    +                                                     		+ +
                                                    The upper bound for the difference between the alarm threshold and the CloudWatch metric.
                                                    +
                                                    validate_certs @@ -352,17 +483,343 @@ Examples .. code-block:: yaml+jinja - - community.aws.ec2_scaling_policy: + - name: Simple Scale Down policy + community.aws.ec2_scaling_policy: state: present region: US-XXX name: "scaledown-policy" adjustment_type: "ChangeInCapacity" - asg_name: "slave-pool" + asg_name: "application-asg" scaling_adjustment: -1 min_adjustment_step: 1 cooldown: 300 + # For an alarm with a breach threshold of 20, the + # following creates a stepped policy: + # From 20-40 (0-20 above threshold), increase by 50% of existing capacity + # From 41-infinity, increase by 100% of existing capacity + - community.aws.ec2_scaling_policy: + state: present + region: US-XXX + name: "step-scale-up-policy" + policy_type: StepScaling + metric_aggregation: Maximum + step_adjustments: + - upper_bound: 20 + scaling_adjustment: 50 + - lower_bound: 20 + scaling_adjustment: 100 + adjustment_type: "PercentChangeInCapacity" + asg_name: "application-asg" + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
                                                    KeyReturnedDescription
                                                    +
                                                    + adjustment_type + +
                                                    + string +
                                                    +                                                     		always +
                                                    Scaling policy adjustment type
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    PercentChangeInCapacity
                                                    +
                                                    +
                                                    + alarms + +
                                                    + complex +
                                                    +                                                     		always +
                                                    Cloudwatch alarms related to the policy
                                                    +
                                                    +
                                                      +
                                                    + alarm_arn + +
                                                    + string +
                                                    +                                                     		always +
                                                    ARN of the Cloudwatch alarm
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    arn:aws:cloudwatch:us-east-2:1234567890:alarm:cpu-very-high
                                                    +
                                                      +
                                                    + alarm_name + +
                                                    + string +
                                                    +                                                     		always +
                                                    name of the Cloudwatch alarm
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    cpu-very-high
                                                    +
                                                    +
                                                    + arn + +
                                                    + string +
                                                    +                                                     		always +
                                                    ARN of the scaling policy. Provided for backward compatibility, value is the same as policy_arn
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    arn:aws:autoscaling:us-east-2:123456789012:scalingPolicy:59e37526-bd27-42cf-adca-5cd3d90bc3b9:autoScalingGroupName/app-asg:policyName/app-policy
                                                    +
                                                    +
                                                    + as_name + +
                                                    + string +
                                                    +                                                     		always +
                                                    Auto Scaling Group name. Provided for backward compatibility, value is the same as auto_scaling_group_name
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    app-asg
                                                    +
                                                    +
                                                    + auto_scaling_group_name + +
                                                    + string +
                                                    +                                                     		always +
                                                    Name of Auto Scaling Group
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    app-asg
                                                    +
                                                    +
                                                    + metric_aggregation_type + +
                                                    + string +
                                                    +                                                     		when policy_type is StepScaling +
                                                    Method used to aggregate metrics
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    Maximum
                                                    +
                                                    +
                                                    + name + +
                                                    + string +
                                                    +                                                     		always +
                                                    Name of the scaling policy. Provided for backward compatibility, value is the same as policy_name
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    app-policy
                                                    +
                                                    +
                                                    + policy_arn + +
                                                    + string +
                                                    +                                                     		always +
                                                    ARN of scaling policy.
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    arn:aws:autoscaling:us-east-2:123456789012:scalingPolicy:59e37526-bd27-42cf-adca-5cd3d90bc3b9:autoScalingGroupName/app-asg:policyName/app-policy
                                                    +
                                                    +
                                                    + policy_name + +
                                                    + string +
                                                    +                                                     		always +
                                                    Name of scaling policy
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    app-policy
                                                    +
                                                    +
                                                    + policy_type + +
                                                    + string +
                                                    +                                                     		always +
                                                    Type of auto scaling policy
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    StepScaling
                                                    +
                                                    +
                                                    + scaling_adjustment + +
                                                    + integer +
                                                    +                                                     		When policy_type is SimpleScaling +
                                                    Adjustment to make when alarm is triggered
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    1
                                                    +
                                                    +
                                                    + step_adjustments + +
                                                    + complex +
                                                    +                                                     		always +
                                                    List of step adjustments
                                                    +
                                                    +
                                                      +
                                                    + metric_interval_lower_bound + +
                                                    + float +
                                                    +                                                     		if step has a lower bound +
                                                    Lower bound for metric interval
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    20.0
                                                    +
                                                      +
                                                    + metric_interval_upper_bound + +
                                                    + float +
                                                    +                                                     		if step has an upper bound +
                                                    Upper bound for metric interval
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    40.0
                                                    +
                                                      +
                                                    + scaling_adjustment + +
                                                    + integer +
                                                    +                                                     		always +
                                                    Adjustment to make if this step is reached
                                                    +
                                                    +
                                                    Sample:
                                                    +
                                                    50
                                                    +
                                                    +

                                                    Status @@ -372,4 +829,5 @@ Status Authors ~~~~~~~ -- Zacharie Eakin (@Zeekin) +- Zacharie Eakin (@zeekin) +- Will Thames (@willthames) diff --git a/docs/community.aws.rds_subnet_group_module.rst b/docs/community.aws.rds_subnet_group_module.rst index d72d4c4164d..6b681740a27 100644 --- a/docs/community.aws.rds_subnet_group_module.rst +++ b/docs/community.aws.rds_subnet_group_module.rst @@ -351,7 +351,23 @@ Common return values are documented `here  
                                                    - description + db_subnet_group_arn + +
                                                    + string +
                                                    +                                                     		state=present +
                                                    The ARN of the DB subnet group
                                                    +
                                                    +
                                                      +
                                                    + db_subnet_group_description
                                                    string @@ -367,7 +383,7 @@ Common return values are documented `here  
                                                    - name + db_subnet_group_name
                                                    string @@ -379,6 +395,38 @@ Common return values are documented `here
                                                      +
                                                    + description + +
                                                    + string +
                                                    +                                                     		state=present +
                                                    The description of the DB subnet group (maintained for backward compatibility)
                                                    +
                                                    +
                                                      +
                                                    + name + +
                                                    + string +
                                                    +                                                     		state=present +
                                                    The name of the DB subnet group (maintained for backward compatibility)
                                                    +
                                                    +
                                                      @@ -390,6 +438,22 @@ Common return values are documented `here state=present +
                                                    The status of the DB subnet group (maintained for backward compatibility)
                                                    +
                                                    +
                                                      +
                                                    + subnet_group_status + +
                                                    + string +
                                                    +                                                     		state=present
                                                    The status of the DB subnet group

                                                    @@ -411,6 +475,22 @@ Common return values are documented `here
                                                      +
                                                    + subnets + +
                                                    + list +
                                                    +                                                     		state=present +
                                                    Contains a list of Subnet elements (@see https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/rds.html#RDS.Client.describe_db_subnet_groups)
                                                    +
                                                    +
                                                      diff --git a/galaxy.yml b/galaxy.yml index 3a2958e0814..991e6c90978 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: community name: aws -version: 1.2.0 +version: 1.2.1 readme: README.md authors: - Ansible (https://github.com/ansible) @@ -8,7 +8,7 @@ description: null license_file: COPYING tags: [community, aws, cloud, amazon] dependencies: - amazon.aws: '>=1.2.0' + amazon.aws: '>=1.2.1' repository: https://github.com/ansible-collections/community.aws documentation: https://github.com/ansible-collections/community.aws/tree/main/docs homepage: https://github.com/ansible-collections/community.aws diff --git a/tests/requirements.yml b/tests/requirements.yml index 359b5600688..481ff1020dd 100644 --- a/tests/requirements.yml +++ b/tests/requirements.yml @@ -1,7 +1,7 @@ integration_tests_dependencies: -- amazon.aws >= 1.2.0 +- amazon.aws >= 1.2.1 - ansible.windows - community.crypto - community.general unit_tests_dependencies: -- amazon.aws >= 1.2.0 +- amazon.aws >= 1.2.1 From f0398052887fe510cae2342a47c43613814eb8f2 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Thu, 8 Oct 2020 17:41:49 -0700 Subject: [PATCH 087/129] Add test constraints file (#257) ansible/ansible #72154 enables support for constraints files in collections, this is needed to complete support for setting a minimum botocore version for PR #248 --- tests/integration/constraints.txt | 2 ++ tests/integration/requirements.txt | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 tests/integration/constraints.txt diff --git a/tests/integration/constraints.txt b/tests/integration/constraints.txt new file mode 100644 index 00000000000..88a8eb254f3 --- /dev/null +++ b/tests/integration/constraints.txt @@ -0,0 +1,2 @@ +boto3 >= 1.9.250 # minimum version that supports botocore 1.13.3 +botocore >= 1.13.3 # adds support for ECR image scanning diff --git a/tests/integration/requirements.txt b/tests/integration/requirements.txt index 459ea5ebe81..2fb8f547d8a 100644 --- a/tests/integration/requirements.txt +++ b/tests/integration/requirements.txt @@ -1,4 +1,5 @@ # netaddr is needed for ansible.netcommon.ipv6 netaddr virtualenv -botocore >= 1.13.3 ; python_version >= '2.7' # adds support for ECR image scanning +boto3 +botocore From c6426ff3d34cc6b83b8c96e1109a2e0e3f9bad18 Mon Sep 17 00:00:00 2001 From: Markus Bergholz Date: Fri, 9 Oct 2020 03:02:36 +0200 Subject: [PATCH 088/129] support scan_on_push for ecs_ecr (#248) * #247 first draft to support scan_on_push * #247 use *aws_connection_info for integration test * #247 fix linting * #247 remove q * #247 use module_defaults for integrationtest * #247 remove last connection fragment * #247 set module_defaults on block * #247 handle check_mode when registry does not exist * #247 fix output, append test with checkmode and test result values * #247 add note about botocore version Co-authored-by: Markus Bergholz --- plugins/modules/ecs_ecr.py | 43 ++++++- .../targets/ecs_ecr/tasks/main.yml | 118 +++++++++--------- 2 files changed, 98 insertions(+), 63 deletions(-) diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index 533792877eb..8e344665a0e 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -58,12 +58,12 @@ type: str lifecycle_policy: description: - - JSON or dict that represents the new lifecycle policy + - JSON or dict that represents the new lifecycle policy. required: false type: json purge_lifecycle_policy: description: - - if yes, remove the lifecycle policy from the repository + - if yes, remove the lifecycle policy from the repository. required: false default: false type: bool @@ -74,6 +74,14 @@ choices: [present, absent] default: 'present' type: str + scan_on_push: + description: + - if yes, images are scanned for known vulnerabilities after being pushed to the repository. + - I(scan_on_push) requires botocore >= 1.13.3 + required: false + default: false + type: bool + version_added: 1.3.0 author: - David M. Lee (@leedm777) extends_documentation_fragment: @@ -132,6 +140,7 @@ - name: set-lifecycle-policy community.aws.ecs_ecr: name: needs-lifecycle-policy + scan_on_push: yes lifecycle_policy: rules: - rulePriority: 1 @@ -355,6 +364,25 @@ def purge_lifecycle_policy(self, registry_id, name): return policy return None + def put_image_scanning_configuration(self, registry_id, name, scan_on_push): + if not self.check_mode: + if registry_id: + scan = self.ecr.put_image_scanning_configuration( + registryId=registry_id, + repositoryName=name, + imageScanningConfiguration={'scanOnPush': scan_on_push} + ) + else: + scan = self.ecr.put_image_scanning_configuration( + repositoryName=name, + imageScanningConfiguration={'scanOnPush': scan_on_push} + ) + self.changed = True + return scan + else: + self.skipped = True + return None + def sort_lists_of_strings(policy): for statement_index in range(0, len(policy.get('Statement', []))): @@ -378,6 +406,7 @@ def run(ecr, params): image_tag_mutability = params['image_tag_mutability'].upper() lifecycle_policy_text = params['lifecycle_policy'] purge_lifecycle_policy = params['purge_lifecycle_policy'] + scan_on_push = params['scan_on_push'] # Parse policies, if they are given try: @@ -474,6 +503,13 @@ def run(ecr, params): result['policy'] = policy_text raise + original_scan_on_push = ecr.get_repository(registry_id, name) + if original_scan_on_push is not None: + if scan_on_push != original_scan_on_push['imageScanningConfiguration']['scanOnPush']: + result['changed'] = True + result['repository']['imageScanningConfiguration']['scanOnPush'] = scan_on_push + response = ecr.put_image_scanning_configuration(registry_id, name, scan_on_push) + elif state == 'absent': result['name'] = name if repo: @@ -510,7 +546,8 @@ def main(): purge_policy=dict(required=False, type='bool', aliases=['delete_policy'], deprecated_aliases=[dict(name='delete_policy', date='2022-06-01', collection_name='community.aws')]), lifecycle_policy=dict(required=False, type='json'), - purge_lifecycle_policy=dict(required=False, type='bool') + purge_lifecycle_policy=dict(required=False, type='bool'), + scan_on_push=(dict(required=False, type='bool', default=False)) ) mutually_exclusive = [ ['policy', 'purge_policy'], diff --git a/tests/integration/targets/ecs_ecr/tasks/main.yml b/tests/integration/targets/ecs_ecr/tasks/main.yml index 362cd8175d2..f92ba965b7c 100644 --- a/tests/integration/targets/ecs_ecr/tasks/main.yml +++ b/tests/integration/targets/ecs_ecr/tasks/main.yml @@ -1,22 +1,18 @@ --- -- set_fact: - ecr_name: '{{ resource_prefix }}-ecr' +- module_defaults: + group/aws: + region: "{{ aws_region }}" + aws_access_key: "{{ aws_access_key }}" + aws_secret_key: "{{ aws_secret_key }}" + security_token: "{{ security_token | default(omit) }}" -- block: - - - name: set connection information for all tasks - set_fact: - aws_connection_info: &aws_connection_info - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" - security_token: "{{ security_token }}" - region: "{{ aws_region }}" - no_log: yes + block: + - set_fact: + ecr_name: '{{ resource_prefix }}-ecr' - name: When creating with check mode ecs_ecr: name: '{{ ecr_name }}' - <<: *aws_connection_info register: result check_mode: yes @@ -32,7 +28,6 @@ ecs_ecr: registry_id: 999999999999 name: '{{ ecr_name }}' - <<: *aws_connection_info register: result ignore_errors: true @@ -46,7 +41,6 @@ - name: When creating a repository ecs_ecr: name: '{{ ecr_name }}' - <<: *aws_connection_info register: result - name: it should change and create @@ -64,7 +58,6 @@ - name: When creating a repository that already exists in check mode ecs_ecr: name: '{{ ecr_name }}' - <<: *aws_connection_info register: result check_mode: yes @@ -78,7 +71,6 @@ - name: When creating a repository that already exists ecs_ecr: name: '{{ ecr_name }}' - <<: *aws_connection_info register: result - name: it should not change @@ -91,7 +83,6 @@ ecs_ecr: name: '{{ ecr_name }}' purge_policy: yes - <<: *aws_connection_info register: result check_mode: yes @@ -106,7 +97,6 @@ ecs_ecr: name: '{{ ecr_name }}' policy: '{{ policy }}' - <<: *aws_connection_info register: result check_mode: yes @@ -122,7 +112,6 @@ ecs_ecr: name: '{{ ecr_name }}' policy: '{{ policy }}' - <<: *aws_connection_info register: result - name: it should change and not create @@ -136,7 +125,6 @@ ecs_ecr: name: '{{ ecr_name }}' delete_policy: yes - <<: *aws_connection_info register: result check_mode: yes @@ -153,7 +141,6 @@ ecs_ecr: name: '{{ ecr_name }}' purge_policy: yes - <<: *aws_connection_info register: result check_mode: yes @@ -170,7 +157,6 @@ ecs_ecr: name: '{{ ecr_name }}' purge_policy: yes - <<: *aws_connection_info register: result - name: it should change and not create @@ -184,7 +170,6 @@ ecs_ecr: name: '{{ ecr_name }}' policy: '{{ policy | to_json }}' - <<: *aws_connection_info register: result - name: it should change and not create @@ -198,7 +183,6 @@ ecs_ecr: name: '{{ ecr_name }}' policy: '{{ policy }}' - <<: *aws_connection_info register: result - name: it should not change @@ -209,7 +193,6 @@ - name: When omitting policy on a repository that has a policy ecs_ecr: name: '{{ ecr_name }}' - <<: *aws_connection_info register: result - name: it should not change @@ -222,7 +205,6 @@ name: '{{ ecr_name }}' policy: '{{ policy }}' purge_policy: yes - <<: *aws_connection_info register: result ignore_errors: true @@ -236,7 +218,6 @@ ecs_ecr: name: '{{ ecr_name }}' policy: "Ceci n'est pas une JSON" - <<: *aws_connection_info register: result ignore_errors: true @@ -250,7 +231,6 @@ ecs_ecr: name: '{{ ecr_name }}' purge_lifecycle_policy: yes - <<: *aws_connection_info register: result check_mode: yes @@ -265,7 +245,6 @@ ecs_ecr: name: '{{ ecr_name }}' lifecycle_policy: '{{ lifecycle_policy }}' - <<: *aws_connection_info register: result check_mode: yes @@ -281,7 +260,6 @@ ecs_ecr: name: '{{ ecr_name }}' lifecycle_policy: '{{ lifecycle_policy }}' - <<: *aws_connection_info register: result - name: it should change and not create @@ -297,7 +275,6 @@ ecs_ecr: name: '{{ ecr_name }}' purge_lifecycle_policy: yes - <<: *aws_connection_info register: result check_mode: yes @@ -313,7 +290,6 @@ ecs_ecr: name: '{{ ecr_name }}' purge_lifecycle_policy: yes - <<: *aws_connection_info register: result - name: it should change and not create @@ -327,7 +303,6 @@ ecs_ecr: name: '{{ ecr_name }}' lifecycle_policy: '{{ lifecycle_policy | to_json }}' - <<: *aws_connection_info register: result - name: it should change and not create @@ -341,7 +316,6 @@ ecs_ecr: name: '{{ ecr_name }}' lifecycle_policy: '{{ lifecycle_policy }}' - <<: *aws_connection_info register: result - name: it should not change @@ -353,7 +327,6 @@ - name: When omitting lifecycle policy on a repository that has a policy ecs_ecr: name: '{{ ecr_name }}' - <<: *aws_connection_info register: result - name: it should not change @@ -367,7 +340,6 @@ name: '{{ ecr_name }}' lifecycle_policy: '{{ lifecycle_policy }}' purge_lifecycle_policy: yes - <<: *aws_connection_info register: result ignore_errors: true @@ -381,7 +353,6 @@ ecs_ecr: name: '{{ ecr_name }}' lifecycle_policy: "Ceci n'est pas une JSON" - <<: *aws_connection_info register: result ignore_errors: true @@ -397,7 +368,6 @@ lifecycle_policy: rules: - invalid: "Ceci n'est pas une rule" - <<: *aws_connection_info register: result ignore_errors: true @@ -411,7 +381,6 @@ ecs_ecr: name: '{{ ecr_name }}' state: absent - <<: *aws_connection_info register: result check_mode: yes @@ -427,7 +396,6 @@ ecs_ecr: name: '{{ ecr_name }}' state: absent - <<: *aws_connection_info register: result - name: it should change @@ -440,7 +408,6 @@ ecs_ecr: name: '{{ ecr_name }}' state: absent - <<: *aws_connection_info register: result check_mode: yes @@ -455,7 +422,6 @@ ecs_ecr: name: '{{ ecr_name }}' state: absent - <<: *aws_connection_info register: result - name: it should not change @@ -466,10 +432,6 @@ - name: When creating an immutable repository ecs_ecr: name: '{{ ecr_name }}' - region: '{{ ec2_region }}' - ec2_access_key: '{{ec2_access_key}}' - ec2_secret_key: '{{ec2_secret_key}}' - security_token: '{{security_token}}' image_tag_mutability: immutable register: result @@ -488,10 +450,6 @@ - name: When configuring an existing immutable repository to be mutable in check mode ecs_ecr: name: '{{ ecr_name }}' - region: '{{ ec2_region }}' - ec2_access_key: '{{ec2_access_key}}' - ec2_secret_key: '{{ec2_secret_key}}' - security_token: '{{security_token}}' image_tag_mutability: mutable register: result check_mode: yes @@ -506,10 +464,6 @@ - name: When configuring an existing immutable repository to be mutable ecs_ecr: name: '{{ ecr_name }}' - region: '{{ ec2_region }}' - ec2_access_key: '{{ec2_access_key}}' - ec2_secret_key: '{{ec2_secret_key}}' - security_token: '{{security_token}}' image_tag_mutability: mutable register: result @@ -522,10 +476,6 @@ - name: When configuring an already mutable repository to be mutable ecs_ecr: name: '{{ ecr_name }}' - region: '{{ ec2_region }}' - ec2_access_key: '{{ec2_access_key}}' - ec2_secret_key: '{{ec2_secret_key}}' - security_token: '{{security_token}}' image_tag_mutability: mutable register: result @@ -534,10 +484,58 @@ that: - result is not changed + - name: enable scan on push in check mode + ecs_ecr: + name: '{{ ecr_name }}' + scan_on_push: yes + check_mode: yes + register: result + + - name: it should change + assert: + that: + - result is skipped + - result is changed + + - name: enable scan on push + ecs_ecr: + name: '{{ ecr_name }}' + scan_on_push: yes + register: result + + - name: it should change + assert: + that: + - result is changed + - result.repository.imageScanningConfiguration.scanOnPush + + - name: verify enable scan on push + ecs_ecr: + name: '{{ ecr_name }}' + scan_on_push: yes + register: result + + - name: it should not change + assert: + that: + - result is not changed + - result.repository.imageScanningConfiguration.scanOnPush + + - name: disable scan on push + ecs_ecr: + name: '{{ ecr_name }}' + scan_on_push: no + register: result + + - name: it should change + assert: + that: + - result is changed + - not result.repository.imageScanningConfiguration.scanOnPush + always: - name: Delete lingering ECR repository ecs_ecr: name: '{{ ecr_name }}' state: absent - <<: *aws_connection_info From 6eab8b0c0e805fe8881a834f4f1329193396fd0a Mon Sep 17 00:00:00 2001 From: Milan Zink Date: Tue, 13 Oct 2020 10:47:17 +0200 Subject: [PATCH 089/129] README update (#258) * README update adding reference to amazon.aws repository Fixes: https://github.com/ansible-collections/amazon.aws/issues/166 --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 02482b984bd..b31b5ff1b7f 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,8 @@ The Ansible Community AWS collection includes a variety of Ansible content to help automate the management of AWS instances. This collection is maintained by the Ansible community. +AWS related modules and plugins supported by the Ansible Cloud team are in the [amazon.aws](https://github.com/ansible-collections/amazon.aws) collection. + ## Ansible version compatibility @@ -283,5 +285,3 @@ See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/commun GNU General Public License v3.0 or later. See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. - - From e83d579f5667911a496275eae9c5c7b7da98391e Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 19 Oct 2020 19:59:22 +0200 Subject: [PATCH 090/129] catch ImportError rather than Exception when testing Boto3 imports (#267) --- plugins/modules/aws_direct_connect_confirm_connection.py | 5 ++--- plugins/modules/aws_direct_connect_connection.py | 5 ++--- plugins/modules/aws_direct_connect_link_aggregation_group.py | 2 +- plugins/modules/aws_s3_cors.py | 2 +- plugins/modules/ec2_transit_gateway.py | 5 ++--- plugins/modules/ec2_transit_gateway_info.py | 5 ++--- plugins/modules/lambda_policy.py | 2 +- plugins/modules/rds_snapshot_info.py | 2 +- 8 files changed, 12 insertions(+), 16 deletions(-) diff --git a/plugins/modules/aws_direct_connect_confirm_connection.py b/plugins/modules/aws_direct_connect_confirm_connection.py index ba85f94eff3..948aa63c81c 100644 --- a/plugins/modules/aws_direct_connect_confirm_connection.py +++ b/plugins/modules/aws_direct_connect_confirm_connection.py @@ -67,9 +67,8 @@ try: from botocore.exceptions import BotoCoreError, ClientError -except Exception: - pass - # handled by imported AnsibleAWSModule +except ImportError: + pass # handled by imported AnsibleAWSModule retry_params = {"tries": 10, "delay": 5, "backoff": 1.2, "catch_extra_error_codes": ["DirectConnectClientException"]} diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index 2fbda9124bb..9899b742fb4 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -166,9 +166,8 @@ try: from botocore.exceptions import BotoCoreError, ClientError -except Exception: - pass - # handled by imported AnsibleAWSModule +except ImportError: + pass # handled by imported AnsibleAWSModule retry_params = {"tries": 10, "delay": 5, "backoff": 1.2, "catch_extra_error_codes": ["DirectConnectClientException"]} diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index fec3f3dfc99..e3fae3ccf06 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -166,7 +166,7 @@ try: import botocore -except Exception: +except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule diff --git a/plugins/modules/aws_s3_cors.py b/plugins/modules/aws_s3_cors.py index 0577c955e91..820530dc08d 100644 --- a/plugins/modules/aws_s3_cors.py +++ b/plugins/modules/aws_s3_cors.py @@ -97,7 +97,7 @@ try: from botocore.exceptions import ClientError, BotoCoreError -except Exception: +except ImportError: pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule diff --git a/plugins/modules/ec2_transit_gateway.py b/plugins/modules/ec2_transit_gateway.py index 5a7ea4b248c..a0595b4b7e1 100644 --- a/plugins/modules/ec2_transit_gateway.py +++ b/plugins/modules/ec2_transit_gateway.py @@ -222,9 +222,8 @@ try: from botocore.exceptions import BotoCoreError, ClientError -except Exception: - pass - # handled by imported AnsibleAWSModule +except ImportError: + pass # handled by imported AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from time import sleep, time diff --git a/plugins/modules/ec2_transit_gateway_info.py b/plugins/modules/ec2_transit_gateway_info.py index 676862185b4..2eacf01cd96 100644 --- a/plugins/modules/ec2_transit_gateway_info.py +++ b/plugins/modules/ec2_transit_gateway_info.py @@ -166,9 +166,8 @@ try: from botocore.exceptions import BotoCoreError, ClientError -except Exception: - pass - # handled by imported AnsibleAWSModule +except ImportError: + pass # handled by imported AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( diff --git a/plugins/modules/lambda_policy.py b/plugins/modules/lambda_policy.py index 2860e3a6540..2fb4b4ddead 100644 --- a/plugins/modules/lambda_policy.py +++ b/plugins/modules/lambda_policy.py @@ -139,7 +139,7 @@ try: from botocore.exceptions import ClientError -except Exception: +except ImportError: pass # caught by AnsibleAWSModule diff --git a/plugins/modules/rds_snapshot_info.py b/plugins/modules/rds_snapshot_info.py index 1d7003ae55c..63a5e47b09b 100644 --- a/plugins/modules/rds_snapshot_info.py +++ b/plugins/modules/rds_snapshot_info.py @@ -298,7 +298,7 @@ try: import botocore -except Exception: +except ImportError: pass # caught by AnsibleAWSModule From 7e733926a34712d0b52280f54c6f52a349a48f6e Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 19 Oct 2020 21:51:34 +0200 Subject: [PATCH 091/129] Improve elb_target_group stability (#263) * Mark elb_target as stable so we run it a bit more. * Split imports for easier patches * Use module helper for botocore versioning * Add retry decorator to most AWS calls. This improves stability in a busy account. * When creating a new target group retry the describe_target_groups calls. This improves stability for eventually consistent calls. --- plugins/modules/elb_target_group.py | 77 +++++++++++--------- tests/integration/targets/elb_target/aliases | 1 - 2 files changed, 42 insertions(+), 36 deletions(-) diff --git a/plugins/modules/elb_target_group.py b/plugins/modules/elb_target_group.py index fe4b749a63a..e6c94f06286 100644 --- a/plugins/modules/elb_target_group.py +++ b/plugins/modules/elb_target_group.py @@ -380,17 +380,18 @@ pass # caught by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (camel_dict_to_snake_dict, - boto3_tag_list_to_ansible_dict, - compare_aws_tags, - ansible_dict_to_boto3_tag_list, - ) -from distutils.version import LooseVersion +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list def get_tg_attributes(connection, module, tg_arn): try: - tg_attributes = boto3_tag_list_to_ansible_dict(connection.describe_target_group_attributes(TargetGroupArn=tg_arn)['Attributes']) + _attributes = connection.describe_target_group_attributes(TargetGroupArn=tg_arn, aws_retry=True) + tg_attributes = boto3_tag_list_to_ansible_dict(_attributes['Attributes']) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't get target group attributes") @@ -400,20 +401,24 @@ def get_tg_attributes(connection, module, tg_arn): def get_target_group_tags(connection, module, target_group_arn): try: - return connection.describe_tags(ResourceArns=[target_group_arn])['TagDescriptions'][0]['Tags'] + _tags = connection.describe_tags(ResourceArns=[target_group_arn], aws_retry=True) + return _tags['TagDescriptions'][0]['Tags'] except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't get target group tags") -def get_target_group(connection, module): +def get_target_group(connection, module, retry_missing=False): + extra_codes = ['TargetGroupNotFound'] if retry_missing else [] try: - target_group_paginator = connection.get_paginator('describe_target_groups') - return (target_group_paginator.paginate(Names=[module.params.get("name")]).build_full_result())['TargetGroups'][0] - except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: - if e.response['Error']['Code'] == 'TargetGroupNotFound': - return None - else: - module.fail_json_aws(e, msg="Couldn't get target group") + target_group_paginator = connection.get_paginator('describe_target_groups').paginate(Names=[module.params.get("name")]) + jittered_retry = AWSRetry.jittered_backoff(retries=10, catch_extra_error_codes=extra_codes) + result = jittered_retry(target_group_paginator.build_full_result)() + except is_boto3_error_code('TargetGroupNotFound'): + return None + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Couldn't get target group") + + return result['TargetGroups'][0] def wait_for_status(connection, module, target_group_arn, targets, status): @@ -423,7 +428,7 @@ def wait_for_status(connection, module, target_group_arn, targets, status): for x in range(0, max_retries): try: - response = connection.describe_target_health(TargetGroupArn=target_group_arn, Targets=targets) + response = connection.describe_target_health(TargetGroupArn=target_group_arn, Targets=targets, aws_retry=True) if response['TargetHealthDescriptions'][0]['TargetHealth']['State'] == status: status_achieved = True break @@ -437,7 +442,7 @@ def wait_for_status(connection, module, target_group_arn, targets, status): def fail_if_ip_target_type_not_supported(module): - if LooseVersion(botocore.__version__) < LooseVersion('1.7.2'): + if not module.botocore_at_least('1.7.2'): module.fail_json(msg="target_type ip requires botocore version 1.7.2 or later. Version %s is installed" % botocore.__version__) @@ -559,7 +564,7 @@ def create_or_update_target_group(connection, module): try: if health_check_params: - connection.modify_target_group(TargetGroupArn=tg['TargetGroupArn'], **health_check_params) + connection.modify_target_group(TargetGroupArn=tg['TargetGroupArn'], aws_retry=True, **health_check_params) changed = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't update target group") @@ -570,7 +575,7 @@ def create_or_update_target_group(connection, module): # describe_target_health seems to be the only way to get them try: current_targets = connection.describe_target_health( - TargetGroupArn=tg['TargetGroupArn']) + TargetGroupArn=tg['TargetGroupArn'], aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't get target group health") @@ -602,7 +607,7 @@ def create_or_update_target_group(connection, module): changed = True try: - connection.register_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=instances_to_add) + connection.register_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=instances_to_add, aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't register targets") @@ -621,7 +626,7 @@ def create_or_update_target_group(connection, module): changed = True try: - connection.deregister_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=instances_to_remove) + connection.deregister_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=instances_to_remove, aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't remove targets") @@ -651,7 +656,8 @@ def create_or_update_target_group(connection, module): { "Id": target['Id'] } - ] + ], + aws_retry=True ) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: @@ -669,7 +675,7 @@ def create_or_update_target_group(connection, module): changed = True try: - connection.deregister_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=instances_to_remove) + connection.deregister_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=instances_to_remove, aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't remove targets") @@ -687,22 +693,22 @@ def create_or_update_target_group(connection, module): target_to_remove = current_targets["TargetHealthDescriptions"][0]["Target"]["Id"] if changed: connection.deregister_targets( - TargetGroupArn=tg['TargetGroupArn'], Targets=[{"Id": target_to_remove}]) + TargetGroupArn=tg['TargetGroupArn'], Targets=[{"Id": target_to_remove}], aws_retry=True) else: try: - connection.create_target_group(**params) + connection.create_target_group(aws_retry=True, **params) changed = True new_target_group = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't create target group") - tg = get_target_group(connection, module) + tg = get_target_group(connection, module, retry_missing=True) if module.params.get("targets"): if target_type != "lambda": params['Targets'] = module.params.get("targets") try: - connection.register_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=params['Targets']) + connection.register_targets(TargetGroupArn=tg['TargetGroupArn'], Targets=params['Targets'], aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't register targets") @@ -720,7 +726,8 @@ def create_or_update_target_group(connection, module): { "Id": target["Id"] } - ] + ], + aws_retry=True ) changed = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: @@ -748,12 +755,12 @@ def create_or_update_target_group(connection, module): if update_attributes: try: - connection.modify_target_group_attributes(TargetGroupArn=tg['TargetGroupArn'], Attributes=update_attributes) + connection.modify_target_group_attributes(TargetGroupArn=tg['TargetGroupArn'], Attributes=update_attributes, aws_retry=True) changed = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # Something went wrong setting attributes. If this target group was created during this task, delete it to leave a consistent state if new_target_group: - connection.delete_target_group(TargetGroupArn=tg['TargetGroupArn']) + connection.delete_target_group(TargetGroupArn=tg['TargetGroupArn'], aws_retry=True) module.fail_json_aws(e, msg="Couldn't delete target group") # Tags - only need to play with tags if tags parameter has been set to something @@ -765,7 +772,7 @@ def create_or_update_target_group(connection, module): tags_need_modify, tags_to_delete = compare_aws_tags(boto3_tag_list_to_ansible_dict(current_tags), tags, purge_tags) if tags_to_delete: try: - connection.remove_tags(ResourceArns=[tg['TargetGroupArn']], TagKeys=tags_to_delete) + connection.remove_tags(ResourceArns=[tg['TargetGroupArn']], TagKeys=tags_to_delete, aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't delete tags from target group") changed = True @@ -773,7 +780,7 @@ def create_or_update_target_group(connection, module): # Add/update tags if tags_need_modify: try: - connection.add_tags(ResourceArns=[tg['TargetGroupArn']], Tags=ansible_dict_to_boto3_tag_list(tags_need_modify)) + connection.add_tags(ResourceArns=[tg['TargetGroupArn']], Tags=ansible_dict_to_boto3_tag_list(tags_need_modify), aws_retry=True) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't add tags to target group") changed = True @@ -798,7 +805,7 @@ def delete_target_group(connection, module): if tg: try: - connection.delete_target_group(TargetGroupArn=tg['TargetGroupArn']) + connection.delete_target_group(TargetGroupArn=tg['TargetGroupArn'], aws_retry=True) changed = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg="Couldn't delete target group") @@ -846,7 +853,7 @@ def main(): if module.params.get('target_type') is None: module.params['target_type'] = 'instance' - connection = module.client('elbv2') + connection = module.client('elbv2', retry_decorator=AWSRetry.jittered_backoff(retries=10)) if module.params.get('state') == 'present': create_or_update_target_group(connection, module) diff --git a/tests/integration/targets/elb_target/aliases b/tests/integration/targets/elb_target/aliases index db6a9b06d89..b99354591c1 100644 --- a/tests/integration/targets/elb_target/aliases +++ b/tests/integration/targets/elb_target/aliases @@ -1,4 +1,3 @@ cloud/aws elb_target_group shippable/aws/group4 -unstable From 073353b49808824dda2e9e00a1639a74ca983c42 Mon Sep 17 00:00:00 2001 From: philltomlinson <6190209+philltomlinson@users.noreply.github.com> Date: Tue, 20 Oct 2020 17:40:46 +0100 Subject: [PATCH 092/129] Add additional storage classes to S3 lifecycle transition list. (#270) * Add additional storage classes to S3 lifecycle transition list. * Add minor changes changelog for S3 lifecycle transition list change. --- ...torage_classes_to_S3_lifecycle_transition_list.yml | 2 ++ plugins/modules/s3_lifecycle.py | 11 ++++++----- 2 files changed, 8 insertions(+), 5 deletions(-) create mode 100644 changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml diff --git a/changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml b/changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml new file mode 100644 index 00000000000..ac1d6306704 --- /dev/null +++ b/changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml @@ -0,0 +1,2 @@ +minor_changes: + - s3_lifecycle - Add support for intelligent tiering and deep archive storage classes (https://github.com/ansible-collections/community.aws/issues/270) diff --git a/plugins/modules/s3_lifecycle.py b/plugins/modules/s3_lifecycle.py index a2518a88570..5edceea50bf 100644 --- a/plugins/modules/s3_lifecycle.py +++ b/plugins/modules/s3_lifecycle.py @@ -56,7 +56,7 @@ description: - 'Transition noncurrent versions to this storage class' default: glacier - choices: ['glacier', 'onezone_ia', 'standard_ia'] + choices: ['glacier', 'onezone_ia', 'standard_ia', 'intelligent_tiering', 'deep_archive'] required: false type: str noncurrent_version_transition_days: @@ -91,10 +91,10 @@ type: str storage_class: description: - - "The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'." + - "The storage class to transition to." - "The 'standard_ia' class is only being available from Ansible version 2.2." default: glacier - choices: [ 'glacier', 'onezone_ia', 'standard_ia'] + choices: [ 'glacier', 'onezone_ia', 'standard_ia', 'intelligent_tiering', 'deep_archive'] type: str transition_date: description: @@ -437,12 +437,13 @@ def destroy_lifecycle_rule(client, module): def main(): + s3_storage_class = ['glacier', 'onezone_ia', 'standard_ia', 'intelligent_tiering', 'deep_archive'] argument_spec = dict( name=dict(required=True, type='str'), expiration_days=dict(type='int'), expiration_date=dict(), noncurrent_version_expiration_days=dict(type='int'), - noncurrent_version_storage_class=dict(default='glacier', type='str', choices=['glacier', 'onezone_ia', 'standard_ia']), + noncurrent_version_storage_class=dict(default='glacier', type='str', choices=s3_storage_class), noncurrent_version_transition_days=dict(type='int'), noncurrent_version_transitions=dict(type='list', elements='dict'), prefix=dict(), @@ -450,7 +451,7 @@ def main(): rule_id=dict(), state=dict(default='present', choices=['present', 'absent']), status=dict(default='enabled', choices=['enabled', 'disabled']), - storage_class=dict(default='glacier', type='str', choices=['glacier', 'onezone_ia', 'standard_ia']), + storage_class=dict(default='glacier', type='str', choices=s3_storage_class), transition_days=dict(type='int'), transition_date=dict(), transitions=dict(type='list', elements='dict'), From ef290bd0d562065f6cf8cc5c02a8daf95e89aee3 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 21 Oct 2020 01:31:53 -0700 Subject: [PATCH 093/129] Put an upper limit on boto3 in CI (#271) Ansible 2.9 has a test constraint for openshift >= 0.6.2, < 0.9.0. We're only specifying a minimum boto3 today and 1.16.x has released, which pulls in a newer urllib3 than that openshift supports. --- tests/integration/constraints.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/integration/constraints.txt b/tests/integration/constraints.txt index 88a8eb254f3..c105f290280 100644 --- a/tests/integration/constraints.txt +++ b/tests/integration/constraints.txt @@ -1,2 +1,3 @@ -boto3 >= 1.9.250 # minimum version that supports botocore 1.13.3 -botocore >= 1.13.3 # adds support for ECR image scanning +boto3 >= 1.9.250, <= 1.15.18 # minimum version that supports botocore 1.13.3, max that will work with ansible 2.9's other constraints +botocore<1.19.0,>=1.13.3 # adds support for ECR image scanning + From 0487b4b9e76c2393f30831dc163746cbd9cd2793 Mon Sep 17 00:00:00 2001 From: Rafael Driutti Date: Wed, 21 Oct 2020 17:07:25 +0200 Subject: [PATCH 094/129] Add tag support for redshift module (#34) * tag support for redshift module * add changelog * Switch to using module_defaults for the tests --- changelogs/fragments/34-redshift-tags.yml | 2 + plugins/modules/redshift.py | 85 +++++++++-- .../targets/redshift/tasks/main.yml | 141 ++++++++++++++---- 3 files changed, 187 insertions(+), 41 deletions(-) create mode 100644 changelogs/fragments/34-redshift-tags.yml diff --git a/changelogs/fragments/34-redshift-tags.yml b/changelogs/fragments/34-redshift-tags.yml new file mode 100644 index 00000000000..86d817e97e4 --- /dev/null +++ b/changelogs/fragments/34-redshift-tags.yml @@ -0,0 +1,2 @@ +minor_changes: +- redshift - add support for setting tags. diff --git a/plugins/modules/redshift.py b/plugins/modules/redshift.py index 9b6cd5bbbe3..7c992685494 100644 --- a/plugins/modules/redshift.py +++ b/plugins/modules/redshift.py @@ -167,11 +167,22 @@ - Whether the cluster should have enhanced VPC routing enabled. default: false type: bool + tags: + description: + - A dictionary of resource tags. + type: dict + aliases: ['resource_tags'] + version_added: "1.3.0" + purge_tags: + description: + - Purge existing tags that are not found in the cluster + type: bool + default: 'yes' + version_added: "1.3.0" requirements: [ 'boto3' ] extends_documentation_fragment: -- amazon.aws.aws -- amazon.aws.ec2 - + - amazon.aws.aws + - amazon.aws.ec2 ''' EXAMPLES = r''' @@ -251,6 +262,10 @@ description: status of the enhanced vpc routing feature. returned: success type: bool + tags: + description: aws tags for cluster. + returned: success + type: dict ''' try: @@ -258,10 +273,41 @@ except ImportError: pass # caught by AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict +from ansible_collections.amazon.aws.plugins.module_utils.iam import get_aws_account_id + + +def _ensure_tags(redshift, identifier, existing_tags, module): + """Compares and update resource tags""" + + account_id = get_aws_account_id(module) + region = module.params.get('region') + resource_arn = "arn:aws:redshift:{0}:{1}:cluster:{2}" .format(region, account_id, identifier) + tags = module.params.get('tags') + purge_tags = module.params.get('purge_tags') + + tags_to_add, tags_to_remove = compare_aws_tags(boto3_tag_list_to_ansible_dict(existing_tags), tags, purge_tags) + + if tags_to_add: + try: + redshift.create_tags(ResourceName=resource_arn, Tags=ansible_dict_to_boto3_tag_list(tags_to_add)) + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: + module.fail_json_aws(e, msg="Failed to add tags to cluster") + + if tags_to_remove: + try: + redshift.delete_tags(ResourceName=resource_arn, TagKeys=tags_to_remove) + except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: + module.fail_json_aws(e, msg="Failed to delete tags on cluster") + + changed = bool(tags_to_add or tags_to_remove) + return changed def _collect_facts(resource): @@ -291,12 +337,14 @@ def _collect_facts(resource): facts['url'] = None facts['port'] = None facts['availability_zone'] = None + facts['tags'] = {} if resource['ClusterStatus'] != "creating": facts['create_time'] = resource['ClusterCreateTime'] facts['url'] = resource['Endpoint']['Address'] facts['port'] = resource['Endpoint']['Port'] facts['availability_zone'] = resource['AvailabilityZone'] + facts['tags'] = boto3_tag_list_to_ansible_dict(resource['Tags']) return facts @@ -357,6 +405,7 @@ def create_cluster(module, redshift): d_b_name = module.params.get('db_name') wait = module.params.get('wait') wait_timeout = module.params.get('wait_timeout') + tags = module.params.get('tags') changed = True # Package up the optional parameters @@ -367,14 +416,17 @@ def create_cluster(module, redshift): 'cluster_parameter_group_name', 'automated_snapshot_retention_period', 'port', 'cluster_version', 'allow_version_upgrade', - 'number_of_nodes', 'publicly_accessible', - 'encrypted', 'elastic_ip', 'enhanced_vpc_routing'): + 'number_of_nodes', 'publicly_accessible', 'encrypted', + 'elastic_ip', 'enhanced_vpc_routing'): # https://github.com/boto/boto3/issues/400 if module.params.get(p) is not None: params[p] = module.params.get(p) if d_b_name: params['d_b_name'] = d_b_name + if tags: + tags = ansible_dict_to_boto3_tag_list(tags) + params['tags'] = tags try: _describe_cluster(redshift, identifier) @@ -406,6 +458,11 @@ def create_cluster(module, redshift): except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: module.fail_json_aws(e, msg="Failed to describe cluster") + if tags: + if _ensure_tags(redshift, identifier, resource['Tags'], module): + changed = True + resource = _describe_cluster(redshift, identifier) + return(changed, _collect_facts(resource)) @@ -481,6 +538,9 @@ def modify_cluster(module, redshift): identifier = module.params.get('identifier') wait = module.params.get('wait') wait_timeout = module.params.get('wait_timeout') + tags = module.params.get('tags') + purge_tags = module.params.get('purge_tags') + region = region = module.params.get('region') # Package up the optional parameters params = {} @@ -509,12 +569,10 @@ def modify_cluster(module, redshift): try: waiter.wait( ClusterIdentifier=identifier, - WaiterConfig=dict(MaxAttempts=attempts) - ) + WaiterConfig=dict(MaxAttempts=attempts)) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, - msg="Timeout waiting for cluster enhanced vpc routing modification" - ) + msg="Timeout waiting for cluster enhanced vpc routing modification") # change the rest try: @@ -543,6 +601,9 @@ def modify_cluster(module, redshift): except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e: module.fail_json(e, msg="Couldn't modify redshift cluster %s " % identifier) + if _ensure_tags(redshift, identifier, resource['Tags'], module): + resource = redshift.describe_clusters(ClusterIdentifier=identifier)['Clusters'][0] + return(True, _collect_facts(resource)) @@ -579,6 +640,8 @@ def main(): enhanced_vpc_routing=dict(type='bool', default=False), wait=dict(type='bool', default=False), wait_timeout=dict(type='int', default=300), + tags=dict(type='dict', aliases=['resource_tags']), + purge_tags=dict(type='bool', default=True) ) required_if = [ diff --git a/tests/integration/targets/redshift/tasks/main.yml b/tests/integration/targets/redshift/tasks/main.yml index 591ebc8c8d5..83504b297f8 100644 --- a/tests/integration/targets/redshift/tasks/main.yml +++ b/tests/integration/targets/redshift/tasks/main.yml @@ -6,25 +6,20 @@ # - EC2_REGION -> AWS_REGION # -- block: - - - name: set connection information for all tasks - set_fact: - aws_connection_info: &aws_connection_info - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" - security_token: "{{ security_token | default(omit) }}" - region: "{{ aws_region }}" - no_log: yes +- module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key }}" + aws_secret_key: "{{ aws_secret_key }}" + security_token: "{{ security_token | default(omit) }}" + region: "{{ aws_region }}" + block: # ============================================================ - name: test failure with no parameters redshift: - <<: *aws_connection_info register: result ignore_errors: true - - name: assert failure with no parameters assert: that: @@ -35,7 +30,6 @@ - name: test failure with only identifier redshift: identifier: '{{ redshift_cluster_name }}' - <<: *aws_connection_info register: result ignore_errors: true @@ -49,7 +43,6 @@ - name: test create with no identifier redshift: command: create - <<: *aws_connection_info register: result ignore_errors: true @@ -64,7 +57,6 @@ redshift: command: create identifier: "{{ redshift_cluster_name }}" - <<: *aws_connection_info register: result ignore_errors: true @@ -76,16 +68,15 @@ # ============================================================ - - name: test create with missing username + - name: test create with missing password redshift: command: create identifier: "{{ redshift_cluster_name }}" username: "{{ redshift_master_username }}" - <<: *aws_connection_info register: result ignore_errors: true - - name: assert create failure with missing username + - name: assert create failure with missing password assert: that: - 'result.failed' @@ -98,7 +89,6 @@ command: create identifier: "{{ redshift_cluster_name }}" password: "{{ reshift_master_password }}" - <<: *aws_connection_info register: result ignore_errors: true @@ -119,7 +109,9 @@ node_type: "{{ node_type }}" wait: yes wait_timeout: 1000 - <<: *aws_connection_info + tags: + foo: bar + Tizio: Caio register: result - debug: msg: "{{ result }}" @@ -129,6 +121,8 @@ that: - 'result.changed' - 'result.cluster.identifier == "{{ redshift_cluster_name }}"' + - 'result.cluster.tags.foo == "bar"' + - 'result.cluster.tags.Tizio == "Caio"' # ============================================================ @@ -139,7 +133,9 @@ username: "{{ redshift_master_username }}" password: "{{ reshift_master_password }}" node_type: "{{ node_type }}" - <<: *aws_connection_info + tags: + foo: bar + Tizio: Caio register: result - name: assert no change gets made to the existing cluster @@ -147,6 +143,10 @@ that: - 'not result.changed' - 'result.cluster.identifier == "{{ redshift_cluster_name }}"' + - 'result.cluster.tags.foo == "bar"' + - 'result.cluster.tags.Tizio == "Caio"' + - 'result.cluster.tags | count() == 2' + # ============================================================ - name: test modify cluster @@ -157,7 +157,8 @@ enhanced_vpc_routing: True wait: yes wait_timeout: 1000 - <<: *aws_connection_info + tags: + foo: bar register: result - name: assert cluster was modified @@ -166,13 +167,13 @@ - 'result.changed' - 'result.cluster.identifier == "{{ redshift_cluster_name }}-modified"' - 'result.cluster.enhanced_vpc_routing == True' - + - 'result.cluster.tags | count() == 1' + - 'result.cluster.tags.foo == "bar"' # ============================================================ - name: test delete with no cluster identifier redshift: command: delete - <<: *aws_connection_info register: result ignore_errors: true @@ -187,7 +188,6 @@ redshift: command: delete identifier: "{{ redshift_cluster_name }}" - <<: *aws_connection_info register: result ignore_errors: true @@ -206,7 +206,6 @@ skip_final_cluster_snapshot: true wait: yes wait_timeout: 1200 - <<: *aws_connection_info register: result - name: assert delete @@ -228,10 +227,8 @@ wait: yes db_name: "integration_test" wait_timeout: 1800 - <<: *aws_connection_info register: result - - name: assert create assert: that: @@ -239,6 +236,92 @@ - 'result.cluster.identifier == "{{ redshift_cluster_name }}"' - 'result.cluster.db_name == "integration_test"' + # ============================================================ + + - name: test tag update on existing cluster + redshift: + command: create + identifier: "{{ redshift_cluster_name }}" + username: "{{ redshift_master_username }}" + password: "{{ reshift_master_password }}" + node_type: "{{ node_type }}" + cluster_type: multi-node + number_of_nodes: 3 + wait: yes + db_name: "integration_test" + tags: + foo: bar + wait_timeout: 1800 + register: result + + + - name: assert tags change + assert: + that: + - 'result.changed' + - 'result.cluster.identifier == "{{ redshift_cluster_name }}"' + - 'result.cluster.db_name == "integration_test"' + - 'result.cluster.tags.foo == "bar"' + + + # ============================================================ + + - name: test purge tags + redshift: + command: create + identifier: "{{ redshift_cluster_name }}" + username: "{{ redshift_master_username }}" + password: "{{ reshift_master_password }}" + node_type: "{{ node_type }}" + cluster_type: multi-node + number_of_nodes: 3 + wait: yes + db_name: "integration_test" + tags: + test1: value1 + purge_tags: false + wait_timeout: 1800 + register: result + + + - name: assert tags change + assert: + that: + - 'result.changed' + - 'result.cluster.identifier == "{{ redshift_cluster_name }}"' + - 'result.cluster.db_name == "integration_test"' + - 'result.cluster.tags.test1 == "value1"' + - 'result.cluster.tags.foo == "bar"' + - 'result.cluster.tags | count() == 2' + + + + # ============================================================ + + - name: test no change to tags when tags is None + redshift: + command: create + identifier: "{{ redshift_cluster_name }}" + username: "{{ redshift_master_username }}" + password: "{{ reshift_master_password }}" + node_type: "{{ node_type }}" + cluster_type: multi-node + number_of_nodes: 3 + wait: yes + db_name: "integration_test" + wait_timeout: 1800 + register: result + + + - name: assert create + assert: + that: + - 'not result.changed' + - 'result.cluster.identifier == "{{ redshift_cluster_name }}"' + - 'result.cluster.db_name == "integration_test"' + - 'result.cluster.tags | count() == 2' + + # ============================================================ - name: test successful delete of multi-node cluster @@ -248,7 +331,6 @@ skip_final_cluster_snapshot: true wait: yes wait_timeout: 1200 - <<: *aws_connection_info register: result - name: assert delete @@ -265,7 +347,6 @@ skip_final_cluster_snapshot: true wait: yes wait_timeout: 1200 - <<: *aws_connection_info register: cleanup ignore_errors: yes retries: 10 From e93390ae61cd1190a809ce1381e65dbe001f4109 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Wed, 21 Oct 2020 22:12:05 -0700 Subject: [PATCH 095/129] Clean up test requirements (#275) We have unit test requirements from ansible/ansible that aren't needed for aws --- tests/unit/requirements.txt | 40 ------------------------------------- 1 file changed, 40 deletions(-) diff --git a/tests/unit/requirements.txt b/tests/unit/requirements.txt index a9772bea1f6..917ee278d67 100644 --- a/tests/unit/requirements.txt +++ b/tests/unit/requirements.txt @@ -1,42 +1,2 @@ boto3 placebo -pycrypto -passlib -pypsrp -python-memcached -pytz -pyvmomi -redis -requests -setuptools > 0.6 # pytest-xdist installed via requirements does not work with very old setuptools (sanity_ok) -unittest2 ; python_version < '2.7' -importlib ; python_version < '2.7' -netaddr -ipaddress -netapp-lib -solidfire-sdk-python - -# requirements for F5 specific modules -f5-sdk ; python_version >= '2.7' -f5-icontrol-rest ; python_version >= '2.7' -deepdiff - -# requirement for Fortinet specific modules -pyFMG - -# requirement for aci_rest module -xmljson - -# requirement for winrm connection plugin tests -pexpect - -# requirement for the linode module -linode-python # APIv3 -linode_api4 ; python_version > '2.6' # APIv4 - -# requirement for the gitlab module -python-gitlab -httmock - -# requirment for kubevirt modules -openshift ; python_version >= '2.7' From d02886f4d8c54433e872b72e16fff717153c6c0e Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Fri, 23 Oct 2020 00:25:24 +0200 Subject: [PATCH 096/129] stability: Increase the number of retries on ec2_instance tests (#187) * Split imports into a single line * Increase the max_attempts retries for the ec2_instance tests, we're running a *lot* in parallel which triggers RateLimiting errors --- plugins/modules/ec2_instance.py | 18 +++++++++--------- .../roles/ec2_instance/tasks/main.yml | 5 +++++ 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/plugins/modules/ec2_instance.py b/plugins/modules/ec2_instance.py index e87f64cdf29..aba7ac26b10 100644 --- a/plugins/modules/ec2_instance.py +++ b/plugins/modules/ec2_instance.py @@ -810,17 +810,17 @@ from ansible.module_utils.six import string_types from ansible.module_utils.six.moves.urllib import parse as urlparse +from ansible.module_utils._text import to_bytes from ansible.module_utils._text import to_native -import ansible_collections.amazon.aws.plugins.module_utils.ec2 as ec2_utils -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import (AWSRetry, - ansible_dict_to_boto3_filter_list, - compare_aws_tags, - boto3_tag_list_to_ansible_dict, - ansible_dict_to_boto3_tag_list, - camel_dict_to_snake_dict, - ) from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import snake_dict_to_camel_dict module = None @@ -917,7 +917,7 @@ def build_volume_spec(params): for int_value in ['volume_size', 'iops']: if int_value in volume['ebs']: volume['ebs'][int_value] = int(volume['ebs'][int_value]) - return [ec2_utils.snake_dict_to_camel_dict(v, capitalize_first=True) for v in volumes] + return [snake_dict_to_camel_dict(v, capitalize_first=True) for v in volumes] def add_or_update_instance_profile(instance, desired_profile_name): diff --git a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml index 188d97d2e9f..dc81199aabe 100644 --- a/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml +++ b/tests/integration/targets/ec2_instance/roles/ec2_instance/tasks/main.yml @@ -24,6 +24,11 @@ aws_secret_key: "{{ aws_secret_key }}" security_token: "{{ security_token | default(omit) }}" region: "{{ aws_region }}" + aws_config: + retries: + # Unfortunately AWSRetry doesn't support paginators and boto3's paginators + # don't support any configuration of the delay between retries. + max_attempts: 20 collections: - amazon.aws block: From a159cd7c8402166e6275d42968af6a037fd55f4a Mon Sep 17 00:00:00 2001 From: Giuseppe Chiesa <68604164+GiuseppeChiesa-TomTom@users.noreply.github.com> Date: Tue, 3 Nov 2020 13:46:07 +0100 Subject: [PATCH 097/129] fix chunk_size calculation by using boto3 S3 Transport defaults (#273) * fix chunk_size calculation by using boto3 S3 Transport defaults since defaults are used also for the upload function * implemented some integration tests for s3_sync * added changelog fragment --- .../273-fix-s3sync-etag-calculation.yaml | 2 + plugins/modules/s3_sync.py | 7 +- tests/integration/targets/s3_sync/aliases | 3 + .../targets/s3_sync/files/test1.txt | 1 + .../targets/s3_sync/files/test2.yml | 2 + .../targets/s3_sync/files/test3.json | 3 + .../integration/targets/s3_sync/meta/main.yml | 3 + .../targets/s3_sync/tasks/main.yml | 108 ++++++++++++++++++ 8 files changed, 125 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/273-fix-s3sync-etag-calculation.yaml create mode 100644 tests/integration/targets/s3_sync/aliases create mode 100644 tests/integration/targets/s3_sync/files/test1.txt create mode 100644 tests/integration/targets/s3_sync/files/test2.yml create mode 100644 tests/integration/targets/s3_sync/files/test3.json create mode 100644 tests/integration/targets/s3_sync/meta/main.yml create mode 100644 tests/integration/targets/s3_sync/tasks/main.yml diff --git a/changelogs/fragments/273-fix-s3sync-etag-calculation.yaml b/changelogs/fragments/273-fix-s3sync-etag-calculation.yaml new file mode 100644 index 00000000000..bd408c87efa --- /dev/null +++ b/changelogs/fragments/273-fix-s3sync-etag-calculation.yaml @@ -0,0 +1,2 @@ +bugfixes: + - s3_sync - fix chunk_size calculation (https://github.com/ansible-collections/community.aws/issues/272) diff --git a/plugins/modules/s3_sync.py b/plugins/modules/s3_sync.py index 8909b3524f3..78326587941 100644 --- a/plugins/modules/s3_sync.py +++ b/plugins/modules/s3_sync.py @@ -237,7 +237,10 @@ try: import botocore + from boto3.s3.transfer import TransferConfig + DEFAULT_CHUNK_SIZE = TransferConfig().multipart_chunksize except ImportError: + DEFAULT_CHUNK_SIZE = 5 * 1024 * 1024 pass # Handled by AnsibleAWSModule from ansible.module_utils._text import to_text @@ -270,10 +273,6 @@ # # You should have received a copy of the GNU General Public License # along with calculate_multipart_etag. If not, see . - -DEFAULT_CHUNK_SIZE = 5 * 1024 * 1024 - - def calculate_multipart_etag(source_path, chunk_size=DEFAULT_CHUNK_SIZE): """ calculates a multipart upload etag for amazon s3 diff --git a/tests/integration/targets/s3_sync/aliases b/tests/integration/targets/s3_sync/aliases new file mode 100644 index 00000000000..efe35f38150 --- /dev/null +++ b/tests/integration/targets/s3_sync/aliases @@ -0,0 +1,3 @@ +cloud/aws +shippable/aws/group1 + diff --git a/tests/integration/targets/s3_sync/files/test1.txt b/tests/integration/targets/s3_sync/files/test1.txt new file mode 100644 index 00000000000..f079749c42f --- /dev/null +++ b/tests/integration/targets/s3_sync/files/test1.txt @@ -0,0 +1 @@ +test1 \ No newline at end of file diff --git a/tests/integration/targets/s3_sync/files/test2.yml b/tests/integration/targets/s3_sync/files/test2.yml new file mode 100644 index 00000000000..b80aba06e06 --- /dev/null +++ b/tests/integration/targets/s3_sync/files/test2.yml @@ -0,0 +1,2 @@ +--- +test2: example diff --git a/tests/integration/targets/s3_sync/files/test3.json b/tests/integration/targets/s3_sync/files/test3.json new file mode 100644 index 00000000000..23483fb2621 --- /dev/null +++ b/tests/integration/targets/s3_sync/files/test3.json @@ -0,0 +1,3 @@ +{ + "test3": "value" +} \ No newline at end of file diff --git a/tests/integration/targets/s3_sync/meta/main.yml b/tests/integration/targets/s3_sync/meta/main.yml new file mode 100644 index 00000000000..1f64f1169a9 --- /dev/null +++ b/tests/integration/targets/s3_sync/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - prepare_tests + - setup_ec2 diff --git a/tests/integration/targets/s3_sync/tasks/main.yml b/tests/integration/targets/s3_sync/tasks/main.yml new file mode 100644 index 00000000000..965e11828bc --- /dev/null +++ b/tests/integration/targets/s3_sync/tasks/main.yml @@ -0,0 +1,108 @@ +--- +- name: S3 bucket creation + collections: + - amazon.aws + - community.general + module_defaults: + group/aws: + aws_access_key: '{{ aws_access_key }}' + aws_secret_key: '{{ aws_secret_key }}' + security_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region }}' + block: + # ============================================================ + - name: Create simple s3_bucket + s3_bucket: + name: "{{ resource_prefix }}-testbucket-ansible" + state: present + register: output + + - assert: + that: + - output.changed + - output.name == '{{ resource_prefix }}-testbucket-ansible' + - not output.requester_pays + # ============================================================ + - name: Prepare fixtures folder + file: + path: "{{ output_dir }}/s3_sync" + state: directory + mode: '0755' + + - name: Prepare files to sync + copy: + src: "{{ item }}" + dest: "{{ output_dir }}/s3_sync/{{ item }}" + mode: preserve + with_items: + - test1.txt + - test2.yml + - test3.json + + - name: Prepare file with size bigger than chunk size + shell: | + dd if=/dev/zero of=test4.txt bs=1M count=10 + args: + chdir: "{{ output_dir }}/s3_sync" + + - name: Sync files with remote bucket + s3_sync: + bucket: "{{ resource_prefix }}-testbucket-ansible" + file_root: "{{ output_dir }}/s3_sync" + register: output + - assert: + that: + - output is changed + + # ============================================================ + - name: Sync files already present + s3_sync: + bucket: "{{ resource_prefix }}-testbucket-ansible" + file_root: "{{ output_dir }}/s3_sync" + register: output + - assert: + that: + - output is not changed + + # ============================================================ + - name: Sync files with etag calculation + s3_sync: + bucket: "{{ resource_prefix }}-testbucket-ansible" + file_root: "{{ output_dir }}/s3_sync" + file_change_strategy: checksum + register: output + - assert: + that: + - output is not changed + + # ============================================================ + # DOCUMENTATION EXAMPLES + # ============================================================ + - name: all the options + s3_sync: + bucket: "{{ resource_prefix }}-testbucket-ansible" + file_root: "{{ output_dir }}/s3_sync" + mime_map: + .yml: application/text + .json: application/text + key_prefix: config_files/web + file_change_strategy: force + permission: public-read + cache_control: "public, max-age=31536000" + include: "*" + exclude: "*.txt,.*" + register: output + + - assert: + that: + - output is changed + + always: + - name: Ensure all buckets are deleted + s3_bucket: + name: "{{item}}" + state: absent + force: true + ignore_errors: yes + with_items: + - "{{ resource_prefix }}-testbucket-ansible" From 7b2b4f9bbe0c8cb10cb65a3b06c749950ceae471 Mon Sep 17 00:00:00 2001 From: nikhilpatne <66066035+nikhilpatne@users.noreply.github.com> Date: Mon, 9 Nov 2020 21:54:45 +0530 Subject: [PATCH 098/129] [BUG_FIX] ec2_win_password issue. (#283) * [BUG_FIX] ec2_win_password issue ( #142 ) * Creating a changelog fragment --- .../fragments/283-fixed-ec2_win_password-return-state.yaml | 3 +++ plugins/modules/ec2_win_password.py | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml diff --git a/changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml b/changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml new file mode 100644 index 00000000000..bacacd603bb --- /dev/null +++ b/changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml @@ -0,0 +1,3 @@ +bugfixes: + - ec2_win_password - return failed if unable to decode the password (https://github.com/ansible-collections/community.aws/issues/142) + - ec2_win_password - on success return state as not changed (https://github.com/ansible-collections/community.aws/issues/145) \ No newline at end of file diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py index 8f46da5602d..ed06f705485 100644 --- a/plugins/modules/ec2_win_password.py +++ b/plugins/modules/ec2_win_password.py @@ -187,13 +187,13 @@ def ec2_win_password(module): decrypted = None if decrypted is None: - module.exit_json(win_password='', changed=False) + module.fail_json(msg="unable to decrypt password", win_password='', changed=False) else: if wait: elapsed = datetime.datetime.now() - start - module.exit_json(win_password=decrypted, changed=True, elapsed=elapsed.seconds) + module.exit_json(win_password=decrypted, changed=False, elapsed=elapsed.seconds) else: - module.exit_json(win_password=decrypted, changed=True) + module.exit_json(win_password=decrypted, changed=False) def main(): From a45b777a5d1217746e98bebf7616f0ce16698eb9 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 24 Sep 2020 20:07:25 +0200 Subject: [PATCH 099/129] rds_instance: Set no_log=False on force_update_password --- plugins/modules/rds_instance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/rds_instance.py b/plugins/modules/rds_instance.py index ea2e8ba11b1..3aa9c7f67dc 100644 --- a/plugins/modules/rds_instance.py +++ b/plugins/modules/rds_instance.py @@ -1078,7 +1078,7 @@ def main(): arg_spec = dict( state=dict(choices=['present', 'absent', 'terminated', 'running', 'started', 'stopped', 'rebooted', 'restarted'], default='present'), creation_source=dict(choices=['snapshot', 's3', 'instance']), - force_update_password=dict(type='bool', default=False), + force_update_password=dict(type='bool', default=False, no_log=False), purge_cloudwatch_logs_exports=dict(type='bool', default=True), purge_tags=dict(type='bool', default=True), read_replica=dict(type='bool'), From 9a7ac8727ebb95a449da0908e0543122698b42f3 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Tue, 10 Nov 2020 20:56:00 +0100 Subject: [PATCH 100/129] changelog --- changelogs/fragments/244-rds_instance-no_log.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 changelogs/fragments/244-rds_instance-no_log.yml diff --git a/changelogs/fragments/244-rds_instance-no_log.yml b/changelogs/fragments/244-rds_instance-no_log.yml new file mode 100644 index 00000000000..69b51383dd2 --- /dev/null +++ b/changelogs/fragments/244-rds_instance-no_log.yml @@ -0,0 +1,2 @@ +minor_changes: +- rds_instance - set ``no_log=False`` on ``force_update_password`` to clear warning (https://github.com/ansible-collections/community.aws/issues/241) From f97144e2aff070658dd7d9e2680ac875f16a0689 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Tue, 10 Nov 2020 21:00:26 +0100 Subject: [PATCH 101/129] Update changelogs/fragments/244-rds_instance-no_log.yml Co-authored-by: Felix Fontein --- changelogs/fragments/244-rds_instance-no_log.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/244-rds_instance-no_log.yml b/changelogs/fragments/244-rds_instance-no_log.yml index 69b51383dd2..3acb6f863fc 100644 --- a/changelogs/fragments/244-rds_instance-no_log.yml +++ b/changelogs/fragments/244-rds_instance-no_log.yml @@ -1,2 +1,2 @@ minor_changes: -- rds_instance - set ``no_log=False`` on ``force_update_password`` to clear warning (https://github.com/ansible-collections/community.aws/issues/241) +- rds_instance - set ``no_log=False`` on ``force_update_password`` to clear warning (https://github.com/ansible-collections/community.aws/issues/241). From 4a37d62a33fd8e067586485de6b34ac02447da3a Mon Sep 17 00:00:00 2001 From: Sakar Date: Thu, 12 Nov 2020 00:54:27 -0500 Subject: [PATCH 102/129] Minor documentation fix [aws_api_gateway] (#291) --- plugins/modules/aws_api_gateway.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index 08f276b6303..5267daf7079 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -17,12 +17,12 @@ - Allows for the management of API Gateway APIs - Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do - not give api_id then a new API will be create each time + not give api_id then a new API will be created each time this is run. - Beware that there are very hard limits on the rate that you can call API Gateway's REST API. You may need to patch your boto. See U(https://github.com/boto/boto3/issues/876) - and discuss with your AWS rep. + and discuss it with your AWS rep. - swagger_file and swagger_text are passed directly on to AWS transparently whilst swagger_dict is an ansible dict which is converted to JSON before the API definitions are uploaded. @@ -97,7 +97,7 @@ description: - Type of endpoint configuration, use C(EDGE) for an edge optimized API endpoint, - C(REGIONAL) for just a regional deploy or PRIVATE for a private API. - - This will flag will only be used when creating a new API Gateway setup, not for updates. + - This flag will only be used when creating a new API Gateway setup, not for updates. choices: ['EDGE', 'REGIONAL', 'PRIVATE'] type: str default: EDGE @@ -109,7 +109,7 @@ notes: - A future version of this module will probably use tags or another - ID so that an API can be create only once. + ID so that an API can be created only once. - As an early work around an intermediate version will probably do the same using a tag embedded in the API name. From fb3a2d1881efbbb11fa9dd27eb86bd02dc4804a6 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 12 Nov 2020 09:15:31 +0100 Subject: [PATCH 103/129] Add some extra links to the README --- README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b31b5ff1b7f..f5f19b2aaaf 100644 --- a/README.md +++ b/README.md @@ -261,9 +261,12 @@ You can also join us on: - Freenode IRC - ``#ansible-aws`` Freenode channel -See the [Collection Developer Guide](https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html) for details on contributing to this repository. +### More information about contributing -See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) for details on contributing to Ansible more generally. +- [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) - Details on contributing to Ansible +- [Contributing to Collections](https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html#contributing-to-collections) - How to check out collection git repositories correctly +- [Guidelines for Ansible Amazon AWS module development](https://docs.ansible.com/ansible/latest/dev_guide/platforms/aws_guidelines.html) +- [Getting Started With AWS Ansible Module Development and Community Contribution](https://www.ansible.com/blog/getting-started-with-aws-ansible-module-development) ## Release notes From 3f762663ec7d686c7b51e69d3fe80d25eb75f515 Mon Sep 17 00:00:00 2001 From: Markus Bergholz Date: Thu, 12 Nov 2020 12:18:50 +0100 Subject: [PATCH 104/129] fix element type for load_balancers in ecs_service (#286) * #265 fix element type for load_balancers in ecs_service --- changelogs/fragments/265-fix-element-type-ecs_service.yml | 2 ++ plugins/modules/ecs_service.py | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/265-fix-element-type-ecs_service.yml diff --git a/changelogs/fragments/265-fix-element-type-ecs_service.yml b/changelogs/fragments/265-fix-element-type-ecs_service.yml new file mode 100644 index 00000000000..61bbd20a8ce --- /dev/null +++ b/changelogs/fragments/265-fix-element-type-ecs_service.yml @@ -0,0 +1,2 @@ +bugfixes: + - ecs_service - fix element type for ``load_balancers`` parameter (https://github.com/ansible-collections/community.aws/issues/265). diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index 462f60cb946..499fa0d4711 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -52,7 +52,7 @@ - The list of ELBs defined for this service. required: false type: list - elements: str + elements: dict desired_count: description: - The count of how many instances of the service. @@ -648,7 +648,7 @@ def main(): name=dict(required=True, type='str'), cluster=dict(required=False, type='str'), task_definition=dict(required=False, type='str'), - load_balancers=dict(required=False, default=[], type='list', elements='str'), + load_balancers=dict(required=False, default=[], type='list', elements='dict'), desired_count=dict(required=False, type='int'), client_token=dict(required=False, default='', type='str'), role=dict(required=False, default='', type='str'), From 2610815791db76fba262d4d2c675c1ba9b6338c2 Mon Sep 17 00:00:00 2001 From: Markus Bergholz Date: Thu, 12 Nov 2020 12:20:16 +0100 Subject: [PATCH 105/129] fix wrong element type for containers in ecs_taskdefinition (#284) * #264 wrong element type for parameter --- ...64-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml | 2 ++ plugins/modules/ecs_taskdefinition.py | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml diff --git a/changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml b/changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml new file mode 100644 index 00000000000..b68ffff4f4e --- /dev/null +++ b/changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml @@ -0,0 +1,2 @@ +bugfixes: + - ecs_taskdefinition - fixes elements type for ``containers`` parameter (https://github.com/ansible-collections/community.aws/issues/264). diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index b7afe864ee8..c1a30b33307 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -47,7 +47,7 @@ - A list of containers definitions. required: False type: list - elements: str + elements: dict network_mode: description: - The Docker networking mode to use for the containers in the task. @@ -321,7 +321,7 @@ def main(): family=dict(required=False, type='str'), revision=dict(required=False, type='int'), force_create=dict(required=False, default=False, type='bool'), - containers=dict(required=False, type='list', elements='str'), + containers=dict(required=False, type='list', elements='dict'), network_mode=dict(required=False, default='bridge', choices=['default', 'bridge', 'host', 'none', 'awsvpc'], type='str'), task_role_arn=dict(required=False, default='', type='str'), execution_role_arn=dict(required=False, default='', type='str'), From 9be367e2b44ae2c85fefb426760b96282c30dff4 Mon Sep 17 00:00:00 2001 From: Dmytro Vorotyntsev <2937451+vorotech@users.noreply.github.com> Date: Thu, 12 Nov 2020 13:41:32 +0200 Subject: [PATCH 106/129] Adding new module s3_metrics_configuration (#217) * new module s3_metrics_configuration * fixed dict comparison * added missed quote at doc section * fixing lint issues * prefer to use module_defaults for aws variables * addressed code review comments * simplified imports * log command results to understand the issue * install awscli --- meta/runtime.yml | 1 + plugins/modules/s3_metrics_configuration.py | 221 ++++++++++++++++ .../targets/s3_metrics_configuration/aliases | 2 + .../defaults/main.yml | 2 + .../s3_metrics_configuration/tasks/main.yml | 243 ++++++++++++++++++ .../tasks/s3_metrics_info.yml | 16 ++ 6 files changed, 485 insertions(+) create mode 100644 plugins/modules/s3_metrics_configuration.py create mode 100644 tests/integration/targets/s3_metrics_configuration/aliases create mode 100644 tests/integration/targets/s3_metrics_configuration/defaults/main.yml create mode 100644 tests/integration/targets/s3_metrics_configuration/tasks/main.yml create mode 100644 tests/integration/targets/s3_metrics_configuration/tasks/s3_metrics_info.yml diff --git a/meta/runtime.yml b/meta/runtime.yml index ab0ae7a969e..c4935c86bb7 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -209,6 +209,7 @@ action_groups: - s3_bucket_notification - s3_lifecycle - s3_logging + - s3_metrics_configuration - s3_sync - s3_website - sns diff --git a/plugins/modules/s3_metrics_configuration.py b/plugins/modules/s3_metrics_configuration.py new file mode 100644 index 00000000000..729503cf88b --- /dev/null +++ b/plugins/modules/s3_metrics_configuration.py @@ -0,0 +1,221 @@ +#!/usr/bin/python +# Copyright: Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = r''' +--- +module: s3_metrics_configuration +version_added: 1.3.0 +short_description: Manage s3 bucket metrics configuration in AWS +description: + - Manage s3 bucket metrics configuration in AWS which allows to get the CloudWatch request metrics for the objects in a bucket +author: Dmytro Vorotyntsev (@vorotech) +notes: + - This modules manages single metrics configuration, the s3 bucket might have up to 1,000 metrics configurations + - To request metrics for the entire bucket, create a metrics configuration without a filter + - Metrics configurations are necessary only to enable request metric, bucket-level daily storage metrics are always turned on +options: + bucket_name: + description: + - "Name of the s3 bucket" + required: true + type: str + id: + description: + - "The ID used to identify the metrics configuration" + required: true + type: str + filter_prefix: + description: + - "A prefix used when evaluating a metrics filter" + required: false + type: str + filter_tags: + description: + - "A dictionary of one or more tags used when evaluating a metrics filter" + required: false + aliases: ['filter_tag'] + type: dict + state: + description: + - "Create or delete metrics configuration" + default: present + choices: ['present', 'absent'] + type: str +extends_documentation_fragment: +- amazon.aws.aws +- amazon.aws.ec2 + +''' + +EXAMPLES = r''' +# Note: These examples do not set authentication details, see the AWS Guide for details. + +- name: Create a metrics configuration that enables metrics for an entire bucket + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: EntireBucket + state: present + +- name: Put a metrics configuration that enables metrics for objects starting with a prefix + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: Assets + filter_prefix: assets + state: present + +- name: Put a metrics configuration that enables metrics for objects with specific tag + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: Assets + filter_tag: + kind: asset + state: present + +- name: Put a metrics configuration that enables metrics for objects that start with a particular prefix and have specific tags applied + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: ImportantBlueDocuments + filter_prefix: documents + filter_tags: + priority: high + class: blue + state: present + +- name: Delete metrics configuration + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: EntireBucket + state: absent + +''' + +try: + import boto3 + import botocore + from botocore.exceptions import ClientError, BotoCoreError +except ImportError: + pass # Handled by AnsibleAWSModule + +from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule, is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry, ansible_dict_to_boto3_tag_list + + +def _create_metrics_configuration(mc_id, filter_prefix, filter_tags): + payload = { + 'Id': mc_id + } + # Just a filter_prefix or just a single tag filter is a special case + if filter_prefix and not filter_tags: + payload['Filter'] = { + 'Prefix': filter_prefix + } + elif not filter_prefix and len(filter_tags) == 1: + payload['Filter'] = { + 'Tag': ansible_dict_to_boto3_tag_list(filter_tags)[0] + } + # Otherwise we need to use 'And' + elif filter_tags: + payload['Filter'] = { + 'And': { + 'Tags': ansible_dict_to_boto3_tag_list(filter_tags) + } + } + if filter_prefix: + payload['Filter']['And']['Prefix'] = filter_prefix + + return payload + + +def create_or_update_metrics_configuration(client, module): + bucket_name = module.params.get('bucket_name') + mc_id = module.params.get('id') + filter_prefix = module.params.get('filter_prefix') + filter_tags = module.params.get('filter_tags') + + try: + response = client.get_bucket_metrics_configuration(aws_retry=True, Bucket=bucket_name, Id=mc_id) + metrics_configuration = response['MetricsConfiguration'] + except is_boto3_error_code('NoSuchConfiguration'): + metrics_configuration = None + except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to get bucket metrics configuration") + + new_configuration = _create_metrics_configuration(mc_id, filter_prefix, filter_tags) + + if metrics_configuration: + if metrics_configuration == new_configuration: + module.exit_json(changed=False) + + if module.check_mode: + module.exit_json(changed=True) + + try: + client.put_bucket_metrics_configuration( + aws_retry=True, + Bucket=bucket_name, + Id=mc_id, + MetricsConfiguration=new_configuration + ) + except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to put bucket metrics configuration '%s'" % mc_id) + + module.exit_json(changed=True) + + +def delete_metrics_configuration(client, module): + bucket_name = module.params.get('bucket_name') + mc_id = module.params.get('id') + + try: + client.get_bucket_metrics_configuration(aws_retry=True, Bucket=bucket_name, Id=mc_id) + except is_boto3_error_code('NoSuchConfiguration'): + module.exit_json(changed=False) + except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to get bucket metrics configuration") + + if module.check_mode: + module.exit_json(changed=True) + + try: + client.delete_bucket_metrics_configuration(aws_retry=True, Bucket=bucket_name, Id=mc_id) + except is_boto3_error_code('NoSuchConfiguration'): + module.exit_json(changed=False) + except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, msg="Failed to delete bucket metrics configuration '%s'" % mc_id) + + module.exit_json(changed=True) + + +def main(): + argument_spec = dict( + bucket_name=dict(type='str', required=True), + id=dict(type='str', required=True), + filter_prefix=dict(type='str', required=False), + filter_tags=dict(default={}, type='dict', required=False, aliases=['filter_tag']), + state=dict(default='present', type='str', choices=['present', 'absent']), + ) + module = AnsibleAWSModule( + argument_spec=argument_spec, + supports_check_mode=True + ) + + state = module.params.get('state') + + try: + client = module.client('s3', retry_decorator=AWSRetry.exponential_backoff(retries=10, delay=3)) + except (BotoCoreError, ClientError) as e: + module.fail_json_aws(e, msg='Failed to connect to AWS') + + if state == 'present': + create_or_update_metrics_configuration(client, module) + elif state == 'absent': + delete_metrics_configuration(client, module) + + +if __name__ == '__main__': + main() diff --git a/tests/integration/targets/s3_metrics_configuration/aliases b/tests/integration/targets/s3_metrics_configuration/aliases new file mode 100644 index 00000000000..fd132af5f03 --- /dev/null +++ b/tests/integration/targets/s3_metrics_configuration/aliases @@ -0,0 +1,2 @@ +cloud/aws +shippable/aws/group1 \ No newline at end of file diff --git a/tests/integration/targets/s3_metrics_configuration/defaults/main.yml b/tests/integration/targets/s3_metrics_configuration/defaults/main.yml new file mode 100644 index 00000000000..844e5cc2c71 --- /dev/null +++ b/tests/integration/targets/s3_metrics_configuration/defaults/main.yml @@ -0,0 +1,2 @@ +--- +test_bucket: '{{ resource_prefix }}-testbucket' diff --git a/tests/integration/targets/s3_metrics_configuration/tasks/main.yml b/tests/integration/targets/s3_metrics_configuration/tasks/main.yml new file mode 100644 index 00000000000..ba5cce9e648 --- /dev/null +++ b/tests/integration/targets/s3_metrics_configuration/tasks/main.yml @@ -0,0 +1,243 @@ +--- +# Integration tests for s3_metrics_configuration +# +# Notes: +# - The module only outputs 'changed' since its very simple +# +- module_defaults: + group/aws: + aws_access_key: '{{ aws_access_key | default(omit) }}' + aws_secret_key: '{{ aws_secret_key | default(omit) }}' + security_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region | default(omit) }}' + collections: + - amazon.aws + block: + + # TODO: Until there's a module to get info s3 metrics configuration, awscli is needed + - name: Install awscli + pip: + state: present + name: awscli + + # ============================================================ + - name: Try to create metrics configuration for non-existing bucket + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: present + register: result + ignore_errors: yes + + - assert: + that: + - result is failed + + # ============================================================ + - name: Create simple s3_bucket to act upon it + s3_bucket: + name: '{{ test_bucket }}' + state: present + register: output + + - assert: + that: + - output is changed + - output.name == test_bucket + + # ============================================================ + - name: Create a metrics configuration under check mode + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: present + check_mode: yes + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - metrics_info | selectattr('Id', 'search', 'EntireBucket') | list | length == 0 + + # ============================================================ + - name: Create a metrics configuration that enables metrics for an entire bucket + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: present + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - metrics_info | selectattr('Id', 'search', 'EntireBucket') | list | length == 1 + + # ============================================================ + - name: Create a metrics configuration idempotency under check mode + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: present + check_mode: yes + register: result + + - assert: + that: + - result is not changed + + # ============================================================ + - name: Create a metrics configuration idempotency + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: present + register: result + + - assert: + that: + - result is not changed + + # ============================================================ + - name: Put a metrics configuration that enables metrics for objects starting with a prefix + s3_metrics_configuration: + bucket_name: "{{ test_bucket }}" + id: Assets + filter_prefix: assets + state: present + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - (metrics_info | selectattr('Id', 'search', 'Assets') | list | first).Filter.Prefix == 'assets' + + # ============================================================ + - name: Update existing metrics configuration under check mode + s3_metrics_configuration: + bucket_name: "{{ test_bucket }}" + id: Assets + filter_tag: + kind: Asset + state: present + check_mode: yes + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - (metrics_info | selectattr('Id', 'search', 'Assets') | list | first).Filter.Prefix == 'assets' + - (metrics_info | selectattr('Id', 'search', 'Assets') | list | first).Filter.Tag is not defined + + # ============================================================ + - name: Update existing metrics configuration and enable metrics for objects with specific tag + s3_metrics_configuration: + bucket_name: "{{ test_bucket }}" + id: Assets + filter_tag: + kind: Asset + state: present + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - (metrics_info | selectattr('Id', 'search', 'Assets') | list | first).Filter.Prefix is not defined + - (metrics_info | selectattr('Id', 'search', 'Assets') | list | first).Filter.Tag.Key == 'kind' + - (metrics_info | selectattr('Id', 'search', 'Assets') | list | first).Filter.Tag.Value == 'Asset' + + # ============================================================ + - name: Put a metrics configuration that enables metrics for objects that start with a particular prefix and have specific tags applied + s3_metrics_configuration: + bucket_name: "{{ test_bucket }}" + id: ImportantBlueDocuments + filter_prefix: documents + filter_tags: + priority: High + class: Blue + state: present + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - (metrics_info | selectattr('Id', 'search', 'ImportantBlueDocuments') | list | first).Filter.And.Prefix == 'documents' + - (metrics_info | selectattr('Id', 'search', 'ImportantBlueDocuments') | list | first).Filter.And.Tags[0].Key == 'priority' + - (metrics_info | selectattr('Id', 'search', 'ImportantBlueDocuments') | list | first).Filter.And.Tags[0].Value == 'High' + - (metrics_info | selectattr('Id', 'search', 'ImportantBlueDocuments') | list | first).Filter.And.Tags[1].Key == 'class' + - (metrics_info | selectattr('Id', 'search', 'ImportantBlueDocuments') | list | first).Filter.And.Tags[1].Value == 'Blue' + + # ============================================================ + - name: Delete metrics configuration in check mode + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: absent + check_mode: yes + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - metrics_info | selectattr('Id', 'search', 'EntireBucket') | list | length == 1 # still present + + # ============================================================ + - name: Delete metrics configuration + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: absent + register: result + + - include_tasks: './s3_metrics_info.yml' + + - assert: + that: + - result is changed + - metrics_info | selectattr('Id', 'search', 'EntireBucket') | list | length == 0 + + # ============================================================ + - name: Try to delete non-existing metrics configuration + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}' + id: 'EntireBucket' + state: absent + register: result + + - assert: + that: + - result is not changed + + # ============================================================ + - name: Try to delete metrics configuration for non-existing bucket + s3_metrics_configuration: + bucket_name: '{{ test_bucket }}-non-existing' + id: 'EntireBucket' + state: absent + register: result + ignore_errors: yes + + - assert: + that: + - result is failed + + # ============================================================ + always: + - name: Delete test bucket + s3_bucket: + name: '{{ test_bucket }}' + state: absent + ignore_errors: yes diff --git a/tests/integration/targets/s3_metrics_configuration/tasks/s3_metrics_info.yml b/tests/integration/targets/s3_metrics_configuration/tasks/s3_metrics_info.yml new file mode 100644 index 00000000000..cca7cad0503 --- /dev/null +++ b/tests/integration/targets/s3_metrics_configuration/tasks/s3_metrics_info.yml @@ -0,0 +1,16 @@ +--- +# Utility tasks to list bucket metrics configurations +# TODO: Update this when an s3_metrics_configuration_info module exists +- name: List s3 bucket metrics configurations + command: > + aws s3api list-bucket-metrics-configurations + --bucket {{ test_bucket }} + environment: + AWS_ACCESS_KEY_ID: "{{ aws_access_key | default(omit) }}" + AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key | default(omit) }}" + AWS_SESSION_TOKEN: "{{ security_token | default(omit) }}" + AWS_DEFAULT_REGION: "{{ aws_region | default(omit) }}" + register: list_comand_result + +- set_fact: + metrics_info: "{{ (list_comand_result.stdout | from_json)['MetricsConfigurationList'] | default([]) }}" From 3c8e1c174133afa6faa812806fb0111599e9ebe0 Mon Sep 17 00:00:00 2001 From: Harpreet Singh Date: Tue, 17 Nov 2020 03:53:07 -0500 Subject: [PATCH 107/129] Remove myself from maintainers list (#299) --- .github/BOTMETA.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/BOTMETA.yml b/.github/BOTMETA.yml index edebc260b1e..ffeb7f1194e 100644 --- a/.github/BOTMETA.yml +++ b/.github/BOTMETA.yml @@ -96,7 +96,7 @@ files: $modules/aws_eks_cluster.py: authors: willthames $modules/aws_elasticbeanstalk_app.py: - authors: hsingh viper233 + authors: viper233 $modules/aws_inspector_target.py: authors: dennisconrad $modules/aws_kms.py: From 60a4758f4d2db1f279819095424db5d9b2d9b9e2 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 23 Nov 2020 23:43:07 +0100 Subject: [PATCH 108/129] Remove integration test reliance on the pre-existence of ansible_lambda_role (#63) * Migrate lambda tests to a unique IAM role (and clean up afterwards) * Migrate lambda_policy to a unique IAM role per-test (and clean up) * Use the Amazon provided AWSXrayWriteOnlyAccess policy rather than creating something custom * Migrate sns_topic to a unique IAM role per-test (and clean up) * Migrate s3_bucket_notifications to a unique IAM role per-test (and clean up) * CI relies on the very specific ansible-test-* pattern for role names * Minor lambda test cleanup - Reorder - Comments and spacing - Remove testing for standard AnsibleAWSModule boto behaviour, we have thorough tests for this now --- .../roles/elb_lambda_target/tasks/main.yml | 4 +- .../targets/lambda/defaults/main.yml | 11 +- .../lambda/files/minimal_trust_policy.json | 12 ++ .../integration/targets/lambda/tasks/main.yml | 163 ++++++++++-------- .../targets/lambda_policy/defaults/main.yml | 11 +- .../targets/lambda_policy/tasks/main.yml | 77 ++++----- .../s3_bucket_notification/defaults/main.yml | 11 +- .../files/lambda-trust-policy.json | 12 ++ .../s3_bucket_notification/tasks/main.yml | 117 +++---------- .../targets/sns_topic/defaults/main.yml | 7 + .../sns_topic/files/lambda-policy.json | 14 -- .../targets/sns_topic/tasks/main.yml | 26 ++- 12 files changed, 223 insertions(+), 242 deletions(-) create mode 100644 tests/integration/targets/lambda/files/minimal_trust_policy.json create mode 100644 tests/integration/targets/s3_bucket_notification/files/lambda-trust-policy.json delete mode 100644 tests/integration/targets/sns_topic/files/lambda-policy.json diff --git a/tests/integration/targets/elb_target/playbooks/roles/elb_lambda_target/tasks/main.yml b/tests/integration/targets/elb_target/playbooks/roles/elb_lambda_target/tasks/main.yml index 6a26b1f8ce1..fb310b848c5 100644 --- a/tests/integration/targets/elb_target/playbooks/roles/elb_lambda_target/tasks/main.yml +++ b/tests/integration/targets/elb_target/playbooks/roles/elb_lambda_target/tasks/main.yml @@ -16,9 +16,9 @@ - name: create or update service-role for lambda iam_role: name: '{{ lambda_role_name }}' - assume_role_policy_document: '{{ lookup(''file'', role_path + ''/files/assume-role.json'') }}' + assume_role_policy_document: '{{ lookup("file", role_path + "/files/assume-role.json") }}' managed_policy: - - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole + - 'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess' register: ROLE_ARN - name: when it is too fast, the role is not usable. pause: diff --git a/tests/integration/targets/lambda/defaults/main.yml b/tests/integration/targets/lambda/defaults/main.yml index d227210344f..ea29794efe0 100644 --- a/tests/integration/targets/lambda/defaults/main.yml +++ b/tests/integration/targets/lambda/defaults/main.yml @@ -1,3 +1,10 @@ --- -# defaults file for aws_lambda test -lambda_function_name: '{{resource_prefix}}' +# defaults file for lambda integration test +lambda_function_name: '{{ resource_prefix }}' +# IAM role names have to be less than 64 characters +# The 8 digit identifier at the end of resource_prefix helps determine during +# which test something was created and allows tests to be run in parallel +# Shippable resource_prefixes are in the format shippable-123456-123, so in those cases +# we need both sets of digits to keep the resource name unique +unique_id: "{{ resource_prefix | regex_search('(\\d+-?)(\\d+)$') }}" +lambda_role_name: 'ansible-test-{{ unique_id }}-lambda' diff --git a/tests/integration/targets/lambda/files/minimal_trust_policy.json b/tests/integration/targets/lambda/files/minimal_trust_policy.json new file mode 100644 index 00000000000..fb84ae9de15 --- /dev/null +++ b/tests/integration/targets/lambda/files/minimal_trust_policy.json @@ -0,0 +1,12 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] +} diff --git a/tests/integration/targets/lambda/tasks/main.yml b/tests/integration/targets/lambda/tasks/main.yml index 4670a8b2544..823f479e893 100644 --- a/tests/integration/targets/lambda/tasks/main.yml +++ b/tests/integration/targets/lambda/tasks/main.yml @@ -8,6 +8,32 @@ collections: - community.general block: + # Preparation + - name: create minimal lambda role + iam_role: + name: '{{ lambda_role_name }}' + assume_role_policy_document: '{{ lookup("file", "minimal_trust_policy.json") }}' + create_instance_profile: false + managed_policies: + - 'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess' + register: iam_role + - name: wait 10 seconds for role to become available + pause: + seconds: 10 + when: iam_role.changed + - name: move lambda into place for archive module + copy: + src: mini_lambda.py + dest: '{{ output_dir }}/mini_lambda.py' + mode: preserve + - name: bundle lambda into a zip + register: zip_res + archive: + format: zip + path: '{{ output_dir }}/mini_lambda.py' + dest: '{{ output_dir }}/mini_lambda.zip' + + # Parameter tests - name: test with no parameters lambda: register: result @@ -17,6 +43,7 @@ that: - result.failed - 'result.msg.startswith("missing required arguments: name")' + - name: test with no parameters except state absent lambda: state: absent @@ -27,6 +54,7 @@ that: - result.failed - 'result.msg.startswith("missing required arguments: name")' + - name: test with no role or handler lambda: name: ansible-testing-fake-should-not-be-created @@ -38,37 +66,37 @@ that: - result.failed - 'result.msg.startswith("state is present but all of the following are missing: handler")' - - name: test with all module required variables but no region + + - name: test state=present with security group but no vpc lambda: - name: ansible-testing-fake-should-not-be-created - runtime: python2.7 - handler: no-handler - role: arn:fake-role-doesnt-exist - region: '{{ omit }}' + name: '{{ lambda_function_name }}' + runtime: 'python2.7' + role: '{{ lambda_role_name }}' + zip_file: '{{ zip_res.dest }}' + handler: '{{ omit }}' + description: '{{ omit }}' + vpc_subnet_ids: '{{ omit }}' + vpc_security_group_ids: 'sg-FA6E' + environment_variables: '{{ omit }}' + dead_letter_arn: '{{ omit }}' register: result ignore_errors: true - - name: assert failure when called with only 'name' + - name: assert lambda fails with proper message assert: that: - - result.failed - - '"requires a region and none was found" in result.msg' - - name: move lambda into place for archive module - copy: - src: mini_lambda.py - dest: '{{ output_dir }}/mini_lambda.py' - mode: preserve - - name: bundle lambda into a zip - register: zip_res - archive: - format: zip - path: '{{ output_dir }}/mini_lambda.py' - dest: '{{ output_dir }}/mini_lambda.zip' + - result is failed + - result.msg != "MODULE FAILURE" + - result.changed == False + - '"parameters are required together" in result.msg' + + # Prepare minimal Lambda + - name: test state=present - upload the lambda lambda: name: '{{ lambda_function_name }}' runtime: python2.7 handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{ zip_res.dest }}' register: result - name: assert lambda upload succeeded @@ -76,6 +104,8 @@ that: - result is not failed - result.configuration.tracing_config.mode == "PassThrough" + + # Test basic operation of Uploaded lambda - name: test lambda works execute_lambda: name: '{{lambda_function_name}}' @@ -87,13 +117,15 @@ that: - result is not failed - result.result.output.message == "hello Mr Ansible Tests" + + # Test updating Lambda - name: test lambda config updates lambda: name: '{{lambda_function_name}}' runtime: nodejs10.x tracing_mode: Active handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' register: update_result - name: assert that update succeeded assert: @@ -102,13 +134,14 @@ - update_result.changed == True - update_result.configuration.runtime == 'nodejs10.x' - update_result.configuration.tracing_config.mode == 'Active' - - name: test no changes are made with the same parameters + + - name: test no changes are made with the same parameters repeated lambda: name: '{{lambda_function_name}}' runtime: nodejs10.x tracing_mode: Active handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' register: update_result - name: assert that update succeeded assert: @@ -117,13 +150,14 @@ - update_result.changed == False - update_result.configuration.runtime == 'nodejs10.x' - update_result.configuration.tracing_config.mode == 'Active' + - name: reset config updates for the following tests lambda: name: '{{lambda_function_name}}' runtime: python2.7 tracing_mode: PassThrough handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' register: result - name: assert that reset succeeded assert: @@ -132,6 +166,8 @@ - result.changed == True - result.configuration.runtime == 'python2.7' - result.configuration.tracing_config.mode == 'PassThrough' + + # Query the Lambda - name: lambda_info | Gather all infos for given lambda function lambda_info: name: '{{ lambda_function_name }}' @@ -150,6 +186,7 @@ - lambda_infos_all.function[lambda_function_name].description == "" - lambda_infos_all.function[lambda_function_name].function_arn is defined - lambda_infos_all.function[lambda_function_name].handler == "mini_lambda.handler" + - name: lambda_info | Gather version infos for given lambda function lambda_info: name: '{{ lambda_function_name }}' @@ -161,6 +198,7 @@ - lambda_infos_versions is not failed - lambda_infos_versions.function[lambda_function_name].versions|length > 0 - lambda_infos_versions.function[lambda_function_name].function_name is undefined + - name: lambda_info | Gather config infos for given lambda function lambda_info: name: '{{ lambda_function_name }}' @@ -173,6 +211,7 @@ - lambda_infos_config.function[lambda_function_name].function_name == lambda_function_name - lambda_infos_config.function[lambda_function_name].description is defined - lambda_infos_config.function[lambda_function_name].versions is undefined + - name: lambda_info | Gather policy infos for given lambda function lambda_info: name: '{{ lambda_function_name }}' @@ -184,6 +223,7 @@ - lambda_infos_policy is not failed - lambda_infos_policy.function[lambda_function_name].policy is defined - lambda_infos_policy.function[lambda_function_name].versions is undefined + - name: lambda_info | Gather aliases infos for given lambda function lambda_info: name: '{{ lambda_function_name }}' @@ -194,6 +234,7 @@ that: - lambda_infos_aliases is not failed - lambda_infos_aliases.function[lambda_function_name].aliases is defined + - name: lambda_info | Gather mappings infos for given lambda function lambda_info: name: '{{ lambda_function_name }}' @@ -204,32 +245,13 @@ that: - lambda_infos_mappings is not failed - lambda_infos_mappings.function[lambda_function_name].mappings is defined - - name: test state=present with security group but no vpc - lambda: - name: '{{lambda_function_name}}' - runtime: python2.7 - role: ansible_lambda_role - zip_file: '{{zip_res.dest}}' - handler: '{{ omit }}' - description: '{{ omit }}' - vpc_subnet_ids: '{{ omit }}' - vpc_security_group_ids: sg-FA6E - environment_variables: '{{ omit }}' - dead_letter_arn: '{{ omit }}' - register: result - ignore_errors: true - - name: assert lambda fails with proper message - assert: - that: - - result is failed - - result.msg != "MODULE FAILURE" - - result.changed == False - - '"parameters are required together" in result.msg' + + # More Lambda update tests - name: test state=present with all nullable variables explicitly set to null lambda: name: '{{lambda_function_name}}' runtime: python2.7 - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' handler: mini_lambda.handler description: null @@ -243,12 +265,13 @@ that: - result is not failed - result.changed == False + - name: test putting an environment variable changes lambda lambda: name: '{{lambda_function_name}}' runtime: python2.7 handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' environment_variables: EXTRA_MESSAGE: I think you are great!! @@ -263,47 +286,45 @@ name: '{{lambda_function_name}}' payload: name: Mr Ansible Tests - security_token: '{{security_token}}' register: result - name: assert lambda manages to respond as expected assert: that: - result is not failed - result.result.output.message == "hello Mr Ansible Tests. I think you are great!!" - - name: test state=present triggering a network exception due to bad url + + # Deletion behavious + - name: test state=absent (expect changed=True) lambda: name: '{{lambda_function_name}}' - runtime: python2.7 - role: ansible_lambda_role - ec2_url: https://noexist.example.com - ec2_region: '{{ec2_region}}' - ec2_access_key: iamnotreallyanaccesskey - ec2_secret_key: thisisabadsecretkey - security_token: andthisisabadsecuritytoken - zip_file: '{{zip_res.dest}}' + state: absent register: result - ignore_errors: true - - name: assert lambda manages to respond as expected + + - name: assert state=absent assert: that: - - result is failed - - result.changed == False - - name: test state=absent (expect changed=False) + - result is not failed + - result is changed + + - name: test state=absent (expect changed=False) when already deleted lambda: name: '{{lambda_function_name}}' state: absent register: result + - name: assert state=absent assert: that: - result is not failed - - result.changed == True + - result is not changed + + # Parallel creations and deletions - name: parallel lambda creation 1/4 lambda: name: '{{lambda_function_name}}_1' runtime: python2.7 handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' async: 1000 register: async_1 @@ -312,7 +333,7 @@ name: '{{lambda_function_name}}_2' runtime: python2.7 handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' async: 1000 register: async_2 @@ -321,7 +342,7 @@ name: '{{lambda_function_name}}_3' runtime: python2.7 handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' async: 1000 register: async_3 @@ -330,7 +351,7 @@ name: '{{lambda_function_name}}_4' runtime: python2.7 handler: mini_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' register: result - name: assert lambda manages to respond as expected @@ -398,9 +419,15 @@ register: job_result until: job_result is finished retries: 30 + always: - name: ensure function is absent at end of test lambda: name: '{{lambda_function_name}}' state: absent ignore_errors: true + - name: ensure role has been removed at end of test + iam_role: + name: '{{ lambda_role_name }}' + state: absent + ignore_errors: true diff --git a/tests/integration/targets/lambda_policy/defaults/main.yml b/tests/integration/targets/lambda_policy/defaults/main.yml index db22fd7b75e..5bcb2027367 100644 --- a/tests/integration/targets/lambda_policy/defaults/main.yml +++ b/tests/integration/targets/lambda_policy/defaults/main.yml @@ -1,3 +1,10 @@ --- -# defaults file for aws_lambda test -lambda_function_name: '{{resource_prefix}}-api-endpoint' +# defaults file for lambda_policy integration test +lambda_function_name: '{{ resource_prefix }}-api-endpoint' +# IAM role names have to be less than 64 characters +# The 8 digit identifier at the end of resource_prefix helps determine during +# which test something was created and allows tests to be run in parallel +# Shippable resource_prefixes are in the format shippable-123456-123, so in those cases +# we need both sets of digits to keep the resource name unique +unique_id: "{{ resource_prefix | regex_search('(\\d+-?)(\\d+)$') }}" +lambda_role_name: 'ansible-test-{{ unique_id }}-lambda-policy' diff --git a/tests/integration/targets/lambda_policy/tasks/main.yml b/tests/integration/targets/lambda_policy/tasks/main.yml index 4714a8b2853..855e9fba994 100644 --- a/tests/integration/targets/lambda_policy/tasks/main.yml +++ b/tests/integration/targets/lambda_policy/tasks/main.yml @@ -1,18 +1,30 @@ -- name: Integration testing for ec2_snapshot +- name: Integration testing for lambda_policy + module_defaults: + group/aws: + aws_access_key: '{{ aws_access_key }}' + aws_secret_key: '{{ aws_secret_key }}' + security_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region }}' collections: - community.general - amazon.aws block: - - name: set up AWS credentials - set_fact: - aws_connection_info: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - no_log: true + - name: create minimal lambda role + iam_role: + name: '{{ lambda_role_name }}' + assume_role_policy_document: '{{ lookup("file", "minimal_trust_policy.json") }}' + create_instance_profile: false + managed_policies: + - 'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess' + register: iam_role + - name: wait 10 seconds for role to become available + pause: + seconds: 10 + when: iam_role.changed + - name: test with no parameters + module_defaults: { group/aws: {} } lambda_policy: null register: result ignore_errors: true @@ -22,6 +34,7 @@ - result.failed - 'result.msg.startswith("missing required arguments: ")' - name: test with all required dummy parameters but no region + module_defaults: { group/aws: {} } lambda_policy: statement_id: dummy principal: api_fakeway @@ -35,6 +48,7 @@ - result.failed - '"requires a region and none was found" in result.msg' - name: test exceptions generated by forcing bad ec2 url + module_defaults: { group/aws: {} } lambda_policy: function_name: '{{ lambda_function_name }}' state: present @@ -68,10 +82,6 @@ dest: '{{ output_dir }}/mini_http_lambda.zip' - name: create minimal lambda role iam_role: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' name: ansible_lambda_role assume_role_policy_document: '{{ lookup(''file'', ''minimal_trust_policy.json'', convert_data=False) }}' create_instance_profile: false @@ -82,22 +92,14 @@ when: iam_role.changed - name: test state=present - upload the lambda lambda: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' name: '{{lambda_function_name}}' runtime: python2.7 handler: mini_http_lambda.handler - role: ansible_lambda_role + role: '{{ lambda_role_name }}' zip_file: '{{zip_res.dest}}' register: lambda_result - name: get the aws account ID for use in future commands - aws_caller_info: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' + aws_caller_info: {} register: aws_caller_info - name: register lambda uri for use in template set_fact: @@ -108,10 +110,6 @@ dest: '{{output_dir}}/endpoint-test-swagger-api.yml.j2' - name: deploy new API aws_api_gateway: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' api_file: '{{output_dir}}/endpoint-test-swagger-api.yml.j2' stage: lambdabased register: create_result @@ -130,10 +128,6 @@ - unauth_uri_result.status == 500 - name: give api gateway execute permissions on lambda lambda_policy: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' function_name: '{{ lambda_function_name }}' state: present statement_id: api-gateway-invoke-lambdas @@ -142,10 +136,6 @@ source_arn: arn:aws:execute-api:{{ aws_region }}:{{ aws_caller_info.account }}:*/* - name: try again but with ARN lambda_policy: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' function_name: '{{ lambda_result.configuration.function_arn }}' state: present statement_id: api-gateway-invoke-lambdas @@ -162,10 +152,6 @@ - uri_result - name: deploy new API aws_api_gateway: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' api_file: '{{output_dir}}/endpoint-test-swagger-api.yml.j2' stage: lambdabased register: create_result @@ -173,21 +159,18 @@ always: - name: destroy lambda for test cleanup if created lambda: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' name: '{{lambda_function_name}}' state: absent register: result ignore_errors: true - name: destroy API for test cleanup if created aws_api_gateway: - aws_region: '{{ aws_region }}' - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' state: absent api_id: '{{api_id}}' register: destroy_result ignore_errors: true + - name: Clean up test role + iam_role: + name: '{{ lambda_role_name }}' + state: absent + ignore_errors: true diff --git a/tests/integration/targets/s3_bucket_notification/defaults/main.yml b/tests/integration/targets/s3_bucket_notification/defaults/main.yml index d227210344f..ad2a4c68f0c 100644 --- a/tests/integration/targets/s3_bucket_notification/defaults/main.yml +++ b/tests/integration/targets/s3_bucket_notification/defaults/main.yml @@ -1,3 +1,10 @@ --- -# defaults file for aws_lambda test -lambda_function_name: '{{resource_prefix}}' +# defaults file for s3_bucket_notifications integration test +lambda_function_name: '{{ resource_prefix }}' +# IAM role names have to be less than 64 characters +# The 8 digit identifier at the end of resource_prefix helps determine during +# which test something was created and allows tests to be run in parallel +# Shippable resource_prefixes are in the format shippable-123456-123, so in those cases +# we need both sets of digits to keep the resource name unique +unique_id: "{{ resource_prefix | regex_search('(\\d+-?)(\\d+)$') }}" +lambda_role_name: 'ansible-test-{{ unique_id }}-s3-notifications' diff --git a/tests/integration/targets/s3_bucket_notification/files/lambda-trust-policy.json b/tests/integration/targets/s3_bucket_notification/files/lambda-trust-policy.json new file mode 100644 index 00000000000..fb84ae9de15 --- /dev/null +++ b/tests/integration/targets/s3_bucket_notification/files/lambda-trust-policy.json @@ -0,0 +1,12 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] +} diff --git a/tests/integration/targets/s3_bucket_notification/tasks/main.yml b/tests/integration/targets/s3_bucket_notification/tasks/main.yml index ea6cf8acb20..38ef3bb2c22 100644 --- a/tests/integration/targets/s3_bucket_notification/tasks/main.yml +++ b/tests/integration/targets/s3_bucket_notification/tasks/main.yml @@ -1,16 +1,26 @@ -- name: set up aws connection info - set_fact: - aws_connection_info: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' - no_log: true - name: test add s3 bucket notification collections: - amazon.aws - community.general + module_defaults: + group/aws: + aws_access_key: '{{ aws_access_key }}' + aws_secret_key: '{{ aws_secret_key }}' + security_token: '{{ security_token | default(omit) }}' + region: '{{ aws_region }}' block: + - name: create minimal lambda role + iam_role: + name: '{{ lambda_role_name }}' + assume_role_policy_document: '{{ lookup("file", "lambda-trust-policy.json") }}' + create_instance_profile: false + managed_policies: + - 'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess' + register: iam_role + - name: pause if role was created + pause: + seconds: 10 + when: iam_role is changed - name: move lambda into place for archive module copy: src: mini_lambda.py @@ -24,22 +34,14 @@ dest: '{{ output_dir }}/mini_lambda.zip' - name: register bucket s3_bucket: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' name: '{{resource_prefix}}-bucket' state: present register: bucket_info - name: register lambda lambda: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' name: '{{resource_prefix}}-lambda' state: present - role: ansible_lambda_role + role: '{{ lambda_role_name }}' runtime: python3.7 zip_file: '{{function_res.dest}}' handler: lambda_function.lambda_handler @@ -48,10 +50,6 @@ register: lambda_info - name: register notification without invoke permissions s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -70,10 +68,6 @@ - result.msg != 'MODULE FAILURE' - name: Add invocation permission of Lambda function on AWS lambda_policy: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' function_name: '{{ lambda_info.configuration.function_arn }}' statement_id: allow_lambda_invoke action: lambda:InvokeFunction @@ -81,10 +75,6 @@ source_arn: arn:aws:s3:::{{bucket_info.name}} - name: register s3 bucket notification s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -101,10 +91,6 @@ - result.changed == True - name: test check_mode without change s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -122,10 +108,6 @@ - result.changed == False - name: test check_mode change events s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -142,10 +124,6 @@ - result.changed == True - name: test that check_mode didn't change events s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -162,10 +140,6 @@ - result.changed == False - name: test mutually exclusive parameters s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -185,10 +159,6 @@ - 'result.msg == ''parameters are mutually exclusive: lambda_alias|lambda_version''' - name: test configuration change on suffix s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -205,10 +175,6 @@ - result.changed == True - name: test configuration change on prefix s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -225,10 +191,6 @@ - result.changed == True - name: test configuration change on new events added s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -246,10 +208,6 @@ - result.changed == True - name: test configuration change on events removed s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -265,10 +223,6 @@ - result.changed == True - name: change events s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -282,10 +236,6 @@ register: result - name: test that event order does not matter s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -303,10 +253,6 @@ - result.changed == False - name: test that configuration is the same as previous task s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: present event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -324,10 +270,6 @@ - result.changed == False - name: test remove notification s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: absent event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -338,10 +280,6 @@ - result.changed == True - name: test that events is already removed s3_bucket_notification: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' state: absent event_name: '{{resource_prefix}}-on_file_add_or_remove' bucket_name: '{{resource_prefix}}-bucket' @@ -353,21 +291,20 @@ always: - name: clean-up bucket s3_bucket: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' name: '{{resource_prefix}}-bucket' state: absent + ignore_errors: true - name: clean-up lambda lambda: - aws_access_key: '{{ aws_access_key }}' - aws_secret_key: '{{ aws_secret_key }}' - security_token: '{{ security_token }}' - region: '{{ aws_region }}' name: '{{resource_prefix}}-lambda' state: absent -- null + ignore_errors: true + - name: cleam-up role + iam_role: + name: '{{ lambda_role_name }}' + state: absent + ignore_errors: true + - block: - name: test with no parameters except state absent s3_bucket_notification: state=absent diff --git a/tests/integration/targets/sns_topic/defaults/main.yml b/tests/integration/targets/sns_topic/defaults/main.yml index afcc5dc8cbb..4082236c73b 100644 --- a/tests/integration/targets/sns_topic/defaults/main.yml +++ b/tests/integration/targets/sns_topic/defaults/main.yml @@ -6,3 +6,10 @@ sns_topic_third_party_topic_arn: "arn:aws:sns:us-east-1:806199016981:AmazonIpSpa sns_topic_third_party_region: "{{ sns_topic_third_party_topic_arn.split(':')[3] }}" sns_topic_lambda_function: "sns_topic_lambda" sns_topic_lambda_name: "{{ resource_prefix }}-{{ sns_topic_lambda_function }}" +# IAM role names have to be less than 64 characters +# The 8 digit identifier at the end of resource_prefix helps determine during +# which test something was created and allows tests to be run in parallel +# Shippable resource_prefixes are in the format shippable-123456-123, so in those cases +# we need both sets of digits to keep the resource name unique +unique_id: "{{ resource_prefix | regex_search('(\\d+-?)(\\d+)$') }}" +sns_topic_lambda_role: "ansible-test-{{ unique_id }}-sns-lambda" diff --git a/tests/integration/targets/sns_topic/files/lambda-policy.json b/tests/integration/targets/sns_topic/files/lambda-policy.json deleted file mode 100644 index ac1e64ac04f..00000000000 --- a/tests/integration/targets/sns_topic/files/lambda-policy.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "Version":"2012-10-17", - "Statement":[ - { - "Effect":"Allow", - "Action":[ - "logs:CreateLogStream", - "logs:CreateLogGroup", - "logs:PutLogEvents" - ], - "Resource":"*" - } - ] -} diff --git a/tests/integration/targets/sns_topic/tasks/main.yml b/tests/integration/targets/sns_topic/tasks/main.yml index b5e961f7fa1..4d494f2e8c7 100644 --- a/tests/integration/targets/sns_topic/tasks/main.yml +++ b/tests/integration/targets/sns_topic/tasks/main.yml @@ -9,26 +9,17 @@ block: - name: create minimal lambda role iam_role: - name: ansible_lambda_role - assume_role_policy_document: '{{ lookup(''file'', ''lambda-trust-policy.json'', convert_data=False) }}' + name: '{{ sns_topic_lambda_role }}' + assume_role_policy_document: '{{ lookup("file", "lambda-trust-policy.json") }}' create_instance_profile: false + managed_policies: + - 'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess' register: iam_role - name: pause if role was created pause: seconds: 10 when: iam_role is changed - - name: ensure lambda role policy exists - iam_policy: - policy_name: ansible_lambda_role_policy - iam_name: ansible_lambda_role - iam_type: role - policy_json: '{{ lookup(''file'', ''lambda-policy.json'') }}' - state: present - register: iam_policy - - name: pause if policy was created - pause: - seconds: 10 - when: iam_policy is changed + - name: create topic sns_topic: name: '{{ sns_topic_topic_name }}' @@ -178,7 +169,7 @@ state: present zip_file: '{{ tempdir.path }}/{{ sns_topic_lambda_function }}.zip' runtime: python2.7 - role: ansible_lambda_role + role: '{{ sns_topic_lambda_role }}' handler: '{{ sns_topic_lambda_function }}.handler' register: lambda_result - set_fact: @@ -305,3 +296,8 @@ state: absent when: tempdir is defined ignore_errors: true + - name: remove iam role + iam_role: + name: '{{ sns_topic_lambda_role }}' + state: absent + ignore_errors: true From 33c03de5ecb40dd650073dfb205d8351ba80befd Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Thu, 26 Nov 2020 11:28:58 +0100 Subject: [PATCH 109/129] Update module name deprecation messages to be more helpful --- meta/runtime.yml | 178 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 138 insertions(+), 40 deletions(-) diff --git a/meta/runtime.yml b/meta/runtime.yml index c4935c86bb7..e8153ff35c4 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -223,160 +223,258 @@ plugin_routing: aws_acm_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + aws_acm_facts was renamed in Ansible 2.9 to aws_acm_info. + Please update your tasks. aws_kms_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + aws_kms_facts was renamed in Ansible 2.9 to aws_kms_info. + Please update your tasks. aws_region_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + aws_region_facts was renamed in Ansible 2.9 to aws_region_info. + Please update your tasks. aws_s3_bucket_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + aws_s3_bucket_facts has been deprecated and will be removed. + The aws_s3_bucket_info module returns the same information, but not + as ansible_facts. See the module documentation for more information. + Please update your tasks. aws_sgw_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + aws_sgw_facts was renamed in Ansible 2.9 to aws_sgw_info. + Please update your tasks. aws_waf_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + aws_waf_facts was renamed in Ansible 2.9 to aws_waf_info. + Please update your tasks. cloudfront_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + cloudfront_facts has been deprecated and will be removed. + The cloudfront_info module returns the same information, but not as + ansible_facts. See the module documentation for more information. cloudwatchlogs_log_group_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + cloudwatchlogs_log_group_facts was renamed in Ansible 2.9 to + cloudwatchlogs_log_group_info. + Please update your tasks. ec2_asg_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_asg_facts was renamed in Ansible 2.9 to ec2_asg_info. + Please update your tasks. ec2_customer_gateway_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_customer_gateway_facts was renamed in Ansible 2.9 to + ec2_customer_gateway_info. + Please update your tasks. ec2_instance_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_instance_facts was renamed in Ansible 2.9 to ec2_instance_info. + Please update your tasks. ec2_eip_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_eip_facts was renamed in Ansible 2.9 to ec2_eip_info. + Please update your tasks. ec2_elb_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_elb_facts was renamed in Ansible 2.9 to ec2_elb_info. + Please update your tasks. ec2_lc_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_lc_facts was renamed in Ansible 2.9 to ec2_lc_info. + Please update your tasks. ec2_placement_group_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_placement_group_facts was renamed in Ansible 2.9 to + ec2_placement_group_info. + Please update your tasks. ec2_vpc_endpoint_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_endpoint_facts was renamed in Ansible 2.9 to + ec2_vpc_endpoint_info. + Please update your tasks. ec2_vpc_igw_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_igw_facts was renamed in Ansible 2.9 to ec2_vpc_igw_info. + Please update your tasks. ec2_vpc_nacl_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_nacl_facts was renamed in Ansible 2.9 to ec2_vpc_nacl_info. + Please update your tasks. ec2_vpc_nat_gateway_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_nat_gateway_facts was renamed in Ansible 2.9 to + ec2_vpc_nat_gateway_info. + Please update your tasks. ec2_vpc_peering_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_peering_facts was renamed in Ansible 2.9 to + ec2_vpc_peering_info. + Please update your tasks. ec2_vpc_route_table_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_route_table_facts was renamed in Ansible 2.9 to + ec2_vpc_route_table_info. + Please update your tasks. ec2_vpc_vgw_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_vgw_facts was renamed in Ansible 2.9 to ec2_vpc_vgw_info. + Please update your tasks. ec2_vpc_vpn_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ec2_vpc_vpn_facts was renamed in Ansible 2.9 to ec2_vpc_vpn_info. + Please update your tasks. ecs_service_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ecs_service_facts has been deprecated and will be removed. + The ecs_service_info module returns the same information, but not as + ansible_facts. See the module documentation for more information. ecs_taskdefinition_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + ecs_taskdefinition_facts was renamed in Ansible 2.9 to + ecs_taskdefinition_info. + Please update your tasks. efs_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + efs_facts has been deprecated and will be removed. + The efs_info module returns the same information, but not as + ansible_facts. See the module documentation for more information. elasticache_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + elasticache_facts was renamed in Ansible 2.9 to elasticache_info. + Please update your tasks. elb_application_lb_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + elb_application_lb_facts was renamed in Ansible 2.9 to + elb_application_lb_info. + Please update your tasks. elb_classic_lb_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + elb_classic_lb_facts was renamed in Ansible 2.9 to + elb_classic_lb_info. + Please update your tasks. elb_target_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + elb_target_facts was renamed in Ansible 2.9 to elb_target_info. + Please update your tasks. elb_target_group_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + elb_target_group_facts was renamed in Ansible 2.9 to + elb_target_group_info. + Please update your tasks. iam_cert_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + iam_cert_facts was renamed in Ansible 2.9 to iam_cert_info. + Please update your tasks. iam_mfa_device_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + iam_mfa_device_facts was renamed in Ansible 2.9 to iam_mfa_device_info. + Please update your tasks. iam_role_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + iam_role_facts was renamed in Ansible 2.9 to iam_role_info. + Please update your tasks. iam_server_certificate_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + iam_server_certificate_facts was renamed in Ansible 2.9 to + iam_server_certificate_info. + Please update your tasks. lambda_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + lambda_facts has been deprecated and will be removed. + The lambda_info module returns the same information, but not as + ansible_facts. See the module documentation for more information. rds_instance_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + rds_instance_facts was renamed in Ansible 2.9 to rds_instance_info. + Please update your tasks. rds_snapshot_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + rds_snapshot_facts was renamed in Ansible 2.9 to rds_snapshot_info. + Please update your tasks. redshift_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + redshift_facts was renamed in Ansible 2.9 to redshift_info. + Please update your tasks. route53_facts: deprecation: removal_date: 2021-12-01 - warning_text: see plugin documentation for details + warning_text: >- + route53_facts was renamed in Ansible 2.9 to route53_info. + Please update your tasks. From 44ad137d56a548532cd3cac6edc61ab111e2971b Mon Sep 17 00:00:00 2001 From: Will Date: Sat, 28 Nov 2020 09:33:16 +0000 Subject: [PATCH 110/129] Fix for aws_kms_info with external/custom key store keys (#311) * Fix for aws_kms_info with external/custom key store keys * Added changelog fragment --- .../fragments/311-fix-aws_kms_info-external-keys.yaml | 2 ++ plugins/modules/aws_kms_info.py | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml diff --git a/changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml b/changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml new file mode 100644 index 00000000000..618023c35ee --- /dev/null +++ b/changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml @@ -0,0 +1,2 @@ +bugfixes: + - aws_kms_info - fixed incompatibility with external and custom key-store keys. The module was attempting to call `GetKeyRotationStatus`, which raises `UnsupportedOperationException` for these key types (https://github.com/ansible-collections/community.aws/pull/311). diff --git a/plugins/modules/aws_kms_info.py b/plugins/modules/aws_kms_info.py index 160ca5e13c7..235b7bc5b1e 100644 --- a/plugins/modules/aws_kms_info.py +++ b/plugins/modules/aws_kms_info.py @@ -373,7 +373,11 @@ def get_key_details(connection, module, key_id, tokens=None): exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) result['aliases'] = aliases.get(result['KeyId'], []) - result['enable_key_rotation'] = get_enable_key_rotation_with_backoff(connection, key_id) + + if result['Origin'] == 'AWS_KMS': + result['enable_key_rotation'] = get_enable_key_rotation_with_backoff(connection, key_id) + else: + result['enable_key_rotation'] = None if module.params.get('pending_deletion'): return camel_dict_to_snake_dict(result) From 601505d70f9bc75eeff7b0a614deef06012b3877 Mon Sep 17 00:00:00 2001 From: Sid Patel Date: Tue, 1 Dec 2020 09:03:31 -0700 Subject: [PATCH 111/129] fix: ansible kinesis stream paginated shards bug (#93) * fix: ansible kinesis stream paginated shards bug * only set shardid params when more shards * add changelog fragment --- .../fragments/93-kinesis_stream-get-more-shards-resolve.yml | 2 ++ plugins/modules/kinesis_stream.py | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml diff --git a/changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml b/changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml new file mode 100644 index 00000000000..84365d6ff15 --- /dev/null +++ b/changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml @@ -0,0 +1,2 @@ +bugfixes: +- kinesis_stream - fixes issue where kinesis streams with > 100 shards get stuck in an infinite loop (https://github.com/ansible-collections/community.aws/pull/93) diff --git a/plugins/modules/kinesis_stream.py b/plugins/modules/kinesis_stream.py index 4183444ebb3..d9b3cc0d938 100644 --- a/plugins/modules/kinesis_stream.py +++ b/plugins/modules/kinesis_stream.py @@ -364,6 +364,8 @@ def find_stream(client, stream_name, check_mode=False): ) shards.extend(results.pop('Shards')) has_more_shards = results['HasMoreShards'] + if has_more_shards: + params['ExclusiveStartShardId'] = shards[-1]['ShardId'] results['Shards'] = shards num_closed_shards = len([s for s in shards if 'EndingSequenceNumber' in s['SequenceNumberRange']]) results['OpenShardsCount'] = len(shards) - num_closed_shards From e9b543fefc7fb74798f13bfb691582a14551bfa9 Mon Sep 17 00:00:00 2001 From: Romain GAGNAIRE <2607260+TheOptimisticFactory@users.noreply.github.com> Date: Tue, 1 Dec 2020 19:35:07 +0100 Subject: [PATCH 112/129] fix: Cloudfront distribution now uses provided origin_access_identity (#39) * fix: Cloudfront distribution now uses provided origin_access_identity - This is the same fix that had been originally pushed to https://github.com/ansible/ansible/pull/68845 * test: Added new test case * test: corrected typo in task name Co-authored-by: Mark Chappell * test: Adjusted test task labeling Co-authored-by: Romain Gagnaire Co-authored-by: Mark Chappell --- plugins/modules/cloudfront_distribution.py | 9 +++++++-- .../cloudfront_distribution/tasks/main.yml | 17 +++++++++++++++++ 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 5df16dc69db..7e8fe152d5f 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -1674,10 +1674,15 @@ def validate_origins(self, client, config, origins, default_origin_domain_name, self.module.fail_json_aws(e, msg="Error validating distribution origins") def validate_s3_origin_configuration(self, client, existing_config, origin): - if origin['s3_origin_access_identity_enabled'] and existing_config.get('s3_origin_config', {}).get('origin_access_identity'): - return existing_config['s3_origin_config']['origin_access_identity'] if not origin['s3_origin_access_identity_enabled']: return None + + if origin.get('s3_origin_config', {}).get('origin_access_identity'): + return origin['s3_origin_config']['origin_access_identity'] + + if existing_config.get('s3_origin_config', {}).get('origin_access_identity'): + return existing_config['s3_origin_config']['origin_access_identity'] + try: comment = "access-identity-by-ansible-%s-%s" % (origin.get('domain_name'), self.__default_datetime_string) caller_reference = "%s-%s" % (origin.get('domain_name'), self.__default_datetime_string) diff --git a/tests/integration/targets/cloudfront_distribution/tasks/main.yml b/tests/integration/targets/cloudfront_distribution/tasks/main.yml index b4c2e599379..62c141cd039 100644 --- a/tests/integration/targets/cloudfront_distribution/tasks/main.yml +++ b/tests/integration/targets/cloudfront_distribution/tasks/main.yml @@ -410,6 +410,23 @@ that: - update_origin_to_s3_with_origin_access_and_with_custom_origin_config.failed + - name: Update distribution to use specific access identity + cloudfront_distribution: + distribution_id: "{{ distribution_id }}" + origins: + - id: "{{ resource_prefix }}" + domain_name: "{{ resource_prefix }}.s3.amazonaws.com" + s3_origin_access_identity_enabled: true + s3_origin_config: + origin_access_identity: origin-access-identity/cloudfront/ANYTHING + register: update_distribution_with_specific_access_identity + + - name: check that custom origin uses the provided origin_access_identity + assert: + that: + - update_distribution_with_specific_access_identity.changed + - update_distribution_with_specific_access_identity.origins.items[0].s3_origin_config.origin_access_identity == 'origin-access-identity/cloudfront/ANYTHING' + always: # TEARDOWN STARTS HERE - name: delete the s3 bucket From b22f2804372a3d35683debffb9a1c0908a819ca1 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 7 Dec 2020 08:48:06 +0100 Subject: [PATCH 113/129] Sanity test / doc-default-does-not-match-spec fixups (#320) * Sanity test / doc-default-does-not-match-spec fixups * General docs cleanup --- plugins/modules/aws_api_gateway.py | 24 ++++---- .../modules/aws_application_scaling_policy.py | 15 ++--- .../modules/aws_direct_connect_connection.py | 7 ++- ...s_direct_connect_link_aggregation_group.py | 3 + plugins/modules/cloudfront_distribution.py | 24 ++++---- plugins/modules/ec2_ami_copy.py | 10 +-- plugins/modules/ec2_vpc_vpn.py | 21 ++++--- plugins/modules/ecs_ecr.py | 8 +-- plugins/modules/ecs_service.py | 14 +++-- plugins/modules/ecs_taskdefinition.py | 3 +- plugins/modules/elasticache.py | 10 +-- plugins/modules/elb_application_lb.py | 16 ++--- plugins/modules/elb_classic_lb.py | 61 ++++++++++--------- plugins/modules/elb_network_lb.py | 4 +- plugins/modules/elb_target.py | 17 +++--- plugins/modules/iam_cert.py | 10 +-- plugins/modules/route53.py | 18 +++--- plugins/modules/sqs_queue.py | 7 ++- 18 files changed, 145 insertions(+), 127 deletions(-) diff --git a/plugins/modules/aws_api_gateway.py b/plugins/modules/aws_api_gateway.py index 5267daf7079..f7466b1d1e2 100644 --- a/plugins/modules/aws_api_gateway.py +++ b/plugins/modules/aws_api_gateway.py @@ -14,7 +14,7 @@ version_added: 1.0.0 short_description: Manage AWS API Gateway APIs description: - - Allows for the management of API Gateway APIs + - Allows for the management of API Gateway APIs. - Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do not give api_id then a new API will be created each time @@ -40,7 +40,7 @@ swagger_file: description: - JSON or YAML file containing swagger definitions for API. - Exactly one of swagger_file, swagger_text or swagger_dict must + Exactly one of I(swagger_file), I(swagger_text) or I(swagger_dict) must be present. type: path aliases: ['src', 'api_file'] @@ -60,13 +60,13 @@ type: str deploy_desc: description: - - Description of the deployment - recorded and visible in the - AWS console. + - Description of the deployment. + - Recorded and visible in the AWS console. default: Automatic deployment by Ansible. type: str cache_enabled: description: - - Enable API GW caching of backend responses. Defaults to false. + - Enable API GW caching of backend responses. type: bool default: false cache_size: @@ -83,20 +83,22 @@ description: - Canary settings for the deployment of the stage. - 'Dict with following settings:' - - 'percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.' - - 'deploymentId: The ID of the canary deployment.' - - 'stageVariableOverrides: Stage variables overridden for a canary release deployment.' - - 'useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.' + - 'C(percentTraffic): The percent (0-100) of traffic diverted to a canary deployment.' + - 'C(deploymentId): The ID of the canary deployment.' + - 'C(stageVariableOverrides): Stage variables overridden for a canary release deployment.' + - 'C(useStageCache): A Boolean flag to indicate whether the canary deployment uses the stage cache or not.' - See docs U(https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/apigateway.html#APIGateway.Client.create_stage) type: dict tracing_enabled: description: - Specifies whether active tracing with X-ray is enabled for the API GW stage. type: bool + default: false endpoint_type: description: - - Type of endpoint configuration, use C(EDGE) for an edge optimized API endpoint, - - C(REGIONAL) for just a regional deploy or PRIVATE for a private API. + - Type of endpoint configuration. + - Use C(EDGE) for an edge optimized API endpoint, + C(REGIONAL) for just a regional deploy or C(PRIVATE) for a private API. - This flag will only be used when creating a new API Gateway setup, not for updates. choices: ['EDGE', 'REGIONAL', 'PRIVATE'] type: str diff --git a/plugins/modules/aws_application_scaling_policy.py b/plugins/modules/aws_application_scaling_policy.py index 468705b1938..dcc8b8b1691 100644 --- a/plugins/modules/aws_application_scaling_policy.py +++ b/plugins/modules/aws_application_scaling_policy.py @@ -15,14 +15,14 @@ - for details of the parameters and returns see U(http://boto3.readthedocs.io/en/latest/reference/services/application-autoscaling.html#ApplicationAutoScaling.Client.put_scaling_policy) description: - - Creates, updates or removes a Scaling Policy + - Creates, updates or removes a Scaling Policy. author: - Gustavo Maia (@gurumaia) - Chen Leibovich (@chenl87) requirements: [ json, botocore, boto3 ] options: state: - description: Whether a policy should be present or absent + description: Whether a policy should be C(present) or C(absent). required: yes choices: ['absent', 'present'] type: str @@ -57,12 +57,12 @@ choices: ['StepScaling', 'TargetTrackingScaling'] type: str step_scaling_policy_configuration: - description: A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling. + description: A step scaling policy. This parameter is required if you are creating a policy and I(policy_type=StepScaling). required: no type: dict target_tracking_scaling_policy_configuration: description: - - A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling. + - A target tracking policy. This parameter is required if you are creating a new policy and I(policy_type=TargetTrackingScaling). - 'Full documentation of the suboptions can be found in the API documentation:' - 'U(https://docs.aws.amazon.com/autoscaling/application/APIReference/API_TargetTrackingScalingPolicyConfiguration.html)' required: no @@ -84,7 +84,7 @@ description: The time (in seconds) to wait after scaling-out before another scaling action can occur. type: int TargetValue: - description: The target value for the metric + description: The target value for the metric. type: float minimum_tasks: description: The minimum value to scale to in response to a scale in event. @@ -97,9 +97,10 @@ required: no type: int override_task_capacity: - description: Whether or not to override values of minimum and/or maximum tasks if it's already set. + description: + - Whether or not to override values of minimum and/or maximum tasks if it's already set. + - Defaults to C(false). required: no - default: no type: bool extends_documentation_fragment: - amazon.aws.aws diff --git a/plugins/modules/aws_direct_connect_connection.py b/plugins/modules/aws_direct_connect_connection.py index 9899b742fb4..a84e5f98523 100644 --- a/plugins/modules/aws_direct_connect_connection.py +++ b/plugins/modules/aws_direct_connect_connection.py @@ -64,9 +64,10 @@ type: str forced_update: description: - - To modify bandwidth or location the connection will need to be deleted and recreated. - By default this will not happen - this option must be set to True. + - To modify I(bandwidth) or I(location) the connection needs to be deleted and recreated. + - By default this will not happen. This option must be explicitly set to C(true) to change I(bandwith) or I(location). type: bool + default: false ''' EXAMPLES = """ @@ -93,7 +94,7 @@ name: ansible-test-connection location: EqDC2 bandwidth: 10Gbps - forced_update: True + forced_update: true # delete the connection - community.aws.aws_direct_connect_connection: diff --git a/plugins/modules/aws_direct_connect_link_aggregation_group.py b/plugins/modules/aws_direct_connect_link_aggregation_group.py index e3fae3ccf06..41c50134dab 100644 --- a/plugins/modules/aws_direct_connect_link_aggregation_group.py +++ b/plugins/modules/aws_direct_connect_link_aggregation_group.py @@ -59,6 +59,7 @@ - This allows the minimum number of links to be set to 0, any hosted connections disassociated, and any virtual interfaces associated to the LAG deleted. type: bool + default: false connection_id: description: - A connection ID to link with the link aggregation group upon creation. @@ -67,12 +68,14 @@ description: - To be used with I(state=absent) to delete connections after disassociating them with the LAG. type: bool + default: false wait: description: - Whether or not to wait for the operation to complete. - May be useful when waiting for virtual interfaces to be deleted. - The time to wait can be controlled by setting I(wait_timeout). type: bool + default: false wait_timeout: description: - The duration in seconds to wait if I(wait=true). diff --git a/plugins/modules/cloudfront_distribution.py b/plugins/modules/cloudfront_distribution.py index 7e8fe152d5f..a48f687a890 100644 --- a/plugins/modules/cloudfront_distribution.py +++ b/plugins/modules/cloudfront_distribution.py @@ -66,7 +66,7 @@ tags: description: - Should be input as a dict of key-value pairs. - - Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1' + - "Note that numeric keys or values must be wrapped in quotes. e.g. C(Priority: '1')" type: dict purge_tags: @@ -87,7 +87,7 @@ aliases: description: - - A list) of domain name aliases (CNAMEs) as strings to be used for the distribution. + - A list of domain name aliases (CNAMEs) as strings to be used for the distribution. - Each alias must be unique across all distribution for the AWS account. type: list elements: str @@ -141,7 +141,7 @@ description: - Custom headers you wish to add to the request before passing it to the origin. - For more information see the CloudFront documentation - at U(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) + at U(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html). type: list elements: dict suboptions: @@ -191,7 +191,7 @@ description: - A dict specifying the default cache behavior of the distribution. - If not specified, the I(target_origin_id) is defined as the I(target_origin_id) of the first valid - I(cache_behavior) in I(cache_behaviors) with defaults. + cache_behavior in I(cache_behaviors) with defaults. suboptions: target_origin_id: description: @@ -492,7 +492,7 @@ enabled: description: - A boolean value that specifies whether the distribution is enabled or disabled. - default: false + - Defaults to C(false). type: bool viewer_certificate: @@ -504,18 +504,18 @@ type: bool description: - If you're using the CloudFront domain name for your distribution, such as C(123456789abcde.cloudfront.net) - you should set I(cloudfront_default_certificate=true) + you should set I(cloudfront_default_certificate=true). - If I(cloudfront_default_certificate=true) do not set I(ssl_support_method). iam_certificate_id: type: str description: - The ID of a certificate stored in IAM to use for HTTPS connections. - - If I(iam_certificate_id) is set then you must also specify I(ssl_support_method) + - If I(iam_certificate_id) is set then you must also specify I(ssl_support_method). acm_certificate_arn: type: str description: - The ID of a certificate stored in ACM to use for HTTPS connections. - - If I(acm_certificate_id) is set then you must also specify I(ssl_support_method) + - If I(acm_certificate_id) is set then you must also specify I(ssl_support_method). ssl_support_method: type: str description: @@ -541,12 +541,12 @@ type: str description: - The method that you want to use to restrict distribution of your content by country. - - Valid values are C(none), C(whitelist), C(blacklist) + - Valid values are C(none), C(whitelist), C(blacklist). items: description: - A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to. - - 'See the ISO website for a full list of codes U(https://www.iso.org/obp/ui/#search/code/)' + - 'See the ISO website for a full list of codes U(https://www.iso.org/obp/ui/#search/code/).' type: list web_acl_id: @@ -558,14 +558,14 @@ description: - The version of the http protocol to use for the distribution. - AWS defaults this to C(http2). - - Valid values are C(http1.1) and C(http2) + - Valid values are C(http1.1) and C(http2). type: str ipv6_enabled: description: - Determines whether IPv6 support is enabled or not. + - Defaults to C(false). type: bool - default: false wait: description: diff --git a/plugins/modules/ec2_ami_copy.py b/plugins/modules/ec2_ami_copy.py index 79ebf577394..38f1123168f 100644 --- a/plugins/modules/ec2_ami_copy.py +++ b/plugins/modules/ec2_ami_copy.py @@ -27,7 +27,7 @@ type: str name: description: - - The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.) + - The name of the new AMI to copy. (As of 2.3 the default is C(default), in prior versions it was C(null).) default: "default" type: str description: @@ -38,20 +38,22 @@ description: - Whether or not the destination snapshots of the copied AMI should be encrypted. type: bool + default: false kms_key_id: description: - KMS key id used to encrypt the image. If not specified, uses default EBS Customer Master Key (CMK) for your account. type: str wait: description: - - Wait for the copied AMI to be in state 'available' before returning. + - Wait for the copied AMI to be in state C(available) before returning. type: bool default: 'no' wait_timeout: description: - - How long before wait gives up, in seconds. Prior to 2.3 the default was 1200. + - How long before wait gives up, in seconds. + - Prior to 2.3 the default was C(1200). - From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. - This was reenabled in 2.6 to allow timeouts greater than 10 minutes. + - This was reenabled in 2.6 to allow timeouts greater than 10 minutes. default: 600 type: int tags: diff --git a/plugins/modules/ec2_vpc_vpn.py b/plugins/modules/ec2_vpc_vpn.py index 9067d522129..6e18e724258 100644 --- a/plugins/modules/ec2_vpc_vpn.py +++ b/plugins/modules/ec2_vpc_vpn.py @@ -35,7 +35,7 @@ connection_type: description: - The type of VPN connection. - - At this time only 'ipsec.1' is supported. + - At this time only C(ipsec.1) is supported. default: ipsec.1 type: str vpn_gateway_id: @@ -63,8 +63,8 @@ required: no tunnel_options: description: - - An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' - and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of + - An optional list object containing no more than two dict members, each of which may contain I(TunnelInsideCidr) + and/or I(PreSharedKey) keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys. required: no type: list @@ -78,11 +78,11 @@ description: The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. filters: description: - - An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. + - An alternative to using I(vpn_connection_id). If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN - that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the - destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple - VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one + that correlates. e.g. if the filter I(cidr) is C(['194.168.2.0/24', '192.168.2.0/24']) and the VPN route only has the + destination cidr block of C(192.168.2.0/24) it will be found with this filter (assuming there are not multiple + VPNs that are matched). Another example, if the filter I(vpn) is equal to C(['vpn-ccf7e7ad', 'vpn-cb0ae2a2']) and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples. suboptions: @@ -91,7 +91,7 @@ - The customer gateway configuration of the VPN as a string (in the format of the return value) or a list of those strings. static-routes-only: description: - - The type of routing; true or false. + - The type of routing; C(true) or C(false). cidr: description: - The destination cidr of the VPN's route as a string or a list of those strings. @@ -127,15 +127,16 @@ description: - Whether or not to delete VPN connections routes that are not specified in the task. type: bool + default: false wait_timeout: description: - - How long before wait gives up, in seconds. + - How long, in seconds, before wait gives up. default: 600 type: int required: false delay: description: - - The time to wait before checking operation again. in seconds. + - The time, in seconds, to wait before checking operation again. required: false type: int default: 15 diff --git a/plugins/modules/ecs_ecr.py b/plugins/modules/ecs_ecr.py index 8e344665a0e..4ae7d40cd2a 100644 --- a/plugins/modules/ecs_ecr.py +++ b/plugins/modules/ecs_ecr.py @@ -45,8 +45,8 @@ description: - If yes, remove the policy from the repository. - Alias C(delete_policy) has been deprecated and will be removed after 2022-06-01. + - Defaults to C(false). required: false - default: false type: bool aliases: [ delete_policy ] image_tag_mutability: @@ -63,9 +63,9 @@ type: json purge_lifecycle_policy: description: - - if yes, remove the lifecycle policy from the repository. + - if C(true), remove the lifecycle policy from the repository. + - Defaults to C(false). required: false - default: false type: bool state: description: @@ -76,7 +76,7 @@ type: str scan_on_push: description: - - if yes, images are scanned for known vulnerabilities after being pushed to the repository. + - if C(true), images are scanned for known vulnerabilities after being pushed to the repository. - I(scan_on_push) requires botocore >= 1.13.3 required: false default: false diff --git a/plugins/modules/ecs_service.py b/plugins/modules/ecs_service.py index 499fa0d4711..7bc3d467df7 100644 --- a/plugins/modules/ecs_service.py +++ b/plugins/modules/ecs_service.py @@ -88,6 +88,7 @@ - Force deployment of service even if there are no changes. required: false type: bool + default: false deployment_configuration: description: - Optional parameters that control the deployment_configuration. @@ -136,12 +137,12 @@ suboptions: subnets: description: - - A list of subnet IDs to associate with the task + - A list of subnet IDs to associate with the task. type: list elements: str security_groups: description: - - A list of security group names or group IDs to associate with the task + - A list of security group names or group IDs to associate with the task. type: list elements: str assign_public_ip: @@ -170,19 +171,20 @@ suboptions: container_name: description: - - container name for service discovery registration + - Container name for service discovery registration. type: str container_port: description: - - container port for service discovery registration + - Container port for service discovery registration. type: int arn: description: - - Service discovery registry ARN + - Service discovery registry ARN. type: str scheduling_strategy: description: - - The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior + - The scheduling strategy. + - Defaults to C(REPLICA) if not given to preserve previous behavior. required: false choices: ["DAEMON", "REPLICA"] type: str diff --git a/plugins/modules/ecs_taskdefinition.py b/plugins/modules/ecs_taskdefinition.py index c1a30b33307..6158fb4ec21 100644 --- a/plugins/modules/ecs_taskdefinition.py +++ b/plugins/modules/ecs_taskdefinition.py @@ -42,6 +42,7 @@ - Always create new task definition. required: False type: bool + default: false containers: description: - A list of containers definitions. @@ -95,7 +96,7 @@ memory: description: - The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used. - - If using the Fargate launch type, this field is required and is limited by the cpu. + - If using the Fargate launch type, this field is required and is limited by the CPU. required: false type: str extends_documentation_fragment: diff --git a/plugins/modules/elasticache.py b/plugins/modules/elasticache.py index b8848f324af..d6a649ba17b 100644 --- a/plugins/modules/elasticache.py +++ b/plugins/modules/elasticache.py @@ -64,17 +64,17 @@ type: str cache_subnet_group: description: - - The subnet group name to associate with. Only use if inside a vpc. - - Required if inside a vpc + - The subnet group name to associate with. Only use if inside a VPC. + - Required if inside a VPC. type: str security_group_ids: description: - - A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc. + - A list of VPC security group IDs to associate with this cache cluster. Only use if inside a VPC. type: list elements: str cache_security_groups: description: - - A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc. + - A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a VPC. type: list elements: str zone: @@ -89,8 +89,8 @@ hard_modify: description: - Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state. + - Defaults to C(false). type: bool - default: false extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 diff --git a/plugins/modules/elb_application_lb.py b/plugins/modules/elb_application_lb.py index dc138fb2294..f18a00816b8 100644 --- a/plugins/modules/elb_application_lb.py +++ b/plugins/modules/elb_application_lb.py @@ -22,7 +22,7 @@ --- module: elb_application_lb version_added: 1.0.0 -short_description: Manage an Application load balancer +short_description: Manage an Application Load Balancer description: - Manage an AWS Application Elastic Load Balancer. See U(https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/) for details. requirements: [ boto3 ] @@ -50,12 +50,12 @@ deletion_protection: description: - Indicates whether deletion protection for the ELB is enabled. - default: no + - Defaults to C(false). type: bool http2: description: - Indicates whether to enable HTTP2 routing. - default: no + - Defaults to C(false). type: bool idle_timeout: description: @@ -124,14 +124,14 @@ type: str purge_listeners: description: - - If yes, existing listeners will be purged from the ELB to match exactly what is defined by I(listeners) parameter. If the I(listeners) parameter is - not set then listeners will not be modified + - If C(yes), existing listeners will be purged from the ELB to match exactly what is defined by I(listeners) parameter. + - If the I(listeners) parameter is not set then listeners will not be modified. default: yes type: bool purge_tags: description: - - If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. If the I(tags) parameter is not set then - tags will not be modified. + - If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. + - If the I(tags) parameter is not set then tags will not be modified. default: yes type: bool subnets: @@ -176,7 +176,7 @@ type: int purge_rules: description: - - When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete. + - When set to C(no), keep the existing load balancer rules in place. Will modify and add, but will not delete. default: yes type: bool extends_documentation_fragment: diff --git a/plugins/modules/elb_classic_lb.py b/plugins/modules/elb_classic_lb.py index 5d35fca3bc5..cd7d45875d1 100644 --- a/plugins/modules/elb_classic_lb.py +++ b/plugins/modules/elb_classic_lb.py @@ -19,62 +19,62 @@ options: state: description: - - Create or destroy the ELB + - Create or destroy the ELB. choices: ["present", "absent"] required: true type: str name: description: - - The name of the ELB + - The name of the ELB. required: true type: str listeners: description: - - List of ports/protocols for this ELB to listen on (see example) + - List of ports/protocols for this ELB to listen on (see example). type: list elements: dict purge_listeners: description: - - Purge existing listeners on ELB that are not found in listeners + - Purge existing listeners on ELB that are not found in listeners. type: bool - default: 'yes' + default: true instance_ids: description: - - List of instance ids to attach to this ELB + - List of instance ids to attach to this ELB. type: list elements: str purge_instance_ids: description: - - Purge existing instance ids on ELB that are not found in instance_ids + - Purge existing instance ids on ELB that are not found in I(instance_ids). type: bool - default: 'no' + default: false zones: description: - - List of availability zones to enable on this ELB + - List of availability zones to enable on this ELB. type: list elements: str purge_zones: description: - - Purge existing availability zones on ELB that are not found in zones + - Purge existing availability zones on ELB that are not found in zones. type: bool - default: 'no' + default: false security_group_ids: description: - - A list of security groups to apply to the elb + - A list of security groups to apply to the ELB. type: list elements: str security_group_names: description: - - A list of security group names to apply to the elb + - A list of security group names to apply to the ELB. type: list elements: str health_check: description: - - An associative array of health check configuration settings (see example) + - An associative array of health check configuration settings (see example). type: dict access_logs: description: - - An associative array of access logs configuration settings (see example) + - An associative array of access logs configuration settings (see example). type: dict subnets: description: @@ -83,49 +83,50 @@ elements: str purge_subnets: description: - - Purge existing subnet on ELB that are not found in subnets + - Purge existing subnets on ELB that are not found in subnets. type: bool - default: 'no' + default: false scheme: description: - - The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. - If you choose to update your scheme with a different value the ELB will be destroyed and - recreated. To update scheme you must use the option wait. + - The scheme to use when creating the ELB. + - For a private VPC-visible ELB use C(internal). + - If you choose to update your scheme with a different value the ELB will be destroyed and + recreated. To update scheme you must set I(wait=true). choices: ["internal", "internet-facing"] default: 'internet-facing' type: str validate_certs: description: - - When set to C(no), SSL certificates will not be validated for boto versions >= 2.6.0. + - When set to C(false), SSL certificates will not be validated for boto versions >= 2.6.0. type: bool - default: 'yes' + default: true connection_draining_timeout: description: - - Wait a specified timeout allowing connections to drain before terminating an instance + - Wait a specified timeout allowing connections to drain before terminating an instance. type: int idle_timeout: description: - - ELB connections from clients and to servers are timed out after this amount of time + - ELB connections from clients and to servers are timed out after this amount of time. type: int cross_az_load_balancing: description: - - Distribute load across all configured Availability Zones + - Distribute load across all configured Availability Zones. + - Defaults to C(false). type: bool - default: 'no' stickiness: description: - - An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example ) + - An associative array of stickiness policy settings. Policy will be applied to all listeners (see example). type: dict wait: description: - When specified, Ansible will check the status of the load balancer to ensure it has been successfully removed from AWS. type: bool - default: 'no' + default: false wait_timeout: description: - - Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. - A maximum of 600 seconds (10 minutes) is allowed. + - Used in conjunction with wait. Number of seconds to wait for the ELB to be terminated. + A maximum of C(600) seconds (10 minutes) is allowed. default: 60 type: int tags: diff --git a/plugins/modules/elb_network_lb.py b/plugins/modules/elb_network_lb.py index 83e1ea416dc..5e34c527276 100644 --- a/plugins/modules/elb_network_lb.py +++ b/plugins/modules/elb_network_lb.py @@ -21,12 +21,12 @@ cross_zone_load_balancing: description: - Indicates whether cross-zone load balancing is enabled. - default: false + - Defaults to C(false). type: bool deletion_protection: description: - Indicates whether deletion protection for the ELB is enabled. - default: false + - Defaults to C(false). type: bool listeners: description: diff --git a/plugins/modules/elb_target.py b/plugins/modules/elb_target.py index 06ff79e2653..b8cda233814 100644 --- a/plugins/modules/elb_target.py +++ b/plugins/modules/elb_target.py @@ -12,27 +12,30 @@ version_added: 1.0.0 short_description: Manage a target in a target group description: - - Used to register or deregister a target in a target group + - Used to register or deregister a target in a target group. author: "Rob White (@wimnat)" options: deregister_unused: description: - - The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them - set I(deregister_unused) to yes. + - The default behaviour for targets that are unused is to leave them registered. + - If instead you would like to remove them set I(deregister_unused=true). + default: false type: bool target_az: description: - - An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified + - An Availability Zone or C(all). This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance. type: str target_group_arn: description: - - The Amazon Resource Name (ARN) of the target group. Mutually exclusive of I(target_group_name). + - The Amazon Resource Name (ARN) of the target group. + - Mutually exclusive of I(target_group_name). type: str target_group_name: description: - - The name of the target group. Mutually exclusive of I(target_group_arn). + - The name of the target group. + - Mutually exclusive of I(target_group_arn). type: str target_id: description: @@ -55,7 +58,7 @@ type: str target_status_timeout: description: - - Maximum time in seconds to wait for target_status change + - Maximum time in seconds to wait for I(target_status) change. required: false default: 60 type: int diff --git a/plugins/modules/iam_cert.py b/plugins/modules/iam_cert.py index 8ad5bb88b33..96c9bccae7c 100644 --- a/plugins/modules/iam_cert.py +++ b/plugins/modules/iam_cert.py @@ -33,17 +33,17 @@ type: str new_name: description: - - When state is present, this will update the name of the cert. - - The cert, key and cert_chain parameters will be ignored if this is defined. + - When I(state=present), this will update the name of the cert. + - The I(cert), I(key) and I(cert_chain) parameters will be ignored if this is defined. type: str new_path: description: - - When state is present, this will update the path of the cert. + - When I(state=present), this will update the path of the cert. - The I(cert), I(key) and I(cert_chain) parameters will be ignored if this is defined. type: str state: description: - - Whether to create(or update) or delete the certificate. + - Whether to create (or update) or delete the certificate. - If I(new_path) or I(new_name) is defined, specifying present will attempt to make an update these. required: true choices: [ "present", "absent" ] @@ -72,7 +72,7 @@ description: - By default the module will not upload a certificate that is already uploaded into AWS. - If I(dup_ok=True), it will upload the certificate as long as the name is unique. - default: False + - Defaults to C(false). type: bool requirements: [ "boto" ] diff --git a/plugins/modules/route53.py b/plugins/modules/route53.py index 6b69363f2d0..6caf385002f 100644 --- a/plugins/modules/route53.py +++ b/plugins/modules/route53.py @@ -12,14 +12,14 @@ --- module: route53 version_added: 1.0.0 -short_description: add or delete entries in Amazons Route53 DNS service +short_description: add or delete entries in Amazons Route 53 DNS service description: - - Creates and deletes DNS records in Amazons Route53 service + - Creates and deletes DNS records in Amazons Route 53 service. options: state: description: - Specifies the state of the resource record. As of Ansible 2.4, the I(command) option has been changed - to I(state) as default and the choices 'present' and 'absent' have been added, but I(command) still works as well. + to I(state) as default and the choices C(present) and C(absent) have been added, but I(command) still works as well. required: true aliases: [ 'command' ] choices: [ 'present', 'absent', 'get', 'create', 'delete' ] @@ -53,8 +53,8 @@ alias: description: - Indicates if this is an alias record. + - Defaults to C(false). type: bool - default: false alias_hosted_zone_id: description: - The hosted zone identifier. @@ -67,7 +67,7 @@ value: description: - The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records. - - When deleting a record all values for the record must be specified or Route53 will not delete it. + - When deleting a record all values for the record must be specified or Route 53 will not delete it. type: list elements: str overwrite: @@ -76,14 +76,14 @@ type: bool retry_interval: description: - - In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. - If you have many domain names, the default of 500 seconds may be too long. + - In the case that Route 53 is still servicing a prior request, this module will wait and try again after this many seconds. + If you have many domain names, the default of C(500) seconds may be too long. default: 500 type: int private_zone: description: - - If set to C(yes), the private zone matching the requested name within the domain will be used if there are both public and private zones. - The default is to use the public zone. + - If set to C(true), the private zone matching the requested name within the domain will be used if there are both public and private zones. + - The default is to use the public zone. type: bool default: false identifier: diff --git a/plugins/modules/sqs_queue.py b/plugins/modules/sqs_queue.py index 40eda404b46..5d65967974a 100644 --- a/plugins/modules/sqs_queue.py +++ b/plugins/modules/sqs_queue.py @@ -10,7 +10,7 @@ --- module: sqs_queue version_added: 1.0.0 -short_description: Creates or deletes AWS SQS queues. +short_description: Creates or deletes AWS SQS queues description: - Create or delete AWS SQS queues. - Update attributes on existing queues. @@ -83,8 +83,9 @@ type: int content_based_deduplication: type: bool - description: Enables content-based deduplication. Used for FIFOs only. - default: false + description: + - Enables content-based deduplication. Used for FIFOs only. + - Defaults to C(false). tags: description: - Tag dict to apply to the queue (requires botocore 1.5.40 or above). From d6ff62371666d82dfdd1772587c305dee10497df Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Wed, 9 Dec 2020 20:23:53 +0100 Subject: [PATCH 114/129] Cleanup IGW modules (#318) * import order * Add retry decorators * Switch tests to using module_defaults * module_defaults * Add initial _info tests * Handle Boto Errors with fail_json_aws * Test state=absent when IGW missing * Support not purging tags * Support converting Tags from boto to dict * Add tagging tests * Use random CIDR for VPC * Add check_mode tests * changelog --- changelogs/fragments/318-cleanup-vpc_igw.yml | 7 + plugins/modules/ec2_vpc_igw.py | 65 +-- plugins/modules/ec2_vpc_igw_info.py | 45 +- tests/integration/targets/ec2_vpc_igw/aliases | 1 + .../targets/ec2_vpc_igw/defaults/main.yml | 4 + .../targets/ec2_vpc_igw/tasks/main.yml | 387 ++++++++++++++++-- 6 files changed, 451 insertions(+), 58 deletions(-) create mode 100644 changelogs/fragments/318-cleanup-vpc_igw.yml create mode 100644 tests/integration/targets/ec2_vpc_igw/defaults/main.yml diff --git a/changelogs/fragments/318-cleanup-vpc_igw.yml b/changelogs/fragments/318-cleanup-vpc_igw.yml new file mode 100644 index 00000000000..58dc4f50ea0 --- /dev/null +++ b/changelogs/fragments/318-cleanup-vpc_igw.yml @@ -0,0 +1,7 @@ +minor_changes: +- ec2_vpc_igw - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). +- ec2_vpc_igw_info - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). +- ec2_vpc_igw - Add ``purge_tags`` parameter so that tags can be added without purging existing tags to match the collection standard tagging behaviour (https://github.com/ansible-collections/community.aws/pull/318). +- ec2_vpc_igw_info - Add ``convert_tags`` parameter so that tags can be returned in standard dict format rather than the both list of dict format (https://github.com/ansible-collections/community.aws/pull/318). +deprecated_features: +- ec2_vpc_igw_info - After 2022-06-22 the ``convert_tags`` parameter default value will change from ``False`` to ``True`` to match the collection standard behavior (https://github.com/ansible-collections/community.aws/pull/318). diff --git a/plugins/modules/ec2_vpc_igw.py b/plugins/modules/ec2_vpc_igw.py index b920682b76c..3d8d9f3bf25 100644 --- a/plugins/modules/ec2_vpc_igw.py +++ b/plugins/modules/ec2_vpc_igw.py @@ -22,9 +22,16 @@ type: str tags: description: - - "A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed." + - A dict of tags to apply to the internet gateway. + - To remove all tags set I(tags={}) and I(purge_tags=true). aliases: [ 'resource_tags' ] type: dict + purge_tags: + description: + - Remove tags not listed in I(tags). + type: bool + default: true + version_added: 1.3.0 state: description: - Create or terminate the IGW @@ -85,17 +92,16 @@ except ImportError: pass # caught by AnsibleAWSModule +from ansible.module_utils.six import string_types + from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.waiters import get_waiter -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ( - AWSRetry, - camel_dict_to_snake_dict, - boto3_tag_list_to_ansible_dict, - ansible_dict_to_boto3_filter_list, - ansible_dict_to_boto3_tag_list, - compare_aws_tags -) -from ansible.module_utils.six import string_types +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_tag_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_aws_tags class AnsibleEc2Igw(object): @@ -103,16 +109,17 @@ class AnsibleEc2Igw(object): def __init__(self, module, results): self._module = module self._results = results - self._connection = self._module.client('ec2') + self._connection = self._module.client('ec2', retry_decorator=AWSRetry.jittered_backoff()) self._check_mode = self._module.check_mode def process(self): vpc_id = self._module.params.get('vpc_id') state = self._module.params.get('state', 'present') tags = self._module.params.get('tags') + purge_tags = self._module.params.get('purge_tags') if state == 'present': - self.ensure_igw_present(vpc_id, tags) + self.ensure_igw_present(vpc_id, tags, purge_tags) elif state == 'absent': self.ensure_igw_absent(vpc_id) @@ -120,7 +127,7 @@ def get_matching_igw(self, vpc_id): filters = ansible_dict_to_boto3_filter_list({'attachment.vpc-id': vpc_id}) igws = [] try: - response = self._connection.describe_internet_gateways(Filters=filters) + response = self._connection.describe_internet_gateways(aws_retry=True, Filters=filters) igws = response.get('InternetGateways', []) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self._module.fail_json_aws(e) @@ -135,21 +142,25 @@ def get_matching_igw(self, vpc_id): return igw def check_input_tags(self, tags): + if tags is None: + return nonstring_tags = [k for k, v in tags.items() if not isinstance(v, string_types)] if nonstring_tags: self._module.fail_json(msg='One or more tags contain non-string values: {0}'.format(nonstring_tags)) - def ensure_tags(self, igw_id, tags, add_only): + def ensure_tags(self, igw_id, tags, purge_tags): final_tags = [] filters = ansible_dict_to_boto3_filter_list({'resource-id': igw_id, 'resource-type': 'internet-gateway'}) cur_tags = None try: - cur_tags = self._connection.describe_tags(Filters=filters) + cur_tags = self._connection.describe_tags(aws_retry=True, Filters=filters) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self._module.fail_json_aws(e, msg="Couldn't describe tags") - purge_tags = bool(not add_only) + if tags is None: + return boto3_tag_list_to_ansible_dict(cur_tags.get('Tags')) + to_update, to_delete = compare_aws_tags(boto3_tag_list_to_ansible_dict(cur_tags.get('Tags')), tags, purge_tags) final_tags = boto3_tag_list_to_ansible_dict(cur_tags.get('Tags')) @@ -159,7 +170,8 @@ def ensure_tags(self, igw_id, tags, add_only): # update tags final_tags.update(to_update) else: - AWSRetry.exponential_backoff()(self._connection.create_tags)( + self._connection.create_tags( + aws_retry=True, Resources=[igw_id], Tags=ansible_dict_to_boto3_tag_list(to_update) ) @@ -179,7 +191,7 @@ def ensure_tags(self, igw_id, tags, add_only): for key in to_delete: tags_list.append({'Key': key}) - AWSRetry.exponential_backoff()(self._connection.delete_tags)(Resources=[igw_id], Tags=tags_list) + self._connection.delete_tags(aws_retry=True, Resources=[igw_id], Tags=tags_list) self._results['changed'] = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: @@ -187,7 +199,7 @@ def ensure_tags(self, igw_id, tags, add_only): if not self._check_mode and (to_update or to_delete): try: - response = self._connection.describe_tags(Filters=filters) + response = self._connection.describe_tags(aws_retry=True, Filters=filters) final_tags = boto3_tag_list_to_ansible_dict(response.get('Tags')) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self._module.fail_json_aws(e, msg="Couldn't describe tags") @@ -213,14 +225,14 @@ def ensure_igw_absent(self, vpc_id): try: self._results['changed'] = True - self._connection.detach_internet_gateway(InternetGatewayId=igw['internet_gateway_id'], VpcId=vpc_id) - self._connection.delete_internet_gateway(InternetGatewayId=igw['internet_gateway_id']) + self._connection.detach_internet_gateway(aws_retry=True, InternetGatewayId=igw['internet_gateway_id'], VpcId=vpc_id) + self._connection.delete_internet_gateway(aws_retry=True, InternetGatewayId=igw['internet_gateway_id']) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self._module.fail_json_aws(e, msg="Unable to delete Internet Gateway") return self._results - def ensure_igw_present(self, vpc_id, tags): + def ensure_igw_present(self, vpc_id, tags, purge_tags): self.check_input_tags(tags) igw = self.get_matching_igw(vpc_id) @@ -232,21 +244,21 @@ def ensure_igw_present(self, vpc_id, tags): return self._results try: - response = self._connection.create_internet_gateway() + response = self._connection.create_internet_gateway(aws_retry=True) # Ensure the gateway exists before trying to attach it or add tags waiter = get_waiter(self._connection, 'internet_gateway_exists') waiter.wait(InternetGatewayIds=[response['InternetGateway']['InternetGatewayId']]) igw = camel_dict_to_snake_dict(response['InternetGateway']) - self._connection.attach_internet_gateway(InternetGatewayId=igw['internet_gateway_id'], VpcId=vpc_id) + self._connection.attach_internet_gateway(aws_retry=True, InternetGatewayId=igw['internet_gateway_id'], VpcId=vpc_id) self._results['changed'] = True except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: self._module.fail_json_aws(e, msg='Unable to create Internet Gateway') igw['vpc_id'] = vpc_id - igw['tags'] = self.ensure_tags(igw_id=igw['internet_gateway_id'], tags=tags, add_only=False) + igw['tags'] = self.ensure_tags(igw_id=igw['internet_gateway_id'], tags=tags, purge_tags=purge_tags) igw_info = self.get_igw_info(igw) self._results.update(igw_info) @@ -258,7 +270,8 @@ def main(): argument_spec = dict( vpc_id=dict(required=True), state=dict(default='present', choices=['present', 'absent']), - tags=dict(default=dict(), required=False, type='dict', aliases=['resource_tags']) + tags=dict(required=False, type='dict', aliases=['resource_tags']), + purge_tags=dict(default=True, type='bool'), ) module = AnsibleAWSModule( diff --git a/plugins/modules/ec2_vpc_igw_info.py b/plugins/modules/ec2_vpc_igw_info.py index 4719d495fd8..ab7d26a80b4 100644 --- a/plugins/modules/ec2_vpc_igw_info.py +++ b/plugins/modules/ec2_vpc_igw_info.py @@ -27,6 +27,12 @@ - Get details of specific Internet Gateway ID. Provide this value as a list. type: list elements: str + convert_tags: + description: + - Convert tags from boto3 format (list of dictionaries) to the standard dictionary format. + - This currently defaults to C(False). The default will be changed to C(True) after 2022-06-22. + type: bool + version_added: 1.3.0 extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 @@ -94,31 +100,45 @@ pass # Handled by AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict +from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict from ansible_collections.amazon.aws.plugins.module_utils.ec2 import ansible_dict_to_boto3_filter_list +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import camel_dict_to_snake_dict -def get_internet_gateway_info(internet_gateway): +def get_internet_gateway_info(internet_gateway, convert_tags): + if convert_tags: + tags = boto3_tag_list_to_ansible_dict(internet_gateway['Tags']) + ignore_list = ["Tags"] + else: + tags = internet_gateway['Tags'] + ignore_list = [] internet_gateway_info = {'InternetGatewayId': internet_gateway['InternetGatewayId'], 'Attachments': internet_gateway['Attachments'], - 'Tags': internet_gateway['Tags']} + 'Tags': tags} + + internet_gateway_info = camel_dict_to_snake_dict(internet_gateway_info, ignore_list=ignore_list) return internet_gateway_info -def list_internet_gateways(client, module): +def list_internet_gateways(connection, module): params = dict() params['Filters'] = ansible_dict_to_boto3_filter_list(module.params.get('filters')) + convert_tags = module.params.get('convert_tags') if module.params.get("internet_gateway_ids"): params['InternetGatewayIds'] = module.params.get("internet_gateway_ids") try: - all_internet_gateways = client.describe_internet_gateways(**params) - except botocore.exceptions.ClientError as e: - module.fail_json(msg=str(e)) + all_internet_gateways = connection.describe_internet_gateways(aws_retry=True, **params) + except is_boto3_error_code('InvalidInternetGatewayID.NotFound'): + module.fail_json('InternetGateway not found') + except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: # pylint: disable=duplicate-except + module.fail_json_aws(e, 'Unable to describe internet gateways') - return [camel_dict_to_snake_dict(get_internet_gateway_info(igw)) + return [get_internet_gateway_info(igw, convert_tags) for igw in all_internet_gateways['InternetGateways']] @@ -126,15 +146,22 @@ def main(): argument_spec = dict( filters=dict(type='dict', default=dict()), internet_gateway_ids=dict(type='list', default=None, elements='str'), + convert_tags=dict(type='bool'), ) module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) if module._name == 'ec2_vpc_igw_facts': module.deprecate("The 'ec2_vpc_igw_facts' module has been renamed to 'ec2_vpc_igw_info'", date='2021-12-01', collection_name='community.aws') + if module.params.get('convert_tags') is None: + module.deprecate('This module currently returns boto3 style tags by default. ' + 'This default has been deprecated and the module will return a simple dictionary in future. ' + 'This behaviour can be controlled through the convert_tags parameter.', + date='2021-12-01', collection_name='community.aws') + # Validate Requirements try: - connection = module.client('ec2') + connection = module.client('ec2', retry_decorator=AWSRetry.jittered_backoff()) except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e: module.fail_json_aws(e, msg='Failed to connect to AWS') diff --git a/tests/integration/targets/ec2_vpc_igw/aliases b/tests/integration/targets/ec2_vpc_igw/aliases index 6e3860bee23..6b8a2ae5af7 100644 --- a/tests/integration/targets/ec2_vpc_igw/aliases +++ b/tests/integration/targets/ec2_vpc_igw/aliases @@ -1,2 +1,3 @@ cloud/aws shippable/aws/group2 +ec2_vpc_igw_info diff --git a/tests/integration/targets/ec2_vpc_igw/defaults/main.yml b/tests/integration/targets/ec2_vpc_igw/defaults/main.yml new file mode 100644 index 00000000000..eeda091c81c --- /dev/null +++ b/tests/integration/targets/ec2_vpc_igw/defaults/main.yml @@ -0,0 +1,4 @@ +--- +vpc_name: '{{ resource_prefix }}-vpc' +vpc_seed: '{{ resource_prefix }}' +vpc_cidr: '10.{{ 256 | random(seed=vpc_seed) }}.0.0/16' diff --git a/tests/integration/targets/ec2_vpc_igw/tasks/main.yml b/tests/integration/targets/ec2_vpc_igw/tasks/main.yml index 56da84772a2..634438c0875 100644 --- a/tests/integration/targets/ec2_vpc_igw/tasks/main.yml +++ b/tests/integration/targets/ec2_vpc_igw/tasks/main.yml @@ -3,72 +3,415 @@ collections: - amazon.aws + module_defaults: + group/aws: + aws_access_key: "{{ aws_access_key }}" + aws_secret_key: "{{ aws_secret_key }}" + security_token: "{{ security_token | default(omit) }}" + region: "{{ aws_region }}" block: - - name: set up aws connection info - set_fact: - aws_connection_info: &aws_connection_info - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" - security_token: "{{ security_token }}" - region: "{{ aws_region }}" - no_log: yes + # ============================================================ + - name: Fetch IGWs in check_mode + ec2_vpc_igw_info: + register: igw_info + check_mode: True + + - name: Assert success + assert: + that: + - igw_info is successful + - '"internet_gateways" in igw_info' # ============================================================ - name: create a VPC ec2_vpc_net: - name: "{{ resource_prefix }}-vpc" + name: "{{ vpc_name }}" state: present - cidr_block: "10.232.232.128/26" - <<: *aws_connection_info + cidr_block: "{{ vpc_cidr }}" tags: Name: "{{ resource_prefix }}-vpc" Description: "Created by ansible-test" register: vpc_result + - name: Assert success + assert: + that: + - vpc_result is successful + # ============================================================ + - name: Search for internet gateway by VPC - no matches + ec2_vpc_igw_info: + filters: + attachment.vpc-id: '{{ vpc_result.vpc.id }}' + register: igw_info + + - name: Assert success + assert: + that: + - igw_info is successful + - '"internet_gateways" in igw_info' + + # ============================================================ + - name: create internet gateway (expected changed=true) - CHECK_MODE + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: + tag_one: '{{ resource_prefix }} One' + "Tag Two": 'two {{ resource_prefix }}' + register: vpc_igw_create + check_mode: yes + + - name: assert creation would happen (expected changed=true) - CHECK_MODE + assert: + that: + - vpc_igw_create is changed + - name: create internet gateway (expected changed=true) ec2_vpc_igw: state: present vpc_id: "{{ vpc_result.vpc.id }}" - <<: *aws_connection_info + tags: + tag_one: '{{ resource_prefix }} One' + "Tag Two": 'two {{ resource_prefix }}' register: vpc_igw_create - name: assert creation happened (expected changed=true) assert: that: - - 'vpc_igw_create' + - vpc_igw_create is changed - 'vpc_igw_create.gateway_id.startswith("igw-")' - 'vpc_igw_create.vpc_id == vpc_result.vpc.id' - '"tags" in vpc_igw_create' + - vpc_igw_create.tags | length == 2 + - vpc_igw_create.tags["tag_one"] == '{{ resource_prefix }} One' + - vpc_igw_create.tags["Tag Two"] == 'two {{ resource_prefix }}' - '"gateway_id" in vpc_igw_create' # ============================================================ + - name: Save IDs for later + set_fact: + igw_id: '{{ vpc_igw_create.gateway_id }}' + vpc_id: '{{ vpc_result.vpc.id }}' + + # ============================================================ + - name: Search for internet gateway by VPC + ec2_vpc_igw_info: + filters: + attachment.vpc-id: '{{ vpc_id }}' + register: igw_info + + - name: 'Check standard IGW details' + assert: + that: + - '"internet_gateways" in igw_info' + - igw_info.internet_gateways | length == 1 + - '"attachments" in current_igw' + - current_igw.attachments | length == 1 + - '"state" in current_igw.attachments[0]' + - current_igw.attachments[0].state == "available" + - '"vpc_id" in current_igw.attachments[0]' + - current_igw.attachments[0].vpc_id == vpc_id + - '"internet_gateway_id" in current_igw' + - current_igw.internet_gateway_id == igw_id + - '"tags" in current_igw' + - current_igw.tags | length == 2 + - '"key" in current_igw.tags[0]' + - '"value" in current_igw.tags[0]' + - '"key" in current_igw.tags[1]' + - '"value" in current_igw.tags[1]' + # Order isn't guaranteed in boto3 style, so just check the keys and + # values we expect are in there. + - current_igw.tags[0].key in ["tag_one", "Tag Two"] + - current_igw.tags[1].key in ["tag_one", "Tag Two"] + - current_igw.tags[0].value in [resource_prefix + " One", "two " + resource_prefix] + - current_igw.tags[1].value in [resource_prefix + " One", "two " + resource_prefix] + vars: + current_igw: '{{ igw_info.internet_gateways[0] }}' + + # ============================================================ + - name: Fetch IGW by ID + ec2_vpc_igw_info: + internet_gateway_ids: '{{ igw_id }}' + convert_tags: yes + register: igw_info + + - name: 'Check standard IGW details' + assert: + that: + - '"internet_gateways" in igw_info' + - igw_info.internet_gateways | length == 1 + - '"attachments" in current_igw' + - current_igw.attachments | length == 1 + - '"state" in current_igw.attachments[0]' + - current_igw.attachments[0].state == "available" + - '"vpc_id" in current_igw.attachments[0]' + - current_igw.attachments[0].vpc_id == vpc_id + - '"internet_gateway_id" in current_igw' + - current_igw.internet_gateway_id == igw_id + - '"tags" in current_igw' + - current_igw.tags | length == 2 + - '"tag_one" in current_igw.tags' + - '"Tag Two" in current_igw.tags' + - current_igw.tags["tag_one"] == '{{ resource_prefix }} One' + - current_igw.tags["Tag Two"] == 'two {{ resource_prefix }}' + vars: + current_igw: '{{ igw_info.internet_gateways[0] }}' + + # ============================================================ + - name: Fetch IGW by ID (list) + ec2_vpc_igw_info: + internet_gateway_ids: + - '{{ igw_id }}' + register: igw_info + + - name: 'Check standard IGW details' + assert: + that: + - '"internet_gateways" in igw_info' + - igw_info.internet_gateways | length == 1 + - '"attachments" in current_igw' + - current_igw.attachments | length == 1 + - '"state" in current_igw.attachments[0]' + - current_igw.attachments[0].state == "available" + - '"vpc_id" in current_igw.attachments[0]' + - current_igw.attachments[0].vpc_id == vpc_id + - '"internet_gateway_id" in current_igw' + - current_igw.internet_gateway_id == igw_id + - '"tags" in current_igw' + vars: + current_igw: '{{ igw_info.internet_gateways[0] }}' + + # ============================================================ + - name: attempt to recreate internet gateway on VPC (expected changed=false) - CHECK_MODE + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + register: vpc_igw_recreate + check_mode: yes + + - name: assert recreation would do nothing (expected changed=false) - CHECK_MODE + assert: + that: + - vpc_igw_recreate is not changed + - name: attempt to recreate internet gateway on VPC (expected changed=false) ec2_vpc_igw: state: present vpc_id: "{{ vpc_result.vpc.id }}" - <<: *aws_connection_info register: vpc_igw_recreate - name: assert recreation did nothing (expected changed=false) assert: that: - - 'vpc_igw_recreate.changed == False' - - 'vpc_igw_recreate.gateway_id == vpc_igw_create.gateway_id' - - 'vpc_igw_recreate.vpc_id == vpc_igw_create.vpc_id' + - vpc_igw_recreate is not changed + - vpc_igw_recreate.gateway_id == igw_id + - vpc_igw_recreate.vpc_id == vpc_id + - '"tags" in vpc_igw_create' + - vpc_igw_create.tags | length == 2 + - vpc_igw_create.tags["tag_one"] == '{{ resource_prefix }} One' + - vpc_igw_create.tags["Tag Two"] == 'two {{ resource_prefix }}' + + # ============================================================ + - name: Update the tags (no change) - CHECK_MODE + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: + tag_one: '{{ resource_prefix }} One' + "Tag Two": 'two {{ resource_prefix }}' + register: vpc_igw_recreate + check_mode: yes + + - name: assert tag update would do nothing (expected changed=false) - CHECK_MODE + assert: + that: + - vpc_igw_recreate is not changed + + - name: Update the tags (no change) + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: + tag_one: '{{ resource_prefix }} One' + "Tag Two": 'two {{ resource_prefix }}' + register: vpc_igw_recreate + + - name: assert tag update did nothing (expected changed=false) + assert: + that: + - vpc_igw_recreate is not changed + - vpc_igw_recreate.gateway_id == igw_id + - vpc_igw_recreate.vpc_id == vpc_id + - '"tags" in vpc_igw_recreate' + - vpc_igw_recreate.tags | length == 2 + - vpc_igw_recreate.tags["tag_one"] == '{{ resource_prefix }} One' + - vpc_igw_recreate.tags["Tag Two"] == 'two {{ resource_prefix }}' + + # ============================================================ + - name: Update the tags - remove and add - CHECK_MODE + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: + tag_three: '{{ resource_prefix }} Three' + "Tag Two": 'two {{ resource_prefix }}' + register: vpc_igw_update + check_mode: yes + + - name: assert tag update would happen (expected changed=true) - CHECK_MODE + assert: + that: + - vpc_igw_update is changed + + - name: Update the tags - remove and add + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: + tag_three: '{{ resource_prefix }} Three' + "Tag Two": 'two {{ resource_prefix }}' + register: vpc_igw_update + + - name: assert tags are updated (expected changed=true) + assert: + that: + - vpc_igw_update is changed + - vpc_igw_update.gateway_id == igw_id + - vpc_igw_update.vpc_id == vpc_id + - '"tags" in vpc_igw_update' + - vpc_igw_update.tags | length == 2 + - vpc_igw_update.tags["tag_three"] == '{{ resource_prefix }} Three' + - vpc_igw_update.tags["Tag Two"] == 'two {{ resource_prefix }}' + + # ============================================================ + - name: Update the tags add without purge - CHECK_MODE + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + purge_tags: no + tags: + tag_one: '{{ resource_prefix }} One' + register: vpc_igw_update + check_mode: yes + + - name: assert tags would be added - CHECK_MODE + assert: + that: + - vpc_igw_update is changed + + - name: Update the tags add without purge + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + purge_tags: no + tags: + tag_one: '{{ resource_prefix }} One' + register: vpc_igw_update + + - name: assert tags added + assert: + that: + - vpc_igw_update is changed + - vpc_igw_update.gateway_id == igw_id + - vpc_igw_update.vpc_id == vpc_id + - '"tags" in vpc_igw_update' + - vpc_igw_update.tags | length == 3 + - vpc_igw_update.tags["tag_one"] == '{{ resource_prefix }} One' + - vpc_igw_update.tags["tag_three"] == '{{ resource_prefix }} Three' + - vpc_igw_update.tags["Tag Two"] == 'two {{ resource_prefix }}' + + # ============================================================ + - name: Remove all tags - CHECK_MODE + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: {} + register: vpc_igw_update + check_mode: yes + + - name: assert tags would be removed - CHECK_MODE + assert: + that: + - vpc_igw_update is changed + + - name: Remove all tags + ec2_vpc_igw: + state: present + vpc_id: "{{ vpc_result.vpc.id }}" + tags: {} + register: vpc_igw_update + + - name: assert tags removed + assert: + that: + - vpc_igw_update is changed + - vpc_igw_update.gateway_id == igw_id + - vpc_igw_update.vpc_id == vpc_id + - '"tags" in vpc_igw_update' + - vpc_igw_update.tags | length == 0 # ============================================================ + - name: test state=absent (expected changed=true) - CHECK_MODE + ec2_vpc_igw: + state: absent + vpc_id: "{{ vpc_result.vpc.id }}" + register: vpc_igw_delete + check_mode: yes + + - name: assert state=absent (expected changed=true) - CHECK_MODE + assert: + that: + - vpc_igw_delete is changed + - name: test state=absent (expected changed=true) ec2_vpc_igw: state: absent vpc_id: "{{ vpc_result.vpc.id }}" - <<: *aws_connection_info register: vpc_igw_delete - name: assert state=absent (expected changed=true) assert: that: - - 'vpc_igw_delete.changed' + - vpc_igw_delete is changed + + # ============================================================ + - name: Fetch IGW by ID (list) + ec2_vpc_igw_info: + internet_gateway_ids: + - '{{ igw_id }}' + register: igw_info + ignore_errors: True + + - name: 'Check IGW does not exist' + assert: + that: + # Deliberate choice not to change bevahiour when searching by ID + - igw_info is failed + + # ============================================================ + - name: test state=absent when already deleted (expected changed=false) - CHECK_MODE + ec2_vpc_igw: + state: absent + vpc_id: "{{ vpc_result.vpc.id }}" + register: vpc_igw_delete + check_mode: yes + + - name: assert state=absent (expected changed=false) - CHECK_MODE + assert: + that: + - vpc_igw_delete is not changed + + - name: test state=absent when already deleted (expected changed=false) + ec2_vpc_igw: + state: absent + vpc_id: "{{ vpc_result.vpc.id }}" + register: vpc_igw_delete + + - name: assert state=absent (expected changed=false) + assert: + that: + - vpc_igw_delete is not changed always: # ============================================================ @@ -76,13 +419,11 @@ ec2_vpc_igw: state: absent vpc_id: "{{ vpc_result.vpc.id }}" - <<: *aws_connection_info ignore_errors: true - name: tidy up VPC ec2_vpc_net: - name: "{{ resource_prefix }}-vpc" + name: "{{ vpc_name }}" state: absent - cidr_block: "10.232.232.128/26" - <<: *aws_connection_info + cidr_block: "{{ vpc_cidr }}" ignore_errors: true From be0042c0835f5076fea27ac503f6494f6af6754f Mon Sep 17 00:00:00 2001 From: Mark Woolley Date: Thu, 10 Dec 2020 12:26:03 +0000 Subject: [PATCH 115/129] Add jittered_backoff to the iam_policy & iam_policy_info modules to handle AWS rate limiting (#324) * Add jittered_backoff to handle AWS rate limiting * Fix for failing test * Add changelog fragment --- ...ittered-backoff-to-iam_policy-modules.yaml | 3 ++ plugins/modules/iam_policy.py | 28 +++++++++---------- plugins/modules/iam_policy_info.py | 15 +++++----- 3 files changed, 25 insertions(+), 21 deletions(-) create mode 100644 changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml diff --git a/changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml b/changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml new file mode 100644 index 00000000000..9dd457abba4 --- /dev/null +++ b/changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml @@ -0,0 +1,3 @@ +bugfixes: + - iam_policy - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). + - iam_policy_info - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). diff --git a/plugins/modules/iam_policy.py b/plugins/modules/iam_policy.py index e4debd7f1ce..819ed369a31 100644 --- a/plugins/modules/iam_policy.py +++ b/plugins/modules/iam_policy.py @@ -120,7 +120,7 @@ pass from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule -from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import compare_policies, AWSRetry from ansible.module_utils.six import string_types @@ -236,16 +236,16 @@ def _iam_type(): return 'user' def _list(self, name): - return self.client.list_user_policies(UserName=name) + return self.client.list_user_policies(aws_retry=True, UserName=name) def _get(self, name, policy_name): - return self.client.get_user_policy(UserName=name, PolicyName=policy_name) + return self.client.get_user_policy(aws_retry=True, UserName=name, PolicyName=policy_name) def _put(self, name, policy_name, policy_doc): - return self.client.put_user_policy(UserName=name, PolicyName=policy_name, PolicyDocument=policy_doc) + return self.client.put_user_policy(aws_retry=True, UserName=name, PolicyName=policy_name, PolicyDocument=policy_doc) def _delete(self, name, policy_name): - return self.client.delete_user_policy(UserName=name, PolicyName=policy_name) + return self.client.delete_user_policy(aws_retry=True, UserName=name, PolicyName=policy_name) class RolePolicy(Policy): @@ -255,16 +255,16 @@ def _iam_type(): return 'role' def _list(self, name): - return self.client.list_role_policies(RoleName=name) + return self.client.list_role_policies(aws_retry=True, RoleName=name) def _get(self, name, policy_name): - return self.client.get_role_policy(RoleName=name, PolicyName=policy_name) + return self.client.get_role_policy(aws_retry=True, RoleName=name, PolicyName=policy_name) def _put(self, name, policy_name, policy_doc): - return self.client.put_role_policy(RoleName=name, PolicyName=policy_name, PolicyDocument=policy_doc) + return self.client.put_role_policy(aws_retry=True, RoleName=name, PolicyName=policy_name, PolicyDocument=policy_doc) def _delete(self, name, policy_name): - return self.client.delete_role_policy(RoleName=name, PolicyName=policy_name) + return self.client.delete_role_policy(aws_retry=True, RoleName=name, PolicyName=policy_name) class GroupPolicy(Policy): @@ -274,16 +274,16 @@ def _iam_type(): return 'group' def _list(self, name): - return self.client.list_group_policies(GroupName=name) + return self.client.list_group_policies(aws_retry=True, GroupName=name) def _get(self, name, policy_name): - return self.client.get_group_policy(GroupName=name, PolicyName=policy_name) + return self.client.get_group_policy(aws_retry=True, GroupName=name, PolicyName=policy_name) def _put(self, name, policy_name, policy_doc): - return self.client.put_group_policy(GroupName=name, PolicyName=policy_name, PolicyDocument=policy_doc) + return self.client.put_group_policy(aws_retry=True, GroupName=name, PolicyName=policy_name, PolicyDocument=policy_doc) def _delete(self, name, policy_name): - return self.client.delete_group_policy(GroupName=name, PolicyName=policy_name) + return self.client.delete_group_policy(aws_retry=True, GroupName=name, PolicyName=policy_name) def main(): @@ -314,7 +314,7 @@ def main(): date='2022-06-01', collection_name='community.aws') args = dict( - client=module.client('iam'), + client=module.client('iam', retry_decorator=AWSRetry.jittered_backoff()), name=module.params.get('iam_name'), policy_name=module.params.get('policy_name'), policy_document=module.params.get('policy_document'), diff --git a/plugins/modules/iam_policy_info.py b/plugins/modules/iam_policy_info.py index f9ea30b8cc4..c919caec816 100644 --- a/plugins/modules/iam_policy_info.py +++ b/plugins/modules/iam_policy_info.py @@ -85,6 +85,7 @@ pass from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule +from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible.module_utils.six import string_types @@ -147,10 +148,10 @@ def _iam_type(): return 'user' def _list(self, name): - return self.client.list_user_policies(UserName=name) + return self.client.list_user_policies(aws_retry=True, UserName=name) def _get(self, name, policy_name): - return self.client.get_user_policy(UserName=name, PolicyName=policy_name) + return self.client.get_user_policy(aws_retry=True, UserName=name, PolicyName=policy_name) class RolePolicy(Policy): @@ -160,10 +161,10 @@ def _iam_type(): return 'role' def _list(self, name): - return self.client.list_role_policies(RoleName=name) + return self.client.list_role_policies(aws_retry=True, RoleName=name) def _get(self, name, policy_name): - return self.client.get_role_policy(RoleName=name, PolicyName=policy_name) + return self.client.get_role_policy(aws_retry=True, RoleName=name, PolicyName=policy_name) class GroupPolicy(Policy): @@ -173,10 +174,10 @@ def _iam_type(): return 'group' def _list(self, name): - return self.client.list_group_policies(GroupName=name) + return self.client.list_group_policies(aws_retry=True, GroupName=name) def _get(self, name, policy_name): - return self.client.get_group_policy(GroupName=name, PolicyName=policy_name) + return self.client.get_group_policy(aws_retry=True, GroupName=name, PolicyName=policy_name) def main(): @@ -189,7 +190,7 @@ def main(): module = AnsibleAWSModule(argument_spec=argument_spec, supports_check_mode=True) args = dict( - client=module.client('iam'), + client=module.client('iam', retry_decorator=AWSRetry.jittered_backoff()), name=module.params.get('iam_name'), policy_name=module.params.get('policy_name'), ) From 6c0273b79c1b9f02f8e7f452fcbdf1904cf7767d Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 14 Dec 2020 19:26:06 +0100 Subject: [PATCH 116/129] Fixup ec2_eip tests - work around ec2_instance flakes (#333) * Explicitly pass the subnet the instance should live on - try to avoid https://github.com/ansible-collections/community.aws/issues/329 * Make sure we delete the Instance (and free the EIP) before we try to drop the IGW * Use IDs when cleaning up EC2 instances --- .../targets/ec2_eip/tasks/main.yml | 49 +++++++++++++------ 1 file changed, 33 insertions(+), 16 deletions(-) diff --git a/tests/integration/targets/ec2_eip/tasks/main.yml b/tests/integration/targets/ec2_eip/tasks/main.yml index d296d0197bc..6d904003012 100644 --- a/tests/integration/targets/ec2_eip/tasks/main.yml +++ b/tests/integration/targets/ec2_eip/tasks/main.yml @@ -63,8 +63,10 @@ name: '{{ resource_prefix }}-instance' image_id: '{{ ec2_amis.images[0].image_id }}' security_group: '{{ security_group.group_id }}' + vpc_subnet_id: '{{ vpc_subnet_create.subnet.id }}' wait: no ## Don't delay the tests, we'll check again before we need it - register: ec2_instance_result + register: create_ec2_instance_result + # ===================================================== - name: Look for signs of concurrent EIP tests. Pause if they are running or their prefix comes before ours. vars: @@ -570,19 +572,23 @@ - eip_info.addresses[0].allocation_id is defined - eip_info.addresses[0].instance_id == '{{ instance_info.instances[0].instance_id }}' # ===================================================== - - name: Cleanup IGW - ec2_vpc_igw: - state: absent - vpc_id: '{{ vpc_result.vpc.id }}' - register: vpc_igw - name: Cleanup instance ec2_instance: - name: '{{ resource_prefix }}-instance' + instance_ids: '{{ create_ec2_instance_result.instance_ids }}' state: absent - name: Cleanup instance eip ec2_eip: state: absent public_ip: '{{ instance_eip.public_ip }}' + register: eip_cleanup + retries: 5 + delay: 5 + until: eip_cleanup is successful + - name: Cleanup IGW + ec2_vpc_igw: + state: absent + vpc_id: '{{ vpc_result.vpc.id }}' + register: vpc_igw - name: Cleanup security group ec2_group: state: absent @@ -642,6 +648,18 @@ cidr_block: '{{ vpc_cidr }}' # ===================================================== always: + - name: Cleanup instance (by id) + ec2_instance: + instance_ids: '{{ create_ec2_instance_result.instance_ids }}' + state: absent + wait: true + ignore_errors: true + - name: Cleanup instance (by name) + ec2_instance: + name: '{{ resource_prefix }}-instance' + state: absent + wait: true + ignore_errors: true - name: Cleanup ENI A ec2_eni: state: absent @@ -652,20 +670,19 @@ state: absent eni_id: '{{ eni_create_b.interface.id }}' ignore_errors: true + - name: Cleanup instance eip + ec2_eip: + state: absent + public_ip: '{{ instance_eip.public_ip }}' + retries: 5 + delay: 5 + until: eip_cleanup is successful + ignore_errors: true - name: Cleanup IGW ec2_vpc_igw: state: absent vpc_id: '{{ vpc_result.vpc.id }}' register: vpc_igw - - name: Cleanup instance - ec2_instance: - name: '{{ resource_prefix }}-instance' - state: absent - ignore_errors: true - - name: Cleanup instance eip - ec2_eip: - state: absent - public_ip: '{{ instance_eip.public_ip }}' ignore_errors: true - name: Cleanup security group ec2_group: From f544697a291009239dcee53eaea7e83628e4b1a0 Mon Sep 17 00:00:00 2001 From: Jill R <4121322+jillr@users.noreply.github.com> Date: Mon, 14 Dec 2020 13:52:05 -0700 Subject: [PATCH 117/129] Prepare 1.3.0 release (#327) Run add_docs, generate changelog, and update galaxy.yml for 1.3.0 collection release --- CHANGELOG.rst | 37 ++ README.md | 7 +- changelogs/changelog.yaml | 48 +++ .../fragments/244-rds_instance-no_log.yml | 2 - ...e-for-containers-in-ecs_taskdefinition.yml | 2 - .../265-fix-element-type-ecs_service.yml | 2 - ...lasses_to_S3_lifecycle_transition_list.yml | 2 - .../273-fix-s3sync-etag-calculation.yaml | 2 - ...3-fixed-ec2_win_password-return-state.yaml | 3 - .../311-fix-aws_kms_info-external-keys.yaml | 2 - changelogs/fragments/318-cleanup-vpc_igw.yml | 7 - ...ittered-backoff-to-iam_policy-modules.yaml | 3 - changelogs/fragments/34-redshift-tags.yml | 2 - ...kinesis_stream-get-more-shards-resolve.yml | 2 - docs/community.aws.aws_acm_info_module.rst | 2 +- docs/community.aws.aws_acm_module.rst | 2 +- docs/community.aws.aws_api_gateway_module.rst | 33 +- ....aws_application_scaling_policy_module.rst | 15 +- ...s.aws_batch_compute_environment_module.rst | 2 +- ...ty.aws.aws_batch_job_definition_module.rst | 2 +- ...mmunity.aws.aws_batch_job_queue_module.rst | 2 +- docs/community.aws.aws_codebuild_module.rst | 2 +- docs/community.aws.aws_codecommit_module.rst | 2 +- .../community.aws.aws_codepipeline_module.rst | 2 +- ...onfig_aggregation_authorization_module.rst | 2 +- ...unity.aws.aws_config_aggregator_module.rst | 2 +- ...aws.aws_config_delivery_channel_module.rst | 2 +- ...mmunity.aws.aws_config_recorder_module.rst | 2 +- docs/community.aws.aws_config_rule_module.rst | 2 +- ...rect_connect_confirm_connection_module.rst | 2 +- ...s.aws_direct_connect_connection_module.rst | 9 +- ....aws.aws_direct_connect_gateway_module.rst | 2 +- ..._connect_link_aggregation_group_module.rst | 8 +- ...irect_connect_virtual_interface_module.rst | 2 +- docs/community.aws.aws_eks_cluster_module.rst | 2 +- ...ty.aws.aws_elasticbeanstalk_app_module.rst | 2 +- ...mmunity.aws.aws_glue_connection_module.rst | 2 +- docs/community.aws.aws_glue_job_module.rst | 2 +- ...munity.aws.aws_inspector_target_module.rst | 2 +- docs/community.aws.aws_kms_info_module.rst | 2 +- docs/community.aws.aws_kms_module.rst | 2 +- docs/community.aws.aws_region_info_module.rst | 2 +- ...ommunity.aws.aws_s3_bucket_info_module.rst | 2 +- docs/community.aws.aws_s3_cors_module.rst | 2 +- docs/community.aws.aws_secret_module.rst | 2 +- .../community.aws.aws_ses_identity_module.rst | 2 +- ...ity.aws.aws_ses_identity_policy_module.rst | 2 +- .../community.aws.aws_ses_rule_set_module.rst | 2 +- docs/community.aws.aws_sgw_info_module.rst | 2 +- docs/community.aws.aws_ssm_connection.rst | 2 +- ...ity.aws.aws_ssm_parameter_store_module.rst | 2 +- ...nctions_state_machine_execution_module.rst | 2 +- ...ws_step_functions_state_machine_module.rst | 2 +- ...community.aws.aws_waf_condition_module.rst | 2 +- docs/community.aws.aws_waf_info_module.rst | 2 +- docs/community.aws.aws_waf_rule_module.rst | 2 +- docs/community.aws.aws_waf_web_acl_module.rst | 2 +- ...aws.cloudformation_exports_info_module.rst | 2 +- ...ty.aws.cloudformation_stack_set_module.rst | 2 +- ...ity.aws.cloudfront_distribution_module.rst | 28 +- docs/community.aws.cloudfront_info_module.rst | 2 +- ...ity.aws.cloudfront_invalidation_module.rst | 2 +- ...oudfront_origin_access_identity_module.rst | 2 +- docs/community.aws.cloudtrail_module.rst | 2 +- ...munity.aws.cloudwatchevent_rule_module.rst | 2 +- ...s.cloudwatchlogs_log_group_info_module.rst | 2 +- ...tchlogs_log_group_metric_filter_module.rst | 2 +- ...ty.aws.cloudwatchlogs_log_group_module.rst | 2 +- docs/community.aws.data_pipeline_module.rst | 2 +- docs/community.aws.dms_endpoint_module.rst | 2 +- ...ws.dms_replication_subnet_group_module.rst | 2 +- docs/community.aws.dynamodb_table_module.rst | 2 +- docs/community.aws.dynamodb_ttl_module.rst | 2 +- docs/community.aws.ec2_ami_copy_module.rst | 14 +- docs/community.aws.ec2_asg_info_module.rst | 2 +- ...nity.aws.ec2_asg_lifecycle_hook_module.rst | 2 +- docs/community.aws.ec2_asg_module.rst | 2 +- ...y.aws.ec2_customer_gateway_info_module.rst | 2 +- ...munity.aws.ec2_customer_gateway_module.rst | 2 +- docs/community.aws.ec2_eip_info_module.rst | 2 +- docs/community.aws.ec2_eip_module.rst | 2 +- docs/community.aws.ec2_elb_info_module.rst | 2 +- docs/community.aws.ec2_elb_module.rst | 2 +- ...community.aws.ec2_instance_info_module.rst | 2 +- docs/community.aws.ec2_instance_module.rst | 2 +- ...mmunity.aws.ec2_launch_template_module.rst | 2 +- docs/community.aws.ec2_lc_find_module.rst | 2 +- docs/community.aws.ec2_lc_info_module.rst | 2 +- docs/community.aws.ec2_lc_module.rst | 2 +- .../community.aws.ec2_metric_alarm_module.rst | 2 +- ...ty.aws.ec2_placement_group_info_module.rst | 2 +- ...mmunity.aws.ec2_placement_group_module.rst | 2 +- ...ommunity.aws.ec2_scaling_policy_module.rst | 2 +- ...community.aws.ec2_snapshot_copy_module.rst | 2 +- ...ty.aws.ec2_transit_gateway_info_module.rst | 2 +- ...mmunity.aws.ec2_transit_gateway_module.rst | 2 +- ...ommunity.aws.ec2_vpc_egress_igw_module.rst | 2 +- ...unity.aws.ec2_vpc_endpoint_info_module.rst | 2 +- .../community.aws.ec2_vpc_endpoint_module.rst | 2 +- .../community.aws.ec2_vpc_igw_info_module.rst | 23 +- docs/community.aws.ec2_vpc_igw_module.rst | 25 +- ...community.aws.ec2_vpc_nacl_info_module.rst | 2 +- docs/community.aws.ec2_vpc_nacl_module.rst | 2 +- ...ty.aws.ec2_vpc_nat_gateway_info_module.rst | 2 +- ...mmunity.aws.ec2_vpc_nat_gateway_module.rst | 2 +- docs/community.aws.ec2_vpc_peer_module.rst | 2 +- ...munity.aws.ec2_vpc_peering_info_module.rst | 2 +- ...ty.aws.ec2_vpc_route_table_info_module.rst | 2 +- ...mmunity.aws.ec2_vpc_route_table_module.rst | 2 +- .../community.aws.ec2_vpc_vgw_info_module.rst | 2 +- docs/community.aws.ec2_vpc_vgw_module.rst | 2 +- .../community.aws.ec2_vpc_vpn_info_module.rst | 2 +- docs/community.aws.ec2_vpc_vpn_module.rst | 16 +- .../community.aws.ec2_win_password_module.rst | 2 +- docs/community.aws.ecs_attribute_module.rst | 2 +- docs/community.aws.ecs_cluster_module.rst | 2 +- docs/community.aws.ecs_ecr_module.rst | 34 +- .../community.aws.ecs_service_info_module.rst | 2 +- docs/community.aws.ecs_service_module.rst | 19 +- docs/community.aws.ecs_tag_module.rst | 2 +- docs/community.aws.ecs_task_module.rst | 2 +- ...ity.aws.ecs_taskdefinition_info_module.rst | 2 +- ...ommunity.aws.ecs_taskdefinition_module.rst | 8 +- docs/community.aws.efs_info_module.rst | 2 +- docs/community.aws.efs_module.rst | 2 +- .../community.aws.elasticache_info_module.rst | 2 +- docs/community.aws.elasticache_module.rst | 13 +- ...aws.elasticache_parameter_group_module.rst | 2 +- ...munity.aws.elasticache_snapshot_module.rst | 2 +- ...ty.aws.elasticache_subnet_group_module.rst | 2 +- ...ity.aws.elb_application_lb_info_module.rst | 2 +- ...ommunity.aws.elb_application_lb_module.rst | 18 +- ...mmunity.aws.elb_classic_lb_info_module.rst | 2 +- docs/community.aws.elb_classic_lb_module.rst | 47 +-- docs/community.aws.elb_instance_module.rst | 2 +- docs/community.aws.elb_network_lb_module.rst | 8 +- ...unity.aws.elb_target_group_info_module.rst | 2 +- .../community.aws.elb_target_group_module.rst | 2 +- docs/community.aws.elb_target_info_module.rst | 2 +- docs/community.aws.elb_target_module.rst | 19 +- docs/community.aws.execute_lambda_module.rst | 2 +- docs/community.aws.iam_cert_module.rst | 13 +- docs/community.aws.iam_group_module.rst | 2 +- ...ommunity.aws.iam_managed_policy_module.rst | 2 +- ...mmunity.aws.iam_mfa_device_info_module.rst | 2 +- docs/community.aws.iam_module.rst | 2 +- ...mmunity.aws.iam_password_policy_module.rst | 2 +- docs/community.aws.iam_policy_info_module.rst | 2 +- docs/community.aws.iam_policy_module.rst | 2 +- docs/community.aws.iam_role_info_module.rst | 2 +- docs/community.aws.iam_role_module.rst | 2 +- ...mmunity.aws.iam_saml_federation_module.rst | 2 +- ...aws.iam_server_certificate_info_module.rst | 2 +- docs/community.aws.iam_user_info_module.rst | 2 +- docs/community.aws.iam_user_module.rst | 2 +- docs/community.aws.kinesis_stream_module.rst | 4 +- docs/community.aws.lambda_alias_module.rst | 2 +- docs/community.aws.lambda_event_module.rst | 2 +- docs/community.aws.lambda_facts_module.rst | 2 +- docs/community.aws.lambda_info_module.rst | 2 +- docs/community.aws.lambda_module.rst | 2 +- docs/community.aws.lambda_policy_module.rst | 2 +- docs/community.aws.lightsail_module.rst | 2 +- ...community.aws.rds_instance_info_module.rst | 2 +- docs/community.aws.rds_instance_module.rst | 2 +- docs/community.aws.rds_module.rst | 2 +- docs/community.aws.rds_param_group_module.rst | 2 +- ...community.aws.rds_snapshot_info_module.rst | 2 +- docs/community.aws.rds_snapshot_module.rst | 2 +- .../community.aws.rds_subnet_group_module.rst | 2 +- ...redshift_cross_region_snapshots_module.rst | 2 +- docs/community.aws.redshift_info_module.rst | 2 +- docs/community.aws.redshift_module.rst | 55 ++- ...unity.aws.redshift_subnet_group_module.rst | 2 +- ...munity.aws.route53_health_check_module.rst | 2 +- docs/community.aws.route53_info_module.rst | 2 +- docs/community.aws.route53_module.rst | 18 +- docs/community.aws.route53_zone_module.rst | 2 +- ...nity.aws.s3_bucket_notification_module.rst | 2 +- docs/community.aws.s3_lifecycle_module.rst | 8 +- docs/community.aws.s3_logging_module.rst | 2 +- ...ty.aws.s3_metrics_configuration_module.rst | 372 ++++++++++++++++++ docs/community.aws.s3_sync_module.rst | 2 +- docs/community.aws.s3_website_module.rst | 2 +- docs/community.aws.sns_module.rst | 2 +- docs/community.aws.sns_topic_module.rst | 2 +- docs/community.aws.sqs_queue_module.rst | 7 +- docs/community.aws.sts_assume_role_module.rst | 2 +- ...community.aws.sts_session_token_module.rst | 2 +- galaxy.yml | 4 +- tests/requirements.yml | 4 +- 191 files changed, 912 insertions(+), 333 deletions(-) delete mode 100644 changelogs/fragments/244-rds_instance-no_log.yml delete mode 100644 changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml delete mode 100644 changelogs/fragments/265-fix-element-type-ecs_service.yml delete mode 100644 changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml delete mode 100644 changelogs/fragments/273-fix-s3sync-etag-calculation.yaml delete mode 100644 changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml delete mode 100644 changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml delete mode 100644 changelogs/fragments/318-cleanup-vpc_igw.yml delete mode 100644 changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml delete mode 100644 changelogs/fragments/34-redshift-tags.yml delete mode 100644 changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml create mode 100644 docs/community.aws.s3_metrics_configuration_module.rst diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 7f88ea72945..54811a94b41 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,43 @@ community.aws Release Notes .. contents:: Topics +v1.3.0 +====== + +Minor Changes +------------- + +- ec2_vpc_igw - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). +- ec2_vpc_igw - Add ``purge_tags`` parameter so that tags can be added without purging existing tags to match the collection standard tagging behaviour (https://github.com/ansible-collections/community.aws/pull/318). +- ec2_vpc_igw_info - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). +- ec2_vpc_igw_info - Add ``convert_tags`` parameter so that tags can be returned in standard dict format rather than the both list of dict format (https://github.com/ansible-collections/community.aws/pull/318). +- rds_instance - set ``no_log=False`` on ``force_update_password`` to clear warning (https://github.com/ansible-collections/community.aws/issues/241). +- redshift - add support for setting tags. +- s3_lifecycle - Add support for intelligent tiering and deep archive storage classes (https://github.com/ansible-collections/community.aws/issues/270) + +Deprecated Features +------------------- + +- ec2_vpc_igw_info - After 2022-06-22 the ``convert_tags`` parameter default value will change from ``False`` to ``True`` to match the collection standard behavior (https://github.com/ansible-collections/community.aws/pull/318). + +Bugfixes +-------- + +- aws_kms_info - fixed incompatibility with external and custom key-store keys. The module was attempting to call `GetKeyRotationStatus`, which raises `UnsupportedOperationException` for these key types (https://github.com/ansible-collections/community.aws/pull/311). +- ec2_win_password - on success return state as not changed (https://github.com/ansible-collections/community.aws/issues/145) +- ec2_win_password - return failed if unable to decode the password (https://github.com/ansible-collections/community.aws/issues/142) +- ecs_service - fix element type for ``load_balancers`` parameter (https://github.com/ansible-collections/community.aws/issues/265). +- ecs_taskdefinition - fixes elements type for ``containers`` parameter (https://github.com/ansible-collections/community.aws/issues/264). +- iam_policy - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). +- iam_policy_info - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). +- kinesis_stream - fixes issue where kinesis streams with > 100 shards get stuck in an infinite loop (https://github.com/ansible-collections/community.aws/pull/93) +- s3_sync - fix chunk_size calculation (https://github.com/ansible-collections/community.aws/issues/272) + +New Modules +----------- + +- s3_metrics_configuration - Manage s3 bucket metrics configuration in AWS + v1.2.1 ====== diff --git a/README.md b/README.md index f5f19b2aaaf..d4b93c36e6b 100644 --- a/README.md +++ b/README.md @@ -145,7 +145,7 @@ Name | Description [community.aws.elasticache_parameter_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_parameter_group_module.rst)|Manage cache parameter groups in Amazon ElastiCache. [community.aws.elasticache_snapshot](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_snapshot_module.rst)|Manage cache snapshots in Amazon ElastiCache [community.aws.elasticache_subnet_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elasticache_subnet_group_module.rst)|manage ElastiCache subnet groups -[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_application_lb_module.rst)|Manage an Application load balancer +[community.aws.elb_application_lb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_application_lb_module.rst)|Manage an Application Load Balancer [community.aws.elb_application_lb_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_application_lb_info_module.rst)|Gather information about application ELBs in AWS [community.aws.elb_classic_lb](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_classic_lb_module.rst)|Creates or destroys Amazon ELB. [community.aws.elb_classic_lb_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.elb_classic_lb_info_module.rst)|Gather information about EC2 Elastic Load Balancers in AWS @@ -189,18 +189,19 @@ Name | Description [community.aws.redshift_cross_region_snapshots](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_cross_region_snapshots_module.rst)|Manage Redshift Cross Region Snapshots [community.aws.redshift_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_info_module.rst)|Gather information about Redshift cluster(s) [community.aws.redshift_subnet_group](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.redshift_subnet_group_module.rst)|manage Redshift cluster subnet groups -[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_module.rst)|add or delete entries in Amazons Route53 DNS service +[community.aws.route53](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_module.rst)|add or delete entries in Amazons Route 53 DNS service [community.aws.route53_health_check](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_health_check_module.rst)|Add or delete health-checks in Amazons Route53 DNS service [community.aws.route53_info](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_info_module.rst)|Retrieves route53 details using AWS methods [community.aws.route53_zone](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.route53_zone_module.rst)|add or delete Route53 zones [community.aws.s3_bucket_notification](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_bucket_notification_module.rst)|Creates, updates or deletes S3 Bucket notification for lambda [community.aws.s3_lifecycle](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_lifecycle_module.rst)|Manage s3 bucket lifecycle rules in AWS [community.aws.s3_logging](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_logging_module.rst)|Manage logging facility of an s3 bucket in AWS +[community.aws.s3_metrics_configuration](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_metrics_configuration_module.rst)|Manage s3 bucket metrics configuration in AWS [community.aws.s3_sync](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_sync_module.rst)|Efficiently upload multiple files to S3 [community.aws.s3_website](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.s3_website_module.rst)|Configure an s3 bucket as a website [community.aws.sns](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sns_module.rst)|Send Amazon Simple Notification Service messages [community.aws.sns_topic](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sns_topic_module.rst)|Manages AWS SNS topics and subscriptions -[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sqs_queue_module.rst)|Creates or deletes AWS SQS queues. +[community.aws.sqs_queue](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sqs_queue_module.rst)|Creates or deletes AWS SQS queues [community.aws.sts_assume_role](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sts_assume_role_module.rst)|Assume a role using AWS Security Token Service and obtain temporary credentials [community.aws.sts_session_token](https://github.com/ansible-collections/community.aws/blob/main/docs/community.aws.sts_session_token_module.rst)|Obtain a session token from the AWS Security Token Service diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index d42c71fe91a..25102ab8cc6 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -754,3 +754,51 @@ releases: - 234-fix_ssm_inventory_plugin_timeout_var.yaml - 25-add-sts-token-to-aws-ssm-conn-plugin.yaml release_date: '2020-10-07' + 1.3.0: + changes: + bugfixes: + - aws_kms_info - fixed incompatibility with external and custom key-store keys. + The module was attempting to call `GetKeyRotationStatus`, which raises `UnsupportedOperationException` + for these key types (https://github.com/ansible-collections/community.aws/pull/311). + - ec2_win_password - on success return state as not changed (https://github.com/ansible-collections/community.aws/issues/145) + - ec2_win_password - return failed if unable to decode the password (https://github.com/ansible-collections/community.aws/issues/142) + - ecs_service - fix element type for ``load_balancers`` parameter (https://github.com/ansible-collections/community.aws/issues/265). + - ecs_taskdefinition - fixes elements type for ``containers`` parameter (https://github.com/ansible-collections/community.aws/issues/264). + - iam_policy - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). + - iam_policy_info - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). + - kinesis_stream - fixes issue where kinesis streams with > 100 shards get stuck + in an infinite loop (https://github.com/ansible-collections/community.aws/pull/93) + - s3_sync - fix chunk_size calculation (https://github.com/ansible-collections/community.aws/issues/272) + deprecated_features: + - ec2_vpc_igw_info - After 2022-06-22 the ``convert_tags`` parameter default + value will change from ``False`` to ``True`` to match the collection standard + behavior (https://github.com/ansible-collections/community.aws/pull/318). + minor_changes: + - ec2_vpc_igw - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). + - ec2_vpc_igw - Add ``purge_tags`` parameter so that tags can be added without + purging existing tags to match the collection standard tagging behaviour (https://github.com/ansible-collections/community.aws/pull/318). + - ec2_vpc_igw_info - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). + - ec2_vpc_igw_info - Add ``convert_tags`` parameter so that tags can be returned + in standard dict format rather than the both list of dict format (https://github.com/ansible-collections/community.aws/pull/318). + - rds_instance - set ``no_log=False`` on ``force_update_password`` to clear + warning (https://github.com/ansible-collections/community.aws/issues/241). + - redshift - add support for setting tags. + - s3_lifecycle - Add support for intelligent tiering and deep archive storage + classes (https://github.com/ansible-collections/community.aws/issues/270) + fragments: + - 244-rds_instance-no_log.yml + - 264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml + - 265-fix-element-type-ecs_service.yml + - 270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml + - 273-fix-s3sync-etag-calculation.yaml + - 283-fixed-ec2_win_password-return-state.yaml + - 311-fix-aws_kms_info-external-keys.yaml + - 318-cleanup-vpc_igw.yml + - 324-add-jittered-backoff-to-iam_policy-modules.yaml + - 34-redshift-tags.yml + - 93-kinesis_stream-get-more-shards-resolve.yml + modules: + - description: Manage s3 bucket metrics configuration in AWS + name: s3_metrics_configuration + namespace: '' + release_date: '2020-12-10' diff --git a/changelogs/fragments/244-rds_instance-no_log.yml b/changelogs/fragments/244-rds_instance-no_log.yml deleted file mode 100644 index 3acb6f863fc..00000000000 --- a/changelogs/fragments/244-rds_instance-no_log.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- rds_instance - set ``no_log=False`` on ``force_update_password`` to clear warning (https://github.com/ansible-collections/community.aws/issues/241). diff --git a/changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml b/changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml deleted file mode 100644 index b68ffff4f4e..00000000000 --- a/changelogs/fragments/264-fix-elemt-type-for-containers-in-ecs_taskdefinition.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - ecs_taskdefinition - fixes elements type for ``containers`` parameter (https://github.com/ansible-collections/community.aws/issues/264). diff --git a/changelogs/fragments/265-fix-element-type-ecs_service.yml b/changelogs/fragments/265-fix-element-type-ecs_service.yml deleted file mode 100644 index 61bbd20a8ce..00000000000 --- a/changelogs/fragments/265-fix-element-type-ecs_service.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - ecs_service - fix element type for ``load_balancers`` parameter (https://github.com/ansible-collections/community.aws/issues/265). diff --git a/changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml b/changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml deleted file mode 100644 index ac1d6306704..00000000000 --- a/changelogs/fragments/270_add_additional_storage_classes_to_S3_lifecycle_transition_list.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - s3_lifecycle - Add support for intelligent tiering and deep archive storage classes (https://github.com/ansible-collections/community.aws/issues/270) diff --git a/changelogs/fragments/273-fix-s3sync-etag-calculation.yaml b/changelogs/fragments/273-fix-s3sync-etag-calculation.yaml deleted file mode 100644 index bd408c87efa..00000000000 --- a/changelogs/fragments/273-fix-s3sync-etag-calculation.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - s3_sync - fix chunk_size calculation (https://github.com/ansible-collections/community.aws/issues/272) diff --git a/changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml b/changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml deleted file mode 100644 index bacacd603bb..00000000000 --- a/changelogs/fragments/283-fixed-ec2_win_password-return-state.yaml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: - - ec2_win_password - return failed if unable to decode the password (https://github.com/ansible-collections/community.aws/issues/142) - - ec2_win_password - on success return state as not changed (https://github.com/ansible-collections/community.aws/issues/145) \ No newline at end of file diff --git a/changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml b/changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml deleted file mode 100644 index 618023c35ee..00000000000 --- a/changelogs/fragments/311-fix-aws_kms_info-external-keys.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - aws_kms_info - fixed incompatibility with external and custom key-store keys. The module was attempting to call `GetKeyRotationStatus`, which raises `UnsupportedOperationException` for these key types (https://github.com/ansible-collections/community.aws/pull/311). diff --git a/changelogs/fragments/318-cleanup-vpc_igw.yml b/changelogs/fragments/318-cleanup-vpc_igw.yml deleted file mode 100644 index 58dc4f50ea0..00000000000 --- a/changelogs/fragments/318-cleanup-vpc_igw.yml +++ /dev/null @@ -1,7 +0,0 @@ -minor_changes: -- ec2_vpc_igw - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). -- ec2_vpc_igw_info - Add AWSRetry decorators to improve reliability (https://github.com/ansible-collections/community.aws/pull/318). -- ec2_vpc_igw - Add ``purge_tags`` parameter so that tags can be added without purging existing tags to match the collection standard tagging behaviour (https://github.com/ansible-collections/community.aws/pull/318). -- ec2_vpc_igw_info - Add ``convert_tags`` parameter so that tags can be returned in standard dict format rather than the both list of dict format (https://github.com/ansible-collections/community.aws/pull/318). -deprecated_features: -- ec2_vpc_igw_info - After 2022-06-22 the ``convert_tags`` parameter default value will change from ``False`` to ``True`` to match the collection standard behavior (https://github.com/ansible-collections/community.aws/pull/318). diff --git a/changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml b/changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml deleted file mode 100644 index 9dd457abba4..00000000000 --- a/changelogs/fragments/324-add-jittered-backoff-to-iam_policy-modules.yaml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: - - iam_policy - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). - - iam_policy_info - Added jittered_backoff to handle AWS rate limiting (https://github.com/ansible-collections/community.aws/pull/324). diff --git a/changelogs/fragments/34-redshift-tags.yml b/changelogs/fragments/34-redshift-tags.yml deleted file mode 100644 index 86d817e97e4..00000000000 --- a/changelogs/fragments/34-redshift-tags.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- redshift - add support for setting tags. diff --git a/changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml b/changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml deleted file mode 100644 index 84365d6ff15..00000000000 --- a/changelogs/fragments/93-kinesis_stream-get-more-shards-resolve.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- kinesis_stream - fixes issue where kinesis streams with > 100 shards get stuck in an infinite loop (https://github.com/ansible-collections/community.aws/pull/93) diff --git a/docs/community.aws.aws_acm_info_module.rst b/docs/community.aws.aws_acm_info_module.rst index 01527f459d0..45d16ff9e5e 100644 --- a/docs/community.aws.aws_acm_info_module.rst +++ b/docs/community.aws.aws_acm_info_module.rst @@ -310,7 +310,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: obtain all ACM certificates community.aws.aws_acm_info: diff --git a/docs/community.aws.aws_acm_module.rst b/docs/community.aws.aws_acm_module.rst index 5a0ac96dc79..b18479194d3 100644 --- a/docs/community.aws.aws_acm_module.rst +++ b/docs/community.aws.aws_acm_module.rst @@ -381,7 +381,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: upload a self-signed certificate community.aws.aws_acm: diff --git a/docs/community.aws.aws_api_gateway_module.rst b/docs/community.aws.aws_api_gateway_module.rst index c8b19465013..f1505078c9a 100644 --- a/docs/community.aws.aws_api_gateway_module.rst +++ b/docs/community.aws.aws_api_gateway_module.rst @@ -17,9 +17,9 @@ Version added: 1.0.0 Synopsis -------- -- Allows for the management of API Gateway APIs -- Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do not give api_id then a new API will be create each time this is run. -- Beware that there are very hard limits on the rate that you can call API Gateway's REST API. You may need to patch your boto. See https://github.com/boto/boto3/issues/876 and discuss with your AWS rep. +- Allows for the management of API Gateway APIs. +- Normally you should give the api_id since there is no other stable guaranteed unique identifier for the API. If you do not give api_id then a new API will be created each time this is run. +- Beware that there are very hard limits on the rate that you can call API Gateway's REST API. You may need to patch your boto. See https://github.com/boto/boto3/issues/876 and discuss it with your AWS rep. - swagger_file and swagger_text are passed directly on to AWS transparently whilst swagger_dict is an ansible dict which is converted to JSON before the API definitions are uploaded. @@ -145,7 +145,7 @@ Parameters -
                                                    Enable API GW caching of backend responses. Defaults to false.
                                                    +
                                                    Enable API GW caching of backend responses.
                                                    -
                                                    Description of the deployment - recorded and visible in the AWS console.
                                                    +
                                                    Description of the deployment.
                                                    +
                                                    Recorded and visible in the AWS console.
                                                    -
                                                    Type of endpoint configuration, use EDGE for an edge optimized API endpoint,
                                                    -
                                                    REGIONAL for just a regional deploy or PRIVATE for a private API.
                                                    -
                                                    This will flag will only be used when creating a new API Gateway setup, not for updates.
                                                    +
                                                    Type of endpoint configuration.
                                                    +
                                                    Use EDGE for an edge optimized API endpoint, REGIONAL for just a regional deploy or PRIVATE for a private API.
                                                    +
                                                    This flag will only be used when creating a new API Gateway setup, not for updates.
                                                    Canary settings for the deployment of the stage.
                                                    Dict with following settings:
                                                    -
                                                    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
                                                    -
                                                    deploymentId: The ID of the canary deployment.
                                                    -
                                                    stageVariableOverrides: Stage variables overridden for a canary release deployment.
                                                    -
                                                    useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
                                                    +
                                                    percentTraffic: The percent (0-100) of traffic diverted to a canary deployment.
                                                    +
                                                    deploymentId: The ID of the canary deployment.
                                                    +
                                                    stageVariableOverrides: Stage variables overridden for a canary release deployment.
                                                    +
                                                    useStageCache: A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
                                                    -
                                                    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.
                                                    +
                                                    JSON or YAML file containing swagger definitions for API. Exactly one of swagger_file, swagger_text or swagger_dict must be present.

                                                    aliases: src, api_file
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                      Choices: -
                                                    • no ←
                                                      • +
                                                    • no
                                                    • yes
                                                    Whether or not to override values of minimum and/or maximum tasks if it's already set.
                                                    +
                                                    Defaults to false.
                                                    -
                                                    Whether a policy should be present or absent
                                                    +
                                                    Whether a policy should be present or absent.
                                                    -
                                                    A step scaling policy. This parameter is required if you are creating a policy and the policy type is StepScaling.
                                                    +
                                                    A step scaling policy. This parameter is required if you are creating a policy and policy_type=StepScaling.
                                                    -
                                                    A target tracking policy. This parameter is required if you are creating a new policy and the policy type is TargetTrackingScaling.
                                                    +
                                                    A target tracking policy. This parameter is required if you are creating a new policy and policy_type=TargetTrackingScaling.
                                                    Full documentation of the suboptions can be found in the API documentation:
                                                    		 -
                                                    The target value for the metric
                                                    +
                                                    The target value for the metric.
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                    		 -
                                                    To modify bandwidth or location the connection will need to be deleted and recreated. By default this will not happen - this option must be set to True.
                                                    +
                                                    To modify bandwidth or location the connection needs to be deleted and recreated.
                                                    +
                                                    By default this will not happen. This option must be explicitly set to true to change bandwith or location.
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                    		 -
                                                    A list) of domain name aliases (CNAMEs) as strings to be used for the distribution.
                                                    +
                                                    A list of domain name aliases (CNAMEs) as strings to be used for the distribution.
                                                    Each alias must be unique across all distribution for the AWS account.
                                                    A dict specifying the default cache behavior of the distribution.
                                                    -
                                                    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
                                                    +
                                                    If not specified, the target_origin_id is defined as the target_origin_id of the first valid cache_behavior in cache_behaviors with defaults.
                                                      Choices: -
                                                    • no ←
                                                      • +
                                                    • no
                                                    • yes
                                                    A boolean value that specifies whether the distribution is enabled or disabled.
                                                    +
                                                    Defaults to false.
                                                    The version of the http protocol to use for the distribution.
                                                    AWS defaults this to http2.
                                                    -
                                                    Valid values are http1.1 and http2
                                                    +
                                                    Valid values are http1.1 and http2.
                                                      Choices: -
                                                    • no ←
                                                      • +
                                                    • no
                                                    • yes
                                                    Determines whether IPv6 support is enabled or not.
                                                    +
                                                    Defaults to false.
                                                    Custom headers you wish to add to the request before passing it to the origin.
                                                    - +
                                                    A list of ISO 3166-1 two letter (Alpha 2) country codes that the restriction should apply to.
                                                    -
                                                    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/
                                                    +
                                                    See the ISO website for a full list of codes https://www.iso.org/obp/ui/#search/code/.
                                                    The method that you want to use to restrict distribution of your content by country.
                                                    -
                                                    Valid values are none, whitelist, blacklist
                                                    +
                                                    Valid values are none, whitelist, blacklist.
                                                    Should be input as a dict of key-value pairs.
                                                    -
                                                    Note that numeric keys or values must be wrapped in quotes. e.g. "Priority:" '1'
                                                    +
                                                    Note that numeric keys or values must be wrapped in quotes. e.g. Priority: '1'
                                                    The ID of a certificate stored in ACM to use for HTTPS connections.
                                                    -
                                                    If acm_certificate_id is set then you must also specify ssl_support_method
                                                    +
                                                    If acm_certificate_id is set then you must also specify ssl_support_method.
                                                    -
                                                    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true
                                                    +
                                                    If you're using the CloudFront domain name for your distribution, such as 123456789abcde.cloudfront.net you should set cloudfront_default_certificate=true.
                                                    If cloudfront_default_certificate=true do not set ssl_support_method.
                                                    The ID of a certificate stored in IAM to use for HTTPS connections.
                                                    -
                                                    If iam_certificate_id is set then you must also specify ssl_support_method
                                                    +
                                                    If iam_certificate_id is set then you must also specify ssl_support_method.
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                    		 -
                                                    The name of the new AMI to copy. (As of 2.3 the default is 'default', in prior versions it was 'null'.)
                                                    +
                                                    The name of the new AMI to copy. (As of 2.3 the default is default, in prior versions it was null.)
                                                    -
                                                    Wait for the copied AMI to be in state 'available' before returning.
                                                    +
                                                    Wait for the copied AMI to be in state available before returning.
                                                    -
                                                    How long before wait gives up, in seconds. Prior to 2.3 the default was 1200.
                                                    -
                                                    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults. This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
                                                    +
                                                    How long before wait gives up, in seconds.
                                                    +
                                                    Prior to 2.3 the default was 1200.
                                                    +
                                                    From 2.3-2.5 this option was deprecated in favor of boto3 waiter defaults.
                                                    +
                                                    This was reenabled in 2.6 to allow timeouts greater than 10 minutes.
                                                    @@ -401,7 +403,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Basic AMI Copy community.aws.ec2_ami_copy: diff --git a/docs/community.aws.ec2_asg_info_module.rst b/docs/community.aws.ec2_asg_info_module.rst index 425666502e3..70a2bbd4686 100644 --- a/docs/community.aws.ec2_asg_info_module.rst +++ b/docs/community.aws.ec2_asg_info_module.rst @@ -266,7 +266,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst index c00bb25e6bc..e950d3b0b3e 100644 --- a/docs/community.aws.ec2_asg_lifecycle_hook_module.rst +++ b/docs/community.aws.ec2_asg_lifecycle_hook_module.rst @@ -390,7 +390,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create / Update lifecycle hook community.aws.ec2_asg_lifecycle_hook: diff --git a/docs/community.aws.ec2_asg_module.rst b/docs/community.aws.ec2_asg_module.rst index 194fe290b56..29ed893ada5 100644 --- a/docs/community.aws.ec2_asg_module.rst +++ b/docs/community.aws.ec2_asg_module.rst @@ -848,7 +848,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Basic configuration with Launch Configuration diff --git a/docs/community.aws.ec2_customer_gateway_info_module.rst b/docs/community.aws.ec2_customer_gateway_info_module.rst index 4263316fbd5..3d08a50f855 100644 --- a/docs/community.aws.ec2_customer_gateway_info_module.rst +++ b/docs/community.aws.ec2_customer_gateway_info_module.rst @@ -266,7 +266,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_customer_gateway_module.rst b/docs/community.aws.ec2_customer_gateway_module.rst index c4ff5ff1c53..9d81a8bcb54 100644 --- a/docs/community.aws.ec2_customer_gateway_module.rst +++ b/docs/community.aws.ec2_customer_gateway_module.rst @@ -322,7 +322,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create Customer Gateway community.aws.ec2_customer_gateway: diff --git a/docs/community.aws.ec2_eip_info_module.rst b/docs/community.aws.ec2_eip_info_module.rst index 48ac479ecbc..d742f823cc0 100644 --- a/docs/community.aws.ec2_eip_info_module.rst +++ b/docs/community.aws.ec2_eip_info_module.rst @@ -250,7 +250,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. diff --git a/docs/community.aws.ec2_eip_module.rst b/docs/community.aws.ec2_eip_module.rst index 366ec5f2da1..efce79cd9fd 100644 --- a/docs/community.aws.ec2_eip_module.rst +++ b/docs/community.aws.ec2_eip_module.rst @@ -442,7 +442,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_elb_info_module.rst b/docs/community.aws.ec2_elb_info_module.rst index f03e94fba5d..7689fb8882f 100644 --- a/docs/community.aws.ec2_elb_info_module.rst +++ b/docs/community.aws.ec2_elb_info_module.rst @@ -250,7 +250,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. # Output format tries to match amazon.aws.ec2_elb_lb module input parameters diff --git a/docs/community.aws.ec2_elb_module.rst b/docs/community.aws.ec2_elb_module.rst index f8c22d56048..39b33d7c74b 100644 --- a/docs/community.aws.ec2_elb_module.rst +++ b/docs/community.aws.ec2_elb_module.rst @@ -342,7 +342,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # basic pre_task and post_task example pre_tasks: diff --git a/docs/community.aws.ec2_instance_info_module.rst b/docs/community.aws.ec2_instance_info_module.rst index d55e2c6d153..3e64fafff6b 100644 --- a/docs/community.aws.ec2_instance_info_module.rst +++ b/docs/community.aws.ec2_instance_info_module.rst @@ -268,7 +268,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_instance_module.rst b/docs/community.aws.ec2_instance_module.rst index b65b17689ae..b73c67dac9e 100644 --- a/docs/community.aws.ec2_instance_module.rst +++ b/docs/community.aws.ec2_instance_module.rst @@ -1123,7 +1123,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_launch_template_module.rst b/docs/community.aws.ec2_launch_template_module.rst index 6084bc6f570..12fda30b8a4 100644 --- a/docs/community.aws.ec2_launch_template_module.rst +++ b/docs/community.aws.ec2_launch_template_module.rst @@ -1286,7 +1286,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create an ec2 launch template community.aws.ec2_launch_template: diff --git a/docs/community.aws.ec2_lc_find_module.rst b/docs/community.aws.ec2_lc_find_module.rst index 99a9b61cf2d..803e4898d12 100644 --- a/docs/community.aws.ec2_lc_find_module.rst +++ b/docs/community.aws.ec2_lc_find_module.rst @@ -289,7 +289,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_lc_info_module.rst b/docs/community.aws.ec2_lc_info_module.rst index 3904079fd98..e8b6bcecd0b 100644 --- a/docs/community.aws.ec2_lc_info_module.rst +++ b/docs/community.aws.ec2_lc_info_module.rst @@ -328,7 +328,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_lc_module.rst b/docs/community.aws.ec2_lc_module.rst index 68c6e2348b1..af1f0bff3f3 100644 --- a/docs/community.aws.ec2_lc_module.rst +++ b/docs/community.aws.ec2_lc_module.rst @@ -762,7 +762,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # create a launch configuration using an AMI image and instance type as a basis diff --git a/docs/community.aws.ec2_metric_alarm_module.rst b/docs/community.aws.ec2_metric_alarm_module.rst index 6db3511014c..290374d62f6 100644 --- a/docs/community.aws.ec2_metric_alarm_module.rst +++ b/docs/community.aws.ec2_metric_alarm_module.rst @@ -539,7 +539,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: create alarm community.aws.ec2_metric_alarm: diff --git a/docs/community.aws.ec2_placement_group_info_module.rst b/docs/community.aws.ec2_placement_group_info_module.rst index a4304271945..e231cde5eab 100644 --- a/docs/community.aws.ec2_placement_group_info_module.rst +++ b/docs/community.aws.ec2_placement_group_info_module.rst @@ -251,7 +251,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details or the AWS region, # see the AWS Guide for details. diff --git a/docs/community.aws.ec2_placement_group_module.rst b/docs/community.aws.ec2_placement_group_module.rst index d86500ecad8..8c9186c2349 100644 --- a/docs/community.aws.ec2_placement_group_module.rst +++ b/docs/community.aws.ec2_placement_group_module.rst @@ -287,7 +287,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide # for details. diff --git a/docs/community.aws.ec2_scaling_policy_module.rst b/docs/community.aws.ec2_scaling_policy_module.rst index e501135c211..76dab5ffd11 100644 --- a/docs/community.aws.ec2_scaling_policy_module.rst +++ b/docs/community.aws.ec2_scaling_policy_module.rst @@ -481,7 +481,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Simple Scale Down policy community.aws.ec2_scaling_policy: diff --git a/docs/community.aws.ec2_snapshot_copy_module.rst b/docs/community.aws.ec2_snapshot_copy_module.rst index 68b68e4fb3b..f3f55ee91e5 100644 --- a/docs/community.aws.ec2_snapshot_copy_module.rst +++ b/docs/community.aws.ec2_snapshot_copy_module.rst @@ -365,7 +365,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Basic Snapshot Copy community.aws.ec2_snapshot_copy: diff --git a/docs/community.aws.ec2_transit_gateway_info_module.rst b/docs/community.aws.ec2_transit_gateway_info_module.rst index 3a3e807b3f0..052da82c68b 100644 --- a/docs/community.aws.ec2_transit_gateway_info_module.rst +++ b/docs/community.aws.ec2_transit_gateway_info_module.rst @@ -267,7 +267,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_transit_gateway_module.rst b/docs/community.aws.ec2_transit_gateway_module.rst index a318344d39e..669edfae9bb 100644 --- a/docs/community.aws.ec2_transit_gateway_module.rst +++ b/docs/community.aws.ec2_transit_gateway_module.rst @@ -467,7 +467,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a new transit gateway using defaults community.aws.ec2_transit_gateway: diff --git a/docs/community.aws.ec2_vpc_egress_igw_module.rst b/docs/community.aws.ec2_vpc_egress_igw_module.rst index 0bbb3380bf9..6d309eab2b7 100644 --- a/docs/community.aws.ec2_vpc_egress_igw_module.rst +++ b/docs/community.aws.ec2_vpc_egress_igw_module.rst @@ -268,7 +268,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_endpoint_info_module.rst b/docs/community.aws.ec2_vpc_endpoint_info_module.rst index 1baf738914d..3b44f48627b 100644 --- a/docs/community.aws.ec2_vpc_endpoint_info_module.rst +++ b/docs/community.aws.ec2_vpc_endpoint_info_module.rst @@ -286,7 +286,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Simple example of listing all support AWS services for VPC endpoints - name: List supported AWS endpoint services diff --git a/docs/community.aws.ec2_vpc_endpoint_module.rst b/docs/community.aws.ec2_vpc_endpoint_module.rst index 9dc3dd6b3d8..130139ed516 100644 --- a/docs/community.aws.ec2_vpc_endpoint_module.rst +++ b/docs/community.aws.ec2_vpc_endpoint_module.rst @@ -401,7 +401,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_igw_info_module.rst b/docs/community.aws.ec2_vpc_igw_info_module.rst index 26501c07324..0085fb9fc8d 100644 --- a/docs/community.aws.ec2_vpc_igw_info_module.rst +++ b/docs/community.aws.ec2_vpc_igw_info_module.rst @@ -112,6 +112,27 @@ Parameters

                                                    aliases: ec2_secret_key, secret_key
                                                    +
                                                    + convert_tags + +
                                                    + boolean +
                                                    +
                                                    added in 1.3.0
                                                    +                                                     		+
                                                      Choices: +
                                                    • no
                                                      • +
                                                    • yes
                                                      • +
                                                    +                                                     		+
                                                    Convert tags from boto3 format (list of dictionaries) to the standard dictionary format.
                                                    +
                                                    This currently defaults to False. The default will be changed to True after 2022-06-22.
                                                    +
                                                    @@ -266,7 +287,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ec2_vpc_igw_module.rst b/docs/community.aws.ec2_vpc_igw_module.rst index 7666f959200..f61e4d1b0dd 100644 --- a/docs/community.aws.ec2_vpc_igw_module.rst +++ b/docs/community.aws.ec2_vpc_igw_module.rst @@ -165,6 +165,26 @@ Parameters

                                                    aliases: aws_profile
                                                    +
                                                    + purge_tags + +
                                                    + boolean +
                                                    +
                                                    added in 1.3.0
                                                    +                                                     		+
                                                      Choices: +
                                                    • no
                                                      • +
                                                    • yes ←
                                                      • +
                                                    +                                                     		+
                                                    Remove tags not listed in tags.
                                                    +
                                                    @@ -230,7 +250,8 @@ Parameters                                                     		-
                                                    A dict of tags to apply to the internet gateway. Any tags currently applied to the internet gateway and not present here will be removed.
                                                    +
                                                    A dict of tags to apply to the internet gateway.
                                                    +
                                                    To remove all tags set tags={} and purge_tags=true.

                                                    aliases: resource_tags
                                                    The type of VPN connection.
                                                    -
                                                    At this time only 'ipsec.1' is supported.
                                                    +
                                                    At this time only ipsec.1 is supported.
                                                    -
                                                    The time to wait before checking operation again. in seconds.
                                                    +
                                                    The time, in seconds, to wait before checking operation again.
                                                    -
                                                    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter 'cidr' is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of '192.168.2.0/24' it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter 'vpn' is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
                                                    +
                                                    An alternative to using vpn_connection_id. If multiple matches are found, vpn_connection_id is required. If one of the following suboptions is a list of items to filter by, only one item needs to match to find the VPN that correlates. e.g. if the filter cidr is ['194.168.2.0/24', '192.168.2.0/24'] and the VPN route only has the destination cidr block of 192.168.2.0/24 it will be found with this filter (assuming there are not multiple VPNs that are matched). Another example, if the filter vpn is equal to ['vpn-ccf7e7ad', 'vpn-cb0ae2a2'] and one of of the VPNs has the state deleted (exists but is unmodifiable) and the other exists and is not deleted, it will be found via this filter. See examples.
                                                    -
                                                    The type of routing; true or false.
                                                    +
                                                    The type of routing; true or false.
                                                      Choices: -
                                                    • no
                                                      • +
                                                    • no ←
                                                    • yes
                                                    		 -
                                                    An optional list object containing no more than two dict members, each of which may contain 'TunnelInsideCidr' and/or 'PreSharedKey' keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
                                                    +
                                                    An optional list object containing no more than two dict members, each of which may contain TunnelInsideCidr and/or PreSharedKey keys with appropriate string values. AWS defaults will apply in absence of either of the aforementioned keys.
                                                    -
                                                    How long before wait gives up, in seconds.
                                                    +
                                                    How long, in seconds, before wait gives up.
                                                    @@ -661,7 +661,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.ec2_win_password_module.rst b/docs/community.aws.ec2_win_password_module.rst index dc384260d46..4e3aca0c7af 100644 --- a/docs/community.aws.ec2_win_password_module.rst +++ b/docs/community.aws.ec2_win_password_module.rst @@ -334,7 +334,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Example of getting a password - name: get the Administrator password diff --git a/docs/community.aws.ecs_attribute_module.rst b/docs/community.aws.ecs_attribute_module.rst index 1bb479db5ac..6c9dc4f6e64 100644 --- a/docs/community.aws.ecs_attribute_module.rst +++ b/docs/community.aws.ecs_attribute_module.rst @@ -337,7 +337,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ecs_cluster_module.rst b/docs/community.aws.ecs_cluster_module.rst index 43831341e6a..c198e3fcba4 100644 --- a/docs/community.aws.ecs_cluster_module.rst +++ b/docs/community.aws.ecs_cluster_module.rst @@ -305,7 +305,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ecs_ecr_module.rst b/docs/community.aws.ecs_ecr_module.rst index 0c17a0863e7..853e153ab9d 100644 --- a/docs/community.aws.ecs_ecr_module.rst +++ b/docs/community.aws.ecs_ecr_module.rst @@ -196,7 +196,7 @@ Parameters
                                                  		-
                                                  JSON or dict that represents the new lifecycle policy
                                                  +
                                                  JSON or dict that represents the new lifecycle policy.
                                                    Choices: -
                                                  • no ←
                                                    • +
                                                  • no
                                                  • yes
                                                  		 -
                                                  if yes, remove the lifecycle policy from the repository
                                                  +
                                                  if true, remove the lifecycle policy from the repository.
                                                  +
                                                  Defaults to false.
                                                    Choices: -
                                                  • no ←
                                                    • +
                                                  • no
                                                  • yes
                                                  If yes, remove the policy from the repository.
                                                  Alias delete_policy has been deprecated and will be removed after 2022-06-01.
                                                  +
                                                  Defaults to false.

                                                  aliases: delete_policy
                                                  +
                                                  + scan_on_push + +
                                                  + boolean +
                                                  +
                                                  added in 1.3.0
                                                  +                                                   		+
                                                    Choices: +
                                                  • no ←
                                                    • +
                                                  • yes
                                                    • +
                                                  +                                                   		+
                                                  if true, images are scanned for known vulnerabilities after being pushed to the repository.
                                                  +
                                                  scan_on_push requires botocore >= 1.13.3
                                                  +
                                                  @@ -393,7 +416,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # If the repository does not exist, it is created. If it does exist, would not # affect any policies already on it. @@ -444,6 +467,7 @@ Examples - name: set-lifecycle-policy community.aws.ecs_ecr: name: needs-lifecycle-policy + scan_on_push: yes lifecycle_policy: rules: - rulePriority: 1 diff --git a/docs/community.aws.ecs_service_info_module.rst b/docs/community.aws.ecs_service_info_module.rst index 11414624b85..4d60e6d3480 100644 --- a/docs/community.aws.ecs_service_info_module.rst +++ b/docs/community.aws.ecs_service_info_module.rst @@ -306,7 +306,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.ecs_service_module.rst b/docs/community.aws.ecs_service_module.rst index 39b9fc3f3dd..a16229f3379 100644 --- a/docs/community.aws.ecs_service_module.rst +++ b/docs/community.aws.ecs_service_module.rst @@ -270,7 +270,7 @@ Parameters
                                                    Choices: -
                                                  • no
                                                    • +
                                                  • no ←
                                                  • yes
                                                  		 @@ -396,7 +396,7 @@ Parameters -
                                                  A list of security group names or group IDs to associate with the task
                                                  +
                                                  A list of security group names or group IDs to associate with the task.
                                                  -
                                                  A list of subnet IDs to associate with the task
                                                  +
                                                  A list of subnet IDs to associate with the task.
                                                  -
                                                  The scheduling strategy, defaults to "REPLICA" if not given to preserve previous behavior
                                                  +
                                                  The scheduling strategy.
                                                  +
                                                  Defaults to REPLICA if not given to preserve previous behavior.
                                                  -
                                                  Service discovery registry ARN
                                                  +
                                                  Service discovery registry ARN.
                                                  -
                                                  container name for service discovery registration
                                                  +
                                                  Container name for service discovery registration.
                                                  -
                                                  container port for service discovery registration
                                                  +
                                                  Container port for service discovery registration.
                                                  @@ -236,7 +236,7 @@ Parameters
                                                    Choices: -
                                                  • no
                                                    • +
                                                  • no ←
                                                  • yes
                                                  The amount (in MiB) of memory used by the task. If using the EC2 launch type, this field is optional and any value can be used.
                                                  -
                                                  If using the Fargate launch type, this field is required and is limited by the cpu.
                                                  +
                                                  If using the Fargate launch type, this field is required and is limited by the CPU.
                                                  -
                                                  A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a vpc.
                                                  +
                                                  A list of cache security group names to associate with this cache cluster. Must be an empty list if inside a VPC.
                                                  -
                                                  The subnet group name to associate with. Only use if inside a vpc.
                                                  -
                                                  Required if inside a vpc
                                                  +
                                                  The subnet group name to associate with. Only use if inside a VPC.
                                                  +
                                                  Required if inside a VPC.
                                                    Choices: -
                                                  • no ←
                                                    • +
                                                  • no
                                                  • yes
                                                  Whether to destroy and recreate an existing cache cluster if necessary in order to modify its state.
                                                  +
                                                  Defaults to false.
                                                  -
                                                  A list of vpc security group IDs to associate with this cache cluster. Only use if inside a vpc.
                                                  +
                                                  A list of VPC security group IDs to associate with this cache cluster. Only use if inside a VPC.
                                                    Choices: -
                                                  • no ←
                                                    • +
                                                  • no
                                                  • yes
                                                  Indicates whether deletion protection for the ELB is enabled.
                                                  +
                                                  Defaults to false.
                                                    Choices: -
                                                  • no ←
                                                    • +
                                                  • no
                                                  • yes
                                                  Indicates whether to enable HTTP2 routing.
                                                  +
                                                  Defaults to false.
                                                  -
                                                  If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter. If the listeners parameter is not set then listeners will not be modified
                                                  +
                                                  If yes, existing listeners will be purged from the ELB to match exactly what is defined by listeners parameter.
                                                  +
                                                  If the listeners parameter is not set then listeners will not be modified.
                                                  -
                                                  When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
                                                  +
                                                  When set to no, keep the existing load balancer rules in place. Will modify and add, but will not delete.
                                                  -
                                                  If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter. If the tags parameter is not set then tags will not be modified.
                                                  +
                                                  If yes, existing tags will be purged from the resource to match exactly what is defined by tags parameter.
                                                  +
                                                  If the tags parameter is not set then tags will not be modified.
                                                  -
                                                  An associative array of access logs configuration settings (see example)
                                                  +
                                                  An associative array of access logs configuration settings (see example).
                                                  -
                                                  Wait a specified timeout allowing connections to drain before terminating an instance
                                                  +
                                                  Wait a specified timeout allowing connections to drain before terminating an instance.
                                                    Choices: -
                                                  • no ←
                                                    • +
                                                  • no
                                                  • yes
                                                  		 -
                                                  Distribute load across all configured Availability Zones
                                                  +
                                                  Distribute load across all configured Availability Zones.
                                                  +
                                                  Defaults to false.
                                                  -
                                                  An associative array of health check configuration settings (see example)
                                                  +
                                                  An associative array of health check configuration settings (see example).
                                                  -
                                                  ELB connections from clients and to servers are timed out after this amount of time
                                                  +
                                                  ELB connections from clients and to servers are timed out after this amount of time.
                                                  -
                                                  List of instance ids to attach to this ELB
                                                  +
                                                  List of instance ids to attach to this ELB.
                                                  -
                                                  List of ports/protocols for this ELB to listen on (see example)
                                                  +
                                                  List of ports/protocols for this ELB to listen on (see example).
                                                  -
                                                  The name of the ELB
                                                  +
                                                  The name of the ELB.
                                                  -
                                                  Purge existing instance ids on ELB that are not found in instance_ids
                                                  +
                                                  Purge existing instance ids on ELB that are not found in instance_ids.
                                                  -
                                                  Purge existing listeners on ELB that are not found in listeners
                                                  +
                                                  Purge existing listeners on ELB that are not found in listeners.
                                                  -
                                                  Purge existing subnet on ELB that are not found in subnets
                                                  +
                                                  Purge existing subnets on ELB that are not found in subnets.
                                                  -
                                                  Purge existing availability zones on ELB that are not found in zones
                                                  +
                                                  Purge existing availability zones on ELB that are not found in zones.
                                                  -
                                                  The scheme to use when creating the ELB. For a private VPC-visible ELB use 'internal'. If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must use the option wait.
                                                  +
                                                  The scheme to use when creating the ELB.
                                                  +
                                                  For a private VPC-visible ELB use internal.
                                                  +
                                                  If you choose to update your scheme with a different value the ELB will be destroyed and recreated. To update scheme you must set wait=true.
                                                  -
                                                  A list of security groups to apply to the elb
                                                  +
                                                  A list of security groups to apply to the ELB.
                                                  -
                                                  A list of security group names to apply to the elb
                                                  +
                                                  A list of security group names to apply to the ELB.
                                                  -
                                                  Create or destroy the ELB
                                                  +
                                                  Create or destroy the ELB.
                                                  -
                                                  An associative array of stickiness policy settings. Policy will be applied to all listeners ( see example )
                                                  +
                                                  An associative array of stickiness policy settings. Policy will be applied to all listeners (see example).
                                                  -
                                                  When set to no, SSL certificates will not be validated for boto versions >= 2.6.0.
                                                  +
                                                  When set to false, SSL certificates will not be validated for boto versions >= 2.6.0.
                                                  -
                                                  Used in conjunction with wait. Number of seconds to wait for the elb to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
                                                  +
                                                  Used in conjunction with wait. Number of seconds to wait for the ELB to be terminated. A maximum of 600 seconds (10 minutes) is allowed.
                                                  -
                                                  List of availability zones to enable on this ELB
                                                  +
                                                  List of availability zones to enable on this ELB.
                                                  @@ -605,7 +608,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: None of these examples set aws_access_key, aws_secret_key, or region. # It is assumed that their matching environment variables are set. diff --git a/docs/community.aws.elb_instance_module.rst b/docs/community.aws.elb_instance_module.rst index 5f642a591d7..be68b327065 100644 --- a/docs/community.aws.elb_instance_module.rst +++ b/docs/community.aws.elb_instance_module.rst @@ -341,7 +341,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # basic pre_task and post_task example pre_tasks: diff --git a/docs/community.aws.elb_network_lb_module.rst b/docs/community.aws.elb_network_lb_module.rst index ed7f91a05bf..79895efaac0 100644 --- a/docs/community.aws.elb_network_lb_module.rst +++ b/docs/community.aws.elb_network_lb_module.rst @@ -122,12 +122,13 @@ Parameters
                                                  Choices: -
                                                • no ←
                                                  • +
                                                • no
                                                • yes
                                                Indicates whether cross-zone load balancing is enabled.
                                                +
                                                Defaults to false.
                                                  Choices: -
                                                • no ←
                                                  • +
                                                • no
                                                • yes
                                                Indicates whether deletion protection for the ELB is enabled.
                                                +
                                                Defaults to false.
                                                  Choices: -
                                                • no
                                                  • +
                                                • no ←
                                                • yes
                                                		 -
                                                The default behaviour for targets that are unused is to leave them registered. If instead you would like to remove them set deregister_unused to yes.
                                                +
                                                The default behaviour for targets that are unused is to leave them registered.
                                                +
                                                If instead you would like to remove them set deregister_unused=true.
                                                -
                                                An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
                                                +
                                                An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. This parameter is not supported if the target type of the target group is instance.
                                                -
                                                The Amazon Resource Name (ARN) of the target group. Mutually exclusive of target_group_name.
                                                +
                                                The Amazon Resource Name (ARN) of the target group.
                                                +
                                                Mutually exclusive of target_group_name.
                                                -
                                                The name of the target group. Mutually exclusive of target_group_arn.
                                                +
                                                The name of the target group.
                                                +
                                                Mutually exclusive of target_group_arn.
                                                -
                                                Maximum time in seconds to wait for target_status change
                                                +
                                                Maximum time in seconds to wait for target_status change.
                                                  Choices: -
                                                • no ←
                                                  • +
                                                • no
                                                • yes
                                                By default the module will not upload a certificate that is already uploaded into AWS.
                                                If dup_ok=True, it will upload the certificate as long as the name is unique.
                                                +
                                                Defaults to false.
                                                -
                                                When state is present, this will update the name of the cert.
                                                -
                                                The cert, key and cert_chain parameters will be ignored if this is defined.
                                                +
                                                When state=present, this will update the name of the cert.
                                                +
                                                The cert, key and cert_chain parameters will be ignored if this is defined.
                                                -
                                                When state is present, this will update the path of the cert.
                                                +
                                                When state=present, this will update the path of the cert.
                                                The cert, key and cert_chain parameters will be ignored if this is defined.
                                                -
                                                Whether to create(or update) or delete the certificate.
                                                +
                                                Whether to create (or update) or delete the certificate.
                                                If new_path or new_name is defined, specifying present will attempt to make an update these.
                                                +
                                                + purge_tags + +
                                                + boolean +
                                                +
                                                added in 1.3.0
                                                +                                                 		+
                                                  Choices: +
                                                • no
                                                  • +
                                                • yes ←
                                                  • +
                                                +                                                 		+
                                                Purge existing tags that are not found in the cluster
                                                +
                                                @@ -611,6 +631,23 @@ Parameters

                                                aliases: skip_final_snapshot
                                                +
                                                + tags + +
                                                + dictionary +
                                                +
                                                added in 1.3.0
                                                +                                                 		+ +
                                                A dictionary of resource tags.
                                                +

                                                aliases: resource_tags
                                                +
                                                @@ -716,7 +753,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Basic cluster provisioning example community.aws.redshift: @@ -940,6 +977,22 @@ Common return values are documented `here available
                                                  +
                                                + tags + +
                                                + dictionary +
                                                +                                                 		success +
                                                aws tags for cluster.
                                                +
                                                +
                                                  diff --git a/docs/community.aws.redshift_subnet_group_module.rst b/docs/community.aws.redshift_subnet_group_module.rst index c1097805de4..7f66c0334a7 100644 --- a/docs/community.aws.redshift_subnet_group_module.rst +++ b/docs/community.aws.redshift_subnet_group_module.rst @@ -303,7 +303,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a Redshift subnet group community.aws.redshift_subnet_group: diff --git a/docs/community.aws.route53_health_check_module.rst b/docs/community.aws.route53_health_check_module.rst index 7672b0d77b7..b4b25fada6b 100644 --- a/docs/community.aws.route53_health_check_module.rst +++ b/docs/community.aws.route53_health_check_module.rst @@ -400,7 +400,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create a health-check for host1.example.com and use it in record community.aws.route53_health_check: diff --git a/docs/community.aws.route53_info_module.rst b/docs/community.aws.route53_info_module.rst index e6b62e7617a..e44d3e25ed0 100644 --- a/docs/community.aws.route53_info_module.rst +++ b/docs/community.aws.route53_info_module.rst @@ -474,7 +474,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Simple example of listing all hosted zones - name: List all hosted zones diff --git a/docs/community.aws.route53_module.rst b/docs/community.aws.route53_module.rst index 1618d2a5c94..1be729b3895 100644 --- a/docs/community.aws.route53_module.rst +++ b/docs/community.aws.route53_module.rst @@ -5,7 +5,7 @@ community.aws.route53 ********************* -**add or delete entries in Amazons Route53 DNS service** +**add or delete entries in Amazons Route 53 DNS service** Version added: 1.0.0 @@ -17,7 +17,7 @@ Version added: 1.0.0 Synopsis -------- -- Creates and deletes DNS records in Amazons Route53 service +- Creates and deletes DNS records in Amazons Route 53 service. @@ -51,12 +51,13 @@ Parameters
                                                  Choices: -
                                                • no ←
                                                  • +
                                                • no
                                                • yes
                                                Indicates if this is an alias record.
                                                +
                                                Defaults to false.
                                                -
                                                If set to yes, the private zone matching the requested name within the domain will be used if there are both public and private zones. The default is to use the public zone.
                                                +
                                                If set to true, the private zone matching the requested name within the domain will be used if there are both public and private zones.
                                                +
                                                The default is to use the public zone.
                                                -
                                                In the case that route53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
                                                +
                                                In the case that Route 53 is still servicing a prior request, this module will wait and try again after this many seconds. If you have many domain names, the default of 500 seconds may be too long.
                                                -
                                                Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices 'present' and 'absent' have been added, but command still works as well.
                                                +
                                                Specifies the state of the resource record. As of Ansible 2.4, the command option has been changed to state as default and the choices present and absent have been added, but command still works as well.

                                                aliases: command
                                                The new value when creating a DNS record. YAML lists or multiple comma-spaced values are allowed for non-alias records.
                                                -
                                                When deleting a record all values for the record must be specified or Route53 will not delete it.
                                                +
                                                When deleting a record all values for the record must be specified or Route 53 will not delete it.
                                                @@ -432,10 +434,12 @@ Parameters
                                              • glacier ←
                                              • onezone_ia
                                              • standard_ia
                                                • +
                                              • intelligent_tiering
                                                • +
                                              • deep_archive
                                                		•  -
                                                The storage class to transition to. Currently there are two supported values - 'glacier', 'onezone_ia', or 'standard_ia'.
                                                +
                                                The storage class to transition to.
                                                The 'standard_ia' class is only being available from Ansible version 2.2.
                                                + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
                                                ParameterChoices/DefaultsComments
                                                +
                                                + aws_access_key + +
                                                + string +
                                                +                                                 		+ +
                                                AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
                                                +
                                                If profile is set this parameter is ignored.
                                                +
                                                Passing the aws_access_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
                                                +

                                                aliases: ec2_access_key, access_key
                                                +
                                                +
                                                + aws_ca_bundle + +
                                                + path +
                                                +                                                 		+ +
                                                The location of a CA Bundle to use when validating SSL certificates.
                                                +
                                                Only used for boto3 based modules.
                                                +
                                                Note: The CA Bundle is read 'module' side and may need to be explicitly copied from the controller if not run locally.
                                                +
                                                +
                                                + aws_config + +
                                                + dictionary +
                                                +                                                 		+ +
                                                A dictionary to modify the botocore configuration.
                                                + +
                                                Only the 'user_agent' key is used for boto modules. See http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto for more boto configuration.
                                                +
                                                +
                                                + aws_secret_key + +
                                                + string +
                                                +                                                 		+ +
                                                AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
                                                +
                                                If profile is set this parameter is ignored.
                                                +
                                                Passing the aws_secret_key and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
                                                +

                                                aliases: ec2_secret_key, secret_key
                                                +
                                                +
                                                + bucket_name + +
                                                + string + / required +
                                                +                                                 		+ +
                                                Name of the s3 bucket
                                                +
                                                +
                                                + debug_botocore_endpoint_logs + +
                                                + boolean +
                                                +                                                 		+
                                                  Choices: +
                                                • no ←
                                                  • +
                                                • yes
                                                  • +
                                                +                                                 		+
                                                Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action" API calls made during a task, outputing the set to the resource_actions key in the task results. Use the aws_resource_action callback to output to total list made during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also be used.
                                                +
                                                +
                                                + ec2_url + +
                                                + string +
                                                +                                                 		+ +
                                                Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
                                                +

                                                aliases: aws_endpoint_url, endpoint_url
                                                +
                                                +
                                                + filter_prefix + +
                                                + string +
                                                +                                                 		+ +
                                                A prefix used when evaluating a metrics filter
                                                +
                                                +
                                                + filter_tags + +
                                                + dictionary +
                                                +                                                 		+ +
                                                A dictionary of one or more tags used when evaluating a metrics filter
                                                +

                                                aliases: filter_tag
                                                +
                                                +
                                                + id + +
                                                + string + / required +
                                                +                                                 		+ +
                                                The ID used to identify the metrics configuration
                                                +
                                                +
                                                + profile + +
                                                + string +
                                                +                                                 		+ +
                                                Uses a boto profile. Only works with boto >= 2.24.0.
                                                +
                                                Using profile will override aws_access_key, aws_secret_key and security_token and support for passing them at the same time as profile has been deprecated.
                                                +
                                                aws_access_key, aws_secret_key and security_token will be made mutually exclusive with profile after 2022-06-01.
                                                +

                                                aliases: aws_profile
                                                +
                                                +
                                                + region + +
                                                + string +
                                                +                                                 		+ +
                                                The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
                                                +

                                                aliases: aws_region, ec2_region
                                                +
                                                +
                                                + security_token + +
                                                + string +
                                                +                                                 		+ +
                                                AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
                                                +
                                                If profile is set this parameter is ignored.
                                                +
                                                Passing the security_token and profile options at the same time has been deprecated and the options will be made mutually exclusive after 2022-06-01.
                                                +

                                                aliases: aws_security_token, access_token
                                                +
                                                +
                                                + state + +
                                                + string +
                                                +                                                 		+
                                                  Choices: +
                                                • present ←
                                                  • +
                                                • absent
                                                  • +
                                                +                                                 		+
                                                Create or delete metrics configuration
                                                +
                                                +
                                                + validate_certs + +
                                                + boolean +
                                                +                                                 		+
                                                  Choices: +
                                                • no
                                                  • +
                                                • yes ←
                                                  • +
                                                +                                                 		+
                                                When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
                                                +
                                                +
                                                + + +Notes +----- + +.. note:: + - This modules manages single metrics configuration, the s3 bucket might have up to 1,000 metrics configurations + - To request metrics for the entire bucket, create a metrics configuration without a filter + - Metrics configurations are necessary only to enable request metric, bucket-level daily storage metrics are always turned on + - If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence ``AWS_URL`` or ``EC2_URL``, ``AWS_PROFILE`` or ``AWS_DEFAULT_PROFILE``, ``AWS_ACCESS_KEY_ID`` or ``AWS_ACCESS_KEY`` or ``EC2_ACCESS_KEY``, ``AWS_SECRET_ACCESS_KEY`` or ``AWS_SECRET_KEY`` or ``EC2_SECRET_KEY``, ``AWS_SECURITY_TOKEN`` or ``EC2_SECURITY_TOKEN``, ``AWS_REGION`` or ``EC2_REGION``, ``AWS_CA_BUNDLE`` + - Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See https://boto.readthedocs.io/en/latest/boto_config_tut.html + - ``AWS_REGION`` or ``EC2_REGION`` can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file + + + +Examples +-------- + +.. code-block:: yaml + + # Note: These examples do not set authentication details, see the AWS Guide for details. + + - name: Create a metrics configuration that enables metrics for an entire bucket + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: EntireBucket + state: present + + - name: Put a metrics configuration that enables metrics for objects starting with a prefix + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: Assets + filter_prefix: assets + state: present + + - name: Put a metrics configuration that enables metrics for objects with specific tag + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: Assets + filter_tag: + kind: asset + state: present + + - name: Put a metrics configuration that enables metrics for objects that start with a particular prefix and have specific tags applied + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: ImportantBlueDocuments + filter_prefix: documents + filter_tags: + priority: high + class: blue + state: present + + - name: Delete metrics configuration + community.aws.s3_metrics_configuration: + bucket_name: my-bucket + id: EntireBucket + state: absent + + + + +Status +------ + + +Authors +~~~~~~~ + +- Dmytro Vorotyntsev (@vorotech) diff --git a/docs/community.aws.s3_sync_module.rst b/docs/community.aws.s3_sync_module.rst index 735d89ebb3a..843a11b44dd 100644 --- a/docs/community.aws.s3_sync_module.rst +++ b/docs/community.aws.s3_sync_module.rst @@ -451,7 +451,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: basic upload community.aws.s3_sync: diff --git a/docs/community.aws.s3_website_module.rst b/docs/community.aws.s3_website_module.rst index b4d34254e0c..356cf0315ca 100644 --- a/docs/community.aws.s3_website_module.rst +++ b/docs/community.aws.s3_website_module.rst @@ -316,7 +316,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml # Note: These examples do not set authentication details, see the AWS Guide for details. diff --git a/docs/community.aws.sns_module.rst b/docs/community.aws.sns_module.rst index 1e61ff15984..83d5165b902 100644 --- a/docs/community.aws.sns_module.rst +++ b/docs/community.aws.sns_module.rst @@ -440,7 +440,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Send default notification message via SNS community.aws.sns: diff --git a/docs/community.aws.sns_topic_module.rst b/docs/community.aws.sns_topic_module.rst index 100aac00b38..3cf7abcd32f 100644 --- a/docs/community.aws.sns_topic_module.rst +++ b/docs/community.aws.sns_topic_module.rst @@ -385,7 +385,7 @@ Notes Examples -------- -.. code-block:: yaml+jinja +.. code-block:: yaml - name: Create alarm SNS topic community.aws.sns_topic: diff --git a/docs/community.aws.sqs_queue_module.rst b/docs/community.aws.sqs_queue_module.rst index 106e2c24083..341f9ca2fc2 100644 --- a/docs/community.aws.sqs_queue_module.rst +++ b/docs/community.aws.sqs_queue_module.rst @@ -5,7 +5,7 @@ community.aws.sqs_queue *********************** -**Creates or deletes AWS SQS queues.** +**Creates or deletes AWS SQS queues** Version added: 1.0.0 @@ -123,12 +123,13 @@ Parameters
                                                Choices: -
                                              • no ←
                                                • +
                                              • no
                                              • yes
                                              Enables content-based deduplication. Used for FIFOs only.
                                              +
                                              Defaults to false.